Description:
Decentralized Finance (DeFi) protocol contract providing Swap, Factory functionality.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"EEEEEEEEEEEEEEEEEEEEE.sol": {
"content": "//SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.20;
import {SafeTransferLib} from "solady/src/utils/SafeTransferLib.sol";
import {MetadataReaderLib} from "solady/src/utils/MetadataReaderLib.sol";
contract IEEEEEEEEEEEEEEEEEEEE {
error Overflow();
error Unauthorized();
error InvalidSwap();
error InvalidSyntax();
error InvalidCharacter();
error InsufficientETHSent();
error SwapFailed();
error PoolNotFound();
error InvalidFeeTier();
error InvalidAddress();
error SlippageExceeded();
event NameSet(address indexed token, string name);
struct SwapParams {
address tokenIn;
address tokenOut;
uint256 amountIn;
uint256 minAmountOut;
bool ETHIn;
bool ETHOut;
address sender;
}
address internal constant DAO = 0xDa000000000000d2885F108500803dfBAaB2f2aA;
address internal constant ETH = 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;
address internal constant WETH = 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2;
address internal constant USDC = 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48;
address internal constant kp = 0xea36Af87Df952fd4c9A05Cd792d370909Bbda8DB;
address internal constant PEPECOIN =
0xA9E8aCf069C58aEc8825542845Fd754e41a9489A;
address internal constant UNISWAP_V3_FACTORY =
0x1F98431c8aD98523631AE4a59f267346ea31F984;
bytes32 internal constant UNISWAP_V3_POOL_INIT_CODE_HASH =
0xe34f199b19b2b4f47f68442619d555527d244f78a3297ea89325f843f87b8b54;
uint160 internal constant MIN_SQRT_RATIO_PLUS_ONE = 4295128740;
uint160 internal constant MAX_SQRT_RATIO_MINUS_ONE =
1461446703485210103287273052203988822378723970341;
mapping(string => address) public tokens;
function _computeAddress(
address token0,
address token1,
uint24 fee
) internal pure virtual returns (address pool) {
return
address(
uint160(
uint256(
keccak256(
abi.encodePacked(
hex"ff",
UNISWAP_V3_FACTORY,
keccak256(abi.encode(token0, token1, fee)),
UNISWAP_V3_POOL_INIT_CODE_HASH
)
)
)
)
);
}
function _codeSize(
address account
) internal view virtual returns (uint256 size) {
assembly ("memory-safe") {
size := extcodesize(account)
}
}
function _toAddress(string memory s) internal pure returns (address) {
bytes memory b = bytes(s);
if (b.length != 42 || b[0] != "0" || (b[1] != "x" && b[1] != "X"))
revert InvalidAddress();
uint256 result = 0;
for (uint256 i = 2; i < 42; ++i) {
uint8 c = uint8(b[i]);
if (c >= 48 && c <= 57) {
result = result * 16 + (c - 48);
} else if (c >= 65 && c <= 70) {
result = result * 16 + (c - 55);
} else if (c >= 97 && c <= 102) {
result = result * 16 + (c - 87);
} else {
revert InvalidAddress();
}
}
return address(uint160(result));
}
function setToken(
string calldata name,
address token
) public payable virtual {
assembly ("memory-safe") {
if iszero(eq(caller(), DAO)) {
mstore(0x00, 0x82b42900)
revert(0x1c, 0x04)
}
}
string memory normalized = _lowercase(name);
tokens[normalized] = token;
emit NameSet(token, normalized);
}
function command(string calldata intent) public payable virtual {
string memory normalized = _lowercase(intent);
bytes32 action = _extraction(normalized);
if (action == "send" || action == "transfer") {
(
string memory to,
string memory amount,
string memory token
) = _extractSend(normalized);
send(to, amount, token);
} else if (action == "swap" || action == "exchange") {
(
string memory amountIn,
string memory tokenIn,
string memory tokenOut,
string memory feeStr,
string memory minAmountOutStr
) = _extractSwap(normalized);
uint24 feeTier = _parseFeeString(feeStr);
swap(amountIn, tokenIn, tokenOut, minAmountOutStr, feeTier);
} else {
revert InvalidSyntax();
}
}
function send(
string memory to,
string memory amount,
string memory token
) public payable virtual {
address _token = _returnTokenConstant(bytes32(bytes(token)));
if (_token == address(0)) _token = tokens[token];
bool isETH = _token == ETH;
address payable _to = payable(_toAddress(to));
uint256 _amount = _stringToUint(
amount,
isETH ? 18 : MetadataReaderLib.readDecimals(_token)
);
if (isETH) {
SafeTransferLib.safeTransferETH(_to, _amount);
} else {
SafeTransferLib.safeTransferFrom(_token, msg.sender, _to, _amount);
}
}
function swap(
string memory amountIn,
string memory tokenIn,
string memory tokenOut,
string memory minAmountOutStr,
uint24 feeTier
) public payable virtual {
SwapParams memory params = SwapParams({
sender: msg.sender,
tokenIn: _returnTokenConstant(bytes32(bytes(tokenIn))),
tokenOut: _returnTokenConstant(bytes32(bytes(tokenOut))),
amountIn: 0,
minAmountOut: 0,
ETHIn: false,
ETHOut: false
});
if (params.tokenIn == address(0)) params.tokenIn = tokens[tokenIn];
if (params.tokenOut == address(0)) params.tokenOut = tokens[tokenOut];
params.ETHIn = params.tokenIn == ETH;
params.ETHOut = params.tokenOut == ETH;
if (params.ETHIn) params.tokenIn = WETH;
if (params.ETHOut) params.tokenOut = WETH;
params.amountIn = _stringToUint(
amountIn,
params.ETHIn ? 18 : MetadataReaderLib.readDecimals(params.tokenIn)
);
if (params.amountIn >= 1 << 255) revert Overflow();
if (bytes(minAmountOutStr).length > 0) {
params.minAmountOut = _stringToUint(
minAmountOutStr,
params.ETHOut
? 18
: MetadataReaderLib.readDecimals(params.tokenOut)
);
}
(address pool, bool zeroForOne) = feeTier == 0
? _computePoolAddress(params.tokenIn, params.tokenOut)
: _computePoolAddressWithFee(
params.tokenIn,
params.tokenOut,
feeTier
);
ISwapRouter(pool).swap(
!params.ETHOut ? params.sender : address(this),
zeroForOne,
int256(params.amountIn),
zeroForOne ? MIN_SQRT_RATIO_PLUS_ONE : MAX_SQRT_RATIO_MINUS_ONE,
abi.encode(params) // Encode the entire struct
