// SPDX-License-Identifier: Unlicense/*
* @title Solidity Bytes Arrays Utils
* @author Gonçalo Sá <goncalo.sa@consensys.net>
*
* @dev Bytes tightly packed arrays utility library for ethereum contracts written in Solidity.
* The library lets you concatenate, slice and type cast bytes arrays both in memory and storage.
*/pragmasolidity >=0.8.0 <0.9.0;libraryBytesLib{
functionconcat(bytesmemory _preBytes,
bytesmemory _postBytes
)
internalpurereturns (bytesmemory)
{
bytesmemory tempBytes;
assembly {
// Get a location of some free memory and store it in tempBytes as// Solidity does for memory variables.
tempBytes :=mload(0x40)
// Store the length of the first bytes array at the beginning of// the memory for tempBytes.let length :=mload(_preBytes)
mstore(tempBytes, length)
// Maintain a memory counter for the current write location in the// temp bytes array by adding the 32 bytes for the array length to// the starting location.let mc :=add(tempBytes, 0x20)
// Stop copying when the memory counter reaches the length of the// first bytes array.let end :=add(mc, length)
for {
// Initialize a copy counter to the start of the _preBytes data,// 32 bytes into its memory.let cc :=add(_preBytes, 0x20)
} lt(mc, end) {
// Increase both counters by 32 bytes each iteration.
mc :=add(mc, 0x20)
cc :=add(cc, 0x20)
} {
// Write the _preBytes data into the tempBytes memory 32 bytes// at a time.mstore(mc, mload(cc))
}
// Add the length of _postBytes to the current length of tempBytes// and store it as the new length in the first 32 bytes of the// tempBytes memory.
length :=mload(_postBytes)
mstore(tempBytes, add(length, mload(tempBytes)))
// Move the memory counter back from a multiple of 0x20 to the// actual end of the _preBytes data.
mc := end
// Stop copying when the memory counter reaches the new combined// length of the arrays.
end :=add(mc, length)
for {
let cc :=add(_postBytes, 0x20)
} lt(mc, end) {
mc :=add(mc, 0x20)
cc :=add(cc, 0x20)
} {
mstore(mc, mload(cc))
}
// Update the free-memory pointer by padding our last write location// to 32 bytes: add 31 bytes to the end of tempBytes to move to the// next 32 byte block, then round down to the nearest multiple of// 32. If the sum of the length of the two arrays is zero then add// one before rounding down to leave a blank 32 bytes (the length block with 0).mstore(0x40, and(
add(add(end, iszero(add(length, mload(_preBytes)))), 31),
not(31) // Round down to the nearest 32 bytes.
))
}
return tempBytes;
}
functionconcatStorage(bytesstorage _preBytes, bytesmemory _postBytes) internal{
assembly {
// Read the first 32 bytes of _preBytes storage, which is the length// of the array. (We don't need to use the offset into the slot// because arrays use the entire slot.)let fslot :=sload(_preBytes.slot)
// Arrays of 31 bytes or less have an even value in their slot,// while longer arrays have an odd value. The actual length is// the slot divided by two for odd values, and the lowest order// byte divided by two for even values.// If the slot is even, bitwise and the slot with 255 and divide by// two to get the length. If the slot is odd, bitwise and the slot// with -1 and divide by two.let slength :=div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)
let mlength :=mload(_postBytes)
let newlength :=add(slength, mlength)
// slength can contain both the length and contents of the array// if length < 32 bytes so let's prepare for that// v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storageswitchadd(lt(slength, 32), lt(newlength, 32))
case2 {
// Since the new array still fits in the slot, we just need to// update the contents of the slot.// uint256(bytes_storage) = uint256(bytes_storage) + uint256(bytes_memory) + new_lengthsstore(
_preBytes.slot,
// all the modifications to the slot are inside this// next blockadd(
// we can just add to the slot contents because the// bytes we want to change are the LSBs
fslot,
add(
mul(
div(
// load the bytes from memorymload(add(_postBytes, 0x20)),
// zero all bytes to the rightexp(0x100, sub(32, mlength))
),
// and now shift left the number of bytes to// leave space for the length in the slotexp(0x100, sub(32, newlength))
),
// increase length by the double of the memory// bytes lengthmul(mlength, 2)
)
)
)
}
case1 {
// The stored value fits in the slot, but the combined value// will exceed it.// get the keccak hash to get the contents of the arraymstore(0x0, _preBytes.slot)
let sc :=add(keccak256(0x0, 0x20), div(slength, 32))
// save new lengthsstore(_preBytes.slot, add(mul(newlength, 2), 1))
// The contents of the _postBytes array start 32 bytes into// the structure. Our first read should obtain the `submod`// bytes that can fit into the unused space in the last word// of the stored array. To get this, we read 32 bytes starting// from `submod`, so the data we read overlaps with the array// contents by `submod` bytes. Masking the lowest-order// `submod` bytes allows us to add that value directly to the// stored value.let submod :=sub(32, slength)
let mc :=add(_postBytes, submod)
let end :=add(_postBytes, mlength)
let mask :=sub(exp(0x100, submod), 1)
sstore(
sc,
add(
and(
fslot,
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00
),
and(mload(mc), mask)
)
)
for {
mc :=add(mc, 0x20)
sc :=add(sc, 1)
} lt(mc, end) {
sc :=add(sc, 1)
mc :=add(mc, 0x20)
} {
sstore(sc, mload(mc))
}
mask :=exp(0x100, sub(mc, end))
sstore(sc, mul(div(mload(mc), mask), mask))
}
default {
// get the keccak hash to get the contents of the arraymstore(0x0, _preBytes.slot)
// Start copying to the last used word of the stored array.let sc :=add(keccak256(0x0, 0x20), div(slength, 32))
// save new lengthsstore(_preBytes.slot, add(mul(newlength, 2), 1))
// Copy over the first `submod` bytes of the new data as in// case 1 above.let slengthmod :=mod(slength, 32)
let mlengthmod :=mod(mlength, 32)
let submod :=sub(32, slengthmod)
let mc :=add(_postBytes, submod)
let end :=add(_postBytes, mlength)
let mask :=sub(exp(0x100, submod), 1)
sstore(sc, add(sload(sc), and(mload(mc), mask)))
for {
sc :=add(sc, 1)
mc :=add(mc, 0x20)
} lt(mc, end) {
sc :=add(sc, 1)
mc :=add(mc, 0x20)
} {
sstore(sc, mload(mc))
}
mask :=exp(0x100, sub(mc, end))
sstore(sc, mul(div(mload(mc), mask), mask))
}
}
}
functionslice(bytesmemory _bytes,
uint256 _start,
uint256 _length
)
internalpurereturns (bytesmemory)
{
require(_length +31>= _length, "slice_overflow");
require(_bytes.length>= _start + _length, "slice_outOfBounds");
bytesmemory tempBytes;
assembly {
switchiszero(_length)
case0 {
// Get a location of some free memory and store it in tempBytes as// Solidity does for memory variables.
