Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"src/modules/MigrationManager.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.27;
/*
______ __ __
/ \ / | / |
/$$$$$$ |$$ | ______ ______ $$ |____
$$ |__$$ |$$ | / \ / \ $$ \
$$ $$ |$$ |/$$$$$$ |/$$$$$$ |$$$$$$$ |
$$$$$$$$ |$$ |$$ $$ |$$ | $$ |$$ | $$ |
$$ | $$ |$$ |$$$$$$$$/ $$ |__$$ |$$ | $$ |
$$ | $$ |$$ |$$ |$$ $$/ $$ | $$ |
$$/ $$/ $$/ $$$$$$$/ $$$$$$$/ $$/ $$/
$$ |
$$ |
$$/
*/
import {AccessControlUpgradeable} from
"openzeppelin-contracts-upgradeable/contracts/access/AccessControlUpgradeable.sol";
import {IMigrationManager} from "@aleph-vault/interfaces/IMigrationManager.sol";
import {PausableFlows} from "@aleph-vault/libraries/PausableFlows.sol";
import {RolesLibrary} from "@aleph-vault/libraries/RolesLibrary.sol";
import {AlephVaultBase} from "@aleph-vault/AlephVaultBase.sol";
import {AlephVaultStorageData} from "@aleph-vault/AlephVaultStorage.sol";
/**
* @author Othentic Labs LTD.
* @notice Terms of Service: https://www.othentic.xyz/terms-of-service
*/
contract MigrationManager is IMigrationManager, AlephVaultBase, AccessControlUpgradeable {
/*//////////////////////////////////////////////////////////////
CONSTRUCTOR
//////////////////////////////////////////////////////////////*/
/**
* @notice Constructor for MigrationManager module
* @param _batchDuration The duration of each batch cycle in seconds
*/
constructor(uint48 _batchDuration) AlephVaultBase(_batchDuration) {}
/*//////////////////////////////////////////////////////////////
MIGRATION FUNCTIONS
//////////////////////////////////////////////////////////////*/
/// @inheritdoc IMigrationManager
function migrateOperationsMultisig(address _newOperationsMultisig) external {
if (_newOperationsMultisig == address(0)) {
revert InvalidOperationsMultisigAddress();
}
AlephVaultStorageData storage _sd = _getStorage();
address _operationsMultisig = _sd.operationsMultisig;
_sd.operationsMultisig = _newOperationsMultisig;
_revokeRole(RolesLibrary.OPERATIONS_MULTISIG, _operationsMultisig);
_revokeRole(PausableFlows.DEPOSIT_REQUEST_FLOW, _operationsMultisig);
_revokeRole(PausableFlows.SETTLE_DEPOSIT_FLOW, _operationsMultisig);
_revokeRole(PausableFlows.REDEEM_REQUEST_FLOW, _operationsMultisig);
_revokeRole(PausableFlows.SETTLE_REDEEM_FLOW, _operationsMultisig);
_grantRole(RolesLibrary.OPERATIONS_MULTISIG, _newOperationsMultisig);
_grantRole(PausableFlows.DEPOSIT_REQUEST_FLOW, _newOperationsMultisig);
_grantRole(PausableFlows.SETTLE_DEPOSIT_FLOW, _newOperationsMultisig);
_grantRole(PausableFlows.REDEEM_REQUEST_FLOW, _newOperationsMultisig);
_grantRole(PausableFlows.SETTLE_REDEEM_FLOW, _newOperationsMultisig);
emit OperationsMultisigMigrated(_newOperationsMultisig);
}
/// @inheritdoc IMigrationManager
function migrateOracle(address _newOracle) external {
if (_newOracle == address(0)) {
revert InvalidOracleAddress();
}
AlephVaultStorageData storage _sd = _getStorage();
_revokeRole(RolesLibrary.ORACLE, _sd.oracle);
_sd.oracle = _newOracle;
_grantRole(RolesLibrary.ORACLE, _newOracle);
emit OracleMigrated(_newOracle);
}
/// @inheritdoc IMigrationManager
function migrateGuardian(address _newGuardian) external {
if (_newGuardian == address(0)) {
revert InvalidGuardianAddress();
}
AlephVaultStorageData storage _sd = _getStorage();
address _guardian = _sd.guardian;
_sd.guardian = _newGuardian;
_revokeRole(RolesLibrary.GUARDIAN, _guardian);
_revokeRole(PausableFlows.DEPOSIT_REQUEST_FLOW, _guardian);
_revokeRole(PausableFlows.SETTLE_DEPOSIT_FLOW, _guardian);
_revokeRole(PausableFlows.REDEEM_REQUEST_FLOW, _guardian);
_revokeRole(PausableFlows.SETTLE_REDEEM_FLOW, _guardian);
_revokeRole(PausableFlows.WITHDRAW_FLOW, _guardian);
_grantRole(RolesLibrary.GUARDIAN, _newGuardian);
_grantRole(PausableFlows.DEPOSIT_REQUEST_FLOW, _newGuardian);
_grantRole(PausableFlows.SETTLE_DEPOSIT_FLOW, _newGuardian);
_grantRole(PausableFlows.REDEEM_REQUEST_FLOW, _newGuardian);
_grantRole(PausableFlows.SETTLE_REDEEM_FLOW, _newGuardian);
_grantRole(PausableFlows.WITHDRAW_FLOW, _newGuardian);
emit GuardianMigrated(_newGuardian);
}
/// @inheritdoc IMigrationManager
function migrateAuthSigner(address _newAuthSigner) external {
if (_newAuthSigner == address(0)) {
revert InvalidAuthSignerAddress();
}
AlephVaultStorageData storage _sd = _getStorage();
_sd.authSigner = _newAuthSigner;
emit AuthSignerMigrated(_newAuthSigner);
}
/// @inheritdoc IMigrationManager
function migrateModules(bytes4 _module, address _newImplementation) external {
if (_newImplementation == address(0)) {
revert InvalidModuleAddress();
}
_getStorage().moduleImplementations[_module] = _newImplementation;
emit ModulesMigrated(_module, _newImplementation);
}
}
"
},
"lib/openzeppelin-contracts-upgradeable/contracts/access/AccessControlUpgradeable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (access/AccessControl.sol)
pragma solidity ^0.8.20;
import {IAccessControl} from "@openzeppelin/contracts/access/IAccessControl.sol";
import {ContextUpgradeable} from "../utils/ContextUpgradeable.sol";
import {IERC165} from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
import {ERC165Upgradeable} from "../utils/introspection/ERC165Upgradeable.sol";
import {Initializable} from "../proxy/utils/Initializable.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms. This is a lightweight version that doesn't allow enumerating role
* members except through off-chain means by accessing the contract event logs. Some
* applications may benefit from on-chain enumerability, for those cases see
* {AccessControlEnumerable}.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```solidity
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```solidity
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules}
* to enforce additional security measures for this role.
