Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.20;
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Storage of the initializable contract.
*
* It's implemented on a custom ERC-7201 namespace to reduce the risk of storage collisions
* when using with upgradeable contracts.
*
* @custom:storage-location erc7201:openzeppelin.storage.Initializable
*/
struct InitializableStorage {
/**
* @dev Indicates that the contract has been initialized.
*/
uint64 _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool _initializing;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Initializable")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant INITIALIZABLE_STORAGE = 0xf0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00;
/**
* @dev The contract is already initialized.
*/
error InvalidInitialization();
/**
* @dev The contract is not initializing.
*/
error NotInitializing();
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint64 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that in the context of a constructor an `initializer` may be invoked any
* number of times. This behavior in the constructor can be useful during testing and is not expected to be used in
* production.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
// Cache values to avoid duplicated sloads
bool isTopLevelCall = !$._initializing;
uint64 initialized = $._initialized;
// Allowed calls:
// - initialSetup: the contract is not in the initializing state and no previous version was
// initialized
// - construction: the contract is initialized at version 1 (no reininitialization) and the
// current contract is just being deployed
bool initialSetup = initialized == 0 && isTopLevelCall;
bool construction = initialized == 1 && address(this).code.length == 0;
if (!initialSetup && !construction) {
revert InvalidInitialization();
}
$._initialized = 1;
if (isTopLevelCall) {
$._initializing = true;
}
_;
if (isTopLevelCall) {
$._initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: Setting the version to 2**64 - 1 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint64 version) {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing || $._initialized >= version) {
revert InvalidInitialization();
}
$._initialized = version;
$._initializing = true;
_;
$._initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
_checkInitializing();
_;
}
/**
* @dev Reverts if the contract is not in an initializing state. See {onlyInitializing}.
*/
function _checkInitializing() internal view virtual {
if (!_isInitializing()) {
revert NotInitializing();
}
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing) {
revert InvalidInitialization();
}
if ($._initialized != type(uint64).max) {
$._initialized = type(uint64).max;
emit Initialized(type(uint64).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint64) {
return _getInitializableStorage()._initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _getInitializableStorage()._initializing;
}
/**
* @dev Returns a pointer to the storage namespace.
*/
// solhint-disable-next-line var-name-mixedcase
function _getInitializableStorage() private pure returns (InitializableStorage storage $) {
assembly {
$.slot := INITIALIZABLE_STORAGE
}
}
}
"
},
"@openzeppelin/contracts-upgradeable/utils/introspection/ERC165Upgradeable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/ERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
import {Initializable} from "../../proxy/utils/Initializable.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*/
abstract contract ERC165Upgradeable is Initializable, IERC165 {
function __ERC165_init() internal onlyInitializing {
}
function __ERC165_init_unchained() internal onlyInitializing {
}
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}
"
},
"@openzeppelin/contracts/interfaces/IERC4626.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC4626.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../token/ERC20/IERC20.sol";
import {IERC20Metadata} from "../token/ERC20/extensions/IERC20Metadata.sol";
/**
* @dev Interface of the ERC4626 "Tokenized Vault Standard", as defined in
* https://eips.ethereum.org/EIPS/eip-4626[ERC-4626].
*/
interface IERC4626 is IERC20, IERC20Metadata {
event Deposit(address indexed sender, address indexed owner, uint256 assets, uint256 shares);
event Withdraw(
address indexed sender,
address indexed receiver,
address indexed owner,
uint256 assets,
uint256 shares
);
/**
* @dev Returns the address of the underlying token used for the Vault for accounting, depositing, and withdrawing.
*
* - MUST be an ERC-20 token contract.
* - MUST NOT revert.
*/
function asset() external view returns (address assetTokenAddress);
/**
* @dev Returns the total amount of the underlying asset that is “managed” by Vault.
*
* - SHOULD include any compounding that occurs from yield.
* - MUST be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT revert.
*/
function totalAssets() external view returns (uint256 totalManagedAssets);
/**
* @dev Returns the amount of shares that the Vault would exchange for the amount of assets provided, in an ideal
* scenario where all the conditions are met.
