Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"src/LockToVotePlugin.sol": {
"content": "// SPDX-License-Identifier: AGPL-3.0-or-later
pragma solidity 0.8.28;
import {ILockManager} from "./interfaces/ILockManager.sol";
import {LockToGovernBase} from "./base/LockToGovernBase.sol";
import {ILockToVote} from "./interfaces/ILockToVote.sol";
import {IDAO} from "@aragon/osx-commons-contracts/src/dao/IDAO.sol";
import {Action} from "@aragon/osx-commons-contracts/src/executors/IExecutor.sol";
import {IPlugin} from "@aragon/osx-commons-contracts/src/plugin/IPlugin.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {IProposal} from "@aragon/osx-commons-contracts/src/plugin/extensions/proposal/IProposal.sol";
import {SafeCastUpgradeable} from "@openzeppelin/contracts-upgradeable/utils/math/SafeCastUpgradeable.sol";
import {MajorityVotingBase} from "./base/MajorityVotingBase.sol";
import {ILockToGovernBase} from "./interfaces/ILockToGovernBase.sol";
contract LockToVotePlugin is ILockToVote, MajorityVotingBase, LockToGovernBase {
/// @notice The [ERC-165](https://eips.ethereum.org/EIPS/eip-165) interface ID of the contract.
bytes4 internal constant LOCK_TO_VOTE_INTERFACE_ID =
this.minProposerVotingPower.selector ^ this.createProposal.selector;
/// @notice The ID of the permission required to call the `createProposal` functions.
bytes32 public constant CREATE_PROPOSAL_PERMISSION_ID = keccak256("CREATE_PROPOSAL_PERMISSION");
/// @notice The ID of the permission required to call `vote` and `clearVote`.
bytes32 public constant LOCK_MANAGER_PERMISSION_ID = keccak256("LOCK_MANAGER_PERMISSION");
/// @notice Thrown when a user's vote has been cleared.
/// @param proposalId the ID of the proposal where the vote was cleared.
/// @param voter The address of the token holder whose vote was cleared.
event VoteCleared(uint256 indexed proposalId, address indexed voter);
/// @notice Thrown when attempting to call clearVote() from an address other than the LockManager.
/// @param caller The address calling clearVote().
error VoteRemovalUnauthorized(address caller);
/// @notice Thrown when attempting to remove a vote, because it is still active or because the plugin mode doesn't allow it.
/// @param proposalId The ID of the proposal.
/// @param voter The address of the voter.
error VoteRemovalForbidden(uint256 proposalId, address voter);
/// @notice Thrown when atempting to set the plugin or the LockManager as execution targets
error InvalidTargetAddress();
/// @notice Thrown when a proposal action is targeting address(0) or the LockManager
/// @param actionIdx The index of the action
/// @param target The invalid address that was passed
error InvalidActionTarget(uint256 actionIdx, address target);
/// @notice Initializes the component.
/// @dev This method is required to support [ERC-1822](https://eips.ethereum.org/EIPS/eip-1822).
/// @param _dao The IDAO interface of the associated DAO.
/// @param _votingSettings The voting settings.
/// @param _targetConfig Configuration for the execution target, specifying the target address and operation type
/// (either `Call` or `DelegateCall`). Defined by `TargetConfig` in the `IPlugin` interface,
/// part of the `osx-commons-contracts` package, added in build 3.
/// @param _pluginMetadata The plugin specific information encoded in bytes.
/// This can also be an ipfs cid encoded in bytes.
function initialize(
IDAO _dao,
ILockManager _lockManager,
VotingSettings calldata _votingSettings,
IPlugin.TargetConfig calldata _targetConfig,
bytes calldata _pluginMetadata
) external onlyCallAtInitialization reinitializer(1) {
__MajorityVotingBase_init(_dao, _votingSettings, _targetConfig, _pluginMetadata);
__LockToGovernBase_init(_lockManager);
emit MembershipContractAnnounced({definingContract: address(_lockManager.token())});
}
/// @notice Checks if this or the parent contract supports an interface by its ID.
/// @param _interfaceId The ID of the interface.
/// @return Returns `true` if the interface is supported.
function supportsInterface(bytes4 _interfaceId)
public
view
virtual
override(MajorityVotingBase, LockToGovernBase)
returns (bool)
{
return _interfaceId == LOCK_TO_VOTE_INTERFACE_ID || _interfaceId == type(ILockToVote).interfaceId
|| super.supportsInterface(_interfaceId);
}
/// @inheritdoc IProposal
function customProposalParamsABI() external pure override returns (string memory) {
return "(uint256 allowFailureMap)";
}
/// @inheritdoc IProposal
/// @param _endDate UNUSED: The parameter is kept for compatibility with IProposal but its value is computed internally. It should be set to 0.
/// @dev Requires the `CREATE_PROPOSAL_PERMISSION_ID` permission.
function createProposal(
bytes calldata _metadata,
Action[] memory _actions,
uint64 _startDate,
uint64 _endDate,
bytes memory _data
)
external
/// @dev `minProposerVotingPower` is checked at the the permission condition behind auth(CREATE_PROPOSAL_PERMISSION_ID)
auth(CREATE_PROPOSAL_PERMISSION_ID)
returns (uint256 proposalId)
{
uint256 _allowFailureMap;
if (_data.length != 0) {
(_allowFailureMap) = abi.decode(_data, (uint256));
}
if (currentTokenSupply() == 0) {
revert NoVotingPower();
}
(_startDate, _endDate) = _computeProposalDates(_startDate);
proposalId = _createProposalId(keccak256(abi.encode(_actions, _metadata)));
if (_proposalExists(proposalId)) {
revert ProposalAlreadyExists(proposalId);
}
// Store proposal related information
Proposal storage proposal_ = proposals[proposalId];
proposal_.parameters.votingMode = votingMode();
proposal_.parameters.supportThresholdRatio = supportThresholdRatio();
proposal_.parameters.startDate = _startDate;
proposal_.parameters.endDate = _endDate;
proposal_.parameters.minParticipationRatio = minParticipationRatio();
proposal_.parameters.minApprovalRatio = minApprovalRatio();
proposal_.targetConfig = getTargetConfig();
// Reduce costs
if (_allowFailureMap != 0) {
proposal_.allowFailureMap = _allowFailureMap;
}
for (uint256 i; i < _actions.length; i++) {
if (_actions[i].to == address(0) || _actions[i].to == address(lockManager)) {
revert InvalidActionTarget(i, _actions[i].to);
}
proposal_.actions.push(_actions[i]);
}
emit ProposalCreated(proposalId, _msgSender(), _startDate, _endDate, _metadata, _actions, _allowFailureMap);
lockManager.proposalCreated(proposalId, _msgSender());
}
/// @inheritdoc ILockToVote
/// @dev Reverts if the proposal with the given `_proposalId` does not exist.
