Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"@openzeppelin/contracts/access/Ownable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
"
},
"@openzeppelin/contracts/token/ERC20/extensions/IERC20Permit.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.4) (token/ERC20/extensions/IERC20Permit.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*
* ==== Security Considerations
*
* There are two important considerations concerning the use of `permit`. The first is that a valid permit signature
* expresses an allowance, and it should not be assumed to convey additional meaning. In particular, it should not be
* considered as an intention to spend the allowance in any specific way. The second is that because permits have
* built-in replay protection and can be submitted by anyone, they can be frontrun. A protocol that uses permits should
* take this into consideration and allow a `permit` call to fail. Combining these two aspects, a pattern that may be
* generally recommended is:
*
* ```solidity
* function doThingWithPermit(..., uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s) public {
* try token.permit(msg.sender, address(this), value, deadline, v, r, s) {} catch {}
* doThing(..., value);
* }
*
* function doThing(..., uint256 value) public {
* token.safeTransferFrom(msg.sender, address(this), value);
* ...
* }
* ```
*
* Observe that: 1) `msg.sender` is used as the owner, leaving no ambiguity as to the signer intent, and 2) the use of
* `try/catch` allows the permit to fail and makes the code tolerant to frontrunning. (See also
* {SafeERC20-safeTransferFrom}).
*
* Additionally, note that smart contract wallets (such as Argent or Safe) are not able to produce permit signatures, so
* contracts should have entry points that don't rely on permit.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*
* CAUTION: See Security Considerations above.
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}
"
},
"@openzeppelin/contracts/token/ERC20/IERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 amount) external returns (bool);
}
"
},
"@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.3) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
import "../extensions/IERC20Permit.sol";
import "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(IERC20 token, address spender, uint256 value) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
require(
(value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, oldAllowance + value));
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, oldAllowance - value));
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeWithSelector(token.approve.selector, spender, value);
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, 0));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Use a ERC-2612 signature to set the `owner` approval toward `spender` on `token`.
* Revert on invalid signature.
*/
function safePermit(
IERC20Permit token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal {
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
require(returndata.length == 0 || abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false
// and not revert is the subcall reverts.
(bool success, bytes memory returndata) = address(token).call(data);
return
success && (returndata.length == 0 || abi.decode(returndata, (bool))) && Address.isContract(address(token));
}
}
"
},
"@openzeppelin/contracts/utils/Address.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
"
},
"@openzeppelin/contracts/utils/Context.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.4) (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}
"
},
"contracts/AdapterStore.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.18;
import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
import { IOFT } from "./interfaces/IOFT.sol";
/**
* @title MessengerTypes
* @notice Library containing messenger type constants
* @custom:security-contact bugs@across.to
*/
library MessengerTypes {
/** @notice Identifier for OFT (Omni-chain Fungible Token by LayerZero) messenger type */
bytes32 public constant OFT_MESSENGER = bytes32("OFT_MESSENGER");
}
/**
* @dev A helper contract for chain adapters on the hub chain that support OFT messaging. Handles
* @dev token => messenger mapping storage. Adapters can't store this themselves as they're called
* @dev via `delegateCall` and their storage is not part of available context.
