// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)pragmasolidity ^0.8.20;/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/abstractcontractContext{
function_msgSender() internalviewvirtualreturns (address) {
returnmsg.sender;
}
function_msgData() internalviewvirtualreturns (bytescalldata) {
returnmsg.data;
}
function_contextSuffixLength() internalviewvirtualreturns (uint256) {
return0;
}
}
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import {OwnableRoles} from"solady/auth/OwnableRoles.sol";
import {Pausable} from"@openzeppelin/contracts/utils/Pausable.sol";
import {IGuardians} from"../interfaces/abstract/IGuardians.sol";
/**
* @notice Guardians contract to manage guardian addresses.
*
* Guardians can be added and removed by the owner of the contract.
* The only action guardians can perform is to pause the contract.
*
* The thinking here is that, if something goes wrong,
* it is useful to have multiple addresses that can pause the contract,
* while only the owner can unpause the contract.
*/abstractcontractGuardiansisIGuardians, OwnableRoles, Pausable{
// =============================================================// CONSTANTS// =============================================================/// @dev use the last role possible so we don't conflict with other roles defined in the implementation contracts.uint256publicconstant GUARDIAN =1<<255;
// =============================================================// PERMISSIONED FUNCTIONS// =============================================================/// @inheritdoc IGuardiansfunctionaddGuardian(address guardian) externalonlyOwner{
_grantRoles(guardian, GUARDIAN);
}
/// @inheritdoc IGuardiansfunctionremoveGuardian(address guardian) externalonlyOwner{
_removeRoles(guardian, GUARDIAN);
}
/// @inheritdoc IGuardiansfunctionpause() externalonlyRolesOrOwner(GUARDIAN) {
_pause();
}
/// @inheritdoc IGuardiansfunctionunpause() externalonlyOwner{
_unpause();
}
// =============================================================// ROLE HELPERS// =============================================================/// @inheritdoc IGuardiansfunctionisGuardian(address account) externalviewreturns (bool) {
return hasAnyRole(account, GUARDIAN);
}
}
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/IERC165.sol)pragmasolidity ^0.8.20;/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/interfaceIERC165{
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/functionsupportsInterface(bytes4 interfaceId) externalviewreturns (bool);
}
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;interfaceIGuardians{
// =============================================================// EVENTS// =============================================================/// @dev Emit an event when owner adds a new guardian address.eventAddGuardian(addressindexed guardian);
/// @dev Emit an event when owner removes a guardian address.eventRemoveGuardian(addressindexed guardian);
// =============================================================// ERRORS// =============================================================/// @dev Revert if an unauthorized caller calls a protected function.errorOnlyGuardian();
// =============================================================// PERMISSIONED FUNCTIONS// =============================================================/// @notice Add an address as a guardian. Only callable by owner.functionaddGuardian(address guardian) external;
/// @notice Remove a guardian. Only callable by owner.functionremoveGuardian(address guardian) external;
/// @notice Pause the contract. Only callable by owner or a guardian.functionpause() external;
/// @notice Unpause the contract. Only callable by owner.functionunpause() external;
// =============================================================// ROLE HELPERS// =============================================================/// @notice Check if an address is a guardian.functionisGuardian(address account) externalreturns (bool);
}
Contract Source Code
File 9 of 21: IIdGateway.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import {IIdRegistry} from"./IIdRegistry.sol";
interfaceIIdGateway{
// NOTE: None of these events are actually emitted by IdGateway, but because they are emitted when calling IdRegistry.register(),// they are included here so that IdGateway's ABI includes them.//// =============================================================// EVENTS// =============================================================/// @dev Emitted on successful registration of a new ID.eventRegistered(uint256 id, addressindexed custody, string username, addressindexed operator, addressindexed recovery
);
// NOTE: None of these errors are actually thrown by IdGateway, but because they are thrown when calling IdRegistry.register(),// they are included here so that IdGateway's ABI includes them.//// =============================================================// ERRORS// =============================================================//// These errors are thrown directly by the IdRegistry, when calling IdRegistry.register().///// @dev Revert when the provided custody address has already been registered by another ID.errorCustodyAlreadyRegistered();
/// @dev Revert when the provided operator address has already been registered by another ID.errorOperatorAlreadyRegistered();
/// @dev Revert when the `custody` and `operator` addresses provided in registration are the same./// They must be distinct because of how we handle transfers.errorOperatorCannotBeCustody();
//// These errors are thrown by the UsernameGateway, on username validation, when calling IdRegistry.register().///// @dev Revert when the provided username has already been registered by another ID.errorUsernameAlreadyRegistered();
/// @dev Revert when the provided username is too long.errorUsernameTooLong();
/// @dev Revert when the provided username is too short.errorUsernameTooShort();
/// @dev Revert when the provided username is not url-safe. (ASCII only, no special characters, etc.)errorUsernameContainsInvalidChar();
// =============================================================// CONSTANTS// =============================================================// Disable rule because we include function interfaces for constants/immutables that should stylistically be UPPERCASED./* solhint-disable func-name-mixedcase *//// @notice Contract version specified in the RoyalProtocol version scheme.functionVERSION() externalviewreturns (stringmemory);
/// @notice EIP712 typehash for Register signatures.functionREGISTER_TYPEHASH() externalviewreturns (bytes32);
// =============================================================// IMMUTABLES// =============================================================/// @notice The RoyalProtocol IdRegistry contract.functionID_REGISTRY() externalviewreturns (IIdRegistry);
/* solhint-enable func-name-mixedcase */// =============================================================// REGISTRATION// =============================================================/**
* @notice Register a new RoyalProtocol ID to the caller.
*
* Requirements:
* - The IdGateway contract is not paused.
* - The IdRegistry contract is not paused.
* - The caller must not already have a registered ID.
* - The provided `username` must be valid and unique.
* - If non-zero, the `operator` address must not already have a registered ID.
*
* @param username The username for the account, for client-side human-readable identification.
* @param operator An alias / alternate wallet that can be used as this account. (Can be address(0)).
* @param recovery The address wich can recover the account. Set to address(0) to disable recovery.
*
* @return id The registered account ID.
*/functionregister(stringcalldata username, address operator, address recovery) externalreturns (uint256 id);
/**
* @notice Register a new RoyalProtocol ID to the provided `custody` address. A signed message from the `custody` address must be provided.
*
* Requirements:
* - The IdGateway contract is not paused.
* - The IdRegistry contract is not paused.
* - The `custody` address must not already have a registered ID.
* - The provided `username` must be valid and unique.
* - If non-zero, the `operator` address must not already have a registered ID.
* - The `deadline` must be in the future.
* - The EIP712 signature `sig` must be valid.
*
* @param custody The custody address for the account. Also the signer of the EIP712 `sig`.
* @param username The username for the account, for client-side human-readable identification.
* @param operator An alias / alternate wallet that can be used as this account. (Can be address(0)).
* @param recovery The address wich can recover the account. Set to address(0) to disable recovery.
* @param deadline The expiration timestamp for the signature.
* @param sig The EIP712 "Register" signature, signed by the custody address.
*
* @return id The registered account ID.
*/functionregisterFor(address custody,
stringcalldata username,
address operator,
address recovery,
uint256 deadline,
bytescalldata sig
) externalreturns (uint256 id);
}
Contract Source Code
File 10 of 21: IIdRegistry.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;interfaceIIdRegistry{
// =============================================================// STRUCTS// =============================================================/**
* @dev Struct used in a getter for user data.
*
* @param id The user's ID.
* @param custody The user's custody address. Controls the ID.
* @param username The user's username.
* @param operator The user's operator address (Optional).
* Can act on behalf of the ID (but not change User data).
* @param recovery The user's recovery address (Optional).
* Can recover the ID to another custody address.
*/structUser {
uint256 id;
address custody;
string username;
address operator; // Optionaladdress recovery; // Optional
}
/// @dev Struct argument for admin bulk register function,// with operator == address(0) for each address, and user-specific recovery addresses.structBulkRegisterData {
uint96 id;
address custody;
string username;
address recovery;
}
/// @dev Struct argument for admin bulk register function,/// with user-specific operator addresses and recovery addresses.structBulkRegisterWithOperatorData {
uint96 id;
address custody;
string username;
address operator;
address recovery;
}
/// @dev Struct argument for admin bulk register function,/// with operator == address(0) for each address, and a default recovery address.structBulkRegisterWithDefaultRecoveryData {
uint96 id;
address custody;
string username;
}
/// @dev Struct argument for admin bulk register function,/// with user-specific operator addresses, and a default recovery address.structBulkRegisterWithOperatorAndDefaultRecoveryData {
uint96 id;
address custody;
string username;
address operator;
}
// =============================================================// EVENTS// =============================================================/// @dev Emitted on successful registration of a new ID.eventRegistered(uint256 id, addressindexed custody, string username, addressindexed operator, addressindexed recovery
);
/// @dev Emitted on successful transfer of an ID to another address.////// NOTE: We normally put `id` first in events, but this format is consistent with the ERC721 `Transfer` event,/// which ensures various tools that know how to parse that event can also parse this one.eventTransfer(addressindexedfrom, addressindexed to, uint256indexed id);
/// @dev Emitted on successful transfer of a username to another ID.eventUsernameTransferred(uint256indexed fromId, uint256indexed toId, string username);
/// @dev Emitted on successful change of username.eventUsernameChanged(uint256indexed id, string newUsername);
/// @dev Emitted on successful change of operator address.eventOperatorAddressChanged(uint256indexed id, addressindexed newOperator);
/// @dev Emitted on successful change of recovery address.eventRecoveryAddressChanged(uint256indexed id, addressindexed newRecovery);
/// @dev Emitted on successful recovery of an ID to another address.eventRecovered(uint256indexed id, addressindexed to);
/// @dev Emitted when the Owner sets the IdGateway to a new value.eventIdGatewaySet(address oldIdGateway, address newIdGateway);
/// @dev Emitted when the Owner freezes the IdGateway dependency.eventIdGatewayFrozen(address idGateway);
/// @dev Emitted when the Owner sets the UsernameGateway to a new value.eventUsernameGatewaySet(address oldUsernameGateway, address newUsernameGateway);
/// @dev Emitted when the Owner freezes the UsernameGateway dependency.eventUsernameGatewayFrozen(address usernameGateway);
/// @dev Emitted when the Owner sets the DelegateRegistry to a new value.eventDelegateRegistrySet(address oldDelegateRegistry, address newDelegateRegistry);
/// @dev Emitted when the Owner freezes the DelegateRegistry dependency.eventDelegateRegistryFrozen(address delegateRegistry);
/// @dev Emitted when the Migrator deletes an ID as part of the migration process.eventAdminReset(uint256indexed id);
/// @dev Emitted when the Migrator sets the IdCounter to a new value as part of the migration process.eventIdCounterSet(uint256 oldIdCounter, uint256 newIdCounter);
// =============================================================// ERRORS// =============================================================/// @dev Revert when a non-IdGateway address attempts to call a gated function.errorOnlyIdGateway();
/// @dev Revert when a non-UsernameGateway address attempts to call a gated function.errorOnlyUsernameGateway();
/// @dev Revert when the provided custody address has already been registered by another ID.errorCustodyAlreadyRegistered();
/// @dev Revert when the provided operator address has already been registered by another ID.errorOperatorAlreadyRegistered();
/// @dev Revert when the `custody` and `operator` addresses provided in registration are the same.errorOperatorCannotBeCustody();
/// @dev Revert when the relevant address is not the custody address of the ID.errorOnlyCustody();
/// @dev Revert when the relevant address is not the recovery address of the ID.errorOnlyRecovery();
/// @dev Revert when the DelegateRegistry or IdGateway dependency is permanently frozen and cannot be updated.errorFrozen();
/// @dev Revert when the relevant username/ID does not exist.errorHasNoId();
//// NOTE: None of the following errors are thrown by IdRegistry,// but they are thrown by usernameGateway.checkUsername(),// so are included here so that IdRegistry's ABI includes them.//// Needed because the bulkRegisterX migration functions live on the IdRegistry contract,// but they call out to UsernameGateway to validate usernames when validating the registration.///// @dev Revert when the provided username has already been registered by another ID.errorUsernameAlreadyRegistered();
/// @dev Revert when the username is over 16 bytes.errorUsernameTooLong();
/// @dev Revert when the provided username is too short.errorUsernameTooShort();
/// @dev Revert when the username contains invalid characters.errorUsernameContainsInvalidChar();
// =============================================================// CONSTANTS// =============================================================// We write function interfaces for constants that should stylistically be UPPERCASED./* solhint-disable func-name-mixedcase *//// @notice "Name" of the contract. Defined for compatibility with tools like Etherscan that detect ID transfers as token transfers. Intentionally lowercased.functionname() externalviewreturns (stringmemory);
/// @notice Contract version specified in the RoyalProtocol version scheme.functionVERSION() externalviewreturns (stringmemory);
/// @notice The EIP712 typehash for Transfer signatures.functionTRANSFER_TYPEHASH() externalviewreturns (bytes32);
/// @notice The EIP712 typehash for TransferAndChangeRecovery signatures.functionTRANSFER_AND_CHANGE_OPERATOR_AND_RECOVERY_TYPEHASH() externalviewreturns (bytes32);
/// @notice The EIP712 typehash for ChangeOperator signatures.functionCHANGE_OPERATOR_TYPEHASH() externalviewreturns (bytes32);
/// @notice The EIP712 typehash for ChangeRecovery signatures.functionCHANGE_RECOVERY_TYPEHASH() externalviewreturns (bytes32);
/* solhint-enable func-name-mixedcase */// =============================================================// STORAGE// =============================================================/**
* @notice The address of the IdGateway contract - the only address that can register new IDs.
