Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"src/PONG.sol": {
"content": "// SPDX-License-Identifier: MIT
// Compatible with OpenZeppelin Contracts ^5.4.0
pragma solidity ^0.8.26;
import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";
import "@openzeppelin/contracts/access/AccessControl.sol";
import "@openzeppelin/contracts/access/Ownable.sol";
import "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
import "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
import {IPositionManager, PoolKey as PositionPoolKey} from "v4-periphery/src/interfaces/IPositionManager.sol";
import "@uniswap/v4-core/src/types/Currency.sol";
import "@uniswap/v4-core/src/types/PoolKey.sol";
import "@uniswap/v4-core/src/interfaces/IHooks.sol";
import "@uniswap/v4-core/src/libraries/TickMath.sol";
import "@uniswap/v4-core/src/libraries/SafeCast.sol";
import "v4-periphery/src/libraries/LiquidityAmounts.sol";
import "v4-periphery/src/libraries/Actions.sol";
import "@uniswap/v4-core/src/interfaces/IPoolManager.sol";
import "permit2/src/interfaces/IAllowanceTransfer.sol";
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
/**
* @title PONG - The x402 Response Protocol Token
* @notice Like PING but returns 402 responses - Uniswap V4 integration
* @dev EIP-3009 compliant with automated liquidity deployment
*/
contract Pong is ERC20, ERC20Burnable, AccessControl, EIP712, Ownable {
/// @notice The error thrown when the array length mismatch
error ArrayLengthMismatch();
/// @notice The error thrown when the tx hash has already been minted
error AlreadyMinted(address to, bytes32 txHash);
/// @notice The error thrown when the mint count exceeds the maximum mint count
error MaxMintCountExceeded();
// --- EIP-3009 specific errors ---
error AuthorizationStateInvalid(address authorizer, bytes32 nonce); // used or canceled
error AuthorizationExpired(uint256 nowTime, uint256 validBefore);
error AuthorizationNotYetValid(uint256 nowTime, uint256 validAfter);
error InvalidSigner(address signer, address expected);
error InvalidRecipient(address to);
// --- EIP-3009 events ---
event AuthorizationUsed(address indexed authorizer, bytes32 indexed nonce);
event AuthorizationCanceled(address indexed authorizer, bytes32 indexed nonce);
// --- EIP-3009 typehashes (per spec) ---
bytes32 private constant _TRANSFER_WITH_AUTHORIZATION_TYPEHASH = keccak256(
"TransferWithAuthorization(address from,address to,uint256 value,uint256 validAfter,uint256 validBefore,bytes32 nonce)"
);
bytes32 private constant _RECEIVE_WITH_AUTHORIZATION_TYPEHASH = keccak256(
"ReceiveWithAuthorization(address from,address to,uint256 value,uint256 validAfter,uint256 validBefore,bytes32 nonce)"
);
bytes32 private constant _CANCEL_AUTHORIZATION_TYPEHASH =
keccak256("CancelAuthorization(address authorizer,bytes32 nonce)");
// --- EIP-3009 authorization state tracking ---
// 0 = Unused, 1 = Used, 2 = Canceled
mapping(address => mapping(bytes32 => uint8)) private _authorizationStates;
// -- immutable state --
/// @notice The pool manager (Uniswap v4 PoolManager)
IPoolManager internal immutable POOL_MANAGER;
/// @notice The PositionManager for managing liquidity NFTs
IPositionManager internal immutable POSITION_MANAGER;
/// @notice Permit2 for token approvals
IAllowanceTransfer internal immutable PERMIT2;
/// @notice The payment token (USDC on mainnet)
address internal immutable PAYMENT_TOKEN;
/// @notice The total payment token amount for liquidity pool seeding
uint256 internal immutable PAYMENT_SEED;
/// @notice The pool seed amount (PONG tokens for liquidity)
uint256 internal immutable POOL_SEED_AMOUNT;
/// @notice The amount of tokens to mint per user (5,000 PONG)
uint256 internal immutable MINT_AMOUNT;
/// @notice The maximum number of mints allowed (180,000 users = 900M tokens)
uint256 internal immutable MAX_MINT_COUNT;
/// @notice The number of mints completed so far
uint256 internal _mintCount;
/// @notice Tracks which tx hashes have already been minted
mapping(bytes32 => bool) public hasMinted;
/// @notice The lp guard hook
address internal lpGuardHook;
/// @notice Token ID for the protocol-owned LP position
uint256 internal _lpTokenId;
/// @notice Flag indicating whether liquidity has been deployed
bool internal _liquidityDeployed;
/// @notice Flag indicating whether emergency withdraw has been used
bool internal _emergencyWithdrawUsed;
/// @notice Timestamp when LP lock expires (2 months after deployment)
uint256 internal _lpUnlockTime;
/// @notice LP lock duration (2 months)
uint256 public constant LP_LOCK_DURATION = 60 days;
/// @notice Emitted when the position manager mints the protocol-owned LP token
event LiquidityDeployed(uint256 tokenId, uint128 liquidity, uint256 unlockTime);
/// @notice Emitted when fees are collected for the protocol-owned LP token
event FeesCollected(address recipient, uint256 amountToken0, uint256 amountToken1);
/// @notice Constant sqrtPriceX96 when payment token precedes Pong token
uint160 internal immutable SQRT_PRICE_PAYMENT_TOKEN_FIRST;
/// @notice Constant sqrtPriceX96 when Pong token precedes payment token
uint160 internal immutable SQRT_PRICE_PONG_FIRST;
/// @notice Cached sorted token ordering flag (true when payment token < Pong)
bool internal immutable PAYMENT_TOKEN_IS_TOKEN0;
/// @notice Role identifier for minters allowed to call batchMint
bytes32 public constant MINTER_ROLE = keccak256("MINTER_ROLE");
constructor(
uint256 _mintAmount,
uint256 _maxMintCount,
IPoolManager _poolManager,
IPositionManager _positionManager,