* @custom:security-contact bugs@across.to
*/
contract AdapterStore is Ownable {
/** @notice Maps messenger type and destination domain to token-messenger pairs */
mapping(bytes32 messengerType => mapping(uint256 dstDomainId => mapping(address srcChainToken => address messengerAddress)))
public crossChainMessengers;
/**
* @notice Emitted when a messenger is set for a specific token and destination
* @param messengerType Type of messenger being set
* @param dstDomainId Destination domain ID
* @param srcChainToken Source chain token address
* @param srcChainMessenger Source chain messenger address
*/
event MessengerSet(
bytes32 indexed messengerType,
uint256 indexed dstDomainId,
address indexed srcChainToken,
address srcChainMessenger
);
/** @notice Thrown when array lengths don't match in batch operations */
error ArrayLengthMismatch();
/** @notice Thrown when IOFT messenger's token doesn't match expected token */
error IOFTTokenMismatch();
/** @notice Thrown when messenger type is not supported */
error NonExistentMessengerType();
/**
* @notice Sets a messenger for a specific token and destination domain
* @param messengerType Type of messenger to set
* @param dstDomainId Destination domain ID
* @param srcChainToken Source chain token address
* @param srcChainMessenger Source chain messenger address
*/
function setMessenger(
bytes32 messengerType,
uint256 dstDomainId,
address srcChainToken,
address srcChainMessenger
) external onlyOwner {
_setMessenger(messengerType, dstDomainId, srcChainToken, srcChainMessenger);
}
/**
* @notice Sets multiple messengers in a single transaction
* @param messengerTypes Array of messenger types
* @param dstDomainIds Array of destination domain IDs
* @param srcChainTokens Array of source chain token addresses
* @param srcChainMessengers Array of source chain messenger addresses
*/
function batchSetMessengers(
bytes32[] calldata messengerTypes,
uint256[] calldata dstDomainIds,
address[] calldata srcChainTokens,
address[] calldata srcChainMessengers
) external onlyOwner {
if (
messengerTypes.length != dstDomainIds.length ||
messengerTypes.length != srcChainTokens.length ||
messengerTypes.length != srcChainMessengers.length
) {
revert ArrayLengthMismatch();
}
for (uint256 i = 0; i < dstDomainIds.length; i++) {
_setMessenger(messengerTypes[i], dstDomainIds[i], srcChainTokens[i], srcChainMessengers[i]);
}
}
/**
* @notice Internal function to set a messenger with validation
* @param _messengerType Type of messenger to set
* @param _dstDomainId Destination domain ID
* @param _srcChainToken Source chain token address
* @param _srcChainMessenger Source chain messenger address
*/
function _setMessenger(
bytes32 _messengerType,
uint256 _dstDomainId,
address _srcChainToken,
address _srcChainMessenger
) internal {
// @dev Always allow zero-messenger to be set: this can be used to 'remove' a stored token <> messenger relationship
if (_srcChainMessenger != address(0)) {
if (_messengerType == MessengerTypes.OFT_MESSENGER) {
// @dev Protect against human error: check that IOFT messenger's token matches the expected one
if (IOFT(_srcChainMessenger).token() != _srcChainToken) {
revert IOFTTokenMismatch();
}
} else {
revert NonExistentMessengerType();
}
}
crossChainMessengers[_messengerType][_dstDomainId][_srcChainToken] = _srcChainMessenger;
emit MessengerSet(_messengerType, _dstDomainId, _srcChainToken, _srcChainMessenger);
}
}
"
},
"contracts/chain-adapters/interfaces/AdapterInterface.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
/**
* @notice Sends cross chain messages and tokens to contracts on a specific L2 network.
* This interface is implemented by an adapter contract that is deployed on L1.
*/
interface AdapterInterface {
event MessageRelayed(address target, bytes message);
event TokensRelayed(address l1Token, address l2Token, uint256 amount, address to);
/**
* @notice Send message to `target` on L2.
* @dev This method is marked payable because relaying the message might require a fee
* to be paid by the sender to forward the message to L2. However, it will not send msg.value
* to the target contract on L2.
* @param target L2 address to send message to.
* @param message Message to send to `target`.
*/
function relayMessage(address target, bytes calldata message) external payable;
/**
* @notice Send `amount` of `l1Token` to `to` on L2. `l2Token` is the L2 address equivalent of `l1Token`.
* @dev This method is marked payable because relaying the message might require a fee
* to be paid by the sender to forward the message to L2. However, it will not send msg.value
* to the target contract on L2.
* @param l1Token L1 token to bridge.
* @param l2Token L2 token to receive.
* @param amount Amount of `l1Token` to bridge.
* @param to Bridge recipient.
*/
function relayTokens(
address l1Token,
address l2Token,
uint256 amount,
address to
) external payable;
}
"
},
"contracts/chain-adapters/Universal_Adapter.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./interfaces/AdapterInterface.sol";
import "../libraries/CircleCCTPAdapter.sol";
import { SpokePoolInterface } from "../interfaces/SpokePoolInterface.sol";
import { HubPoolStore } from "./utilities/HubPoolStore.sol";
import { IOFT } from "../interfaces/IOFT.sol";
import { OFTTransportAdapterWithStore } from "../libraries/OFTTransportAdapterWithStore.sol";
interface IOwnable {
function owner() external view returns (address);
}
/**
* @notice Stores data that can be relayed to L2 SpokePool using storage proof verification and light client contracts
* on the L2 where the SpokePool is deployed. Designed to be used as a singleton contract that can be used to relay
* messages to multiple SpokePools on different chains.