*/
abstract contract AccessControlUpgradeable is Initializable, ContextUpgradeable, IAccessControl, ERC165Upgradeable {
struct RoleData {
mapping(address account => bool) hasRole;
bytes32 adminRole;
}
bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;
/// @custom:storage-location erc7201:openzeppelin.storage.AccessControl
struct AccessControlStorage {
mapping(bytes32 role => RoleData) _roles;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.AccessControl")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant AccessControlStorageLocation = 0x02dd7bc7dec4dceedda775e58dd541e08a116c6c53815c0bd028192f7b626800;
function _getAccessControlStorage() private pure returns (AccessControlStorage storage $) {
assembly {
$.slot := AccessControlStorageLocation
}
}
/**
* @dev Modifier that checks that an account has a specific role. Reverts
* with an {AccessControlUnauthorizedAccount} error including the required role.
*/
modifier onlyRole(bytes32 role) {
_checkRole(role);
_;
}
function __AccessControl_init() internal onlyInitializing {
}
function __AccessControl_init_unchained() internal onlyInitializing {
}
/// @inheritdoc IERC165
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId);
}
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) public view virtual returns (bool) {
AccessControlStorage storage $ = _getAccessControlStorage();
return $._roles[role].hasRole[account];
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `_msgSender()`
* is missing `role`. Overriding this function changes the behavior of the {onlyRole} modifier.
*/
function _checkRole(bytes32 role) internal view virtual {
_checkRole(role, _msgSender());
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `account`
* is missing `role`.
*/
function _checkRole(bytes32 role, address account) internal view virtual {
if (!hasRole(role, account)) {
revert AccessControlUnauthorizedAccount(account, role);
}
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) public view virtual returns (bytes32) {
AccessControlStorage storage $ = _getAccessControlStorage();
return $._roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleGranted} event.
*/
function grantRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleRevoked} event.
*/
function revokeRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been revoked `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*
* May emit a {RoleRevoked} event.
*/
function renounceRole(bytes32 role, address callerConfirmation) public virtual {
if (callerConfirmation != _msgSender()) {
revert AccessControlBadConfirmation();
}
_revokeRole(role, callerConfirmation);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
AccessControlStorage storage $ = _getAccessControlStorage();
bytes32 previousAdminRole = getRoleAdmin(role);
$._roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
/**
* @dev Attempts to grant `role` to `account` and returns a boolean indicating if `role` was granted.
*
* Internal function without access restriction.
*
* May emit a {RoleGranted} event.
*/
function _grantRole(bytes32 role, address account) internal virtual returns (bool) {
AccessControlStorage storage $ = _getAccessControlStorage();
if (!hasRole(role, account)) {
$._roles[role].hasRole[account] = true;
emit RoleGranted(role, account, _msgSender());
return true;
} else {
return false;
}
}
/**
* @dev Attempts to revoke `role` from `account` and returns a boolean indicating if `role` was revoked.
*
* Internal function without access restriction.
*
* May emit a {RoleRevoked} event.
*/
function _revokeRole(bytes32 role, address account) internal virtual returns (bool) {
AccessControlStorage storage $ = _getAccessControlStorage();
if (hasRole(role, account)) {
$._roles[role].hasRole[account] = false;
emit RoleRevoked(role, account, _msgSender());
return true;
} else {
return false;
}
}
}
"
},
"src/interfaces/IMigrationManager.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.27;
/*
______ __ __
/ \ / | / |
/$$$$$$ |$$ | ______ ______ $$ |____
$$ |__$$ |$$ | / \ / \ $$ \
$$ $$ |$$ |/$$$$$$ |/$$$$$$ |$$$$$$$ |
$$$$$$$$ |$$ |$$ $$ |$$ | $$ |$$ | $$ |
$$ | $$ |$$ |$$$$$$$$/ $$ |__$$ |$$ | $$ |
$$ | $$ |$$ |$$ |$$ $$/ $$ | $$ |
$$/ $$/ $$/ $$$$$$$/ $$$$$$$/ $$/ $$/
$$ |
$$ |
$$/
*/
/**
* @author Othentic Labs LTD.