*
* The IdGateway wraps registration logic and provides a swappable abstraction layer around it.
* This may be used in the future for more advanced registration logic.
*/functionidGateway() externalviewreturns (address);
/// @notice Whether the IdGateway dependency is permanently frozen.functionidGatewayFrozen() externalviewreturns (bool);
/**
* @notice The address of the UsernameGateway contract - the only address that can change or transfer usernames.
*
* The UsernameGateway wraps username change logic and provides a swappable abstraction layer around it.
* This may be used in the future for stricter/looser username validation.
*/functionusernameGateway() externalviewreturns (address);
/// @notice Whether the UsernameGateway dependency is permanently frozen.functionusernameGatewayFrozen() externalviewreturns (bool);
/**
* @notice The address of the DelegateRegistry contract. (updatable).
*
* We use this contract for the `canAct() logic to check delegations against the custody and operator.
* It MUST implement the delegate.xyz v2 interface, (and by default, is the delegate.xyz v2 contract).
*
* It is updatable so that we can extend / swap the functionality of `canAct()` in the future if necessary.
*/functiondelegateRegistry() externalviewreturns (address);
/// @notice Whether the DelegateRegistry dependency is permanently frozen.functiondelegateRegistryFrozen() externalviewreturns (bool);
/// @notice The last RoyalProtocol ID that was issued.functionidCounter() externalviewreturns (uint256);
/// @notice Maps each address (custody/operator) to its associated ID.functionidOf(address wallet) externalviewreturns (uint256);
/// @notice Maps each ID to its associated custody address.functioncustodyOf(uint256 id) externalviewreturns (address);
/// @notice Maps each ID to its associated username.functionusernameOf(uint256 id) externalviewreturns (stringmemory);
/// @notice Maps each (lowercased) username hash to its associated ID.functionidOfUsernameHash(bytes32 usernameHash) externalviewreturns (uint256);
/// @notice Maps each ID to its associated operator address.functionoperatorOf(uint256 id) externalviewreturns (address);
/// @notice Maps each ID to its associated recovery address.functionrecoveryOf(uint256 id) externalviewreturns (address);
// =============================================================// REGISTRATION// =============================================================/**
* @notice Register a new RoyalProtocol ID to the custody address. Only callable by the IdGateway.
*
* @param custody The custody address for the ID. Controls the ID.
* @param username The username for the ID.
* @param operator The operator address for the ID. Can potentially act on behalf of the ID (but not in the IdRegistry contract itself).
* @param recovery The recovery address for the ID. Can recover the ID to another custody address.
*/functionregister(address custody, stringcalldata username, address operator, address recovery)
externalreturns (uint256 id);
// =============================================================// TRANSFERS// =============================================================/// @notice Transfer the caller's ID to another address.////// NOTE: This leaves the `recovery` and `operator` addresses unchanged.functiontransfer(address to, uint256 deadline, bytescalldata sig) external;
/// @notice Transfer the provided ID to another address.////// NOTE: This leaves the `recovery` and `operator` addresses unchanged.functiontransferFor(uint256 id,
address to,
uint256 fromDeadline,
bytescalldata fromSig,
uint256 toDeadline,
bytescalldata toSig
) external;
/// @notice Transfer the caller's ID to another address and change the recovery and operator addresses.functiontransferAndChangeOperatorAndRecovery(address to,
address newOperator,
address newRecovery,
uint256 deadline,
bytescalldata sig
) external;
/// @notice Transfer the provided ID to another address and change the recovery and operator addresses.functiontransferAndChangeOperatorAndRecoveryFor(uint256 id,
address to,
address newOperator,
address newRecovery,
uint256 fromDeadline,
bytescalldata fromSig,
uint256 toDeadline,
bytescalldata toSig
) external;
// =============================================================// TRANSFER USERNAME// =============================================================/**
* @notice Transfer the username of the caller's ID to another ID. Only callable by the UsernameGateway.
* Assumes username validation has happened in the UsernameGateway.
*
* @param fromId The ID to transfer the username from.
* @param toId The ID to transfer the username to.
* @param newFromUsername The new username for the `from` ID.
*/functionunsafeTransferUsername(uint256 fromId, uint256 toId, stringcalldata newFromUsername) external;
// =============================================================// CHANGE USERNAME// =============================================================/**
* @notice Change the username for the provided ID. Only callable by the UsernameGateway.
* Assumes username validation has happened in the UsernameGateway.
*
* @param id The ID to change the username for.
* @param newUsername The new username for the provided `id`.
*/functionunsafeChangeUsername(uint256 id, stringcalldata newUsername) external;
// =============================================================// CHANGE OPERATOR// =============================================================/// @notice Change the operator address for the caller's ID.functionchangeOperator(address newOperator) external;
/// @notice Change the operator address for the provided ID.functionchangeOperatorFor(uint256 id, address newOperator, uint256 deadline, bytescalldata sig) external;
// =============================================================// RECOVERY LOGIC// =============================================================/// @notice Change the recovery address for the caller's ID.functionchangeRecovery(address newRecovery) external;
/// @notice Change the recovery address for the provided ID.functionchangeRecoveryFor(uint256 id, address newRecovery, uint256 deadline, bytescalldata sig) external;
/// @notice Recover the ID of the `from` address ` Called by the recovery address for that ID.functionrecover(uint256 id, address to, uint256 deadline, bytescalldata sig) external;
/**
* @notice Recover the ID of the `from` address on behalf of the ID's recovery address.
*
* @param id The account ID to recover.
* @param to The new custody address to recover the ID to.
* @param recoveryDeadline The deadline for the signature from the recovery address.
* @param recoverySig The signature from the recovery address.
* @param toDeadline The deadline for the signature from the new custody address.
* @param toSig The signature from the new custody address.
*/functionrecoverFor(uint256 id,
address to,
uint256 recoveryDeadline,
bytescalldata recoverySig,
uint256 toDeadline,
bytescalldata toSig
) external;
// =============================================================// PERMISSIONED ACTIONS// =============================================================/// @notice Set the IdGateway contract address.functionsetIdGateway(address idGateway_) external;
/// @notice Freeze the IdGateway dependency.functionfreezeIdGateway() external;
/// @notice Set the UsernameGateway contract address.functionsetUsernameGateway(address usernameGateway_) external;
/// @notice Freeze the UsernameGateway dependency.functionfreezeUsernameGateway() external;
/// @notice Set the DelegateRegistry contract address.functionsetDelegateRegistry(address delegateRegistry_) external;
/// @notice Freeze the DelegateRegistry dependency.functionfreezeDelegateRegistry() external;
// =============================================================// MIGRATION// =============================================================/// @notice Register a bunch of IDs as part of a migration.functionbulkRegisterIds(BulkRegisterData[] calldata data) external;
/// @notice Register a bunch of IDs with operators as part of a migration.functionbulkRegisterIdsWithOperator(BulkRegisterWithOperatorData[] calldata data) external;
/// @notice Register a bunch of IDs with a default recovery address as part of a migration.functionbulkRegisterIdsWithDefaultRecovery(BulkRegisterWithDefaultRecoveryData[] calldata data, address recovery)
external;
/// @notice Register a bunch of IDs with operators and a default recovery address as part of a migration.functionbulkRegisterIdsWithOperatorAndDefaultRecovery(
BulkRegisterWithOperatorAndDefaultRecoveryData[] calldata data,
address recovery
) external;
/// @notice Delete the accounts of a bunch of user IDs. (Only callable by the Owner).functionbulkResetIds(uint32[] calldata ids) external;
/**
* @notice Set the idCounter to a new value.
*
* Used in migrations when a bunch of IDs have been reset,
* or to group IDs together for a specific purpose.
*/functionsetIdCounter(uint256 counter) external;
// =============================================================// VIEW FUNCTIONS// =============================================================/// @notice Get the user data for the provided ID.functiongetUserById(uint256 id) externalviewreturns (User memory);
/// @notice Gets the ID for a given username.functiongetIdByUsername(stringcalldata username) externalviewreturns (uint256 id);
// =============================================================// CAN ACT// =============================================================/**
* @notice Check if an address can take a given action on behalf of an ID.
*
* NOTE: Because the logic here is based on the delegateRegistry, we can swap out
* the delegateRegistry from `delegate.xyz` to our own implementation in the future,
* if we ever want to update/upgrade the logic for `canAct()`.
*
* @param id The RoyalProtocol ID to check.
* @param actor The address attempting to take the action.
* @param contractAddr The address of the contract the action is being taken on.
* @param rights The rights being requested. (Optional).
*/functioncanAct(uint256 id, address actor, address contractAddr, bytes32 rights) externalviewreturns (bool);
// =============================================================// SIGNATURE HELPERS - VIEW FNS// =============================================================/// @notice Verifies a signature for a given ID is from the `custody` address.functionverifyCustodySignature(uint256 id, bytes32 digest, bytescalldata sig) externalreturns (bool isValid);
/// @notice Verifies a signature for a given ID is from the `custody` or `operator` address.functionverifyIdSignature(uint256 id, bytes32 digest, bytescalldata sig) externalreturns (bool isValid);
}
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;interfaceISignatures{
// =============================================================// ERRORS// =============================================================/// @dev Revert when the signature provided is invalid.errorInvalidSignature();
/// @dev Revert when the block.timestamp is ahead of the signature deadline.errorSignatureExpired();
}
Contract Source Code
File 13 of 21: IWithdrawable.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;interfaceIWithdrawable{
// =============================================================// EVENTS// =============================================================/// @dev Emitted when ETH is withdrawn from the contract.eventWithdrawn(address receiver, uint256 amount);
/// @dev Emitted when an ERC20 token is withdrawn from the contract.eventWithdrawnERC20(address receiver, address token, uint256 amount);
/// @dev Emitted when an ERC721 token is withdrawn from the contract.eventWithdrawnERC721(address receiver, address token, uint256 tokenId);
/// @dev Emitted when an ERC1155 token is withdrawn from the contract.eventWithdrawnERC1155(address receiver, address token, uint256 tokenId, uint256 amount);
// =============================================================// ERRORS// =============================================================/// @dev Error emitted when the provided address is the zero address.errorAddressZero();
/// @dev Error emitted when the provided amount to withdraw is less than the contract's balance.errorInsufficientBalance();
/// @dev Error emitted when the withdrawal fails.errorWithdrawalFailed();
// =============================================================// WITHDRAW ETH// =============================================================/**
* @notice Withdraws ETH from the contract.
*
* @param receiver The address to receive the ETH.
*
* @dev Only the contract owner can call this function.
