// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;/**
* @dev Collection of functions related to the address type
*/libraryAddress{
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/functionisContract(address account) internalviewreturns (bool) {
// This method relies on extcodesize, which returns 0 for contracts in// construction, since the code is only stored at the end of the// constructor execution.uint256 size;
// solhint-disable-next-line no-inline-assemblyassembly { size :=extcodesize(account) }
return size >0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/functionsendValue(addresspayable recipient, uint256 amount) internal{
require(address(this).balance>= amount, "Address: insufficient balance");
// solhint-disable-next-line avoid-low-level-calls, avoid-call-value
(bool success, ) = recipient.call{ value: amount }("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain`call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/functionfunctionCall(address target, bytesmemory data) internalreturns (bytesmemory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCall(address target, bytesmemory data, stringmemory errorMessage) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target, bytesmemory data, uint256 value) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target, bytesmemory data, uint256 value, stringmemory errorMessage) internalreturns (bytesmemory) {
require(address(this).balance>= value, "Address: insufficient balance for call");
require(isContract(target), "Address: call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytesmemory returndata) = target.call{ value: value }(data);
return _verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/functionfunctionStaticCall(address target, bytesmemory data) internalviewreturns (bytesmemory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/functionfunctionStaticCall(address target, bytesmemory data, stringmemory errorMessage) internalviewreturns (bytesmemory) {
require(isContract(target), "Address: static call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytesmemory returndata) = target.staticcall(data);
return _verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/functionfunctionDelegateCall(address target, bytesmemory data) internalreturns (bytesmemory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/functionfunctionDelegateCall(address target, bytesmemory data, stringmemory errorMessage) internalreturns (bytesmemory) {
require(isContract(target), "Address: delegate call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytesmemory returndata) = target.delegatecall(data);
return _verifyCallResult(success, returndata, errorMessage);
}
function_verifyCallResult(bool success, bytesmemory returndata, stringmemory errorMessage) privatepurereturns(bytesmemory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if presentif (returndata.length>0) {
// The easiest way to bubble the revert reason is using memory via assembly// solhint-disable-next-line no-inline-assemblyassembly {
let returndata_size :=mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}
Contract Source Code
File 2 of 68: AddressUpgradeable.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;/**
* @dev Collection of functions related to the address type
*/libraryAddressUpgradeable{
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/functionisContract(address account) internalviewreturns (bool) {
// This method relies on extcodesize, which returns 0 for contracts in// construction, since the code is only stored at the end of the// constructor execution.uint256 size;
// solhint-disable-next-line no-inline-assemblyassembly { size :=extcodesize(account) }
return size >0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/functionsendValue(addresspayable recipient, uint256 amount) internal{
require(address(this).balance>= amount, "Address: insufficient balance");
// solhint-disable-next-line avoid-low-level-calls, avoid-call-value
(bool success, ) = recipient.call{ value: amount }("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain`call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/functionfunctionCall(address target, bytesmemory data) internalreturns (bytesmemory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCall(address target, bytesmemory data, stringmemory errorMessage) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target, bytesmemory data, uint256 value) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target, bytesmemory data, uint256 value, stringmemory errorMessage) internalreturns (bytesmemory) {
require(address(this).balance>= value, "Address: insufficient balance for call");
require(isContract(target), "Address: call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytesmemory returndata) = target.call{ value: value }(data);
return _verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/functionfunctionStaticCall(address target, bytesmemory data) internalviewreturns (bytesmemory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/functionfunctionStaticCall(address target, bytesmemory data, stringmemory errorMessage) internalviewreturns (bytesmemory) {
require(isContract(target), "Address: static call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytesmemory returndata) = target.staticcall(data);
return _verifyCallResult(success, returndata, errorMessage);
}
function_verifyCallResult(bool success, bytesmemory returndata, stringmemory errorMessage) privatepurereturns(bytesmemory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if presentif (returndata.length>0) {
// The easiest way to bubble the revert reason is using memory via assembly// solhint-disable-next-line no-inline-assemblyassembly {
let returndata_size :=mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}
// SPDX-License-Identifier: MITpragmasolidity ^0.8.9;/**
* allow causes the delegatecall to be ignored for all functions in this contract
*
* @custom:oz-upgrades-unsafe-allow delegatecall
*/contractAllowParent{
functioninternalDelegateCall(bytesmemory data
) internalreturns (bytesmemory) {
(, bytesmemory returndata) =address(this).delegatecall(data);
return returndata;
}
}
Contract Source Code
File 8 of 68: AllowParentSelfReachable.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.9;/**
* allow-reachable causes the delegatecall to be ignored for all functions in this contract, including its own lexical scope
*
* @custom:oz-upgrades-unsafe-allow-reachable delegatecall
*/contractAllowParentSelfReachable{
functioninternalDelegateCall(bytesmemory data
) internalreturns (bytesmemory) {
(, bytesmemory returndata) =address(this).delegatecall(data);
return returndata;
}
}
Contract Source Code
File 9 of 68: AllowReachable.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.9;import"./TransitiveRiskyLibrary.sol";
// allow-reachable causes the delegatecall in a transitive function to be ignoredcontractAllowReachable{
/// @custom:oz-upgrades-unsafe-allow-reachable delegatecallfunctionunsafe(bytesmemory data) public{
TransitiveRiskyLibrary.internalDelegateCall(address(this), data);
}
}
Contract Source Code
File 10 of 68: AllowReachableParent.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.9;import"./TransitiveUnsafeParent.sol";
/**
* allow-reachable causes the delegatecall in a parent function to be ignored
*
* this is actually unsafe but only allowed here for testing purposes!