tempBytes :=mload(0x40)
// The first word of the slice result is potentially a partial// word read from the original array. To read it, we calculate// the length of that partial word and start copying that many// bytes into the array. The first word we copy will start with// data we don't care about, but the last `lengthmod` bytes will// land at the beginning of the contents of the new array. When// we're done copying, we overwrite the full first word with// the actual length of the slice.let lengthmod :=and(_length, 31)
// The multiplication in the next line is necessary// because when slicing multiples of 32 bytes (lengthmod == 0)// the following copy loop was copying the origin's length// and then ending prematurely not copying everything it should.let mc :=add(add(tempBytes, lengthmod), mul(0x20, iszero(lengthmod)))
let end :=add(mc, _length)
for {
// The multiplication in the next line has the same exact purpose// as the one above.let cc :=add(add(add(_bytes, lengthmod), mul(0x20, iszero(lengthmod))), _start)
} lt(mc, end) {
mc :=add(mc, 0x20)
cc :=add(cc, 0x20)
} {
mstore(mc, mload(cc))
}
mstore(tempBytes, _length)
//update free-memory pointer//allocating the array padded to 32 bytes like the compiler does nowmstore(0x40, and(add(mc, 31), not(31)))
}
//if we want a zero-length slice let's just return a zero-length arraydefault {
tempBytes :=mload(0x40)
//zero out the 32 bytes slice we are about to return//we need to do it because Solidity does not garbage collectmstore(tempBytes, 0)
mstore(0x40, add(tempBytes, 0x20))
}
}
return tempBytes;
}
functiontoAddress(bytesmemory _bytes, uint256 _start) internalpurereturns (address) {
require(_bytes.length>= _start +20, "toAddress_outOfBounds");
address tempAddress;
assembly {
tempAddress :=div(mload(add(add(_bytes, 0x20), _start)), 0x1000000000000000000000000)
}
return tempAddress;
}
functiontoUint8(bytesmemory _bytes, uint256 _start) internalpurereturns (uint8) {
require(_bytes.length>= _start +1 , "toUint8_outOfBounds");
uint8 tempUint;
assembly {
tempUint :=mload(add(add(_bytes, 0x1), _start))
}
return tempUint;
}
functiontoUint16(bytesmemory _bytes, uint256 _start) internalpurereturns (uint16) {
require(_bytes.length>= _start +2, "toUint16_outOfBounds");
uint16 tempUint;
assembly {
tempUint :=mload(add(add(_bytes, 0x2), _start))
}
return tempUint;
}
functiontoUint32(bytesmemory _bytes, uint256 _start) internalpurereturns (uint32) {
require(_bytes.length>= _start +4, "toUint32_outOfBounds");
uint32 tempUint;
assembly {
tempUint :=mload(add(add(_bytes, 0x4), _start))
}
return tempUint;
}
functiontoUint64(bytesmemory _bytes, uint256 _start) internalpurereturns (uint64) {
require(_bytes.length>= _start +8, "toUint64_outOfBounds");
uint64 tempUint;
assembly {
tempUint :=mload(add(add(_bytes, 0x8), _start))
}
return tempUint;
}
functiontoUint96(bytesmemory _bytes, uint256 _start) internalpurereturns (uint96) {
require(_bytes.length>= _start +12, "toUint96_outOfBounds");
uint96 tempUint;
assembly {
tempUint :=mload(add(add(_bytes, 0xc), _start))
}
return tempUint;
}
functiontoUint128(bytesmemory _bytes, uint256 _start) internalpurereturns (uint128) {
require(_bytes.length>= _start +16, "toUint128_outOfBounds");
uint128 tempUint;
assembly {
tempUint :=mload(add(add(_bytes, 0x10), _start))
}
return tempUint;
}
functiontoUint256(bytesmemory _bytes, uint256 _start) internalpurereturns (uint256) {
require(_bytes.length>= _start +32, "toUint256_outOfBounds");
uint256 tempUint;
assembly {
tempUint :=mload(add(add(_bytes, 0x20), _start))
}
return tempUint;
}
functiontoBytes32(bytesmemory _bytes, uint256 _start) internalpurereturns (bytes32) {
require(_bytes.length>= _start +32, "toBytes32_outOfBounds");
bytes32 tempBytes32;
assembly {
tempBytes32 :=mload(add(add(_bytes, 0x20), _start))
}
return tempBytes32;
}
functionequal(bytesmemory _preBytes, bytesmemory _postBytes) internalpurereturns (bool) {
bool success =true;
assembly {
let length :=mload(_preBytes)
// if lengths don't match the arrays are not equalswitcheq(length, mload(_postBytes))
case1 {
// cb is a circuit breaker in the for loop since there's// no said feature for inline assembly loops// cb = 1 - don't breaker// cb = 0 - breaklet cb :=1let mc :=add(_preBytes, 0x20)
let end :=add(mc, length)
for {
let cc :=add(_postBytes, 0x20)
// the next line is the loop condition:// while(uint256(mc < end) + cb == 2)
} eq(add(lt(mc, end), cb), 2) {
mc :=add(mc, 0x20)
cc :=add(cc, 0x20)
} {
// if any of these checks fails then arrays are not equalifiszero(eq(mload(mc), mload(cc))) {
// unsuccess:
success :=0
cb :=0
}
}
}
default {
// unsuccess:
success :=0
}
}
return success;
}
functionequalStorage(bytesstorage _preBytes,
bytesmemory _postBytes
)
internalviewreturns (bool)
{
bool success =true;
assembly {
// we know _preBytes_offset is 0let fslot :=sload(_preBytes.slot)
// Decode the length of the stored array like in concatStorage().let slength :=div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)
let mlength :=mload(_postBytes)
// if lengths don't match the arrays are not equalswitcheq(slength, mlength)
case1 {
// slength can contain both the length and contents of the array// if length < 32 bytes so let's prepare for that// v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storageifiszero(iszero(slength)) {
switchlt(slength, 32)
case1 {
// blank the last byte which is the length
fslot :=mul(div(fslot, 0x100), 0x100)
ifiszero(eq(fslot, mload(add(_postBytes, 0x20)))) {
// unsuccess:
success :=0
}
}
default {
// cb is a circuit breaker in the for loop since there's// no said feature for inline assembly loops// cb = 1 - don't breaker// cb = 0 - breaklet cb :=1// get the keccak hash to get the contents of the arraymstore(0x0, _preBytes.slot)
let sc :=keccak256(0x0, 0x20)
let mc :=add(_postBytes, 0x20)
let end :=add(mc, mlength)
// the next line is the loop condition:// while(uint256(mc < end) + cb == 2)for {} eq(add(lt(mc, end), cb), 2) {
sc :=add(sc, 1)
mc :=add(mc, 0x20)
} {
ifiszero(eq(sload(sc), mload(mc))) {
// unsuccess:
success :=0
cb :=0
}
}
}
}
}
default {
// unsuccess:
success :=0
}
}
return success;
}
}
Contract Source Code
File 3 of 26: Context.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)pragmasolidity ^0.8.0;/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/abstractcontractContext{
function_msgSender() internalviewvirtualreturns (address) {
returnmsg.sender;
}
function_msgData() internalviewvirtualreturns (bytescalldata) {
returnmsg.data;
}
}
Contract Source Code
File 4 of 26: ERC165.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (utils/introspection/ERC165.sol)pragmasolidity ^0.8.0;import"./IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*
* Alternatively, {ERC165Storage} provides an easier to use but more expensive implementation.