* @notice Terms of Service: https://www.aleph.finance/terms-of-service
*/
interface IMigrationManager {
/*//////////////////////////////////////////////////////////////
EVENTS
//////////////////////////////////////////////////////////////*/
/**
* @notice Emitted when the operations multisig is migrated.
* @param operationsMultisig The new operations multisig.
*/
event OperationsMultisigMigrated(address indexed operationsMultisig);
/**
* @notice Emitted when the oracle is migrated.
* @param oracle The new oracle.
*/
event OracleMigrated(address indexed oracle);
/**
* @notice Emitted when the guardian is migrated.
* @param guardian The new guardian.
*/
event GuardianMigrated(address indexed guardian);
/**
* @notice Emitted when the authentication signer is migrated.
* @param authSigner The new authentication signer.
*/
event AuthSignerMigrated(address indexed authSigner);
/**
* @notice Emitted when the modules are migrated.
* @param module The module.
* @param implementation The new implementation.
*/
event ModulesMigrated(bytes4 indexed module, address indexed implementation);
/*//////////////////////////////////////////////////////////////
ERRORS
//////////////////////////////////////////////////////////////*/
/**
* @notice Emitted when the operations multisig address is invalid.
*/
error InvalidOperationsMultisigAddress();
/**
* @notice Emitted when the oracle address is invalid.
*/
error InvalidOracleAddress();
/**
* @notice Emitted when the guardian address is invalid.
*/
error InvalidGuardianAddress();
/**
* @notice Emitted when the authentication signer address is invalid.
*/
error InvalidAuthSignerAddress();
/**
* @notice Emitted when the module address is invalid.
*/
error InvalidModuleAddress();
/*//////////////////////////////////////////////////////////////
MIGRATION FUNCTIONS
//////////////////////////////////////////////////////////////*/
/**
* @notice Migrates the operations multisig.
* @param _newOperationsMultisig The new operations multisig.
*/
function migrateOperationsMultisig(address _newOperationsMultisig) external;
/**
* @notice Migrates the oracle.
* @param _newOracle The new oracle.
*/
function migrateOracle(address _newOracle) external;
/**
* @notice Migrates the guardian.
* @param _newGuardian The new guardian.
*/
function migrateGuardian(address _newGuardian) external;
/**
* @notice Migrates the authentication signer.
* @param _newAuthSigner The new authentication signer.
*/
function migrateAuthSigner(address _newAuthSigner) external;
/**
* @notice Migrates the module implementation.
* @param _module The module.
* @param _newImplementation The new implementation.
*/
function migrateModules(bytes4 _module, address _newImplementation) external;
}
"
},
"src/libraries/PausableFlows.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.27;
/*
______ __ __
/ \ / | / |
/$$$$$$ |$$ | ______ ______ $$ |____
$$ |__$$ |$$ | / \ / \ $$ \
$$ $$ |$$ |/$$$$$$ |/$$$$$$ |$$$$$$$ |
$$$$$$$$ |$$ |$$ $$ |$$ | $$ |$$ | $$ |
$$ | $$ |$$ |$$$$$$$$/ $$ |__$$ |$$ | $$ |
$$ | $$ |$$ |$$ |$$ $$/ $$ | $$ |
$$/ $$/ $$/ $$$$$$$/ $$$$$$$/ $$/ $$/
$$ |
$$ |
$$/
*/
/**
* @author Othentic Labs LTD.
* @notice Terms of Service: https://aleph.finance/terms-of-service
*/
library PausableFlows {
/**
* @notice The flow for the deposit request.
*/
bytes4 internal constant DEPOSIT_REQUEST_FLOW = bytes4(keccak256("DEPOSIT_REQUEST_FLOW"));
/**
* @notice The flow for the redeem request.
*/
bytes4 internal constant REDEEM_REQUEST_FLOW = bytes4(keccak256("REDEEM_REQUEST_FLOW"));
/**
* @notice The flow for the settle deposit.
*/
bytes4 internal constant SETTLE_DEPOSIT_FLOW = bytes4(keccak256("SETTLE_DEPOSIT_FLOW"));
/**
* @notice The flow for the settle redeem.
*/
bytes4 internal constant SETTLE_REDEEM_FLOW = bytes4(keccak256("SETTLE_REDEEM_FLOW"));
/**
* @notice The flow for the withdraw.
*/
bytes4 internal constant WITHDRAW_FLOW = bytes4(keccak256("WITHDRAW_FLOW"));
}
"
},
"src/libraries/RolesLibrary.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.27;
/*
______ __ __
/ \ / | / |
/$$$$$$ |$$ | ______ ______ $$ |____
$$ |__$$ |$$ | / \ / \ $$ \
$$ $$ |$$ |/$$$$$$ |/$$$$$$ |$$$$$$$ |
$$$$$$$$ |$$ |$$ $$ |$$ | $$ |$$ | $$ |
$$ | $$ |$$ |$$$$$$$$/ $$ |__$$ |$$ | $$ |
$$ | $$ |$$ |$$ |$$ $$/ $$ | $$ |
$$/ $$/ $$/ $$$$$$$/ $$$$$$$/ $$/ $$/
$$ |
$$ |
$$/
*/
/**
* @author Othentic Labs LTD.