IAllowanceTransfer _permit2,
address _paymentToken,
uint256 _paymentSeed,
uint256 _poolSeedAmount
) ERC20("Pong", "PONG") EIP712("Pong", "1") Ownable(msg.sender) {
_grantRole(DEFAULT_ADMIN_ROLE, msg.sender);
_grantRole(MINTER_ROLE, msg.sender);
MINT_AMOUNT = _mintAmount;
MAX_MINT_COUNT = _maxMintCount;
POOL_MANAGER = _poolManager;
POSITION_MANAGER = _positionManager;
PERMIT2 = _permit2;
PAYMENT_TOKEN = _paymentToken;
PAYMENT_SEED = _paymentSeed;
POOL_SEED_AMOUNT = _poolSeedAmount;
bool paymentTokenIsToken0 = _paymentToken < address(this);
PAYMENT_TOKEN_IS_TOKEN0 = paymentTokenIsToken0;
// Price ratios for PONG: 100k USDC : 1B PONG (accounting for decimals)
// USDC: 6 decimals, PONG: 18 decimals
// Same ratio as PING: 100k USDC : 1B PING
// Total Supply Breakdown (50/50 split):
// - Users: 25,000 PONG per mint × 20,000 mints = 500M PONG (50%)
// - LP: Additional 500M PONG minted (50%) + 100k USDC
// - Total: 1,000,000,000 PONG
uint160 sqrtPricePaymentFirst = 5602277097478614411626293834203267072; // 100k:1B ratio
uint160 sqrtPricePongFirst = 1120455419495722778624; // Inverse ratio (1B:100k)
SQRT_PRICE_PAYMENT_TOKEN_FIRST = sqrtPricePaymentFirst;
SQRT_PRICE_PONG_FIRST = sqrtPricePongFirst;
}
// -------------------------
// EIP-3009 public interface
// -------------------------
/// @notice EIP-712 domain separator (for compatibility with offchain tooling)
function DOMAIN_SEPARATOR() external view returns (bytes32) {
return _domainSeparatorV4();
}
/// @notice Returns authorization state for a given authorizer & nonce.
/// true = Used or Canceled, false = Unused
function authorizationState(address authorizer, bytes32 nonce) external view returns (bool) {
return _authorizationStates[authorizer][nonce] != 0;
}
/// @notice Execute an ERC20 transfer signed by `from`.
function transferWithAuthorization(
address from,
address to,
uint256 value,
uint256 validAfter,
uint256 validBefore,
bytes32 nonce,
uint8 v,
bytes32 r,
bytes32 s
) external returns (bool) {
_validateTimeframe(validAfter, validBefore);
_useAuthorization(from, nonce);
bytes32 structHash = keccak256(
abi.encode(_TRANSFER_WITH_AUTHORIZATION_TYPEHASH, from, to, value, validAfter, validBefore, nonce)
);
_requireValidSignature(from, structHash, v, r, s);
_transfer(from, to, value);
return true;
}
/// @notice Execute a transfer to the caller, preventing front-running.
/// `to` MUST equal msg.sender per EIP-3009 best-practice.
function receiveWithAuthorization(
address from,
address to,
uint256 value,
uint256 validAfter,
uint256 validBefore,
bytes32 nonce,
uint8 v,
bytes32 r,
bytes32 s
) external returns (bool) {
if (to != msg.sender) revert InvalidRecipient(to);
_validateTimeframe(validAfter, validBefore);
_useAuthorization(from, nonce);
bytes32 structHash = keccak256(
abi.encode(_RECEIVE_WITH_AUTHORIZATION_TYPEHASH, from, to, value, validAfter, validBefore, nonce)
);
_requireValidSignature(from, structHash, v, r, s);
_transfer(from, to, value);
return true;
}
/// @notice Cancel a previously issued authorization (that hasn't been used yet).
function cancelAuthorization(address authorizer, bytes32 nonce, uint8 v, bytes32 r, bytes32 s) external {
// must be unused
if (_authorizationStates[authorizer][nonce] != 0) {
revert AuthorizationStateInvalid(authorizer, nonce);
}
bytes32 structHash = keccak256(abi.encode(_CANCEL_AUTHORIZATION_TYPEHASH, authorizer, nonce));
_requireValidSignature(authorizer, structHash, v, r, s);
_authorizationStates[authorizer][nonce] = 2; // Canceled
emit AuthorizationCanceled(authorizer, nonce);
}
// -------------------------
// Internal helpers (EIP-3009)
// -------------------------
function _validateTimeframe(uint256 validAfter, uint256 validBefore) internal view {
uint256 nowTs = block.timestamp;
if (nowTs <= validAfter) revert AuthorizationNotYetValid(nowTs, validAfter);
if (nowTs >= validBefore) revert AuthorizationExpired(nowTs, validBefore);
}
function _useAuthorization(address authorizer, bytes32 nonce) internal {
// must be unused
if (_authorizationStates[authorizer][nonce] != 0) {
revert AuthorizationStateInvalid(authorizer, nonce);
}
_authorizationStates[authorizer][nonce] = 1; // Used
emit AuthorizationUsed(authorizer, nonce);
}
function _requireValidSignature(address expectedSigner, bytes32 structHash, uint8 v, bytes32 r, bytes32 s)
internal
view
{
bytes32 digest = _hashTypedDataV4(structHash);
address signer = ECDSA.recover(digest, v, r, s);
if (signer != expectedSigner) revert InvalidSigner(signer, expectedSigner);
}
// -------------------------
// Minting logic
// -------------------------
/// @notice Batch mints tokens to multiple addresses with unique txHashes
/// @param to Array of addresses to mint tokens to
/// @param txHashes Array of tx hashes to prevent double minting
function batchMint(address[] memory to, bytes32[] memory txHashes) public onlyRole(MINTER_ROLE) {
if (to.length != txHashes.length) {
revert ArrayLengthMismatch();
}
if (_mintCount + to.length > MAX_MINT_COUNT) {
revert MaxMintCountExceeded();
}
for (uint256 i = 0; i < to.length; i++) {
// check if the tx hash has already been minted
if (hasMinted[txHashes[i]]) {
revert AlreadyMinted(to[i], txHashes[i]);
}
hasMinted[txHashes[i]] = true;
_mint(to[i], MINT_AMOUNT);
}
_mintCount += to.length;
// Auto-deploy liquidity when mint completes
if (_mintCount == MAX_MINT_COUNT) {
_initializePoolAndDeployLiquidity(10_000, 200);
}
}
/// @dev Initialize the Uniswap v4 pool, mint a full range LP position, and settle funds in one flow.
