Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"src/utils/SiloVaultWrapper.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity ^0.8.24;
import { Roles } from "src/libs/Roles.sol";
import { Errors } from "src/utils/Errors.sol";
import { ISystemRegistry } from "src/interfaces/ISystemRegistry.sol";
import { ISiloVault } from "src/interfaces/external/silo/ISiloVault.sol";
import { IERC20, ERC20 } from "openzeppelin-contracts/token/ERC20/ERC20.sol";
import { SafeERC20 } from "openzeppelin-contracts/token/ERC20/utils/SafeERC20.sol";
import { IERC4626, IERC20Metadata } from "openzeppelin-contracts/interfaces/IERC4626.sol";
import { ISiloIncentivesControllerCL } from "src/interfaces/silo/ISiloIncentivesControllerCL.sol";
import { TokenRecoverable } from "src/utils/TokenRecoverable.sol";
/// @title Wrapper 4626 vault for a SiloVault with relevant functions implemented
/// @dev Ensures that 1 unit of this vault is scaled to correspond to 1 unit of the underlying asset.
/// This token will only be used by a single destination.
/// Anyone how deposits here that isn't the holdingDestination will lose their rewards.
/// Its possible to use recover() against the SiloVault token but misuse can result in DoS.
contract SiloVaultWrapper is ERC20, TokenRecoverable, IERC4626 {
/// =====================================================
/// Constant Vars
/// =====================================================
/// @dev Decimals for this token
uint8 private constant _DECIMALS = 18;
/// =====================================================
/// Immutable Vars
/// =====================================================
/// @notice Returns the SiloVault this token wraps
ISiloVault public immutable siloVault;
/// @notice Decimals to scale up by when converting from this vaults shares to underlying
/// @dev Will be used in denominator when scaling the other direction
uint256 private immutable _toUnderlyingScaleUp;
/// @notice Decimals to scale down by when converting from this vaults shares to underlying
/// @dev Will be used in numerator when scaling the other direction
uint256 private immutable _toUnderlyingScaleDown;
/// @dev Base asset of this vault and the wrapped token
IERC20 private immutable _asset;
/// =====================================================
/// Public Vars
/// =====================================================
/// @notice Returns the number of underlying SiloVault shares currently held
uint256 public siloVaultShares;
/// @notice The Destination Vault that holds this token and can claim its rewards
address public holdingDestination;
/// =====================================================
/// Events
/// =====================================================
/// @notice Emitted on deposit for tracking
event UnderlyingShareIncrease(uint256 increasedBy);
/// @notice Emitted on redeem for tracking
event UnderlyingShareDecrease(uint256 decreasedBy);
/// @notice Emitted when a holding destination is set
event HoldingDestinationSet(address destination);
/// =====================================================
/// Functions - Construction
/// =====================================================
constructor(
ISystemRegistry _systemRegistry,
string memory name_,
string memory symbol_,
address siloVault_
) ERC20(name_, symbol_) TokenRecoverable(_systemRegistry) {
Errors.verifyNotZero(siloVault_, "siloVault_");
siloVault = ISiloVault(siloVault_);
IERC20 asset_ = IERC20(ISiloVault(siloVault_).asset());
_asset = asset_;
uint256 baseAssetDecimals = IERC20Metadata(address(_asset)).decimals();
if (baseAssetDecimals > _DECIMALS) {
revert Errors.InvalidParam("decimals");
}
// At initialization of a SiloVault, 1 unit of the underlying asset is worth a scaled up
// amount of the SiloVault shares. Typically its 1 asset == 100,000 shares
// but the scaling and decimal management here is meant to make it look
// 1 == 1 again. This scaling may result in dust shares of this wrapper token
// scaling to 0 or dust underlying shares but neither should represent
// any, or any meaningful, value
uint256 _siloVaultDecimalOffset = ISiloVault(siloVault_).DECIMALS_OFFSET();
uint256 _siloVaultAssetDecimals = baseAssetDecimals;
uint256 totalSiloDecimals = _siloVaultDecimalOffset + _siloVaultAssetDecimals;
if (totalSiloDecimals <= _DECIMALS) {
_toUnderlyingScaleUp = 1;
_toUnderlyingScaleDown = 10 ** (_DECIMALS - totalSiloDecimals);
} else {
_toUnderlyingScaleUp = 10 ** (totalSiloDecimals - _DECIMALS);
_toUnderlyingScaleDown = 1;
}
}
/// =====================================================
/// Functions - External
/// =====================================================
/// @notice Set the Destination Vault that is holding this token and can claim rewards
/// @dev When changing this destination ensure that all rewards have been claimed else they can be redirected
/// @param destination The new destination to use
function setHoldingDestination(
address destination
) external hasRole(Roles.DESTINATION_VAULT_SILO_MANAGER) {
// Intentionally not checking that this is a valid destination in the system.
// Opting for some flexibility should migrations need to happen.