* @notice Terms of Service: https://aleph.finance/terms-of-service
*/
library RolesLibrary {
/**
* @notice The role for the oracle.
*/
bytes4 internal constant ORACLE = bytes4(keccak256("ORACLE"));
/**
* @notice The role for the guardian.
*/
bytes4 internal constant GUARDIAN = bytes4(keccak256("GUARDIAN"));
/**
* @notice The role for the manager.
*/
bytes4 internal constant MANAGER = bytes4(keccak256("MANAGER"));
/**
* @notice The role for the operations multisig.
*/
bytes4 internal constant OPERATIONS_MULTISIG = bytes4(keccak256("OPERATIONS_MULTISIG"));
/**
* @notice The role for the vault factory.
*/
bytes4 internal constant VAULT_FACTORY = bytes4(keccak256("VAULT_FACTORY"));
/**
* @notice The role for the accountant.
*/
bytes4 internal constant ACCOUNTANT = bytes4(keccak256("ACCOUNTANT"));
}
"
},
"src/AlephVaultBase.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.27;
/*
______ __ __
/ \ / | / |
/$$$$$$ |$$ | ______ ______ $$ |____
$$ |__$$ |$$ | / \ / \ $$ \
$$ $$ |$$ |/$$$$$$ |/$$$$$$ |$$$$$$$ |
$$$$$$$$ |$$ |$$ $$ |$$ | $$ |$$ | $$ |
$$ | $$ |$$ |$$$$$$$$/ $$ |__$$ |$$ | $$ |
$$ | $$ |$$ |$$ |$$ $$/ $$ | $$ |
$$/ $$/ $$/ $$$$$$$/ $$$$$$$/ $$/ $$/
$$ |
$$ |
$$/
*/
import {Math} from "openzeppelin-contracts/contracts/utils/math/Math.sol";
import {ReentrancyGuardUpgradeable} from
"openzeppelin-contracts-upgradeable/contracts/utils/ReentrancyGuardUpgradeable.sol";
import {Time} from "openzeppelin-contracts/contracts/utils/types/Time.sol";
import {IAlephVault} from "@aleph-vault/interfaces/IAlephVault.sol";
import {ERC4626Math} from "@aleph-vault/libraries/ERC4626Math.sol";
import {SeriesAccounting} from "@aleph-vault/libraries/SeriesAccounting.sol";
import {AlephVaultStorage, AlephVaultStorageData} from "@aleph-vault/AlephVaultStorage.sol";
/**
* @author Othentic Labs LTD.
* @notice Terms of Service: https://aleph.finance/terms-of-service
*/
contract AlephVaultBase is ReentrancyGuardUpgradeable {
using Math for uint256;
/**
* @notice The maximum management fee rate in basis points.
*/
uint32 public constant MAXIMUM_MANAGEMENT_FEE = 1000; // 10%
/**
* @notice The maximum performance fee rate in basis points.
*/
uint32 public constant MAXIMUM_PERFORMANCE_FEE = 5000; // 50%
/**
* @notice The duration of each batch cycle in seconds.
*/
uint48 public immutable BATCH_DURATION;
/*//////////////////////////////////////////////////////////////
ERRORS
//////////////////////////////////////////////////////////////*/
/**
* @notice Invalid constructor parameters.
*/
error InvalidConstructorParams();
/*//////////////////////////////////////////////////////////////
CONSTRUCTOR
//////////////////////////////////////////////////////////////*/
/**
* @notice Constructor for AlephVaultBase
* @param _batchDuration The duration of each batch cycle in seconds
* @dev Reverts if batch duration is zero
*/
constructor(uint48 _batchDuration) {
if (_batchDuration == 0) {
revert InvalidConstructorParams();
}
BATCH_DURATION = _batchDuration;
}
/*//////////////////////////////////////////////////////////////
INTERNAL FUNCTIONS
//////////////////////////////////////////////////////////////*/
/**
* @dev Returns the total assets in the vault.
* @param _sd The storage struct.
* @return The total assets in the vault.
*/
function _totalAssets(AlephVaultStorageData storage _sd) internal view returns (uint256) {
uint256 _totalAssetsSum;
uint8 _shareClassesId = _sd.shareClassesId;
for (uint8 _classId = 1; _classId <= _shareClassesId; _classId++) {
IAlephVault.ShareClass storage _shareClass = _sd.shareClasses[_classId];
_totalAssetsSum += _totalAssetsPerClass(_shareClass, _classId);
}
return _totalAssetsSum;
}
/**
* @dev Returns the total assets in the vault for a given class.
* @param _shareClass The share class.
* @param _classId The ID of the share class.
* @return The total assets in the vault for the given class.
*/
function _totalAssetsPerClass(IAlephVault.ShareClass storage _shareClass, uint8 _classId)
internal
view
returns (uint256)
{
uint32 _shareSeriesId = _shareClass.shareSeriesId;
uint256 _totalAssetsSum;
for (uint32 _seriesId; _seriesId <= _shareSeriesId; _seriesId++) {
// loop through all share series and sum up the total assets
_totalAssetsSum += _totalAssetsPerSeries(_shareClass, _classId, _seriesId);
if (_seriesId == SeriesAccounting.LEAD_SERIES_ID) {
_seriesId = _shareClass.lastConsolidatedSeriesId;
}
}
return _totalAssetsSum;
}
/**
* @dev Returns the total assets in the vault.