/// @param fee The pool fee in pips (e.g. 10000 = 1%)
/// @param tickSpacing The tick spacing for the pool configuration
function _initializePoolAndDeployLiquidity(uint24 fee, int24 tickSpacing) internal virtual {
(address token0, address token1, uint160 sqrtPriceX96) = _sortedTokenData();
PoolKey memory poolKey = PoolKey({
currency0: Currency.wrap(token0),
currency1: Currency.wrap(token1),
fee: fee,
tickSpacing: tickSpacing,
hooks: IHooks(lpGuardHook)
});
// Initialize pool via PoolManager
POOL_MANAGER.initialize(poolKey, sqrtPriceX96);
// Prepare mint actions payload
bytes memory actions = abi.encodePacked(uint8(Actions.MINT_POSITION), uint8(Actions.SETTLE_PAIR));
// Total payment seed amount for liquidity
uint256 amountPayment = PAYMENT_SEED;
// Mint PONG tokens for LP
_mint(address(this), POOL_SEED_AMOUNT);
(uint128 amount0Max, uint128 amount1Max, uint128 liquidity) =
_calculateMintParams(poolKey, amountPayment, POOL_SEED_AMOUNT);
(int24 tickLower, int24 tickUpper) = _fullRangeTicks(tickSpacing);
// Set up approvals for Permit2 and PositionManager
IERC20(PAYMENT_TOKEN).approve(address(PERMIT2), amountPayment);
IERC20(address(this)).approve(address(PERMIT2), POOL_SEED_AMOUNT);
// Approve PositionManager via Permit2 for both tokens
PERMIT2.approve(PAYMENT_TOKEN, address(POSITION_MANAGER), SafeCast.toUint160(amountPayment), type(uint48).max);
PERMIT2.approve(
address(this), address(POSITION_MANAGER), SafeCast.toUint160(POOL_SEED_AMOUNT), type(uint48).max
);
bytes[] memory params = new bytes[](2);
params[0] =
abi.encode(poolKey, tickLower, tickUpper, liquidity, amount0Max, amount1Max, address(this), bytes(""));
params[1] = abi.encode(poolKey.currency0, poolKey.currency1);
uint256 tokenIdBefore = POSITION_MANAGER.nextTokenId();
POSITION_MANAGER.modifyLiquidities(abi.encode(actions, params), block.timestamp);
uint256 mintedTokenId = tokenIdBefore;
_lpTokenId = mintedTokenId;
_liquidityDeployed = true;
// Set LP lock: 2 months from deployment
_lpUnlockTime = block.timestamp + LP_LOCK_DURATION;
emit LiquidityDeployed(mintedTokenId, liquidity, _lpUnlockTime);
}
/// @notice Set the LP guard hook address (can only be called once before liquidity deployment)
/// @param _lpGuardHook The address of the LP guard hook
function setLpGuardHook(address _lpGuardHook) external virtual onlyRole(DEFAULT_ADMIN_ROLE) {
require(lpGuardHook == address(0), "Hook already set");
require(_lpGuardHook != address(0), "Invalid hook address");
lpGuardHook = _lpGuardHook;
}
/// @notice Emergency withdraw function to recover funds before liquidity deployment
/// @dev Can only be called once and only before liquidity is deployed to the pool
function emergencyWithdraw() external onlyRole(DEFAULT_ADMIN_ROLE) {
require(!_liquidityDeployed, "Liquidity already deployed");
require(!_emergencyWithdrawUsed, "Emergency withdraw already used");
// Mark as used
_emergencyWithdrawUsed = true;
// Mint PONG LP seed tokens to sender
_mint(msg.sender, POOL_SEED_AMOUNT);
// Transfer all PAYMENT_TOKEN balance to sender
uint256 balance = IERC20(PAYMENT_TOKEN).balanceOf(address(this));
if (balance > 0) {
IERC20(PAYMENT_TOKEN).transfer(msg.sender, balance);
}
}
/// @notice Collect outstanding fees from the protocol-owned LP position to the owner
/// @dev Can be called anytime to collect trading fees (does not remove liquidity)
function collectLpFees() external onlyRole(DEFAULT_ADMIN_ROLE) {
uint256 tokenId = _lpTokenId;
require(tokenId != 0, "LP_NOT_INITIALIZED");
(PositionPoolKey memory poolKey,) = POSITION_MANAGER.getPoolAndPositionInfo(tokenId);
bytes memory actions = abi.encodePacked(uint8(Actions.DECREASE_LIQUIDITY), uint8(Actions.TAKE_PAIR));
bytes[] memory params = new bytes[](2);
params[0] = abi.encode(tokenId, uint256(0), uint128(0), uint128(0), bytes(""));
params[1] = abi.encode(poolKey.currency0, poolKey.currency1, msg.sender);
uint256 deadline = block.timestamp + 1 hours;
POSITION_MANAGER.modifyLiquidities(abi.encode(actions, params), deadline);
}
/// @notice Withdraw the entire LP position after lock expires
/// @dev Removes all liquidity and withdraws USDC + PONG to admin
function withdrawLpPosition() external onlyRole(DEFAULT_ADMIN_ROLE) {
require(block.timestamp >= _lpUnlockTime, "LP still locked");
uint256 tokenId = _lpTokenId;
require(tokenId != 0, "LP_NOT_INITIALIZED");
(PositionPoolKey memory poolKey,) = POSITION_MANAGER.getPoolAndPositionInfo(tokenId);
// Decrease all liquidity and take tokens (no burn)
bytes memory actions = abi.encodePacked(
uint8(Actions.DECREASE_LIQUIDITY),
uint8(Actions.TAKE_PAIR)
);
bytes[] memory params = new bytes[](2);
// Decrease all liquidity (type(uint128).max = remove all)