*/functionwithdraw(address receiver) external;
// =============================================================// WITHDRAW ERC20// =============================================================/**
* @notice Withdraws `amount` of an ERC20 token from the contract.
*
* @param receiver The address to receive the ERC20 tokens.
* @param token The ERC20 token address.
* @param amount The amount of ERC20 tokens to withdraw.
*
* @dev Only the contract owner can call this function.
*/functionwithdrawERC20(address receiver, address token, uint256 amount) external;
/**
* @notice Withdraws all of a given ERC20 token from the contract.
*
* @param receiver The address to receive the ERC20 tokens.
* @param token The ERC20 token address.
*
* @dev Only the contract owner can call this function.
*/functionwithdrawAllERC20(address receiver, address token) external;
// =============================================================// WITHDRAW ERC721// =============================================================/**
* @notice Withdraws an ERC721 token from the contract.
*
* @param receiver The address to receive the ERC721 token.
* @param token The ERC721 token address.
* @param tokenId The ERC721 token ID.
*
* @dev Only the contract owner can call this function.
*/functionwithdrawERC721(address receiver, address token, uint256 tokenId) external;
// =============================================================// WITHDRAW ERC1155// =============================================================/**
* @notice Withdraws an ERC1155 token from the contract.
*
* @param receiver The address to receive the ERC1155 token.
* @param token The ERC1155 token address.
* @param tokenId The ERC1155 token ID.
* @param amount The amount of ERC1155 tokens to withdraw.
* @param data Additional data with no specified format.
*
* @dev Only the contract owner can call this function.
*/functionwithdrawERC1155(address receiver, address token, uint256 tokenId, uint256 amount, bytescalldata data)
external;
/**
* @notice Withdraws all of a given ERC1155 token from the contract.
*
* @param receiver The address to receive the ERC1155 tokens.
* @param token The ERC1155 token address.
* @param tokenId The ERC1155 token ID.
* @param data Additional data with no specified format.
*
* @dev Only the contract owner can call this function.
*/functionwithdrawAllERC1155(address receiver, address token, uint256 tokenId, bytescalldata data) external;
}
Contract Source Code
File 14 of 21: IdGateway.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import {IIdGateway} from"./interfaces/IIdGateway.sol";
import {IIdRegistry} from"./interfaces/IIdRegistry.sol";
import {Withdrawable} from"./abstract/Withdrawable.sol";
import {Signatures} from"./abstract/Signatures.sol";
import {EIP712} from"./abstract/EIP712.sol";
import {Nonces} from"./abstract/Nonces.sol";
/**
* @title RoyalProtocol IdGateway
*
* @notice An abstraction layer around registration for the IdRegistry.
* Having this abstraction layer allows for switching registration logic in the future if needed.
*/contractIdGatewayisIIdGateway, Withdrawable, Signatures, EIP712, Nonces{
// =============================================================// CONSTANTS// =============================================================/* solhint-disable gas-small-strings *//// @inheritdoc IIdGatewaystringpublicconstant VERSION ="2024-07-19";
/// @inheritdoc IIdGatewaybytes32publicconstant REGISTER_TYPEHASH =keccak256(
"Register(address custody,string username,address operator,address recovery,uint256 nonce,uint256 deadline)"
);
/* solhint-enable gas-small-strings */// =============================================================// IMMUTABLES// =============================================================/// @inheritdoc IIdGateway
IIdRegistry publicimmutable ID_REGISTRY;
// =============================================================// CONSTRUCTOR// =============================================================/**
* @notice Configure IdRegistry and ownership of the contract.
*
* @param idRegistry_ The RoyalProtocol IdRegistry contract address.
* @param initialOwner_ The initial owner of the contract.
*/constructor(IIdRegistry idRegistry_, address initialOwner_) {
ID_REGISTRY = idRegistry_;
_initializeOwner(initialOwner_);
}
// =============================================================// EIP712// =============================================================/// @dev Configure the EIP712 name and version for the domain separator.function_domainNameAndVersion() internalpureoverridereturns (stringmemory name, stringmemory version) {
name ="RoyalProtocol_IdGateway";
version ="1";
}
// =============================================================// REGISTRATION// =============================================================/// @inheritdoc IIdGatewayfunctionregister(stringcalldata username, address operator, address recovery)
externaloverridewhenNotPausedreturns (uint256 id)
{
id = ID_REGISTRY.register(msg.sender, username, operator, recovery);
}
/// @inheritdoc IIdGatewayfunctionregisterFor(address custody,
stringcalldata username,
address operator,
address recovery,
uint256 deadline,
bytescalldata sig
) externaloverridewhenNotPausedreturns (uint256 id) {
// Reverts if the signature is invalid
_verifyRegisterSig({
custody: custody,
username: username,
operator: operator,
recovery: recovery,
deadline: deadline,
sig: sig
});
id = ID_REGISTRY.register(custody, username, operator, recovery);
}
// =============================================================// SIGNATURE HELPERS// =============================================================/// @dev Verify the EIP712 signature for a registerFor transaction.function_verifyRegisterSig(address custody,
stringcalldata username,
address operator,
address recovery,
uint256 deadline,
bytescalldata sig
) internal{
bytes32 digest = _hashTypedData(
keccak256(
abi.encode(
REGISTER_TYPEHASH,
custody,
keccak256(bytes(username)),
operator,
recovery,
_useNonce(custody),
deadline
)
)
);
_verifySig(digest, custody, deadline, sig);
}
}
Contract Source Code
File 15 of 21: Nonces.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/Nonces.sol)pragmasolidity ^0.8.20;/**
* @dev Provides tracking nonces for addresses. Nonces will only increment.
*/abstractcontractNonces{
/**
* @dev The nonce used for an `account` is not the expected current nonce.
*/errorInvalidAccountNonce(address account, uint256 currentNonce);
mapping(address account =>uint256) private _nonces;
/**
* @dev Returns the next unused nonce for an address.
*/functionnonces(address owner) publicviewvirtualreturns (uint256) {
return _nonces[owner];
}
/**
* @dev Consumes a nonce.
*
* Returns the current value and increments nonce.
*/function_useNonce(address owner) internalvirtualreturns (uint256) {
// For each account, the nonce has an initial value of 0, can only be incremented by one, and cannot be// decremented or reset. This guarantees that the nonce never overflows.unchecked {
// It is important to do x++ and not ++x here.return _nonces[owner]++;
}
}
/**
* @dev Same as {_useNonce} but checking that `nonce` is the next valid for `owner`.
*/function_useCheckedNonce(address owner, uint256 nonce) internalvirtual{
uint256 current = _useNonce(owner);
if (nonce != current) {
revert InvalidAccountNonce(owner, current);
}
}
}
Contract Source Code
File 16 of 21: Ownable.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.4;/// @notice Simple single owner authorization mixin./// @author Solady (https://github.com/vectorized/solady/blob/main/src/auth/Ownable.sol)////// @dev Note:/// This implementation does NOT auto-initialize the owner to `msg.sender`./// You MUST call the `_initializeOwner` in the constructor / initializer.////// While the ownable portion follows/// [EIP-173](https://eips.ethereum.org/EIPS/eip-173) for compatibility,/// the nomenclature for the 2-step ownership handover may be unique to this codebase.abstractcontractOwnable{
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* CUSTOM ERRORS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev The caller is not authorized to call the function.errorUnauthorized();
/// @dev The `newOwner` cannot be the zero address.errorNewOwnerIsZeroAddress();
/// @dev The `pendingOwner` does not have a valid handover request.errorNoHandoverRequest();
/// @dev Cannot double-initialize.errorAlreadyInitialized();
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* EVENTS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev The ownership is transferred from `oldOwner` to `newOwner`./// This event is intentionally kept the same as OpenZeppelin's Ownable to be/// compatible with indexers and [EIP-173](https://eips.ethereum.org/EIPS/eip-173),/// despite it not being as lightweight as a single argument event.eventOwnershipTransferred(addressindexed oldOwner, addressindexed newOwner);
/// @dev An ownership handover to `pendingOwner` has been requested.eventOwnershipHandoverRequested(addressindexed pendingOwner);
/// @dev The ownership handover to `pendingOwner` has been canceled.eventOwnershipHandoverCanceled(addressindexed pendingOwner);
/// @dev `keccak256(bytes("OwnershipTransferred(address,address)"))`.uint256privateconstant _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE =0x8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0;
/// @dev `keccak256(bytes("OwnershipHandoverRequested(address)"))`.uint256privateconstant _OWNERSHIP_HANDOVER_REQUESTED_EVENT_SIGNATURE =0xdbf36a107da19e49527a7176a1babf963b4b0ff8cde35ee35d6cd8f1f9ac7e1d;
/// @dev `keccak256(bytes("OwnershipHandoverCanceled(address)"))`.uint256privateconstant _OWNERSHIP_HANDOVER_CANCELED_EVENT_SIGNATURE =0xfa7b8eab7da67f412cc9575ed43464468f9bfbae89d1675917346ca6d8fe3c92;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* STORAGE *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev The owner slot is given by:/// `bytes32(~uint256(uint32(bytes4(keccak256("_OWNER_SLOT_NOT")))))`./// It is intentionally chosen to be a high value/// to avoid collision with lower slots./// The choice of manual storage layout is to enable compatibility/// with both regular and upgradeable contracts.bytes32internalconstant _OWNER_SLOT =0xffffffffffffffffffffffffffffffffffffffffffffffffffffffff74873927;
/// The ownership handover slot of `newOwner` is given by:/// ```/// mstore(0x00, or(shl(96, user), _HANDOVER_SLOT_SEED))/// let handoverSlot := keccak256(0x00, 0x20)/// ```/// It stores the expiry timestamp of the two-step ownership handover.uint256privateconstant _HANDOVER_SLOT_SEED =0x389a75e1;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* INTERNAL FUNCTIONS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev Override to return true to make `_initializeOwner` prevent double-initialization.function_guardInitializeOwner() internalpurevirtualreturns (bool guard) {}
/// @dev Initializes the owner directly without authorization guard./// This function must be called upon initialization,/// regardless of whether the contract is upgradeable or not./// This is to enable generalization to both regular and upgradeable contracts,/// and to save gas in case the initial owner is not the caller./// For performance reasons, this function will not check if there/// is an existing owner.function_initializeOwner(address newOwner) internalvirtual{
if (_guardInitializeOwner()) {
/// @solidity memory-safe-assemblyassembly {
let ownerSlot := _OWNER_SLOT
ifsload(ownerSlot) {
mstore(0x00, 0x0dc149f0) // `AlreadyInitialized()`.revert(0x1c, 0x04)
}
// Clean the upper 96 bits.
newOwner :=shr(96, shl(96, newOwner))
// Store the new value.sstore(ownerSlot, or(newOwner, shl(255, iszero(newOwner))))
// Emit the {OwnershipTransferred} event.log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, 0, newOwner)
}
} else {
/// @solidity memory-safe-assemblyassembly {
// Clean the upper 96 bits.
newOwner :=shr(96, shl(96, newOwner))
// Store the new value.sstore(_OWNER_SLOT, newOwner)
// Emit the {OwnershipTransferred} event.log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, 0, newOwner)
}
}
}
/// @dev Sets the owner directly without authorization guard.function_setOwner(address newOwner) internalvirtual{
if (_guardInitializeOwner()) {
/// @solidity memory-safe-assemblyassembly {
let ownerSlot := _OWNER_SLOT
// Clean the upper 96 bits.
newOwner :=shr(96, shl(96, newOwner))
// Emit the {OwnershipTransferred} event.log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, sload(ownerSlot), newOwner)
// Store the new value.sstore(ownerSlot, or(newOwner, shl(255, iszero(newOwner))))
}
} else {
/// @solidity memory-safe-assemblyassembly {
let ownerSlot := _OWNER_SLOT
// Clean the upper 96 bits.