* @dev This contract should NOT be reused to send messages to SpokePools that have the same address on different L2s.
* @dev This contract can be redeployed to point to a new HubPoolStore if the data store gets corrupted and new data
* can't get written to the store for some reason. The corresponding Universal_SpokePool contract will
* also need to be redeployed to point to the new HubPoolStore.
* @custom:security-contact bugs@across.to
*/
contract Universal_Adapter is AdapterInterface, CircleCCTPAdapter, OFTTransportAdapterWithStore {
/// @notice Contract that stores calldata to be relayed to L2 via storage proofs.
HubPoolStore public immutable DATA_STORE;
error NotImplemented();
constructor(
HubPoolStore _store,
IERC20 _l1Usdc,
ITokenMessenger _cctpTokenMessenger,
uint32 _cctpDestinationDomainId,
address _adapterStore,
uint32 _oftDstEid,
uint256 _oftFeeCap
)
CircleCCTPAdapter(_l1Usdc, _cctpTokenMessenger, _cctpDestinationDomainId)
OFTTransportAdapterWithStore(_oftDstEid, _oftFeeCap, _adapterStore)
{
DATA_STORE = _store;
}
/**
* @notice Saves calldata in a simple storage contract whose state can be proven and relayed to L2.
* @param target Contract on the destination that will receive the message. Unused if the message is created
* by the HubPool admin.
* @param message Data to send to target.
*/
function relayMessage(address target, bytes calldata message) external payable override {
// Admin messages are stored differently in the data store than non-admin messages, because admin
// messages must only be sent to a single target on a specific L2 chain. Non-admin messages are sent
// to any target on any L2 chain because the only type of an non-admin message is the result of a
// HubPool.executeRootBundle() call which attempts to relay a relayRootBundle() call to all SpokePools using
// this adapter. Therefore, non-admin messages are stored optimally in the data store
// by only storing the message once and allowing any SpokePool target to read it via storage proofs.
// We assume that the HubPool is delegatecall-ing into this function, therefore address(this) is the HubPool's
// address. As a result, we can determine whether this message is an admin function based on the msg.sender.
// If an admin sends a message that could have been relayed as a non-admin message (e.g. the admin
// calls executeRootBundle()), then the message won't be stored optimally in the data store, but the
// message can still be delivered to the target.
bool isAdminSender = msg.sender == IOwnable(address(this)).owner();
DATA_STORE.storeRelayMessageCalldata(target, message, isAdminSender);
emit MessageRelayed(target, message);
}
/**
* @notice Relays tokens from L1 to L2.
* @dev This function uses CircleCCTPAdapter to relay USDC and OFTTransportAdapterWithStore to relay
* OFT tokens to L2 chains that support these methods. Relaying other tokens will cause this function
* to revert.
* @param l1Token Address of the token on L1.
* @param l2Token Address of the token on L2. Unused
* @param amount Amount of tokens to relay.
* @param to Address to receive the tokens on L2. Should be SpokePool address.
*/
function relayTokens(
address l1Token,
address l2Token,
uint256 amount,
address to
) external payable override {
address oftMessenger = _getOftMessenger(l1Token);
if (_isCCTPEnabled() && l1Token == address(usdcToken)) {
_transferUsdc(to, amount);
} else if (oftMessenger != address(0)) {
_transferViaOFT(IERC20(l1Token), IOFT(oftMessenger), to, amount);
} else {
revert NotImplemented();
}
}
}
"
},
"contracts/chain-adapters/utilities/HubPoolStore.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import { HubPoolInterface } from "../../interfaces/HubPoolInterface.sol";
interface IHubPool {
function rootBundleProposal() external view returns (HubPoolInterface.RootBundle memory);
}
/**
* @notice Stores data that can be relayed to L2 SpokePool using storage proof verification and light client contracts
* on the L2 where the SpokePool is deployed. Only the HubPool can store data to this contract. Each data to be
* relayed is written to a unique slot key and that slot key's value can never be modified.