function canVote(uint256 _proposalId, address _voter, VoteOption _voteOption) public view returns (bool) {
if (!_proposalExists(_proposalId)) {
revert NonexistentProposal(_proposalId);
}
Proposal storage proposal_ = proposals[_proposalId];
return _canVote(proposal_, _voter, _voteOption, lockManager.getLockedBalance(_voter));
}
/// @inheritdoc ILockToVote
function vote(uint256 _proposalId, address _voter, VoteOption _voteOption, uint256 _newVotingPower)
public
override
auth(LOCK_MANAGER_PERMISSION_ID)
{
/// @dev The DAO can disable auth(LOCK_MANAGER_PERMISSION_ID) from above but not define an arbitrary address other than LockManager
if (msg.sender != address(lockManager)) {
revert VoteCallForbidden(address(lockManager));
} else if (!_proposalExists(_proposalId)) {
revert NonexistentProposal(_proposalId);
}
Proposal storage proposal_ = proposals[_proposalId];
if (!_canVote(proposal_, _voter, _voteOption, _newVotingPower)) {
revert VoteCastForbidden(_proposalId, _voter);
}
// Same vote
if (_voteOption == proposal_.votes[_voter].voteOption) {
// Same value, nothing to do
if (_newVotingPower == proposal_.votes[_voter].votingPower) return;
// More balance
/// @dev diff > 0 is guaranteed, as _canVote() above will return false and revert otherwise
uint256 diff = _newVotingPower - proposal_.votes[_voter].votingPower;
proposal_.votes[_voter].votingPower = _newVotingPower;
if (proposal_.votes[_voter].voteOption == VoteOption.Yes) {
proposal_.tally.yes += diff;
} else if (proposal_.votes[_voter].voteOption == VoteOption.No) {
proposal_.tally.no += diff;
} else {
/// @dev Voting none is not possible, as _canVote() above will return false and revert if so
proposal_.tally.abstain += diff;
}
} else {
/// @dev VoteReplacement has already been enforced by _canVote()
// Was there a vote?
if (proposal_.votes[_voter].votingPower > 0) {
// Undo that vote
if (proposal_.votes[_voter].voteOption == VoteOption.Yes) {
proposal_.tally.yes -= proposal_.votes[_voter].votingPower;
} else if (proposal_.votes[_voter].voteOption == VoteOption.No) {
proposal_.tally.no -= proposal_.votes[_voter].votingPower;
} else {
/// @dev Voting none is not possible, only abstain is left
proposal_.tally.abstain -= proposal_.votes[_voter].votingPower;
}
}
// Register the new vote
if (_voteOption == VoteOption.Yes) {
proposal_.tally.yes += _newVotingPower;
} else if (_voteOption == VoteOption.No) {
proposal_.tally.no += _newVotingPower;
} else {
/// @dev Voting none is not possible, only abstain is left
proposal_.tally.abstain += _newVotingPower;
}
proposal_.votes[_voter].voteOption = _voteOption;
proposal_.votes[_voter].votingPower = _newVotingPower;
}
emit VoteCast(_proposalId, _voter, _voteOption, _newVotingPower);
}
/// @inheritdoc ILockToVote
function clearVote(uint256 _proposalId, address _voter) external {
/// @dev The LockManager can always call clearVote(), regardless of LOCK_MANAGER_PERMISSION_ID
if (msg.sender != address(lockManager)) {
revert VoteRemovalUnauthorized(msg.sender);
}
Proposal storage proposal_ = proposals[_proposalId];
if (!_isProposalOpen(proposal_)) {
revert VoteRemovalForbidden(_proposalId, _voter);
} else if (proposal_.parameters.votingMode != VotingMode.VoteReplacement) {
revert VoteRemovalForbidden(_proposalId, _voter);
} else if (proposal_.votes[_voter].votingPower == 0) {
// Nothing to do
return;
}
// Undo that vote
if (proposal_.votes[_voter].voteOption == VoteOption.Yes) {
proposal_.tally.yes -= proposal_.votes[_voter].votingPower;
} else if (proposal_.votes[_voter].voteOption == VoteOption.No) {
proposal_.tally.no -= proposal_.votes[_voter].votingPower;
}
/// @dev Double checking for abstain, even though canVote prevents any other voteOption value
else if (proposal_.votes[_voter].voteOption == VoteOption.Abstain) {
proposal_.tally.abstain -= proposal_.votes[_voter].votingPower;
}
proposal_.votes[_voter].votingPower = 0;
proposal_.votes[_voter].voteOption = VoteOption.None;
emit VoteCleared(_proposalId, _voter);
}
/// @inheritdoc ILockToGovernBase
function isProposalOpen(uint256 _proposalId) external view returns (bool) {
Proposal storage proposal_ = proposals[_proposalId];
return _isProposalOpen(proposal_);
}
/// @inheritdoc ILockToGovernBase
function isProposalEnded(uint256 _proposalId) external view returns (bool) {
Proposal storage proposal_ = proposals[_proposalId];
return _isProposalEnded(proposal_);
}
/// @inheritdoc MajorityVotingBase
function minProposerVotingPower() public view override(ILockToGovernBase, MajorityVotingBase) returns (uint256) {
return MajorityVotingBase.minProposerVotingPower();
}
/// @inheritdoc MajorityVotingBase
function currentTokenSupply() public view override returns (uint256) {
return IERC20(lockManager.token()).totalSupply();
}
/// @inheritdoc ILockToGovernBase
function usedVotingPower(uint256 _proposalId, address _voter) public view returns (uint256) {
return proposals[_proposalId].votes[_voter].votingPower;
}
/// @notice Defines of the IExecutor contract where executable actions will be sent to.
/// IMPORTANT: The executor address (target) should only be set to the DAO or to the Executor contract deployed by Aragon.
/// IMPORTANT: Defining any other executor in DelegateCall mode (operation), can lead to undefined behaviour.
/// @param _targetConfig The target Config containing the executor address and operation mode.