*
* @custom:oz-upgrades-unsafe-allow-reachable delegatecall
*/contractAllowReachableParentisTransitiveUnsafeParent{
}
Contract Source Code
File 11 of 68: AllowReachableParentCall.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.9;import"./RiskyParentContract.sol";
/**
* allow-reachable causes the delegatecall to be ignored for all reachable functions from this contract
*
* @custom:oz-upgrades-unsafe-allow-reachable delegatecall
*/contractAllowReachableParentCallisRiskyParentContract{
functionallowed(bytesmemory data) internal{
internalDelegateCall(address(this), data);
}
}
Contract Source Code
File 12 of 68: BeaconProxy.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import"./IBeacon.sol";
import"../Proxy.sol";
import"../ERC1967/ERC1967Upgrade.sol";
/**
* @dev This contract implements a proxy that gets the implementation address for each call from a {UpgradeableBeacon}.
*
* The beacon address is stored in storage slot `uint256(keccak256('eip1967.proxy.beacon')) - 1`, so that it doesn't
* conflict with the storage layout of the implementation behind the proxy.
*
* _Available since v3.4._
*/contractBeaconProxyisProxy, ERC1967Upgrade{
/**
* @dev Initializes the proxy with `beacon`.
*
* If `data` is nonempty, it's used as data in a delegate call to the implementation returned by the beacon. This
* will typically be an encoded function call, and allows initializating the storage of the proxy like a Solidity
* constructor.
*
* Requirements:
*
* - `beacon` must be a contract with the interface {IBeacon}.
*/constructor(address beacon, bytesmemory data) payable{
assert(_BEACON_SLOT ==bytes32(uint256(keccak256("eip1967.proxy.beacon")) -1));
_upgradeBeaconToAndCall(beacon, data, false);
}
/**
* @dev Returns the current beacon address.
*/function_beacon() internalviewvirtualreturns (address) {
return _getBeacon();
}
/**
* @dev Returns the current implementation address of the associated beacon.
*/function_implementation() internalviewvirtualoverridereturns (address) {
return IBeacon(_getBeacon()).implementation();
}
/**
* @dev Changes the proxy to use a new beacon. Deprecated: see {_upgradeBeaconToAndCall}.
*
* If `data` is nonempty, it's used as data in a delegate call to the implementation returned by the beacon.
*
* Requirements:
*
* - `beacon` must be a contract.
* - The implementation returned by `beacon` must be a contract.
*/function_setBeacon(address beacon, bytesmemory data) internalvirtual{
_upgradeBeaconToAndCall(beacon, data, false);
}
}
Contract Source Code
File 13 of 68: Constructors.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.9;abstractcontractUnsafeParent{
/// @custom:oz-upgrades-unsafe-allow constructorconstructor(bytesmemory data) {
(bool s, ) =msg.sender.delegatecall(data);
s;
}
}
contractUnsafeChild1isUnsafeParent{
/// @custom:oz-upgrades-unsafe-allow constructorconstructor() UnsafeParent('') {}
functionfoo1(uint x) public{}
}
contractUnsafeChild2isUnsafeParent('') {
functionfoo2(uint x) public{}
}
abstractcontractUnsafeParentNoArgs{
/// @custom:oz-upgrades-unsafe-allow constructorconstructor() {
(bool s, ) =msg.sender.delegatecall("");
s;
}
}
contract UnsafeChild3 is UnsafeParentNoArgs {
/// @custom:oz-upgrades-unsafe-allow constructor
constructor() UnsafeParentNoArgs() {}
function foo3(uint x) public {}
}
contract UnsafeChild4 is UnsafeParentNoArgs {
function foo4(uint x) public {}
}
/**
* @custom:oz-upgrades-unsafe-allow delegatecall
*/
abstract contract AllowParentNoArgs {
/// @custom:oz-upgrades-unsafe-allow constructor
constructor() {
(bool s, ) = msg.sender.delegatecall("");
s;
}
}
contract AllowChild5 is AllowParentNoArgs {
/// @custom:oz-upgrades-unsafe-allow constructor
constructor() AllowParentNoArgs() {}
function foo5(uint x) public {}
}
contract AllowChild6 is AllowParentNoArgs {
function foo6(uint x) public {}
}
/**
* allow has no effect because the delegatecall is in a parent function
*
* @custom:oz-upgrades-unsafe-allow delegatecall
*/
contract UnsafeAllowChild7 is UnsafeParentNoArgs {
function foo7(uint x) public {}
}
/**
* @custom:oz-upgrades-unsafe-allow-reachable delegatecall
*/
contract AllowReachableChild8 is UnsafeParentNoArgs {
function foo8(uint x) public {}
}
abstract contract UnsafeFunctions {
function unsafe() internal {
(bool s, ) = msg.sender.delegatecall("");
s;
}
}
contract UnsafeChild9 is UnsafeFunctions {
/// @custom:oz-upgrades-unsafe-allow constructor
constructor() {
unsafe();
}
function foo9(uint x) public {}
}
Contract Source Code
File 14 of 68: Context.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;/*
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/abstractcontractContext{
function_msgSender() internalviewvirtualreturns (address) {
returnmsg.sender;
}
function_msgData() internalviewvirtualreturns (bytescalldata) {
this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691returnmsg.data;
}
}
Contract Source Code
File 15 of 68: ERC1967Proxy.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import"../Proxy.sol";
import"./ERC1967Upgrade.sol";
/**
* @dev This contract implements an upgradeable proxy. It is upgradeable because calls are delegated to an
* implementation address that can be changed. This address is stored in storage in the location specified by
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967], so that it doesn't conflict with the storage layout of the
* implementation behind the proxy.
*/contractERC1967ProxyisProxy, ERC1967Upgrade{
/**
* @dev Initializes the upgradeable proxy with an initial implementation specified by `_logic`.