*/abstractcontractERC165isIERC165{
/**
* @dev See {IERC165-supportsInterface}.
*/functionsupportsInterface(bytes4 interfaceId) publicviewvirtualoverridereturns (bool) {
return interfaceId ==type(IERC165).interfaceId;
}
}
Contract Source Code
File 5 of 26: ERC20.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/ERC20.sol)pragmasolidity ^0.8.0;import"./IERC20.sol";
import"./extensions/IERC20Metadata.sol";
import"../../utils/Context.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/contractERC20isContext, IERC20, IERC20Metadata{
mapping(address=>uint256) private _balances;
mapping(address=>mapping(address=>uint256)) private _allowances;
uint256private _totalSupply;
stringprivate _name;
stringprivate _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* The default value of {decimals} is 18. To select a different value for
* {decimals} you should overload it.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/constructor(stringmemory name_, stringmemory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/functionname() publicviewvirtualoverridereturns (stringmemory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/functionsymbol() publicviewvirtualoverridereturns (stringmemory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless this function is
* overridden;
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/functiondecimals() publicviewvirtualoverridereturns (uint8) {
return18;
}
/**
* @dev See {IERC20-totalSupply}.
*/functiontotalSupply() publicviewvirtualoverridereturns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/functionbalanceOf(address account) publicviewvirtualoverridereturns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/functiontransfer(address to, uint256 amount) publicvirtualoverridereturns (bool) {
address owner = _msgSender();
_transfer(owner, to, amount);
returntrue;
}
/**
* @dev See {IERC20-allowance}.
*/functionallowance(address owner, address spender) publicviewvirtualoverridereturns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionapprove(address spender, uint256 amount) publicvirtualoverridereturns (bool) {
address owner = _msgSender();
_approve(owner, spender, amount);
returntrue;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
* - the caller must have allowance for ``from``'s tokens of at least
* `amount`.
*/functiontransferFrom(addressfrom,
address to,
uint256 amount
) publicvirtualoverridereturns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, amount);
_transfer(from, to, amount);
returntrue;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionincreaseAllowance(address spender, uint256 addedValue) publicvirtualreturns (bool) {
address owner = _msgSender();
_approve(owner, spender, allowance(owner, spender) + addedValue);
returntrue;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/functiondecreaseAllowance(address spender, uint256 subtractedValue) publicvirtualreturns (bool) {
address owner = _msgSender();
uint256 currentAllowance = allowance(owner, spender);
require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
unchecked {
_approve(owner, spender, currentAllowance - subtractedValue);
}
returntrue;
}
/**
* @dev Moves `amount` of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
*/function_transfer(addressfrom,
address to,
uint256 amount
) internalvirtual{
require(from!=address(0), "ERC20: transfer from the zero address");
require(to !=address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(from, to, amount);
uint256 fromBalance = _balances[from];
require(fromBalance >= amount, "ERC20: transfer amount exceeds balance");
unchecked {
_balances[from] = fromBalance - amount;
// Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by// decrementing then incrementing.
_balances[to] += amount;
}
emit Transfer(from, to, amount);
_afterTokenTransfer(from, to, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/function_mint(address account, uint256 amount) internalvirtual{
require(account !=address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply += amount;
unchecked {
// Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
_balances[account] += amount;
}
emit Transfer(address(0), account, amount);
_afterTokenTransfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/function_burn(address account, uint256 amount) internalvirtual{
require(account !=address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
uint256 accountBalance = _balances[account];
require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
unchecked {
_balances[account] = accountBalance - amount;
// Overflow not possible: amount <= accountBalance <= totalSupply.
_totalSupply -= amount;
}
emit Transfer(account, address(0), amount);
_afterTokenTransfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/function_approve(address owner,
address spender,
uint256 amount
) internalvirtual{
require(owner !=address(0), "ERC20: approve from the zero address");
require(spender !=address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `amount`.
*
* Does not update the allowance amount in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Might emit an {Approval} event.
*/function_spendAllowance(address owner,
address spender,
uint256 amount
) internalvirtual{
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance !=type(uint256).max) {
require(currentAllowance >= amount, "ERC20: insufficient allowance");
unchecked {
_approve(owner, spender, currentAllowance - amount);
}
}
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/function_beforeTokenTransfer(addressfrom,
address to,
uint256 amount
) internalvirtual{}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* has been transferred to `to`.
* - when `from` is zero, `amount` tokens have been minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens have been burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/function_afterTokenTransfer(addressfrom,
address to,
uint256 amount
) internalvirtual{}
}
Contract Source Code
File 6 of 26: ExcessivelySafeCall.sol
// SPDX-License-Identifier: MIT OR Apache-2.0pragmasolidity >=0.7.6;libraryExcessivelySafeCall{
uint256constant LOW_28_MASK =0x00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffff;
/// @notice Use when you _really_ really _really_ don't trust the called/// contract. This prevents the called contract from causing reversion of/// the caller in as many ways as we can./// @dev The main difference between this and a solidity low-level call is/// that we limit the number of bytes that the callee can cause to be/// copied to caller memory. This prevents stupid things like malicious/// contracts returning 10,000,000 bytes causing a local OOG when copying/// to memory./// @param _target The address to call/// @param _gas The amount of gas to forward to the remote contract/// @param _maxCopy The maximum number of bytes of returndata to copy/// to memory./// @param _calldata The data to send to the remote contract/// @return success and returndata, as `.call()`. Returndata is capped to/// `_maxCopy` bytes.functionexcessivelySafeCall(address _target,
uint256 _gas,
uint16 _maxCopy,
bytesmemory _calldata
) internalreturns (bool, bytesmemory) {
// set up for assembly calluint256 _toCopy;
bool _success;
bytesmemory _returnData =newbytes(_maxCopy);
// dispatch message to recipient// by assembly calling "handle" function// we call via assembly to avoid memcopying a very large returndata// returned by a malicious contractassembly {
_success :=call(
_gas, // gas
_target, // recipient0, // ether valueadd(_calldata, 0x20), // inlocmload(_calldata), // inlen0, // outloc0// outlen
)
// limit our copy to 256 bytes
_toCopy :=returndatasize()
ifgt(_toCopy, _maxCopy) {
_toCopy := _maxCopy
}
// Store the length of the copied bytesmstore(_returnData, _toCopy)
// copy the bytes from returndata[0:_toCopy]returndatacopy(add(_returnData, 0x20), 0, _toCopy)
}
return (_success, _returnData);
}
/// @notice Use when you _really_ really _really_ don't trust the called/// contract. This prevents the called contract from causing reversion of/// the caller in as many ways as we can./// @dev The main difference between this and a solidity low-level call is/// that we limit the number of bytes that the callee can cause to be/// copied to caller memory. This prevents stupid things like malicious/// contracts returning 10,000,000 bytes causing a local OOG when copying/// to memory./// @param _target The address to call/// @param _gas The amount of gas to forward to the remote contract/// @param _maxCopy The maximum number of bytes of returndata to copy/// to memory./// @param _calldata The data to send to the remote contract/// @return success and returndata, as `.call()`. Returndata is capped to/// `_maxCopy` bytes.functionexcessivelySafeStaticCall(address _target,
uint256 _gas,
uint16 _maxCopy,
bytesmemory _calldata
) internalviewreturns (bool, bytesmemory) {
// set up for assembly calluint256 _toCopy;
bool _success;
bytesmemory _returnData =newbytes(_maxCopy);
// dispatch message to recipient// by assembly calling "handle" function// we call via assembly to avoid memcopying a very large returndata// returned by a malicious contractassembly {
_success :=staticcall(
_gas, // gas
_target, // recipientadd(_calldata, 0x20), // inlocmload(_calldata), // inlen0, // outloc0// outlen
)
// limit our copy to 256 bytes
_toCopy :=returndatasize()
ifgt(_toCopy, _maxCopy) {
_toCopy := _maxCopy
}
// Store the length of the copied bytesmstore(_returnData, _toCopy)
// copy the bytes from returndata[0:_toCopy]returndatacopy(add(_returnData, 0x20), 0, _toCopy)
}
return (_success, _returnData);
}
/**
* @notice Swaps function selectors in encoded contract calls
* @dev Allows reuse of encoded calldata for functions with identical
* argument types but different names. It simply swaps out the first 4 bytes
* for the new selector. This function modifies memory in place, and should
* only be used with caution.