/// @dev The caller must have the `SET_TARGET_CONFIG_PERMISSION_ID` permission.
function setTargetConfig(TargetConfig calldata _targetConfig)
public
virtual
override
auth(SET_TARGET_CONFIG_PERMISSION_ID)
{
if (_targetConfig.target == address(this) || _targetConfig.target == address(lockManager)) {
revert InvalidTargetAddress();
}
_setTargetConfig(_targetConfig);
}
// Internal helpers
function _canVote(Proposal storage proposal_, address _voter, VoteOption _voteOption, uint256 _newVotingPower)
internal
view
returns (bool)
{
uint256 _currentVotingPower = proposal_.votes[_voter].votingPower;
// The proposal vote hasn't started or has already ended.
if (!_isProposalOpen(proposal_)) {
return false;
} else if (_voteOption == VoteOption.None) {
return false;
}
// Standard voting
else if (proposal_.parameters.votingMode != VotingMode.VoteReplacement) {
// Lowering the existing voting power (or the same) is not allowed
if (_newVotingPower <= _currentVotingPower) {
return false;
}
// The voter already voted a different option but vote replacment is not allowed.
else if (
proposal_.votes[_voter].voteOption != VoteOption.None
&& _voteOption != proposal_.votes[_voter].voteOption
) {
return false;
}
}
// Vote replacement mode
else {
// Lowering the existing voting power is not allowed
if (_newVotingPower == 0 || _newVotingPower < _currentVotingPower) {
return false;
}
// Voting the same option with the same balance is not allowed
else if (_newVotingPower == _currentVotingPower && _voteOption == proposal_.votes[_voter].voteOption) {
return false;
}
}
return true;
}
function _execute(uint256 _proposalId) internal override {
super._execute(_proposalId);
// Notify the LockManager to stop tracking this proposal ID
lockManager.proposalSettled(_proposalId);
}
/// @notice This empty reserved space is put in place to allow future versions to add
/// new variables without shifting down storage in the inheritance chain
/// (see [OpenZeppelin's guide about storage gaps]
/// (https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps)).
uint256[50] private __gap;
}
"
},
"src/interfaces/ILockManager.sol": {
"content": "// SPDX-License-Identifier: AGPL-3.0-or-later
pragma solidity ^0.8.28;
import {ILockToGovernBase} from "./ILockToGovernBase.sol";
import {IMajorityVoting} from "./IMajorityVoting.sol";
/// @notice Defines wether the accepted plugin types. Currently: voting.
/// Placeholder for future plugin variants
enum PluginMode {
Voting
}
/// @notice The struct containing the LockManager helper settings. They are immutable after deployed.
struct LockManagerSettings {
/// @notice The type of governance plugin expected
PluginMode pluginMode;
}
/// @title ILockManager
/// @author Aragon X 2025
/// @notice Helper contract acting as the vault for locked tokens used to vote on LockToGovern plugins.
interface ILockManager {
/// @notice Returns the current settings of the LockManager.
/// @return pluginMode The plugin mode (currently, voting only)
function settings() external view returns (PluginMode pluginMode);
/// @notice Returns the address of the voting plugin.
/// @return The LockToVote plugin address.
function plugin() external view returns (ILockToGovernBase);
/// @notice Returns the address of the token contract used to determine the voting power.
/// @return The token used for voting.
function token() external view returns (address);
/// @notice Returns the currently locked balance that the given account has on the contract.
/// @param account The address whose locked balance is returned.
function getLockedBalance(address account) external view returns (uint256);
/// @notice Returns how many active proposalID's were created by the given address
/// @param _creator The address to use for filtering
function activeProposalsCreatedBy(address _creator) external view returns (uint256 _result);
/// @notice Locks the balance currently allowed by msg.sender on this contract
/// NOTE: Tokens locked and not allocated into a proposal are treated in the same way as the rest.
/// They can only be unlocked when all active proposals with votes have ended.
function lock() external;
/// @notice Locks the given amount from msg.sender on this contract
/// NOTE: Tokens locked and not allocated into a proposal are treated in the same way as the rest.
/// They can only be unlocked when all active proposals with votes have ended.
/// @param amount How many tokens the contract should lock
function lock(uint256 amount) external;
/// @notice Locks the balance currently allowed by msg.sender on this contract and registers the given vote on the target plugin
/// @param proposalId The ID of the proposal where the vote will be registered
/// @param vote The vote to cast (Yes, No, Abstain)
function lockAndVote(uint256 proposalId, IMajorityVoting.VoteOption vote) external;
/// @notice Locks the given amount from msg.sender on this contract and registers the given vote on the target plugin
/// @param proposalId The ID of the proposal where the vote will be registered
/// @param vote The vote to cast (Yes, No, Abstain)
/// @param amount How many tokens the contract should lock and use for voting
function lockAndVote(uint256 proposalId, IMajorityVoting.VoteOption vote, uint256 amount) external;
/// @notice Uses the locked balance to vote on the given proposal for the registered plugin
/// @param proposalId The ID of the proposal where the vote will be registered
/// @param vote The vote to cast (Yes, No, Abstain)
function vote(uint256 proposalId, IMajorityVoting.VoteOption vote) external;
/// @notice Checks if an account can participate on a proposal. This can be because the proposal
/// - has not started,
/// - has ended,
/// - was executed, or
/// - the voter doesn't have any tokens locked.
/// @param proposalId The proposal Id.
/// @param voter The account address to be checked.
/// @param voteOption The value of the new vote to register.
/// @return Returns true if the account is allowed to vote.
/// @dev The function assumes that the queried proposal exists.
function canVote(uint256 proposalId, address voter, IMajorityVoting.VoteOption voteOption)
external
view
returns (bool);
/// @notice If the governance plugin allows it, releases all active locks placed on active proposals and transfers msg.sender's locked balance back. Depending on the current mode, it withdraws only if no locks are being used in active proposals.
function unlock() external;
/// @notice Called by the lock to vote plugin whenever a proposal is created. It instructs the manager to start tracking the given proposal.
/// @param proposalId The ID of the proposal that msg.sender is reporting as created.
/// @param creator The address creating the proposal.
function proposalCreated(uint256 proposalId, address creator) external;
/// @notice Called by the lock to vote plugin whenever a proposal is executed (or settled).
/// It instructs the manager to remove the proposal from the list of active proposal locks.
/// There's no guarantee that `proposalSettled()` will be reliably called for a proposal ID.
/// Manually checking a proposal's state may be necessary in order to verify that it has ended.
/// @param proposalId The ID of the proposal that msg.sender is reporting as done.
function proposalSettled(uint256 proposalId) external;
/// @notice Triggers a manual cleanup of the known proposal ID's that have already ended.
/// Settled proposals are garbage collected when they are executed or when a user unlocks his tokens.
/// Use this method if a long list of unsettled yet ended proposals ever creates a gas bottleneck that discourages users from unlocking.
/// @param count How many proposals should be cleaned up, at most.
function pruneProposals(uint256 count) external;
/// @notice Defines the given plugin address as the target for voting.