*
* If `_data` is nonempty, it's used as data in a delegate call to `_logic`. This will typically be an encoded
* function call, and allows initializating the storage of the proxy like a Solidity constructor.
*/constructor(address _logic, bytesmemory _data) payable{
assert(_IMPLEMENTATION_SLOT ==bytes32(uint256(keccak256("eip1967.proxy.implementation")) -1));
_upgradeToAndCall(_logic, _data, false);
}
/**
* @dev Returns the current implementation address.
*/function_implementation() internalviewvirtualoverridereturns (address impl) {
return ERC1967Upgrade._getImplementation();
}
}
Contract Source Code
File 16 of 68: ERC1967Upgrade.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.2;import"../beacon/IBeacon.sol";
import"../../utils/Address.sol";
import"../../utils/StorageSlot.sol";
/**
* @dev This abstract contract provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots.
*
* _Available since v4.1._
*
* @custom:oz-upgrades-unsafe-allow delegatecall
*/abstractcontractERC1967Upgrade{
// This is the keccak-256 hash of "eip1967.proxy.rollback" subtracted by 1bytes32privateconstant _ROLLBACK_SLOT =0x4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd9143;
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/bytes32internalconstant _IMPLEMENTATION_SLOT =0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Emitted when the implementation is upgraded.
*/eventUpgraded(addressindexed implementation);
/**
* @dev Returns the current implementation address.
*/function_getImplementation() internalviewreturns (address) {
return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/function_setImplementation(address newImplementation) private{
require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value= newImplementation;
}
/**
* @dev Perform implementation upgrade
*
* Emits an {Upgraded} event.
*/function_upgradeTo(address newImplementation) internal{
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Perform implementation upgrade with additional setup call.
*
* Emits an {Upgraded} event.
*/function_upgradeToAndCall(address newImplementation, bytesmemory data, bool forceCall) internal{
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
if (data.length>0|| forceCall) {
Address.functionDelegateCall(newImplementation, data);
}
}
/**
* @dev Perform implementation upgrade with security checks for UUPS proxies, and additional setup call.
*
* Emits an {Upgraded} event.
*/function_upgradeToAndCallSecure(address newImplementation, bytesmemory data, bool forceCall) internal{
address oldImplementation = _getImplementation();
// Initial upgrade and setup call
_setImplementation(newImplementation);
if (data.length>0|| forceCall) {
Address.functionDelegateCall(newImplementation, data);
}
// Perform rollback test if not already in progress
StorageSlot.BooleanSlot storage rollbackTesting = StorageSlot.getBooleanSlot(_ROLLBACK_SLOT);
if (!rollbackTesting.value) {
// Trigger rollback using upgradeTo from the new implementation
rollbackTesting.value=true;
Address.functionDelegateCall(
newImplementation,
abi.encodeWithSignature(
"upgradeTo(address)",
oldImplementation
)
);
rollbackTesting.value=false;
// Check rollback was effectiverequire(oldImplementation == _getImplementation(), "ERC1967Upgrade: upgrade breaks further upgrades");
// Finally reset to the new implementation and log the upgrade
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
}
/**
* @dev Perform beacon upgrade with additional setup call. Note: This upgrades the address of the beacon, it does
* not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that).
*
* Emits a {BeaconUpgraded} event.
*/function_upgradeBeaconToAndCall(address newBeacon, bytesmemory data, bool forceCall) internal{
_setBeacon(newBeacon);
emit BeaconUpgraded(newBeacon);
if (data.length>0|| forceCall) {
Address.functionDelegateCall(IBeacon(newBeacon).implementation(), data);
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
* validated in the constructor.
*/bytes32internalconstant _ADMIN_SLOT =0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Emitted when the admin account has changed.
*/eventAdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Returns the current admin.
*/function_getAdmin() internalviewreturns (address) {
return StorageSlot.getAddressSlot(_ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 admin slot.
*/function_setAdmin(address newAdmin) private{
require(newAdmin !=address(0), "ERC1967: new admin is the zero address");
StorageSlot.getAddressSlot(_ADMIN_SLOT).value= newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*/function_changeAdmin(address newAdmin) internal{
emit AdminChanged(_getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is bytes32(uint256(keccak256('eip1967.proxy.beacon')) - 1)) and is validated in the constructor.
*/bytes32internalconstant _BEACON_SLOT =0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Emitted when the beacon is upgraded.
*/eventBeaconUpgraded(addressindexed beacon);
/**
* @dev Returns the current beacon.
*/function_getBeacon() internalviewreturns (address) {
return StorageSlot.getAddressSlot(_BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the EIP1967 beacon slot.
*/function_setBeacon(address newBeacon) private{
require(
Address.isContract(newBeacon),
"ERC1967: new beacon is not a contract"
);
require(
Address.isContract(IBeacon(newBeacon).implementation()),
"ERC1967: beacon implementation is not a contract"
);
StorageSlot.getAddressSlot(_BEACON_SLOT).value= newBeacon;
}
}
Contract Source Code
File 17 of 68: ERC1967UpgradeUpgradeable.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.2;import"../beacon/IBeaconUpgradeable.sol";
import"../../utils/AddressUpgradeable.sol";
import"../../utils/StorageSlotUpgradeable.sol";
import"../utils/Initializable.sol";
/**
* @dev This abstract contract provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots.
*
* _Available since v4.1._
*
* @custom:oz-upgrades-unsafe-allow delegatecall
*/abstractcontractERC1967UpgradeUpgradeableisInitializable{
function__ERC1967Upgrade_init() internalinitializer{
__ERC1967Upgrade_init_unchained();
}
function__ERC1967Upgrade_init_unchained() internalinitializer{
}
// This is the keccak-256 hash of "eip1967.proxy.rollback" subtracted by 1bytes32privateconstant _ROLLBACK_SLOT =0x4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd9143;
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/bytes32internalconstant _IMPLEMENTATION_SLOT =0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Emitted when the implementation is upgraded.
