// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.7.0) (access/AccessControl.sol)pragmasolidity ^0.8.0;import"./IAccessControl.sol";
import"../utils/Context.sol";
import"../utils/Strings.sol";
import"../utils/introspection/ERC165.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms. This is a lightweight version that doesn't allow enumerating role
* members except through off-chain means by accessing the contract event logs. Some
* applications may benefit from on-chain enumerability, for those cases see
* {AccessControlEnumerable}.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it.
*/abstractcontractAccessControlisContext, IAccessControl, ERC165{
structRoleData {
mapping(address=>bool) members;
bytes32 adminRole;
}
mapping(bytes32=> RoleData) private _roles;
bytes32publicconstant DEFAULT_ADMIN_ROLE =0x00;
/**
* @dev Modifier that checks that an account has a specific role. Reverts
* with a standardized message including the required role.
*
* The format of the revert reason is given by the following regular expression:
*
* /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/
*
* _Available since v4.1._
*/modifieronlyRole(bytes32 role) {
_checkRole(role);
_;
}
/**
* @dev See {IERC165-supportsInterface}.
*/functionsupportsInterface(bytes4 interfaceId) publicviewvirtualoverridereturns (bool) {
return interfaceId ==type(IAccessControl).interfaceId||super.supportsInterface(interfaceId);
}
/**
* @dev Returns `true` if `account` has been granted `role`.
*/functionhasRole(bytes32 role, address account) publicviewvirtualoverridereturns (bool) {
return _roles[role].members[account];
}
/**
* @dev Revert with a standard message if `_msgSender()` is missing `role`.
* Overriding this function changes the behavior of the {onlyRole} modifier.
*
* Format of the revert message is described in {_checkRole}.
*
* _Available since v4.6._
*/function_checkRole(bytes32 role) internalviewvirtual{
_checkRole(role, _msgSender());
}
/**
* @dev Revert with a standard message if `account` is missing `role`.
*
* The format of the revert reason is given by the following regular expression:
*
* /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/
*/function_checkRole(bytes32 role, address account) internalviewvirtual{
if (!hasRole(role, account)) {
revert(
string(
abi.encodePacked(
"AccessControl: account ",
Strings.toHexString(uint160(account), 20),
" is missing role ",
Strings.toHexString(uint256(role), 32)
)
)
);
}
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/functiongetRoleAdmin(bytes32 role) publicviewvirtualoverridereturns (bytes32) {
return _roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleGranted} event.
*/functiongrantRole(bytes32 role, address account) publicvirtualoverrideonlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleRevoked} event.
*/functionrevokeRole(bytes32 role, address account) publicvirtualoverrideonlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been revoked `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `account`.
*
* May emit a {RoleRevoked} event.
*/functionrenounceRole(bytes32 role, address account) publicvirtualoverride{
require(account == _msgSender(), "AccessControl: can only renounce roles for self");
_revokeRole(role, account);
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event. Note that unlike {grantRole}, this function doesn't perform any
* checks on the calling account.
*
* May emit a {RoleGranted} event.
*
* [WARNING]
* ====
* This function should only be called from the constructor when setting
* up the initial roles for the system.
*
* Using this function in any other way is effectively circumventing the admin
* system imposed by {AccessControl}.
* ====
*
* NOTE: This function is deprecated in favor of {_grantRole}.
*/function_setupRole(bytes32 role, address account) internalvirtual{
_grantRole(role, account);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/function_setRoleAdmin(bytes32 role, bytes32 adminRole) internalvirtual{
bytes32 previousAdminRole = getRoleAdmin(role);
_roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
/**
* @dev Grants `role` to `account`.
*
* Internal function without access restriction.
*
* May emit a {RoleGranted} event.
*/function_grantRole(bytes32 role, address account) internalvirtual{
if (!hasRole(role, account)) {
_roles[role].members[account] =true;
emit RoleGranted(role, account, _msgSender());
}
}
/**
* @dev Revokes `role` from `account`.
*
* Internal function without access restriction.
*
* May emit a {RoleRevoked} event.
*/function_revokeRole(bytes32 role, address account) internalvirtual{
if (hasRole(role, account)) {
_roles[role].members[account] =false;
emit RoleRevoked(role, account, _msgSender());
}
}
}
Contract Source Code
File 2 of 18: AccessControlEnumerable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.5.0) (access/AccessControlEnumerable.sol)pragmasolidity ^0.8.0;import"./IAccessControlEnumerable.sol";
import"./AccessControl.sol";
import"../utils/structs/EnumerableSet.sol";
/**
* @dev Extension of {AccessControl} that allows enumerating the members of each role.
*/abstractcontractAccessControlEnumerableisIAccessControlEnumerable, AccessControl{
usingEnumerableSetforEnumerableSet.AddressSet;
mapping(bytes32=> EnumerableSet.AddressSet) private _roleMembers;
/**
* @dev See {IERC165-supportsInterface}.
*/functionsupportsInterface(bytes4 interfaceId) publicviewvirtualoverridereturns (bool) {
return interfaceId ==type(IAccessControlEnumerable).interfaceId||super.supportsInterface(interfaceId);
}
/**
* @dev Returns one of the accounts that have `role`. `index` must be a
* value between 0 and {getRoleMemberCount}, non-inclusive.
*
* Role bearers are not sorted in any particular way, and their ordering may
* change at any point.
*
* WARNING: When using {getRoleMember} and {getRoleMemberCount}, make sure
* you perform all queries on the same block. See the following
* https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post]
* for more information.
*/functiongetRoleMember(bytes32 role, uint256 index) publicviewvirtualoverridereturns (address) {
return _roleMembers[role].at(index);
}
/**
* @dev Returns the number of accounts that have `role`. Can be used
* together with {getRoleMember} to enumerate all bearers of a role.
*/functiongetRoleMemberCount(bytes32 role) publicviewvirtualoverridereturns (uint256) {
return _roleMembers[role].length();
}
/**
* @dev Overload {_grantRole} to track enumerable memberships
*/function_grantRole(bytes32 role, address account) internalvirtualoverride{
super._grantRole(role, account);
_roleMembers[role].add(account);
}
/**
* @dev Overload {_revokeRole} to track enumerable memberships
*/function_revokeRole(bytes32 role, address account) internalvirtualoverride{
super._revokeRole(role, account);
_roleMembers[role].remove(account);
}
}
Contract Source Code
File 3 of 18: Address.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.7.0) (utils/Address.sol)pragmasolidity ^0.8.1;/**
* @dev Collection of functions related to the address type
*/libraryAddress{
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/functionisContract(address account) internalviewreturns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0// for contracts in construction, since the code is only stored at the end// of the constructor execution.return account.code.length>0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/functionsendValue(addresspayable recipient, uint256 amount) internal{
require(address(this).balance>= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/functionfunctionCall(address target, bytesmemory data) internalreturns (bytesmemory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCall(address target,
bytesmemory data,
stringmemory errorMessage
) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target,
bytesmemory data,
uint256 value
) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target,
bytesmemory data,
uint256 value,
stringmemory errorMessage
) internalreturns (bytesmemory) {
require(address(this).balance>= value, "Address: insufficient balance for call");
require(isContract(target), "Address: call to non-contract");
(bool success, bytesmemory returndata) = target.call{value: value}(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/functionfunctionStaticCall(address target, bytesmemory data) internalviewreturns (bytesmemory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/functionfunctionStaticCall(address target,
bytesmemory data,
stringmemory errorMessage
) internalviewreturns (bytesmemory) {
require(isContract(target), "Address: static call to non-contract");
(bool success, bytesmemory returndata) = target.staticcall(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/functionfunctionDelegateCall(address target, bytesmemory data) internalreturns (bytesmemory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/functionfunctionDelegateCall(address target,
bytesmemory data,
stringmemory errorMessage
) internalreturns (bytesmemory) {
require(isContract(target), "Address: delegate call to non-contract");
(bool success, bytesmemory returndata) = target.delegatecall(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Tool to verifies that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason using the provided one.