/// @param plugin The address of the contract to use as the plugin.
function setPluginAddress(ILockToGovernBase plugin) external;
}
"
},
"src/base/LockToGovernBase.sol": {
"content": "// SPDX-License-Identifier: AGPL-3.0-or-later
pragma solidity ^0.8.28;
/* solhint-disable max-line-length */
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {ILockManager} from "../interfaces/ILockManager.sol";
import {ILockToGovernBase} from "../interfaces/ILockToGovernBase.sol";
import {IMembership} from "@aragon/osx-commons-contracts/src/plugin/extensions/membership/IMembership.sol";
import {ERC165Upgradeable} from "@openzeppelin/contracts-upgradeable/utils/introspection/ERC165Upgradeable.sol";
/// @title LockToGovernBase
/// @author Aragon X 2024-2025
abstract contract LockToGovernBase is ILockToGovernBase, IMembership, ERC165Upgradeable {
/// @notice Emitted when the address of the LockManager is set.
/// @param lockManager The address of the LockManager contract
event LockManagerDefined(ILockManager indexed lockManager);
/// @notice Thrown when creating a proposal without any locked tokens.
error NoVotingPower();
/// @notice Thrown when attempting to define the address of the LockManager after it was already set.
error LockManagerAlreadyDefined();
/// @inheritdoc ILockToGovernBase
ILockManager public lockManager;
/// @notice Initializes the component to be used by inheriting contracts.
/// @param _lockManager The address of the contract with the ability to manager votes on behalf of users.
function __LockToGovernBase_init(ILockManager _lockManager) internal onlyInitializing {
_setLockManager(_lockManager);
}
/// @notice Checks if this or the parent contract supports an interface by its ID.
/// @param _interfaceId The ID of the interface.
/// @return Returns `true` if the interface is supported.
function supportsInterface(bytes4 _interfaceId) public view virtual override(ERC165Upgradeable) returns (bool) {
return _interfaceId == type(ILockToGovernBase).interfaceId || _interfaceId == type(IMembership).interfaceId
|| super.supportsInterface(_interfaceId);
}
/// @inheritdoc ILockToGovernBase
function token() public view returns (IERC20) {
return IERC20(lockManager.token());
}
/// @inheritdoc IMembership
function isMember(address _account) external view returns (bool) {
if (lockManager.getLockedBalance(_account) > 0) return true;
IERC20 _token = token();
if (address(_token) != address(0)) {
if (_token.balanceOf(_account) > 0) return true;
}
return false;
}
function _setLockManager(ILockManager _lockManager) private {
if (address(lockManager) != address(0)) {
revert LockManagerAlreadyDefined();
}
lockManager = _lockManager;
emit LockManagerDefined(_lockManager);
}
/// @notice This empty reserved space is put in place to allow future versions to add
/// new variables without shifting down storage in the inheritance chain
/// (see [OpenZeppelin's guide about storage gaps]
/// (https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps)).
uint256[49] private __gap;
}
"
},
"src/interfaces/ILockToVote.sol": {
"content": "// SPDX-License-Identifier: AGPL-3.0-or-later
pragma solidity ^0.8.28;
import {ILockToGovernBase} from "./ILockToGovernBase.sol";
import {IMajorityVoting} from "./IMajorityVoting.sol";
/// @title ILockToVote
/// @author Aragon X
/// @notice Governance plugin allowing token holders to use tokens locked without a snapshot requirement and engage in proposals immediately
interface ILockToVote is ILockToGovernBase {
/// @notice Checks if an account can participate on a proposal. This can fail because the vote
/// - has not started,
/// - has ended,
/// - was executed, or
/// - the voter doesn't have voting powers.
/// - the voter can increase the amount of tokens assigned
/// @param proposalId The proposal Id.
/// @param voter The account address to be checked.
/// @dev `voteOption`, 1 -> abstain, 2 -> yes, 3 -> no
/// @param voteOption The value of the new vote to register. If an existing vote existed, it will be replaced.
/// @return Returns true if the account is allowed to vote.
function canVote(uint256 proposalId, address voter, IMajorityVoting.VoteOption voteOption)
external
view
returns (bool);
/// @notice Votes on a proposal and, depending on the mode, executes it.
/// @dev `voteOption`, 1 -> abstain, 2 -> yes, 3 -> no
/// @param proposalId The ID of the proposal to vote on.
/// @param voter The address of the account whose vote will be registered
/// @param voteOption The value of the new vote to register. If an existing vote existed, it will be replaced.
/// @param votingPower The new balance that should be allocated to the voter. It can only be bigger.
/// @dev votingPower updates any prior voting power, it does not add to the existing amount.
function vote(uint256 proposalId, address voter, IMajorityVoting.VoteOption voteOption, uint256 votingPower)
external;
/// @notice Reverts if the vote cannot be cleared due to the voting settings. This can be because:
/// - The plugin is in Standard votingMode and the voter has votes registered on active proposals
/// @param proposalId The ID of the proposal.
/// @param voter The voter's address.
function clearVote(uint256 proposalId, address voter) external;
}
"
},
"lib/osx-commons/contracts/src/dao/IDAO.sol": {
"content": "// SPDX-License-Identifier: AGPL-3.0-or-later
pragma solidity ^0.8.8;
/// @title IDAO
/// @author Aragon X - 2022-2024
/// @notice The interface required for DAOs within the Aragon App DAO framework.
/// @custom:security-contact sirt@aragon.org
interface IDAO {
/// @notice Checks if an address has permission on a contract via a permission identifier and considers if `ANY_ADDRESS` was used in the granting process.
/// @param _where The address of the contract.
/// @param _who The address of a EOA or contract to give the permissions.
/// @param _permissionId The permission identifier.
/// @param _data The optional data passed to the `PermissionCondition` registered.
/// @return Returns true if the address has permission, false if not.
function hasPermission(
address _where,
address _who,
bytes32 _permissionId,
bytes memory _data
) external view returns (bool);
/// @notice Updates the DAO metadata (e.g., an IPFS hash).
/// @param _metadata The IPFS hash of the new metadata object.
function setMetadata(bytes calldata _metadata) external;
/// @notice Emitted when the DAO metadata is updated.
/// @param metadata The IPFS hash of the new metadata object.
event MetadataSet(bytes metadata);
/// @notice Emitted when a standard callback is registered.
/// @param interfaceId The ID of the interface.
/// @param callbackSelector The selector of the callback function.
/// @param magicNumber The magic number to be registered for the callback function selector.
event StandardCallbackRegistered(
bytes4 interfaceId,
bytes4 callbackSelector,
bytes4 magicNumber
);
/// @notice Deposits (native) tokens to the DAO contract with a reference string.