params[0] = abi.encode(tokenId, type(uint256).max, uint128(type(uint128).max), uint128(type(uint128).max), bytes(""));
// Take both tokens (USDC + PONG) to admin
params[1] = abi.encode(poolKey.currency0, poolKey.currency1, msg.sender);
uint256 deadline = block.timestamp + 1 hours;
POSITION_MANAGER.modifyLiquidities(abi.encode(actions, params), deadline);
// Note: NFT still exists but has 0 liquidity. You can transfer/burn it later if desired.
}
/// @notice Get LP lock information
/// @return unlockTime Timestamp when LP can be withdrawn
/// @return isLocked Whether LP is currently locked
/// @return timeRemaining Seconds until unlock (0 if already unlocked)
function getLpLockInfo() external view returns (uint256 unlockTime, bool isLocked, uint256 timeRemaining) {
unlockTime = _lpUnlockTime;
isLocked = block.timestamp < _lpUnlockTime;
timeRemaining = isLocked ? _lpUnlockTime - block.timestamp : 0;
}
/// @notice Withdraw any ERC20 token from the contract to the admin
/// @param token The address of the ERC20 token to withdraw
/// @param amount The amount of tokens to withdraw
function withdrawToken(address token, uint256 amount) external onlyRole(DEFAULT_ADMIN_ROLE) {
IERC20(token).transfer(msg.sender, amount);
}
/// @notice Emergency function to withdraw all USDC from the contract
/// @dev Before LP deployment: withdraws the 100k USDC meant for LP
/// @dev After LP deployment: withdraws any extra USDC accidentally sent to contract
/// @dev After LP withdrawal: withdraws any remaining USDC dust
function emergencyWithdrawUsdc() external onlyRole(DEFAULT_ADMIN_ROLE) {
uint256 usdcBalance = IERC20(PAYMENT_TOKEN).balanceOf(address(this));
require(usdcBalance > 0, "No USDC to withdraw");
IERC20(PAYMENT_TOKEN).transfer(msg.sender, usdcBalance);
}
/// @notice Withdraw remaining USDC after LP withdrawal
/// @dev Use this to sweep any USDC left in contract after withdrawLpPosition()
/// @dev Also useful if users accidentally sent USDC to the contract
function sweepRemainingUsdc() external onlyRole(DEFAULT_ADMIN_ROLE) {
require(_liquidityDeployed, "LP not yet deployed");
uint256 usdcBalance = IERC20(PAYMENT_TOKEN).balanceOf(address(this));
require(usdcBalance > 0, "No USDC to sweep");
IERC20(PAYMENT_TOKEN).transfer(msg.sender, usdcBalance);
}
/// @notice Emergency function to transfer the LP NFT to the owner
/// @dev Use this if withdrawLpPosition() fails for any reason
/// @dev The LP NFT can then be managed directly via Uniswap's PositionManager
function emergencyTransferLpNft() external onlyRole(DEFAULT_ADMIN_ROLE) {
uint256 tokenId = _lpTokenId;
require(tokenId != 0, "LP_NOT_INITIALIZED");
// Transfer the LP NFT from this contract to the admin
// Using low-level call to avoid importing IERC721
(bool success,) = address(POSITION_MANAGER).call(
abi.encodeWithSignature("transferFrom(address,address,uint256)", address(this), msg.sender, tokenId)
);
require(success, "NFT_TRANSFER_FAILED");
}
function _calculateMintParams(PoolKey memory poolKey, uint256 amountPaymentToken, uint256 amountPong)
internal
view
returns (uint128 amount0Max, uint128 amount1Max, uint128 liquidity)
{
uint256 amount0;
uint256 amount1;
if (PAYMENT_TOKEN_IS_TOKEN0) {
amount0 = amountPaymentToken;
amount1 = amountPong;
} else {
amount0 = amountPong;
amount1 = amountPaymentToken;
}
amount0Max = SafeCast.toUint128(amount0);
amount1Max = SafeCast.toUint128(amount1);
uint256 sqrtPriceX96 = PAYMENT_TOKEN_IS_TOKEN0 ? SQRT_PRICE_PAYMENT_TOKEN_FIRST : SQRT_PRICE_PONG_FIRST;
(int24 tickLower, int24 tickUpper) = _fullRangeTicks(poolKey.tickSpacing);
liquidity = LiquidityAmounts.getLiquidityForAmounts(
SafeCast.toUint160(sqrtPriceX96),
TickMath.getSqrtPriceAtTick(tickLower),
TickMath.getSqrtPriceAtTick(tickUpper),
amount0,
amount1
);
}
function _fullRangeTicks(int24 tickSpacing) internal pure returns (int24 tickLower, int24 tickUpper) {
tickLower = (TickMath.MIN_TICK / tickSpacing) * tickSpacing;
if (tickLower < TickMath.MIN_TICK) {
tickLower += tickSpacing;
}
tickUpper = (TickMath.MAX_TICK / tickSpacing) * tickSpacing;
if (tickUpper > TickMath.MAX_TICK) {
tickUpper -= tickSpacing;
}
}
function _sortedTokenData() internal view returns (address token0, address token1, uint160 sqrtPriceX96) {
if (PAYMENT_TOKEN_IS_TOKEN0) {
token0 = PAYMENT_TOKEN;
token1 = address(this);
sqrtPriceX96 = SQRT_PRICE_PAYMENT_TOKEN_FIRST;
} else {
token0 = address(this);
token1 = PAYMENT_TOKEN;
sqrtPriceX96 = SQRT_PRICE_PONG_FIRST;
}
}
// -------------------------
// Getters
// -------------------------
/// @notice Returns the maximum mint count
function maxMintCount() public view returns (uint256) {
return MAX_MINT_COUNT;
}
/// @notice Returns the mint count
function mintCount() public view returns (uint256) {
