Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"@openzeppelin/contracts/access/AccessControl.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (access/AccessControl.sol)
pragma solidity ^0.8.20;
import {IAccessControl} from "./IAccessControl.sol";
import {Context} from "../utils/Context.sol";
import {IERC165, ERC165} from "../utils/introspection/ERC165.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms. This is a lightweight version that doesn't allow enumerating role
* members except through off-chain means by accessing the contract event logs. Some
* applications may benefit from on-chain enumerability, for those cases see
* {AccessControlEnumerable}.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```solidity
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```solidity
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules}
* to enforce additional security measures for this role.
*/
abstract contract AccessControl is Context, IAccessControl, ERC165 {
struct RoleData {
mapping(address account => bool) hasRole;
bytes32 adminRole;
}
mapping(bytes32 role => RoleData) private _roles;
bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;
/**
* @dev Modifier that checks that an account has a specific role. Reverts
* with an {AccessControlUnauthorizedAccount} error including the required role.
*/
modifier onlyRole(bytes32 role) {
_checkRole(role);
_;
}
/// @inheritdoc IERC165
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId);
}
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) public view virtual returns (bool) {
return _roles[role].hasRole[account];
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `_msgSender()`
* is missing `role`. Overriding this function changes the behavior of the {onlyRole} modifier.
*/
function _checkRole(bytes32 role) internal view virtual {
_checkRole(role, _msgSender());
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `account`
* is missing `role`.
*/
function _checkRole(bytes32 role, address account) internal view virtual {
if (!hasRole(role, account)) {
revert AccessControlUnauthorizedAccount(account, role);
}
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) public view virtual returns (bytes32) {
return _roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleGranted} event.
*/
function grantRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleRevoked} event.
*/
function revokeRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been revoked `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*
* May emit a {RoleRevoked} event.
*/
function renounceRole(bytes32 role, address callerConfirmation) public virtual {
if (callerConfirmation != _msgSender()) {
revert AccessControlBadConfirmation();
}
_revokeRole(role, callerConfirmation);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
bytes32 previousAdminRole = getRoleAdmin(role);
_roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
/**
* @dev Attempts to grant `role` to `account` and returns a boolean indicating if `role` was granted.
*
* Internal function without access restriction.
*
* May emit a {RoleGranted} event.
*/
function _grantRole(bytes32 role, address account) internal virtual returns (bool) {
if (!hasRole(role, account)) {
_roles[role].hasRole[account] = true;
emit RoleGranted(role, account, _msgSender());
return true;
} else {
return false;
}
}
/**
* @dev Attempts to revoke `role` from `account` and returns a boolean indicating if `role` was revoked.
*
* Internal function without access restriction.
*
* May emit a {RoleRevoked} event.
*/
function _revokeRole(bytes32 role, address account) internal virtual returns (bool) {
if (hasRole(role, account)) {
_roles[role].hasRole[account] = false;
emit RoleRevoked(role, account, _msgSender());
return true;
} else {
return false;
}
}
}
"
},
"@openzeppelin/contracts/access/IAccessControl.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (access/IAccessControl.sol)
pragma solidity >=0.8.4;
/**
* @dev External interface of AccessControl declared to support ERC-165 detection.
*/
interface IAccessControl {
/**
* @dev The `account` is missing a role.
*/
error AccessControlUnauthorizedAccount(address account, bytes32 neededRole);
/**
* @dev The caller of a function is not the expected one.
*
* NOTE: Don't confuse with {AccessControlUnauthorizedAccount}.
*/
error AccessControlBadConfirmation();
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted to signal this.
*/
event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call. This account bears the admin role (for the granted role).
* Expected in cases where the role was granted using the internal {AccessControl-_grantRole}.