/// @param _token The address of the token or address(0) in case of the native token.
/// @param _amount The amount of tokens to deposit.
/// @param _reference The reference describing the deposit reason.
function deposit(address _token, uint256 _amount, string calldata _reference) external payable;
/// @notice Emitted when a token deposit has been made to the DAO.
/// @param sender The address of the sender.
/// @param token The address of the deposited token.
/// @param amount The amount of tokens deposited.
/// @param _reference The reference describing the deposit reason.
event Deposited(
address indexed sender,
address indexed token,
uint256 amount,
string _reference
);
/// @notice Emitted when a native token deposit has been made to the DAO.
/// @dev This event is intended to be emitted in the `receive` function and is therefore bound by the gas limitations for `send`/`transfer` calls introduced by [ERC-2929](https://eips.ethereum.org/EIPS/eip-2929).
/// @param sender The address of the sender.
/// @param amount The amount of native tokens deposited.
event NativeTokenDeposited(address sender, uint256 amount);
/// @notice Setter for the trusted forwarder verifying the meta transaction.
/// @param _trustedForwarder The trusted forwarder address.
function setTrustedForwarder(address _trustedForwarder) external;
/// @notice Getter for the trusted forwarder verifying the meta transaction.
/// @return The trusted forwarder address.
function getTrustedForwarder() external view returns (address);
/// @notice Emitted when a new TrustedForwarder is set on the DAO.
/// @param forwarder the new forwarder address.
event TrustedForwarderSet(address forwarder);
/// @notice Checks whether a signature is valid for a provided hash according to [ERC-1271](https://eips.ethereum.org/EIPS/eip-1271).
/// @param _hash The hash of the data to be signed.
/// @param _signature The signature byte array associated with `_hash`.
/// @return Returns the `bytes4` magic value `0x1626ba7e` if the signature is valid and `0xffffffff` if not.
function isValidSignature(bytes32 _hash, bytes memory _signature) external returns (bytes4);
/// @notice Registers an ERC standard having a callback by registering its [ERC-165](https://eips.ethereum.org/EIPS/eip-165) interface ID and callback function signature.
/// @param _interfaceId The ID of the interface.
/// @param _callbackSelector The selector of the callback function.
/// @param _magicNumber The magic number to be registered for the function signature.
function registerStandardCallback(
bytes4 _interfaceId,
bytes4 _callbackSelector,
bytes4 _magicNumber
) external;
/// @notice Removed function being left here to not corrupt the IDAO interface ID. Any call will revert.
/// @dev Introduced in v1.0.0. Removed in v1.4.0.
function setSignatureValidator(address) external;
}
"
},
"lib/osx-commons/contracts/src/executors/IExecutor.sol": {
"content": "// SPDX-License-Identifier: AGPL-3.0-or-later
pragma solidity ^0.8.8;
/// @notice The action struct to be consumed by the DAO's `execute` function resulting in an external call.
/// @param to The address to call.
/// @param value The native token value to be sent with the call.
/// @param data The bytes-encoded function selector and calldata for the call.
struct Action {
address to;
uint256 value;
bytes data;
}
/// @title IExecutor
/// @author Aragon X - 2024
/// @notice The interface required for Executors within the Aragon App DAO framework.
/// @custom:security-contact sirt@aragon.org
interface IExecutor {
/// @notice Emitted when a proposal is executed.
/// @dev The value of `callId` is defined by the component/contract calling the execute function.
/// A `Plugin` implementation can use it, for example, as a nonce.
/// @param actor The address of the caller.
/// @param callId The ID of the call.
/// @param actions The array of actions executed.
/// @param allowFailureMap The allow failure map encoding which actions are allowed to fail.
/// @param failureMap The failure map encoding which actions have failed.
/// @param execResults The array with the results of the executed actions.
event Executed(
address indexed actor,
bytes32 callId,
Action[] actions,
uint256 allowFailureMap,
uint256 failureMap,
bytes[] execResults
);
/// @notice Executes a list of actions. If a zero allow-failure map is provided, a failing action reverts the entire execution. If a non-zero allow-failure map is provided, allowed actions can fail without the entire call being reverted.
/// @param _callId The ID of the call. The definition of the value of `callId` is up to the calling contract and can be used, e.g., as a nonce.
/// @param _actions The array of actions.
/// @param _allowFailureMap A bitmap allowing execution to succeed, even if individual actions might revert. If the bit at index `i` is 1, the execution succeeds even if the `i`th action reverts. A failure map value of 0 requires every action to not revert.
/// @return The array of results obtained from the executed actions in `bytes`.
/// @return The resulting failure map containing the actions have actually failed.
function execute(
bytes32 _callId,
Action[] memory _actions,
uint256 _allowFailureMap
) external returns (bytes[] memory, uint256);
}
"
},
"lib/osx-commons/contracts/src/plugin/IPlugin.sol": {
"content": "// SPDX-License-Identifier: AGPL-3.0-or-later
pragma solidity ^0.8.8;
/// @title IPlugin
/// @author Aragon X - 2022-2024
/// @notice An interface defining the traits of a plugin.
/// @custom:security-contact sirt@aragon.org
interface IPlugin {
/// @notice Types of plugin implementations available within OSx.
enum PluginType {
UUPS,
Cloneable,
Constructable
}
/// @notice Specifies the type of operation to perform.
enum Operation {
Call,
DelegateCall
}
/// @notice Configuration for the target contract that the plugin will interact with, including the address and operation type.
/// @dev By default, the plugin typically targets the associated DAO and performs a `Call` operation. However, this
/// configuration allows the plugin to specify a custom executor and select either `Call` or `DelegateCall` based on
/// the desired execution context.
/// @param target The address of the target contract, typically the associated DAO but configurable to a custom executor.
/// @param operation The type of operation (`Call` or `DelegateCall`) to execute on the target, as defined by `Operation`.
struct TargetConfig {
address target;
Operation operation;
}
/// @notice Returns the plugin's type
function pluginType() external view returns (PluginType);
}
"
},
"lib/openzeppelin-contracts/contracts/token/ERC20/IERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 amount) external returns (bool);
}
"
},
"lib/osx-commons/contracts/src/plugin/extensions/proposal/IProposal.sol": {
"content": "// SPDX-License-Identifier: AGPL-3.0-or-later
pragma solidity ^0.8.8;
import {Action} from "../../../executors/IExecutor.sol";
/// @title IProposal
/// @author Aragon X - 2022-2024
/// @notice An interface to be implemented by DAO plugins that create and execute proposals.