*
* - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT show any variations depending on the caller.
* - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
* - MUST NOT revert.
*
* NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
* “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
* from.
*/
function convertToShares(uint256 assets) external view returns (uint256 shares);
/**
* @dev Returns the amount of assets that the Vault would exchange for the amount of shares provided, in an ideal
* scenario where all the conditions are met.
*
* - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT show any variations depending on the caller.
* - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
* - MUST NOT revert.
*
* NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
* “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
* from.
*/
function convertToAssets(uint256 shares) external view returns (uint256 assets);
/**
* @dev Returns the maximum amount of the underlying asset that can be deposited into the Vault for the receiver,
* through a deposit call.
*
* - MUST return a limited value if receiver is subject to some deposit limit.
* - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of assets that may be deposited.
* - MUST NOT revert.
*/
function maxDeposit(address receiver) external view returns (uint256 maxAssets);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their deposit at the current block, given
* current on-chain conditions.
*
* - MUST return as close to and no more than the exact amount of Vault shares that would be minted in a deposit
* call in the same transaction. I.e. deposit should return the same or more shares as previewDeposit if called
* in the same transaction.
* - MUST NOT account for deposit limits like those returned from maxDeposit and should always act as though the
* deposit would be accepted, regardless if the user has enough tokens approved, etc.
* - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToShares and previewDeposit SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by depositing.
*/
function previewDeposit(uint256 assets) external view returns (uint256 shares);
/**
* @dev Mints shares Vault shares to receiver by depositing exactly amount of underlying tokens.
*
* - MUST emit the Deposit event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* deposit execution, and are accounted for during deposit.
* - MUST revert if all of assets cannot be deposited (due to deposit limit being reached, slippage, the user not
* approving enough underlying tokens to the Vault contract, etc).
*
* NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
*/
function deposit(uint256 assets, address receiver) external returns (uint256 shares);
/**
* @dev Returns the maximum amount of the Vault shares that can be minted for the receiver, through a mint call.
* - MUST return a limited value if receiver is subject to some mint limit.
* - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of shares that may be minted.
* - MUST NOT revert.
*/
function maxMint(address receiver) external view returns (uint256 maxShares);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their mint at the current block, given
* current on-chain conditions.
*
* - MUST return as close to and no fewer than the exact amount of assets that would be deposited in a mint call
* in the same transaction. I.e. mint should return the same or fewer assets as previewMint if called in the
* same transaction.
* - MUST NOT account for mint limits like those returned from maxMint and should always act as though the mint
* would be accepted, regardless if the user has enough tokens approved, etc.
* - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToAssets and previewMint SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by minting.
*/
function previewMint(uint256 shares) external view returns (uint256 assets);
/**
* @dev Mints exactly shares Vault shares to receiver by depositing amount of underlying tokens.
*
* - MUST emit the Deposit event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the mint
* execution, and are accounted for during mint.
* - MUST revert if all of shares cannot be minted (due to deposit limit being reached, slippage, the user not
* approving enough underlying tokens to the Vault contract, etc).
*
* NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
*/
function mint(uint256 shares, address receiver) external returns (uint256 assets);
/**
* @dev Returns the maximum amount of the underlying asset that can be withdrawn from the owner balance in the
* Vault, through a withdraw call.
*
* - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
* - MUST NOT revert.
*/
function maxWithdraw(address owner) external view returns (uint256 maxAssets);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their withdrawal at the current block,
* given current on-chain conditions.
*
* - MUST return as close to and no fewer than the exact amount of Vault shares that would be burned in a withdraw
* call in the same transaction. I.e. withdraw should return the same or fewer shares as previewWithdraw if
* called
* in the same transaction.
* - MUST NOT account for withdrawal limits like those returned from maxWithdraw and should always act as though
* the withdrawal would be accepted, regardless if the user has enough shares, etc.
* - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToShares and previewWithdraw SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by depositing.