* @dev Designed to be used with Universal_Adapter and Universal_SpokePool.
* @dev This contract DOES NOT prevent replay attacks of storage proofs on the L2 spoke pool if the
* UniversalStorageProof_Adapters using this contract are mapped to spokepools with the same address on different
* L2 chains. See comment in storeRelayAdminFunctionCalldata() for more details.
* @custom:security-contact bugs@across.to
*/
contract HubPoolStore {
error NotHubPool();
/// @notice Maps nonce to hash of calldata.
mapping(uint256 => bytes32) public relayMessageCallData;
/// @notice Counter to ensure that each relay admin function calldata is unique.
uint256 private dataUuid;
/// @notice Address of the HubPool contract, the only contract that can store data to this contract.
address public immutable hubPool;
/// @notice Event designed to be queried off chain and relayed to Universal SpokePool.
event StoredCallData(address indexed target, bytes data, uint256 indexed nonce);
modifier onlyHubPool() {
if (msg.sender != hubPool) {
revert NotHubPool();
}
_;
}
constructor(address _hubPool) {
hubPool = _hubPool;
}
/**
* @notice To be called by HubPool to store calldata that will be relayed
* to the Universal_SpokePool via storage proofs.
* @dev Only callable by the HubPool contract.
* @param target Address of the contract on the destination that will receive the message. Unused if the
* data is NOT an admin function and can be relayed to any target.
* @param data Data to send to Universal SpokePool.
* @param isAdminSender True if the data is an admin function call, false otherwise.
*/
function storeRelayMessageCalldata(
address target,
bytes calldata data,
bool isAdminSender
) external onlyHubPool {
if (isAdminSender) {
_storeData(target, dataUuid++, data);
} else {
_storeRelayMessageCalldataForAnyTarget(data);
}
}
function _storeRelayMessageCalldataForAnyTarget(bytes calldata data) internal {
// When the data can be sent to any target, we assume that the data contains a relayRootBundleCall as
// constructed by an executeRootBundle() call, therefore this data will be identical for all spoke pools
// in this bundle. We can use the current hub pool's challengePeriodEndTimestamp as the nonce for this data
// so that all relayRootBundle calldata for this bundle gets stored to the same slot and we only write to
// this slot once.
_storeData(address(0), IHubPool(hubPool).rootBundleProposal().challengePeriodEndTimestamp, data);
}
function _storeData(
address target,
uint256 nonce,
bytes calldata data
) internal {
if (relayMessageCallData[nonce] != bytes32(0)) {
// Data is already stored, do nothing.
return;
}
relayMessageCallData[nonce] = keccak256(abi.encode(target, data));
emit StoredCallData(target, data, nonce);
}
}
"
},
"contracts/external/interfaces/CCTPInterfaces.sol": {
"content": "/**
* Copyright (C) 2015, 2016, 2017 Dapphub
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity ^0.8.0;
/**
* Imported as-is from commit 139d8d0ce3b5531d3c7ec284f89d946dfb720016 of:
* * https://github.com/walkerq/evm-cctp-contracts/blob/139d8d0ce3b5531d3c7ec284f89d946dfb720016/src/TokenMessenger.sol
* Changes applied post-import:
* * Removed a majority of code from this contract and converted the needed function signatures in this interface.
*/
interface ITokenMessenger {
/**
* @notice Deposits and burns tokens from sender to be minted on destination domain.
* Emits a `DepositForBurn` event.
* @dev reverts if:
* - given burnToken is not supported
* - given destinationDomain has no TokenMessenger registered
* - transferFrom() reverts. For example, if sender's burnToken balance or approved allowance
* to this contract is less than `amount`.
* - burn() reverts. For example, if `amount` is 0.
* - MessageTransmitter returns false or reverts.
* @param amount amount of tokens to burn
* @param destinationDomain destination domain
* @param mintRecipient address of mint recipient on destination domain
* @param burnToken address of contract to burn deposited tokens, on local domain
* @return _nonce unique nonce reserved by message
*/
function depositForBurn(
uint256 amount,
uint32 destinationDomain,
bytes32 mintRecipient,
address burnToken
) external returns (uint64 _nonce);
/**
* @notice Minter responsible for minting and burning tokens on the local domain
* @dev A TokenMessenger stores a TokenMinter contract which extends the TokenController contract.