// slither-disable-next-line missing-zero-check
holdingDestination = destination;
emit HoldingDestinationSet(destination);
}
/// @inheritdoc IERC4626
function deposit(uint256 _assets, address _receiver) external override returns (uint256 shares) {
Errors.verifyNotZero(_assets, "_assets");
Errors.verifyNotZero(_receiver, "_receiver");
SafeERC20.safeTransferFrom(_asset, msg.sender, address(this), _assets);
SafeERC20.safeApprove(_asset, address(siloVault), _assets);
uint256 newShares = siloVault.deposit(_assets, address(this));
shares = newShares * _toUnderlyingScaleDown / _toUnderlyingScaleUp;
siloVaultShares += newShares;
Errors.verifyNotZero(newShares, "newShares");
Errors.verifyNotZero(shares, "shares");
emit UnderlyingShareIncrease(newShares);
_mint(_receiver, shares);
}
/// @inheritdoc IERC4626
function redeem(uint256 _shares, address _receiver, address _owner) external override returns (uint256 assets) {
Errors.verifyNotZero(_shares, "_shares");
Errors.verifyNotZero(_receiver, "_receiver");
if (_owner != msg.sender) {
_spendAllowance(_owner, msg.sender, _shares);
}
_burn(_owner, _shares);
uint256 rawShares = _shares * _toUnderlyingScaleUp / _toUnderlyingScaleDown;
Errors.verifyNotZero(rawShares, "rawShares");
siloVaultShares -= rawShares;
emit UnderlyingShareDecrease(rawShares);
assets = siloVault.redeem(rawShares, _receiver, address(this));
Errors.verifyNotZero(assets, "assets");
}
/// @notice Claim programs from a gauge
/// @param gauge Silo gauge to claim rewards from
/// @param programs Registered programs to claim reward tokens for
/// @param expectedRewardTokens Reward tokens the Destination expects to claim from given programs
function claimRewardsToSender(
address gauge,
string[] calldata programs,
address[] memory expectedRewardTokens
) external {
if (msg.sender != holdingDestination) {
revert Errors.AccessDenied();
}
// slither-disable-next-line unused-return
ISiloIncentivesControllerCL(gauge).claimRewards(address(this), programs);
uint256 rewardTokenLen = expectedRewardTokens.length;
address vaultToken = address(siloVault);
for (uint256 i = 0; i < rewardTokenLen;) {
address rewardToken = expectedRewardTokens[i];
if (rewardToken != address(0)) {
uint256 amount = IERC20(rewardToken).balanceOf(address(this));
// Don't want to be able to siphon our actual holdings
uint256 sharesHeld = siloVaultShares;
if (rewardToken == vaultToken) {
if (amount > sharesHeld) {
amount -= sharesHeld;
} else {
amount = 0;
}
}
if (amount > 0) {
SafeERC20.safeTransfer(IERC20(expectedRewardTokens[i]), msg.sender, amount);
}
}
unchecked {
++i;
}
}
}
/// @inheritdoc IERC4626
function previewDeposit(
uint256 _assets
) external view virtual returns (uint256) {
return siloVault.previewDeposit(_assets) * _toUnderlyingScaleDown / _toUnderlyingScaleUp;
}
/// @inheritdoc IERC4626
function previewRedeem(
uint256 _shares
) external view virtual returns (uint256) {
uint256 rawShares = _shares * _toUnderlyingScaleUp / _toUnderlyingScaleDown;
return siloVault.previewRedeem(rawShares);
}
/// @inheritdoc IERC4626
function asset() external view override returns (address) {
return address(_asset);
}
/// @inheritdoc IERC4626
function totalAssets() external view returns (uint256) {
return siloVault.convertToAssets(siloVaultShares);
}
/// @inheritdoc IERC4626
function convertToShares(
uint256 assets
) external view returns (uint256) {
uint256 rawShares = siloVault.convertToShares(assets);
return rawShares * _toUnderlyingScaleDown / _toUnderlyingScaleUp;
}
/// @inheritdoc IERC4626
function convertToAssets(
uint256 shares
) external view returns (uint256) {
uint256 scaledShares = shares * _toUnderlyingScaleUp / _toUnderlyingScaleDown;
return siloVault.convertToAssets(scaledShares);
}
/// @inheritdoc IERC4626
/// @dev Always reverts
function maxDeposit(
address
) external pure override returns (uint256) {
_revertNotSupported();
}
/// @inheritdoc IERC4626
/// @dev Always reverts
function maxRedeem(
address
) external pure override returns (uint256) {
_revertNotSupported();
}
/// @inheritdoc IERC4626
/// @dev Always reverts
function maxMint(
address
) external pure override returns (uint256) {
_revertNotSupported();
}
/// @inheritdoc IERC4626
/// @dev Always reverts
function previewMint(
uint256
) external pure returns (uint256) {
_revertNotSupported();
}
/// @inheritdoc IERC4626
function mint(uint256, address) external pure override returns (uint256) {
_revertNotSupported();
}
/// @inheritdoc IERC4626
/// @dev Always reverts
function maxWithdraw(
address
) external pure override returns (uint256) {
_revertNotSupported();
}
/// @inheritdoc IERC4626
/// @dev Always reverts
function previewWithdraw(
uint256
) external pure virtual returns (uint256) {
_revertNotSupported();
}
/// @inheritdoc IERC4626
function withdraw(uint256, address, address) external pure returns (uint256) {
_revertNotSupported();
}
/// =====================================================
/// Functions - Public
/// =====================================================
/// @inheritdoc IERC20Metadata
function decimals() public pure override(IERC20Metadata, ERC20) returns (uint8) {
return _DECIMALS;
}
/// =====================================================
/// Functions - Private
/// =====================================================
/// @notice Revert with a "NotSupported" error
function _revertNotSupported() private pure {
revert Errors.NotSupported();
}
}
"
},
"src/libs/Roles.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity ^0.8.24;
library Roles {
// Naming Conventions:
// - Use MANAGER, CREATOR, UPDATER, ..., for roles primarily managing on-chain activities.