*/
event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/
event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) external view returns (bool);
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {AccessControl-_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) external view returns (bytes32);
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function grantRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function revokeRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*/
function renounceRole(bytes32 role, address callerConfirmation) external;
}
"
},
"@openzeppelin/contracts/interfaces/IERC1363.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC1363.sol)
pragma solidity >=0.6.2;
import {IERC20} from "./IERC20.sol";
import {IERC165} from "./IERC165.sol";
/**
* @title IERC1363
* @dev Interface of the ERC-1363 standard as defined in the https://eips.ethereum.org/EIPS/eip-1363[ERC-1363].
*
* Defines an extension interface for ERC-20 tokens that supports executing code on a recipient contract
* after `transfer` or `transferFrom`, or code on a spender contract after `approve`, in a single transaction.
*/
interface IERC1363 is IERC20, IERC165 {
/*
* Note: the ERC-165 identifier for this interface is 0xb0202a11.
* 0xb0202a11 ===
* bytes4(keccak256('transferAndCall(address,uint256)')) ^
* bytes4(keccak256('transferAndCall(address,uint256,bytes)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256,bytes)')) ^
* bytes4(keccak256('approveAndCall(address,uint256)')) ^
* bytes4(keccak256('approveAndCall(address,uint256,bytes)'))
*/
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @param data Additional data with no specified format, sent in call to `spender`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value, bytes calldata data) external returns (bool);
}
"
},
"@openzeppelin/contracts/interfaces/IERC165.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC165.sol)
pragma solidity >=0.4.16;
import {IERC165} from "../utils/introspection/IERC165.sol";
"
},
"@openzeppelin/contracts/interfaces/IERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC20.sol)
pragma solidity >=0.4.16;
import {IERC20} from "../token/ERC20/IERC20.sol";
"
},
"@openzeppelin/contracts/token/ERC20/IERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (token/ERC20/IERC20.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-20 standard as defined in the ERC.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}
"
},
"@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
import {IERC1363} from "../../../interfaces/IERC1363.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC-20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
/**
* @dev An operation with an ERC-20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Variant of {safeTransfer} that returns a bool instead of reverting if the operation is not successful.
*/
function trySafeTransfer(IERC20 token, address to, uint256 value) internal returns (bool) {
return _callOptionalReturnBool(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Variant of {safeTransferFrom} that returns a bool instead of reverting if the operation is not successful.
*/
function trySafeTransferFrom(IERC20 token, address from, address to, uint256 value) internal returns (bool) {
return _callOptionalReturnBool(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*
* NOTE: If the token implements ERC-7674, this function will not modify any temporary allowance. This function
* only sets the "standard" allowance. Any temporary allowance will remain active, in addition to the value being
* set here.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value));
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeCall(token.approve, (spender, 0)));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Performs an {ERC1363} transferAndCall, with a fallback to the simple {ERC20} transfer if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
safeTransfer(token, to, value);
} else if (!token.transferAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} transferFromAndCall, with a fallback to the simple {ERC20} transferFrom if the target
* has no code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferFromAndCallRelaxed(
IERC1363 token,
address from,
address to,
uint256 value,
bytes memory data
) internal {
if (to.code.length == 0) {
safeTransferFrom(token, from, to, value);
} else if (!token.transferFromAndCall(from, to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} approveAndCall, with a fallback to the simple {ERC20} approve if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* NOTE: When the recipient address (`to`) has no code (i.e. is an EOA), this function behaves as {forceApprove}.
* Opposedly, when the recipient address (`to`) has code, this function only attempts to call {ERC1363-approveAndCall}
* once without retrying, and relies on the returned value to be true.
*
* Reverts if the returned value is other than `true`.
*/
function approveAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
forceApprove(token, to, value);
} else if (!token.approveAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturnBool} that reverts if call fails to meet the requirements.