newOwner :=shr(96, shl(96, newOwner))
// Emit the {OwnershipTransferred} event.log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, sload(ownerSlot), newOwner)
// Store the new value.sstore(ownerSlot, newOwner)
}
}
}
/// @dev Throws if the sender is not the owner.function_checkOwner() internalviewvirtual{
/// @solidity memory-safe-assemblyassembly {
// If the caller is not the stored owner, revert.ifiszero(eq(caller(), sload(_OWNER_SLOT))) {
mstore(0x00, 0x82b42900) // `Unauthorized()`.revert(0x1c, 0x04)
}
}
}
/// @dev Returns how long a two-step ownership handover is valid for in seconds./// Override to return a different value if needed./// Made internal to conserve bytecode. Wrap it in a public function if needed.function_ownershipHandoverValidFor() internalviewvirtualreturns (uint64) {
return48*3600;
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* PUBLIC UPDATE FUNCTIONS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev Allows the owner to transfer the ownership to `newOwner`.functiontransferOwnership(address newOwner) publicpayablevirtualonlyOwner{
/// @solidity memory-safe-assemblyassembly {
ifiszero(shl(96, newOwner)) {
mstore(0x00, 0x7448fbae) // `NewOwnerIsZeroAddress()`.revert(0x1c, 0x04)
}
}
_setOwner(newOwner);
}
/// @dev Allows the owner to renounce their ownership.functionrenounceOwnership() publicpayablevirtualonlyOwner{
_setOwner(address(0));
}
/// @dev Request a two-step ownership handover to the caller./// The request will automatically expire in 48 hours (172800 seconds) by default.functionrequestOwnershipHandover() publicpayablevirtual{
unchecked {
uint256 expires =block.timestamp+ _ownershipHandoverValidFor();
/// @solidity memory-safe-assemblyassembly {
// Compute and set the handover slot to `expires`.mstore(0x0c, _HANDOVER_SLOT_SEED)
mstore(0x00, caller())
sstore(keccak256(0x0c, 0x20), expires)
// Emit the {OwnershipHandoverRequested} event.log2(0, 0, _OWNERSHIP_HANDOVER_REQUESTED_EVENT_SIGNATURE, caller())
}
}
}
/// @dev Cancels the two-step ownership handover to the caller, if any.functioncancelOwnershipHandover() publicpayablevirtual{
/// @solidity memory-safe-assemblyassembly {
// Compute and set the handover slot to 0.mstore(0x0c, _HANDOVER_SLOT_SEED)
mstore(0x00, caller())
sstore(keccak256(0x0c, 0x20), 0)
// Emit the {OwnershipHandoverCanceled} event.log2(0, 0, _OWNERSHIP_HANDOVER_CANCELED_EVENT_SIGNATURE, caller())
}
}
/// @dev Allows the owner to complete the two-step ownership handover to `pendingOwner`./// Reverts if there is no existing ownership handover requested by `pendingOwner`.functioncompleteOwnershipHandover(address pendingOwner) publicpayablevirtualonlyOwner{
/// @solidity memory-safe-assemblyassembly {
// Compute and set the handover slot to 0.mstore(0x0c, _HANDOVER_SLOT_SEED)
mstore(0x00, pendingOwner)
let handoverSlot :=keccak256(0x0c, 0x20)
// If the handover does not exist, or has expired.ifgt(timestamp(), sload(handoverSlot)) {
mstore(0x00, 0x6f5e8818) // `NoHandoverRequest()`.revert(0x1c, 0x04)
}
// Set the handover slot to 0.sstore(handoverSlot, 0)
}
_setOwner(pendingOwner);
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* PUBLIC READ FUNCTIONS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev Returns the owner of the contract.functionowner() publicviewvirtualreturns (address result) {
/// @solidity memory-safe-assemblyassembly {
result :=sload(_OWNER_SLOT)
}
}
/// @dev Returns the expiry timestamp for the two-step ownership handover to `pendingOwner`.functionownershipHandoverExpiresAt(address pendingOwner)
publicviewvirtualreturns (uint256 result)
{
/// @solidity memory-safe-assemblyassembly {
// Compute the handover slot.mstore(0x0c, _HANDOVER_SLOT_SEED)
mstore(0x00, pendingOwner)
// Load the handover slot.
result :=sload(keccak256(0x0c, 0x20))
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* MODIFIERS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev Marks a function as only callable by the owner.modifieronlyOwner() virtual{
_checkOwner();
_;
}
}
Contract Source Code
File 17 of 21: OwnableRoles.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.4;import {Ownable} from"./Ownable.sol";
/// @notice Simple single owner and multiroles authorization mixin./// @author Solady (https://github.com/vectorized/solady/blob/main/src/auth/OwnableRoles.sol)////// @dev Note:/// This implementation does NOT auto-initialize the owner to `msg.sender`./// You MUST call the `_initializeOwner` in the constructor / initializer.////// While the ownable portion follows/// [EIP-173](https://eips.ethereum.org/EIPS/eip-173) for compatibility,/// the nomenclature for the 2-step ownership handover may be unique to this codebase.abstractcontractOwnableRolesisOwnable{
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* EVENTS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev The `user`'s roles is updated to `roles`./// Each bit of `roles` represents whether the role is set.eventRolesUpdated(addressindexed user, uint256indexed roles);
/// @dev `keccak256(bytes("RolesUpdated(address,uint256)"))`.uint256privateconstant _ROLES_UPDATED_EVENT_SIGNATURE =0x715ad5ce61fc9595c7b415289d59cf203f23a94fa06f04af7e489a0a76e1fe26;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* STORAGE *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev The role slot of `user` is given by:/// ```/// mstore(0x00, or(shl(96, user), _ROLE_SLOT_SEED))/// let roleSlot := keccak256(0x00, 0x20)/// ```/// This automatically ignores the upper bits of the `user` in case/// they are not clean, as well as keep the `keccak256` under 32-bytes.////// Note: This is equivalent to `uint32(bytes4(keccak256("_OWNER_SLOT_NOT")))`.uint256privateconstant _ROLE_SLOT_SEED =0x8b78c6d8;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* INTERNAL FUNCTIONS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev Overwrite the roles directly without authorization guard.function_setRoles(address user, uint256 roles) internalvirtual{
/// @solidity memory-safe-assemblyassembly {
mstore(0x0c, _ROLE_SLOT_SEED)
mstore(0x00, user)
// Store the new value.sstore(keccak256(0x0c, 0x20), roles)
// Emit the {RolesUpdated} event.log3(0, 0, _ROLES_UPDATED_EVENT_SIGNATURE, shr(96, mload(0x0c)), roles)
}
}
/// @dev Updates the roles directly without authorization guard./// If `on` is true, each set bit of `roles` will be turned on,/// otherwise, each set bit of `roles` will be turned off.function_updateRoles(address user, uint256 roles, bool on) internalvirtual{
/// @solidity memory-safe-assemblyassembly {
mstore(0x0c, _ROLE_SLOT_SEED)
mstore(0x00, user)
let roleSlot :=keccak256(0x0c, 0x20)
// Load the current value.let current :=sload(roleSlot)
// Compute the updated roles if `on` is true.let updated :=or(current, roles)
// Compute the updated roles if `on` is false.// Use `and` to compute the intersection of `current` and `roles`,// `xor` it with `current` to flip the bits in the intersection.ifiszero(on) { updated :=xor(current, and(current, roles)) }
// Then, store the new value.sstore(roleSlot, updated)
// Emit the {RolesUpdated} event.log3(0, 0, _ROLES_UPDATED_EVENT_SIGNATURE, shr(96, mload(0x0c)), updated)
}
}
/// @dev Grants the roles directly without authorization guard./// Each bit of `roles` represents the role to turn on.function_grantRoles(address user, uint256 roles) internalvirtual{
_updateRoles(user, roles, true);
}
/// @dev Removes the roles directly without authorization guard./// Each bit of `roles` represents the role to turn off.function_removeRoles(address user, uint256 roles) internalvirtual{
_updateRoles(user, roles, false);
}
/// @dev Throws if the sender does not have any of the `roles`.function_checkRoles(uint256 roles) internalviewvirtual{
/// @solidity memory-safe-assemblyassembly {
// Compute the role slot.mstore(0x0c, _ROLE_SLOT_SEED)
mstore(0x00, caller())
// Load the stored value, and if the `and` intersection// of the value and `roles` is zero, revert.ifiszero(and(sload(keccak256(0x0c, 0x20)), roles)) {
mstore(0x00, 0x82b42900) // `Unauthorized()`.revert(0x1c, 0x04)
}
}
}
/// @dev Throws if the sender is not the owner,/// and does not have any of the `roles`./// Checks for ownership first, then lazily checks for roles.function_checkOwnerOrRoles(uint256 roles) internalviewvirtual{
/// @solidity memory-safe-assemblyassembly {
// If the caller is not the stored owner.// Note: `_ROLE_SLOT_SEED` is equal to `_OWNER_SLOT_NOT`.ifiszero(eq(caller(), sload(not(_ROLE_SLOT_SEED)))) {
// Compute the role slot.mstore(0x0c, _ROLE_SLOT_SEED)
mstore(0x00, caller())
// Load the stored value, and if the `and` intersection// of the value and `roles` is zero, revert.ifiszero(and(sload(keccak256(0x0c, 0x20)), roles)) {
mstore(0x00, 0x82b42900) // `Unauthorized()`.revert(0x1c, 0x04)
}
}
}
}
/// @dev Throws if the sender does not have any of the `roles`,/// and is not the owner./// Checks for roles first, then lazily checks for ownership.function_checkRolesOrOwner(uint256 roles) internalviewvirtual{
/// @solidity memory-safe-assemblyassembly {
// Compute the role slot.mstore(0x0c, _ROLE_SLOT_SEED)
mstore(0x00, caller())
// Load the stored value, and if the `and` intersection// of the value and `roles` is zero, revert.ifiszero(and(sload(keccak256(0x0c, 0x20)), roles)) {
// If the caller is not the stored owner.// Note: `_ROLE_SLOT_SEED` is equal to `_OWNER_SLOT_NOT`.ifiszero(eq(caller(), sload(not(_ROLE_SLOT_SEED)))) {
mstore(0x00, 0x82b42900) // `Unauthorized()`.revert(0x1c, 0x04)
}
}
}
}
/// @dev Convenience function to return a `roles` bitmap from an array of `ordinals`./// This is meant for frontends like Etherscan, and is therefore not fully optimized./// Not recommended to be called on-chain./// Made internal to conserve bytecode. Wrap it in a public function if needed.function_rolesFromOrdinals(uint8[] memory ordinals) internalpurereturns (uint256 roles) {
/// @solidity memory-safe-assemblyassembly {
for { let i :=shl(5, mload(ordinals)) } i { i :=sub(i, 0x20) } {
// We don't need to mask the values of `ordinals`, as Solidity// cleans dirty upper bits when storing variables into memory.
roles :=or(shl(mload(add(ordinals, i)), 1), roles)
}
}
}
/// @dev Convenience function to return an array of `ordinals` from the `roles` bitmap./// This is meant for frontends like Etherscan, and is therefore not fully optimized./// Not recommended to be called on-chain./// Made internal to conserve bytecode. Wrap it in a public function if needed.function_ordinalsFromRoles(uint256 roles) internalpurereturns (uint8[] memory ordinals) {
/// @solidity memory-safe-assemblyassembly {
// Grab the pointer to the free memory.
ordinals :=mload(0x40)
let ptr :=add(ordinals, 0x20)
let o :=0// The absence of lookup tables, De Bruijn, etc., here is intentional for// smaller bytecode, as this function is not meant to be called on-chain.for { let t := roles } 1 {} {
mstore(ptr, o)
// `shr` 5 is equivalent to multiplying by 0x20.// Push back into the ordinals array if the bit is set.