return _mintCount;
}
/// @notice Returns the mint amount of the token (5,000 PONG)
function mintAmount() public view returns (uint256) {
return MINT_AMOUNT;
}
/// @notice Returns the payment seed amount for liquidity
function paymentSeed() public view returns (uint256) {
return PAYMENT_SEED;
}
/// @notice Returns whether liquidity has been deployed
function liquidityDeployed() public view returns (bool) {
return _liquidityDeployed;
}
/// @notice Get mint statistics for x402 backend
function getMintStats() external view returns (
uint256 totalSupply_,
uint256 publicMinted,
uint256 remainingPublic,
uint256 percentMinted
) {
totalSupply_ = totalSupply();
uint256 maxPublicTokens = MAX_MINT_COUNT * MINT_AMOUNT;
publicMinted = _mintCount * MINT_AMOUNT;
remainingPublic = maxPublicTokens - publicMinted;
percentMinted = (_mintCount * 100) / MAX_MINT_COUNT;
}
}
"
},
"lib/v4-core/lib/openzeppelin-contracts/contracts/token/ERC20/ERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "./IERC20.sol";
import {IERC20Metadata} from "./extensions/IERC20Metadata.sol";
import {Context} from "../../utils/Context.sol";
import {IERC20Errors} from "../../interfaces/draft-IERC6093.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* The default value of {decimals} is 18. To change this, you should override
* this function so it returns a different value.
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*/
abstract contract ERC20 is Context, IERC20, IERC20Metadata, IERC20Errors {
mapping(address account => uint256) private _balances;
mapping(address account => mapping(address spender => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the default value returned by this function, unless
* it's overridden.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `value`.
*/
function transfer(address to, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_transfer(owner, to, value);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `value` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, value);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `value`.
* - the caller must have allowance for ``from``'s tokens of at least
* `value`.
*/
function transferFrom(address from, address to, uint256 value) public virtual returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, value);
_transfer(from, to, value);
return true;
}
/**
* @dev Moves a `value` amount of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _transfer(address from, address to, uint256 value) internal {
if (from == address(0)) {
revert ERC20InvalidSender(address(0));
}
if (to == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(from, to, value);
}
/**
* @dev Transfers a `value` amount of tokens from `from` to `to`, or alternatively mints (or burns) if `from`
* (or `to`) is the zero address. All customizations to transfers, mints, and burns should be done by overriding
* this function.
*
* Emits a {Transfer} event.
*/
function _update(address from, address to, uint256 value) internal virtual {
if (from == address(0)) {
// Overflow check required: The rest of the code assumes that totalSupply never overflows
_totalSupply += value;
} else {
uint256 fromBalance = _balances[from];
if (fromBalance < value) {
revert ERC20InsufficientBalance(from, fromBalance, value);
}
unchecked {
// Overflow not possible: value <= fromBalance <= totalSupply.
_balances[from] = fromBalance - value;
}
}
if (to == address(0)) {
unchecked {
// Overflow not possible: value <= totalSupply or value <= fromBalance <= totalSupply.
_totalSupply -= value;
}
} else {
unchecked {
// Overflow not possible: balance + value is at most totalSupply, which we know fits into a uint256.
_balances[to] += value;
}
}
emit Transfer(from, to, value);
}
/**
* @dev Creates a `value` amount of tokens and assigns them to `account`, by transferring it from address(0).
* Relies on the `_update` mechanism
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _mint(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(address(0), account, value);
}
/**
* @dev Destroys a `value` amount of tokens from `account`, lowering the total supply.
* Relies on the `_update` mechanism.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead
*/
function _burn(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidSender(address(0));
}
_update(account, address(0), value);
}
/**
* @dev Sets `value` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*
* Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
*/
function _approve(address owner, address spender, uint256 value) internal {
_approve(owner, spender, value, true);
}
/**
* @dev Variant of {_approve} with an optional flag to enable or disable the {Approval} event.