* @param _newSelector The new 4-byte selector
* @param _buf The encoded contract args
*/functionswapSelector(bytes4 _newSelector, bytesmemory _buf)
internalpure{
require(_buf.length>=4);
uint256 _mask = LOW_28_MASK;
assembly {
// load the first word oflet _word :=mload(add(_buf, 0x20))
// mask out the top 4 bytes// /x
_word :=and(_word, _mask)
_word :=or(_newSelector, _word)
mstore(add(_buf, 0x20), _word)
}
}
}
Contract Source Code
File 7 of 26: IERC165.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (utils/introspection/IERC165.sol)pragmasolidity ^0.8.0;/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/interfaceIERC165{
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/functionsupportsInterface(bytes4 interfaceId) externalviewreturns (bool);
}
Contract Source Code
File 8 of 26: IERC20.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)pragmasolidity ^0.8.0;/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/interfaceIERC20{
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/eventTransfer(addressindexedfrom, addressindexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/eventApproval(addressindexed owner, addressindexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/functiontotalSupply() externalviewreturns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/functionbalanceOf(address account) externalviewreturns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransfer(address to, uint256 amount) externalreturns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/functionallowance(address owner, address spender) externalviewreturns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/functionapprove(address spender, uint256 amount) externalreturns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransferFrom(addressfrom,
address to,
uint256 amount
) externalreturns (bool);
}
Contract Source Code
File 9 of 26: IERC20Metadata.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)pragmasolidity ^0.8.0;import"../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*
* _Available since v4.1._
*/interfaceIERC20MetadataisIERC20{
/**
* @dev Returns the name of the token.
*/functionname() externalviewreturns (stringmemory);
/**
* @dev Returns the symbol of the token.
*/functionsymbol() externalviewreturns (stringmemory);
/**
* @dev Returns the decimals places of the token.
*/functiondecimals() externalviewreturns (uint8);
}
// SPDX-License-Identifier: MITpragmasolidity >=0.5.0;import"./ILayerZeroUserApplicationConfig.sol";
interfaceILayerZeroEndpointisILayerZeroUserApplicationConfig{
// @notice send a LayerZero message to the specified address at a LayerZero endpoint.// @param _dstChainId - the destination chain identifier// @param _destination - the address on destination chain (in bytes). address length/format may vary by chains// @param _payload - a custom bytes payload to send to the destination contract// @param _refundAddress - if the source transaction is cheaper than the amount of value passed, refund the additional amount to this address// @param _zroPaymentAddress - the address of the ZRO token holder who would pay for the transaction// @param _adapterParams - parameters for custom functionality. e.g. receive airdropped native gas from the relayer on destinationfunctionsend(uint16 _dstChainId, bytescalldata _destination, bytescalldata _payload, addresspayable _refundAddress, address _zroPaymentAddress, bytescalldata _adapterParams) externalpayable;
// @notice used by the messaging library to publish verified payload// @param _srcChainId - the source chain identifier// @param _srcAddress - the source contract (as bytes) at the source chain// @param _dstAddress - the address on destination chain// @param _nonce - the unbound message ordering nonce// @param _gasLimit - the gas limit for external contract execution// @param _payload - verified payload to send to the destination contractfunctionreceivePayload(uint16 _srcChainId, bytescalldata _srcAddress, address _dstAddress, uint64 _nonce, uint _gasLimit, bytescalldata _payload) external;
// @notice get the inboundNonce of a lzApp from a source chain which could be EVM or non-EVM chain// @param _srcChainId - the source chain identifier// @param _srcAddress - the source chain contract addressfunctiongetInboundNonce(uint16 _srcChainId, bytescalldata _srcAddress) externalviewreturns (uint64);
// @notice get the outboundNonce from this source chain which, consequently, is always an EVM// @param _srcAddress - the source chain contract addressfunctiongetOutboundNonce(uint16 _dstChainId, address _srcAddress) externalviewreturns (uint64);
// @notice gets a quote in source native gas, for the amount that send() requires to pay for message delivery// @param _dstChainId - the destination chain identifier// @param _userApplication - the user app address on this EVM chain// @param _payload - the custom message to send over LayerZero// @param _payInZRO - if false, user app pays the protocol fee in native token// @param _adapterParam - parameters for the adapter service, e.g. send some dust native token to dstChainfunctionestimateFees(uint16 _dstChainId, address _userApplication, bytescalldata _payload, bool _payInZRO, bytescalldata _adapterParam) externalviewreturns (uint nativeFee, uint zroFee);
// @notice get this Endpoint's immutable source identifierfunctiongetChainId() externalviewreturns (uint16);
// @notice the interface to retry failed message on this Endpoint destination// @param _srcChainId - the source chain identifier// @param _srcAddress - the source chain contract address// @param _payload - the payload to be retriedfunctionretryPayload(uint16 _srcChainId, bytescalldata _srcAddress, bytescalldata _payload) external;
// @notice query if any STORED payload (message blocking) at the endpoint.// @param _srcChainId - the source chain identifier// @param _srcAddress - the source chain contract addressfunctionhasStoredPayload(uint16 _srcChainId, bytescalldata _srcAddress) externalviewreturns (bool);
