Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"@openzeppelin/contracts/access/Ownable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)
pragma solidity ^0.8.20;
import {Context} from "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* The initial owner is set to the address provided by the deployer. This can
* later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
/**
* @dev The caller account is not authorized to perform an operation.
*/
error OwnableUnauthorizedAccount(address account);
/**
* @dev The owner is not a valid owner account. (eg. `address(0)`)
*/
error OwnableInvalidOwner(address owner);
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the address provided by the deployer as the initial owner.
*/
constructor(address initialOwner) {
if (initialOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(initialOwner);
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
if (owner() != _msgSender()) {
revert OwnableUnauthorizedAccount(_msgSender());
}
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
if (newOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
"
},
"@openzeppelin/contracts/utils/Context.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}
"
},
"@openzeppelin/contracts/utils/Pausable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (utils/Pausable.sol)
pragma solidity ^0.8.20;
import {Context} from "../utils/Context.sol";
/**
* @dev Contract module which allows children to implement an emergency stop
* mechanism that can be triggered by an authorized account.
*
* This module is used through inheritance. It will make available the
* modifiers `whenNotPaused` and `whenPaused`, which can be applied to
* the functions of your contract. Note that they will not be pausable by
* simply including this module, only once the modifiers are put in place.
*/
abstract contract Pausable is Context {
bool private _paused;
/**
* @dev Emitted when the pause is triggered by `account`.
*/
event Paused(address account);
/**
* @dev Emitted when the pause is lifted by `account`.
*/
event Unpaused(address account);
/**
* @dev The operation failed because the contract is paused.
*/
error EnforcedPause();
/**
* @dev The operation failed because the contract is not paused.
*/
error ExpectedPause();
/**
* @dev Modifier to make a function callable only when the contract is not paused.
*
* Requirements:
*
* - The contract must not be paused.
*/
modifier whenNotPaused() {
_requireNotPaused();
_;
}
/**
* @dev Modifier to make a function callable only when the contract is paused.
*
* Requirements:
*
* - The contract must be paused.
*/
modifier whenPaused() {
_requirePaused();
_;
}
/**
* @dev Returns true if the contract is paused, and false otherwise.
*/
function paused() public view virtual returns (bool) {
return _paused;
}
/**
* @dev Throws if the contract is paused.
*/
function _requireNotPaused() internal view virtual {
if (paused()) {
revert EnforcedPause();
}
}
/**
* @dev Throws if the contract is not paused.
*/
function _requirePaused() internal view virtual {
if (!paused()) {
revert ExpectedPause();
}
}
/**
* @dev Triggers stopped state.
*
* Requirements:
*
* - The contract must not be paused.
*/
function _pause() internal virtual whenNotPaused {
_paused = true;
emit Paused(_msgSender());
}
/**
* @dev Returns to normal state.
*
* Requirements:
*
* - The contract must be paused.
*/
function _unpause() internal virtual whenPaused {
_paused = false;
emit Unpaused(_msgSender());
}
}
"
},
"@openzeppelin/contracts/utils/ReentrancyGuard.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/ReentrancyGuard.sol)
pragma solidity ^0.8.20;
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If EIP-1153 (transient storage) is available on the chain you're deploying at,
* consider using {ReentrancyGuardTransient} instead.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant NOT_ENTERED = 1;
uint256 private constant ENTERED = 2;
uint256 private _status;
/**
* @dev Unauthorized reentrant call.
*/
error ReentrancyGuardReentrantCall();
constructor() {
_status = NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be NOT_ENTERED
if (_status == ENTERED) {
revert ReentrancyGuardReentrantCall();
}
// Any calls to nonReentrant after this point will fail
_status = ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = NOT_ENTERED;
}
/**
* @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
* `nonReentrant` function in the call stack.