ptr :=add(ptr, shl(5, and(t, 1)))
o :=add(o, 1)
t :=shr(o, roles)
ifiszero(t) { break }
}
// Store the length of `ordinals`.mstore(ordinals, shr(5, sub(ptr, add(ordinals, 0x20))))
// Allocate the memory.mstore(0x40, ptr)
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* PUBLIC UPDATE FUNCTIONS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev Allows the owner to grant `user` `roles`./// If the `user` already has a role, then it will be an no-op for the role.functiongrantRoles(address user, uint256 roles) publicpayablevirtualonlyOwner{
_grantRoles(user, roles);
}
/// @dev Allows the owner to remove `user` `roles`./// If the `user` does not have a role, then it will be an no-op for the role.functionrevokeRoles(address user, uint256 roles) publicpayablevirtualonlyOwner{
_removeRoles(user, roles);
}
/// @dev Allow the caller to remove their own roles./// If the caller does not have a role, then it will be an no-op for the role.functionrenounceRoles(uint256 roles) publicpayablevirtual{
_removeRoles(msg.sender, roles);
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* PUBLIC READ FUNCTIONS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev Returns the roles of `user`.functionrolesOf(address user) publicviewvirtualreturns (uint256 roles) {
/// @solidity memory-safe-assemblyassembly {
// Compute the role slot.mstore(0x0c, _ROLE_SLOT_SEED)
mstore(0x00, user)
// Load the stored value.
roles :=sload(keccak256(0x0c, 0x20))
}
}
/// @dev Returns whether `user` has any of `roles`.functionhasAnyRole(address user, uint256 roles) publicviewvirtualreturns (bool) {
return rolesOf(user) & roles !=0;
}
/// @dev Returns whether `user` has all of `roles`.functionhasAllRoles(address user, uint256 roles) publicviewvirtualreturns (bool) {
return rolesOf(user) & roles == roles;
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* MODIFIERS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev Marks a function as only callable by an account with `roles`.modifieronlyRoles(uint256 roles) virtual{
_checkRoles(roles);
_;
}
/// @dev Marks a function as only callable by the owner or by an account/// with `roles`. Checks for ownership first, then lazily checks for roles.modifieronlyOwnerOrRoles(uint256 roles) virtual{
_checkOwnerOrRoles(roles);
_;
}
/// @dev Marks a function as only callable by an account with `roles`/// or the owner. Checks for roles first, then lazily checks for ownership.modifieronlyRolesOrOwner(uint256 roles) virtual{
_checkRolesOrOwner(roles);
_;
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* ROLE CONSTANTS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/// IYKYKuint256internalconstant _ROLE_0 =1<<0;
uint256internalconstant _ROLE_1 =1<<1;
uint256internalconstant _ROLE_2 =1<<2;
uint256internalconstant _ROLE_3 =1<<3;
uint256internalconstant _ROLE_4 =1<<4;
uint256internalconstant _ROLE_5 =1<<5;
uint256internalconstant _ROLE_6 =1<<6;
uint256internalconstant _ROLE_7 =1<<7;
uint256internalconstant _ROLE_8 =1<<8;
uint256internalconstant _ROLE_9 =1<<9;
uint256internalconstant _ROLE_10 =1<<10;
uint256internalconstant _ROLE_11 =1<<11;
uint256internalconstant _ROLE_12 =1<<12;
uint256internalconstant _ROLE_13 =1<<13;
uint256internalconstant _ROLE_14 =1<<14;
uint256internalconstant _ROLE_15 =1<<15;
uint256internalconstant _ROLE_16 =1<<16;
uint256internalconstant _ROLE_17 =1<<17;
uint256internalconstant _ROLE_18 =1<<18;
uint256internalconstant _ROLE_19 =1<<19;
uint256internalconstant _ROLE_20 =1<<20;
uint256internalconstant _ROLE_21 =1<<21;
uint256internalconstant _ROLE_22 =1<<22;
uint256internalconstant _ROLE_23 =1<<23;
uint256internalconstant _ROLE_24 =1<<24;
uint256internalconstant _ROLE_25 =1<<25;
uint256internalconstant _ROLE_26 =1<<26;
uint256internalconstant _ROLE_27 =1<<27;
uint256internalconstant _ROLE_28 =1<<28;
uint256internalconstant _ROLE_29 =1<<29;
uint256internalconstant _ROLE_30 =1<<30;
uint256internalconstant _ROLE_31 =1<<31;
uint256internalconstant _ROLE_32 =1<<32;
uint256internalconstant _ROLE_33 =1<<33;
uint256internalconstant _ROLE_34 =1<<34;
uint256internalconstant _ROLE_35 =1<<35;
uint256internalconstant _ROLE_36 =1<<36;
uint256internalconstant _ROLE_37 =1<<37;
uint256internalconstant _ROLE_38 =1<<38;
uint256internalconstant _ROLE_39 =1<<39;
uint256internalconstant _ROLE_40 =1<<40;
uint256internalconstant _ROLE_41 =1<<41;
uint256internalconstant _ROLE_42 =1<<42;
uint256internalconstant _ROLE_43 =1<<43;
uint256internalconstant _ROLE_44 =1<<44;
uint256internalconstant _ROLE_45 =1<<45;
uint256internalconstant _ROLE_46 =1<<46;
uint256internalconstant _ROLE_47 =1<<47;
uint256internalconstant _ROLE_48 =1<<48;
uint256internalconstant _ROLE_49 =1<<49;
uint256internalconstant _ROLE_50 =1<<50;
uint256internalconstant _ROLE_51 =1<<51;
uint256internalconstant _ROLE_52 =1<<52;
uint256internalconstant _ROLE_53 =1<<53;
uint256internalconstant _ROLE_54 =1<<54;
uint256internalconstant _ROLE_55 =1<<55;
uint256internalconstant _ROLE_56 =1<<56;
uint256internalconstant _ROLE_57 =1<<57;
uint256internalconstant _ROLE_58 =1<<58;
uint256internalconstant _ROLE_59 =1<<59;
uint256internalconstant _ROLE_60 =1<<60;
uint256internalconstant _ROLE_61 =1<<61;
uint256internalconstant _ROLE_62 =1<<62;
uint256internalconstant _ROLE_63 =1<<63;
uint256internalconstant _ROLE_64 =1<<64;
uint256internalconstant _ROLE_65 =1<<65;
uint256internalconstant _ROLE_66 =1<<66;
uint256internalconstant _ROLE_67 =1<<67;
uint256internalconstant _ROLE_68 =1<<68;
uint256internalconstant _ROLE_69 =1<<69;
uint256internalconstant _ROLE_70 =1<<70;
uint256internalconstant _ROLE_71 =1<<71;
uint256internalconstant _ROLE_72 =1<<72;
uint256internalconstant _ROLE_73 =1<<73;
uint256internalconstant _ROLE_74 =1<<74;
uint256internalconstant _ROLE_75 =1<<75;
uint256internalconstant _ROLE_76 =1<<76;
uint256internalconstant _ROLE_77 =1<<77;
uint256internalconstant _ROLE_78 =1<<78;
uint256internalconstant _ROLE_79 =1<<79;
uint256internalconstant _ROLE_80 =1<<80;
uint256internalconstant _ROLE_81 =1<<81;
uint256internalconstant _ROLE_82 =1<<82;
uint256internalconstant _ROLE_83 =1<<83;
uint256internalconstant _ROLE_84 =1<<84;
uint256internalconstant _ROLE_85 =1<<85;
uint256internalconstant _ROLE_86 =1<<86;
uint256internalconstant _ROLE_87 =1<<87;
uint256internalconstant _ROLE_88 =1<<88;
uint256internalconstant _ROLE_89 =1<<89;
uint256internalconstant _ROLE_90 =1<<90;
uint256internalconstant _ROLE_91 =1<<91;
uint256internalconstant _ROLE_92 =1<<92;
uint256internalconstant _ROLE_93 =1<<93;
uint256internalconstant _ROLE_94 =1<<94;
uint256internalconstant _ROLE_95 =1<<95;
uint256internalconstant _ROLE_96 =1<<96;
uint256internalconstant _ROLE_97 =1<<97;
uint256internalconstant _ROLE_98 =1<<98;
uint256internalconstant _ROLE_99 =1<<99;
uint256internalconstant _ROLE_100 =1<<100;
uint256internalconstant _ROLE_101 =1<<101;
uint256internalconstant _ROLE_102 =1<<102;
uint256internalconstant _ROLE_103 =1<<103;
uint256internalconstant _ROLE_104 =1<<104;
uint256internalconstant _ROLE_105 =1<<105;
uint256internalconstant _ROLE_106 =1<<106;
uint256internalconstant _ROLE_107 =1<<107;
uint256internalconstant _ROLE_108 =1<<108;
uint256internalconstant _ROLE_109 =1<<109;
uint256internalconstant _ROLE_110 =1<<110;
uint256internalconstant _ROLE_111 =1<<111;
uint256internalconstant _ROLE_112 =1<<112;
uint256internalconstant _ROLE_113 =1<<113;
uint256internalconstant _ROLE_114 =1<<114;
uint256internalconstant _ROLE_115 =1<<115;
uint256internalconstant _ROLE_116 =1<<116;
uint256internalconstant _ROLE_117 =1<<117;
uint256internalconstant _ROLE_118 =1<<118;
uint256internalconstant _ROLE_119 =1<<119;
uint256internalconstant _ROLE_120 =1<<120;
uint256internalconstant _ROLE_121 =1<<121;
uint256internalconstant _ROLE_122 =1<<122;
uint256internalconstant _ROLE_123 =1<<123;
uint256internalconstant _ROLE_124 =1<<124;
uint256internalconstant _ROLE_125 =1<<125;
uint256internalconstant _ROLE_126 =1<<126;
uint256internalconstant _ROLE_127 =1<<127;
uint256internalconstant _ROLE_128 =1<<128;
uint256internalconstant _ROLE_129 =1<<129;
uint256internalconstant _ROLE_130 =1<<130;
uint256internalconstant _ROLE_131 =1<<131;
uint256internalconstant _ROLE_132 =1<<132;
uint256internalconstant _ROLE_133 =1<<133;
uint256internalconstant _ROLE_134 =1<<134;
uint256internalconstant _ROLE_135 =1<<135;
uint256internalconstant _ROLE_136 =1<<136;
uint256internalconstant _ROLE_137 =1<<137;
uint256internalconstant _ROLE_138 =1<<138;
uint256internalconstant _ROLE_139 =1<<139;
uint256internalconstant _ROLE_140 =1<<140;
uint256internalconstant _ROLE_141 =1<<141;
uint256internalconstant _ROLE_142 =1<<142;
uint256internalconstant _ROLE_143 =1<<143;
uint256internalconstant _ROLE_144 =1<<144;
uint256internalconstant _ROLE_145 =1<<145;
uint256internalconstant _ROLE_146 =1<<146;
uint256internalconstant _ROLE_147 =1<<147;
uint256internalconstant _ROLE_148 =1<<148;
uint256internalconstant _ROLE_149 =1<<149;
uint256internalconstant _ROLE_150 =1<<150;
uint256internalconstant _ROLE_151 =1<<151;
uint256internalconstant _ROLE_152 =1<<152;
uint256internalconstant _ROLE_153 =1<<153;
uint256internalconstant _ROLE_154 =1<<154;
uint256internalconstant _ROLE_155 =1<<155;
uint256internalconstant _ROLE_156 =1<<156;
uint256internalconstant _ROLE_157 =1<<157;
uint256internalconstant _ROLE_158 =1<<158;
uint256internalconstant _ROLE_159 =1<<159;
uint256internalconstant _ROLE_160 =1<<160;
uint256internalconstant _ROLE_161 =1<<161;
uint256internalconstant _ROLE_162 =1<<162;
uint256internalconstant _ROLE_163 =1<<163;
uint256internalconstant _ROLE_164 =1<<164;
uint256internalconstant _ROLE_165 =1<<165;
uint256internalconstant _ROLE_166 =1<<166;
uint256internalconstant _ROLE_167 =1<<167;
uint256internalconstant _ROLE_168 =1<<168;
uint256internalconstant _ROLE_169 =1<<169;
uint256internalconstant _ROLE_170 =1<<170;
uint256internalconstant _ROLE_171 =1<<171;
uint256internalconstant _ROLE_172 =1<<172;
uint256internalconstant _ROLE_173 =1<<173;
uint256internalconstant _ROLE_174 =1<<174;
uint256internalconstant _ROLE_175 =1<<175;
uint256internalconstant _ROLE_176 =1<<176;
uint256internalconstant _ROLE_177 =1<<177;
uint256internalconstant _ROLE_178 =1<<178;
uint256internalconstant _ROLE_179 =1<<179;
uint256internalconstant _ROLE_180 =1<<180;
uint256internalconstant _ROLE_181 =1<<181;
uint256internalconstant _ROLE_182 =1<<182;
uint256internalconstant _ROLE_183 =1<<183;
uint256internalconstant _ROLE_184 =1<<184;
uint256internalconstant _ROLE_185 =1<<185;
uint256internalconstant _ROLE_186 =1<<186;