// @notice query if the _libraryAddress is valid for sending msgs.// @param _userApplication - the user app address on this EVM chainfunctiongetSendLibraryAddress(address _userApplication) externalviewreturns (address);
// @notice query if the _libraryAddress is valid for receiving msgs.// @param _userApplication - the user app address on this EVM chainfunctiongetReceiveLibraryAddress(address _userApplication) externalviewreturns (address);
// @notice query if the non-reentrancy guard for send() is on// @return true if the guard is on. false otherwisefunctionisSendingPayload() externalviewreturns (bool);
// @notice query if the non-reentrancy guard for receive() is on// @return true if the guard is on. false otherwisefunctionisReceivingPayload() externalviewreturns (bool);
// @notice get the configuration of the LayerZero messaging library of the specified version// @param _version - messaging library version// @param _chainId - the chainId for the pending config change// @param _userApplication - the contract address of the user application// @param _configType - type of configuration. every messaging library has its own convention.functiongetConfig(uint16 _version, uint16 _chainId, address _userApplication, uint _configType) externalviewreturns (bytesmemory);
// @notice get the send() LayerZero messaging library version// @param _userApplication - the contract address of the user applicationfunctiongetSendVersion(address _userApplication) externalviewreturns (uint16);
// @notice get the lzReceive() LayerZero messaging library version// @param _userApplication - the contract address of the user applicationfunctiongetReceiveVersion(address _userApplication) externalviewreturns (uint16);
}
Contract Source Code
File 14 of 26: ILayerZeroReceiver.sol
// SPDX-License-Identifier: MITpragmasolidity >=0.5.0;interfaceILayerZeroReceiver{
// @notice LayerZero endpoint will invoke this function to deliver the message on the destination// @param _srcChainId - the source endpoint identifier// @param _srcAddress - the source sending contract address from the source chain// @param _nonce - the ordered message nonce// @param _payload - the signed payload is the UA bytes has encoded to be sentfunctionlzReceive(uint16 _srcChainId, bytescalldata _srcAddress, uint64 _nonce, bytescalldata _payload) external;
}
Contract Source Code
File 15 of 26: ILayerZeroUserApplicationConfig.sol
// SPDX-License-Identifier: MITpragmasolidity >=0.5.0;interfaceILayerZeroUserApplicationConfig{
// @notice set the configuration of the LayerZero messaging library of the specified version// @param _version - messaging library version// @param _chainId - the chainId for the pending config change// @param _configType - type of configuration. every messaging library has its own convention.// @param _config - configuration in the bytes. can encode arbitrary content.functionsetConfig(uint16 _version, uint16 _chainId, uint _configType, bytescalldata _config) external;
// @notice set the send() LayerZero messaging library version to _version// @param _version - new messaging library versionfunctionsetSendVersion(uint16 _version) external;
// @notice set the lzReceive() LayerZero messaging library version to _version// @param _version - new messaging library versionfunctionsetReceiveVersion(uint16 _version) external;
// @notice Only when the UA needs to resume the message flow in blocking mode and clear the stored payload// @param _srcChainId - the chainId of the source chain// @param _srcAddress - the contract address of the source contract at the source chainfunctionforceResumeReceive(uint16 _srcChainId, bytescalldata _srcAddress) external;
}
Contract Source Code
File 16 of 26: IOFT.sol
// SPDX-License-Identifier: MITpragmasolidity >=0.5.0;import"./IOFTCore.sol";
import"@openzeppelin/contracts/token/ERC20/IERC20.sol";
/**
* @dev Interface of the OFT standard
*/interfaceIOFTisIOFTCore, IERC20{
}
Contract Source Code
File 17 of 26: IOFTCore.sol
// SPDX-License-Identifier: MITpragmasolidity >=0.5.0;import"@openzeppelin/contracts/utils/introspection/IERC165.sol";
/**
* @dev Interface of the IOFT core standard
*/interfaceIOFTCoreisIERC165{
/**
* @dev estimate send token `_tokenId` to (`_dstChainId`, `_toAddress`)
* _dstChainId - L0 defined chain id to send tokens too
* _toAddress - dynamic bytes array which contains the address to whom you are sending tokens to on the dstChain
* _amount - amount of the tokens to transfer
* _useZro - indicates to use zro to pay L0 fees
* _adapterParam - flexible bytes array to indicate messaging adapter services in L0
*/functionestimateSendFee(uint16 _dstChainId, bytescalldata _toAddress, uint _amount, bool _useZro, bytescalldata _adapterParams) externalviewreturns (uint nativeFee, uint zroFee);
/**
* @dev send `_amount` amount of token to (`_dstChainId`, `_toAddress`) from `_from`
* `_from` the owner of token
* `_dstChainId` the destination chain identifier
* `_toAddress` can be any size depending on the `dstChainId`.
* `_amount` the quantity of tokens in wei
* `_refundAddress` the address LayerZero refunds if too much message fee is sent
* `_zroPaymentAddress` set to address(0x0) if not paying in ZRO (LayerZero Token)
* `_adapterParams` is a flexible bytes array to indicate messaging adapter services
*/functionsendFrom(address _from, uint16 _dstChainId, bytescalldata _toAddress, uint _amount, addresspayable _refundAddress, address _zroPaymentAddress, bytescalldata _adapterParams) externalpayable;
/**
* @dev returns the circulating amount of tokens on current chain
*/functioncirculatingSupply() externalviewreturns (uint);
/**
* @dev returns the address of the ERC20 token
*/functiontoken() externalviewreturns (address);
/**
* @dev Emitted when `_amount` tokens are moved from the `_sender` to (`_dstChainId`, `_toAddress`)
* `_nonce` is the outbound nonce
*/eventSendToChain(uint16indexed _dstChainId, addressindexed _from, bytes _toAddress, uint _amount);
/**
* @dev Emitted when `_amount` tokens are received from `_srcChainId` into the `_toAddress` on the local chain.
* `_nonce` is the inbound nonce.