// - Use EXECUTOR for roles that trigger off-chain initiated actions.
// - Group roles by functional area for clarity.
// Destination Vault Management
bytes32 public constant DESTINATION_VAULT_FACTORY_MANAGER = keccak256("CREATE_DESTINATION_VAULT_ROLE");
bytes32 public constant DESTINATION_VAULT_REGISTRY_MANAGER = keccak256("DESTINATION_VAULT_REGISTRY_MANAGER");
bytes32 public constant DESTINATION_VAULT_MANAGER = keccak256("DESTINATION_VAULT_MANAGER");
bytes32 public constant FLUID_DESTINATION_VAULT_MANAGER = keccak256("FLUID_DESTINATION_VAULT_MANAGER");
bytes32 public constant DESTINATION_MERKLE_CLAIM_MANAGER = keccak256("DESTINATION_MERKLE_CLAIM_MANAGER");
bytes32 public constant EULER_REWARD_MANAGER = keccak256("EULER_REWARD_MANAGER");
bytes32 public constant EULER_REWARD_EXECUTOR = keccak256("EULER_REWARD_EXECUTOR");
// Auto Pool Factory and Registry Management
bytes32 public constant AUTO_POOL_REGISTRY_UPDATER = keccak256("REGISTRY_UPDATER");
bytes32 public constant AUTO_POOL_FACTORY_MANAGER = keccak256("AUTO_POOL_FACTORY_MANAGER");
bytes32 public constant AUTO_POOL_FACTORY_VAULT_CREATOR = keccak256("CREATE_POOL_ROLE");
// Auto Pool Management
bytes32 public constant AUTO_POOL_DESTINATION_UPDATER = keccak256("DESTINATION_VAULTS_UPDATER");
bytes32 public constant AUTO_POOL_FEE_UPDATER = keccak256("AUTO_POOL_FEE_SETTER_ROLE");
bytes32 public constant AUTO_POOL_PERIODIC_FEE_UPDATER = keccak256("AUTO_POOL_PERIODIC_FEE_SETTER_ROLE");
bytes32 public constant AUTO_POOL_REWARD_MANAGER = keccak256("AUTO_POOL_REWARD_MANAGER_ROLE");
bytes32 public constant AUTO_POOL_MANAGER = keccak256("AUTO_POOL_ADMIN");
bytes32 public constant REBALANCER = keccak256("REBALANCER_ROLE");
bytes32 public constant STATS_HOOK_POINTS_ADMIN = keccak256("STATS_HOOK_POINTS_ADMIN");
// Reward Management
bytes32 public constant LIQUIDATOR_MANAGER = keccak256("LIQUIDATOR_ROLE");
bytes32 public constant DV_REWARD_MANAGER = keccak256("DV_REWARD_MANAGER_ROLE");
bytes32 public constant REWARD_LIQUIDATION_MANAGER = keccak256("REWARD_LIQUIDATION_MANAGER");
bytes32 public constant EXTRA_REWARD_MANAGER = keccak256("EXTRA_REWARD_MANAGER_ROLE");
bytes32 public constant REWARD_LIQUIDATION_EXECUTOR = keccak256("REWARD_LIQUIDATION_EXECUTOR");
bytes32 public constant BANK_SWAP_MANAGER = keccak256("BANK_SWAP_MANAGER");
// Statistics and Reporting
bytes32 public constant STATS_CALC_REGISTRY_MANAGER = keccak256("STATS_CALC_REGISTRY_MANAGER");
bytes32 public constant STATS_CALC_FACTORY_MANAGER = keccak256("CREATE_STATS_CALC_ROLE");
bytes32 public constant STATS_CALC_FACTORY_TEMPLATE_MANAGER = keccak256("STATS_CALC_TEMPLATE_MGMT_ROLE");
bytes32 public constant STATS_SNAPSHOT_EXECUTOR = keccak256("STATS_SNAPSHOT_ROLE");
bytes32 public constant STATS_INCENTIVE_TOKEN_UPDATER = keccak256("STATS_INCENTIVE_TOKEN_UPDATER");
bytes32 public constant STATS_GENERAL_MANAGER = keccak256("STATS_GENERAL_MANAGER");
bytes32 public constant STATS_LST_ETH_TOKEN_EXECUTOR = keccak256("STATS_LST_ETH_TOKEN_EXECUTOR");
bytes32 public constant STATS_CACHE_SET_TRANSIENT_EXECUTOR = keccak256("STATS_CACHE_SET_TRANSIENT_EXECUTOR");