* @param _shareClass The share class.
* @param _classId The ID of the share class.
* @param _seriesId The ID of the share series.
* @return The total assets in the vault.
*/
function _totalAssetsPerSeries(IAlephVault.ShareClass storage _shareClass, uint8 _classId, uint32 _seriesId)
internal
view
returns (uint256)
{
return _shareClass.shareSeries[_seriesId].totalAssets;
}
/**
* @dev Returns the total shares in the vault.
* @param _shareClass The share class.
* @param _classId The ID of the share class.
* @param _seriesId The ID of the share series.
* @return The total shares in the vault.
*/
function _totalSharesPerSeries(IAlephVault.ShareClass storage _shareClass, uint8 _classId, uint32 _seriesId)
internal
view
returns (uint256)
{
return _shareClass.shareSeries[_seriesId].totalShares;
}
/**
* @dev Returns the shares of a user.
* @param _shareClass The share class.
* @param _seriesId The ID of the share series.
* @param _user The user to get the shares of.
* @return The shares of the user.
*/
function _sharesOf(IAlephVault.ShareClass storage _shareClass, uint32 _seriesId, address _user)
internal
view
returns (uint256)
{
return _shareClass.shareSeries[_seriesId].sharesOf[_user];
}
/**
* @dev Returns the assets of a user.
* @param _shareClass The share class.
* @param _classId The ID of the share class.
* @param _seriesId The ID of the share series.
* @param _user The user to get the assets of.
* @return The assets of the user.
*/
function _assetsOf(IAlephVault.ShareClass storage _shareClass, uint8 _classId, uint32 _seriesId, address _user)
internal
view
returns (uint256)
{
return ERC4626Math.previewRedeem(
_sharesOf(_shareClass, _seriesId, _user),
_totalAssetsPerSeries(_shareClass, _classId, _seriesId),
_totalSharesPerSeries(_shareClass, _classId, _seriesId)
);
}
/**
* @dev Returns the assets of a user per class.
* @param _shareClass The share class.
* @param _classId The ID of the share class.
* @param _user The user to get the assets of.
* @return The assets of the user per class.
*/
function _assetsPerClassOf(IAlephVault.ShareClass storage _shareClass, uint8 _classId, address _user)
internal
view
returns (uint256)
{
uint256 _assets;
uint32 _shareSeriesId = _shareClass.shareSeriesId;
for (uint32 _seriesId; _seriesId <= _shareSeriesId; _seriesId++) {
// loop through all share series and sum up the assets
_assets += _assetsOf(_shareClass, _classId, _seriesId, _user);
if (_seriesId == SeriesAccounting.LEAD_SERIES_ID) {
_seriesId = _shareClass.lastConsolidatedSeriesId;
}
}
return _assets;
}
/**
* @dev Returns the current batch.
* @param _sd The storage struct.
* @return The current batch.
*/
function _currentBatch(AlephVaultStorageData storage _sd) internal view returns (uint48) {
return (Time.timestamp() - _sd.startTimeStamp) / BATCH_DURATION;
}
/**
* @dev Returns the lead price per share.
* @param _shareClass The share class.
* @param _classId The ID of the share class.
* @return The price per share of the lead series.
*/
function _leadPricePerShare(IAlephVault.ShareClass storage _shareClass, uint8 _classId)
internal
view
returns (uint256)
{
return _getPricePerShare(
_totalAssetsPerSeries(_shareClass, _classId, SeriesAccounting.LEAD_SERIES_ID),
_totalSharesPerSeries(_shareClass, _classId, SeriesAccounting.LEAD_SERIES_ID)
);
}
/**
* @dev Returns the total amount to deposit.
* @param _sd The storage struct.
* @param _classId The ID of the share class.
* @return The total amount to deposit.
*/
function _totalAmountToDeposit(AlephVaultStorageData storage _sd, uint8 _classId) internal view returns (uint256) {
uint256 _amountToDeposit;
IAlephVault.ShareClass storage _shareClass = _sd.shareClasses[_classId];
uint48 _currentBatchId = _currentBatch(_sd);
uint48 _depositSettleId = _shareClass.depositSettleId;
for (_depositSettleId; _depositSettleId <= _currentBatchId; _depositSettleId++) {
_amountToDeposit += _shareClass.depositRequests[_depositSettleId].totalAmountToDeposit;
}
return _amountToDeposit;
}
/**
* @dev Returns the total amount to deposit.
* @param _sd The storage struct.
* @param _classId The ID of the share class.
* @param _user The user to get the deposit request of.
* @return The total amount to deposit.
*/
function _depositRequestOf(AlephVaultStorageData storage _sd, uint8 _classId, address _user)
internal
view
returns (uint256)
{
uint256 _totalDepositRequest;
uint48 _currentBatchId = _currentBatch(_sd);
IAlephVault.ShareClass storage _shareClass = _sd.shareClasses[_classId];
uint48 _depositSettleId = _shareClass.depositSettleId;
for (_depositSettleId; _depositSettleId <= _currentBatchId; _depositSettleId++) {
_totalDepositRequest += _shareClass.depositRequests[_depositSettleId].depositRequest[_user];
}
return _totalDepositRequest;
}
/**
* @dev Internal function to calculate the pending assets of a user.