*/eventReceiveFromChain(uint16indexed _srcChainId, addressindexed _to, uint _amount);
eventSetUseCustomAdapterParams(bool _useCustomAdapterParams);
}
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import"@openzeppelin/contracts/access/Ownable.sol";
import"../interfaces/ILayerZeroReceiver.sol";
import"../interfaces/ILayerZeroUserApplicationConfig.sol";
import"../interfaces/ILayerZeroEndpoint.sol";
import"../util/BytesLib.sol";
/*
* a generic LzReceiver implementation
*/abstractcontractLzAppisOwnable, ILayerZeroReceiver, ILayerZeroUserApplicationConfig{
usingBytesLibforbytes;
// ua can not send payload larger than this by default, but it can be changed by the ua owneruintconstantpublic DEFAULT_PAYLOAD_SIZE_LIMIT =10000;
ILayerZeroEndpoint publicimmutable lzEndpoint;
mapping(uint16=>bytes) public trustedRemoteLookup;
mapping(uint16=>mapping(uint16=>uint)) public minDstGasLookup;
mapping(uint16=>uint) public payloadSizeLimitLookup;
addresspublic precrime;
eventSetPrecrime(address precrime);
eventSetTrustedRemote(uint16 _remoteChainId, bytes _path);
eventSetTrustedRemoteAddress(uint16 _remoteChainId, bytes _remoteAddress);
eventSetMinDstGas(uint16 _dstChainId, uint16 _type, uint _minDstGas);
constructor(address _endpoint) {
lzEndpoint = ILayerZeroEndpoint(_endpoint);
}
functionlzReceive(uint16 _srcChainId, bytescalldata _srcAddress, uint64 _nonce, bytescalldata _payload) publicvirtualoverride{
// lzReceive must be called by the endpoint for securityrequire(_msgSender() ==address(lzEndpoint), "LzApp: invalid endpoint caller");
bytesmemory trustedRemote = trustedRemoteLookup[_srcChainId];
// if will still block the message pathway from (srcChainId, srcAddress). should not receive message from untrusted remote.require(_srcAddress.length== trustedRemote.length&& trustedRemote.length>0&&keccak256(_srcAddress) ==keccak256(trustedRemote), "LzApp: invalid source sending contract");
_blockingLzReceive(_srcChainId, _srcAddress, _nonce, _payload);
}
// abstract function - the default behaviour of LayerZero is blocking. See: NonblockingLzApp if you dont need to enforce ordered messagingfunction_blockingLzReceive(uint16 _srcChainId, bytesmemory _srcAddress, uint64 _nonce, bytesmemory _payload) internalvirtual;
function_lzSend(uint16 _dstChainId, bytesmemory _payload, addresspayable _refundAddress, address _zroPaymentAddress, bytesmemory _adapterParams, uint _nativeFee) internalvirtual{
bytesmemory trustedRemote = trustedRemoteLookup[_dstChainId];
require(trustedRemote.length!=0, "LzApp: destination chain is not a trusted source");
_checkPayloadSize(_dstChainId, _payload.length);
lzEndpoint.send{value: _nativeFee}(_dstChainId, trustedRemote, _payload, _refundAddress, _zroPaymentAddress, _adapterParams);
}
function_checkGasLimit(uint16 _dstChainId, uint16 _type, bytesmemory _adapterParams, uint _extraGas) internalviewvirtual{
uint providedGasLimit = _getGasLimit(_adapterParams);
uint minGasLimit = minDstGasLookup[_dstChainId][_type] + _extraGas;
require(minGasLimit >0, "LzApp: minGasLimit not set");
require(providedGasLimit >= minGasLimit, "LzApp: gas limit is too low");
}
function_getGasLimit(bytesmemory _adapterParams) internalpurevirtualreturns (uint gasLimit) {
require(_adapterParams.length>=34, "LzApp: invalid adapterParams");
assembly {
gasLimit :=mload(add(_adapterParams, 34))
}
}
function_checkPayloadSize(uint16 _dstChainId, uint _payloadSize) internalviewvirtual{
uint payloadSizeLimit = payloadSizeLimitLookup[_dstChainId];
if (payloadSizeLimit ==0) { // use default if not set
payloadSizeLimit = DEFAULT_PAYLOAD_SIZE_LIMIT;
}
require(_payloadSize <= payloadSizeLimit, "LzApp: payload size is too large");
}
//---------------------------UserApplication config----------------------------------------functiongetConfig(uint16 _version, uint16 _chainId, address, uint _configType) externalviewreturns (bytesmemory) {
return lzEndpoint.getConfig(_version, _chainId, address(this), _configType);
}
// generic config for LayerZero user ApplicationfunctionsetConfig(uint16 _version, uint16 _chainId, uint _configType, bytescalldata _config) externaloverrideonlyOwner{
lzEndpoint.setConfig(_version, _chainId, _configType, _config);
}
functionsetSendVersion(uint16 _version) externaloverrideonlyOwner{
lzEndpoint.setSendVersion(_version);
}
functionsetReceiveVersion(uint16 _version) externaloverrideonlyOwner{
lzEndpoint.setReceiveVersion(_version);
}
functionforceResumeReceive(uint16 _srcChainId, bytescalldata _srcAddress) externaloverrideonlyOwner{
lzEndpoint.forceResumeReceive(_srcChainId, _srcAddress);
}
// _path = abi.encodePacked(remoteAddress, localAddress)// this function set the trusted path for the cross-chain communicationfunctionsetTrustedRemote(uint16 _srcChainId, bytescalldata _path) externalonlyOwner{
trustedRemoteLookup[_srcChainId] = _path;
emit SetTrustedRemote(_srcChainId, _path);
}
functionsetTrustedRemoteAddress(uint16 _remoteChainId, bytescalldata _remoteAddress) externalonlyOwner{
trustedRemoteLookup[_remoteChainId] =abi.encodePacked(_remoteAddress, address(this));
emit SetTrustedRemoteAddress(_remoteChainId, _remoteAddress);
}
functiongetTrustedRemoteAddress(uint16 _remoteChainId) externalviewreturns (bytesmemory) {
bytesmemory path = trustedRemoteLookup[_remoteChainId];
require(path.length!=0, "LzApp: no trusted path record");
return path.slice(0, path.length-20); // the last 20 bytes should be address(this)
}
functionsetPrecrime(address _precrime) externalonlyOwner{
precrime = _precrime;
emit SetPrecrime(_precrime);
}
functionsetMinDstGas(uint16 _dstChainId, uint16 _packetType, uint _minGas) externalonlyOwner{
require(_minGas >0, "LzApp: invalid minGas");
minDstGasLookup[_dstChainId][_packetType] = _minGas;
emit SetMinDstGas(_dstChainId, _packetType, _minGas);
}
// if the size is 0, it means default size limitfunctionsetPayloadSizeLimit(uint16 _dstChainId, uint _size) externalonlyOwner{
payloadSizeLimitLookup[_dstChainId] = _size;
}
//--------------------------- VIEW FUNCTION ----------------------------------------functionisTrustedRemote(uint16 _srcChainId, bytescalldata _srcAddress) externalviewreturns (bool) {
bytesmemory trustedSource = trustedRemoteLookup[_srcChainId];
returnkeccak256(trustedSource) ==keccak256(_srcAddress);
}
}
Contract Source Code
File 21 of 26: Math.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/Math.sol)pragmasolidity ^0.8.0;/**
* @dev Standard math utilities missing in the Solidity language.
*/libraryMath{
enumRounding {
Down, // Toward negative infinity
Up, // Toward infinity
Zero // Toward zero
}
/**
* @dev Returns the largest of two numbers.
*/functionmax(uint256 a, uint256 b) internalpurereturns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/functionmin(uint256 a, uint256 b) internalpurereturns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/functionaverage(uint256 a, uint256 b) internalpurereturns (uint256) {
// (a + b) / 2 can overflow.return (a & b) + (a ^ b) /2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds up instead
* of rounding down.