*
* _Available since v4.3._
*/functionverifyCallResult(bool success,
bytesmemory returndata,
stringmemory errorMessage
) internalpurereturns (bytesmemory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if presentif (returndata.length>0) {
// The easiest way to bubble the revert reason is using memory via assembly/// @solidity memory-safe-assemblyassembly {
let returndata_size :=mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}
Contract Source Code
File 4 of 18: Context.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)pragmasolidity ^0.8.0;/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/abstractcontractContext{
function_msgSender() internalviewvirtualreturns (address) {
returnmsg.sender;
}
function_msgData() internalviewvirtualreturns (bytescalldata) {
returnmsg.data;
}
}
Contract Source Code
File 5 of 18: ERC165.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (utils/introspection/ERC165.sol)pragmasolidity ^0.8.0;import"./IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*
* Alternatively, {ERC165Storage} provides an easier to use but more expensive implementation.
*/abstractcontractERC165isIERC165{
/**
* @dev See {IERC165-supportsInterface}.
*/functionsupportsInterface(bytes4 interfaceId) publicviewvirtualoverridereturns (bool) {
return interfaceId ==type(IERC165).interfaceId;
}
}
Contract Source Code
File 6 of 18: EnumerableSet.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.7.0) (utils/structs/EnumerableSet.sol)pragmasolidity ^0.8.0;/**
* @dev Library for managing
* https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive
* types.
*
* Sets have the following properties:
*
* - Elements are added, removed, and checked for existence in constant time
* (O(1)).
* - Elements are enumerated in O(n). No guarantees are made on the ordering.
*
* ```
* contract Example {
* // Add the library methods
* using EnumerableSet for EnumerableSet.AddressSet;
*
* // Declare a set state variable
* EnumerableSet.AddressSet private mySet;
* }
* ```
*
* As of v3.3.0, sets of type `bytes32` (`Bytes32Set`), `address` (`AddressSet`)
* and `uint256` (`UintSet`) are supported.
*
* [WARNING]
* ====
* Trying to delete such a structure from storage will likely result in data corruption, rendering the structure unusable.
* See https://github.com/ethereum/solidity/pull/11843[ethereum/solidity#11843] for more info.
*
* In order to clean an EnumerableSet, you can either remove all elements one by one or create a fresh instance using an array of EnumerableSet.
* ====
*/libraryEnumerableSet{
// To implement this library for multiple types with as little code// repetition as possible, we write it in terms of a generic Set type with// bytes32 values.// The Set implementation uses private functions, and user-facing// implementations (such as AddressSet) are just wrappers around the// underlying Set.// This means that we can only create new EnumerableSets for types that fit// in bytes32.structSet {
// Storage of set valuesbytes32[] _values;
// Position of the value in the `values` array, plus 1 because index 0// means a value is not in the set.mapping(bytes32=>uint256) _indexes;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/function_add(Set storage set, bytes32 value) privatereturns (bool) {
if (!_contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes// and use 0 as a sentinel value
set._indexes[value] = set._values.length;
returntrue;
} else {
returnfalse;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/function_remove(Set storage set, bytes32 value) privatereturns (bool) {
// We read and store the value's index to prevent multiple reads from the same storage slotuint256 valueIndex = set._indexes[value];
if (valueIndex !=0) {
// Equivalent to contains(set, value)// To delete an element from the _values array in O(1), we swap the element to delete with the last one in// the array, and then remove the last element (sometimes called as 'swap and pop').// This modifies the order of the array, as noted in {at}.uint256 toDeleteIndex = valueIndex -1;
uint256 lastIndex = set._values.length-1;
if (lastIndex != toDeleteIndex) {
bytes32 lastValue = set._values[lastIndex];
// Move the last value to the index where the value to delete is
set._values[toDeleteIndex] = lastValue;
// Update the index for the moved value
set._indexes[lastValue] = valueIndex; // Replace lastValue's index to valueIndex
}
// Delete the slot where the moved value was stored
set._values.pop();
// Delete the index for the deleted slotdelete set._indexes[value];
returntrue;
} else {
returnfalse;
}
}
/**
* @dev Returns true if the value is in the set. O(1).
*/function_contains(Set storage set, bytes32 value) privateviewreturns (bool) {
return set._indexes[value] !=0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/function_length(Set storage set) privateviewreturns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/function_at(Set storage set, uint256 index) privateviewreturns (bytes32) {
return set._values[index];
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/function_values(Set storage set) privateviewreturns (bytes32[] memory) {
return set._values;
}
// Bytes32SetstructBytes32Set {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/functionadd(Bytes32Set storage set, bytes32 value) internalreturns (bool) {
return _add(set._inner, value);
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/functionremove(Bytes32Set storage set, bytes32 value) internalreturns (bool) {
return _remove(set._inner, value);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/functioncontains(Bytes32Set storage set, bytes32 value) internalviewreturns (bool) {
return _contains(set._inner, value);
}
/**
* @dev Returns the number of values in the set. O(1).
*/functionlength(Bytes32Set storage set) internalviewreturns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/functionat(Bytes32Set storage set, uint256 index) internalviewreturns (bytes32) {
return _at(set._inner, index);
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/functionvalues(Bytes32Set storage set) internalviewreturns (bytes32[] memory) {
return _values(set._inner);
}
// AddressSetstructAddressSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/functionadd(AddressSet storage set, address value) internalreturns (bool) {
return _add(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/functionremove(AddressSet storage set, address value) internalreturns (bool) {
return _remove(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/functioncontains(AddressSet storage set, address value) internalviewreturns (bool) {
return _contains(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Returns the number of values in the set. O(1).
*/functionlength(AddressSet storage set) internalviewreturns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/functionat(AddressSet storage set, uint256 index) internalviewreturns (address) {
returnaddress(uint160(uint256(_at(set._inner, index))));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/functionvalues(AddressSet storage set) internalviewreturns (address[] memory) {
bytes32[] memory store = _values(set._inner);
address[] memory result;
/// @solidity memory-safe-assemblyassembly {
result := store
}
return result;
}
// UintSetstructUintSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/functionadd(UintSet storage set, uint256 value) internalreturns (bool) {
return _add(set._inner, bytes32(value));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/functionremove(UintSet storage set, uint256 value) internalreturns (bool) {
return _remove(set._inner, bytes32(value));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/functioncontains(UintSet storage set, uint256 value) internalviewreturns (bool) {
return _contains(set._inner, bytes32(value));
}
/**
* @dev Returns the number of values on the set. O(1).
*/functionlength(UintSet storage set) internalviewreturns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/functionat(UintSet storage set, uint256 index) internalviewreturns (uint256) {
returnuint256(_at(set._inner, index));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/functionvalues(UintSet storage set) internalviewreturns (uint256[] memory) {
bytes32[] memory store = _values(set._inner);
uint256[] memory result;
/// @solidity memory-safe-assemblyassembly {
result := store
}
return result;
}
}
Contract Source Code
File 7 of 18: IAccessControl.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (access/IAccessControl.sol)pragmasolidity ^0.8.0;/**
* @dev External interface of AccessControl declared to support ERC165 detection.