* @param _shareClass The share class.
* @param _currentBatchId The current batch ID.
* @param _user The user to calculate the pending assets for.
* @param _totalUserAssets The total assets of the user.
* @return _pendingAssets The pending assets of the user.
*/
function _pendingAssetsOf(
IAlephVault.ShareClass storage _shareClass,
uint48 _currentBatchId,
address _user,
uint256 _totalUserAssets
) internal view returns (uint256 _pendingAssets) {
uint48 _redeemSettleId = _shareClass.redeemSettleId;
uint256 _remainingUserAssets = _totalUserAssets;
// loop through all batches up to the current batch and sum up the pending assets for redemption
for (uint48 _batchId = _redeemSettleId; _batchId <= _currentBatchId; _batchId++) {
// redeem request sets the proportion of total user assets to redeem at the time of settlement
uint256 _pendingUserAssetsInBatch = ERC4626Math.previewMintUnits(
_shareClass.redeemRequests[_batchId].redeemRequest[_user], _remainingUserAssets
);
// redeem request is set calculated proportional to remaining user assets as if previous redeem requests were settled
_remainingUserAssets -= _pendingUserAssetsInBatch;
_pendingAssets += _pendingUserAssetsInBatch;
}
}
/**
* @dev Internal function to get the price per share.
* @param _assets The total assets in the vault.
* @param _shares The total shares in the vault.
* @return The price per share.
*/
function _getPricePerShare(uint256 _assets, uint256 _shares) internal pure returns (uint256) {
uint256 _pricePerShare = SeriesAccounting.PRICE_DENOMINATOR;
if (_shares > 0) {
_pricePerShare = _assets.mulDiv(SeriesAccounting.PRICE_DENOMINATOR, _shares, Math.Rounding.Ceil);
}
return _pricePerShare;
}
/**
* @dev Returns the storage struct for the vault.
* @return _sd The storage struct.
*/
function _getStorage() internal pure returns (AlephVaultStorageData storage _sd) {
_sd = AlephVaultStorage.load();
}
}
"
},
"src/AlephVaultStorage.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.27;
/*
______ __ __
/ \ / | / |
/$$$$$$ |$$ | ______ ______ $$ |____
$$ |__$$ |$$ | / \ / \ $$ \
$$ $$ |$$ |/$$$$$$ |/$$$$$$ |$$$$$$$ |
$$$$$$$$ |$$ |$$ $$ |$$ | $$ |$$ | $$ |
$$ | $$ |$$ |$$$$$$$$/ $$ |__$$ |$$ | $$ |
$$ | $$ |$$ |$$ |$$ $$/ $$ | $$ |
$$/ $$/ $$/ $$$$$$$/ $$$$$$$/ $$/ $$/
$$ |
$$ |
$$/
*/
import {IAlephVault} from "@aleph-vault/interfaces/IAlephVault.sol";
import {TimelockRegistry} from "@aleph-vault/libraries/TimelockRegistry.sol";
/**
* @notice Data layout for the aleph vault storage.
* @param name The name of the vault.
* @param isDepositAuthEnabled Whether the deposit authentication is enabled.
* @param isSettlementAuthEnabled Whether the settlement authentication is enabled.
* @param shareClassesId The number of share classes.
* @param startTimeStamp The start timestamp of the vault.
* @param operationsMultisig The operations multisig address.
* @param manager The manager address.
* @param oracle The oracle address.
* @param guardian The guardian address.
* @param authSigner The auth signer address.
* @param underlyingToken The underlying token address.
* @param custodian The custodian address.
* @param accountant The accountant address.
* @param totalAmountToDeposit The total amount to deposit.
* @param totalAmountToWithdraw The total amount to withdraw.
* @param shareClasses The share classes.
* @param timelocks The timelocks.
* @param moduleImplementations The module implementations.
* @param redeemableAmount The redeemable amount for each user.
*/
struct AlephVaultStorageData {
string name;
bool isDepositAuthEnabled;
bool isSettlementAuthEnabled;
uint8 shareClassesId;
uint48 startTimeStamp;
address operationsMultisig;
address manager;
address oracle;
address guardian;
address authSigner;
address underlyingToken;
address custodian;
address accountant;
uint256 totalAmountToDeposit;
uint256 totalAmountToWithdraw;
mapping(uint8 classId => IAlephVault.ShareClass) shareClasses;
mapping(bytes4 => TimelockRegistry.Timelock) timelocks;
mapping(bytes4 => address) moduleImplementations;
mapping(address user => uint256) redeemableAmount;
}
/**
* @author Othentic Labs LTD.
* @notice Terms of Service: https://aleph.finance/terms-of-service
*/
library AlephVaultStorage {
uint256 private constant STORAGE_POSITION = uint256(keccak256("storage.aleph.vault")) - 1;
function load() internal pure returns (AlephVaultStorageData storage sd) {
uint256 _position = STORAGE_POSITION;
assembly {
sd.slot := _position
}
}
}
"
},
"lib/openzeppelin-contracts/contracts/access/IAccessControl.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (access/IAccessControl.sol)
pragma solidity >=0.8.4;
/**
* @dev External interface of AccessControl declared to support ERC-165 detection.
*/
interface IAccessControl {
/**
* @dev The `account` is missing a role.