);
}
function uniswapV3SwapCallback(
int256 amount0Delta,
int256 amount1Delta,
bytes calldata data
) public virtual {
if (amount0Delta <= 0 && amount1Delta <= 0) revert InvalidSwap();
SwapParams memory params = abi.decode(data, (SwapParams));
(address expectedPool, ) = _computePoolAddress(
params.tokenIn,
params.ETHOut ? WETH : params.tokenOut
);
if (msg.sender != expectedPool) revert Unauthorized();
uint256 amountToPay = amount0Delta > 0
? uint256(amount0Delta)
: uint256(amount1Delta);
if (params.ETHIn) {
IWETH(WETH).deposit{value: amountToPay}();
SafeTransferLib.safeTransferETH(msg.sender, amountToPay);
} else {
SafeTransferLib.safeTransferFrom(
params.tokenIn,
params.sender,
msg.sender,
amountToPay
);
}
if (params.ETHOut) {
uint256 amountOut = amount0Delta > 0
? uint256(-amount1Delta)
: uint256(-amount0Delta);
if (amountOut < params.minAmountOut) revert SlippageExceeded();
IWETH(WETH).withdraw(amountOut);
SafeTransferLib.safeTransferETH(params.sender, amountOut);
} else {
uint256 amountOut = amount0Delta > 0
? uint256(-amount1Delta)
: uint256(-amount0Delta);
if (amountOut < params.minAmountOut) revert SlippageExceeded();
}
}
function _extractSend(
string memory normalizedIntent
)
internal
pure
virtual
returns (string memory to, string memory amount, string memory token)
{
string[] memory parts = _split(normalizedIntent, " ");
if (parts.length < 4) revert InvalidSyntax();
to = parts[1];
amount = parts[2];
token = parts[3];
}
function _extractSwap(
string memory normalizedIntent
)
internal
pure
virtual
returns (
string memory amountIn,
string memory tokenIn,
string memory tokenOut,
string memory feeStr,
string memory minAmountOutStr
)
{
string[] memory parts = _split(normalizedIntent, " ");
if (
parts.length < 5 ||
keccak256(bytes(parts[3])) != keccak256(bytes("for"))
) revert InvalidSyntax();
amountIn = parts[1];
tokenIn = parts[2];
tokenOut = parts[4];
minAmountOutStr = "";
for (uint256 i = 5; i < parts.length; i++) {
if (
keccak256(bytes(parts[i])) == keccak256(bytes("min")) &&
i + 1 < parts.length
) {
minAmountOutStr = parts[i + 1];
break;
}
if (
keccak256(bytes(parts[i])) == keccak256(bytes("on")) &&
i + 1 < parts.length
) {
feeStr = parts[i + 1];
}
}
}
function _parseFeeString(
string memory feeStr
) internal pure virtual returns (uint24) {
bytes memory b = bytes(feeStr);
if (b.length == 0) return 0;
uint256 len = b.length;
bool hasPercent = len > 0 && b[len - 1] == "%";
if (hasPercent) len--;
uint256 value = 0;
uint256 decimals = 0;
bool hasDecimal = false;
for (uint256 i = 0; i < len; i++) {
if (b[i] >= "0" && b[i] <= "9") {
value = value * 10 + uint8(b[i]) - 48;
if (hasDecimal) decimals++;
} else if (b[i] == "." && !hasDecimal) {
hasDecimal = true;
} else {
revert InvalidCharacter();
}
}
uint24 feeTier;
if (hasPercent) {
if (decimals == 0) feeTier = uint24(value * 10000);
else if (decimals == 1) feeTier = uint24(value * 1000);
else if (decimals == 2) feeTier = uint24(value * 100);
else revert InvalidFeeTier();
} else {
feeTier = uint24(value);
}
if (
feeTier != 0 &&
feeTier != 100 &&
feeTier != 500 &&
feeTier != 3000 &&
feeTier != 10000
) {
revert InvalidFeeTier();
}
return feeTier;
}
function _extraction(
string memory normalizedIntent
) internal pure virtual returns (bytes32 result) {
assembly ("memory-safe") {
let str := add(normalizedIntent, 0x20)
let length := mload(normalizedIntent)
for {
let i := 0
} lt(i, length) {
i := add(i, 1)
} {
let char := byte(0, mload(add(str, i)))
if eq(char, 0x20) {
break
}
result := or(shl(8, result), char)
}
}
}
function _lowercase(
string memory source
) internal pure virtual returns (string memory result) {
bytes memory b = bytes(source);
result = new string(b.length);
bytes memory r = bytes(result);
for (uint256 i; i != b.length; ++i) {
r[i] = (b[i] >= 0x41 && b[i] <= 0x5A)
? bytes1(uint8(b[i]) + 32)
: b[i];
}
}
function _split(
string memory base,
string memory delimiter
) internal pure virtual returns (string[] memory parts) {
bytes memory baseBytes = bytes(base);
bytes memory delimiterBytes = bytes(delimiter);
uint256 count = 1;
for (
uint256 i = 0;
i < baseBytes.length - delimiterBytes.length + 1;
i++
) {
bool isDelimiter = true;
for (uint256 j = 0; j < delimiterBytes.length; j++) {
if (baseBytes[i + j] != delimiterBytes[j]) {
isDelimiter = false;
break;
}
}
if (isDelimiter) {
count++;
i += delimiterBytes.length - 1;
}
}
parts = new string[](count);
uint256 partIndex;
uint256 start;
for (uint256 i = 0; i <= baseBytes.length; i++) {
if (
i == baseBytes.length ||
(i <= baseBytes.length - delimiterBytes.length &&
keccak256(
abi.encodePacked(
_slice(baseBytes, i, delimiterBytes.length)
)
) ==
keccak256(abi.encodePacked(delimiterBytes)))
) {
parts[partIndex] = string(_slice(baseBytes, start, i - start));
partIndex++;
start = i + delimiterBytes.length;
i += delimiterBytes.length - 1;
}
}
}
function _slice(
bytes memory data,
uint256 start,
uint256 length
) internal pure returns (bytes memory) {
bytes memory result = new bytes(length);
for (uint256 i = 0; i < length; i++) {
result[i] = data[start + i];
}
return result;
}
function _stringToUint(
string memory s,
uint8 decimals
) internal pure virtual returns (uint256 result) {
unchecked {
bool hasDecimal;
uint256 decimalPlaces;
bytes memory b = bytes(s);
for (uint256 i; i != b.length; ++i) {
if (b[i] >= "0" && b[i] <= "9") {
result = result * 10 + uint8(b[i]) - 48;
if (hasDecimal) {
++decimalPlaces;
if (decimalPlaces > decimals) {
break;
}
}
} else if (b[i] == "." && !hasDecimal) {
hasDecimal = true;
} else {
revert InvalidCharacter();
}
}
if (decimalPlaces < decimals) {
result *= 10 ** (decimals - decimalPlaces);
}
}
}
function _returnTokenConstant(
bytes32 token