*/interfaceIAccessControl{
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted signaling this.
*
* _Available since v3.1._
*/eventRoleAdminChanged(bytes32indexed role, bytes32indexed previousAdminRole, bytes32indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call, an admin role
* bearer except when using {AccessControl-_setupRole}.
*/eventRoleGranted(bytes32indexed role, addressindexed account, addressindexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/eventRoleRevoked(bytes32indexed role, addressindexed account, addressindexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/functionhasRole(bytes32 role, address account) externalviewreturns (bool);
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {AccessControl-_setRoleAdmin}.
*/functiongetRoleAdmin(bytes32 role) externalviewreturns (bytes32);
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/functiongrantRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/functionrevokeRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `account`.
*/functionrenounceRole(bytes32 role, address account) external;
}
Contract Source Code
File 8 of 18: IAccessControlEnumerable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (access/IAccessControlEnumerable.sol)pragmasolidity ^0.8.0;import"./IAccessControl.sol";
/**
* @dev External interface of AccessControlEnumerable declared to support ERC165 detection.
*/interfaceIAccessControlEnumerableisIAccessControl{
/**
* @dev Returns one of the accounts that have `role`. `index` must be a
* value between 0 and {getRoleMemberCount}, non-inclusive.
*
* Role bearers are not sorted in any particular way, and their ordering may
* change at any point.
*
* WARNING: When using {getRoleMember} and {getRoleMemberCount}, make sure
* you perform all queries on the same block. See the following
* https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post]
* for more information.
*/functiongetRoleMember(bytes32 role, uint256 index) externalviewreturns (address);
/**
* @dev Returns the number of accounts that have `role`. Can be used
* together with {getRoleMember} to enumerate all bearers of a role.
*/functiongetRoleMemberCount(bytes32 role) externalviewreturns (uint256);
}
Contract Source Code
File 9 of 18: IERC165.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (utils/introspection/IERC165.sol)pragmasolidity ^0.8.0;/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/interfaceIERC165{
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/functionsupportsInterface(bytes4 interfaceId) externalviewreturns (bool);
}
Contract Source Code
File 10 of 18: IERC20.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)pragmasolidity ^0.8.0;/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/interfaceIERC20{
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/eventTransfer(addressindexedfrom, addressindexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/eventApproval(addressindexed owner, addressindexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/functiontotalSupply() externalviewreturns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/functionbalanceOf(address account) externalviewreturns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransfer(address to, uint256 amount) externalreturns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/functionallowance(address owner, address spender) externalviewreturns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/functionapprove(address spender, uint256 amount) externalreturns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransferFrom(addressfrom,
address to,
uint256 amount
) externalreturns (bool);
}
Contract Source Code
File 11 of 18: IWrap.sol
// SPDX-License-Identifier: UNLICENSEDpragmasolidity ^0.8.15;/**
* Copyright (C) 2023 Flare Finance B.V. - All Rights Reserved.
*
* This source code and any functionality deriving from it are owned by Flare
* Finance BV and the use of it is only permitted within the official platforms
* and/or original products of Flare Finance B.V. and its licensed parties. Any
* further enquiries regarding this copyright and possible licenses can be directed
* to partners[at]flr.finance.
*
* The source code and any functionality deriving from it are provided "as is",
* without warranty of any kind, express or implied, including but not limited to
* the warranties of merchantability, fitness for a particular purpose and
* noninfringement. In no event shall the authors or copyright holder be liable
* for any claim, damages or other liability, whether in an action of contract,
* tort or otherwise, arising in any way out of the use or other dealings or in
* connection with the source code and any functionality deriving from it.
*/import {
IAccessControlEnumerable
} from"@openzeppelin/contracts/access/IAccessControlEnumerable.sol";
import { Multisig } from"../libraries/Multisig.sol";
/// @title Common interface for Wrap contracts on FLR and EVM chains.interfaceIWrapisIAccessControlEnumerable{
/// @dev Thrown when an operation is performed on a paused Wrap contract.errorContractPaused();
/// @dev Thrown when the contract is not paused.errorContractNotPaused();
/// @dev Thrown when the contract is already migrated.errorContractMigrated();
/// @dev Thrown when the token is not allowlisted or the amount/// being deposited/approved is not in the range of min/maxAmount.errorInvalidTokenAmount();
/// @dev Thrown when the token config is invalid.errorInvalidTokenConfig();
/// @dev Thrown when the fee being set is higher than the maximum/// fee allowed.errorFeeExceedsMaxFee();
/// @dev Thrown when the recipient address is the zero address.errorInvalidToAddress();
/// @dev Thrown when the provided blocknumber is not of the most recent 256 blocks.errorInvalidBlockHash();
/// @dev Thrown when the daily volume exceeds the dailyLimit.errorDailyLimitExhausted();
/// @dev Thrown when the fee recipient address is the zero address.errorInvalidFeeRecipient();
/// @dev Emitted when a user deposits./// @param id ID associated with the request./// @param token Token deposited./// @param amount Amount of tokens deposited, minus the fee./// @param to Address to release the funds to./// @param fee Fee subtracted from the original deposited amount.eventDeposit(uint256indexed id,
addressindexed token,
uint256 amount,
address to,
uint256 fee
);
/// @dev Emitted when a new request is created./// @param id ID associated with the request./// @param mirrorToken Mirror token requested./// @param amount Amount of tokens requested./// @param to Address to release the funds to.eventRequested(uint256indexed id,
addressindexed mirrorToken,
uint256 amount,
address to
);
/// @dev Emitted when a request gets executed./// @param id ID associated with the request./// @param mirrorToken Mirror token requested./// @param token Token approved./// @param amount Amount approved, minus the fee./// @param to Address to release the funds to./// @param fee Fee charged on top of the approved amount.eventExecuted(uint256indexed id,
addressindexed mirrorToken,
addressindexed token,
uint256 amount,
address to,
uint256 fee
);
/// @dev Token information./// @param maxAmount Maximum amount to deposit./// @param minAmount Minimum amount to deposit, including fees../// @notice Set max amount to zero to disable the token./// @param dailyLimit Daily volume limit.structTokenInfo {
uint256 maxAmount;
uint256 minAmount;
uint256 dailyLimit;
}
/// @dev Token info that is stored in the contact storage./// @param maxAmount Maximum amount to deposit./// @param minAmount Minimum amount to deposit, with fees included./// @param dailyLimit Daily volume limit./// @param consumedLimit Consumed daily volume limit./// @param lastUpdated Last timestamp when the consumed limit was set to 0./// @notice Set max amount to zero to disable the token./// @notice Set daily limit to 0 to disable the daily limit. Consumed limit should/// always be less than equal to dailyLimit.structTokenInfoStore {