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
uint256 returnSize;
uint256 returnValue;
assembly ("memory-safe") {
let success := call(gas(), token, 0, add(data, 0x20), mload(data), 0, 0x20)
// bubble errors
if iszero(success) {
let ptr := mload(0x40)
returndatacopy(ptr, 0, returndatasize())
revert(ptr, returndatasize())
}
returnSize := returndatasize()
returnValue := mload(0)
}
if (returnSize == 0 ? address(token).code.length == 0 : returnValue != 1) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silently catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
bool success;
uint256 returnSize;
uint256 returnValue;
assembly ("memory-safe") {
success := call(gas(), token, 0, add(data, 0x20), mload(data), 0, 0x20)
returnSize := returndatasize()
returnValue := mload(0)
}
return success && (returnSize == 0 ? address(token).code.length > 0 : returnValue == 1);
}
}
"
},
"@openzeppelin/contracts/utils/Context.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}
"
},
"@openzeppelin/contracts/utils/introspection/ERC165.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (utils/introspection/ERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "./IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC-165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*/
abstract contract ERC165 is IERC165 {
/// @inheritdoc IERC165
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}
"
},
"@openzeppelin/contracts/utils/introspection/IERC165.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (utils/introspection/IERC165.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[ERC].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
"
},
"@openzeppelin/contracts/utils/Pausable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (utils/Pausable.sol)
pragma solidity ^0.8.20;
import {Context} from "../utils/Context.sol";
/**
* @dev Contract module which allows children to implement an emergency stop
* mechanism that can be triggered by an authorized account.
*
* This module is used through inheritance. It will make available the
* modifiers `whenNotPaused` and `whenPaused`, which can be applied to
* the functions of your contract. Note that they will not be pausable by
* simply including this module, only once the modifiers are put in place.
*/
abstract contract Pausable is Context {
bool private _paused;
/**
* @dev Emitted when the pause is triggered by `account`.
*/
event Paused(address account);
/**
* @dev Emitted when the pause is lifted by `account`.
*/
event Unpaused(address account);
/**
* @dev The operation failed because the contract is paused.
*/
error EnforcedPause();
/**
* @dev The operation failed because the contract is not paused.
*/
error ExpectedPause();
/**
* @dev Modifier to make a function callable only when the contract is not paused.
*
* Requirements:
*
* - The contract must not be paused.
*/
modifier whenNotPaused() {
_requireNotPaused();
_;
}
/**
* @dev Modifier to make a function callable only when the contract is paused.
*
* Requirements:
*
* - The contract must be paused.
*/
modifier whenPaused() {
_requirePaused();
_;
}
/**
* @dev Returns true if the contract is paused, and false otherwise.
*/
function paused() public view virtual returns (bool) {
return _paused;
}
/**
* @dev Throws if the contract is paused.
*/
function _requireNotPaused() internal view virtual {
if (paused()) {
revert EnforcedPause();
}
}
/**
* @dev Throws if the contract is not paused.
*/
function _requirePaused() internal view virtual {
if (!paused()) {
revert ExpectedPause();
}
}
/**
* @dev Triggers stopped state.
*
* Requirements:
*
* - The contract must not be paused.
*/
function _pause() internal virtual whenNotPaused {
_paused = true;
emit Paused(_msgSender());
}
/**
* @dev Returns to normal state.
*
* Requirements:
*
* - The contract must be paused.
*/
function _unpause() internal virtual whenPaused {
_paused = false;
emit Unpaused(_msgSender());
}
}
"
},
"@openzeppelin/contracts/utils/ReentrancyGuard.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/ReentrancyGuard.sol)
pragma solidity ^0.8.20;
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If EIP-1153 (transient storage) is available on the chain you're deploying at,
* consider using {ReentrancyGuardTransient} instead.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant NOT_ENTERED = 1;
uint256 private constant ENTERED = 2;
uint256 private _status;
/**
* @dev Unauthorized reentrant call.
*/
error ReentrancyGuardReentrantCall();
constructor() {
_status = NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be NOT_ENTERED
if (_status == ENTERED) {
revert ReentrancyGuardReentrantCall();
}
// Any calls to nonReentrant after this point will fail
_status = ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = NOT_ENTERED;
}
/**
* @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
* `nonReentrant` function in the call stack.