) internal pure virtual returns (address) {
if (token == "eth") return ETH;
if (token == "weth") return WETH;
if (token == "usdc") return USDC;
if (token == "kp") return kp;
if (token == "pepecoin") return PEPECOIN;
return address(0);
}
function _computePoolAddress(
address tokenA,
address tokenB
) internal view virtual returns (address pool, bool zeroForOne) {
if (tokenA < tokenB) {
zeroForOne = true;
} else {
(tokenA, tokenB) = (tokenB, tokenA);
}
pool = _computeAddress(tokenA, tokenB, 3000);
if (_codeSize(pool) == 0) {
pool = _computeAddress(tokenA, tokenB, 500);
if (_codeSize(pool) == 0) {
pool = _computeAddress(tokenA, tokenB, 10000);
if (_codeSize(pool) == 0) {
pool = _computeAddress(tokenA, tokenB, 100);
}
}
}
}
function _computePoolAddressWithFee(
address tokenA,
address tokenB,
uint24 fee
) internal pure virtual returns (address pool, bool zeroForOne) {
if (tokenA < tokenB) {
zeroForOne = true;
} else {
(tokenA, tokenB) = (tokenB, tokenA);
}
pool = _computeAddress(tokenA, tokenB, fee);
}
receive() external payable virtual {}
}
interface IToken {
function transfer(address, uint256) external returns (bool);
}
interface IExecutor {
function execute(
address,
uint256,
bytes calldata
) external payable returns (bytes memory);
}
interface ISwapRouter {
function swap(
address,
bool,
int256,
uint160,
bytes calldata
) external returns (int256, int256);
}
interface IWETH {
function deposit() external payable;
function withdraw(uint256) external;
}
"
},
"solady/src/utils/MetadataReaderLib.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
/// @notice Library for reading contract metadata robustly.
/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/MetadataReaderLib.sol)
library MetadataReaderLib {
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* CONSTANTS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Default gas stipend for contract reads. High enough for most practical use cases
/// (able to SLOAD about 1000 bytes of data), but low enough to prevent griefing.
uint256 internal constant GAS_STIPEND_NO_GRIEF = 100000;
/// @dev Default string byte length limit.
uint256 internal constant STRING_LIMIT_DEFAULT = 1000;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* METADATA READING OPERATIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
// Best-effort string reading operations.
// Should NOT revert as long as sufficient gas is provided.
//
// Performs the following in order:
// 1. Returns the empty string for the following cases:
// - Reverts.
// - No returndata (e.g. function returns nothing, EOA).
// - Returns empty string.
// 2. Attempts to `abi.decode` the returndata into a string.
// 3. With any remaining gas, scans the returndata from start to end for the
// null byte '\0', to interpret the returndata as a null-terminated string.
/// @dev Equivalent to `readString(abi.encodeWithSignature("name()"))`.
function readName(address target) internal view returns (string memory) {
return _string(target, _ptr(0x06fdde03), STRING_LIMIT_DEFAULT, GAS_STIPEND_NO_GRIEF);
}
/// @dev Equivalent to `readString(abi.encodeWithSignature("name()"), limit)`.
function readName(address target, uint256 limit) internal view returns (string memory) {
return _string(target, _ptr(0x06fdde03), limit, GAS_STIPEND_NO_GRIEF);
}
/// @dev Equivalent to `readString(abi.encodeWithSignature("name()"), limit, gasStipend)`.
function readName(address target, uint256 limit, uint256 gasStipend)
internal
view
returns (string memory)
{
return _string(target, _ptr(0x06fdde03), limit, gasStipend);
}
/// @dev Equivalent to `readString(abi.encodeWithSignature("symbol()"))`.
function readSymbol(address target) internal view returns (string memory) {
return _string(target, _ptr(0x95d89b41), STRING_LIMIT_DEFAULT, GAS_STIPEND_NO_GRIEF);
}
/// @dev Equivalent to `readString(abi.encodeWithSignature("symbol()"), limit)`.
function readSymbol(address target, uint256 limit) internal view returns (string memory) {
return _string(target, _ptr(0x95d89b41), limit, GAS_STIPEND_NO_GRIEF);
}
/// @dev Equivalent to `readString(abi.encodeWithSignature("symbol()"), limit, gasStipend)`.
function readSymbol(address target, uint256 limit, uint256 gasStipend)
internal
view
returns (string memory)
{
return _string(target, _ptr(0x95d89b41), limit, gasStipend);
}
/// @dev Performs a best-effort string query on `target` with `data` as the calldata.
/// The string will be truncated to `STRING_LIMIT_DEFAULT` (1000) bytes.
function readString(address target, bytes memory data) internal view returns (string memory) {
return _string(target, _ptr(data), STRING_LIMIT_DEFAULT, GAS_STIPEND_NO_GRIEF);
}
/// @dev Performs a best-effort string query on `target` with `data` as the calldata.
/// The string will be truncated to `limit` bytes.
function readString(address target, bytes memory data, uint256 limit)
internal
view
returns (string memory)
{
return _string(target, _ptr(data), limit, GAS_STIPEND_NO_GRIEF);
}
/// @dev Performs a best-effort string query on `target` with `data` as the calldata.
/// The string will be truncated to `limit` bytes.
function readString(address target, bytes memory data, uint256 limit, uint256 gasStipend)
internal
view
returns (string memory)
{
return _string(target, _ptr(data), limit, gasStipend);
}
// Best-effort unsigned integer reading operations.
// Should NOT revert as long as sufficient gas is provided.
//
// Performs the following in order:
// 1. Attempts to `abi.decode` the result into a uint256
// (equivalent across all Solidity uint types, downcast as needed).
// 2. Returns zero for the following cases:
// - Reverts.
// - No returndata (e.g. function returns nothing, EOA).
// - Returns zero.
// - `abi.decode` failure.