*/functionceilDiv(uint256 a, uint256 b) internalpurereturns (uint256) {
// (a + b - 1) / b can overflow on addition, so we distribute.return a ==0 ? 0 : (a -1) / b +1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
* with further edits by Uniswap Labs also under MIT license.
*/functionmulDiv(uint256 x,
uint256 y,
uint256 denominator
) internalpurereturns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256// variables such that product = prod1 * 2^256 + prod0.uint256 prod0; // Least significant 256 bits of the productuint256 prod1; // Most significant 256 bits of the productassembly {
let mm :=mulmod(x, y, not(0))
prod0 :=mul(x, y)
prod1 :=sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.if (prod1 ==0) {
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.require(denominator > prod1);
///////////////////////////////////////////////// 512 by 256 division.///////////////////////////////////////////////// Make division exact by subtracting the remainder from [prod1 prod0].uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder :=mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 :=sub(prod1, gt(remainder, prod0))
prod0 :=sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.// See https://cs.stackexchange.com/q/138556/92363.// Does not overflow because the denominator cannot be zero at this stage in the function.uint256 twos = denominator & (~denominator +1);
assembly {
// Divide denominator by twos.
denominator :=div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 :=div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos :=add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for// four bits. That is, denominator * inv = 1 mod 2^4.uint256 inverse = (3* denominator) ^2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works// in modular arithmetic, doubling the correct bits in each step.
inverse *=2- denominator * inverse; // inverse mod 2^8
inverse *=2- denominator * inverse; // inverse mod 2^16
inverse *=2- denominator * inverse; // inverse mod 2^32
inverse *=2- denominator * inverse; // inverse mod 2^64
inverse *=2- denominator * inverse; // inverse mod 2^128
inverse *=2- denominator * inverse; // inverse mod 2^256// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/functionmulDiv(uint256 x,
uint256 y,
uint256 denominator,
Rounding rounding
) internalpurereturns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (rounding == Rounding.Up &&mulmod(x, y, denominator) >0) {
result +=1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/functionsqrt(uint256 a) internalpurereturns (uint256) {
if (a ==0) {
return0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.//// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.//// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`//// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.uint256 result =1<< (log2(a) >>1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision// into the expected uint128 result.unchecked {
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/functionsqrt(uint256 a, Rounding rounding) internalpurereturns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2, rounded down, of a positive value.
* Returns 0 if given 0.
*/functionlog2(uint256 value) internalpurereturns (uint256) {
uint256 result =0;
unchecked {
if (value >>128>0) {
value >>=128;
result +=128;
}
if (value >>64>0) {
value >>=64;
result +=64;
}
if (value >>32>0) {
value >>=32;
result +=32;
}
if (value >>16>0) {
value >>=16;
result +=16;
}
if (value >>8>0) {
value >>=8;
result +=8;
}
if (value >>4>0) {
value >>=4;
result +=4;
}
if (value >>2>0) {
value >>=2;
result +=2;
}
if (value >>1>0) {
result +=1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/functionlog2(uint256 value, Rounding rounding) internalpurereturns (uint256) {
unchecked {
uint256 result =log2(value);
return result + (rounding == Rounding.Up &&1<< result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10, rounded down, of a positive value.
* Returns 0 if given 0.
*/functionlog10(uint256 value) internalpurereturns (uint256) {
uint256 result =0;
unchecked {
if (value >=10**64) {
value /=10**64;
result +=64;
}
if (value >=10**32) {
value /=10**32;
result +=32;
}
if (value >=10**16) {
value /=10**16;
result +=16;
}
if (value >=10**8) {
value /=10**8;
result +=8;
}
if (value >=10**4) {
value /=10**4;
result +=4;
}
if (value >=10**2) {
value /=10**2;
result +=2;
}
if (value >=10**1) {
result +=1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/functionlog10(uint256 value, Rounding rounding) internalpurereturns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (rounding == Rounding.Up &&10**result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256, rounded down, of a positive value.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/functionlog256(uint256 value) internalpurereturns (uint256) {
uint256 result =0;
unchecked {
if (value >>128>0) {
value >>=128;
result +=16;
}
if (value >>64>0) {
value >>=64;
result +=8;
}
if (value >>32>0) {
value >>=32;
result +=4;
}
if (value >>16>0) {
value >>=16;
result +=2;
}
if (value >>8>0) {
result +=1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/functionlog256(uint256 value, Rounding rounding) internalpurereturns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (rounding == Rounding.Up &&1<< (result *8) < value ? 1 : 0);
}
}
}
Contract Source Code
File 22 of 26: NonblockingLzApp.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.0;import"./LzApp.sol";
import"../util/ExcessivelySafeCall.sol";
/*
* the default LayerZero messaging behaviour is blocking, i.e. any failed message will block the channel
* this abstract class try-catch all fail messages and store locally for future retry. hence, non-blocking
* NOTE: if the srcAddress is not configured properly, it will still block the message pathway from (srcChainId, srcAddress)
*/abstractcontractNonblockingLzAppisLzApp{
usingExcessivelySafeCallforaddress;
constructor(address _endpoint) LzApp(_endpoint) {}
mapping(uint16=>mapping(bytes=>mapping(uint64=>bytes32))) public failedMessages;
eventMessageFailed(uint16 _srcChainId, bytes _srcAddress, uint64 _nonce, bytes _payload, bytes _reason);
eventRetryMessageSuccess(uint16 _srcChainId, bytes _srcAddress, uint64 _nonce, bytes32 _payloadHash);
// overriding the virtual function in LzReceiverfunction_blockingLzReceive(uint16 _srcChainId, bytesmemory _srcAddress, uint64 _nonce, bytesmemory _payload) internalvirtualoverride{
(bool success, bytesmemory reason) =address(this).excessivelySafeCall(gasleft(), 150, abi.encodeWithSelector(this.nonblockingLzReceive.selector, _srcChainId, _srcAddress, _nonce, _payload));
// try-catch all errors/exceptionsif (!success) {
_storeFailedMessage(_srcChainId, _srcAddress, _nonce, _payload, reason);
}
}
function_storeFailedMessage(uint16 _srcChainId, bytesmemory _srcAddress, uint64 _nonce, bytesmemory _payload, bytesmemory _reason) internalvirtual{
failedMessages[_srcChainId][_srcAddress][_nonce] =keccak256(_payload);
emit MessageFailed(_srcChainId, _srcAddress, _nonce, _payload, _reason);
}
functionnonblockingLzReceive(uint16 _srcChainId, bytescalldata _srcAddress, uint64 _nonce, bytescalldata _payload) publicvirtual{
// only internal transactionrequire(_msgSender() ==address(this), "NonblockingLzApp: caller must be LzApp");
_nonblockingLzReceive(_srcChainId, _srcAddress, _nonce, _payload);
}
//@notice override this functionfunction_nonblockingLzReceive(uint16 _srcChainId, bytesmemory _srcAddress, uint64 _nonce, bytesmemory _payload) internalvirtual;
functionretryMessage(uint16 _srcChainId, bytescalldata _srcAddress, uint64 _nonce, bytescalldata _payload) publicpayablevirtual{
// assert there is message to retrybytes32 payloadHash = failedMessages[_srcChainId][_srcAddress][_nonce];
require(payloadHash !=bytes32(0), "NonblockingLzApp: no stored message");
require(keccak256(_payload) == payloadHash, "NonblockingLzApp: invalid payload");
// clear the stored message
failedMessages[_srcChainId][_srcAddress][_nonce] =bytes32(0);
// execute the message. revert if it fails again
_nonblockingLzReceive(_srcChainId, _srcAddress, _nonce, _payload);
emit RetryMessageSuccess(_srcChainId, _srcAddress, _nonce, payloadHash);
}
}
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol)pragmasolidity ^0.8.0;import"../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/abstractcontractOwnableisContext{
addressprivate _owner;
eventOwnershipTransferred(addressindexed previousOwner, addressindexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/modifieronlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/functionowner() publicviewvirtualreturns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/function_checkOwner() internalviewvirtual{
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/functionrenounceOwnership() publicvirtualonlyOwner{
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/functiontransferOwnership(address newOwner) publicvirtualonlyOwner{
require(newOwner !=address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/function_transferOwnership(address newOwner) internalvirtual{
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
Contract Source Code
File 26 of 26: TimeIsUp.sol
// SPDX-License-Identifier: UNLICENSED/*
REVERT/REQUIRE CODE ERRORS:
TUP_01: please refer you can call this function only once at a time until it is fully executed
TUP_02: you should allow TIME to be spent before calling the function
TUP_03: TIME amount sent must match with the ETH amount sent
TUP_04: TUP contract does not have enough ETH amount to perform the operation
TUP_05: the pool does not have a sufficient amount to trade
TUP_06: there is no enough tokens to sell
TUP_07: there is no enough tokens to burn
TUP_08: get out of here dude!