// Emergency Management
bytes32 public constant EMERGENCY_PAUSER = keccak256("EMERGENCY_PAUSER");
bytes32 public constant SEQUENCER_OVERRIDE_MANAGER = keccak256("SEQUENCER_OVERRIDE_MANAGER");
// Miscellaneous Roles
bytes32 public constant SOLVER = keccak256("SOLVER_ROLE");
bytes32 public constant AUTO_POOL_REPORTING_EXECUTOR = keccak256("AUTO_POOL_UPDATE_DEBT_REPORTING_ROLE");
bytes32 public constant STRATEGY_HOOK_CONFIGURATION = keccak256("STRATEGY_HOOK_CONFIGURATION");
// Swapper Roles
bytes32 public constant SWAP_ROUTER_MANAGER = keccak256("SWAP_ROUTER_MANAGER");
// Price Oracles Roles
bytes32 public constant ORACLE_MANAGER = keccak256("ORACLE_MANAGER_ROLE");
bytes32 public constant CUSTOM_ORACLE_EXECUTOR = keccak256("CUSTOM_ORACLE_EXECUTOR");
bytes32 public constant MAVERICK_FEE_ORACLE_EXECUTOR = keccak256("MAVERICK_FEE_ORACLE_MANAGER");
// AccToke Roles
bytes32 public constant ACC_TOKE_MANAGER = keccak256("ACC_TOKE_MANAGER");
// Admin Roles
bytes32 public constant TOKEN_RECOVERY_MANAGER = keccak256("TOKEN_RECOVERY_ROLE");
bytes32 public constant INFRASTRUCTURE_MANAGER = keccak256("INFRASTRUCTURE_MANAGER");
// Cross chain communications roles
bytes32 public constant MESSAGE_PROXY_MANAGER = keccak256("MESSAGE_PROXY_MANAGER");
bytes32 public constant MESSAGE_PROXY_EXECUTOR = keccak256("MESSAGE_PROXY_EXECUTOR");
bytes32 public constant RECEIVING_ROUTER_MANAGER = keccak256("RECEIVING_ROUTER_MANAGER");
bytes32 public constant RECEIVING_ROUTER_EXECUTOR = keccak256("RECEIVING_ROUTER_EXECUTOR");
// Backing Oracle
bytes32 public constant BACKING_ORACLE_MANAGER = keccak256("BACKING_ORACLE_MANAGER");
// Silo Vault Reward Manager
bytes32 public constant DESTINATION_VAULT_SILO_MANAGER = keccak256("DESTINATION_VAULT_SILO_MANAGER");
}
"
},
"src/utils/Errors.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity ^0.8.24;
import { Address } from "openzeppelin-contracts/utils/Address.sol";
import { ISystemComponent } from "src/interfaces/ISystemComponent.sol";
// solhint-disable max-line-length
library Errors {
using Address for address;
///////////////////////////////////////////////////////////////////
// Set errors
///////////////////////////////////////////////////////////////////
error AccessDenied();
error ZeroAddress(string paramName);
error ZeroAmount();
error InsufficientBalance(address token);
error AssetNotAllowed(address token);
error NotImplemented();
error InvalidAddress(address addr);
error InvalidParam(string paramName);
error InvalidParams();
error Exception(string desc);
error UnsafePrice(address token, uint256 spotPrice, uint256 safePrice);
error AlreadySet(string param);
error AlreadyRegistered(address param);
error SlippageExceeded(uint256 expected, uint256 actual);
error ArrayLengthMismatch(uint256 length1, uint256 length2, string details);
error ItemNotFound();
error ItemExists();
error MissingRole(bytes32 role, address user);
error RegistryItemMissing(string item);
error NotRegistered();
// Used to check storage slot is empty before setting.
error MustBeZero();
// Used to check storage slot set before deleting.