* https://github.com/circlefin/evm-cctp-contracts/blob/817397db0a12963accc08ff86065491577bbc0e5/src/TokenMessenger.sol#L110
* @return minter Token Minter contract.
*/
function localMinter() external view returns (ITokenMinter minter);
}
// Source: https://github.com/circlefin/evm-cctp-contracts/blob/63ab1f0ac06ce0793c0bbfbb8d09816bc211386d/src/v2/TokenMessengerV2.sol#L138C1-L166C15
interface ITokenMessengerV2 {
/**
* @notice Deposits and burns tokens from sender to be minted on destination domain.
* Emits a `DepositForBurn` event.
* @dev reverts if:
* - given burnToken is not supported
* - given destinationDomain has no TokenMessenger registered
* - transferFrom() reverts. For example, if sender's burnToken balance or approved allowance
* to this contract is less than `amount`.
* - burn() reverts. For example, if `amount` is 0.
* - maxFee is greater than or equal to `amount`.
* - MessageTransmitterV2#sendMessage reverts.
* @param amount amount of tokens to burn
* @param destinationDomain destination domain to receive message on
* @param mintRecipient address of mint recipient on destination domain
* @param burnToken token to burn `amount` of, on local domain
* @param destinationCaller authorized caller on the destination domain, as bytes32. If equal to bytes32(0),
* any address can broadcast the message.
* @param maxFee maximum fee to pay on the destination domain, specified in units of burnToken
* @param minFinalityThreshold the minimum finality at which a burn message will be attested to.
*/
function depositForBurn(
uint256 amount,
uint32 destinationDomain,
bytes32 mintRecipient,
address burnToken,
bytes32 destinationCaller,
uint256 maxFee,
uint32 minFinalityThreshold
) external;
}
/**
* A TokenMessenger stores a TokenMinter contract which extends the TokenController contract. The TokenController
* contract has a burnLimitsPerMessage public mapping which can be queried to find the per-message burn limit
* for a given token:
* https://github.com/circlefin/evm-cctp-contracts/blob/817397db0a12963accc08ff86065491577bbc0e5/src/TokenMinter.sol#L33
* https://github.com/circlefin/evm-cctp-contracts/blob/817397db0a12963accc08ff86065491577bbc0e5/src/roles/TokenController.sol#L69C40-L69C60
*
*/
interface ITokenMinter {
/**
* @notice Supported burnable tokens on the local domain
* local token (address) => maximum burn amounts per message
* @param token address of token contract
* @return burnLimit maximum burn amount per message for token
*/
function burnLimitsPerMessage(address token) external view returns (uint256);
}
/**
* IMessageTransmitter in CCTP inherits IRelayer and IReceiver, but here we only import sendMessage from IRelayer:
* https://github.com/circlefin/evm-cctp-contracts/blob/377c9bd813fb86a42d900ae4003599d82aef635a/src/interfaces/IMessageTransmitter.sol#L25
* https://github.com/circlefin/evm-cctp-contracts/blob/377c9bd813fb86a42d900ae4003599d82aef635a/src/interfaces/IRelayer.sol#L23-L35
*/
interface IMessageTransmitter {
/**
* @notice Sends an outgoing message from the source domain.
* @dev Increment nonce, format the message, and emit `MessageSent` event with message information.
* @param destinationDomain Domain of destination chain
* @param recipient Address of message recipient on destination domain as bytes32
* @param messageBody Raw bytes content of message
* @return nonce reserved by message
*/
function sendMessage(
uint32 destinationDomain,
bytes32 recipient,
bytes calldata messageBody
) external returns (uint64);
}
"
},
"contracts/interfaces/HubPoolInterface.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
/**
* @notice Concise list of functions in HubPool implementation.