uint256internalconstant _ROLE_187 =1<<187;
uint256internalconstant _ROLE_188 =1<<188;
uint256internalconstant _ROLE_189 =1<<189;
uint256internalconstant _ROLE_190 =1<<190;
uint256internalconstant _ROLE_191 =1<<191;
uint256internalconstant _ROLE_192 =1<<192;
uint256internalconstant _ROLE_193 =1<<193;
uint256internalconstant _ROLE_194 =1<<194;
uint256internalconstant _ROLE_195 =1<<195;
uint256internalconstant _ROLE_196 =1<<196;
uint256internalconstant _ROLE_197 =1<<197;
uint256internalconstant _ROLE_198 =1<<198;
uint256internalconstant _ROLE_199 =1<<199;
uint256internalconstant _ROLE_200 =1<<200;
uint256internalconstant _ROLE_201 =1<<201;
uint256internalconstant _ROLE_202 =1<<202;
uint256internalconstant _ROLE_203 =1<<203;
uint256internalconstant _ROLE_204 =1<<204;
uint256internalconstant _ROLE_205 =1<<205;
uint256internalconstant _ROLE_206 =1<<206;
uint256internalconstant _ROLE_207 =1<<207;
uint256internalconstant _ROLE_208 =1<<208;
uint256internalconstant _ROLE_209 =1<<209;
uint256internalconstant _ROLE_210 =1<<210;
uint256internalconstant _ROLE_211 =1<<211;
uint256internalconstant _ROLE_212 =1<<212;
uint256internalconstant _ROLE_213 =1<<213;
uint256internalconstant _ROLE_214 =1<<214;
uint256internalconstant _ROLE_215 =1<<215;
uint256internalconstant _ROLE_216 =1<<216;
uint256internalconstant _ROLE_217 =1<<217;
uint256internalconstant _ROLE_218 =1<<218;
uint256internalconstant _ROLE_219 =1<<219;
uint256internalconstant _ROLE_220 =1<<220;
uint256internalconstant _ROLE_221 =1<<221;
uint256internalconstant _ROLE_222 =1<<222;
uint256internalconstant _ROLE_223 =1<<223;
uint256internalconstant _ROLE_224 =1<<224;
uint256internalconstant _ROLE_225 =1<<225;
uint256internalconstant _ROLE_226 =1<<226;
uint256internalconstant _ROLE_227 =1<<227;
uint256internalconstant _ROLE_228 =1<<228;
uint256internalconstant _ROLE_229 =1<<229;
uint256internalconstant _ROLE_230 =1<<230;
uint256internalconstant _ROLE_231 =1<<231;
uint256internalconstant _ROLE_232 =1<<232;
uint256internalconstant _ROLE_233 =1<<233;
uint256internalconstant _ROLE_234 =1<<234;
uint256internalconstant _ROLE_235 =1<<235;
uint256internalconstant _ROLE_236 =1<<236;
uint256internalconstant _ROLE_237 =1<<237;
uint256internalconstant _ROLE_238 =1<<238;
uint256internalconstant _ROLE_239 =1<<239;
uint256internalconstant _ROLE_240 =1<<240;
uint256internalconstant _ROLE_241 =1<<241;
uint256internalconstant _ROLE_242 =1<<242;
uint256internalconstant _ROLE_243 =1<<243;
uint256internalconstant _ROLE_244 =1<<244;
uint256internalconstant _ROLE_245 =1<<245;
uint256internalconstant _ROLE_246 =1<<246;
uint256internalconstant _ROLE_247 =1<<247;
uint256internalconstant _ROLE_248 =1<<248;
uint256internalconstant _ROLE_249 =1<<249;
uint256internalconstant _ROLE_250 =1<<250;
uint256internalconstant _ROLE_251 =1<<251;
uint256internalconstant _ROLE_252 =1<<252;
uint256internalconstant _ROLE_253 =1<<253;
uint256internalconstant _ROLE_254 =1<<254;
uint256internalconstant _ROLE_255 =1<<255;
}
Contract Source Code
File 18 of 21: Pausable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/Pausable.sol)pragmasolidity ^0.8.20;import {Context} from"../utils/Context.sol";
/**
* @dev Contract module which allows children to implement an emergency stop
* mechanism that can be triggered by an authorized account.
*
* This module is used through inheritance. It will make available the
* modifiers `whenNotPaused` and `whenPaused`, which can be applied to
* the functions of your contract. Note that they will not be pausable by
* simply including this module, only once the modifiers are put in place.
*/abstractcontractPausableisContext{
boolprivate _paused;
/**
* @dev Emitted when the pause is triggered by `account`.
*/eventPaused(address account);
/**
* @dev Emitted when the pause is lifted by `account`.
*/eventUnpaused(address account);
/**
* @dev The operation failed because the contract is paused.
*/errorEnforcedPause();
/**
* @dev The operation failed because the contract is not paused.
*/errorExpectedPause();
/**
* @dev Initializes the contract in unpaused state.
*/constructor() {
_paused =false;
}
/**
* @dev Modifier to make a function callable only when the contract is not paused.
*
* Requirements:
*
* - The contract must not be paused.
*/modifierwhenNotPaused() {
_requireNotPaused();
_;
}
/**
* @dev Modifier to make a function callable only when the contract is paused.
*
* Requirements:
*
* - The contract must be paused.
*/modifierwhenPaused() {
_requirePaused();
_;
}
/**
* @dev Returns true if the contract is paused, and false otherwise.
*/functionpaused() publicviewvirtualreturns (bool) {
return _paused;
}
/**
* @dev Throws if the contract is paused.
*/function_requireNotPaused() internalviewvirtual{
if (paused()) {
revert EnforcedPause();
}
}
/**
* @dev Throws if the contract is not paused.
*/function_requirePaused() internalviewvirtual{
if (!paused()) {
revert ExpectedPause();
}
}
/**
* @dev Triggers stopped state.
*
* Requirements:
*
* - The contract must not be paused.
*/function_pause() internalvirtualwhenNotPaused{
_paused =true;
emit Paused(_msgSender());
}
/**
* @dev Returns to normal state.
*
* Requirements:
*
* - The contract must be paused.
*/function_unpause() internalvirtualwhenPaused{
_paused =false;
emit Unpaused(_msgSender());
}
}
Contract Source Code
File 19 of 21: SignatureCheckerLib.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.4;/// @notice Signature verification helper that supports both ECDSA signatures from EOAs/// and ERC1271 signatures from smart contract wallets like Argent and Gnosis safe./// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/SignatureCheckerLib.sol)/// @author Modified from OpenZeppelin (https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/SignatureChecker.sol)////// @dev Note:/// - The signature checking functions use the ecrecover precompile (0x1)./// - The `bytes memory signature` variants use the identity precompile (0x4)/// to copy memory internally./// - Unlike ECDSA signatures, contract signatures are revocable./// - As of Solady version 0.0.134, all `bytes signature` variants accept both/// regular 65-byte `(r, s, v)` and EIP-2098 `(r, vs)` short form signatures./// See: https://eips.ethereum.org/EIPS/eip-2098/// This is for calldata efficiency on smart accounts prevalent on L2s.////// WARNING! Do NOT use signatures as unique identifiers:/// - Use a nonce in the digest to prevent replay attacks on the same contract./// - Use EIP-712 for the digest to prevent replay attacks across different chains and contracts./// EIP-712 also enables readable signing of typed data for better user safety./// This implementation does NOT check if a signature is non-malleable.librarySignatureCheckerLib{
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* SIGNATURE CHECKING OPERATIONS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev Returns whether `signature` is valid for `signer` and `hash`./// If `signer` is a smart contract, the signature is validated with ERC1271./// Otherwise, the signature is validated with `ECDSA.recover`.functionisValidSignatureNow(address signer, bytes32 hash, bytesmemory signature)
internalviewreturns (bool isValid)
{
/// @solidity memory-safe-assemblyassembly {
// Clean the upper 96 bits of `signer` in case they are dirty.for { signer :=shr(96, shl(96, signer)) } signer {} {
let m :=mload(0x40)
mstore(0x00, hash)
mstore(0x40, mload(add(signature, 0x20))) // `r`.ifeq(mload(signature), 64) {
let vs :=mload(add(signature, 0x40))
mstore(0x20, add(shr(255, vs), 27)) // `v`.mstore(0x60, shr(1, shl(1, vs))) // `s`.let t :=staticcall(
gas(), // Amount of gas left for the transaction.1, // Address of `ecrecover`.0x00, // Start of input.0x80, // Size of input.0x01, // Start of output.0x20// Size of output.
)
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.ifiszero(or(iszero(returndatasize()), xor(signer, mload(t)))) {
isValid :=1mstore(0x60, 0) // Restore the zero slot.mstore(0x40, m) // Restore the free memory pointer.break
}
}
ifeq(mload(signature), 65) {
mstore(0x20, byte(0, mload(add(signature, 0x60)))) // `v`.mstore(0x60, mload(add(signature, 0x40))) // `s`.let t :=staticcall(
gas(), // Amount of gas left for the transaction.1, // Address of `ecrecover`.0x00, // Start of input.0x80, // Size of input.0x01, // Start of output.0x20// Size of output.
)
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.ifiszero(or(iszero(returndatasize()), xor(signer, mload(t)))) {
isValid :=1mstore(0x60, 0) // Restore the zero slot.mstore(0x40, m) // Restore the free memory pointer.break
}
}
mstore(0x60, 0) // Restore the zero slot.mstore(0x40, m) // Restore the free memory pointer.let f :=shl(224, 0x1626ba7e)
mstore(m, f) // `bytes4(keccak256("isValidSignature(bytes32,bytes)"))`.mstore(add(m, 0x04), hash)
let d :=add(m, 0x24)
mstore(d, 0x40) // The offset of the `signature` in the calldata.// Copy the `signature` over.let n :=add(0x20, mload(signature))
pop(staticcall(gas(), 4, signature, n, add(m, 0x44), n))
// forgefmt: disable-next-item
isValid :=and(
// Whether the returndata is the magic value `0x1626ba7e` (left-aligned).eq(mload(d), f),
// Whether the staticcall does not revert.// This must be placed at the end of the `and` clause,// as the arguments are evaluated from right to left.staticcall(
gas(), // Remaining gas.
signer, // The `signer` address.
m, // Offset of calldata in memory.add(returndatasize(), 0x44), // Length of calldata in memory.
d, // Offset of returndata.0x20// Length of returndata to write.
)
)
break
}
}
}
/// @dev Returns whether `signature` is valid for `signer` and `hash`./// If `signer` is a smart contract, the signature is validated with ERC1271./// Otherwise, the signature is validated with `ECDSA.recover`.functionisValidSignatureNowCalldata(address signer, bytes32 hash, bytescalldata signature)
internalviewreturns (bool isValid)
{
/// @solidity memory-safe-assemblyassembly {
// Clean the upper 96 bits of `signer` in case they are dirty.for { signer :=shr(96, shl(96, signer)) } signer {} {
let m :=mload(0x40)
mstore(0x00, hash)
ifeq(signature.length, 64) {
let vs :=calldataload(add(signature.offset, 0x20))
mstore(0x20, add(shr(255, vs), 27)) // `v`.mstore(0x40, calldataload(signature.offset)) // `r`.mstore(0x60, shr(1, shl(1, vs))) // `s`.let t :=staticcall(
gas(), // Amount of gas left for the transaction.1, // Address of `ecrecover`.0x00, // Start of input.0x80, // Size of input.0x01, // Start of output.0x20// Size of output.