error MustBeSet();
error ApprovalFailed(address token);
error FlashLoanFailed(address token, uint256 amount);
error SystemMismatch(address source1, address source2);
error InvalidToken(address token);
error UnreachableError();
error InvalidSigner(address signer);
error InvalidChainId(uint256 chainId);
error SenderMismatch(address recipient, address sender);
error UnsupportedMessage(bytes32 messageType, bytes message);
error NotSupported();
error InvalidConfiguration();
error InvalidDataReturned();
function verifyNotZero(address addr, string memory paramName) internal pure {
if (addr == address(0)) {
revert ZeroAddress(paramName);
}
}
function verifyNotZero(bytes32 key, string memory paramName) internal pure {
if (key == bytes32(0)) {
revert InvalidParam(paramName);
}
}
function verifyNotEmpty(string memory val, string memory paramName) internal pure {
if (bytes(val).length == 0) {
revert InvalidParam(paramName);
}
}
function verifyNotZero(uint256 num, string memory paramName) internal pure {
if (num == 0) {
revert InvalidParam(paramName);
}
}
function verifySystemsMatch(address component1, address component2) internal view {
address registry1 =
abi.decode(component1.functionStaticCall(abi.encodeCall(ISystemComponent.getSystemRegistry, ())), (address));
address registry2 =
abi.decode(component2.functionStaticCall(abi.encodeCall(ISystemComponent.getSystemRegistry, ())), (address));
if (registry1 != registry2) {
revert SystemMismatch(component1, component2);
}
}
function verifyArrayLengths(uint256 length1, uint256 length2, string memory details) internal pure {
if (length1 != length2) {
revert ArrayLengthMismatch(length1, length2, details);
}
}
}
"
},
"src/interfaces/ISystemRegistry.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity ^0.8.24;
import { IWETH9 } from "src/interfaces/utils/IWETH9.sol";
import { IAccToke } from "src/interfaces/staking/IAccToke.sol";
import { IAutopoolRegistry } from "src/interfaces/vault/IAutopoolRegistry.sol";
import { IAccessController } from "src/interfaces/security/IAccessController.sol";
import { ISwapRouter } from "src/interfaces/swapper/ISwapRouter.sol";
import { ICurveResolver } from "src/interfaces/utils/ICurveResolver.sol";
import { IAutopilotRouter } from "src/interfaces/vault/IAutopilotRouter.sol";
import { IAutopoolFactory } from "src/interfaces/vault/IAutopoolFactory.sol";
import { ISystemSecurity } from "src/interfaces/security/ISystemSecurity.sol";
import { IDestinationRegistry } from "src/interfaces/destinations/IDestinationRegistry.sol";
import { IRootPriceOracle } from "src/interfaces/oracles/IRootPriceOracle.sol";
import { IDestinationVaultRegistry } from "src/interfaces/vault/IDestinationVaultRegistry.sol";
import { IAccessController } from "src/interfaces/security/IAccessController.sol";
import { IStatsCalculatorRegistry } from "src/interfaces/stats/IStatsCalculatorRegistry.sol";
import { IAsyncSwapperRegistry } from "src/interfaces/liquidation/IAsyncSwapperRegistry.sol";
import { IERC20Metadata } from "openzeppelin-contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { IIncentivesPricingStats } from "src/interfaces/stats/IIncentivesPricingStats.sol";
import { IMessageProxy } from "src/interfaces/messageProxy/IMessageProxy.sol";
/// @notice Root most registry contract for the system
interface ISystemRegistry {
/// @notice Get the TOKE contract for the system
/// @return toke instance of TOKE used in the system
function toke() external view returns (IERC20Metadata);
/// @notice Get the referenced WETH contract for the system
/// @return weth contract pointer
function weth() external view returns (IWETH9);
/// @notice Get the AccToke staking contract
/// @return accToke instance of the accToke contract for the system
function accToke() external view returns (IAccToke);
/// @notice Get the AutopoolRegistry for this system
/// @return registry instance of the registry for this system
function autoPoolRegistry() external view returns (IAutopoolRegistry registry);
/// @notice Get the destination Vault registry for this system
/// @return registry instance of the registry for this system
function destinationVaultRegistry() external view returns (IDestinationVaultRegistry registry);
/// @notice Get the access Controller for this system
/// @return controller instance of the access controller for this system
function accessController() external view returns (IAccessController controller);
/// @notice Get the destination template registry for this system
/// @return registry instance of the registry for this system
function destinationTemplateRegistry() external view returns (IDestinationRegistry registry);
/// @notice Auto Pilot Router
/// @return router instance of the system
function autoPoolRouter() external view returns (IAutopilotRouter router);
/// @notice Vault factory lookup by type
/// @return vaultFactory instance of the vault factory for this vault type
function getAutopoolFactoryByType(
bytes32 vaultType
) external view returns (IAutopoolFactory vaultFactory);
/// @notice Get the stats calculator registry for this system
/// @return registry instance of the registry for this system
function statsCalculatorRegistry() external view returns (IStatsCalculatorRegistry registry);
/// @notice Get the root price oracle for this system
/// @return oracle instance of the root price oracle for this system
function rootPriceOracle() external view returns (IRootPriceOracle oracle);
/// @notice Get the async swapper registry for this system
/// @return registry instance of the registry for this system
function asyncSwapperRegistry() external view returns (IAsyncSwapperRegistry registry);
/// @notice Get the swap router for this system
/// @return router instance of the swap router for this system
function swapRouter() external view returns (ISwapRouter router);
/// @notice Get the curve resolver for this system
/// @return resolver instance of the curve resolver for this system
function curveResolver() external view returns (ICurveResolver resolver);
/// @notice Verify if given address is registered as Reward Token
/// @param rewardToken token address to verify
/// @return bool that indicates true if token is registered and false if not
function isRewardToken(
address rewardToken
) external view returns (bool);
/// @notice Get the system security instance for this system
/// @return security instance of system security for this system
function systemSecurity() external view returns (ISystemSecurity security);
/// @notice Get the Incentive Pricing Stats
/// @return incentivePricing the incentive pricing contract
function incentivePricing() external view returns (IIncentivesPricingStats);
/// @notice Get the Message Proxy
/// @return Message proxy contract
function messageProxy() external view returns (IMessageProxy);
/// @notice Get the receiving router contract.