*/
function _reentrancyGuardEntered() internal view returns (bool) {
return _status == ENTERED;
}
}
"
},
"contracts/AccessControlManager.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import {AccessControl} from "@openzeppelin/contracts/access/AccessControl.sol";
/**
* @title AccessControlManager
* @notice Manages centralized role-based access control for the AI Indices ecosystem.
* @dev Only addresses with GOVERNANCE_ROLE can grant/revoke roles.
* Designed to integrate with vaults, bridges, and validators.
*/
contract AccessControlManager is AccessControl {
/* ========== CUSTOM ERRORS ========== */
/// @notice Thrown when a zero address is provided where a valid address is required
error ZeroAddress();
/// @notice Thrown when trying to renounce a role for another account
error CanOnlyRenounceSelf();
/* ========== ROLES ========== */
/// @notice Role for entities allowed to manage other roles (e.g., multisig or DAO)
bytes32 public constant GOVERNANCE_ROLE = keccak256("GOVERNANCE_ROLE");
/// @notice Role for authorized rebalancers or executors (e.g., bot, backend service)
bytes32 public constant ALLOCATOR_ROLE = keccak256("ALLOCATOR_ROLE");
/// @notice Role for emergency operators allowed to pause contracts
bytes32 public constant PAUSER_ROLE = keccak256("PAUSER_ROLE");
/// @notice Role for admin operations
bytes32 public constant ADMIN_ROLE = keccak256("ADMIN_ROLE");
/// @notice Role for circuit breaker operations
bytes32 public constant CIRCUIT_BREAKER_ROLE =
keccak256("CIRCUIT_BREAKER_ROLE");
/* ========== STATE VARIABLES ========== */
/// @notice Global circuit breaker state
bool public circuitBreakerActive;
/* ========== EVENTS ========== */
/**
* @notice Emitted when the contract is paused by a PAUSER_ROLE account
* @param caller The address that paused the contract
*/
event EmergencyPaused(address indexed caller);
/**
* @notice Emitted when the contract is unpaused by a PAUSER_ROLE account
* @param caller The address that unpaused the contract
*/
event EmergencyUnpaused(address indexed caller);
/**
* @notice Emitted when the circuit breaker is triggered
* @param caller The address that triggered the circuit breaker
* @param reason The reason for triggering the circuit breaker
*/
event CircuitBreakerTriggered(address indexed caller, string reason);
/**
* @notice Emitted when the circuit breaker is reset
* @param caller The address that reset the circuit breaker
*/
event CircuitBreakerReset(address indexed caller);
/* ========== CONSTRUCTOR ========== */
constructor(
address governance,
address allocator,
address pauser,
address admin,
address circuitBreaker
) {
if (governance == address(0)) revert ZeroAddress();
if (allocator == address(0)) revert ZeroAddress();
if (pauser == address(0)) revert ZeroAddress();
if (admin == address(0)) revert ZeroAddress();
if (circuitBreaker == address(0)) revert ZeroAddress();
_grantRole(DEFAULT_ADMIN_ROLE, governance);
_grantRole(GOVERNANCE_ROLE, governance);
_grantRole(ALLOCATOR_ROLE, allocator);
_grantRole(PAUSER_ROLE, pauser);
_grantRole(ADMIN_ROLE, admin);
_grantRole(CIRCUIT_BREAKER_ROLE, circuitBreaker);
}
/* ========== ROLE MANAGEMENT ========== */
/**
* @notice Grants a specific role to an account
* @dev Only GOVERNANCE_ROLE can call this
* @param role The role to be granted
* @param account The address to receive the role
*/
function grantRole(
bytes32 role,
address account
) public override onlyRole(GOVERNANCE_ROLE) {
if (account == address(0)) revert ZeroAddress();
super.grantRole(role, account);
}
/**
* @notice Revokes a specific role from an account
* @dev Only GOVERNANCE_ROLE can call this
* @param role The role to be revoked
* @param account The address losing the role
*/
function revokeRole(
bytes32 role,
address account
) public override onlyRole(GOVERNANCE_ROLE) {
if (account == address(0)) revert ZeroAddress();
super.revokeRole(role, account);
}
/**
* @notice Allows an account to renounce its own role