uint256 maxAmount;
uint256 minAmount;
uint256 dailyLimit;
uint256 consumedLimit;
uint256 lastUpdated;
}
/// @dev Request information./// @param id ID associated with the request./// @param token Token requested./// @param amount Amount of tokens requested./// @param to Address to release the funds to.structRequestInfo {
uint256 id;
address token;
uint256 amount;
address to;
}
/// @dev Returns whether or not the contract has been paused./// @return paused True if the contract is paused, false otherwise.functionpaused() externalviewreturns (bool paused);
/// @dev Returns the number of deposits.functiondepositIndex() externalviewreturns (uint256);
/// @dev Returns the index of the request that will be executed next.functionnextExecutionIndex() externalviewreturns (uint256);
/// @dev Returns info about a given validator.functionvalidatorInfo(address validator
) externalviewreturns (Multisig.SignerInfo memory);
/// @dev Returns the number of attesters and their indeces for a given request hash.functionattesters(bytes32 hash
) externalviewreturns (uint16[] memory attesters, uint16 count);
/// @dev Returns the validator fee basis points.functionvalidatorFeeBPS() externalviewreturns (uint16);
/// @dev Update a token's configuration information./// @param tokenInfo The token's new configuration info./// @notice Set maxAmount to zero to disable the token./// @notice Can only be called by the weak-admin.functionconfigureToken(address token,
TokenInfo calldata tokenInfo
) external;
/// @dev Set the multisig configuration./// @param config Multisig config./// @notice Can only be called by the admin.functionconfigureMultisig(Multisig.Config calldata config) external;
/// @dev Configure validator fees./// @param validatorFeeBPS Validator fee in basis points./// @notice Can only be called by the weak-admin.functionconfigureValidatorFees(uint16 validatorFeeBPS) external;
/// @dev Deposit tokens to bridge to the other side./// @param token Token being deposited./// @param amount Amount of tokens being deposited./// @param to Address to release the tokens to on the other side./// @return The ID associated to the request.functiondeposit(address token,
uint256 amount,
address to
) externalreturns (uint256);
/// @dev Approve and/or execute a given request./// @param id ID associated with the request./// @param token Token requested./// @param amount Amount of tokens requested./// @param to Address to release the funds to./// @param recentBlockhash Block hash of `recentBlocknumber`/// @param recentBlocknumber Recent block numberfunctionapproveExecute(uint256 id,
address token,
uint256 amount,
address to,
bytes32 recentBlockhash,
uint256 recentBlocknumber
) external;
/// @dev Approve and/or execute requests./// @param requests Requests to approve and/or execute.functionbatchApproveExecute(
RequestInfo[] calldata requests,
bytes32 recentBlockhash,
uint256 recentBlocknumber
) external;
/// @dev Pauses the contract./// @notice The contract can be paused by all addresses/// with pause role but can only be unpaused by the weak-admin.functionpause() external;
/// @dev Unpauses the contract./// @notice The contract can be paused by all addresses/// with pause role but can only be unpaused by the weak-admin.functionunpause() external;
/// @dev Add a new validator to the contract./// @param validator Address of the validator./// @param isFirstCommittee True when adding the validator to the first committee./// @param feeRecipient Address of the fee recipient./// false when adding the validator to the second committee./// @notice Can only be called by the admin.functionaddValidator(address validator,
bool isFirstCommittee,
address feeRecipient
) external;
/// @dev Change fee recipient for a validator./// @param validator Address of the validator./// @param feeRecipient Address of the new fee recipient.functionconfigureValidatorFeeRecipient(address validator,
address feeRecipient
) external;
/// @dev Remove existing validator from the contract./// @param validator Address of the validator./// @notice Can only be called by the weak-admin./// @notice The fees accumulated by the validator are distributed before being removed.functionremoveValidator(address validator) external;
/// @dev Allows to claim accumulated fees for a validator./// @param validator Address of the validator./// @notice Can be triggered by anyone but the fee is transfered to the/// set feeRecepient for the validator.functionclaimValidatorFees(address validator) external;
/// @dev Forcefully set next next execution index./// @param index The new next execution index./// @notice Can only be called by the admin of the contract.functionforceSetNextExecutionIndex(uint256 index) external;
/// @dev Migrates the contract to a new address./// @param _newContract Address of the new contract./// @notice This function can only be called once in the lifetime of this/// contract by the admin.functionmigrate(address _newContract) external;
}
Contract Source Code
File 12 of 18: IWrapDepositRedeem.sol
// SPDX-License-Identifier: UNLICENSEDpragmasolidity ^0.8.15;/**
* Copyright (C) 2023 Flare Finance B.V. - All Rights Reserved.
*
* This source code and any functionality deriving from it are owned by Flare
* Finance BV and the use of it is only permitted within the official platforms
* and/or original products of Flare Finance B.V. and its licensed parties. Any
* further enquiries regarding this copyright and possible licenses can be directed
* to partners[at]flr.finance.
*
* The source code and any functionality deriving from it are provided "as is",
* without warranty of any kind, express or implied, including but not limited to
* the warranties of merchantability, fitness for a particular purpose and
* noninfringement. In no event shall the authors or copyright holder be liable
* for any claim, damages or other liability, whether in an action of contract,
* tort or otherwise, arising in any way out of the use or other dealings or in
* connection with the source code and any functionality deriving from it.
*/import { IWrap } from"./IWrap.sol";
/// @title Interface for the side of Wraps where tokens are deposited and/// redeemed.interfaceIWrapDepositRedeemisIWrap{
/// @dev Allowlist a new token./// @param token Address of the token that will be allowlisted./// @param mirrorToken Address of the token that will be minted/// on the other side./// @param tokenInfo Information associated with the token./// @notice Set maxAmount to zero to disable the token./// @notice Can only be called by the weak-admin.functionaddToken(address token,
address mirrorToken,
TokenInfo calldata tokenInfo
) external;
}
Contract Source Code
File 13 of 18: Multisig.sol
// SPDX-License-Identifier: UNLICENSEDpragmasolidity ^0.8.15;/**
* Copyright (C) 2023 Flare Finance B.V. - All Rights Reserved.
*
* This source code and any functionality deriving from it are owned by Flare
* Finance BV and the use of it is only permitted within the official platforms
* and/or original products of Flare Finance B.V. and its licensed parties. Any
* further enquiries regarding this copyright and possible licenses can be directed
* to partners[at]flr.finance.
*
* The source code and any functionality deriving from it are provided "as is",
* without warranty of any kind, express or implied, including but not limited to
* the warranties of merchantability, fitness for a particular purpose and
* noninfringement. In no event shall the authors or copyright holder be liable
* for any claim, damages or other liability, whether in an action of contract,
* tort or otherwise, arising in any way out of the use or other dealings or in
* connection with the source code and any functionality deriving from it.