*/
function previewWithdraw(uint256 assets) external view returns (uint256 shares);
/**
* @dev Burns shares from owner and sends exactly assets of underlying tokens to receiver.
*
* - MUST emit the Withdraw event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* withdraw execution, and are accounted for during withdraw.
* - MUST revert if all of assets cannot be withdrawn (due to withdrawal limit being reached, slippage, the owner
* not having enough shares, etc).
*
* Note that some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
* Those methods should be performed separately.
*/
function withdraw(uint256 assets, address receiver, address owner) external returns (uint256 shares);
/**
* @dev Returns the maximum amount of Vault shares that can be redeemed from the owner balance in the Vault,
* through a redeem call.
*
* - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
* - MUST return balanceOf(owner) if owner is not subject to any withdrawal limit or timelock.
* - MUST NOT revert.
*/
function maxRedeem(address owner) external view returns (uint256 maxShares);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their redeemption at the current block,
* given current on-chain conditions.
*
* - MUST return as close to and no more than the exact amount of assets that would be withdrawn in a redeem call
* in the same transaction. I.e. redeem should return the same or more assets as previewRedeem if called in the
* same transaction.
* - MUST NOT account for redemption limits like those returned from maxRedeem and should always act as though the
* redemption would be accepted, regardless if the user has enough shares, etc.
* - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToAssets and previewRedeem SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by redeeming.
*/
function previewRedeem(uint256 shares) external view returns (uint256 assets);
/**
* @dev Burns exactly shares from owner and sends assets of underlying tokens to receiver.
*
* - MUST emit the Withdraw event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* redeem execution, and are accounted for during redeem.
* - MUST revert if all of shares cannot be redeemed (due to withdrawal limit being reached, slippage, the owner
* not having enough shares, etc).
*
* NOTE: some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
* Those methods should be performed separately.
*/
function redeem(uint256 shares, address receiver, address owner) external returns (uint256 assets);
}
"
},
"@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}
"
},
"@openzeppelin/contracts/token/ERC20/extensions/IERC20Permit.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/IERC20Permit.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*
* ==== Security Considerations
*
* There are two important considerations concerning the use of `permit`. The first is that a valid permit signature
* expresses an allowance, and it should not be assumed to convey additional meaning. In particular, it should not be
* considered as an intention to spend the allowance in any specific way. The second is that because permits have
* built-in replay protection and can be submitted by anyone, they can be frontrun. A protocol that uses permits should
* take this into consideration and allow a `permit` call to fail. Combining these two aspects, a pattern that may be
* generally recommended is:
*
* ```solidity
* function doThingWithPermit(..., uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s) public {
* try token.permit(msg.sender, address(this), value, deadline, v, r, s) {} catch {}
* doThing(..., value);
* }
*
* function doThing(..., uint256 value) public {
* token.safeTransferFrom(msg.sender, address(this), value);
* ...
* }
* ```
*
* Observe that: 1) `msg.sender` is used as the owner, leaving no ambiguity as to the signer intent, and 2) the use of
* `try/catch` allows the permit to fail and makes the code tolerant to frontrunning. (See also
* {SafeERC20-safeTransferFrom}).
*
* Additionally, note that smart contract wallets (such as Argent or Safe) are not able to produce permit signatures, so
* contracts should have entry points that don't rely on permit.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*
* CAUTION: See Security Considerations above.
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}
"
},
"@openzeppelin/contracts/token/ERC20/IERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}
"
},
"@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
import {IERC20Permit} from "../extensions/IERC20Permit.sol";
import {Address} from "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
/**
* @dev An operation with an ERC20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value));
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeCall(token.approve, (spender, 0)));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data);
if (returndata.length != 0 && !abi.decode(returndata, (bool))) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false
// and not revert is the subcall reverts.
(bool success, bytes memory returndata) = address(token).call(data);
return success && (returndata.length == 0 || abi.decode(returndata, (bool))) && address(token).code.length > 0;
}
}
"
},
"@openzeppelin/contracts/utils/Address.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/Address.sol)
pragma solidity ^0.8.20;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev The ETH balance of the account is not enough to perform the operation.