/// @dev Equivalent to `uint8(readUint(abi.encodeWithSignature("decimals()")))`.
function readDecimals(address target) internal view returns (uint8) {
return uint8(_uint(target, _ptr(0x313ce567), GAS_STIPEND_NO_GRIEF));
}
/// @dev Equivalent to `uint8(readUint(abi.encodeWithSignature("decimals()"), gasStipend))`.
function readDecimals(address target, uint256 gasStipend) internal view returns (uint8) {
return uint8(_uint(target, _ptr(0x313ce567), gasStipend));
}
/// @dev Performs a best-effort uint query on `target` with `data` as the calldata.
function readUint(address target, bytes memory data) internal view returns (uint256) {
return _uint(target, _ptr(data), GAS_STIPEND_NO_GRIEF);
}
/// @dev Performs a best-effort uint query on `target` with `data` as the calldata.
function readUint(address target, bytes memory data, uint256 gasStipend)
internal
view
returns (uint256)
{
return _uint(target, _ptr(data), gasStipend);
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* PRIVATE HELPERS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Attempts to read and return a string at `target`.
function _string(address target, bytes32 ptr, uint256 limit, uint256 gasStipend)
private
view
returns (string memory result)
{
/// @solidity memory-safe-assembly
assembly {
function min(x_, y_) -> _z {
_z := xor(x_, mul(xor(x_, y_), lt(y_, x_)))
}
for {} staticcall(gasStipend, target, add(ptr, 0x20), mload(ptr), 0x00, 0x20) {} {
let m := mload(0x40) // Grab the free memory pointer.
let s := add(0x20, m) // Start of the string's bytes in memory.
// Attempt to `abi.decode` if the returndatasize is greater or equal to 64.
if iszero(lt(returndatasize(), 0x40)) {
let o := mload(0x00) // Load the string's offset in the returndata.
// If the string's offset is within bounds.
if iszero(gt(o, sub(returndatasize(), 0x20))) {
returndatacopy(m, o, 0x20) // Copy the string's length.
// If the full string's end is within bounds.
// Note: If the full string doesn't fit, the `abi.decode` must be aborted
// for compliance purposes, regardless if the truncated string can fit.
if iszero(gt(mload(m), sub(returndatasize(), add(o, 0x20)))) {
let n := min(mload(m), limit) // Truncate if needed.
mstore(m, n) // Overwrite the length.
returndatacopy(s, add(o, 0x20), n) // Copy the string's bytes.
mstore(add(s, n), 0) // Zeroize the slot after the string.
mstore(0x40, add(0x20, add(s, n))) // Allocate memory for the string.
result := m
break
}
}
}
// Try interpreting as a null-terminated string.
let n := min(returndatasize(), limit) // Truncate if needed.
returndatacopy(s, 0, n) // Copy the string's bytes.
mstore8(add(s, n), 0) // Place a '\0' at the end.
let i := s // Pointer to the next byte to scan.
for {} byte(0, mload(i)) { i := add(i, 1) } {} // Scan for '\0'.
mstore(m, sub(i, s)) // Store the string's length.
mstore(i, 0) // Zeroize the slot after the string.
mstore(0x40, add(0x20, i)) // Allocate memory for the string.
result := m
break
}
}
}
/// @dev Attempts to read and return a uint at `target`.
function _uint(address target, bytes32 ptr, uint256 gasStipend)
private
view
returns (uint256 result)
{
/// @solidity memory-safe-assembly
assembly {
result :=
mul(
mload(0x20),
and( // The arguments of `and` are evaluated from right to left.
gt(returndatasize(), 0x1f), // At least 32 bytes returned.
staticcall(gasStipend, target, add(ptr, 0x20), mload(ptr), 0x20, 0x20)
)
)
}
}
/// @dev Casts the function selector `s` into a pointer.
function _ptr(uint256 s) private pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
// Layout the calldata in the scratch space for temporary usage.
mstore(0x04, s) // Store the function selector.
mstore(result, 4) // Store the length.
}
}
/// @dev Casts the `data` into a pointer.
function _ptr(bytes memory data) private pure returns (bytes32 result) {
/// @solidity memory-safe-assembly
assembly {
result := data
}
}
}
"
},
"solady/src/utils/SafeTransferLib.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
/// @notice Safe ETH and ERC20 transfer library that gracefully handles missing return values.
/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/SafeTransferLib.sol)
/// @author Modified from Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/SafeTransferLib.sol)
/// @author Permit2 operations from (https://github.com/Uniswap/permit2/blob/main/src/libraries/Permit2Lib.sol)
///
/// @dev Note:
/// - For ETH transfers, please use `forceSafeTransferETH` for DoS protection.
library SafeTransferLib {
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* CUSTOM ERRORS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev The ETH transfer has failed.
error ETHTransferFailed();
/// @dev The ERC20 `transferFrom` has failed.
error TransferFromFailed();
/// @dev The ERC20 `transfer` has failed.
error TransferFailed();
/// @dev The ERC20 `approve` has failed.
error ApproveFailed();
/// @dev The ERC20 `totalSupply` query has failed.
error TotalSupplyQueryFailed();
/// @dev The Permit2 operation has failed.
error Permit2Failed();
/// @dev The Permit2 amount must be less than `2**160 - 1`.
error Permit2AmountOverflow();
/// @dev The Permit2 approve operation has failed.
error Permit2ApproveFailed();
/// @dev The Permit2 lockdown operation has failed.
error Permit2LockdownFailed();
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* CONSTANTS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Suggested gas stipend for contract receiving ETH that disallows any storage writes.
uint256 internal constant GAS_STIPEND_NO_STORAGE_WRITES = 2300;
/// @dev Suggested gas stipend for contract receiving ETH to perform a few
/// storage reads and writes, but low enough to prevent griefing.
uint256 internal constant GAS_STIPEND_NO_GRIEF = 100000;
/// @dev The unique EIP-712 domain separator for the DAI token contract.
bytes32 internal constant DAI_DOMAIN_SEPARATOR =
0xdbb8cf42e1ecb028be3f3dbc922e1d878b963f411dc388ced501601c60f7c6f7;
/// @dev The address for the WETH9 contract on Ethereum mainnet.
address internal constant WETH9 = 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2;
/// @dev The canonical Permit2 address.
/// [Github](https://github.com/Uniswap/permit2)
/// [Etherscan](https://etherscan.io/address/0x000000000022D473030F116dDEE9F6B43aC78BA3)
address internal constant PERMIT2 = 0x000000000022D473030F116dDEE9F6B43aC78BA3;
/// @dev The canonical address of the `SELFDESTRUCT` ETH mover.