*/eventUpgraded(addressindexed implementation);
/**
* @dev Returns the current implementation address.
*/function_getImplementation() internalviewreturns (address) {
return StorageSlotUpgradeable.getAddressSlot(_IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/function_setImplementation(address newImplementation) private{
require(AddressUpgradeable.isContract(newImplementation), "ERC1967: new implementation is not a contract");
StorageSlotUpgradeable.getAddressSlot(_IMPLEMENTATION_SLOT).value= newImplementation;
}
/**
* @dev Perform implementation upgrade
*
* Emits an {Upgraded} event.
*/function_upgradeTo(address newImplementation) internal{
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Perform implementation upgrade with additional setup call.
*
* Emits an {Upgraded} event.
*/function_upgradeToAndCall(address newImplementation, bytesmemory data, bool forceCall) internal{
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
if (data.length>0|| forceCall) {
_functionDelegateCall(newImplementation, data);
}
}
/**
* @dev Perform implementation upgrade with security checks for UUPS proxies, and additional setup call.
*
* Emits an {Upgraded} event.
*/function_upgradeToAndCallSecure(address newImplementation, bytesmemory data, bool forceCall) internal{
address oldImplementation = _getImplementation();
// Initial upgrade and setup call
_setImplementation(newImplementation);
if (data.length>0|| forceCall) {
_functionDelegateCall(newImplementation, data);
}
// Perform rollback test if not already in progress
StorageSlotUpgradeable.BooleanSlot storage rollbackTesting = StorageSlotUpgradeable.getBooleanSlot(_ROLLBACK_SLOT);
if (!rollbackTesting.value) {
// Trigger rollback using upgradeTo from the new implementation
rollbackTesting.value=true;
_functionDelegateCall(
newImplementation,
abi.encodeWithSignature(
"upgradeTo(address)",
oldImplementation
)
);
rollbackTesting.value=false;
// Check rollback was effectiverequire(oldImplementation == _getImplementation(), "ERC1967Upgrade: upgrade breaks further upgrades");
// Finally reset to the new implementation and log the upgrade
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
}
/**
* @dev Perform beacon upgrade with additional setup call. Note: This upgrades the address of the beacon, it does
* not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that).
*
* Emits a {BeaconUpgraded} event.
*/function_upgradeBeaconToAndCall(address newBeacon, bytesmemory data, bool forceCall) internal{
_setBeacon(newBeacon);
emit BeaconUpgraded(newBeacon);
if (data.length>0|| forceCall) {
_functionDelegateCall(IBeaconUpgradeable(newBeacon).implementation(), data);
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
* validated in the constructor.
*/bytes32internalconstant _ADMIN_SLOT =0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Emitted when the admin account has changed.
*/eventAdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Returns the current admin.
*/function_getAdmin() internalviewreturns (address) {
return StorageSlotUpgradeable.getAddressSlot(_ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 admin slot.
*/function_setAdmin(address newAdmin) private{
require(newAdmin !=address(0), "ERC1967: new admin is the zero address");
StorageSlotUpgradeable.getAddressSlot(_ADMIN_SLOT).value= newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*/function_changeAdmin(address newAdmin) internal{
emit AdminChanged(_getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is bytes32(uint256(keccak256('eip1967.proxy.beacon')) - 1)) and is validated in the constructor.
*/bytes32internalconstant _BEACON_SLOT =0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Emitted when the beacon is upgraded.
*/eventBeaconUpgraded(addressindexed beacon);
/**
* @dev Returns the current beacon.
*/function_getBeacon() internalviewreturns (address) {
return StorageSlotUpgradeable.getAddressSlot(_BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the EIP1967 beacon slot.
*/function_setBeacon(address newBeacon) private{
require(
AddressUpgradeable.isContract(newBeacon),
"ERC1967: new beacon is not a contract"
);
require(
AddressUpgradeable.isContract(IBeaconUpgradeable(newBeacon).implementation()),
"ERC1967: beacon implementation is not a contract"
);
StorageSlotUpgradeable.getAddressSlot(_BEACON_SLOT).value= newBeacon;
}
/*
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/function_functionDelegateCall(address target, bytesmemory data) privatereturns (bytesmemory) {
require(AddressUpgradeable.isContract(target), "Address: delegate call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytesmemory returndata) = target.delegatecall(data);
return _verifyCallResult(success, returndata, "Address: low-level delegate call failed");
}
function_verifyCallResult(bool success, bytesmemory returndata, stringmemory errorMessage) privatepurereturns(bytesmemory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if presentif (returndata.length>0) {
// The easiest way to bubble the revert reason is using memory via assembly// solhint-disable-next-line no-inline-assemblyassembly {
let returndata_size :=mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
uint256[50] private __gap;
}
Contract Source Code
File 18 of 68: IBeacon.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/interfaceIBeacon{
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {BeaconProxy} will check that this address is a contract.
*/functionimplementation() externalviewreturns (address);
}
Contract Source Code
File 19 of 68: IBeaconUpgradeable.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/interfaceIBeaconUpgradeable{
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {BeaconProxy} will check that this address is a contract.
*/functionimplementation() externalviewreturns (address);
}
Contract Source Code
File 20 of 68: Initializable.sol
// SPDX-License-Identifier: MIT// solhint-disable-next-line compiler-versionpragmasolidity ^0.8.0;/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since a proxied contract can't have a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*/abstractcontractInitializable{
/**
* @dev Indicates that the contract has been initialized.
*/boolprivate _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/boolprivate _initializing;
/**
* @dev Modifier to protect an initializer function from being invoked twice.