* @param role The role to renounce
* @param account The calling address (must match msg.sender)
*/
function renounceRole(bytes32 role, address account) public override {
if (account != msg.sender) revert CanOnlyRenounceSelf();
super.renounceRole(role, account);
}
/* ========== CIRCUIT BREAKER CONTROLS ========== */
/**
* @notice Triggers the global circuit breaker to halt operations
* @dev Only callable by CIRCUIT_BREAKER_ROLE accounts
* @param reason The reason for triggering the circuit breaker
*/
function triggerCircuitBreaker(
string calldata reason
) external onlyRole(CIRCUIT_BREAKER_ROLE) {
circuitBreakerActive = true;
emit CircuitBreakerTriggered(msg.sender, reason);
}
/**
* @notice Resets the global circuit breaker to resume operations
* @dev Only callable by ADMIN_ROLE accounts
*/
function resetCircuitBreaker() external onlyRole(ADMIN_ROLE) {
circuitBreakerActive = false;
emit CircuitBreakerReset(msg.sender);
}
/* ========== VIEW HELPERS ========== */
/**
* @notice Checks if a given address holds a specific role
* @param role The role to check
* @param account The address to verify
* @return True if the account has the role, false otherwise
*/
function hasAccess(
bytes32 role,
address account
) external view returns (bool) {
return hasRole(role, account);
}
}
"
},
"contracts/interfaces/IHypernativeFirewall.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
/**
* @title IHypernativeFirewall
* @notice Interface for the Hypernative Firewall contract
* @dev Defines the functions that FirewallProtected contracts can call
*/
interface IHypernativeFirewall {
/**
* @notice Validates forbidden context interaction
* @param origin The transaction origin
* @param sender The message sender
*/
function validateForbiddenContextInteraction(
address origin,
address sender
) external;
/**
* @notice Validates blacklisted account interaction
* @param account The account to validate
*/
function validateBlacklistedAccountInteraction(address account) external;
/**
* @notice Validates and verifies forbidden context interaction with signature
* @param origin The transaction origin
* @param sender The message sender
* @param data The message data
* @param signatureExpiry The signature expiry timestamp
* @param signature The ECDSA signature
*/
function validateAndVerifyForbiddenContextInteraction(
address origin,
address sender,
bytes calldata data,
uint256 signatureExpiry,
bytes calldata signature
) external;
/**
* @notice Registers an account with the firewall
* @param account The account to register
* @param isStrictMode Whether to use strict mode
*/
function register(address account, bool isStrictMode) external;
// NEW: Additional functions needed for complete functionality
/**
* @notice Check if verifier mode is enabled
* @return Whether verifier mode is active
*/
function isVerifierEnabled() external view returns (bool);
/**
* @notice Get the current verifier signer address
* @return Address of the verifier signer
*/
function getVerifierSigner() external view returns (address);
/**
* @notice Get the account registration time threshold
* @return Registration threshold in seconds
*/
function getRegistrationThreshold() external view returns (uint256);
/**
* @notice Check if an account is registered
* @param account The account to check
* @return Whether the account is registered
*/
function isAccountRegistered(address account) external view returns (bool);
/**
* @notice Check if an account is blacklisted
* @param account The account to check
* @return Whether the account is blacklisted
*/
function isAccountBlacklisted(address account) external view returns (bool);
/**
* @notice Check if an account is marked as unsafe
* @param account The account to check
* @return Whether the account is unsafe
*/
function isAccountUnsafe(address account) external view returns (bool);
/**
* @notice Get account registration time
* @param account The account to check