/// See: https://gist.github.com/Vectorized/1cb8ad4cf393b1378e08f23f79bd99fa
/// [Etherscan](https://etherscan.io/address/0x00000000000073c48c8055bD43D1A53799176f0D)
address internal constant ETH_MOVER = 0x00000000000073c48c8055bD43D1A53799176f0D;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* ETH OPERATIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
// If the ETH transfer MUST succeed with a reasonable gas budget, use the force variants.
//
// The regular variants:
// - Forwards all remaining gas to the target.
// - Reverts if the target reverts.
// - Reverts if the current contract has insufficient balance.
//
// The force variants:
// - Forwards with an optional gas stipend
// (defaults to `GAS_STIPEND_NO_GRIEF`, which is sufficient for most cases).
// - If the target reverts, or if the gas stipend is exhausted,
// creates a temporary contract to force send the ETH via `SELFDESTRUCT`.
// Future compatible with `SENDALL`: https://eips.ethereum.org/EIPS/eip-4758.
// - Reverts if the current contract has insufficient balance.
//
// The try variants:
// - Forwards with a mandatory gas stipend.
// - Instead of reverting, returns whether the transfer succeeded.
/// @dev Sends `amount` (in wei) ETH to `to`.
function safeTransferETH(address to, uint256 amount) internal {
/// @solidity memory-safe-assembly
assembly {
if iszero(call(gas(), to, amount, codesize(), 0x00, codesize(), 0x00)) {
mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`.
revert(0x1c, 0x04)
}
}
}
/// @dev Sends all the ETH in the current contract to `to`.
function safeTransferAllETH(address to) internal {
/// @solidity memory-safe-assembly
assembly {
// Transfer all the ETH and check if it succeeded or not.
if iszero(call(gas(), to, selfbalance(), codesize(), 0x00, codesize(), 0x00)) {
mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`.
revert(0x1c, 0x04)
}
}
}
/// @dev Force sends `amount` (in wei) ETH to `to`, with a `gasStipend`.
function forceSafeTransferETH(address to, uint256 amount, uint256 gasStipend) internal {
/// @solidity memory-safe-assembly
assembly {
if lt(selfbalance(), amount) {
mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`.
revert(0x1c, 0x04)
}
if iszero(call(gasStipend, to, amount, codesize(), 0x00, codesize(), 0x00)) {
mstore(0x00, to) // Store the address in scratch space.
mstore8(0x0b, 0x73) // Opcode `PUSH20`.
mstore8(0x20, 0xff) // Opcode `SELFDESTRUCT`.
if iszero(create(amount, 0x0b, 0x16)) { revert(codesize(), codesize()) } // For gas estimation.
}
}
}
/// @dev Force sends all the ETH in the current contract to `to`, with a `gasStipend`.
function forceSafeTransferAllETH(address to, uint256 gasStipend) internal {
/// @solidity memory-safe-assembly
assembly {
if iszero(call(gasStipend, to, selfbalance(), codesize(), 0x00, codesize(), 0x00)) {
mstore(0x00, to) // Store the address in scratch space.
mstore8(0x0b, 0x73) // Opcode `PUSH20`.
mstore8(0x20, 0xff) // Opcode `SELFDESTRUCT`.
if iszero(create(selfbalance(), 0x0b, 0x16)) { revert(codesize(), codesize()) } // For gas estimation.
}
}
}
/// @dev Force sends `amount` (in wei) ETH to `to`, with `GAS_STIPEND_NO_GRIEF`.
function forceSafeTransferETH(address to, uint256 amount) internal {
/// @solidity memory-safe-assembly
assembly {
if lt(selfbalance(), amount) {
mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`.
revert(0x1c, 0x04)
}
if iszero(call(GAS_STIPEND_NO_GRIEF, to, amount, codesize(), 0x00, codesize(), 0x00)) {
mstore(0x00, to) // Store the address in scratch space.
mstore8(0x0b, 0x73) // Opcode `PUSH20`.
mstore8(0x20, 0xff) // Opcode `SELFDESTRUCT`.
if iszero(create(amount, 0x0b, 0x16)) { revert(codesize(), codesize()) } // For gas estimation.
}
}
}
/// @dev Force sends all the ETH in the current contract to `to`, with `GAS_STIPEND_NO_GRIEF`.
function forceSafeTransferAllETH(address to) internal {
/// @solidity memory-safe-assembly
assembly {
// forgefmt: disable-next-item
if iszero(call(GAS_STIPEND_NO_GRIEF, to, selfbalance(), codesize(), 0x00, codesize(), 0x00)) {
mstore(0x00, to) // Store the address in scratch space.
mstore8(0x0b, 0x73) // Opcode `PUSH20`.
mstore8(0x20, 0xff) // Opcode `SELFDESTRUCT`.
if iszero(create(selfbalance(), 0x0b, 0x16)) { revert(codesize(), codesize()) } // For gas estimation.
}
}
}
/// @dev Sends `amount` (in wei) ETH to `to`, with a `gasStipend`.
function trySafeTransferETH(address to, uint256 amount, uint256 gasStipend)
internal
returns (bool success)
{
/// @solidity memory-safe-assembly
assembly {
success := call(gasStipend, to, amount, codesize(), 0x00, codesize(), 0x00)
}
}
/// @dev Sends all the ETH in the current contract to `to`, with a `gasStipend`.
function trySafeTransferAllETH(address to, uint256 gasStipend)
internal
returns (bool success)
{
/// @solidity memory-safe-assembly
assembly {
success := call(gasStipend, to, selfbalance(), codesize(), 0x00, codesize(), 0x00)
}
}
/// @dev Force transfers ETH to `to`, without triggering the fallback (if any).
/// This method attempts to use a separate contract to send via `SELFDESTRUCT`,
/// and upon failure, deploys a minimal vault to accrue the ETH.
function safeMoveETH(address to, uint256 amount) internal returns (address vault) {
/// @solidity memory-safe-assembly
assembly {
to := shr(96, shl(96, to)) // Clean upper 96 bits.
for { let mover := ETH_MOVER } iszero(eq(to, address())) {} {
let selfBalanceBefore := selfbalance()
if or(lt(selfBalanceBefore, amount), eq(to, mover)) {
mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`.
revert(0x1c, 0x04)
}
if extcodesize(mover) {
let balanceBefore := balance(to) // Check via delta, in case `SELFDESTRUCT` is bricked.
mstore(0x00, to)
pop(call(gas(), mover, amount, 0x00, 0x20, codesize(), 0x00))
// If `address(to).balance >= amount + balanceBefore`, skip vault workflow.
if iszero(lt(balance(to), add(amount, balanceBefore))) { break }
// Just in case `SELFDESTRUCT` is changed to not revert and do nothing.
if lt(selfBalanceBefore, selfbalance()) { invalid() }
}
let m := mload(0x40)
// If the mover is missing or bricked, deploy a minimal vault
// that withdraws all ETH to `to` when being called only by `to`.