*/
function _reentrancyGuardEntered() internal view returns (bool) {
return _status == ENTERED;
}
}
"
},
"contracts/core/Treasury.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.20;
import "@openzeppelin/contracts/access/Ownable.sol";
import "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
import "@openzeppelin/contracts/utils/Pausable.sol";
import "../interfaces/ITreasury.sol";
/**
* @title Treasury
* @dev Manages company ETH revenue deposits and token purchase authorizations
* @notice This contract holds company ETH revenues and authorizes market making operations
*
* @dev OWNERSHIP AND ROLES:
* - Owner: Set via constructor parameter during deployment (via OpenZeppelin Ownable)
* - Should be a hardware wallet or multisig for production
* - Can authorize/revoke market makers
* - Can pause/unpause the contract
* - Can update the maximum purchase percentage
* - Has emergency control functions
*
* - Authorized Market Makers: Addresses authorized by the owner to withdraw ETH for BWS purchases
* - Can call authorizePurchase() to withdraw ETH for market making
* - Limited by maxPurchasePercentage of total deposits
*
* - Revenue Depositors: Any address can deposit ETH revenue
* - Typically company wallets or automated systems
* - Deposits are tracked per depositor address
*
* @dev DEPLOYMENT NOTE:
* The owner address is set during deployment via constructor parameter, following the
* same pattern as BWSMarketMakerTreasury. No post-deployment ownership transfer needed.
*/
contract Treasury is ITreasury, Ownable, ReentrancyGuard, Pausable {
// State variables
mapping(address => bool) public authorizedMarketMakers;
mapping(address => uint256) public revenueDeposits;
uint256 public totalRevenueDeposited;
uint256 public totalAuthorizedForPurchase;
uint256 public maxPurchasePercentage = 50; // Max 50% of revenue can be used
// Emergency withdrawal state with timelock
uint256 public constant EMERGENCY_WITHDRAWAL_DELAY = 7 days;
uint256 public withdrawalRequestTime;
address public withdrawalRecipient;
uint256 public withdrawalAmount;
// Events
event RevenueDeposited(address indexed depositor, uint256 amount);
event PurchaseAuthorized(address indexed marketMaker, uint256 amount);
event MarketMakerAuthorized(address indexed marketMaker);
event MarketMakerRevoked(address indexed marketMaker);
event EmergencyWithdrawalRequested(uint256 amount, address recipient, uint256 executeTime);
event EmergencyWithdrawalExecuted(uint256 amount, address recipient);
event EmergencyWithdrawalCancelled();
// Modifiers
modifier onlyAuthorizedMarketMaker() {
require(authorizedMarketMakers[msg.sender], "Not authorized market maker");
_;
}
/**
* @dev Constructor
* @param _owner Address that will be the owner of the treasury
* @notice Initializes the Treasury with the specified owner address
* @dev The owner should be a hardware wallet or multisig for production security
* This follows the same pattern as BWSMarketMakerTreasury for consistency
*/
constructor(address _owner) Ownable(_owner) {
require(_owner != address(0), "Owner cannot be zero address");
// Owner is set directly in constructor via OpenZeppelin Ownable
// No need for post-deployment ownership transfer
}
/**
* @dev Deposit company revenue
* @notice Any address can deposit ETH revenue into the treasury
* @dev No ownership required - typically called by company wallets or Coinbase withdrawal
*/
function depositRevenue() external payable whenNotPaused {
require(msg.value > 0, "Must deposit positive amount");
revenueDeposits[msg.sender] += msg.value;
totalRevenueDeposited += msg.value;
emit RevenueDeposited(msg.sender, msg.value);
}
/**
* @dev Authorize funds for market making
* @param amount Amount to authorize for token purchases
*/
function authorizePurchase(uint256 amount)
external
onlyAuthorizedMarketMaker
whenNotPaused
nonReentrant
{
uint256 maxAuthorizable = (totalRevenueDeposited * maxPurchasePercentage) / 100;
require(
totalAuthorizedForPurchase + amount <= maxAuthorizable,
"Exceeds maximum authorizable amount"
);
require(address(this).balance >= amount, "Insufficient treasury balance");
totalAuthorizedForPurchase += amount;
// Transfer to market maker
(bool success, ) = msg.sender.call{value: amount}("");
require(success, "Transfer failed");
emit PurchaseAuthorized(msg.sender, amount);
}
/**
* @dev Authorize a market maker address