* @return Registration timestamp (0 if not registered)
*/
function getAccountRegistrationTime(
address account
) external view returns (uint256);
}
"
},
"contracts/staging/ChildIndexVaultTest.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import {ReentrancyGuard} from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
import {SafeERC20, IERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {Pausable} from "@openzeppelin/contracts/utils/Pausable.sol";
import {AccessControlManager} from "../AccessControlManager.sol";
import {FirewallProtected} from "../utils/FirewallProtected.sol";
/**
* @title ChildIndexVault
* @notice Improved child vault for managing portfolio operations on non-base chains
* @dev Executes swaps and bridges based on MasterVault instructions with Hypernative security
*/
contract ChildIndexVaultTest is ReentrancyGuard, Pausable, FirewallProtected {
using SafeERC20 for IERC20;
// Role identifiers
bytes32 public constant ADMIN_ROLE = keccak256("ADMIN_ROLE");
bytes32 public constant ALLOCATOR_ROLE = keccak256("ALLOCATOR_ROLE");
bytes32 public constant PAUSER_ROLE = keccak256("PAUSER_ROLE");
/// @notice Local swap operation
struct SwapOperation {
string operationId;
address tokenIn;
address tokenOut;
uint256 amountIn;
uint256 minAmountOut;
bytes swapData; // encoded swap data
}
/// @notice Cross-chain operation
struct CrossChainOperation {
string operationId;
string bridgeId;
uint256 sourceChain;
uint256 targetChain;
address tokenIn;
uint256 amountIn;
uint256 minAmountOut;
bytes bridgeData; // encoded bridge data
}
/// @notice Rebalancing plan for a specific chain
struct RebalancingPlan {
uint256 chainId;
SwapOperation[] swapOperations;
}
// ═══════════════════════════════════════════════════════════════════════════
// STATE VARIABLES
// ═══════════════════════════════════════════════════════════════════════════
// Core components
address public immutable USDC;
address public immutable MASTER_VAULT;
uint256 public immutable BASE_CHAIN;
AccessControlManager public accessControlManager;
mapping(address => bool) public allowedRouters;
// Security: Emergency withdrawal controls
uint256 public immutable MAX_EMERGENCY_WITHDRAWAL = 1 ether;
mapping(address => bool) public emergencyRecipients;
uint256 public lastEmergencyWithdrawal;
// System events
event VaultInitialized(
address indexed usdc,
address indexed masterVault,
uint256 indexed baseChain,
address vaultGuard
);
event ConfigurationUpdated(
string parameter,
address oldValue,
address newValue
);
event ConfigurationUpdated(
string parameter,
uint256 oldValue,
uint256 newValue
);
// Operation events
event SwapExecuted(
string indexed operationId,
address tokenIn,
address tokenOut,
uint256 amountIn,
uint256 amountOut
);
event CrossChainInitiated(
string indexed bridgeId,
uint256 sourceChain,
uint256 targetChain,
uint256 amount
);
event BatchCompleted(string indexed batchId, uint256 operations);
event RebalanceExecuted(string indexed rebalanceId, uint256 operations);
// ETH event
event EmergencyETHWithdrawal(address indexed to, uint256 amount);
// ═══════════════════════════════════════════════════════════════════════════
// ERRORS
// ═══════════════════════════════════════════════════════════════════════════
error InvalidAddress();
error InvalidRouter();
error InvalidAmount();
error InvalidChain();
error InvalidOperation();
error OperationCompleted();
error InsufficientBalance();
error ExcessiveSlippage();
error UnauthorizedCaller();
error RebalanceTooSoon();
error SwapFailed();
error CrossChainSwapFailed();
error CircuitBreakerActive();
error WithdrawalTooSoon();
// ═══════════════════════════════════════════════════════════════════════════
// MODIFIERS
// ═══════════════════════════════════════════════════════════════════════════
/**
* @notice Modifier to check if the caller has a specific role
* @dev Only callable by ADMIN_ROLE accounts
* @param role The role to check
*/
modifier onlyRole(bytes32 role) {