// forgefmt: disable-next-item
mstore(add(m, 0x20), 0x33146025575b600160005260206000f35b3d3d3d3d47335af1601a5760003dfd)
mstore(m, or(to, shl(160, 0x6035600b3d3960353df3fe73)))
// Compute and store the bytecode hash.
mstore8(0x00, 0xff) // Write the prefix.
mstore(0x35, keccak256(m, 0x40))
mstore(0x01, shl(96, address())) // Deployer.
mstore(0x15, 0) // Salt.
vault := keccak256(0x00, 0x55)
pop(call(gas(), vault, amount, codesize(), 0x00, codesize(), 0x00))
// The vault returns a single word on success. Failure reverts with empty data.
if iszero(returndatasize()) {
if iszero(create2(0, m, 0x40, 0)) { revert(codesize(), codesize()) } // For gas estimation.
}
mstore(0x40, m) // Restore the free memory pointer.
break
}
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* ERC20 OPERATIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Sends `amount` of ERC20 `token` from `from` to `to`.
/// Reverts upon failure.
///
/// The `from` account must have at least `amount` approved for
/// the current contract to manage.
function safeTransferFrom(address token, address from, address to, uint256 amount) internal {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40) // Cache the free memory pointer.
mstore(0x60, amount) // Store the `amount` argument.
mstore(0x40, to) // Store the `to` argument.
mstore(0x2c, shl(96, from)) // Store the `from` argument.
mstore(0x0c, 0x23b872dd000000000000000000000000) // `transferFrom(address,address,uint256)`.
let success := call(gas(), token, 0, 0x1c, 0x64, 0x00, 0x20)
if iszero(and(eq(mload(0x00), 1), success)) {
if iszero(lt(or(iszero(extcodesize(token)), returndatasize()), success)) {
mstore(0x00, 0x7939f424) // `TransferFromFailed()`.
revert(0x1c, 0x04)
}
}
mstore(0x60, 0) // Restore the zero slot to zero.
mstore(0x40, m) // Restore the free memory pointer.
}
}
/// @dev Sends `amount` of ERC20 `token` from `from` to `to`.
///
/// The `from` account must have at least `amount` approved for the current contract to manage.
function trySafeTransferFrom(address token, address from, address to, uint256 amount)
internal
returns (bool success)
{
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40) // Cache the free memory pointer.
mstore(0x60, amount) // Store the `amount` argument.
mstore(0x40, to) // Store the `to` argument.
mstore(0x2c, shl(96, from)) // Store the `from` argument.
mstore(0x0c, 0x23b872dd000000000000000000000000) // `transferFrom(address,address,uint256)`.
success := call(gas(), token, 0, 0x1c, 0x64, 0x00, 0x20)
if iszero(and(eq(mload(0x00), 1), success)) {
success := lt(or(iszero(extcodesize(token)), returndatasize()), success)
}
mstore(0x60, 0) // Restore the zero slot to zero.
mstore(0x40, m) // Restore the free memory pointer.
}
}
/// @dev Sends all of ERC20 `token` from `from` to `to`.
/// Reverts upon failure.
///
/// The `from` account must have their entire balance approved for the current contract to manage.
function safeTransferAllFrom(address token, address from, address to)
internal
returns (uint256 amount)
{
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40) // Cache the free memory pointer.
mstore(0x40, to) // Store the `to` argument.
mstore(0x2c, shl(96, from)) // Store the `from` argument.
mstore(0x0c, 0x70a08231000000000000000000000000) // `balanceOf(address)`.
// Read the balance, reverting upon failure.
if iszero(
and( // The arguments of `and` are evaluated from right to left.
gt(returndatasize(), 0x1f), // At least 32 bytes returned.
staticcall(gas(), token, 0x1c, 0x24, 0x60, 0x20)
)
) {
mstore(0x00, 0x7939f424) // `TransferFromFailed()`.
revert(0x1c, 0x04)
}
mstore(0x00, 0x23b872dd) // `transferFrom(address,address,uint256)`.
amount := mload(0x60) // The `amount` is already at 0x60. We'll need to return it.
// Perform the transfer, reverting upon failure.
let success := call(gas(), token, 0, 0x1c, 0x64, 0x00, 0x20)
if iszero(and(eq(mload(0x00), 1), success)) {
if iszero(lt(or(iszero(extcodesize(token)), returndatasize()), success)) {
mstore(0x00, 0x7939f424) // `TransferFromFailed()`.
revert(0x1c, 0x04)
}
}
mstore(0x60, 0) // Restore the zero slot to zero.
mstore(0x40, m) // Restore the free memory pointer.
}
}
/// @dev Sends `amount` of ERC20 `token` from the current contract to `to`.
/// Reverts upon failure.
function safeTransfer(address token, address to, uint256 amount) internal {
/// @solidity memory-safe-assembly
assembly {
mstore(0x14, to) // Store the `to` argument.
mstore(0x34, amount) // Store the `amount` argument.
mstore(0x00, 0xa9059cbb000000000000000000000000) // `transfer(address,uint256)`.
// Perform the transfer, reverting upon failure.
let success := call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20)
if iszero(and(eq(mload(0x00), 1), success)) {
if iszero(lt(or(iszero(extcodesize(token)), returndatasize()), success)) {
mstore(0x00, 0x90b8ec18) // `TransferFailed()`.
revert(0x1c, 0x04)
}
}
mstore(0x34, 0) // Restore the part of the free memory pointer that was overwritten.
}
}
/// @dev Sends all of ERC20 `token` from the current contract to `to`.
/// Reverts upon failure.
function safeTransferAll(address token, address to) internal returns (uint256 amount) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, 0x70a08231) // Store the function selector of `balanceOf(address)`.
mstore(0x20, address()) // Store the address of the current contract.
// Read the balance, reverting upon failure.
if iszero(
and( // The arguments of `and` are evaluated from right to left.
gt(returndatasize(), 0x1f), // At least 32 bytes returned.
staticcall(gas(), token, 0x1c, 0x24, 0x34, 0x20)
)
) {
mstore(0x00, 0x90b8ec18) // `TransferFailed()`.
revert(0x1c, 0x04)
}
mstore(0x14, to) // Store the `to` argument.
amount := mload(0x34) // The `amount` is already at 0x34. We'll need to return it.
mstore(0x00, 0xa9059cbb000000000000000000000000) // `transfer(address,uint256)`.