*/modifierinitializer() {
require(_initializing ||!_initialized, "Initializable: contract is already initialized");
bool isTopLevelCall =!_initializing;
if (isTopLevelCall) {
_initializing =true;
_initialized =true;
}
_;
if (isTopLevelCall) {
_initializing =false;
}
}
}
// SPDX-License-Identifier: MITpragmasolidity ^0.8.9;abstractcontractUnsafeParentModifier{
modifierunsafe(bytesmemory data) {
_;
(bool s, ) =msg.sender.delegatecall(data);
s;
}
}
// TODO: do not throw an error in this case// contract ModifierNotUsed is UnsafeParentModifier {// function foo() public {}// }contractModifierUsedisUnsafeParentModifier{
functionfoo() publicunsafe('') {}
}
Contract Source Code
File 23 of 68: Ownable.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import"../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/abstractcontractOwnableisContext{
addressprivate _owner;
eventOwnershipTransferred(addressindexed previousOwner, addressindexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/constructor () {
address msgSender = _msgSender();
_owner = msgSender;
emit OwnershipTransferred(address(0), msgSender);
}
/**
* @dev Returns the address of the current owner.
*/functionowner() publicviewvirtualreturns (address) {
return _owner;
}
/**
* @dev Throws if called by any account other than the owner.
*/modifieronlyOwner() {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
_;
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/functionrenounceOwnership() publicvirtualonlyOwner{
emit OwnershipTransferred(_owner, address(0));
_owner =address(0);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/functiontransferOwnership(address newOwner) publicvirtualonlyOwner{
require(newOwner !=address(0), "Ownable: new owner is the zero address");
emit OwnershipTransferred(_owner, newOwner);
_owner = newOwner;
}
}
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;/**
* @dev This abstract contract provides a fallback function that delegates all calls to another contract using the EVM
* instruction `delegatecall`. We refer to the second contract as the _implementation_ behind the proxy, and it has to
* be specified by overriding the virtual {_implementation} function.
*
* Additionally, delegation to the implementation can be triggered manually through the {_fallback} function, or to a
* different contract through the {_delegate} function.
*
* The success and return data of the delegated call will be returned back to the caller of the proxy.
*/abstractcontractProxy{
/**
* @dev Delegates the current call to `implementation`.
*
* This function does not return to its internall call site, it will return directly to the external caller.
*/function_delegate(address implementation) internalvirtual{
// solhint-disable-next-line no-inline-assemblyassembly {
// Copy msg.data. We take full control of memory in this inline assembly// block because it will not return to Solidity code. We overwrite the// Solidity scratch pad at memory position 0.calldatacopy(0, 0, calldatasize())
// Call the implementation.// out and outsize are 0 because we don't know the size yet.let result :=delegatecall(gas(), implementation, 0, calldatasize(), 0, 0)
// Copy the returned data.returndatacopy(0, 0, returndatasize())
switch result
// delegatecall returns 0 on error.case0 { revert(0, returndatasize()) }
default { return(0, returndatasize()) }
}
}
/**
* @dev This is a virtual function that should be overriden so it returns the address to which the fallback function
* and {_fallback} should delegate.
*/function_implementation() internalviewvirtualreturns (address);
/**
* @dev Delegates the current call to the address returned by `_implementation()`.
*
* This function does not return to its internall call site, it will return directly to the external caller.
*/function_fallback() internalvirtual{
_beforeFallback();
_delegate(_implementation());
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if no other
* function in the contract matches the call data.
*/fallback () externalpayablevirtual{
_fallback();
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if call data
* is empty.
*/receive () externalpayablevirtual{
_fallback();
}
/**
* @dev Hook that is called before falling back to the implementation. Can happen as part of a manual `_fallback`
* call, or as part of the Solidity `fallback` or `receive` functions.
*
* If overriden should call `super._beforeFallback()`.
*/function_beforeFallback() internalvirtual{
}
}
Contract Source Code
File 26 of 68: ProxyAdmin.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import"./TransparentUpgradeableProxy.sol";
import"../../access/Ownable.sol";
/**
* @dev This is an auxiliary contract meant to be assigned as the admin of a {TransparentUpgradeableProxy}. For an
* explanation of why you would want to use this see the documentation for {TransparentUpgradeableProxy}.
*/contractProxyAdminisOwnable{
/**
* @dev Returns the current implementation of `proxy`.
*
* Requirements:
*
* - This contract must be the admin of `proxy`.
*/functiongetProxyImplementation(TransparentUpgradeableProxy proxy) publicviewvirtualreturns (address) {
// We need to manually run the static call since the getter cannot be flagged as view// bytes4(keccak256("implementation()")) == 0x5c60da1b
(bool success, bytesmemory returndata) =address(proxy).staticcall(hex"5c60da1b");
require(success);
returnabi.decode(returndata, (address));
}
/**
* @dev Returns the current admin of `proxy`.
*
* Requirements:
*
* - This contract must be the admin of `proxy`.
*/functiongetProxyAdmin(TransparentUpgradeableProxy proxy) publicviewvirtualreturns (address) {
// We need to manually run the static call since the getter cannot be flagged as view// bytes4(keccak256("admin()")) == 0xf851a440
(bool success, bytesmemory returndata) =address(proxy).staticcall(hex"f851a440");
require(success);
returnabi.decode(returndata, (address));
}
/**
* @dev Changes the admin of `proxy` to `newAdmin`.
*
* Requirements:
*
* - This contract must be the current admin of `proxy`.
*/functionchangeProxyAdmin(TransparentUpgradeableProxy proxy, address newAdmin) publicvirtualonlyOwner{
proxy.changeAdmin(newAdmin);
}
/**
* @dev Upgrades `proxy` to `implementation`. See {TransparentUpgradeableProxy-upgradeTo}.
*
* Requirements:
*
* - This contract must be the admin of `proxy`.