/// @return Receiving router contract
function receivingRouter() external view returns (address);
/// @notice Check if an additional contract of type is valid in the system
/// @return True if the contract is a valid for the given type
function isValidContract(bytes32 contractType, address contractAddress) external view returns (bool);
/// @notice Returns the additional contract of the given type
/// @dev Revert if not set
function getUniqueContract(
bytes32 contractType
) external view returns (address);
/// @notice Returns all unique contracts configured
function listUniqueContracts() external view returns (bytes32[] memory contractTypes, address[] memory addresses);
/// @notice Returns all additional contract types configured
function listAdditionalContractTypes() external view returns (bytes32[] memory);
/// @notice Returns configured additional contracts by type
/// @param contractType Type of contract to list
function listAdditionalContracts(
bytes32 contractType
) external view returns (address[] memory);
}
"
},
"src/interfaces/external/silo/ISiloVault.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.24;
import { IERC4626 } from "openzeppelin-contracts/interfaces/IERC4626.sol";
// solhint-disable func-name-mixedcase
interface ISiloVault is IERC4626 {
function DECIMALS_OFFSET() external returns (uint256);
function INCENTIVES_MODULE() external view returns (address);
}
"
},
"lib/openzeppelin-contracts/contracts/token/ERC20/ERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.0;
import "./IERC20.sol";
import "./extensions/IERC20Metadata.sol";
import "../../utils/Context.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20 is Context, IERC20, IERC20Metadata {
mapping(address => uint256) private _balances;
mapping(address => mapping(address => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* The default value of {decimals} is 18. To select a different value for
* {decimals} you should overload it.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual override returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual override returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless this function is
* overridden;
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual override returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address to, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_transfer(owner, to, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual override returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_approve(owner, spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
* - the caller must have allowance for ``from``'s tokens of at least
* `amount`.
*/
function transferFrom(
address from,
address to,
uint256 amount
) public virtual override returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, amount);
_transfer(from, to, amount);
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, allowance(owner, spender) + addedValue);
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
address owner = _msgSender();
uint256 currentAllowance = allowance(owner, spender);
require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
unchecked {
_approve(owner, spender, currentAllowance - subtractedValue);
}
return true;
}
/**
* @dev Moves `amount` of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
*/
function _transfer(
address from,
address to,
uint256 amount
) internal virtual {
require(from != address(0), "ERC20: transfer from the zero address");
require(to != address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(from, to, amount);
uint256 fromBalance = _balances[from];
require(fromBalance >= amount, "ERC20: transfer amount exceeds balance");
unchecked {
_balances[from] = fromBalance - amount;
// Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by
// decrementing then incrementing.
_balances[to] += amount;
}
emit Transfer(from, to, amount);
_afterTokenTransfer(from, to, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply += amount;
unchecked {
// Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
_balances[account] += amount;
}
emit Transfer(address(0), account, amount);
_afterTokenTransfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
uint256 accountBalance = _balances[account];
require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
unchecked {
_balances[account] = accountBalance - amount;
// Overflow not possible: amount <= accountBalance <= totalSupply.
_totalSupply -= amount;
}
emit Transfer(account, address(0), amount);
_afterTokenTransfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(
address owner,
address spender,
uint256 amount
) internal virtual {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `amount`.
*
* Does not update the allowance amount in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Might emit an {Approval} event.
*/
function _spendAllowance(
address owner,
address spender,
uint256 amount
) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
require(currentAllowance >= amount, "ERC20: insufficient allowance");
unchecked {
_approve(owner, spender, currentAllowance - amount);
}
}
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* has been transferred to `to`.
* - when `from` is zero, `amount` tokens have been minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens have been burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _afterTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
}
"
},
"lib/openzeppelin-contracts/contracts/token/ERC20/utils/SafeERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
import "../extensions/draft-IERC20Permit.sol";
import "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
function safeTransfer(
IERC20 token,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(
IERC20 token,
address from,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(
IERC20 token,
address spender,
uint256 value
) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
require(
(value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
function safeIncreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
uint256 newAllowance = token.allowance(address(this), spender) + value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function safeDecreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
uint256 newAllowance = oldAllowance - value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
}
function safePermit(
IERC20Permit token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal {
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length > 0) {
// Return data is optional
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}
"
},
"lib/openzeppelin-contracts/contracts/interfaces/IERC4626.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (interfaces/IERC4626.sol)
pragma solidity ^0.8.0;
import "../token/ERC20/IERC20.sol";
import "../token/ERC20/extensions/IERC20Metadata.sol";
/**
* @dev Interface of the ERC4626 "Tokenized Vault Standard", as defined in
* https://eips.ethereum.org/EIPS/eip-4626[ERC-4626].