*
* By default (when calling {_approve}) the flag is set to true. On the other hand, approval changes made by
* `_spendAllowance` during the `transferFrom` operation set the flag to false. This saves gas by not emitting any
* `Approval` event during `transferFrom` operations.
*
* Anyone who wishes to continue emitting `Approval` events on the`transferFrom` operation can force the flag to
* true using the following override:
* ```
* function _approve(address owner, address spender, uint256 value, bool) internal virtual override {
* super._approve(owner, spender, value, true);
* }
* ```
*
* Requirements are the same as {_approve}.
*/
function _approve(address owner, address spender, uint256 value, bool emitEvent) internal virtual {
if (owner == address(0)) {
revert ERC20InvalidApprover(address(0));
}
if (spender == address(0)) {
revert ERC20InvalidSpender(address(0));
}
_allowances[owner][spender] = value;
if (emitEvent) {
emit Approval(owner, spender, value);
}
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `value`.
*
* Does not update the allowance value in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Does not emit an {Approval} event.
*/
function _spendAllowance(address owner, address spender, uint256 value) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
if (currentAllowance < value) {
revert ERC20InsufficientAllowance(spender, currentAllowance, value);
}
unchecked {
_approve(owner, spender, currentAllowance - value, false);
}
}
}
}
"
},
"lib/v4-core/lib/openzeppelin-contracts/contracts/token/ERC20/extensions/ERC20Burnable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/ERC20Burnable.sol)
pragma solidity ^0.8.20;
import {ERC20} from "../ERC20.sol";
import {Context} from "../../../utils/Context.sol";
/**
* @dev Extension of {ERC20} that allows token holders to destroy both their own
* tokens and those that they have an allowance for, in a way that can be
* recognized off-chain (via event analysis).
*/
abstract contract ERC20Burnable is Context, ERC20 {
/**
* @dev Destroys a `value` amount of tokens from the caller.
*
* See {ERC20-_burn}.
*/
function burn(uint256 value) public virtual {
_burn(_msgSender(), value);
}
/**
* @dev Destroys a `value` amount of tokens from `account`, deducting from
* the caller's allowance.
*
* See {ERC20-_burn} and {ERC20-allowance}.
*
* Requirements:
*
* - the caller must have allowance for ``accounts``'s tokens of at least
* `value`.
*/
function burnFrom(address account, uint256 value) public virtual {
_spendAllowance(account, _msgSender(), value);
_burn(account, value);
}
}
"
},
"lib/v4-core/lib/openzeppelin-contracts/contracts/access/AccessControl.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/AccessControl.sol)
pragma solidity ^0.8.20;
import {IAccessControl} from "./IAccessControl.sol";
import {Context} from "../utils/Context.sol";
import {ERC165} from "../utils/introspection/ERC165.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms. This is a lightweight version that doesn't allow enumerating role
* members except through off-chain means by accessing the contract event logs. Some
* applications may benefit from on-chain enumerability, for those cases see
* {AccessControlEnumerable}.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```solidity
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```solidity
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules}
* to enforce additional security measures for this role.
*/
abstract contract AccessControl is Context, IAccessControl, ERC165 {
struct RoleData {
mapping(address account => bool) hasRole;
bytes32 adminRole;
}
mapping(bytes32 role => RoleData) private _roles;
bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;
/**
* @dev Modifier that checks that an account has a specific role. Reverts
* with an {AccessControlUnauthorizedAccount} error including the required role.
*/
modifier onlyRole(bytes32 role) {
_checkRole(role);
_;
}
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId);
}
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) public view virtual returns (bool) {
return _roles[role].hasRole[account];
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `_msgSender()`
* is missing `role`. Overriding this function changes the behavior of the {onlyRole} modifier.
*/
function _checkRole(bytes32 role) internal view virtual {
_checkRole(role, _msgSender());
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `account`
* is missing `role`.
*/
function _checkRole(bytes32 role, address account) internal view virtual {
if (!hasRole(role, account)) {
revert AccessControlUnauthorizedAccount(account, role);
}
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) public view virtual returns (bytes32) {
return _roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleGranted} event.
*/
function grantRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleRevoked} event.
*/
function revokeRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been revoked `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*
* May emit a {RoleRevoked} event.
*/
function renounceRole(bytes32 role, address callerConfirmation) public virtual {
if (callerConfirmation != _msgSender()) {
revert AccessControlBadConfirmation();
}
_revokeRole(role, callerConfirmation);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
bytes32 previousAdminRole = getRoleAdmin(role);
_roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
/**
* @dev Attempts to grant `role` to `account` and returns a boolean indicating if `role` was granted.
*
* Internal function without access restriction.
*
* May emit a {RoleGranted} event.
*/
function _grantRole(bytes32 role, address account) internal virtual returns (bool) {
if (!hasRole(role, account)) {
_roles[role].hasRole[account] = true;
emit RoleGranted(role, account, _msgSender());
return true;
} else {
return false;
}
}
/**
* @dev Attempts to revoke `role` to `account` and returns a boolean indicating if `role` was revoked.
*
* Internal function without access restriction.
*
* May emit a {RoleRevoked} event.
*/
function _revokeRole(bytes32 role, address account) internal virtual returns (bool) {
if (hasRole(role, account)) {
_roles[role].hasRole[account] = false;
emit RoleRevoked(role, account, _msgSender());
return true;
} else {
return false;
}
}
}
"
},
"lib/v4-core/lib/openzeppelin-contracts/contracts/access/Ownable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)
pragma solidity ^0.8.20;
import {Context} from "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* The initial owner is set to the address provided by the deployer. This can
* later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
/**
* @dev The caller account is not authorized to perform an operation.