*/functionupgrade(TransparentUpgradeableProxy proxy, address implementation) publicvirtualonlyOwner{
proxy.upgradeTo(implementation);
}
/**
* @dev Upgrades `proxy` to `implementation` and calls a function on the new implementation. See
* {TransparentUpgradeableProxy-upgradeToAndCall}.
*
* Requirements:
*
* - This contract must be the admin of `proxy`.
*/functionupgradeAndCall(TransparentUpgradeableProxy proxy, address implementation, bytesmemory data) publicpayablevirtualonlyOwner{
proxy.upgradeToAndCall{value: msg.value}(implementation, data);
}
}
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, and `uint256`._
*/libraryStorageSlot{
structAddressSlot {
address value;
}
structBooleanSlot {
bool value;
}
structBytes32Slot {
bytes32 value;
}
structUint256Slot {
uint256 value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/functiongetAddressSlot(bytes32 slot) internalpurereturns (AddressSlot storage r) {
assembly {
r.slot:= slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/functiongetBooleanSlot(bytes32 slot) internalpurereturns (BooleanSlot storage r) {
assembly {
r.slot:= slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/functiongetBytes32Slot(bytes32 slot) internalpurereturns (Bytes32Slot storage r) {
assembly {
r.slot:= slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/functiongetUint256Slot(bytes32 slot) internalpurereturns (Uint256Slot storage r) {
assembly {
r.slot:= slot
}
}
}
Contract Source Code
File 44 of 68: StorageSlotUpgradeable.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, and `uint256`._
*/libraryStorageSlotUpgradeable{
structAddressSlot {
address value;
}
structBooleanSlot {
bool value;
}
structBytes32Slot {
bytes32 value;
}
structUint256Slot {
uint256 value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/functiongetAddressSlot(bytes32 slot) internalpurereturns (AddressSlot storage r) {
assembly {
r.slot:= slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/functiongetBooleanSlot(bytes32 slot) internalpurereturns (BooleanSlot storage r) {
assembly {
r.slot:= slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/functiongetBytes32Slot(bytes32 slot) internalpurereturns (Bytes32Slot storage r) {
assembly {
r.slot:= slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/functiongetUint256Slot(bytes32 slot) internalpurereturns (Uint256Slot storage r) {
assembly {
r.slot:= slot
}
}
}
Contract Source Code
File 45 of 68: TransitiveAllowReachable.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.9;import"./RiskyLibrary.sol";
/**
* allow delegatecalls on all of this contract's functions and reachable code
*
* @custom:oz-upgrades-unsafe-allow-reachable delegatecall
*/contractTransitiveAllowReachable{
functioninternalDelegateCall(bytesmemory data
) externalreturns (bytesmemory) {
return RiskyLibrary.internalDelegateCall(address(this), data);
}
}
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import"../ERC1967/ERC1967Proxy.sol";
/**
* @dev This contract implements a proxy that is upgradeable by an admin.
*
* To avoid https://medium.com/nomic-labs-blog/malicious-backdoors-in-ethereum-proxies-62629adf3357[proxy selector
* clashing], which can potentially be used in an attack, this contract uses the
* https://blog.openzeppelin.com/the-transparent-proxy-pattern/[transparent proxy pattern]. This pattern implies two
* things that go hand in hand:
*
* 1. If any account other than the admin calls the proxy, the call will be forwarded to the implementation, even if
* that call matches one of the admin functions exposed by the proxy itself.
* 2. If the admin calls the proxy, it can access the admin functions, but its calls will never be forwarded to the
* implementation. If the admin tries to call a function on the implementation it will fail with an error that says
* "admin cannot fallback to proxy target".
*
* These properties mean that the admin account can only be used for admin actions like upgrading the proxy or changing
* the admin, so it's best if it's a dedicated account that is not used for anything else. This will avoid headaches due
* to sudden errors when trying to call a function from the proxy implementation.
*
* Our recommendation is for the dedicated account to be an instance of the {ProxyAdmin} contract. If set up this way,
* you should think of the `ProxyAdmin` instance as the real administrative interface of your proxy.
*/contractTransparentUpgradeableProxyisERC1967Proxy{
/**
* @dev Initializes an upgradeable proxy managed by `_admin`, backed by the implementation at `_logic`, and
* optionally initialized with `_data` as explained in {ERC1967Proxy-constructor}.
*/constructor(address _logic, address admin_, bytesmemory _data) payableERC1967Proxy(_logic, _data) {
assert(_ADMIN_SLOT ==bytes32(uint256(keccak256("eip1967.proxy.admin")) -1));
_changeAdmin(admin_);
}
/**
* @dev Modifier used internally that will delegate the call to the implementation unless the sender is the admin.
*/modifierifAdmin() {
if (msg.sender== _getAdmin()) {
_;
} else {
_fallback();
}
}
/**
* @dev Returns the current admin.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyAdmin}.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`
*/functionadmin() externalifAdminreturns (address admin_) {
admin_ = _getAdmin();
}
/**
* @dev Returns the current implementation.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyImplementation}.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc`
*/functionimplementation() externalifAdminreturns (address implementation_) {
implementation_ = _implementation();
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-changeProxyAdmin}.
*/functionchangeAdmin(address newAdmin) externalvirtualifAdmin{
_changeAdmin(newAdmin);
}
/**
* @dev Upgrade the implementation of the proxy.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-upgrade}.
*/functionupgradeTo(address newImplementation) externalifAdmin{
_upgradeToAndCall(newImplementation, bytes(""), false);
}
/**
* @dev Upgrade the implementation of the proxy, and then call a function from the new implementation as specified
* by `data`, which should be an encoded function call. This is useful to initialize new storage variables in the
* proxied contract.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-upgradeAndCall}.