* @param marketMaker Address to authorize
* @notice Only the contract owner can authorize market makers
* @dev Owner should be a hardware wallet or multisig for security
*/
function authorizeMarketMaker(address marketMaker) external onlyOwner {
require(marketMaker != address(0), "Invalid address");
require(!authorizedMarketMakers[marketMaker], "Already authorized");
authorizedMarketMakers[marketMaker] = true;
emit MarketMakerAuthorized(marketMaker);
}
/**
* @dev Revoke market maker authorization
* @param marketMaker Address to revoke
*/
function revokeMarketMaker(address marketMaker) external onlyOwner {
require(authorizedMarketMakers[marketMaker], "Not authorized");
authorizedMarketMakers[marketMaker] = false;
emit MarketMakerRevoked(marketMaker);
}
/**
* @dev Update maximum purchase percentage
* @param newPercentage New percentage (0-100)
*/
function updateMaxPurchasePercentage(uint256 newPercentage) external onlyOwner {
require(newPercentage <= 100, "Invalid percentage");
maxPurchasePercentage = newPercentage;
}
/**
* @dev Pause contract operations
*/
function pause() external onlyOwner {
_pause();
}
/**
* @dev Unpause contract operations
*/
function unpause() external onlyOwner {
_unpause();
}
/**
* @dev Get treasury statistics
*/
function getTreasuryStats() external view returns (
uint256 balance,
uint256 totalDeposited,
uint256 totalAuthorized,
uint256 availableForAuthorization
) {
balance = address(this).balance;
totalDeposited = totalRevenueDeposited;
totalAuthorized = totalAuthorizedForPurchase;
uint256 maxAuthorizable = (totalRevenueDeposited * maxPurchasePercentage) / 100;
availableForAuthorization = maxAuthorizable > totalAuthorized ?
maxAuthorizable - totalAuthorized : 0;
}
/**
* @dev Request emergency withdrawal with timelock
* @param amount Amount of ETH to withdraw
* @param recipient Address to receive the ETH
* @notice Requires 7-day delay before execution for security
*/
function requestEmergencyWithdrawal(uint256 amount, address recipient) external onlyOwner {
require(amount > 0, "Amount must be greater than 0");
require(amount <= address(this).balance, "Insufficient balance");
require(recipient != address(0), "Invalid recipient");
withdrawalRequestTime = block.timestamp;
withdrawalRecipient = recipient;
withdrawalAmount = amount;
emit EmergencyWithdrawalRequested(amount, recipient, block.timestamp + EMERGENCY_WITHDRAWAL_DELAY);
}
/**
* @dev Execute emergency withdrawal after delay
* @notice Can only be called 7 days after request
*/
function executeEmergencyWithdrawal() external onlyOwner {
require(withdrawalRequestTime > 0, "No withdrawal requested");
require(block.timestamp >= withdrawalRequestTime + EMERGENCY_WITHDRAWAL_DELAY, "Delay not met");
require(withdrawalAmount <= address(this).balance, "Insufficient balance");
uint256 amount = withdrawalAmount;
address recipient = withdrawalRecipient;
// Reset state before transfer
withdrawalRequestTime = 0;
withdrawalAmount = 0;
withdrawalRecipient = address(0);
// Transfer ETH
(bool success,) = recipient.call{value: amount}("");
require(success, "Transfer failed");
emit EmergencyWithdrawalExecuted(amount, recipient);
}
/**
* @dev Cancel pending emergency withdrawal
* @notice Allows owner to cancel a pending withdrawal request
*/
function cancelEmergencyWithdrawal() external onlyOwner {
require(withdrawalRequestTime > 0, "No withdrawal requested");
withdrawalRequestTime = 0;
withdrawalAmount = 0;
withdrawalRecipient = address(0);
emit EmergencyWithdrawalCancelled();
}
}"
},
"contracts/interfaces/ITreasury.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.20;
/**
* @title ITreasury
* @dev Interface for the Treasury contract
*/
interface ITreasury {
function depositRevenue() external payable;
function authorizePurchase(uint256 amount) external;
function authorizeMarketMaker(address marketMaker) external;
function revokeMarketMaker(address marketMaker) external;
function updateMaxPurchasePercentage(uint256 newPercentage) external;
function getTreasuryStats() external view returns (
uint256 balance,
uint256 totalDeposited,
uint256 totalAuthorized,
uint256 availableForAuthorization
);
}"
}
},
"settings": {
"optimizer": {
"enabled": true,
"runs": 200
},
"evmVersion": "paris",
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
}
}
}}Submitted on: 2025-09-22 13:46:30
Comments
Log in to comment.
No comments yet.