*/
error AddressInsufficientBalance(address account);
/**
* @dev There's no code at `target` (it is not a contract).
*/
error AddressEmptyCode(address target);
/**
* @dev A call to an address target failed. The target may have reverted.
*/
error FailedInnerCall();
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
if (address(this).balance < amount) {
revert AddressInsufficientBalance(address(this));
}
(bool success, ) = recipient.call{value: amount}("");
if (!success) {
revert FailedInnerCall();
}
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason or custom error, it is bubbled
* up by this function (like regular Solidity function calls). However, if
* the call reverted with no returned reason, this function reverts with a
* {FailedInnerCall} error.
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
if (address(this).balance < value) {
revert AddressInsufficientBalance(address(this));
}
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target
* was not a contract or bubbling up the revert reason (falling back to {FailedInnerCall}) in case of an
* unsuccessful call.
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata
) internal view returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
// only check if target is a contract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
if (returndata.length == 0 && target.code.length == 0) {
revert AddressEmptyCode(target);
}
return returndata;
}
}
/**
* @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the
* revert reason or with a default {FailedInnerCall} error.
*/
function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
return returndata;
}
}
/**
* @dev Reverts with returndata if present. Otherwise reverts with {FailedInnerCall}.
*/
function _revert(bytes memory returndata) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert FailedInnerCall();
}
}
}
"
},
"@openzeppelin/contracts/utils/introspection/IERC165.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/IERC165.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
"
},
"contracts/base/StateMachine.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.22;
import {LibBit} from "solady/src/utils/LibBit.sol";
type State is uint256;
using {and as &, neq as !=, eq as ==, or as |, includes, isInitialized, isValid} for State global;
function and(State self, State value) pure returns (State) {
return State.wrap(State.unwrap(self) & State.unwrap(value));
}
function neq(State self, State value) pure returns (bool) {
return State.unwrap(self) != State.unwrap(value);
}
function eq(State self, State value) pure returns (bool) {
return State.unwrap(self) == State.unwrap(value);
}
function or(State self, State value) pure returns (State) {
return State.wrap(State.unwrap(self) | State.unwrap(value));
}
function includes(State bitmap, State state) pure returns (bool) {
return State.unwrap(bitmap) & State.unwrap(state) != 0;
}
function isInitialized(State self) pure returns (bool answer_) {
return State.unwrap(self) != 0;
}
function isValid(State self) pure returns (bool) {
// most significant bit is reserved for the undefined state
uint256 mask = 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff;
return LibBit.isPo2(State.unwrap(self) & mask);
}
abstract contract StateMachine {
struct StateStorage {
State currentState;
mapping(bytes32 transitionId => function(bytes memory) external transition) transitions;
}
// Undefined state cannot be zero because it will break bitmap comparison math in `onlyState`
/* solhint-disable-next-line immutable-vars-naming */
State internal immutable STATE_UNDEFINED = _newStateFromIdUnchecked(STATE_UNDEFINED_ID);
uint8 private constant STATE_UNDEFINED_ID = type(uint8).max;
// keccak256("StateMachine storage slot V2");
bytes32 private constant STORAGE_SLOT_STATE_MACHINE =
0xde4001bbdfdfed078acd4ae5c1023679bf2e3e2982cfd37f7c839d62304fe30d;
event StateChanged(State from, State to);
error TransitionAlreadyExists(State from, State to);
error TransitionDoesNotExist(State from, State to);
error UnexpectedState(State expectedStatesBitmap, State currentState);
// If transition function exists on current contract
// then it must be called only from the current contract.
error HostedTransitionMustBeCalledFromSelf();
// A valid state must be in form of 2^n, where n ∈ {x | x ∈ uint8, x < STATE_UNDEFINED_ID}.