*/functionupgradeToAndCall(address newImplementation, bytescalldata data) externalpayableifAdmin{
_upgradeToAndCall(newImplementation, data, true);
}
/**
* @dev Returns the current admin.
*/function_admin() internalviewvirtualreturns (address) {
return _getAdmin();
}
/**
* @dev Makes sure the admin cannot access the fallback function. See {Proxy-_beforeFallback}.
*/function_beforeFallback() internalvirtualoverride{
require(msg.sender!= _getAdmin(), "TransparentUpgradeableProxy: admin cannot fallback to proxy target");
super._beforeFallback();
}
}
Contract Source Code
File 49 of 68: UUPSUpgradeable.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import"../ERC1967/ERC1967UpgradeUpgradeable.sol";
import"./Initializable.sol";
/**
* @dev Base contract for building openzeppelin-upgrades compatible implementations for the {ERC1967Proxy}. It includes
* publicly available upgrade functions that are called by the plugin and by the secure upgrade mechanism to verify
* continuation of the upgradability.
*
* The {_authorizeUpgrade} function MUST be overridden to include access restriction to the upgrade mechanism.
*
* _Available since v4.1._
*/abstractcontractUUPSUpgradeableisInitializable, ERC1967UpgradeUpgradeable{
function__UUPSUpgradeable_init() internalinitializer{
__ERC1967Upgrade_init_unchained();
__UUPSUpgradeable_init_unchained();
}
function__UUPSUpgradeable_init_unchained() internalinitializer{
}
functionupgradeTo(address newImplementation) externalvirtual{
_authorizeUpgrade(newImplementation);
_upgradeToAndCallSecure(newImplementation, bytes(""), false);
}
functionupgradeToAndCall(address newImplementation, bytesmemory data) externalpayablevirtual{
_authorizeUpgrade(newImplementation);
_upgradeToAndCallSecure(newImplementation, data, true);
}
function_authorizeUpgrade(address newImplementation) internalvirtual;
uint256[50] private __gap;
}
Contract Source Code
File 50 of 68: UnsafeAllow.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.9;import"./TransitiveRiskyLibrary.sol";
// allow has no effect because the delegatecall is in a transitive functioncontractUnsafeAllow{
/// @custom:oz-upgrades-unsafe-allow delegatecallfunctionunsafe(address target, bytesmemory data) public{
TransitiveRiskyLibrary.internalDelegateCall(target, data);
}
}
Contract Source Code
File 51 of 68: UnsafeAllowParent.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.9;import"./TransitiveUnsafeParent.sol";
/**
* allow has no effect because the delegatecall is in a parent function
*
* @custom:oz-upgrades-unsafe-allow delegatecall
*/contractUnsafeAllowParentisTransitiveUnsafeParent{
}
Contract Source Code
File 52 of 68: UnsafeAllowReachableDifferentOpcode.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.9;import"./TransitiveRiskyLibrary.sol";
// allow-reachable has no effect because the transitive function has a different opcodecontractUnsafeAllowReachableDifferentOpcode{
/// @custom:oz-upgrades-unsafe-allow-reachable selfdestructfunctionunsafe(bytesmemory data) public{
TransitiveRiskyLibrary.internalDelegateCall(address(this), data);
}
}
Contract Source Code
File 53 of 68: UnsafeAllowReachableParentDifferentOpcode.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.9;import"./TransitiveUnsafeParent.sol";
/**
* allow-reachable has no effect because the parent function has a different opcode
*
* @custom:oz-upgrades-unsafe-allow-reachable selfdestruct
*/contractUnsafeAllowReachableParentDifferentOpcodeisTransitiveUnsafeParent{
}
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import"./IBeacon.sol";
import"../../access/Ownable.sol";
import"../../utils/Address.sol";
/**
* @dev This contract is used in conjunction with one or more instances of {BeaconProxy} to determine their
* implementation contract, which is where they will delegate all function calls.
*
* An owner is able to change the implementation the beacon points to, thus upgrading the proxies that use this beacon.
*/contractUpgradeableBeaconisIBeacon, Ownable{
addressprivate _implementation;
/**
* @dev Emitted when the implementation returned by the beacon is changed.
*/eventUpgraded(addressindexed implementation);
/**
* @dev Sets the address of the initial implementation, and the deployer account as the owner who can upgrade the
* beacon.
*/constructor(address implementation_) {
_setImplementation(implementation_);
}
/**
* @dev Returns the current implementation address.
*/functionimplementation() publicviewvirtualoverridereturns (address) {
return _implementation;
}
/**
* @dev Upgrades the beacon to a new implementation.
*
* Emits an {Upgraded} event.
*
* Requirements:
*
* - msg.sender must be the owner of the contract.
* - `newImplementation` must be a contract.
*/functionupgradeTo(address newImplementation) publicvirtualonlyOwner{
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Sets the implementation contract address for this beacon
*
* Requirements:
*
* - `newImplementation` must be a contract.
*/function_setImplementation(address newImplementation) private{
require(Address.isContract(newImplementation), "UpgradeableBeacon: implementation is not a contract");
_implementation = newImplementation;
}
}
Contract Source Code
File 65 of 68: ValidationsNatspec.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.2;/// @custom:oz-upgrades-unsafe-allow constructorcontractHasNonEmptyConstructorNatspec1{
constructor() { msg.sender; }
}
contractHasNonEmptyConstructorNatspec2{
/// @custom:oz-upgrades-unsafe-allow constructorconstructor() { msg.sender; }
}
/**
* @custom:oz-upgrades-unsafe-allow constructor
*/contractHasNonEmptyConstructorNatspec3{
constructor() { msg.sender; }
}
/**
* @dev This confused the parser.