*/
error OwnableUnauthorizedAccount(address account);
/**
* @dev The owner is not a valid owner account. (eg. `address(0)`)
*/
error OwnableInvalidOwner(address owner);
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the address provided by the deployer as the initial owner.
*/
constructor(address initialOwner) {
if (initialOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(initialOwner);
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
if (owner() != _msgSender()) {
revert OwnableUnauthorizedAccount(_msgSender());
}
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
if (newOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
"
},
"lib/v4-core/lib/openzeppelin-contracts/contracts/utils/cryptography/EIP712.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/cryptography/EIP712.sol)
pragma solidity ^0.8.20;
import {MessageHashUtils} from "./MessageHashUtils.sol";
import {ShortStrings, ShortString} from "../ShortStrings.sol";
import {IERC5267} from "../../interfaces/IERC5267.sol";
/**
* @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data.
*
* The encoding scheme specified in the EIP requires a domain separator and a hash of the typed structured data, whose
* encoding is very generic and therefore its implementation in Solidity is not feasible, thus this contract
* does not implement the encoding itself. Protocols need to implement the type-specific encoding they need in order to
* produce the hash of their typed data using a combination of `abi.encode` and `keccak256`.
*
* This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding
* scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA
* ({_hashTypedDataV4}).
*
* The implementation of the domain separator was designed to be as efficient as possible while still properly updating
* the chain id to protect against replay attacks on an eventual fork of the chain.
*
* NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method
* https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask].
*
* NOTE: In the upgradeable version of this contract, the cached values will correspond to the address, and the domain
* separator of the implementation contract. This will cause the {_domainSeparatorV4} function to always rebuild the
* separator from the immutable values, which is cheaper than accessing a cached version in cold storage.
*
* @custom:oz-upgrades-unsafe-allow state-variable-immutable
*/
abstract contract EIP712 is IERC5267 {
using ShortStrings for *;
bytes32 private constant TYPE_HASH =
keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)");
// Cache the domain separator as an immutable value, but also store the chain id that it corresponds to, in order to
// invalidate the cached domain separator if the chain id changes.
bytes32 private immutable _cachedDomainSeparator;
uint256 private immutable _cachedChainId;
address private immutable _cachedThis;
bytes32 private immutable _hashedName;
bytes32 private immutable _hashedVersion;
ShortString private immutable _name;
ShortString private immutable _version;
string private _nameFallback;
string private _versionFallback;
/**
* @dev Initializes the domain separator and parameter caches.
*
* The meaning of `name` and `version` is specified in
* https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]:
*
* - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol.
* - `version`: the current major version of the signing domain.
*
* NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart
* contract upgrade].
*/
constructor(string memory name, string memory version) {
_name = name.toShortStringWithFallback(_nameFallback);
_version = version.toShortStringWithFallback(_versionFallback);
_hashedName = keccak256(bytes(name));
_hashedVersion = keccak256(bytes(version));
_cachedChainId = block.chainid;
_cachedDomainSeparator = _buildDomainSeparator();
_cachedThis = address(this);
}
/**
* @dev Returns the domain separator for the current chain.
*/
function _domainSeparatorV4() internal view returns (bytes32) {
if (address(this) == _cachedThis && block.chainid == _cachedChainId) {
return _cachedDomainSeparator;
} else {
return _buildDomainSeparator();
}
}
function _buildDomainSeparator() private view returns (bytes32) {
return keccak256(abi.encode(TYPE_HASH, _hashedName, _hashedVersion, block.chainid, address(this)));
}
/**
* @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this
* function returns the hash of the fully encoded EIP712 message for this domain.
*
* This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example:
*
* ```solidity
* bytes32 digest = _hashTypedDataV4(keccak256(abi.encode(
* keccak256("Mail(address to,string contents)"),
* mailTo,
* keccak256(bytes(mailContents))
* )));
* address signer = ECDSA.recover(digest, signature);
* ```
*/
function _hashTypedDataV4(bytes32 structHash) internal view virtual returns (bytes32) {
return MessageHashUtils.toTypedDataHash(_domainSeparatorV4(), structHash);
}
/**
* @dev See {IERC-5267}.
*/
function eip712Domain()
public
view
virtual
returns (
bytes1 fields,
string memory name,
string memory version,
uint256 chainId,
address verifyingContract,
bytes32 salt,
uint256[] memory extensions
)
{
return (
hex"0f", // 01111
_EIP712Name(),
_EIP712Version(),
block.chainid,
address(this),
bytes32(0),
new uint256[](0)
);
}
/**
* @dev The name parameter for the EIP712 domain.
*
* NOTE: By default this function reads _name which is an immutable value.
* It only reads from storage if necessary (in case the value is too large to fit in a ShortString).
*/
// solhint-disable-next-line func-name-mixedcase
function _EIP712Name() internal view returns (string memory) {
return _name.toStringWithFallback(_nameFallback);
}
/**
* @dev The version parameter for the EIP712 domain.
*
* NOTE: By default this function reads _version which is an immutable value.
* It only reads from storage if necessary (in case the value is too large to fit in a ShortString).
*/
// solhint-disable-next-line func-name-mixedcase
function _EIP712Version() internal view returns (string memory) {
return _version.toStringWithFallback(_versionFallback);
}
}
"
},
"lib/v4-core/lib/openzeppelin-contracts/contracts/utils/cryptography/ECDSA.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/cryptography/ECDSA.sol)
pragma solidity ^0.8.20;
/**
* @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
*
* These functions can be used to verify that a message was signed by the holder
* of the private keys of a given address.