*//// @title Two committee multisig library./// @dev Implements a multisig with two committees./// A separate quorum must be reached in both committees/// to approve a given request. A request is rejected if/// either of the two committees rejects it. Each committee/// cannot have more than 128 members.libraryMultisig{
/// @dev Thrown when an already existing signer is added.errorSignerAlreadyExists(address signer);
/// @dev Thrown when an account that is performing some/// signer-only action is not an active signer.errorSignerNotActive(address signer);
/// @dev Thrown when attempting to add a new signer/// after the max committee size has been reached.errorMaxCommitteeSizeReached();
/// @dev Thrown when the configuration parmeters that are/// being set are not valid.errorInvalidConfiguration();
/// @dev Thrown when a given ID has already been assigned/// to an apprroved request.errorInvalidId();
/// @dev Thrown when the current next execution index is/// greater equal to the new next execution index.errorInvalidNextExecutionIndex();
/// @dev Emitted when a new signer is added./// @param signer Address of signer that was added./// @param isFirstCommittee True if the signer was/// added to the first committee and false if they were/// added to the second committee.eventAddSigner(addressindexed signer, boolindexed isFirstCommittee);
/// @dev Emitted when an existing signer is removed./// @param signer Address of signer that was removed.eventRemoveSigner(addressindexed signer);
/// @dev Maximum number of members in each committee./// @notice This number cannot be increased further/// with the current implementation. Our implementation/// uses bitmasks and the uint8 data type to optimize gas./// These data structures will overflow if maxCommitteeSize/// is greater than 128.uint8constant maxCommitteeSize =128;
/// @dev Maximum number of members in both committees/// combined./// @notice Similarly to maxCommitteeSize, maxSignersSize/// also cannot be further increased to more than 256.uint16constant maxSignersSize =256; // maxCommitteeSize * 2/// @dev Request statuses./// @notice `NULL` should be the first element as the first value is used/// as the default value in Solidity. The sequence of the other/// elements also shouldn't be changed.enumRequestStatus {
NULL, // request which doesn't exist
Undecided, // request hasn't reached quorum
Accepted // request has been approved
}
/// @notice `Unchanged` should be the first element as the first value is used/// as the default value in Solidity. The sequence of the other/// elements also shouldn't be changed.enumRequestStatusTransition {
Unchanged,
NULLToUndecided,
UndecidedToAccepted
}
/// @dev Signer statuses./// @notice `Uninitialized` should be the first element as the first value is used/// as the default value in Solidity. The sequence of the other/// elements also shouldn't be changed.enumSignerStatus {
Uninitialized,
Removed,
FirstCommittee,
SecondCommittee
}
/// @dev Request info./// @param approvalsFirstCommittee Number of approvals/// by the first committee./// @param approvalsSecondCommittee Number of approvals/// by the second committee./// @param status Status of the request./// @param approvers Bitmask for signers from the two/// committees who have accepted the request./// @notice Approvers is a bitmask. For example, a set bit at/// position 2 in the approvers bitmask indicates that the/// signer with index 2 has approved the request.structRequest {
uint8 approvalsFirstCommittee; // slot 1 (0 - 7 bits)uint8 approvalsSecondCommittee; // slot 1 (8 - 15 bits)
RequestStatus status; // slot 1 (16 - 23 bits)// slot 1 (23 - 255 spare bits)uint256 approvers; // slot 2
}
/// @dev Signer information./// @param status Status of the signer./// @param index Index of the signer.structSignerInfo {
SignerStatus status;
uint8 index;
}
/// @dev DualMultisig/// @param firstCommitteeAcceptanceQuorum Number of acceptances/// required to reach quorum in the first committee./// @param secondCommitteeAcceptanceQuorum Number of acceptances/// required to reach quorum in the second committee./// @param firstCommitteeSize Size of the first committee./// @param secondCommitteeSize Size of the second committee./// @param nextExecutionIndex Index of the request that will be executed next./// @param signers Mapping from signer address to signer info./// @param requests Mapping from request hash to request info./// @param approvedRequests Mapping request ID to request hash.structDualMultisig {
uint8 firstCommitteeAcceptanceQuorum; // slot 1 (0 - 7bits)uint8 secondCommitteeAcceptanceQuorum; // slot 1 (8 - 15bits)uint8 firstCommitteeSize; // slot 1 (16 - 23bits)uint8 secondCommitteeSize; // slot 1 (24 - 31bits)// slot1 (32 - 255 spare bits)uint256 nextExecutionIndex;
mapping(address=> SignerInfo) signers;
mapping(bytes32=> Request) requests;
mapping(uint256=>bytes32) approvedRequests;
}
/// @param firstCommitteeAcceptanceQuorum Number of acceptances/// required to reach quorum in the first committee./// @param secondCommitteeAcceptanceQuorum Number of acceptances/// required to reach quorum in the second committee./// @notice Both acceptance quorums should be greater than zero/// and less than or equal to maxCommitteeSize.structConfig {
uint8 firstCommitteeAcceptanceQuorum;
uint8 secondCommitteeAcceptanceQuorum;
}
/// @dev Returns a request status for a given request hash./// @param s The relevant multisig to check./// @param hash The hash of the request being checked./// @return The status of the request with the given hash.functionstatus(
DualMultisig storage s,
bytes32 hash
) internalviewreturns (RequestStatus) {
return s.requests[hash].status;
}
/// @dev Returns whether or not a given address is a signer/// in the multisig./// @param s The relevant multisig to check./// @param signer The address of the potential signer./// @return True if the provided address is a signer.functionisSigner(
DualMultisig storage s,
address signer
) internalviewreturns (bool) {
return s.signers[signer].status >= SignerStatus.FirstCommittee;
}
/// @dev Updates a multisig's configuration.functionconfigure(DualMultisig storage s, Config memory c) internal{
if (
c.firstCommitteeAcceptanceQuorum ==0||
c.firstCommitteeAcceptanceQuorum > maxCommitteeSize ||
c.secondCommitteeAcceptanceQuorum ==0||
c.secondCommitteeAcceptanceQuorum > maxCommitteeSize
) {
revert InvalidConfiguration();
}
s.firstCommitteeAcceptanceQuorum = c.firstCommitteeAcceptanceQuorum;
s.secondCommitteeAcceptanceQuorum = c.secondCommitteeAcceptanceQuorum;
}
/// @dev Adds a new signer./// @param s The multisig to add the signer to./// @param signer The address of the signer to add./// @param isFirstCommittee True if the signer is to be/// added to the first committee and false if they are/// to be added to the second committee.functionaddSigner(
DualMultisig storage s,
address signer,
bool isFirstCommittee
) internal{
uint8 committeeSize = (
isFirstCommittee ? s.firstCommitteeSize : s.secondCommitteeSize
);
if (committeeSize == maxCommitteeSize) {
revert MaxCommitteeSizeReached();
}
SignerInfo storage signerInfo = s.signers[signer];
if (signerInfo.status != SignerStatus.Uninitialized) {
revert SignerAlreadyExists(signer);
}
signerInfo.index = s.firstCommitteeSize + s.secondCommitteeSize;
if (isFirstCommittee) {
s.firstCommitteeSize++;
signerInfo.status = SignerStatus.FirstCommittee;
} else {
s.secondCommitteeSize++;
signerInfo.status = SignerStatus.SecondCommittee;
}
emit AddSigner(signer, isFirstCommittee);
}
/// @dev Removes a signer./// @param s The multisig to remove the signer from./// @param signer The signer to be removed.functionremoveSigner(DualMultisig storage s, address signer) internal{
SignerInfo storage signerInfo = s.signers[signer];
if (signerInfo.status < SignerStatus.FirstCommittee) {
revert SignerNotActive(signer);
}
signerInfo.status = SignerStatus.Removed;
emit RemoveSigner(signer);
}
/// @dev Approve a request if its has not already been approved./// @param s The multisig for which to approve the given request./// @param signer The signer approving the request./// @param hash The hash of the request being approved./// @return The request's status transition./// @dev Notice that this code assumes that the hash is generated from/// the ID and other data outside of this function. It is important to include/// the ID in the hash.functiontryApprove(
DualMultisig storage s,
address signer,
bytes32 hash,
uint256 id
) internalreturns (RequestStatusTransition) {
Request storage request = s.requests[hash];
// If the request has already been accepted// then simply return.if (request.status == RequestStatus.Accepted) {
return RequestStatusTransition.Unchanged;
}
SignerInfo memory signerInfo = s.signers[signer];
// Make sure that the signer is valid.if (signerInfo.status < SignerStatus.FirstCommittee) {
revert SignerNotActive(signer);
}
// Revert if another request with the same ID has// already been approved.if (s.approvedRequests[id] !=bytes32(0)) {
revert InvalidId();
}
uint256 signerMask =1<< signerInfo.index;
// Check if the signer has already signed.if ((signerMask & request.approvers) !=0) {
return RequestStatusTransition.Unchanged;
}
// Add the signer to the bitmask of approvers.