error InvalidState(State);
error IdIsReservedForUndefinedState(uint256);
modifier onlyState(State _expectedStatesBitmap) {
State state = _currentState(_stateStorage());
if (!_expectedStatesBitmap.includes(state))
revert UnexpectedState(_expectedStatesBitmap, state);
_;
}
modifier transition() {
if (msg.sender != address(this)) revert HostedTransitionMustBeCalledFromSelf();
_;
}
function createTransition(
State _from,
State _to,
function(bytes memory) external _transition
) internal {
bytes32 id = _getTransitionId(_from, _to);
if (_isTransitionExists(id)) revert TransitionAlreadyExists(_from, _to);
_stateStorage().transitions[id] = _transition;
}
function changeState(State _newState) internal {
changeState(_newState, "");
}
function changeState(State _newState, bytes memory _transitionArgs) internal {
if (!_newState.isValid()) revert InvalidState(_newState);
StateStorage storage $ = _stateStorage();
State state = _currentState($);
bytes32 id = _getTransitionId(state, _newState);
if (!_isTransitionExists(id)) revert TransitionDoesNotExist(state, _newState);
emit StateChanged(state, _newState);
$.currentState = _newState;
$.transitions[id](_transitionArgs);
}
function currentState() internal view returns (State currentState_) {
return _currentState(_stateStorage());
}
function newStateFromId(uint8 _stateId) internal pure returns (State) {
if (_stateId == STATE_UNDEFINED_ID) revert IdIsReservedForUndefinedState(_stateId);
return _newStateFromIdUnchecked(_stateId);
}
function _currentState(StateStorage storage $) private view returns (State state) {
state = $.currentState;
// We substitute 0 with STATE_UNDEFINED here in order to avoid storage
// initialization with default value to save gas
if (!state.isInitialized()) state = STATE_UNDEFINED;
}
function _isTransitionExists(bytes32 _transitionId) private view returns (bool exists_) {
mapping(bytes32 => function(bytes memory) external) storage map = _stateStorage()
.transitions;
assembly {
// we won't use this memory location after keccak so it's safe to use 0x00 and 0x20
mstore(0x00, _transitionId)
mstore(0x20, map.slot)
let position := keccak256(0x00, 64)
// callback = map[_transition]
let callback := sload(position)
// exists_ = callback != null
exists_ := iszero(iszero(callback))
}
}
function _getTransitionId(State _from, State _to) private view returns (bytes32) {
if (_from != STATE_UNDEFINED && !_from.isValid()) revert InvalidState(_from);
if (!_to.isValid()) revert InvalidState(_to);
return keccak256(abi.encodePacked(_from, _to));
}
function _newStateFromIdUnchecked(uint8 _stateId) private pure returns (State) {
return State.wrap(1 << _stateId);
}
function _stateStorage() private pure returns (StateStorage storage $) {
assembly {
$.slot := STORAGE_SLOT_STATE_MACHINE
}
}
}
"
},
"contracts/compiler/arkis/ArkisEvaluator.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.22;
import {IERC4626} from "@openzeppelin/contracts/interfaces/IERC4626.sol";
import {IAgreementStaking} from "contracts/interfaces/agreement/IAgreementStaking.sol";
import {IERC165Extended, UnsupportedInterface} from "contracts/interfaces/base/IERC165Extended.sol";
import {
IDecreasePositionEvaluator,
IExchangeEvaluator,
IIncreasePositionEvaluator
} from "contracts/interfaces/compiler/adapters/index.sol";
import {Asset, IDispatcher} from "contracts/interfaces/dispatcher/IDispatcher.sol";
import {IAccount} from "contracts/interfaces/marginAccount/IAccount.sol";
import {State} from "contracts/base/StateMachine.sol";
import {Address} from "contracts/libraries/Address.sol";
import {Command, IERC20} from "contracts/libraries/CommandLibrary.sol";
import {Path} from "../libraries/Path.sol";
contract ArkisEvaluator is
IDecreasePositionEvaluator,
IExchangeEvaluator,
IIncreasePositionEvaluator
{
using Address for address;
using Path for bytes;
address internal immutable dispatcher;
error AccountUnexpectedState(address account, State state);
error InvalidLeverageAddress(address expected, address actual);
error InvalidLeverageAmount(uint256 expected, uint256 actual);
constructor(address dispatcher_) {
if (!IERC165Extended(dispatcher_).supportsInterfaceExtended(type(IDispatcher).interfaceId))
revert UnsupportedInterface(dispatcher_);
dispatcher = dispatcher_;
}
/// @dev Borrow from agreement.