)
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.ifiszero(or(iszero(returndatasize()), xor(signer, mload(t)))) {
isValid :=1mstore(0x60, 0) // Restore the zero slot.mstore(0x40, m) // Restore the free memory pointer.break
}
}
ifeq(signature.length, 65) {
mstore(0x20, byte(0, calldataload(add(signature.offset, 0x40)))) // `v`.calldatacopy(0x40, signature.offset, 0x40) // `r`, `s`.let t :=staticcall(
gas(), // Amount of gas left for the transaction.1, // Address of `ecrecover`.0x00, // Start of input.0x80, // Size of input.0x01, // Start of output.0x20// Size of output.
)
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.ifiszero(or(iszero(returndatasize()), xor(signer, mload(t)))) {
isValid :=1mstore(0x60, 0) // Restore the zero slot.mstore(0x40, m) // Restore the free memory pointer.break
}
}
mstore(0x60, 0) // Restore the zero slot.mstore(0x40, m) // Restore the free memory pointer.let f :=shl(224, 0x1626ba7e)
mstore(m, f) // `bytes4(keccak256("isValidSignature(bytes32,bytes)"))`.mstore(add(m, 0x04), hash)
let d :=add(m, 0x24)
mstore(d, 0x40) // The offset of the `signature` in the calldata.mstore(add(m, 0x44), signature.length)
// Copy the `signature` over.calldatacopy(add(m, 0x64), signature.offset, signature.length)
// forgefmt: disable-next-item
isValid :=and(
// Whether the returndata is the magic value `0x1626ba7e` (left-aligned).eq(mload(d), f),
// Whether the staticcall does not revert.// This must be placed at the end of the `and` clause,// as the arguments are evaluated from right to left.staticcall(
gas(), // Remaining gas.
signer, // The `signer` address.
m, // Offset of calldata in memory.add(signature.length, 0x64), // Length of calldata in memory.
d, // Offset of returndata.0x20// Length of returndata to write.
)
)
break
}
}
}
/// @dev Returns whether the signature (`r`, `vs`) is valid for `signer` and `hash`./// If `signer` is a smart contract, the signature is validated with ERC1271./// Otherwise, the signature is validated with `ECDSA.recover`.functionisValidSignatureNow(address signer, bytes32 hash, bytes32 r, bytes32 vs)
internalviewreturns (bool isValid)
{
/// @solidity memory-safe-assemblyassembly {
// Clean the upper 96 bits of `signer` in case they are dirty.for { signer :=shr(96, shl(96, signer)) } signer {} {
let m :=mload(0x40)
mstore(0x00, hash)
mstore(0x20, add(shr(255, vs), 27)) // `v`.mstore(0x40, r) // `r`.mstore(0x60, shr(1, shl(1, vs))) // `s`.let t :=staticcall(
gas(), // Amount of gas left for the transaction.1, // Address of `ecrecover`.0x00, // Start of input.0x80, // Size of input.0x01, // Start of output.0x20// Size of output.
)
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.ifiszero(or(iszero(returndatasize()), xor(signer, mload(t)))) {
isValid :=1mstore(0x60, 0) // Restore the zero slot.mstore(0x40, m) // Restore the free memory pointer.break
}
let f :=shl(224, 0x1626ba7e)
mstore(m, f) // `bytes4(keccak256("isValidSignature(bytes32,bytes)"))`.mstore(add(m, 0x04), hash)
let d :=add(m, 0x24)
mstore(d, 0x40) // The offset of the `signature` in the calldata.mstore(add(m, 0x44), 65) // Length of the signature.mstore(add(m, 0x64), r) // `r`.mstore(add(m, 0x84), mload(0x60)) // `s`.mstore8(add(m, 0xa4), mload(0x20)) // `v`.// forgefmt: disable-next-item
isValid :=and(
// Whether the returndata is the magic value `0x1626ba7e` (left-aligned).eq(mload(d), f),
// Whether the staticcall does not revert.// This must be placed at the end of the `and` clause,// as the arguments are evaluated from right to left.staticcall(
gas(), // Remaining gas.
signer, // The `signer` address.
m, // Offset of calldata in memory.0xa5, // Length of calldata in memory.
d, // Offset of returndata.0x20// Length of returndata to write.
)
)
mstore(0x60, 0) // Restore the zero slot.mstore(0x40, m) // Restore the free memory pointer.break
}
}
}
/// @dev Returns whether the signature (`v`, `r`, `s`) is valid for `signer` and `hash`./// If `signer` is a smart contract, the signature is validated with ERC1271./// Otherwise, the signature is validated with `ECDSA.recover`.functionisValidSignatureNow(address signer, bytes32 hash, uint8 v, bytes32 r, bytes32 s)
internalviewreturns (bool isValid)
{
/// @solidity memory-safe-assemblyassembly {
// Clean the upper 96 bits of `signer` in case they are dirty.for { signer :=shr(96, shl(96, signer)) } signer {} {
let m :=mload(0x40)
mstore(0x00, hash)
mstore(0x20, and(v, 0xff)) // `v`.mstore(0x40, r) // `r`.mstore(0x60, s) // `s`.let t :=staticcall(
gas(), // Amount of gas left for the transaction.1, // Address of `ecrecover`.0x00, // Start of input.0x80, // Size of input.0x01, // Start of output.0x20// Size of output.
)
// `returndatasize()` will be `0x20` upon success, and `0x00` otherwise.ifiszero(or(iszero(returndatasize()), xor(signer, mload(t)))) {
isValid :=1mstore(0x60, 0) // Restore the zero slot.mstore(0x40, m) // Restore the free memory pointer.break
}
let f :=shl(224, 0x1626ba7e)
mstore(m, f) // `bytes4(keccak256("isValidSignature(bytes32,bytes)"))`.mstore(add(m, 0x04), hash)
let d :=add(m, 0x24)
mstore(d, 0x40) // The offset of the `signature` in the calldata.mstore(add(m, 0x44), 65) // Length of the signature.mstore(add(m, 0x64), r) // `r`.mstore(add(m, 0x84), s) // `s`.mstore8(add(m, 0xa4), v) // `v`.// forgefmt: disable-next-item
isValid :=and(
// Whether the returndata is the magic value `0x1626ba7e` (left-aligned).eq(mload(d), f),
// Whether the staticcall does not revert.// This must be placed at the end of the `and` clause,// as the arguments are evaluated from right to left.staticcall(
gas(), // Remaining gas.
signer, // The `signer` address.
m, // Offset of calldata in memory.0xa5, // Length of calldata in memory.
d, // Offset of returndata.0x20// Length of returndata to write.
)
)
mstore(0x60, 0) // Restore the zero slot.mstore(0x40, m) // Restore the free memory pointer.break
}
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* ERC1271 OPERATIONS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/// Note: These ERC1271 operations do NOT have an ECDSA fallback.// These functions are intended to be used with the regular `isValidSignatureNow` functions// or other signature verification functions (e.g. P256)./// @dev Returns whether `signature` is valid for `hash` for an ERC1271 `signer` contract.functionisValidERC1271SignatureNow(address signer, bytes32 hash, bytesmemory signature)
internalviewreturns (bool isValid)
{
/// @solidity memory-safe-assemblyassembly {
let m :=mload(0x40)
let f :=shl(224, 0x1626ba7e)
mstore(m, f) // `bytes4(keccak256("isValidSignature(bytes32,bytes)"))`.mstore(add(m, 0x04), hash)
let d :=add(m, 0x24)
mstore(d, 0x40) // The offset of the `signature` in the calldata.// Copy the `signature` over.let n :=add(0x20, mload(signature))
pop(staticcall(gas(), 4, signature, n, add(m, 0x44), n))
// forgefmt: disable-next-item
isValid :=and(
// Whether the returndata is the magic value `0x1626ba7e` (left-aligned).eq(mload(d), f),
// Whether the staticcall does not revert.// This must be placed at the end of the `and` clause,// as the arguments are evaluated from right to left.staticcall(
gas(), // Remaining gas.
signer, // The `signer` address.
m, // Offset of calldata in memory.add(returndatasize(), 0x44), // Length of calldata in memory.
d, // Offset of returndata.0x20// Length of returndata to write.
)
)
}
}
/// @dev Returns whether `signature` is valid for `hash` for an ERC1271 `signer` contract.functionisValidERC1271SignatureNowCalldata(address signer,
bytes32 hash,
bytescalldata signature
) internalviewreturns (bool isValid) {
/// @solidity memory-safe-assemblyassembly {
let m :=mload(0x40)
let f :=shl(224, 0x1626ba7e)
mstore(m, f) // `bytes4(keccak256("isValidSignature(bytes32,bytes)"))`.mstore(add(m, 0x04), hash)
let d :=add(m, 0x24)
mstore(d, 0x40) // The offset of the `signature` in the calldata.mstore(add(m, 0x44), signature.length)
// Copy the `signature` over.calldatacopy(add(m, 0x64), signature.offset, signature.length)
// forgefmt: disable-next-item
isValid :=and(
// Whether the returndata is the magic value `0x1626ba7e` (left-aligned).eq(mload(d), f),
// Whether the staticcall does not revert.// This must be placed at the end of the `and` clause,// as the arguments are evaluated from right to left.staticcall(
gas(), // Remaining gas.
signer, // The `signer` address.
m, // Offset of calldata in memory.add(signature.length, 0x64), // Length of calldata in memory.
d, // Offset of returndata.0x20// Length of returndata to write.
)
)
}
}
/// @dev Returns whether the signature (`r`, `vs`) is valid for `hash`/// for an ERC1271 `signer` contract.functionisValidERC1271SignatureNow(address signer, bytes32 hash, bytes32 r, bytes32 vs)
internalviewreturns (bool isValid)
{
/// @solidity memory-safe-assemblyassembly {
let m :=mload(0x40)
let f :=shl(224, 0x1626ba7e)
mstore(m, f) // `bytes4(keccak256("isValidSignature(bytes32,bytes)"))`.mstore(add(m, 0x04), hash)
let d :=add(m, 0x24)
mstore(d, 0x40) // The offset of the `signature` in the calldata.mstore(add(m, 0x44), 65) // Length of the signature.mstore(add(m, 0x64), r) // `r`.mstore(add(m, 0x84), shr(1, shl(1, vs))) // `s`.mstore8(add(m, 0xa4), add(shr(255, vs), 27)) // `v`.// forgefmt: disable-next-item
isValid :=and(
// Whether the returndata is the magic value `0x1626ba7e` (left-aligned).eq(mload(d), f),
// Whether the staticcall does not revert.// This must be placed at the end of the `and` clause,// as the arguments are evaluated from right to left.staticcall(
gas(), // Remaining gas.
signer, // The `signer` address.
m, // Offset of calldata in memory.0xa5, // Length of calldata in memory.
d, // Offset of returndata.0x20// Length of returndata to write.
)
)
}
}
/// @dev Returns whether the signature (`v`, `r`, `s`) is valid for `hash`/// for an ERC1271 `signer` contract.functionisValidERC1271SignatureNow(address signer, bytes32 hash, uint8 v, bytes32 r, bytes32 s)
internalviewreturns (bool isValid)
{
/// @solidity memory-safe-assemblyassembly {
let m :=mload(0x40)
let f :=shl(224, 0x1626ba7e)
mstore(m, f) // `bytes4(keccak256("isValidSignature(bytes32,bytes)"))`.mstore(add(m, 0x04), hash)
let d :=add(m, 0x24)
mstore(d, 0x40) // The offset of the `signature` in the calldata.mstore(add(m, 0x44), 65) // Length of the signature.mstore(add(m, 0x64), r) // `r`.mstore(add(m, 0x84), s) // `s`.mstore8(add(m, 0xa4), v) // `v`.// forgefmt: disable-next-item
isValid :=and(
// Whether the returndata is the magic value `0x1626ba7e` (left-aligned).eq(mload(d), f),
// Whether the staticcall does not revert.// This must be placed at the end of the `and` clause,// as the arguments are evaluated from right to left.staticcall(
gas(), // Remaining gas.
signer, // The `signer` address.
m, // Offset of calldata in memory.0xa5, // Length of calldata in memory.
d, // Offset of returndata.0x20// Length of returndata to write.