request.approvers |= signerMask;
if (signerInfo.status == SignerStatus.FirstCommittee) {
++request.approvalsFirstCommittee;
} else {
++request.approvalsSecondCommittee;
}
if (
request.approvalsFirstCommittee >=
s.firstCommitteeAcceptanceQuorum &&
request.approvalsSecondCommittee >=
s.secondCommitteeAcceptanceQuorum
) {
request.status = RequestStatus.Accepted;
s.approvedRequests[id] = hash;
return RequestStatusTransition.UndecidedToAccepted;
} elseif (request.status == RequestStatus.NULL) {
// If this is the first approval, change the request status// to undecided.
request.status = RequestStatus.Undecided;
return RequestStatusTransition.NULLToUndecided;
}
return RequestStatusTransition.Unchanged;
}
/// @dev Get approvers for a given request./// @param s The multisig to get the approvers for./// @param hash The hash of the request./// @return approvers List of approvers./// @return count Count of approvers.functiongetApprovers(
DualMultisig storage s,
bytes32 hash
) internalviewreturns (uint16[] memory approvers, uint16 count) {
uint256 mask = s.requests[hash].approvers;
uint16 signersCount = s.firstCommitteeSize + s.secondCommitteeSize;
approvers =newuint16[](signersCount);
count =0;
for (uint16 i =0; i < signersCount; i++) {
if ((mask & (1<< i)) !=0) {
approvers[count] = i;
count++;
}
}
return (approvers, count);
}
/// @dev Forcefully set next next execution index./// @param s The multisig to set the next execution index for./// @param index The new next execution index.functionforceSetNextExecutionIndex(
DualMultisig storage s,
uint256 index
) internal{
if (s.nextExecutionIndex >= index) {
revert InvalidNextExecutionIndex();
}
s.nextExecutionIndex = index;
}
/// @dev Try to execute the next approved request./// @param s The multisig whose next request should/// be executed./// @param hash The hash of the request being executed./// @param id The ID of the request being executed./// @return True if the execution was successful.functiontryExecute(
DualMultisig storage s,
bytes32 hash,
uint256 id
) internalreturns (bool) {
if (id == s.nextExecutionIndex && s.approvedRequests[id] == hash) {
s.nextExecutionIndex++;
returntrue;
}
returnfalse;
}
}
Contract Source Code
File 14 of 18: SafeERC20.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.7.0) (token/ERC20/utils/SafeERC20.sol)pragmasolidity ^0.8.0;import"../IERC20.sol";
import"../extensions/draft-IERC20Permit.sol";
import"../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/librarySafeERC20{
usingAddressforaddress;
functionsafeTransfer(
IERC20 token,
address to,
uint256 value
) internal{
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
functionsafeTransferFrom(
IERC20 token,
addressfrom,
address to,
uint256 value
) internal{
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/functionsafeApprove(
IERC20 token,
address spender,
uint256 value
) internal{
// safeApprove should only be called when setting an initial allowance,// or when resetting it to zero. To increase and decrease it, use// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'require(
(value ==0) || (token.allowance(address(this), spender) ==0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
functionsafeIncreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal{
uint256 newAllowance = token.allowance(address(this), spender) + value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
functionsafeDecreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal{
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
uint256 newAllowance = oldAllowance - value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
}
functionsafePermit(
IERC20Permit token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal{
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore +1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/function_callOptionalReturn(IERC20 token, bytesmemory data) private{
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since// we're implementing it ourselves. We use {Address.functionCall} to perform this call, which verifies that// the target address contains contract code and also asserts for success in the low-level call.bytesmemory returndata =address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length>0) {
// Return data is optionalrequire(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}
Contract Source Code
File 15 of 18: Strings.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.7.0) (utils/Strings.sol)pragmasolidity ^0.8.0;/**
* @dev String operations.
*/libraryStrings{
bytes16privateconstant _HEX_SYMBOLS ="0123456789abcdef";
uint8privateconstant _ADDRESS_LENGTH =20;
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/functiontoString(uint256 value) internalpurereturns (stringmemory) {
// Inspired by OraclizeAPI's implementation - MIT licence// https://github.com/oraclize/ethereum-api/blob/b42146b063c7d6ee1358846c198246239e9360e8/oraclizeAPI_0.4.25.solif (value ==0) {
return"0";
}
uint256 temp = value;
uint256 digits;
while (temp !=0) {
digits++;
temp /=10;
}
bytesmemory buffer =newbytes(digits);
while (value !=0) {
digits -=1;
buffer[digits] =bytes1(uint8(48+uint256(value %10)));
value /=10;
}
returnstring(buffer);
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/functiontoHexString(uint256 value) internalpurereturns (stringmemory) {
if (value ==0) {
return"0x00";
}
uint256 temp = value;
uint256 length =0;
while (temp !=0) {
length++;
temp >>=8;
}
return toHexString(value, length);
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/functiontoHexString(uint256 value, uint256 length) internalpurereturns (stringmemory) {
bytesmemory buffer =newbytes(2* length +2);
buffer[0] ="0";
buffer[1] ="x";
for (uint256 i =2* length +1; i >1; --i) {
buffer[i] = _HEX_SYMBOLS[value &0xf];
value >>=4;
}
require(value ==0, "Strings: hex length insufficient");
returnstring(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation.
*/functiontoHexString(address addr) internalpurereturns (stringmemory) {
return toHexString(uint256(uint160(addr)), _ADDRESS_LENGTH);
}
}
Contract Source Code
File 16 of 18: Wrap.sol
// SPDX-License-Identifier: UNLICENSEDpragmasolidity ^0.8.15;/**
* Copyright (C) 2023 Flare Finance B.V. - All Rights Reserved.
*
* This source code and any functionality deriving from it are owned by Flare
* Finance BV and the use of it is only permitted within the official platforms
* and/or original products of Flare Finance B.V. and its licensed parties. Any
* further enquiries regarding this copyright and possible licenses can be directed
* to partners[at]flr.finance.
*
* The source code and any functionality deriving from it are provided "as is",
* without warranty of any kind, express or implied, including but not limited to
* the warranties of merchantability, fitness for a particular purpose and
* noninfringement. In no event shall the authors or copyright holder be liable
* for any claim, damages or other liability, whether in an action of contract,
* tort or otherwise, arising in any way out of the use or other dealings or in
* connection with the source code and any functionality deriving from it.