*/
error AccessControlUnauthorizedAccount(address account, bytes32 neededRole);
/**
* @dev The caller of a function is not the expected one.
*
* NOTE: Don't confuse with {AccessControlUnauthorizedAccount}.
*/
error AccessControlBadConfirmation();
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted to signal this.
*/
event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call. This account bears the admin role (for the granted role).
* Expected in cases where the role was granted using the internal {AccessControl-_grantRole}.
*/
event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/
event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) external view returns (bool);
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {AccessControl-_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) external view returns (bytes32);
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function grantRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function revokeRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*/
function renounceRole(bytes32 role, address callerConfirmation) external;
}
"
},
"lib/openzeppelin-contracts-upgradeable/contracts/utils/ContextUpgradeable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
import {Initializable} from "../proxy/utils/Initializable.sol";
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract ContextUpgradeable is Initializable {
function __Context_init() internal onlyInitializing {
}
function __Context_init_unchained() internal onlyInitializing {
}
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}
"
},
"lib/openzeppelin-contracts/contracts/utils/introspection/IERC165.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/introspection/IERC165.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[ERC].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
"
},
"lib/openzeppelin-contracts-upgradeable/contracts/utils/introspection/ERC165Upgradeable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/introspection/ERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
import {Initializable} from "../../proxy/utils/Initializable.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC-165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*/
abstract contract ERC165Upgradeable is Initializable, IERC165 {
function __ERC165_init() internal onlyInitializing {
}
function __ERC165_init_unchained() internal onlyInitializing {
}
/// @inheritdoc IERC165
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}
"
},
"lib/openzeppelin-contracts-upgradeable/contracts/proxy/utils/Initializable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.20;
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Storage of the initializable contract.
*
* It's implemented on a custom ERC-7201 namespace to reduce the risk of storage collisions
* when using with upgradeable contracts.
*
* @custom:storage-location erc7201:openzeppelin.storage.Initializable
*/
struct InitializableStorage {
/**
* @dev Indicates that the contract has been initialized.
*/
uint64 _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool _initializing;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Initializable")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant INITIALIZABLE_STORAGE = 0xf0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00;
/**
* @dev The contract is already initialized.
*/
error InvalidInitialization();
/**
* @dev The contract is not initializing.
*/
error NotInitializing();
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint64 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that in the context of a constructor an `initializer` may be invoked any
* number of times. This behavior in the constructor can be useful during testing and is not expected to be used in
* production.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
// Cache values to avoid duplicated sloads
bool isTopLevelCall = !$._initializing;
uint64 initialized = $._initialized;
// Allowed calls:
// - initialSetup: the contract is not in the initializing state and no previous version was
// initialized
// - construction: the contract is initialized at version 1 (no reinitialization) and the
// current contract is just being deployed
bool initialSetup = initialized == 0 && isTopLevelCall;
bool construction = initialized == 1 && address(this).code.length == 0;
if (!initialSetup && !construction) {
revert InvalidInitialization();
}
$._initialized = 1;
if (isTopLevelCall) {
$._initializing = true;
}
_;
if (isTopLevelCall) {
$._initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: Setting the version to 2**64 - 1 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint64 version) {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing || $._initialized >= version) {
revert InvalidInitialization();
}
$._initialized = version;
$._initializing = true;
_;
$._initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
_checkInitializing();
_;
}
/**
* @dev Reverts if the contract is not in an initializing state. See {onlyInitializing}.
*/
function _checkInitializing() internal view virtual {
if (!_isInitializing()) {
revert NotInitializing();
}
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing) {
revert InvalidInitialization();
}
if ($._initialized != type(uint64).max) {
$._initialized = type(uint64).max;
emit Initialized(type(uint64).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint64) {
return _getInitializableStorage()._initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _getInitializableStorage()._initializing;
}
/**
* @dev Pointer to storage slot. Allows integrators to override it with a custom storage location.
*
* NOTE: Consider following the ERC-7201 formula to derive storage locations.
*/
function _initializableStorageSlot() internal pure virtual returns (bytes32) {
return INITIALIZABLE_STORAGE;
}
/**
* @dev Returns a pointer to the storage namespace.
*/
// solhint-disable-next-line var-name-mixedcase
function _getInitializableStorage() private pure returns (InitializableStorage storage $) {
bytes32 slot = _initializableStorageSlot();
assembly {
$.slot := slot
}
}
}
"
},
"lib/openzeppelin-contracts/contracts/utils/math/Math.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (utils/math/Math.sol)
pragma solidity ^0.8.20;
import {Panic} from "../Panic.sol";
import {SafeCast} from "./SafeCast.sol";
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
enum Rounding {
Floor, // Toward negative infinity
Ceil, // Toward positive infinity
Trunc, // Toward zero
Expand // Away from zero
}
/**
* @dev Return the 512-bit addition of two uint256.
*
* The result is stored in two 256 variables such that sum = high * 2²⁵⁶ + low.
*/
function add512(uint256 a, uint256 b) internal pure returns (uint256 high, uint256 low) {
assembly ("memory-safe") {
low := add(a, b)
high := lt(low, a)
}
}
/**
* @dev Return the 512-bit multiplication of two uint256.
*
* The result is stored in two 256 variables such that product = high * 2²⁵⁶ + low.