)
)
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* ERC6492 OPERATIONS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/// Note: These ERC6492 operations do NOT have an ECDSA fallback.// These functions are intended to be used with the regular `isValidSignatureNow` functions// or other signature verification functions (e.g. P256).// The calldata variants are excluded for brevity./// @dev Returns whether `signature` is valid for `hash`./// If the signature is postfixed with the ERC6492 magic number, it will attempt to/// deploy / prepare the `signer` smart account before doing a regular ERC1271 check./// Note: This function is NOT reentrancy safe.functionisValidERC6492SignatureNowAllowSideEffects(address signer,
bytes32 hash,
bytesmemory signature
) internalreturns (bool isValid) {
/// @solidity memory-safe-assemblyassembly {
functioncallIsValidSignature(signer_, hash_, signature_) ->_isValid{
let m_ :=mload(0x40)
let f_ :=shl(224, 0x1626ba7e)
mstore(m_, f_) // `bytes4(keccak256("isValidSignature(bytes32,bytes)"))`.mstore(add(m_, 0x04), hash_)
let d_ :=add(m_, 0x24)
mstore(d_, 0x40) // The offset of the `signature` in the calldata.let n_ :=add(0x20, mload(signature_))
pop(staticcall(gas(), 4, signature_, n_, add(m_, 0x44), n_))
_isValid :=and(
eq(mload(d_), f_),
staticcall(gas(), signer_, m_, add(returndatasize(), 0x44), d_, 0x20)
)
}
for { let n := mload(signature) } 1 {} {
if iszero(eq(mload(add(signature, n)), mul(0x6492, div(not(isValid), 0xffff)))) {
isValid := callIsValidSignature(signer, hash, signature)
break
}
let o := add(signature, 0x20) // Signature bytes.
let d := add(o, mload(add(o, 0x20))) // Factory calldata.if iszero(extcodesize(signer)) {
if iszero(call(gas(), mload(o), 0, add(d, 0x20), mload(d), codesize(), 0x00)) {
break
}
}
let s := add(o, mload(add(o, 0x40))) // Inner signature.
isValid := callIsValidSignature(signer, hash, s)
if iszero(isValid) {
if call(gas(), mload(o), 0, add(d, 0x20), mload(d), codesize(), 0x00) {
isValid := callIsValidSignature(signer, hash, s)
}
}
break
}
}
}
/// @dev Returns whether `signature` is valid for `hash`./// If the signature is postfixed with the ERC6492 magic number, it will attempt/// to use a reverting verifier to deploy / prepare the `signer` smart account/// and do a `isValidSignature` check via the reverting verifier./// Note: This function is reentrancy safe./// The reverting verifier must be deployed./// Otherwise, the function will return false if `signer` is not yet deployed / prepared./// See: https://gist.github.com/Vectorized/846a474c855eee9e441506676800a9adfunctionisValidERC6492SignatureNow(address signer, bytes32 hash, bytesmemory signature)
internalreturns (bool isValid)
{
/// @solidity memory-safe-assemblyassembly {
functioncallIsValidSignature(signer_, hash_, signature_) ->_isValid{
let m_ :=mload(0x40)
let f_ :=shl(224, 0x1626ba7e)
mstore(m_, f_) // `bytes4(keccak256("isValidSignature(bytes32,bytes)"))`.mstore(add(m_, 0x04), hash_)
let d_ :=add(m_, 0x24)
mstore(d_, 0x40) // The offset of the `signature` in the calldata.let n_ :=add(0x20, mload(signature_))
pop(staticcall(gas(), 4, signature_, n_, add(m_, 0x44), n_))
_isValid :=and(
eq(mload(d_), f_),
staticcall(gas(), signer_, m_, add(returndatasize(), 0x44), d_, 0x20)
)
}
for { let n := mload(signature) } 1 {} {
if iszero(eq(mload(add(signature, n)), mul(0x6492, div(not(isValid), 0xffff)))) {
isValid := callIsValidSignature(signer, hash, signature)
break
}
if extcodesize(signer) {
let o := add(signature, 0x20) // Signature bytes.
isValid := callIsValidSignature(signer, hash, add(o, mload(add(o, 0x40))))
if isValid { break }
}
let m := mload(0x40)
mstore(m, signer)
mstore(add(m, 0x20), hash)
let willBeZeroIfRevertingVerifierExists :=
call(
gas(), // Remaining gas.0x00007bd799e4A591FeA53f8A8a3E9f931626Ba7e, // Reverting verifier.0, // Send zero ETH.
m, // Start of memory.
add(returndatasize(), 0x40), // Length of calldata in memory.
staticcall(gas(), 4, add(signature, 0x20), n, add(m, 0x40), n), // 1.0x00// Length of returndata to write.
)
isValid := gt(returndatasize(), willBeZeroIfRevertingVerifierExists)
break
}
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* HASHING OPERATIONS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev Returns an Ethereum Signed Message, created from a `hash`./// This produces a hash corresponding to the one signed with the/// [`eth_sign`](https://eth.wiki/json-rpc/API#eth_sign)/// JSON-RPC method as part of EIP-191.functiontoEthSignedMessageHash(bytes32 hash) internalpurereturns (bytes32 result) {
/// @solidity memory-safe-assemblyassembly {
mstore(0x20, hash) // Store into scratch space for keccak256.mstore(0x00, "\x00\x00\x00\x00\x19Ethereum Signed Message:\n32") // 28 bytes.
result :=keccak256(0x04, 0x3c) // `32 * 2 - (32 - 28) = 60 = 0x3c`.
}
}
/// @dev Returns an Ethereum Signed Message, created from `s`./// This produces a hash corresponding to the one signed with the/// [`eth_sign`](https://eth.wiki/json-rpc/API#eth_sign)/// JSON-RPC method as part of EIP-191./// Note: Supports lengths of `s` up to 999999 bytes.functiontoEthSignedMessageHash(bytesmemory s) internalpurereturns (bytes32 result) {
/// @solidity memory-safe-assemblyassembly {
let sLength :=mload(s)
let o :=0x20mstore(o, "\x19Ethereum Signed Message:\n") // 26 bytes, zero-right-padded.mstore(0x00, 0x00)
// Convert the `s.length` to ASCII decimal representation: `base10(s.length)`.for { let temp := sLength } 1 {} {
o :=sub(o, 1)
mstore8(o, add(48, mod(temp, 10)))
temp :=div(temp, 10)
ifiszero(temp) { break }
}
let n :=sub(0x3a, o) // Header length: `26 + 32 - o`.// Throw an out-of-offset error (consumes all gas) if the header exceeds 32 bytes.returndatacopy(returndatasize(), returndatasize(), gt(n, 0x20))
mstore(s, or(mload(0x00), mload(n))) // Temporarily store the header.
result :=keccak256(add(s, sub(0x20, n)), add(n, sLength))
mstore(s, sLength) // Restore the length.
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*//* EMPTY CALLDATA HELPERS *//*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*//// @dev Returns an empty calldata bytes.functionemptySignature() internalpurereturns (bytescalldata signature) {
/// @solidity memory-safe-assemblyassembly {
signature.length:=0
}
}
}
Contract Source Code
File 20 of 21: Signatures.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import {SignatureCheckerLib} from"solady/utils/SignatureCheckerLib.sol";
import {ISignatures} from"../interfaces/abstract/ISignatures.sol";
/**
* @dev Helper contract to handle signatures.
*
* Adds logic around expiring signatures based on the associated deadline.
*/abstractcontractSignaturesisISignatures{
// =============================================================// SIGNATURE HELPERS// =============================================================/**
* @notice Verify a signature against a digest.
*
* Requirements:
* - The signature must not be expired (block.timestamp <= deadline).
* - The signature must be valid.
*
* Throws errors on invalid signatures, rather than returning a boolean.
*
* @param digest The digest to verify.
* @param signer The expected signer of the digest.
* @param deadline The deadline for the signature to be valid.
* @param sig The signature to verify.
*/function_verifySig(bytes32 digest, address signer, uint256 deadline, bytescalldata sig) internalview{
if (block.timestamp> deadline) revert SignatureExpired();
if (!SignatureCheckerLib.isValidSignatureNowCalldata(signer, digest, sig)) {
revert InvalidSignature();
}
}
}
Contract Source Code
File 21 of 21: Withdrawable.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import {IWithdrawable} from"../interfaces/abstract/IWithdrawable.sol";
import {Guardians} from"../abstract/Guardians.sol";
import {IERC20} from"@openzeppelin/contracts/interfaces/IERC20.sol";
import {IERC721} from"@openzeppelin/contracts/interfaces/IERC721.sol";
import {IERC1155} from"@openzeppelin/contracts/interfaces/IERC1155.sol";
/// @notice Abstract contract that provides the ability to withdraw ETH, ERC20, ERC721, and ERC1155 tokens.////// @dev - The implementing contract will need to call _initializeOwner() in either the constructor or an initializer,/// since all the withdrawal functions are restricted to the owner.abstractcontractWithdrawableisIWithdrawable, Guardians{
// =============================================================// WITHDRAW ETH// =============================================================/// @inheritdoc IWithdrawablefunctionwithdraw(address receiver) externalonlyOwner{
if (receiver ==address(0)) revert AddressZero();
emit Withdrawn(receiver, address(this).balance);
(bool sent,) =payable(receiver).call{value: address(this).balance}("");
if (!sent) revert WithdrawalFailed();
}
// =============================================================// WITHDRAW ERC20// =============================================================/// @inheritdoc IWithdrawablefunctionwithdrawERC20(address receiver, address token, uint256 amount) externalonlyOwner{
_withdrawERC20(receiver, token, amount);
}
/// @inheritdoc IWithdrawablefunctionwithdrawAllERC20(address receiver, address token) externalonlyOwner{
uint256 totalBalance = IERC20(token).balanceOf(address(this));
_withdrawERC20(receiver, token, totalBalance);
}
/// @dev Withdraws `amount` of an ERC20 token from the contract.function_withdrawERC20(address receiver, address token, uint256 amount) internal{
if (receiver ==address(0)) revert AddressZero();
if (token ==address(0)) revert AddressZero();
IERC20 erc20 = IERC20(token);
if (erc20.balanceOf(address(this)) < amount) revert InsufficientBalance();
emit WithdrawnERC20(receiver, token, amount);
bool success = erc20.transfer(receiver, amount);
if (!success) revert WithdrawalFailed();
}
// =============================================================// WITHDRAW ERC721// =============================================================/// @inheritdoc IWithdrawablefunctionwithdrawERC721(address receiver, address token, uint256 tokenId) externalonlyOwner{
if (receiver ==address(0)) revert AddressZero();
if (token ==address(0)) revert AddressZero();
emit WithdrawnERC721(receiver, token, tokenId);
IERC721 erc721 = IERC721(token);
erc721.transferFrom(address(this), receiver, tokenId);
}
// =============================================================// WITHDRAW ERC1155// =============================================================/// @inheritdoc IWithdrawablefunctionwithdrawERC1155(address receiver, address token, uint256 tokenId, uint256 amount, bytescalldata data)
externalonlyOwner{
_withdrawERC1155({receiver: receiver, token: token, tokenId: tokenId, amount: amount, data: data});
}
/// @inheritdoc IWithdrawablefunctionwithdrawAllERC1155(address receiver, address token, uint256 tokenId, bytescalldata data)
externalonlyOwner{
uint256 totalBalance = IERC1155(token).balanceOf(address(this), tokenId);
_withdrawERC1155({receiver: receiver, token: token, tokenId: tokenId, amount: totalBalance, data: data});
}
/// @dev Withdraws `amount` of an ERC1155 token from the contract.function_withdrawERC1155(address receiver, address token, uint256 tokenId, uint256 amount, bytescalldata data)
internal{
if (receiver ==address(0)) revert AddressZero();
if (token ==address(0)) revert AddressZero();
IERC1155 erc1155 = IERC1155(token);
if (erc1155.balanceOf(address(this), tokenId) < amount) revert InsufficientBalance();
emit WithdrawnERC1155(receiver, token, tokenId, amount);
erc1155.safeTransferFrom({from: address(this), to: receiver, id: tokenId, value: amount, data: data});
}
}