*/import {
AccessControlEnumerable
} from"@openzeppelin/contracts/access/AccessControlEnumerable.sol";
import {
SafeERC20
} from"@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import { IERC20 } from"@openzeppelin/contracts/token/ERC20/IERC20.sol";
import { IWrap } from"./interfaces/IWrap.sol";
import { Multisig } from"./libraries/Multisig.sol";
abstractcontractWrapisIWrap, AccessControlEnumerable{
usingMultisigforMultisig.DualMultisig;
usingSafeERC20forIERC20;
/// @dev The role ID for addresses that can pause the contract.bytes32publicconstant PAUSE_ROLE =keccak256("PAUSE");
/// @dev The role ID for addresses that has weak admin power./// Weak admin can perform administrative tasks that don't risk user's funds.bytes32publicconstant WEAK_ADMIN_ROLE =keccak256("WEAK_ADMIN");
/// @dev Max protocol/validator fee that can be set by the owner.uint16constant maxFeeBPS =500; // should be less than 10,000/// @dev True if the contracts are paused, false otherwise.boolpublic paused;
/// @dev Map token address to token info.mapping(address=> TokenInfoStore) public tokenInfos;
/// @dev Map mirror token address to token address.mapping(address=>address) public mirrorTokens;
/// @dev Map validator to its fee recipient.mapping(address=>address) public validatorFeeRecipients;
/// @dev Map tokens to validator index to fee that can be collected.mapping(address=>mapping(uint256=>uint256)) public feeBalance;
/// @dev Array of all the tokens added./// @notice A token in the list might not be active.address[] public tokens;
/// @dev Dual multisig to manage validators,/// attestations and request quorum.
Multisig.DualMultisig internal multisig;
/// @dev The number of deposits.uint256public depositIndex;
/// @dev Validator fee basis points.uint16public validatorFeeBPS;
/// @dev Address of the migrated contract.addresspublic migratedContract;
constructor(Multisig.Config memory config, uint16 _validatorFeeBPS) {
_setupRole(DEFAULT_ADMIN_ROLE, msg.sender);
_setupRole(WEAK_ADMIN_ROLE, msg.sender);
multisig.configure(config);
configureValidatorFees(_validatorFeeBPS);
}
/// @dev Hook to execute on deposit./// @param token Address of the token being deposited./// @param amount The amount being deposited./// @return fee The fee charged to the depositor.functiononDeposit(address token,
uint256 amount
) internalvirtualreturns (uint256 fee);
/// @dev Hook to execute on successful bridging./// @param token Address of the token being bridged./// @param amount The amount being bridged./// @param to The address where the bridged are being sent to./// @return totalFee Total fee charged to the user./// @return validatorFee Total fee minus the protocol fees.functiononExecute(address token,
uint256 amount,
address to
) internalvirtualreturns (uint256 totalFee, uint256 validatorFee);
/// @dev Hook executed before the bridge migration./// @param _newContract Address of the new contract.functiononMigrate(address _newContract) internalvirtual;
/// @dev Modifier to check if the contract is not paused.modifierisNotPaused() {
if (paused ==true) {
revert ContractPaused();
}
_;
}
/// @dev Modifier to check if the contract is paused.modifierisPaused() {
if (paused ==false) {
revert ContractNotPaused();
}
_;
}
/// @dev Modifier to check that contract is not already migrated.modifiernotMigrated() {
if (migratedContract !=address(0)) {
revert ContractMigrated();
}
_;
}
/// @dev Modifier to make a function callable only when the token and amount is correct.modifierisValidTokenAmount(address token, uint256 amount) {
TokenInfoStore storage t = tokenInfos[token];
// Notice that t.maxAmount is 0 for non existent and disabled tokens.// Therefore, this check also ensures txs of such tokens are reverted.if (t.maxAmount <= amount || t.minAmount > amount) {
revert InvalidTokenAmount();
}
if (t.dailyLimit !=0) {
// Reset daily limit if the day is passed after last update.if (block.timestamp> t.lastUpdated +1days) {
t.lastUpdated =block.timestamp;
t.consumedLimit =0;
}
if (t.consumedLimit + amount > t.dailyLimit) {
revert DailyLimitExhausted();
}
t.consumedLimit += amount;
}
_;
}
/// @dev Modifier to make a function callable only when the recent block hash is valid.modifierwithValidRecentBlockHash(bytes32 recentBlockHash,
uint256 recentBlockNumber
) {
// Prevent malicious validators from pre-producing attestation signatures.// This is helpful in case validators are temporarily compromised.// `blockhash(recentBlockNumber)` yields `0x0` when `recentBlockNumber < block.number - 256`.if (
recentBlockHash ==bytes32(0) ||blockhash(recentBlockNumber) != recentBlockHash
) {
revert InvalidBlockHash();
}
_;
}
/// @inheritdoc IWrapfunctionnextExecutionIndex() externalviewreturns (uint256) {
return multisig.nextExecutionIndex;
}
/// @inheritdoc IWrapfunctionvalidatorInfo(address validator
) externalviewreturns (Multisig.SignerInfo memory) {
return multisig.signers[validator];
}
/// @inheritdoc IWrapfunctionattesters(bytes32 hash
) externalviewreturns (uint16[] memory attesterIndexes, uint16 count) {
return multisig.getApprovers(hash);
}
/// @dev Internal function to calculate fees by amount and BPS.functioncalculateFee(uint256 amount,
uint16 feeBPS
) internalpurereturns (uint256) {
// 10,000 is 100%return (amount * feeBPS) /10000;
}
/// @inheritdoc IWrapfunctiondeposit(address token,
uint256 amount,
address to
)
externalisNotPausedisValidTokenAmount(token, amount)
returns (uint256 id)
{
if (to ==address(0)) revert InvalidToAddress();
id = depositIndex;
depositIndex++;
uint256 fee = onDeposit(token, amount);
emit Deposit(id, token, amount - fee, to, fee);
}
/// @dev Internal function to calculate the hash of the request.functionhashRequest(uint256 id,
address token,
uint256 amount,
address to
) internalpurereturns (bytes32) {
returnkeccak256(abi.encodePacked(id, token, amount, to));
}
/// @dev Internal function to approve and/or execute a given request.function_approveExecute(uint256 id,
address mirrorToken,
uint256 amount,
address to
) privateisNotPaused{
// If the request ID is lower than the last executed ID then simply ignore the request.if (id < multisig.nextExecutionIndex) {
return;
}
bytes32 hash = hashRequest(id, mirrorToken, amount, to);
Multisig.RequestStatusTransition transition = multisig.tryApprove(
msg.sender,
hash,
id
);
if (transition == Multisig.RequestStatusTransition.NULLToUndecided) {
emit Requested(id, mirrorToken, amount, to);
}
if (multisig.tryExecute(hash, id)) {
address token = mirrorTokens[mirrorToken];
(uint256 totalFee, uint256 validatorFee) = onExecute(
token,
amount,
to
);
{
(uint16[] memory approvers, uint16 approverCount) = multisig
.getApprovers(hash);
uint256 feeToIndividualValidator = validatorFee / approverCount;
mapping(uint256=>uint256)
storage tokenFeeBalance = feeBalance[token];
for (uint16 i =0; i < approverCount; i++) {
tokenFeeBalance[approvers[i]] += feeToIndividualValidator;
}
}
emit Executed(
id,
mirrorToken,
token,
amount - totalFee,
to,
totalFee
);
}
}
/// @inheritdoc IWrapfunctionapproveExecute(uint256 id,
address mirrorToken,
uint256 amount,
address to,
bytes32 recentBlockHash,
uint256 recentBlockNumber
) externalwithValidRecentBlockHash(recentBlockHash, recentBlockNumber) {
_approveExecute(id, mirrorToken, amount, to);