if (!accessControlManager.hasRole(role, msg.sender)) {
revert UnauthorizedCaller();
}
_;
}
/**
* @notice Modifier to check if the circuit breaker is inactive
* @dev Only callable by ADMIN_ROLE accounts
*/
modifier whenCircuitBreakerInactive() {
if (accessControlManager.circuitBreakerActive())
revert CircuitBreakerActive();
_;
}
// ═══════════════════════════════════════════════════════════════════════════
// INITIALIZATION
// ═══════════════════════════════════════════════════════════════════════════
/**
* @notice Constructor
* @param _usdc The USDC token address
* @param _masterVault The master vault address
* @param _baseChain The base chain ID
* @param _accessControlManager The access control manager address
* @param _router The router address
* @param _hypernativeFirewall The Hypernative firewall address
* @param _firewallAdmin The firewall admin address
*/
constructor(
address _usdc,
address _masterVault,
uint256 _baseChain,
address _accessControlManager,
address _router,
address _hypernativeFirewall,
address _firewallAdmin
) FirewallProtected(_hypernativeFirewall, _firewallAdmin) {
if (_usdc == address(0)) revert InvalidAddress();
if (_masterVault == address(0)) revert InvalidAddress();
if (_baseChain == 0) revert InvalidChain();
if (_accessControlManager == address(0)) revert InvalidAddress();
if (_router == address(0)) revert InvalidAddress();
USDC = _usdc;
MASTER_VAULT = _masterVault;
BASE_CHAIN = _baseChain;
accessControlManager = AccessControlManager(_accessControlManager);
allowedRouters[_router] = true;
emit VaultInitialized(
_usdc,
_masterVault,
_baseChain,
_hypernativeFirewall
);
}
// ═══════════════════════════════════════════════════════════════════════════
// MAIN FUNCTIONS
// ═══════════════════════════════════════════════════════════════════════════
/**
* @notice NEW: Hypernative-secured swap execution entry point
* @param router The router to use
* @param route Encoded routes for all swaps
* @param signatureExpiry Hypernative signature expiry timestamp
* @param signature Hypernative ECDSA signature
*/
function execSwap(
address router,
bytes calldata route,
uint256 signatureExpiry,
bytes calldata signature
)
external
payable
onlyRole(ALLOCATOR_ROLE)
nonReentrant
whenNotPaused
whenCircuitBreakerInactive
onlyFirewallVerifierApproved(signatureExpiry, signature)
{
// Execute all rebalancing operations
_executeRebalancing(router, route);
}
/**
* @notice Internal function to execute rebalancing operations
* @param route Encoded routes for all swaps
*/
function _executeRebalancing(
address router,
bytes calldata route
) internal {
// Decode the route to extract rebalancing plans and cross-chain operations
(
RebalancingPlan[] memory plans,
CrossChainOperation[] memory crossChainOps
) = abi.decode(route, (RebalancingPlan[], CrossChainOperation[]));
// Execute local operations for this chain
uint256 totalOperations = 0;
for (uint256 i = 0; i < plans.length; ++i) {
if (plans[i].chainId == block.chainid) {
_executeSwapBatch(router, plans[i].swapOperations);
++totalOperations;
}
}
// Execute cross-chain operations
for (uint256 i = 0; i < crossChainOps.length; ++i) {
if (crossChainOps[i].sourceChain == block.chainid) {
_executeCrossChainOperation(router, crossChainOps[i]);
++totalOperations;
}
}
emit RebalanceExecuted(
string(abi.encodePacked(keccak256(abi.encodePacked(route)))), // Convert hash to string
totalOperations
);
}
// ═══════════════════════════════════════════════════════════════════════════
// INTERNAL FUNCTIONS
// ═══════════════════════════════════════════════════════════════════════════
/**
* @notice Internal function to execute a batch of swaps
* @param router The router to use
* @param swaps The array of swap operations to execute
* @return executed The number of swaps executed
*/
function _executeSwapBatch(
address router,
SwapOperation[] memory swaps
) internal returns (uint256) {
uint256 executed = 0;
for (uint256 i = 0; i < swaps.length; ++i) {