function evaluate(
address,
DecreasePositionRequest calldata request
) external view override returns (Command[] memory) {
address payable account = payable(request.descriptor.extraData.extractTokenIn());
address agreement = IAccount(account).agreement();
Command memory cmd = Command({
target: agreement,
value: 0,
payload: abi.encodeCall(IAgreementStaking.borrow, (account, uint192(request.liquidity)))
});
return cmd.asArray();
}
/// @dev Supply to margin account.
function evaluate(
address,
ExchangeRequest calldata request
) external view override returns (Command[] memory cmds_) {
address payable account = payable(request.recipient);
(State state, , , address leverage, uint256 amount) = IAccount(account).allocationInfo();
if (state != State.wrap(2)) revert AccountUnexpectedState(account, state); // expect STATE_REGISTERED
address tokenIn = request.path.extractTokenIn();
if (leverage != tokenIn) {
revert InvalidLeverageAddress(leverage, tokenIn);
}
if (amount != request.amountIn) {
revert InvalidLeverageAmount(amount, request.amountIn);
}
Command memory cmd = Command({
target: dispatcher,
value: 0,
payload: abi.encodeCall(IDispatcher.supplyAccount, (account, Asset(leverage, amount)))
});
return cmd.populateWithApprove(leverage, amount);
}
/// @dev Return to the agreement.
function evaluate(
address,
IncreasePositionRequest calldata request
) external view override returns (Command[] memory) {
address payable account = payable(request.descriptor.extraData.extractTokenIn());
address agreement = IAccount(account).agreement();
address token;
try IERC4626(agreement).asset() returns (address _token) {
token = _token;
} catch {
token = IAgreementStaking(agreement).leverage();
}
uint256 balance = IERC20(token).balanceOf(msg.sender);
bool isLiquidation = request.descriptor.poolId == 0;
Command memory cmd = Command({
target: agreement,
value: 0,
payload: abi.encodeCall(IAgreementStaking.repay, (account, balance, isLiquidation))
});
return cmd.populateWithApprove(token, balance);
}
}
"
},
"contracts/compiler/libraries/Path.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.22;
library Path {
using Path for bytes;
uint256 internal constant ADDRESS_LEN = 20;
uint256 internal constant POOL_ID_LEN = 4;
uint256 internal constant NEXT_OFFSET = ADDRESS_LEN + POOL_ID_LEN;
error InvalidPathLength(uint256);
function extractTokenIn(bytes calldata _path) internal pure returns (address tokenIn_) {
_path.ensureValid();
tokenIn_ = _path.extractTokenInUnsafe();
}
function extractTokenInUnsafe(bytes calldata _path) internal pure returns (address tokenIn_) {
tokenIn_ = address(bytes20(_path[0:ADDRESS_LEN]));
}
function extractTokenOut(bytes calldata _path) internal pure returns (address tokenOut_) {
_path.ensureValid();
tokenOut_ = _path.extractTokenOutUnsafe();
}
function extractTokenOutUnsafe(bytes calldata _path) internal pure returns (address tokenOut_) {
uint256 len = _path.length;
tokenOut_ = address(bytes20(_path[len - ADDRESS_LEN:len]));
}
/* solhint-disable var-name-mixedcase */
function extractPool(
bytes calldata _path,
uint256 _poolNumber
) internal pure returns (address tokenIn__, address tokenOut_, uint32 poolId_____) {
/* solhint-enable var-name-mixedcase */
_path.ensureValid();
uint256 ptr = _poolNumber * NEXT_OFFSET;