*/
function mul512(uint256 a, uint256 b) internal pure returns (uint256 high, uint256 low) {
// 512-bit multiply [high low] = x * y. Compute the product mod 2²⁵⁶ and mod 2²⁵⁶ - 1, then use
// the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = high * 2²⁵⁶ + low.
assembly ("memory-safe") {
let mm := mulmod(a, b, not(0))
low := mul(a, b)
high := sub(sub(mm, low), lt(mm, low))
}
}
/**
* @dev Returns the addition of two unsigned integers, with a success flag (no overflow).
*/
function tryAdd(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
uint256 c = a + b;
success = c >= a;
result = c * SafeCast.toUint(success);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with a success flag (no overflow).
*/
function trySub(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
uint256 c = a - b;
success = c <= a;
result = c * SafeCast.toUint(success);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with a success flag (no overflow).
*/
function tryMul(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
uint256 c = a * b;
assembly ("memory-safe") {
// Only true when the multiplication doesn't overflow
// (c / a == b) || (a == 0)
success := or(eq(div(c, a), b), iszero(a))
}
// equivalent to: success ? c : 0
result = c * SafeCast.toUint(success);
}
}
/**
* @dev Returns the division of two unsigned integers, with a success flag (no division by zero).
*/
function tryDiv(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
success = b > 0;
assembly ("memory-safe") {
// The `DIV` opcode returns zero when the denominator is 0.
result := div(a, b)
}
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a success flag (no division by zero).
*/
function tryMod(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
success = b > 0;
assembly ("memory-safe") {
// The `MOD` opcode returns zero when the denominator is 0.
result := mod(a, b)
}
}
}
/**
* @dev Unsigned saturating addition, bounds to `2²⁵⁶ - 1` instead of overflowing.
*/
function saturatingAdd(uint256 a, uint256 b) internal pure returns (uint256) {
(bool success, uint256 result) = tryAdd(a, b);
return ternary(success, result, type(uint256).max);
}
/**
* @dev Unsigned saturating subtraction, bounds to zero instead of overflowing.
*/
function saturatingSub(uint256 a, uint256 b) internal pure returns (uint256) {
(, uint256 result) = trySub(a, b);
return result;
}
/**
* @dev Unsigned saturating multiplication, bounds to `2²⁵⁶ - 1` instead of overflowing.
*/
function saturatingMul(uint256 a, uint256 b) internal pure returns (uint256) {
(bool success, uint256 result) = tryMul(a, b);
return ternary(success, result, type(uint256).max);
}
/**
* @dev Branchless ternary evaluation for `a ? b : c`. Gas costs are constant.
*
* IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone.
* However, the compiler may optimize Solidity ternary operations (i.e. `a ? b : c`) to only compute
* one branch when needed, making this function more expensive.
*/
function ternary(bool condition, uint256 a, uint256 b) internal pure returns (uint256) {
unchecked {
// branchless ternary works because:
// b ^ (a ^ b) == a
// b ^ 0 == b
return b ^ ((a ^ b) * SafeCast.toUint(condition));
}
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return ternary(a > b, a, b);
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return ternary(a < b, a, b);
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds towards infinity instead
* of rounding towards zero.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
if (b == 0) {
// Guarantee the same behavior as in a regular Solidity division.
Panic.panic(Panic.DIVISION_BY_ZERO);
}
// The following calculation ensures accurate ceiling division without overflow.
// Since a is non-zero, (a - 1) / b will not overflow.
// The largest possible result occurs when (a - 1) / b is type(uint256).max,
// but the largest value we can obtain is type(uint256).max - 1, which happens
// when a = type(uint256).max and b = 1.
unchecked {
return SafeCast.toUint(a > 0) * ((a - 1) / b + 1);
}
}
/**
* @dev Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
* denominator == 0.
*
* Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
* Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
(uint256 high, uint256 low) = mul512(x, y);
// Handle non-overflow cases, 256 by 256 division.
if (high == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return low / denominator;
}
// Make sure the result is less than 2²⁵⁶. Also prevents denominator == 0.
if (denominator <= high) {
Panic.panic(ternary(denominator == 0, Panic.DIVISION_BY_ZERO, Panic.UNDER_OVERFLOW));
}
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [high low].
uint256 remainder;
assembly ("memory-safe") {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
high := sub(high, gt(remainder, low))
low := sub(low, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator.
// Always >= 1. See https://cs.stackexchange.com/q/138556/92363.
uint256 twos = denominator & (0 - denominator);
assembly ("memory-safe") {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [high low] by twos.
low := div(low, twos)
// Flip twos such that it is 2²⁵⁶ / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from high into low.
low |= high * twos;
// Invert denominator mod 2²⁵⁶. Now that denominator is an odd number, it has an inverse modulo 2²⁵⁶ such
// that denominator * inv ≡ 1 mod 2²⁵⁶. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv ≡ 1 mod 2⁴.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
// works in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2⁸
inverse *= 2 - denominator * inverse; // inverse mod 2¹⁶
inverse *= 2 - denominator * inverse; // inverse mod 2³²
inverse *= 2 - denominator * inverse; // inverse mod 2⁶⁴
inverse *= 2 - denominator * inverse; // inverse mod 2¹²⁸
inverse *= 2 - denominator * inverse; // inverse mod 2²⁵⁶
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2²⁵⁶. Since the preconditions guarantee that the outcome is
// less than 2²⁵⁶, this Submitted on: 2025-10-15 09:21:26
Comments
Log in to comment.
No comments yet.