_executeSwap(router, swaps[i]);
++executed;
}
return executed;
}
/**
* @notice Internal function to execute a swap
* @param router The router to use
* @param swap The swap operation to execute
* @return amountOut The amount of tokens received
*/
function _executeSwap(
address router,
SwapOperation memory swap
) internal returns (uint256) {
// Validate
if (swap.amountIn == 0) revert InvalidAmount();
if (swap.minAmountOut == 0) revert InvalidAmount();
if (!allowedRouters[router]) revert InvalidRouter();
// Check balance
uint256 balanceBefore = IERC20(swap.tokenOut).balanceOf(address(this));
// Approve router
IERC20(swap.tokenIn).safeIncreaseAllowance(router, swap.amountIn);
// Execute swap
(bool success, ) = router.call(swap.swapData);
if (!success) revert SwapFailed();
// Reset approval
IERC20(swap.tokenIn).safeDecreaseAllowance(router, 0);
// Calculate output
uint256 balanceAfter = IERC20(swap.tokenOut).balanceOf(address(this));
uint256 amountOut = balanceAfter - balanceBefore;
// Validate slippage
if (amountOut < swap.minAmountOut) revert ExcessiveSlippage();
emit SwapExecuted(
swap.operationId,
swap.tokenIn,
swap.tokenOut,
swap.amountIn,
amountOut
);
return amountOut;
}
/**
* @notice Internal function to execute a cross-chain operation
* @param router The router to use
* @param op The cross-chain operation to execute
*/
function _executeCrossChainOperation(
address router,
CrossChainOperation memory op
) internal {
if (op.sourceChain != block.chainid) revert InvalidChain();
if (op.amountIn == 0) revert InvalidAmount();
if (!allowedRouters[router]) revert InvalidRouter();
// Approve router
IERC20(op.tokenIn).safeIncreaseAllowance(router, op.amountIn);
// Execute bridge
(bool success, ) = router.call(op.bridgeData);
if (!success) revert CrossChainSwapFailed();
// Reset approval
IERC20(op.tokenIn).safeDecreaseAllowance(router, 0);
emit CrossChainInitiated(
op.bridgeId,
op.sourceChain,
op.targetChain,
op.amountIn
);
}
// ═══════════════════════════════════════════════════════════════════════════
// ADMIN FUNCTIONS
// ═══════════════════════════════════════════════════════════════════════════
/**
* @notice Set the router
* @dev Only callable by ADMIN_ROLE accounts
* @param _router The new router address
* @param _status The status of the router
*/
function setRouterStatus(
address _router,
bool _status
) external onlyRole(ADMIN_ROLE) {
allowedRouters[_router] = _status;
// Convert bool to address for event
address newParam;
if (_status) {
newParam = address(1);
} else {
newParam = address(0);
}
emit ConfigurationUpdated("routerStatus", _router, newParam);
}
/**
* @notice Add or remove emergency withdrawal recipients
* @dev Only callable by ADMIN_ROLE accounts
* @param recipient Address to manage
* @param isAuthorized Whether the address is authorized for emergency withdrawals
*/
function setEmergencyRecipient(
address recipient,
bool isAuthorized
) external onlyRole(ADMIN_ROLE) {
if (recipient == address(0)) revert InvalidAddress();
emergencyRecipients[recipient] = isAuthorized;
}
/**
* @notice Pauses this specific vault contract
* @dev Only callable by PAUSER_ROLE accounts
*/
function pause() external onlyRole(PAUSER_ROLE) {
_pause();
}
/**
* @notice Unpauses this specific vault contract
* @dev Only callable by PAUSER_ROLE accounts
*/
function unpause() external onlyRole(PAUSER_ROLE) {
_unpause();
}
// ═══════════════════════════════════════════════════════════════════════════
// VIEW FUNCTIONS
// ═══════════════════════════════════════════════════════════════════════════
function getCircuitBreakerState() external view returns (bool) {
return accessControlManager.circuitBreakerActive();
}
// ═══════════════════════════════════════════════════════════════════════════
// ETH HANDLING
// ═══════════════════════════════════════════════════════════════════════════
/**\Submitted on: 2025-10-27 19:18:54
Comments
Log in to comment.
No comments yet.