tokenIn__ = address(bytes20(_path[ptr:(ptr = ptr + ADDRESS_LEN)]));
poolId_____ = uint32(bytes4(_path[ptr:(ptr = ptr + POOL_ID_LEN)]));
tokenOut_ = address(bytes20(_path[ptr:(ptr = ptr + ADDRESS_LEN)]));
}
function getNumberOfPools(bytes calldata _path) internal pure returns (uint256) {
_path.ensureValid();
return (_path.length - ADDRESS_LEN) / NEXT_OFFSET;
}
function ensureValid(bytes calldata _path) internal pure {
if (!isValid(_path)) revert InvalidPathLength(_path.length);
}
function isValid(bytes calldata _path) private pure returns (bool) {
if (_path.length < ADDRESS_LEN) return false;
return (_path.length - ADDRESS_LEN) % NEXT_OFFSET == 0;
}
}
"
},
"contracts/dispatcher/libraries/EnvelopeRunner.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.22;
import {IJitCompiler, Script} from "contracts/interfaces/compiler/IJitCompiler.sol";
import {CrossChainActionIsForbidden, Envelope} from "contracts/interfaces/dispatcher/Envelope.sol";
import {Command, CommandExecutor} from "contracts/libraries/CommandLibrary.sol";
library EnvelopeRunner {
using CommandExecutor for Command[];
/**
* @dev This error should never happen, it is needed
* for preventing underestimation on "eth_estimateGas".
*/
error OutOfGas();
function run(
Envelope[] calldata self,
address jitCompiler,
bytes32 chainNameHash
) internal returns (uint256 numberOfFailures) {
for (uint256 i; i < self.length; i++) {
numberOfFailures += self[i].run(jitCompiler, chainNameHash) ? 0 : 1;
}
}
function run(
Envelope calldata self,
address jitCompiler,
bytes32 chainNameHash
) internal returns (bool success) {
IJitCompiler compiler = IJitCompiler(jitCompiler);
if (!self.isChainEq(chainNameHash)) {
revert CrossChainActionIsForbidden();
}
for (uint256 i; i < self.content.length; i++) {
if (!run(compiler, self.content[i])) return success = false;
}
return success = true;
}
function isChainEq(Envelope calldata self, bytes32 chainNameHash) internal pure returns (bool) {
return keccak256(bytes(self.route.destination)) == chainNameHash;
}
function run(IJitCompiler compiler, Script calldata script) private returns (bool success) {
Command[] memory cmds = compiler.compile(script);
if (script.canFail) {
uint256 gasBefore = gasleft();
/* solhint-disable-next-line no-empty-blocks */
try cmds.execute() {} catch {
// NOTE: Since we allow silent fail here, this revert is
// required to prevent the underestimation of gas in the
// context of EIP-150. The "all but one 64th" rule, along
// with the way most clients estimate gas, may produce an
// out-of-gas error at the callee contract but success at
// the caller contract. For example, if we have a single
// instruction to execute, and after executing this
// instruction, the remaining work will consume 5000 gas,
// the instruction will only receive at most 5000*63 gas.
// Therefore, if the actual requirements are higher, it
// will fail at the random opcode. The remaining work
// will be finished (since we still have at least 5000*1
// gas), and overall transaction success will be achieved,
// making the gas estimator happy.
//
// The proportion for comparing the gasleft (to check that
// the call has not consumed all the gas passed) is in practice
// 1 to 16-32, but we take twice as much just in case.