/// @custom:security-contact sirt@aragon.org
interface IProposal {
/// @notice Emitted when a proposal is created.
/// @param proposalId The ID of the proposal.
/// @param creator The creator of the proposal.
/// @param startDate The start date of the proposal in seconds.
/// @param endDate The end date of the proposal in seconds.
/// @param metadata The metadata of the proposal.
/// @param actions The actions that will be executed if the proposal passes.
/// @param allowFailureMap A bitmap allowing the proposal to succeed, even if individual actions might revert.
/// If the bit at index `i` is 1, the proposal succeeds even if the `i`th action reverts.
/// A failure map value of 0 requires every action to not revert.
event ProposalCreated(
uint256 indexed proposalId,
address indexed creator,
uint64 startDate,
uint64 endDate,
bytes metadata,
Action[] actions,
uint256 allowFailureMap
);
/// @notice Emitted when a proposal is executed.
/// @param proposalId The ID of the proposal.
event ProposalExecuted(uint256 indexed proposalId);
/// @notice Creates a new proposal.
/// @param _metadata The metadata of the proposal.
/// @param _actions The actions that will be executed after the proposal passes.
/// @param _startDate The start date of the proposal.
/// @param _endDate The end date of the proposal.
/// @param _data The additional abi-encoded data to include more necessary fields.
/// @return proposalId The id of the proposal.
function createProposal(
bytes memory _metadata,
Action[] memory _actions,
uint64 _startDate,
uint64 _endDate,
bytes memory _data
) external returns (uint256 proposalId);
/// @notice Whether proposal succeeded or not.
/// @dev Note that this must not include time window checks and only make a decision based on the thresholds.
/// @param _proposalId The id of the proposal.
/// @return Returns if proposal has been succeeded or not without including time window checks.
function hasSucceeded(uint256 _proposalId) external view returns (bool);
/// @notice Executes a proposal.
/// @param _proposalId The ID of the proposal to be executed.
function execute(uint256 _proposalId) external;
/// @notice Checks if a proposal can be executed.
/// @param _proposalId The ID of the proposal to be checked.
/// @return True if the proposal can be executed, false otherwise.
function canExecute(uint256 _proposalId) external view returns (bool);
/// @notice The human-readable abi format for extra params included in `data` of `createProposal`.
/// @dev Used for UI to easily detect what extra params the contract expects.
/// @return ABI of params in `data` of `createProposal`.
function customProposalParamsABI() external view returns (string memory);
/// @notice Returns the proposal count which determines the next proposal ID.
/// @dev This function is deprecated but remains in the interface for backward compatibility.
/// It now reverts to prevent ambiguity.
/// @return The proposal count.
function proposalCount() external view returns (uint256);
}
"
},
"lib/openzeppelin-contracts-upgradeable/contracts/utils/math/SafeCastUpgradeable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/SafeCast.sol)
// This file was procedurally generated from scripts/generate/templates/SafeCast.js.
pragma solidity ^0.8.0;
/**
* @dev Wrappers over Solidity's uintXX/intXX casting operators with added overflow
* checks.
*
* Downcasting from uint256/int256 in Solidity does not revert on overflow. This can
* easily result in undesired exploitation or bugs, since developers usually
* assume that overflows raise errors. `SafeCast` restores this intuition by
* reverting the transaction when such an operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*
* Can be combined with {SafeMath} and {SignedSafeMath} to extend it to smaller types, by performing
* all math on `uint256` and `int256` and then downcasting.
*/
library SafeCastUpgradeable {
/**
* @dev Returns the downcasted uint248 from uint256, reverting on
* overflow (when the input is greater than largest uint248).
*
* Counterpart to Solidity's `uint248` operator.
*
* Requirements:
*
* - input must fit into 248 bits
*
* _Available since v4.7._
*/
function toUint248(uint256 value) internal pure returns (uint248) {
require(value <= type(uint248).max, "SafeCast: value doesn't fit in 248 bits");
return uint248(value);
}
/**
* @dev Returns the downcasted uint240 from uint256, reverting on
* overflow (when the input is greater than largest uint240).
*
* Counterpart to Solidity's `uint240` operator.
*
* Requirements:
*
* - input must fit into 240 bits
*
* _Available since v4.7._
*/
function toUint240(uint256 value) internal pure returns (uint240) {
require(value <= type(uint240).max, "SafeCast: value doesn't fit in 240 bits");
return uint240(value);
}
/**
* @dev Returns the downcasted uint232 from uint256, reverting on
* overflow (when the input is greater than largest uint232).
*
* Counterpart to Solidity's `uint232` operator.
*
* Requirements:
*
* - input must fit into 232 bits
*
* _Available since v4.7._
*/
function toUint232(uint256 value) internal pure returns (uint232) {
require(value <= type(uint232).max, "SafeCast: value doesn't fit in 232 bits");
return uint232(value);
}
/**
* @dev Returns the downcasted uint224 from uint256, reverting on
* overflow (when the input is greater than largest uint224).
*
* Counterpart to Solidity's `uint224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*
* _Available since v4.2._
*/
function toUint224(uint256 value) internal pure returns (uint224) {
require(value <= type(uint224).max, "SafeCast: value doesn't fit in 224 bits");
return uint224(value);
}
/**
* @dev Returns the downcasted uint216 from uint256, reverting on
* overflow (when the input is greater than largest uint216).
*
* Counterpart to Solidity's `uint216` operator.
*
* Requirements:
*
* - input must fit into 216 bits
*
* _Available since v4.7._
*/
function toUint216(uint256 value) internal pure returns (uint216) {
require(value <= type(uint216).max, "SafeCast: value doesn't fit in 216 bits");
return uint216(value);
}
/**
* @dev Returns the downcasted uint208 from uint256, reverting on
* overflow (when the input is greater than largest uint208).
*
* Counterpart to Solidity's `uint208` operator.
*
* Requirements:
*
* - input must fit into 208 bits
*
* _Available since v4.7._
*/
function toUint208(uint256 value) internal pure returns (uint208) {
require(value <= type(uint208).max, "SafeCast: value doesn't fit in 208 bits");
return uint208(value);
}
/**
* @dev Returns the downcasted uint200 from uint256, reverting on
* overflow (when the input is greater than largest uint200).
*
* Counterpart to Solidity's `uint200` operator.
*
* Requirements:
*
* - input must fit into 200 bits
*
* _Available since v4.7._
*/
function toUint200(uint256 value) internal pure returns (uint200) {
require(value <= type(uint200).max, "SafeCast: value doesn't fit in 200 bits");
return uint200(value);
}
/**
* @dev Returns the downcasted uint192 from uint256, reverting on
* overflow (when the input is greater than largest uint192).