*
* _Available since v4.7._
*/
interface IERC4626 is IERC20, IERC20Metadata {
event Deposit(address indexed sender, address indexed owner, uint256 assets, uint256 shares);
event Withdraw(
address indexed sender,
address indexed receiver,
address indexed owner,
uint256 assets,
uint256 shares
);
/**
* @dev Returns the address of the underlying token used for the Vault for accounting, depositing, and withdrawing.
*
* - MUST be an ERC-20 token contract.
* - MUST NOT revert.
*/
function asset() external view returns (address assetTokenAddress);
/**
* @dev Returns the total amount of the underlying asset that is “managed” by Vault.
*
* - SHOULD include any compounding that occurs from yield.
* - MUST be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT revert.
*/
function totalAssets() external view returns (uint256 totalManagedAssets);
/**
* @dev Returns the amount of shares that the Vault would exchange for the amount of assets provided, in an ideal
* scenario where all the conditions are met.
*
* - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT show any variations depending on the caller.
* - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
* - MUST NOT revert.
*
* NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
* “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
* from.
*/
function convertToShares(uint256 assets) external view returns (uint256 shares);
/**
* @dev Returns the amount of assets that the Vault would exchange for the amount of shares provided, in an ideal
* scenario where all the conditions are met.
*
* - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT show any variations depending on the caller.
* - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
* - MUST NOT revert.
*
* NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
* “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
* from.
*/
function convertToAssets(uint256 shares) external view returns (uint256 assets);
/**
* @dev Returns the maximum amount of the underlying asset that can be deposited into the Vault for the receiver,
* through a deposit call.
*
* - MUST return a limited value if receiver is subject to some deposit limit.
* - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of assets that may be deposited.
* - MUST NOT revert.
*/
function maxDeposit(address receiver) external view returns (uint256 maxAssets);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their deposit at the current block, given
* current on-chain conditions.
*
* - MUST return as close to and no more than the exact amount of Vault shares that would be minted in a deposit
* call in the same transaction. I.e. deposit should return the same or more shares as previewDeposit if called
* in the same transaction.
* - MUST NOT account for deposit limits like those returned from maxDeposit and should always act as though the
* deposit would be accepted, regardless if the user has enough tokens approved, etc.
* - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToShares and previewDeposit SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by depositing.
*/
function previewDeposit(uint256 assets) external view returns (uint256 shares);
/**
* @dev Mints shares Vault shares to receiver by depositing exactly amount of underlying tokens.
*
* - MUST emit the Deposit event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* deposit execution, and are accounted for during deposit.
* - MUST revert if all of assets cannot be deposited (due to deposit limit being reached, slippage, the user not
* approving enough underlying tokens to the Vault contract, etc).
*
* NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
*/
function deposit(uint256 assets, address receiver) external returns (uint256 shares);
/**
* @dev Returns the maximum amount of the Vault shares that can be minted for the receiver, through a mint call.
* - MUST return a limited value if receiver is subject to some mint limit.
* - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of shares that may be minted.
* - MUST NOT revert.
*/
function maxMint(address receiver) external view returns (uint256 maxShares);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their mint at the current block, given
* current on-chain conditions.
*
* - MUST return as close to and no fewer than the exact amount of assets that would be deposited in a mint call
* in the same transaction. I.e. mint should return the same or fewer assets as previewMint if called in the
* same transaction.
* - MUST NOT account for mint limits like those returned from maxMint and should always act as though the mint
* would be accepted, regardless if the user has enough tokens approved, etc.
* - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToAssets and previewMint SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by minting.
*/
function previewMint(uint256 shares) external view returns (uint256 assets);
/**
* @dev Mints exactly shares Vault shares to receiver by depositing amount of underlying tokens.
*
* - MUST emit the Deposit event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the mint
* execution, and are accounted for during mint.
* - MUST revert if all of shares cannot be minted (due to deposit limit being reached, slippage, the user not
* approving enough underlying tokens to the Vault contract, etc).
*
* NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
*/
function mint(uint256 shares, address receiver) external returns (uint256 assets);
/**
* @dev Returns the maximum amount of the underlying asset that can be withdrawn from the owner balance in the
* Vault, through a withdraw call.
*
* - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
* - MUST NOT revert.
*/
function maxWithdraw(address owner) external view returns (uint256 maxAssets);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their withdrawal at the current block,
* given current on-chain conditions.
*
* - MUST return as close to and no fewer than the exact amount of Vault shares that would be burned in a withdraw
* call in the same transaction. I.e. withdraw should return the same or fewer shares as previewWithdraw if
* called
* in the same transaction.
* - MUST NOT account for withdrawal limits like those returned from maxWithdraw and should always act as though
* the withdrawal would be accepted, regardless if the user has enough shares, etc.
* - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToShares and previewWithdraw SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by depositing.
*/
function previewWithdraw(uint256 assets) external view returns (uint256 shares);
/**
* @dev Burns shares from owner and sends exactly assets of underlying tokens to receiver.
*
* - MUST emit the Withdraw event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* withdraw execution, and are accounted for during withdraw.