*/
interface HubPoolInterface {
// This leaf is meant to be decoded in the HubPool to rebalance tokens between HubPool and SpokePool.
struct PoolRebalanceLeaf {
// This is used to know which chain to send cross-chain transactions to (and which SpokePool to send to).
uint256 chainId;
// Total LP fee amount per token in this bundle, encompassing all associated bundled relays.
uint256[] bundleLpFees;
// Represents the amount to push to or pull from the SpokePool. If +, the pool pays the SpokePool. If negative
// the SpokePool pays the HubPool. There can be arbitrarily complex rebalancing rules defined offchain. This
// number is only nonzero when the rules indicate that a rebalancing action should occur. When a rebalance does
// occur, runningBalances must be set to zero for this token and netSendAmounts should be set to the previous
// runningBalances + relays - deposits in this bundle. If non-zero then it must be set on the SpokePool's
// RelayerRefundLeaf amountToReturn as -1 * this value to show if funds are being sent from or to the SpokePool.
int256[] netSendAmounts;
// This is only here to be emitted in an event to track a running unpaid balance between the L2 pool and the L1
// pool. A positive number indicates that the HubPool owes the SpokePool funds. A negative number indicates that
// the SpokePool owes the HubPool funds. See the comment above for the dynamics of this and netSendAmounts.
int256[] runningBalances;
// Used by data worker to mark which leaves should relay roots to SpokePools, and to otherwise organize leaves.
// For example, each leaf should contain all the rebalance information for a single chain, but in the case where
// the list of l1Tokens is very large such that they all can't fit into a single leaf that can be executed under
// the block gas limit, then the data worker can use this groupIndex to organize them. Any leaves with
// a groupIndex equal to 0 will relay roots to the SpokePool, so the data worker should ensure that only one
// leaf for a specific chainId should have a groupIndex equal to 0.
uint256 groupIndex;
// Used as the index in the bitmap to track whether this leaf has been executed or not.
uint8 leafId;
// The bundleLpFees, netSendAmounts, and runningBalances are required to be the same length. They are parallel
// arrays for the given chainId and should be ordered by the l1Tokens field. All whitelisted tokens with nonzero
// relays on this chain in this bundle in the order of whitelisting.
address[] l1Tokens;
}
// A data worker can optimistically store several merkle roots on this contract by staking a bond and calling
// proposeRootBundle. By staking a bond, the data worker is alleging that the merkle roots all contain valid leaves
// that can be executed later to:
// - Send funds from this contract to a SpokePool or vice versa
// - Send funds from a SpokePool to Relayer as a refund for a relayed deposit
// - Send funds from a SpokePool to a deposit recipient to fulfill a "slow" relay
// Anyone can dispute this struct if the merkle roots contain invalid leaves before the
// challengePeriodEndTimestamp. Once the expiration timestamp is passed, executeRootBundle to execute a leaf
// from the poolRebalanceRoot on this contract and it will simultaneously publish the relayerRefundRoot and
// slowRelayRoot to a SpokePool. The latter two roots, once published to the SpokePool, contain
// leaves that can be executed on the SpokePool to pay relayers or recipients.
struct RootBundle {
// Contains leaves instructing this contract to send funds to SpokePools.
bytes32 poolRebalanceRoot;
// Relayer refund merkle root to be published to a SpokePool.
bytes32 relayerRefundRoot;
// Slow relay merkle root to be published to a SpokePool.
bytes32 slowRelayRoot;
// This is a 1D bitmap, with max size of 256 elements, limiting us to 256 chainsIds.
uint256 claimedBitMap;
// Proposer of this root bundle.
address proposer;
// Number of pool rebalance leaves to execute in the poolRebalanceRoot. After this number
// of leaves are executed, a new root bundle can be proposed
uint8 unclaimedPoolRebalanceLeafCount;
// When root bundle challenge period passes and this root bundle becomes executable.
uint32 challengePeriodEndTimestamp;
}
// Each whitelisted L1 token has an associated pooledToken struct that contains all information used to track the
// cumulative LP positions and if this token is enabled for deposits.
struct PooledToken {
// LP token given to LPs of a specific L1 token.
address lpToken;
// True if accepting new LP's.
bool isEnabled;
// Timestamp of last LP fee update.
uint32 lastLpFeeUpdate;
// Number of LP funds sent via pool rebalances to SpokePools and are expected to be sent
// back later.
int256 utilizedReserves;
// Number of LP funds held in contract less utilized reserves.
uint256 liquidReserves;
// Number of LP funds reserved to pay out to LPs as fees.
uint256 undistributedLpFees;
}
// Helper contracts to facilitate cross chain actions between HubPool and SpokePool for a specific network.