*
* Counterpart to Solidity's `uint192` operator.
*
* Requirements:
*
* - input must fit into 192 bits
*
* _Available since v4.7._
*/
function toUint192(uint256 value) internal pure returns (uint192) {
require(value <= type(uint192).max, "SafeCast: value doesn't fit in 192 bits");
return uint192(value);
}
/**
* @dev Returns the downcasted uint184 from uint256, reverting on
* overflow (when the input is greater than largest uint184).
*
* Counterpart to Solidity's `uint184` operator.
*
* Requirements:
*
* - input must fit into 184 bits
*
* _Available since v4.7._
*/
function toUint184(uint256 value) internal pure returns (uint184) {
require(value <= type(uint184).max, "SafeCast: value doesn't fit in 184 bits");
return uint184(value);
}
/**
* @dev Returns the downcasted uint176 from uint256, reverting on
* overflow (when the input is greater than largest uint176).
*
* Counterpart to Solidity's `uint176` operator.
*
* Requirements:
*
* - input must fit into 176 bits
*
* _Available since v4.7._
*/
function toUint176(uint256 value) internal pure returns (uint176) {
require(value <= type(uint176).max, "SafeCast: value doesn't fit in 176 bits");
return uint176(value);
}
/**
* @dev Returns the downcasted uint168 from uint256, reverting on
* overflow (when the input is greater than largest uint168).
*
* Counterpart to Solidity's `uint168` operator.
*
* Requirements:
*
* - input must fit into 168 bits
*
* _Available since v4.7._
*/
function toUint168(uint256 value) internal pure returns (uint168) {
require(value <= type(uint168).max, "SafeCast: value doesn't fit in 168 bits");
return uint168(value);
}
/**
* @dev Returns the downcasted uint160 from uint256, reverting on
* overflow (when the input is greater than largest uint160).
*
* Counterpart to Solidity's `uint160` operator.
*
* Requirements:
*
* - input must fit into 160 bits
*
* _Available since v4.7._
*/
function toUint160(uint256 value) internal pure returns (uint160) {
require(value <= type(uint160).max, "SafeCast: value doesn't fit in 160 bits");
return uint160(value);
}
/**
* @dev Returns the downcasted uint152 from uint256, reverting on
* overflow (when the input is greater than largest uint152).
*
* Counterpart to Solidity's `uint152` operator.
*
* Requirements:
*
* - input must fit into 152 bits
*
* _Available since v4.7._
*/
function toUint152(uint256 value) internal pure returns (uint152) {
require(value <= type(uint152).max, "SafeCast: value doesn't fit in 152 bits");
return uint152(value);
}
/**
* @dev Returns the downcasted uint144 from uint256, reverting on
* overflow (when the input is greater than largest uint144).
*
* Counterpart to Solidity's `uint144` operator.
*
* Requirements:
*
* - input must fit into 144 bits
*
* _Available since v4.7._
*/
function toUint144(uint256 value) internal pure returns (uint144) {
require(value <= type(uint144).max, "SafeCast: value doesn't fit in 144 bits");
return uint144(value);
}
/**
* @dev Returns the downcasted uint136 from uint256, reverting on
* overflow (when the input is greater than largest uint136).
*
* Counterpart to Solidity's `uint136` operator.
*
* Requirements:
*
* - input must fit into 136 bits
*
* _Available since v4.7._
*/
function toUint136(uint256 value) internal pure returns (uint136) {
require(value <= type(uint136).max, "SafeCast: value doesn't fit in 136 bits");
return uint136(value);
}
/**
* @dev Returns the downcasted uint128 from uint256, reverting on
* overflow (when the input is greater than largest uint128).
*
* Counterpart to Solidity's `uint128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*
* _Available since v2.5._
*/
function toUint128(uint256 value) internal pure returns (uint128) {
require(value <= type(uint128).max, "SafeCast: value doesn't fit in 128 bits");
return uint128(value);
}
/**
* @dev Returns the downcasted uint120 from uint256, reverting on
* overflow (when the input is greater than largest uint120).
*
* Counterpart to Solidity's `uint120` operator.
*
* Requirements:
*
* - input must fit into 120 bits
*
* _Available since v4.7._
*/
function toUint120(uint256 value) internal pure returns (uint120) {
require(value <= type(uint120).max, "SafeCast: value doesn't fit in 120 bits");
return uint120(value);
}
/**
* @dev Returns the downcasted uint112 from uint256, reverting on
* overflow (when the input is greater than largest uint112).
*
* Counterpart to Solidity's `uint112` operator.
*
* Requirements:
*
* - input must fit into 112 bits
*
* _Available since v4.7._
*/
function toUint112(uint256 value) internal pure returns (uint112) {
require(value <= type(uint112).max, "SafeCast: value doesn't fit in 112 bits");
return uint112(value);
}
/**
* @dev Returns the downcasted uint104 from uint256, reverting on
* overflow (when the input is greater than largest uint104).
*
* Counterpart to Solidity's `uint104` operator.
*
* Requirements:
*
* - input must fit into 104 bits
*
* _Available since v4.7._
*/
function toUint104(uint256 value) internal pure returns (uint104) {
require(value <= type(uint104).max, "SafeCast: value doesn't fit in 104 bits");
return uint104(value);
}
/**
* @dev Returns the downcasted uint96 from uint256, reverting on
* overflow (when the input is greater than largest uint96).
*
* Counterpart to Solidity's `uint96` operator.
*
* Requirements:
*
* - input must fit into 96 bits
*
* _Available since v4.2._
*/
function toUint96(uint256 value) internal pure returns (uint96) {
require(value <= type(uint96).max, "SafeCast: value doesn't fit in 96 bits");
return uint96(value);
}
/**
* @dev Returns the downcasted uint88 from uint256, reverting on
* overflow (when the input is greater than largest uint88).
*
* Counterpart to Solidity's `uint88` operator.
*
* Requirements:
*
* - input must fit into 88 bits
*
* _Available since v4.7._
*/
function toUint88(uint256 value) internal pure returns (uint88) {
require(value <= type(uint88).max, "SafeCast: value doesn't fit in 88 bits");
return uint88(value);
}
/**
* @dev Returns the downcasted uint80 from uint256, reverting on
* overflow (when the input is greater than largest uint80).
*
* Counterpart to Solidity's `uint80` operator.