// Perform the transfer, reverting upon failure.
let success := call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20)
if iszero(and(eq(mload(0x00), 1), success)) {
if iszero(lt(or(iszero(extcodesize(token)), returndatasize()), success)) {
mstore(0x00, 0x90b8ec18) // `TransferFailed()`.
revert(0x1c, 0x04)
}
}
mstore(0x34, 0) // Restore the part of the free memory pointer that was overwritten.
}
}
/// @dev Sets `amount` of ERC20 `token` for `to` to manage on behalf of the current contract.
/// Reverts upon failure.
function safeApprove(address token, address to, uint256 amount) internal {
/// @solidity memory-safe-assembly
assembly {
mstore(0x14, to) // Store the `to` argument.
mstore(0x34, amount) // Store the `amount` argument.
mstore(0x00, 0x095ea7b3000000000000000000000000) // `approve(address,uint256)`.
let success := call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20)
if iszero(and(eq(mload(0x00), 1), success)) {
if iszero(lt(or(iszero(extcodesize(token)), returndatasize()), success)) {
mstore(0x00, 0x3e3f8f73) // `ApproveFailed()`.
revert(0x1c, 0x04)
}
}
mstore(0x34, 0) // Restore the part of the free memory pointer that was overwritten.
}
}
/// @dev Sets `amount` of ERC20 `token` for `to` to manage on behalf of the current contract.
/// If the initial attempt to approve fails, attempts to reset the approved amount to zero,
/// then retries the approval again (some tokens, e.g. USDT, requires this).
/// Reverts upon failure.
function safeApproveWithRetry(address token, address to, uint256 amount) internal {
/// @solidity memory-safe-assembly
assembly {
mstore(0x14, to) // Store the `to` argument.
mstore(0x34, amount) // Store the `amount` argument.
mstore(0x00, 0x095ea7b3000000000000000000000000) // `approve(address,uint256)`.
// Perform the approval, retrying upon failure.
let success := call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20)
if iszero(and(eq(mload(0x00), 1), success)) {
if iszero(lt(or(iszero(extcodesize(token)), returndatasize()), success)) {
mstore(0x34, 0) // Store 0 for the `amount`.
mstore(0x00, 0x095ea7b3000000000000000000000000) // `approve(address,uint256)`.
pop(call(gas(), token, 0, 0x10, 0x44, codesize(), 0x00)) // Reset the approval.
mstore(0x34, amount) // Store back the original `amount`.
// Retry the approval, reverting upon failure.
success := call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20)
if iszero(and(eq(mload(0x00), 1), success)) {
// Check the `extcodesize` again just in case the token selfdestructs lol.
if iszero(lt(or(iszero(extcodesize(token)), returndatasize()), success)) {
mstore(0x00, 0x3e3f8f73) // `ApproveFailed()`.
revert(0x1c, 0x04)
}
}
}
}
mstore(0x34, 0) // Restore the part of the free memory pointer that was overwritten.
}
}
/// @dev Returns the amount of ERC20 `token` owned by `account`.
/// Returns zero if the `token` does not exist.
function balanceOf(address token, address account) internal view returns (uint256 amount) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x14, account) // Store the `account` argument.
mstore(0x00, 0x70a08231000000000000000000000000) // `balanceOf(address)`.
amount :=
mul( // The arguments of `mul` are evaluated from right to left.
mload(0x20),
and( // The arguments of `and` are evaluated from right to left.
gt(returndatasize(), 0x1f), // At least 32 bytes returned.
staticcall(gas(), token, 0x10, 0x24, 0x20, 0x20)
)
)
}
}
/// @dev Performs a `token.balanceOf(account)` check.
/// `implemented` denotes whether the `token` does not implement `balanceOf`.
/// `amount` is zero if the `token` does not implement `balanceOf`.
function checkBalanceOf(address token, address account)
internal
view
returns (bool implemented, uint256 amount)
{
/// @solidity memory-safe-assembly
assembly {
mstore(0x14, account) // Store the `account` argument.
mstore(0x00, 0x70a08231000000000000000000000000) // `balanceOf(address)`.
implemented :=
and( // The arguments of `and` are evaluated from right to left.
gt(returndatasize(), 0x1f), // At least 32 bytes returned.
staticcall(gas(), token, 0x10, 0x24, 0x20, 0x20)
)
amount := mul(mload(0x20), implemented)
}
}
/// @dev Returns the total supply of the `token`.
/// Reverts if the token does not exist or does not implement `totalSupply()`.
function totalSupply(address token) internal view returns (uint256 result) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, 0x18160ddd) // `totalSupply()`.
if iszero(
and(gt(returndatasize(), 0x1f), staticcall(gas(), token, 0x1c, 0x04, 0x00, 0x20))
) {
mstore(0x00, 0x54cd9435) // `TotalSupplyQueryFailed()`.
revert(0x1c, 0x04)
}
result := mload(0x00)
}
}
/// @dev Sends `amount` of ERC20 `token` from `from` to `to`.
/// If the initial attempt fails, try to use Permit2 to transfer the token.
/// Reverts upon failure.
///
/// The `from` account must have at least `amount` approved for the current contract to manage.
function safeTransferFrom2(address token, address from, address to, uint256 amount) internal {
if (!trySafeTransferFrom(token, from, to, amount)) {
permit2TransferFrom(token, from, to, amount);
}
}
/// @dev Sends `amount` of ERC20 `token` from `from` to `to` via Permit2.
/// Reverts upon failure.
function permit2TransferFrom(address token, address from, address to, uint256 amount)
internal
{
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(add(m, 0x74), shr(96, shl(96, token)))
mstore(add(m, 0x54), amount)
mstore(add(m, 0x34), to)
mstore(add(m, 0x20), shl(96, from))
// `transferFrom(address,address,uint160,address)`.
mstore(m, 0x36c78516000000000000000000000000)
let p := PERMIT2
let exists := eq(chainid(), 1)
if iszero(exists) { exists := iszero(iszero(extcodesize(p))) }
if iszero(
and(
call(gas(), p, 0, add(m, 0x10), 0x84, codesize(), 0x00),
lt(iszero(extcodesize(token)), exists) // Token has code and Permit2 exists.