* - MUST revert if all of assets cannot be withdrawn (due to withdrawal limit being reached, slippage, the owner
* not having enough shares, etc).
*
* Note that some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
* Those methods should be performed separately.
*/
function withdraw(
uint256 assets,
address receiver,
address owner
) external returns (uint256 shares);
/**
* @dev Returns the maximum amount of Vault shares that can be redeemed from the owner balance in the Vault,
* through a redeem call.
*
* - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
* - MUST return balanceOf(owner) if owner is not subject to any withdrawal limit or timelock.
* - MUST NOT revert.
*/
function maxRedeem(address owner) external view returns (uint256 maxShares);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their redeemption at the current block,
* given current on-chain conditions.
*
* - MUST return as close to and no more than the exact amount of assets that would be withdrawn in a redeem call
* in the same transaction. I.e. redeem should return the same or more assets as previewRedeem if called in the
* same transaction.
* - MUST NOT account for redemption limits like those returned from maxRedeem and should always act as though the
* redemption would be accepted, regardless if the user has enough shares, etc.
* - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToAssets and previewRedeem SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by redeeming.
*/
function previewRedeem(uint256 shares) external view returns (uint256 assets);
/**
* @dev Burns exactly shares from owner and sends assets of underlying tokens to receiver.
*
* - MUST emit the Withdraw event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* redeem execution, and are accounted for during redeem.
* - MUST revert if all of shares cannot be redeemed (due to withdrawal limit being reached, slippage, the owner
* not having enough shares, etc).
*
* NOTE: some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
* Those methods should be performed separately.
*/
function redeem(
uint256 shares,
address receiver,
address owner
) external returns (uint256 assets);
}
"
},
"src/interfaces/silo/ISiloIncentivesControllerCL.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity ^0.8.24;
import { IDistributionManager } from "./IDistributionManager.sol";
// solhint-disable func-name-mixedcase
struct AccruedRewards {
uint256 amount;
bytes32 programId;
address rewardToken;
}
interface ISiloIncentivesControllerCL is IDistributionManager {
function SILO_INCENTIVES_CONTROLLER() external view returns (address);
/**
* @dev Claims reward for an user to the desired address, on all the assets of the lending pool,
* accumulating the pending rewards
* @param _to Address that will be receiving the rewards
* @return accruedRewards
*/
function claimRewards(
address _to
) external returns (AccruedRewards[] memory accruedRewards);
/**
* @dev Claims reward for an user to the desired address, on all the assets of the lending pool,
* accumulating the pending rewards
* @param _to Address that will be receiving the rewards
* @param _programNames The incentives program names
* @return accruedRewards
*/
function claimRewards(
address _to,
string[] calldata _programNames
) external returns (AccruedRewards[] memory accruedRewards);
}
"
},
"src/utils/TokenRecoverable.sol": {
"content": "// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity ^0.8.24;
import { Roles } from "src/libs/Roles.sol";
import { Errors } from "src/utils/Errors.sol";
import { ISystemRegistry } from "src/interfaces/ISystemRegistry.sol";
import { SecurityBase } from "src/security/SecurityBase.sol";
import { IERC20 } from "openzeppelin-contracts/token/ERC20/ERC20.sol";
import { SafeERC20 } from "openzeppelin-contracts/token/ERC20/utils/SafeERC20.sol";
abstract contract TokenRecoverable is SecurityBase {
error ArrayLengthMismatch();
error NotRecoverable(address token);
error RecoveringMoreThanAvailable(address token, uint256 amount, uint256 availableAmount);
event Recovered(address[] tokens, uint256[] amounts, address[] destinations);
constructor(
ISystemRegistry _systemRegistry
) SecurityBase(address(_systemRegistry.accessController())) { }
/// @notice Transfer out allowable tokens
function recover(address[] calldata tokens, uint256[] calldata amounts, address[] calldata destinations) external {
if (!accessController.hasRole(Roles.TOKEN_RECOVERY_MANAGER, msg.sender)) {
revert Errors.AccessDenied();
}
uint256 length = tokens.length;
if (length == 0 || length != amounts.length || length != destinations.length) {
revert ArrayLengthMismatch();
}
emit Recovered(tokens, amounts, destinations);
for (uint256 i = 0; i < tokens.length; ++i) {
IERC20 token = IERC20(tokens[i]);
if (!_isTokenRecoverable(address(token))) {
revert NotRecoverable(address(token));
}
uint256 tokenBalance = token.balanceOf(address(this));
if (tokenBalance < amounts[i]) revert RecoveringMoreThanAvailable(tokens[i], amounts[i], tokenBalance);
SafeERC20.safeTransfer(token, destinations[i], amounts[i]);
}
}
/// @dev Hook to prevent token recovery when necessary
function _isTokenRecoverable(
address
) internal virtual returns (bool) {
return true;
}
}
"
},
"lib/openzeppelin-contracts/contracts/utils/Address.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
Submitted on: 2025-09-17 11:26:48
Comments
Log in to comment.
No comments yet.