*
* Requirements:
*
* - input must fit into 80 bits
*
* _Available since v4.7._
*/
function toUint80(uint256 value) internal pure returns (uint80) {
require(value <= type(uint80).max, "SafeCast: value doesn't fit in 80 bits");
return uint80(value);
}
/**
* @dev Returns the downcasted uint72 from uint256, reverting on
* overflow (when the input is greater than largest uint72).
*
* Counterpart to Solidity's `uint72` operator.
*
* Requirements:
*
* - input must fit into 72 bits
*
* _Available since v4.7._
*/
function toUint72(uint256 value) internal pure returns (uint72) {
require(value <= type(uint72).max, "SafeCast: value doesn't fit in 72 bits");
return uint72(value);
}
/**
* @dev Returns the downcasted uint64 from uint256, reverting on
* overflow (when the input is greater than largest uint64).
*
* Counterpart to Solidity's `uint64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*
* _Available since v2.5._
*/
function toUint64(uint256 value) internal pure returns (uint64) {
require(value <= type(uint64).max, "SafeCast: value doesn't fit in 64 bits");
return uint64(value);
}
/**
* @dev Returns the downcasted uint56 from uint256, reverting on
* overflow (when the input is greater than largest uint56).
*
* Counterpart to Solidity's `uint56` operator.
*
* Requirements:
*
* - input must fit into 56 bits
*
* _Available since v4.7._
*/
function toUint56(uint256 value) internal pure returns (uint56) {
require(value <= type(uint56).max, "SafeCast: value doesn't fit in 56 bits");
return uint56(value);
}
/**
* @dev Returns the downcasted uint48 from uint256, reverting on
* overflow (when the input is greater than largest uint48).
*
* Counterpart to Solidity's `uint48` operator.
*
* Requirements:
*
* - input must fit into 48 bits
*
* _Available since v4.7._
*/
function toUint48(uint256 value) internal pure returns (uint48) {
require(value <= type(uint48).max, "SafeCast: value doesn't fit in 48 bits");
return uint48(value);
}
/**
* @dev Returns the downcasted uint40 from uint256, reverting on
* overflow (when the input is greater than largest uint40).
*
* Counterpart to Solidity's `uint40` operator.
*
* Requirements:
*
* - input must fit into 40 bits
*
* _Available since v4.7._
*/
function toUint40(uint256 value) internal pure returns (uint40) {
require(value <= type(uint40).max, "SafeCast: value doesn't fit in 40 bits");
return uint40(value);
}
/**
* @dev Returns the downcasted uint32 from uint256, reverting on
* overflow (when the input is greater than largest uint32).
*
* Counterpart to Solidity's `uint32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*
* _Available since v2.5._
*/
function toUint32(uint256 value) internal pure returns (uint32) {
require(value <= type(uint32).max, "SafeCast: value doesn't fit in 32 bits");
return uint32(value);
}
/**
* @dev Returns the downcasted uint24 from uint256, reverting on
* overflow (when the input is greater than largest uint24).
*
* Counterpart to Solidity's `uint24` operator.
*
* Requirements:
*
* - input must fit into 24 bits
*
* _Available since v4.7._
*/
function toUint24(uint256 value) internal pure returns (uint24) {
require(value <= type(uint24).max, "SafeCast: value doesn't fit in 24 bits");
return uint24(value);
}
/**
* @dev Returns the downcasted uint16 from uint256, reverting on
* overflow (when the input is greater than largest uint16).
*
* Counterpart to Solidity's `uint16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*
* _Available since v2.5._
*/
function toUint16(uint256 value) internal pure returns (uint16) {
require(value <= type(uint16).max, "SafeCast: value doesn't fit in 16 bits");
return uint16(value);
}
/**
* @dev Returns the downcasted uint8 from uint256, reverting on
* overflow (when the input is greater than largest uint8).
*
* Counterpart to Solidity's `uint8` operator.
*
* Requirements:
*
* - input must fit into 8 bits
*
* _Available since v2.5._
*/
function toUint8(uint256 value) internal pure returns (uint8) {
require(value <= type(uint8).max, "SafeCast: value doesn't fit in 8 bits");
return uint8(value);
}
/**
* @dev Converts a signed int256 into an unsigned uint256.
*
* Requirements:
*
* - input must be greater than or equal to 0.
*
* _Available since v3.0._
*/
function toUint256(int256 value) internal pure returns (uint256) {
require(value >= 0, "SafeCast: value must be positive");
return uint256(value);
}
/**
* @dev Returns the downcasted int248 from int256, reverting on
* overflow (when the input is less than smallest int248 or
* greater than largest int248).
*
* Counterpart to Solidity's `int248` operator.
*
* Requirements:
*
* - input must fit into 248 bits
*
* _Available since v4.7._
*/
function toInt248(int256 value) internal pure returns (int248 downcasted) {
downcasted = int248(value);
require(downcasted == value, "SafeCast: value doesn't fit in 248 bits");
}
/**
* @dev Returns the downcasted int240 from int256, reverting on
* overflow (when the input is less than smallest int240 or
* greater than largest int240).
*
* Counterpart to Solidity's `int240` operator.
*
* Requirements:
*
* - input must fit into 240 bits
*
* _Available since v4.7._
*/
function toInt240(int256 value) internal pure returns (int240 downcasted) {
downcasted = int240(value);
require(downcasted == value, "SafeCast: value doesn't fit in 240 bits");
}
/**
* @dev Returns the downcasted int232 from int256, reverting on
* overflow (when the input is less than smallest int232 or
* greater than largest int232).
*
* Counterpart to Solidity's `int232` operator.
*
* Requirements:
*
* - input must fit into 232 bits
*
* _Available since v4.7._
*/
function toInt232(int256 value) internal pure returns (int232 downcasted) {
downcasted = int232(value);
require(downcasted == value, "SafeCast: value doesn't fit in 232 bits");
}
/**
* @dev Returns the downcasted int224 from int256, reverting on
* overflow (when the input is less than smallest int224 or
* greater than largest int224).
*
* Counterpart to Solidity's `int224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*
* _Available since v4.7._
*/
function toInt224(int256 value) internal pure returns (int224 downcasted) {
downcasted = int224(value);
require(downcasted == value, "SafeCast: value doesn't fit in 224 bits");
}
/**
* @dev Returns the downcasted int216 from int256, reverting on
* overflow (when the input is less than smallest int216 or
* greater than largest int216).
*
* Counterpart to Solidity's `int216` operator.
*
* Requirements:
*
* - input must fit into 216 bits
*
* _Available since v4.7._
*/
function toInt216(int256 value) internal pure returns (int216 downcasted) {
Submitted on: 2025-10-03 16:46:58
Comments
Log in to comment.
No comments yet.