* @custom:oz-upgrades-unsafe-allow constructor
*/contractHasNonEmptyConstructorNatspec4{
constructor() { msg.sender; }
}
contractParentHasNonEmptyConstructorNatspec1isHasNonEmptyConstructorNatspec1{}
contractParentHasNonEmptyConstructorNatspec2isHasNonEmptyConstructorNatspec2{}
contractAncestorHasNonEmptyConstructorNatspec1isParentHasNonEmptyConstructorNatspec1{}
contractAncestorHasNonEmptyConstructorNatspec2isParentHasNonEmptyConstructorNatspec2{}
/// @custom:oz-upgrades-unsafe-allow state-variable-assignmentcontractHasStateVariableAssignmentNatspec1{
uint x =1;
}
contractHasStateVariableAssignmentNatspec2{
/// @custom:oz-upgrades-unsafe-allow state-variable-assignmentuint x =1;
}
contractHasStateVariableAssignmentNatspec3{
/// @custom:oz-upgrades-unsafe-allow state-variable-assignmentuint x =1;
uint y =2;
}
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable state-variable-assignmentcontractHasImmutableStateVariableNatspec1{
uintimmutable x =1;
}
contractHasImmutableStateVariableNatspec2{
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable state-variable-assignmentuintimmutable x =1;
}
contractHasImmutableStateVariableNatspec3{
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable state-variable-assignmentuintimmutable x =1;
uintimmutable y =2;
}
/// @custom:oz-upgrades-unsafe-allow selfdestructcontractHasSelfDestructNatspec1{
functiond() public{
selfdestruct(payable(msg.sender));
}
}
contractHasSelfDestructNatspec2{
/// @custom:oz-upgrades-unsafe-allow selfdestructfunctiond() public{
selfdestruct(payable(msg.sender));
}
}
contractHasSelfDestructNatspec3{
functiond() public{
/// @custom:oz-upgrades-unsafe-allow selfdestructselfdestruct(payable(msg.sender));
}
}
/// @custom:oz-upgrades-unsafe-allow delegatecallcontractHasDelegateCallNatspec1{
functiond() public{
(bool s, ) =msg.sender.delegatecall("");
s;
}
}
contract HasDelegateCallNatspec2 {
/// @custom:oz-upgrades-unsafe-allow delegatecall
function d() public {
(bool s, ) = msg.sender.delegatecall("");
s;
}
}
contract HasDelegateCallNatspec3 {
function d() public {
/// @custom:oz-upgrades-unsafe-allow delegatecall
(bool s, ) = msg.sender.delegatecall("");
s;
}
}
import './ValidationsNatspecImport.sol';
contract ImportedParentHasStateVariableAssignmentNatspec1 is ImportedHasStateVariableAssignmentNatspec1 {}
contract ImportedParentHasStateVariableAssignmentNatspec2 is ImportedHasStateVariableAssignmentNatspec2 {}
// For each of 3 dimensions, libraries usage can be
// 1. implicit or explicit (_use for_ directive or not)
// 2. upgrade safe or unsafe
// 3. internal or external (method's visibility)
// libs
library SafeInternalLibraryNatspec {
function add(uint x, uint y) internal pure returns (uint) {
return x + y;
}
}
library SafeExternalLibraryNatspec {
function add(uint x, uint y) public pure returns (uint) {
return x + y;
}
}
library UnsafeInternalLibraryNatspec {
function explode(uint x, uint y) internal {
x + y;
/// @custom:oz-upgrades-unsafe-allow selfdestruct
selfdestruct(payable(msg.sender));
}
}
library UnsafeExternalLibraryNatspec {
function explode(uint x, uint y) public {
x + y;
/// @custom:oz-upgrades-unsafe-allow selfdestruct
selfdestruct(payable(msg.sender));
}
}
// usage
contract UsesImplicitSafeInternalLibraryNatspec {
using SafeInternalLibraryNatspec for uint;
uint x;
function foo(uint y) public view {
x.add(y);
}
}
/// @custom:oz-upgrades-unsafe-allow external-library-linking
contract UsesImplicitSafeExternalLibraryNatspec {
using SafeExternalLibraryNatspec for uint;
uint x;
function foo(uint y) public view {
x.add(y);
}
}
contract UsesImplicitUnsafeInternalLibraryNatspec {
using UnsafeInternalLibraryNatspec for uint;
uint x;
function foo(uint y) public {
x.explode(y);
}
}
/// @custom:oz-upgrades-unsafe-allow external-library-linking
contract UsesImplicitUnsafeExternalLibraryNatspec {
using UnsafeExternalLibraryNatspec for uint;
uint x;
function foo(uint y) public {
x.explode(y);
}
}
contract UsesExplicitSafeInternalLibraryNatspec {
uint x;
function foo(uint y) public view {
SafeInternalLibraryNatspec.add(x, y);
}
}
/// @custom:oz-upgrades-unsafe-allow external-library-linking
contract UsesExplicitSafeExternalLibraryNatspec {
uint x;
function foo(uint y) public view {
SafeExternalLibraryNatspec.add(x, y);
}
}
contract UsesExplicitUnsafeInternalLibraryNatspec {
uint x;
function foo(uint y) public {
UnsafeInternalLibraryNatspec.explode(x, y);
}
}
/// @custom:oz-upgrades-unsafe-allow external-library-linking
contract UsesExplicitUnsafeExternalLibraryNatspec {
uint x;
function foo(uint y) public {
UnsafeExternalLibraryNatspec.explode(x, y);
}
}
Contract Source Code
File 66 of 68: ValidationsNatspecImport.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.2;/// @custom:oz-upgrades-unsafe-allow state-variable-assignmentcontractImportedHasStateVariableAssignmentNatspec1{
uint x =1;
}
contractImportedHasStateVariableAssignmentNatspec2{
/// @custom:oz-upgrades-unsafe-allow state-variable-assignmentuint x =1;
}