struct CrossChainContract {
address adapter;
address spokePool;
}
function setPaused(bool pause) external;
function emergencyDeleteProposal() external;
function relaySpokePoolAdminFunction(uint256 chainId, bytes memory functionData) external;
function setProtocolFeeCapture(address newProtocolFeeCaptureAddress, uint256 newProtocolFeeCapturePct) external;
function setBond(IERC20 newBondToken, uint256 newBondAmount) external;
function setLiveness(uint32 newLiveness) external;
function setIdentifier(bytes32 newIdentifier) external;
function setCrossChainContracts(
uint256 l2ChainId,
address adapter,
address spokePool
) external;
function enableL1TokenForLiquidityProvision(address l1Token) external;
function disableL1TokenForLiquidityProvision(address l1Token) external;
function addLiquidity(address l1Token, uint256 l1TokenAmount) external payable;
function removeLiquidity(
address l1Token,
uint256 lpTokenAmount,
bool sendEth
) external;
function exchangeRateCurrent(address l1Token) external returns (uint256);
function liquidityUtilizationCurrent(address l1Token) external returns (uint256);
function liquidityUtilizationPostRelay(address l1Token, uint256 relayedAmount) external returns (uint256);
function sync(address l1Token) external;
function proposeRootBundle(
uint256[] memory bundleEvaluationBlockNumbers,
uint8 poolRebalanceLeafCount,
bytes32 poolRebalanceRoot,
bytes32 relayerRefundRoot,
bytes32 slowRelayRoot
) external;
function executeRootBundle(
uint256 chainId,
uint256 groupIndex,
uint256[] memory bundleLpFees,
int256[] memory netSendAmounts,
int256[] memory runningBalances,
uint8 leafId,
address[] memory l1Tokens,
bytes32[] memory proof
) external;
function disputeRootBundle() external;
function claimProtocolFeesCaptured(address l1Token) external;
function setPoolRebalanceRoute(
uint256 destinationChainId,
address l1Token,
address destinationToken
) external;
function setDepositRoute(
uint256 originChainId,
uint256 destinationChainId,
address originToken,
bool depositsEnabled
) external;
function poolRebalanceRoute(uint256 destinationChainId, address l1Token)
external
view
returns (address destinationToken);
function loadEthForL2Calls() external payable;
}
"
},
"contracts/interfaces/IOFT.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
/**
* @notice This file contains minimal copies of relevant structs / interfaces for OFT bridging. Source code link:
* https://github.com/LayerZero-Labs/LayerZero-v2/blob/9a4049ae3a374e1c0ef01ac9fb53dd83f4257a68/packages/layerzero-v2/evm/oapp/contracts/oft/interfaces/IOFT.sol
* It's also published as a part of an npm package: @layerzerolabs/oft-evm. The published code is incompatible with
* our compiler version requirements, so we copy it here instead
*/
struct MessagingReceipt {
bytes32 guid;
uint64 nonce;
MessagingFee fee;
}
struct MessagingFee {
uint256 nativeFee;
uint256 lzTokenFee;
}
/**
* @dev Struct representing token parameters for the OFT send() operation.
*/
struct SendParam {
uint32 dstEid; // Destination endpoint ID.
bytes32 to; // Recipient address.
uint256 amountLD; // Amount to send in local decimals.
uint256 minAmountLD; // Minimum amount to send in local decimals.
bytes extraOptions; // Additional options supplied by the caller to be used in the LayerZero message.
bytes composeMsg; // The composed message for the send() operation.
bytes oftCmd; // The OFT command to be executed, unused in default OFT implementations.
}
/**
* @dev Struct representing OFT receipt information.
*/
struct OFTReceipt {
uint256 amountSentLD; // Amount of tokens ACTUALLY debited from the sender in local decimals.
// @dev In non-default implementations, the amountReceivedLD COULD differ from this value.
uint256 amountReceivedLD; // Amount of tokens to be received on the remote side.
}
/**
* @title IOFT
* @dev Interface for the OftChain (OFT) token.
* @dev Does not inherit ERC20 to accommodate usage by OFTAdapter as well.
* @dev This specific interface ID is '0x02e49c2c'.
*/
interface IOFT {
/**
* @notice Retrieves the address of the token associated with the OFT.
* @return token The address of the ERC20 token implementation.