if (gasleft() < gasBefore / 8) revert OutOfGas();
return false;
}
} else {
cmds.execute();
}
return true;
}
}
"
},
"contracts/dispatcher/libraries/PackageRunner.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.22;
import {Package} from "contracts/interfaces/dispatcher/Package.sol";
import {Command, SafeCall} from "contracts/libraries/SafeCall.sol";
import {CrossChainActionIsForbidden, Envelope, EnvelopeRunner} from "./EnvelopeRunner.sol";
library PackageRunner {
using SafeCall for Command[];
using EnvelopeRunner for Envelope[];
function run(
Package calldata self,
address compiler,
bytes32 chainNameHash
) internal returns (uint256 numberOfFailures) {
if (self.action.isChainEq(chainNameHash)) {
bool actionSuccess = self.action.run(compiler, chainNameHash);
if (actionSuccess) {
numberOfFailures += self.onComplete.run(compiler, chainNameHash);
} else {
numberOfFailures++;
}
} else {
revert CrossChainActionIsForbidden();
}
}
}
"
},
"contracts/interfaces/agreement/IAgreementStaking.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.22;
/* solhint-disable-next-line no-unused-import */
import {IERC20, SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
/**
* @title IAgreementStaking
* @notice Interface for staking operations within an agreement, including deposit, withdrawal, and rewards management.
*/
interface IAgreementStaking {
struct User {
uint128 balance;
uint128 rewards;
uint256 tps;
}
struct Debt {
uint192 borrowed;
uint64 timestamp;
}
struct StorageStaking {
IERC20 token;
uint64 lastCheckpoint;
uint32 apy;
uint256 tps;
uint256 utilization;
uint256 totalDeposited;
uint256 totalDepositThreshold;
mapping(address => User) users;
mapping(address => Debt) debts;
bool closed;
}
/**
* @notice Emitted when APY is updated
* @param oldApy Previous APY value
* @param newApy New APY value
*/
event ApyChanged(uint32 oldApy, uint32 newApy);
/**
* @notice Emitted when a liquidation occurs but funds are insufficient to fully cover the amount required.
* @param shortfall The amount that is short to cover the liquidation.
*/
event BadLiquidation(uint256 shortfall);
/**
* @notice Emitted when tokens are borrowed from the agreement.
* @param amount The amount of tokens borrowed.
* @dev Emitted by the [`borrow()`](#borrow) function.
*/
event Borrowed(uint256 amount);
/**
* @notice Emitted when rewards are claimed.
* @param recipient The address of the recipient claiming rewards.
* @param amount The amount of rewards claimed.
* @dev Emitted by the [`claim()`](#claim) function.
*/
event Claimed(address indexed recipient, uint256 amount);
/* @notice Emitted when an agreement is closed.
* @param agreement The address of the agreement that has been closed.
*/
event Closed(address agreement);
/**
* @notice Emitted when tokens are deposited into the staking contract.
* @param depositor The address of the depositor.
* @param amount The amount of tokens deposited.
* @dev Emitted by the [`deposit()`](#deposit) function.
*/
event Deposited(address indexed depositor, uint256 amount);
/**
* @notice Emitted when tokens are repaid to the agreement.
* @param amount The amount of tokens repaid.
* @dev Emitted by the [`repay()`](#repay) function.
*/
event Repaid(uint256 amount);
/**
* @notice Emitted when tokens are withdrawn from the staking contract.
* @param recipient The address of the recipient.
* @param amount The amount of tokens withdrawn.
* @dev Emitted by the [`withdraw()`](#withdraw) function.
*/
event Withdrawn(address indexed recipient, uint256 amount);
/**
* @notice Thrown when there are active loans on setApy().
* */
error ActiveLoans();
/**
* @notice Thrown when an operation is attempted on a closed staking contract.
* @dev This error is thrown when [`deposit()`](#deposit), [`borrow()`](#borrow) functions are called after the staking contract has been closed.
*/
error AgreementClosed();
/**
* @notice Thrown when attempting to close the agreement while there is outstanding debt.
* @dev This error is thrown by the [`_close()`](#_close)
*/
error AgreementHasActiveDebt();
/**
* @notice Thrown when the provided repayment amount is insufficient to cover
* the borrower's debt and when it is not a liquidation.
* @param required The total amount required to fully repay the debt, including any accrued interest.
* @param provided The amount of tokens provided for repayment, which was insufficient.
*/
error InsufficientRepayment(uint25Submitted on: 2025-10-14 12:21:08
Comments
Log in to comment.
No comments yet.