*/
library ECDSA {
enum RecoverError {
NoError,
InvalidSignature,
InvalidSignatureLength,
InvalidSignatureS
}
/**
* @dev The signature derives the `address(0)`.
*/
error ECDSAInvalidSignature();
/**
* @dev The signature has an invalid length.
*/
error ECDSAInvalidSignatureLength(uint256 length);
/**
* @dev The signature has an S value that is in the upper half order.
*/
error ECDSAInvalidSignatureS(bytes32 s);
/**
* @dev Returns the address that signed a hashed message (`hash`) with `signature` or an error. This will not
* return address(0) without also returning an error description. Errors are documented using an enum (error type)
* and a bytes32 providing additional information about the error.
*
* If no error is returned, then the address can be used for verification purposes.
*
* The `ecrecover` EVM precompile allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {MessageHashUtils-toEthSignedMessageHash} on it.
*
* Documentation for signature generation:
* - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
* - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
*/
function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError, bytes32) {
if (signature.length == 65) {
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them
// currently is to use assembly.
/// @solidity memory-safe-assembly
assembly {
r := mload(add(signature, 0x20))
s := mload(add(signature, 0x40))
v := byte(0, mload(add(signature, 0x60)))
}
return tryRecover(hash, v, r, s);
} else {
return (address(0), RecoverError.InvalidSignatureLength, bytes32(signature.length));
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature`. This address can then be used for verification purposes.
*
* The `ecrecover` EVM precompile allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {MessageHashUtils-toEthSignedMessageHash} on it.
*/
function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
(address recovered, RecoverError error, bytes32 errorArg) = tryRecover(hash, signature);
_throwError(error, errorArg);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
*
* See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
*/
function tryRecover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address, RecoverError, bytes32) {
unchecked {
bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
// We do not check for an overflow here since the shift operation results in 0 or 1.
uint8 v = uint8((uint256(vs) >> 255) + 27);
return tryRecover(hash, v, r, s);
}
}
/**
* @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
*/
function recover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address) {
(address recovered, RecoverError error, bytes32 errorArg) = tryRecover(hash, r, vs);
_throwError(error, errorArg);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `v`,
* `r` and `s` signature fields separately.
*/
function tryRecover(
bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internal pure returns (address, RecoverError, bytes32) {
// EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
// unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
// the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most
// signatures from current libraries generate a unique signature with an s-value in the lower half order.
//
// If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
// with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
// vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
// these malleable signatures as well.
if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
return (address(0), RecoverError.InvalidSignatureS, s);
}
// If the signature is valid (and not malleable), return the signer address
address signer = ecrecover(hash, v, r, s);
if (signer == address(0)) {
return (address(0), RecoverError.InvalidSignature, bytes32(0));
}
return (signer, RecoverError.NoError, bytes32(0));
}
/**
* @dev Overload of {ECDSA-recover} that receives the `v`,
* `r` and `s` signature fields separately.
*/
function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal pure returns (address) {
(address recovered, RecoverError error, bytes32 errorArg) = tryRecover(hash, v, r, s);
_throwError(error, errorArg);
return recovered;
}
/**
* @dev Optionally reverts with the corresponding custom error according to the `error` argument provided.
*/
function _throwError(RecoverError error, bytes32 errorArg) private pure {
if (error == RecoverError.NoError) {
return; // no error: do nothing
} else if (error == RecoverError.InvalidSignature) {
revert ECDSAInvalidSignature();
} else if (error == RecoverError.InvalidSignatureLength) {
revert ECDSAInvalidSignatureLength(uint256(errorArg));
} else if (error == RecoverError.InvalidSignatureS) {
revert ECDSAInvalidSignatureS(errorArg);
}
}
}
"
},
"lib/v4-periphery/src/interfaces/IPositionManager.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import {PoolKey} from "@uniswap/v4-core/src/types/PoolKey.sol";
import {PositionInfo} from "../libraries/PositionInfoLibrary.sol";
import {INotifier} from "./INotifier.sol";
import {IImmutableState} from "./IImmutableState.sol";
import {IERC721Permit_v4} from "./IERC721Permit_v4.sol";
import {IEIP712_v4} from "./IEIP712_v4.sol";
import {IMulticall_v4} from "./IMulticall_v4.sol";
import {IPoolInitializer_v4} from "./IPoolInitializer_v4.sol";
import {IUnorderedNonce} from "./IUnorderedNonce.sol";
import {IPermit2Forwarder} from "./IPermit2Forwarder.sol";
/// @title IPositionManager
/// @notice Interface for the PositionManager contract
interface IPositionManager is
INotifier,
IImmutableState,
IERC721Permit_v4,
IEIP712_v4,
IMulticall_v4,
IPoolInitializer_v4,
IUnorderedNonce,
IPermit2Forwarder
{
/// @notice Thrown when the caller is not approved to modify a position
error NotApproved(address caller);
/// @notice Thrown when the block.timestamp exceeds the user-provided deadline
error DeadlinePassed(uint256 deadline);
/// @notice Thrown when calling transfer, subscribe, or unsubscribe when the PoolManager is unlocked.
/// @dev This is to prevent hooks from being able to trigger notifications at the same time the position is being modified.
error PoolManagerMustBeLocked();
/// @notice Unlocks Uniswap v4 PoolManager and batches actions for modifying liquidity
/// @dev This is the standard entrypoint for the PositionManager
/// @param unlockData is an encoding of actions, and parameters for those actions
/// @param deadline is the Submitted on: 2025-10-25 10:36:51
Comments
Log in to comment.
No comments yet.