)
) {
mstore(0x00, 0x7939f4248757f0fd) // `TransferFromFailed()` or `Permit2AmountOverflow()`.
revert(add(0x18, shl(2, iszero(iszero(shr(160, amount))))), 0x04)
}
}
}
/// @dev Permit a user to spend a given amount of
/// another user's tokens via native EIP-2612 permit if possible, falling
/// back to Permit2 if native permit fails or is not implemented on the token.
function permit2(
address token,
address owner,
address spender,
uint256 amount,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal {
bool success;
/// @solidity memory-safe-assembly
assembly {
for {} shl(96, xor(token, WETH9)) {} {
mstore(0x00, 0x3644e515) // `DOMAIN_SEPARATOR()`.
if iszero(
and( // The arguments of `and` are evaluated from right to left.
lt(iszero(mload(0x00)), eq(returndatasize(), 0x20)), // Returns 1 non-zero word.
// Gas stipend to limit gas burn for tokens that don't refund gas when
// an non-existing function is called. 5K should be enough for a SLOAD.
staticcall(5000, token, 0x1c, 0x04, 0x00, 0x20)
)
) { break }
// After here, we can be sure that token is a contract.
let m := mload(0x40)
mstore(add(m, 0x34), spender)
mstore(add(m, 0x20), shl(96, owner))
mstore(add(m, 0x74), deadline)
if eq(mload(0x00), DAI_DOMAIN_SEPARATOR) {
mstore(0x14, owner)
mstore(0x00, 0x7ecebe00000000000000000000000000) // `nonces(address)`.
mstore(
add(m, 0x94),
lt(iszero(amount), staticcall(gas(), token, 0x10, 0x24, add(m, 0x54), 0x20))
)
mstore(m, 0x8fcbaf0c000000000000000000000000) // `IDAIPermit.permit`.
// `nonces` is already at `add(m, 0x54)`.
// `amount != 0` is already stored at `add(m, 0x94)`.
mstore(add(m, 0xb4), and(0xff, v))
mstore(add(m, 0xd4), r)
mstore(add(m, 0xf4), s)
success := call(gas(), token, 0, add(m, 0x10), 0x104, codesize(), 0x00)
break
}
mstore(m, 0xd505accf000000000000000000000000) // `IERC20Permit.permit`.
mstore(add(m, 0x54), amount)
mstore(add(m, 0x94), and(0xff, v))
mstore(add(m, 0xb4), r)
mstore(add(m, 0xd4), s)
success := call(gas(), token, 0, add(m, 0x10), 0xe4, codesize(), 0x00)
break
}
}
if (!success) simplePermit2(token, owner, spender, amount, deadline, v, r, s);
}
/// @dev Simple permit on the Permit2 contract.
function simplePermit2(
address token,
address owner,
address spender,
uint256 amount,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, 0x927da105) // `allowance(address,address,address)`.
{
let addressMask := shr(96, not(0))
mstore(add(m, 0x20), and(addressMask, owner))
mstore(add(m, 0x40), and(addressMask, token))
mstore(add(m, 0x60), and(addressMask, spender))
mstore(add(m, 0xc0), and(addressMask, spender))
}
let p := mul(PERMIT2, iszero(shr(160, amount)))
if iszero(
and( // The arguments of `and` are evaluated from right to left.
gt(returndatasize(), 0x5f), // Returns 3 words: `amount`, `expiration`, `nonce`.
staticcall(gas(), p, add(m, 0x1c), 0x64, add(m, 0x60), 0x60)
)
) {
mstore(0x00, 0x6b836e6b8757f0fd) // `Permit2Failed()` or `Permit2AmountOverflow()`.
revert(add(0x18, shl(2, iszero(p))), 0x04)
}
mstore(m, 0x2b67b570) // `Permit2.permit` (PermitSingle variant).
// `owner` is already `add(m, 0x20)`.
// `token` is already at `add(m, 0x40)`.
mstore(add(m, 0x60), amount)
mstore(add(m, 0x80), 0xffffffffffff) // `expiration = type(uint48).max`.
// `nonce` is already at `add(m, 0xa0)`.
// `spender` is already at `add(m, 0xc0)`.
mstore(add(m, 0xe0), deadline)
mstore(add(m, 0x100), 0x100) // `signature` offset.
mstore(add(m, 0x120), 0x41) // `signature` length.
mstore(add(m, 0x140), r)
mstore(add(m, 0x160), s)
mstore(add(m, 0x180), shl(248, v))
if iszero( // Revert if token does not have code, or if the call fails.
mul(extcodesize(token), call(gas(), p, 0, add(m, 0x1c), 0x184, codesize(), 0x00))) {
mstore(0x00, 0x6b836e6b) // `Permit2Failed()`.
revert(0x1c, 0x04)
}
}
}
/// @dev Approves `spender` to spend `amount` of `token` for `address(this)`.
function permit2Approve(address token, address spender, uint160 amount, uint48 expiration)
internal
{
/// @solidity memory-safe-assembly
assembly {
let addressMask := shr(96, not(0))
let m := mload(0x40)
mstore(m, 0x87517c45) // `approve(address,address,uint160,uint48)`.
mstore(add(m, 0x20), and(addressMask, token))
mstore(add(m, 0x40), and(addressMask, spender))
mstore(add(m, 0x60), and(addressMask, amount))
mstore(add(m, 0x80), and(0xffffffffffff, expiration))
if iszero(call(gas(), PERMIT2, 0, add(m, 0x1c), 0xa0, codesize(), 0x00)) {
mstore(0x00, 0x324f14ae) // `Permit2ApproveFailed()`.
revert(0x1c, 0x04)
}
}
}
/// @dev Revokes an approval for `token` and `spender` for `address(this)`.
function permit2Lockdown(address token, address spender) internal {
/// @solidity memory-safe-assembly
assembly {
let m := mload(0x40)
mstore(m, 0xcc53287f) // `Permit2.lockdown`.
mstore(add(m, 0x20), 0x20) // Offset of the `approvals`.
mstore(add(m, 0x40), 1) // `approvals.length`.
mstore(add(m, 0x60), shr(96, shl(96, token)))
mstore(add(m, 0x80), shr(96, shl(96, spender)))
if iszero(call(gas(), PERMIT2, 0, add(m, 0x1c), 0xa0, codesize(), 0x00)) {
mstore(0x00, 0x96b3de23) // `Permit2LockdownFailed()`.
revert(0x1c, 0x04)
}
}
}
}
"
}
},
"settings": {
"optimizer": {
"enabled": true,
"runs": 1337
},
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
},
"remappings": []
}
}}Submitted on: 2025-10-31 13:45:51
Comments
Log in to comment.
No comments yet.