}
/// @inheritdoc IWrapfunctionbatchApproveExecute(
RequestInfo[] calldata requests,
bytes32 recentBlockHash,
uint256 recentBlockNumber
) externalwithValidRecentBlockHash(recentBlockHash, recentBlockNumber) {
for (uint256 i =0; i < requests.length; i++) {
_approveExecute(
requests[i].id,
requests[i].token,
requests[i].amount,
requests[i].to
);
}
}
function_configureTokenInfo(address token,
uint256 minAmount,
uint256 maxAmount,
uint256 dailyLimit,
bool newToken
) internal{
uint256 currMinAmount = tokenInfos[token].minAmount;
if (
minAmount ==0||
(newToken ? currMinAmount !=0 : currMinAmount ==0)
) {
revert InvalidTokenConfig();
}
// configuring token also resets the daily volume limit
TokenInfoStore memory tokenInfoStore = TokenInfoStore(
maxAmount,
minAmount,
dailyLimit,
0,
block.timestamp
);
tokenInfos[token] = tokenInfoStore;
}
/// @inheritdoc IWrapfunctionconfigureToken(address token,
TokenInfo calldata tokenInfo
) externalonlyRole(WEAK_ADMIN_ROLE) {
_configureTokenInfo(
token,
tokenInfo.minAmount,
tokenInfo.maxAmount,
tokenInfo.dailyLimit,
false
);
}
/// @inheritdoc IWrapfunctionconfigureValidatorFees(uint16 _validatorFeeBPS
) publiconlyRole(WEAK_ADMIN_ROLE) {
if (_validatorFeeBPS > maxFeeBPS) {
revert FeeExceedsMaxFee();
}
validatorFeeBPS = _validatorFeeBPS;
}
/// @dev Internal function to add a new token./// @param token Token that will be deposited in the contract./// @param mirrorToken Token that will be deposited in the mirror contract./// @param tokenInfo Token info associated with the token.function_addToken(address token,
address mirrorToken,
TokenInfo calldata tokenInfo
) internal{
if (mirrorTokens[mirrorToken] !=address(0)) {
revert InvalidTokenConfig();
}
_configureTokenInfo(
token,
tokenInfo.minAmount,
tokenInfo.maxAmount,
tokenInfo.dailyLimit,
true
);
tokens.push(token);
mirrorTokens[mirrorToken] = token;
}
/// @inheritdoc IWrapfunctionconfigureMultisig(
Multisig.Config calldata config
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
multisig.configure(config);
}
/// @inheritdoc IWrapfunctionpause() externalonlyRole(PAUSE_ROLE) {
paused =true;
}
/// @inheritdoc IWrapfunctionunpause() externalnotMigratedonlyRole(WEAK_ADMIN_ROLE) {
paused =false;
}
/// @inheritdoc IWrapfunctionaddValidator(address validator,
bool isFirstCommittee,
address feeRecipient
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
multisig.addSigner(validator, isFirstCommittee);
validatorFeeRecipients[validator] = feeRecipient;
}
/// @inheritdoc IWrapfunctionremoveValidator(address validator
) externalonlyRole(WEAK_ADMIN_ROLE) {
multisig.removeSigner(validator);
}
/// @inheritdoc IWrapfunctionconfigureValidatorFeeRecipient(address validator,
address feeRecipient
) externalonlyRole(WEAK_ADMIN_ROLE) {
validatorFeeRecipients[validator] = feeRecipient;
}
/// @inheritdoc IWrapfunctionclaimValidatorFees(address validator) public{
address feeRecipient = validatorFeeRecipients[validator];
if (feeRecipient ==address(0)) {
revert InvalidFeeRecipient();
}
uint16 index = multisig.signers[validator].index;
for (uint256 i =0; i < tokens.length; i++) {
address token = tokens[i];
uint256 tokenValidatorFee = feeBalance[token][index];
feeBalance[token][index] =0;
IERC20(token).safeTransfer(feeRecipient, tokenValidatorFee);
}
}
/// @inheritdoc IWrapfunctionforceSetNextExecutionIndex(uint256 index
) publiconlyRole(DEFAULT_ADMIN_ROLE) {
multisig.forceSetNextExecutionIndex(index);
}
/// @inheritdoc IWrapfunctionmigrate(address _newContract
) publicisPausednotMigratedonlyRole(DEFAULT_ADMIN_ROLE) {
onMigrate(_newContract);
migratedContract = _newContract;
}
}
Contract Source Code
File 17 of 18: WrapDepositRedeem.sol
// SPDX-License-Identifier: UNLICENSEDpragmasolidity ^0.8.15;/**
* Copyright (C) 2023 Flare Finance B.V. - All Rights Reserved.
*
* This source code and any functionality deriving from it are owned by Flare
* Finance BV and the use of it is only permitted within the official platforms
* and/or original products of Flare Finance B.V. and its licensed parties. Any
* further enquiries regarding this copyright and possible licenses can be directed
* to partners[at]flr.finance.
*
* The source code and any functionality deriving from it are provided "as is",
* without warranty of any kind, express or implied, including but not limited to
* the warranties of merchantability, fitness for a particular purpose and
* noninfringement. In no event shall the authors or copyright holder be liable
* for any claim, damages or other liability, whether in an action of contract,
* tort or otherwise, arising in any way out of the use or other dealings or in
* connection with the source code and any functionality deriving from it.
*/import {
SafeERC20
} from"@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import { IERC20 } from"@openzeppelin/contracts/token/ERC20/IERC20.sol";
import { IWrap } from"./interfaces/IWrap.sol";
import { IWrapDepositRedeem } from"./interfaces/IWrapDepositRedeem.sol";
import { Multisig } from"./libraries/Multisig.sol";
import { Wrap } from"./Wrap.sol";
contractWrapDepositRedeemisIWrapDepositRedeem, Wrap{
usingMultisigforMultisig.DualMultisig;
usingSafeERC20forIERC20;
constructor(
Multisig.Config memory config,
uint16 _validatorFeeBPS
) Wrap(config, _validatorFeeBPS) {}
/// @dev Internal function to calculate the deposit fees.functiondepositFees(uint256) internalpurereturns (uint256 fee) {
return0;
}
/// @inheritdoc WrapfunctiononDeposit(address token,
uint256 amount
) internalvirtualoverridereturns (uint256) {
IERC20(token).safeTransferFrom(msg.sender, address(this), amount);
return depositFees(amount);
}
/// @inheritdoc WrapfunctiononExecute(address token,
uint256 amount,
address to
)
internalvirtualoverridereturns (uint256 totalFee, uint256 validatorFee)
{
totalFee = validatorFee = calculateFee(amount, validatorFeeBPS);
IERC20(token).safeTransfer(to, amount - totalFee);
}
/// @inheritdoc WrapfunctiononMigrate(address _newContract) internaloverride{
// Transfer all the token reserves to the new contract.// Notice that this will also transfer all the validator fees.// Therefore, either the new bridge should respect the existing validator fees or// all the validator fees must be claimed before the migration.for (uint256 i =0; i < tokens.length; i++) {
address token = tokens[i];
uint256 tokenBalance = IERC20(token).balanceOf(address(this));
IERC20(token).safeTransfer(_newContract, tokenBalance);
}
}
/// @inheritdoc IWrapDepositRedeemfunctionaddToken(address token,
address mirrorToken,
TokenInfo calldata tokenInfo
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
_addToken(token, mirrorToken, tokenInfo);
}
}
Contract Source Code
File 18 of 18: draft-IERC20Permit.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/draft-IERC20Permit.sol)pragmasolidity ^0.8.0;/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/interfaceIERC20Permit{
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*/functionpermit(address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/functionnonces(address owner) externalviewreturns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/// solhint-disable-next-line func-name-mixedcasefunctionDOMAIN_SEPARATOR() externalviewreturns (bytes32);
}