*/
function token() external view returns (address);
/**
* @notice Provides a quote for the send() operation.
* @param _sendParam The parameters for the send() operation.
* @param _payInLzToken Flag indicating whether the caller is paying in the LZ token.
* @return fee The calculated LayerZero messaging fee from the send() operation.
*
* @dev MessagingFee: LayerZero msg fee
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
*/
function quoteSend(SendParam calldata _sendParam, bool _payInLzToken) external view returns (MessagingFee memory);
/**
* @notice Executes the send() operation.
* @param _sendParam The parameters for the send operation.
* @param _fee The fee information supplied by the caller.
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
* @param _refundAddress The address to receive any excess funds from fees etc. on the src.
* @return receipt The LayerZero messaging receipt from the send() operation.
* @return oftReceipt The OFT receipt information.
*
* @dev MessagingReceipt: LayerZero msg receipt
* - guid: The unique identifier for the sent message.
* - nonce: The nonce of the sent message.
* - fee: The LayerZero fee incurred for the message.
*/
function send(
SendParam calldata _sendParam,
MessagingFee calldata _fee,
address _refundAddress
) external payable returns (MessagingReceipt memory, OFTReceipt memory);
}
"
},
"contracts/interfaces/SpokePoolInterface.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/**
* @notice Contains common data structures and functions used by all SpokePool implementations.
*/
interface SpokePoolInterface {
// This leaf is meant to be decoded in the SpokePool to pay out successful relayers.
struct RelayerRefundLeaf {
// This is the amount to return to the HubPool. This occurs when there is a PoolRebalanceLeaf netSendAmount that
// is negative. This is just the negative of this value.
uint256 amountToReturn;
// Used to verify that this is being executed on the correct destination chainId.
uint256 chainId;
// This array designates how much each of those addresses should be refunded.
uint256[] refundAmounts;
// Used as the index in the bitmap to track whether this leaf has been executed or not.
uint32 leafId;
// The associated L2TokenAddress that these claims apply to.
address l2TokenAddress;
// Must be same length as refundAmounts and designates each address that must be refunded.
address[] refundAddresses;
}
// Stores collection of merkle roots that can be published to this contract from the HubPool, which are referenced
// by "data workers" via inclusion proofs to execute leaves in the roots.
struct RootBundle {
// Merkle root of slow relays that were not fully filled and whose recipient is still owed funds from the LP pool.
bytes32 slowRelayRoot;
// Merkle root of relayer refunds for successful relays.
bytes32 relayerRefundRoot;
// This is a 2D bitmap tracking which leaves in the relayer refund root have been claimed, with max size of
// 256x(2^248) leaves per root.
mapping(uint256 => uint256) claimedBitmap;
}
function setCrossDomainAdmin(address newCrossDomainAdmin) external;
function setWithdrawalRecipient(address newWithdrawalRecipient) external;
function pauseDeposits(bool pause) external;
function pauseFills(bool pause) external;
function relayRootBundle(bytes32 relayerRefundRoot, bytes32 slowRelayRoot) external;
function emergencyDeleteRootBundle(uint256 rootBundleId) external;
function depositDeprecated_5947912356(
address recipient,
address originToken,
uint256 amount,
uint256 destinationChainId,
int64 relayerFeePct,
uint32 quoteTimestamp,
bytes memory message,
uint256 maxCount
) external payable;
function depositFor(
address depositor,
address recipient,
address originToken,
uint256 amount,
uint256 destinationChainId,
int64 relayerFeePct,
uint32 quoteTimestamp,
bytes memory message,
uint256 maxCount
) external payable;
function executeRelayerRefundLeaf(
uint32 rootBundleId,
SpokePoolInterface.RelayerRefundLeaf memory relayerRefundLeaf,
bytes32[] memory proof
) external payable;
function chainId() external view returns (uint256);
error NotEOA();
error InvalidDepositorSignature();
error InvalidRelayerFeePct();
error MaxTransferSizeExceeded();
error InvalidCrossDomainAdmin();
error InvalidWithdrawalRecipient();
error DepositsArePaused();
error FillsArePaused();
}
"
},
"contracts/libraries/AddressConverters.sol": {
"conteSubmitted on: 2025-09-22 17:09:21
Comments
Log in to comment.
No comments yet.