TUP_09: borrowed amount must be less or equal to total supply
TUP_10: not enough to cover expenses
TUP_11: please do not forget to call payFlashMintFee() function and pay the flash mint
---------------------------------------------------------------------------------------
*/pragmasolidity ^0.8.10;import"@openzeppelin/contracts/utils/math/Math.sol";
import"@layerzerolabs/solidity-examples/contracts/token/oft/OFT.sol";
import"@chainlink/contracts/src/v0.8/interfaces/AggregatorV3Interface.sol";
import"./IHelperBase.sol";
import"./IEmployer.sol";
import"./ITimeToken.sol";
import"./IFlashMintBorrower.sol";
import"./IUniswapV2Pair.sol";
contractTimeIsUpisOFT{
usingMathforuint256;
boolprivate _isFlashMintPaid;
boolprivate _isFlashMintStarted;
boolprivate _isOperationLocked;
addresspayableprivateimmutable _employerAddress;
stringprivate _name;
stringprivate _symbol;
uint256privateconstant FACTOR =10**18;
uint256privateconstant CHAINLINK_FACTOR =10**8;
uint256privateconstant COMISSION_RATE =100;
uint256private _currentFlashMintFee;
uint256private _dividendPerToken;
uint256private _totalSupply;
uint256private _totalForDividend;
uint256publicconstant FLASH_MINT_FEE =100;
uint256public arbitrageCount;
uint256public poolBalance;
uint256public toBeShared;
uint256public totalEarned;
uint256public totalEarnedFromFlashMintFee;
ITimeToken private timeToken;
AggregatorV3Interface private chainlink;
IHelperBase public helper;
mapping(address=>uint256) private _balances;
mapping(address=>uint256) private _consumedDividendPerToken;
mapping(address=>mapping(address=>uint256)) private _allowances;
constructor(stringmemory name_,
stringmemory symbol_,
address _helperAddress,
address employerAddress_,
address _timeTokenAddress,
address _lzEndPointAddress,
address _chainlinkAddress,
address _owner
) OFT(name_, symbol_, _lzEndPointAddress) {
_name = name_;
_symbol = symbol_;
_employerAddress =payable(employerAddress_);
timeToken = ITimeToken(payable(_timeTokenAddress));
helper = IHelperBase(_helperAddress);
if (_chainlinkAddress !=address(0))
chainlink = AggregatorV3Interface(_chainlinkAddress);
if (_owner !=msg.sender)
transferOwnership(_owner);
}
/**
* @dev This modifier is called when a flash mint is performed. It modifies the internal state of the contract to avoid share calculation when flash mint is running
*
*/modifierperformFlashMint() {
require(!_isFlashMintStarted, "TUP_08");
_isFlashMintPaid =false;
_isFlashMintStarted =true;
_;
_isFlashMintStarted =false;
}
/**
* @dev This modifier helps to avoid/mitigate reentrancy attacks
*
*/modifiernonReentrant() {
require(!_isOperationLocked ||msg.sender==address(helper), "TUP_01");
_isOperationLocked =true;
_;
_isOperationLocked =false;
}
/**
* @dev Performs state update when receiving funds from any source
*
*/receive() externalpayable{
_receive();
}
/**
* @dev Fallback function to call in any situation
*
*/fallback() externalpayable{
require(msg.data.length ==0||msg.sender==address(timeToken) ||msg.sender==address(helper));
_receive();
}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
*/function_afterTokenTransfer(addressfrom, address to, uint256 amount) internalvirtualoverride{ }
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
*/function_beforeTokenTransfer(addressfrom, address to, uint256 amount) internalvirtualoverride{
_credit(from);
_credit(to);
}
/**
* @dev Add liquidity for the TUP/ETH pair LP in third party exchange (based on UniswapV2)
* @param amount The amount in ETH to add to the LP
* @param tupAmount The amount in TUP to add to the LP
*
*/function_addLiquidityNative(uint256 amount, uint256 tupAmount) private{
require(address(this).balance>= amount, "TUP_04");
if (amount >0) {
address pairTupEth = helper.pairTupEth();
if (_balances[pairTupEth] > _balances[address(this)]) {
payable(pairTupEth).call{value: amount}("");
IUniswapV2Pair(pairTupEth).sync();
} else {
address helperAddress =address(helper);
_mint(helperAddress, tupAmount);
bool success = helper.addLiquidityNative{ value: amount }(tupAmount);
if (!success && _balances[helperAddress] >0) {
_burn(helperAddress, _balances[helperAddress]);
_mint(address(this), tupAmount);
}
}
}
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/function_approve(address owner, address spender, uint256 amount) internalvirtualoverride{
require(owner !=address(0), "ERC20 TUP: approve from the zero address");
require(spender !=address(0), "ERC20 TUP: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/function_burn(address account, uint256 amount) internalvirtualoverride{
require(account !=address(0), "ERC20 TUP: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
uint256 accountBalance = _balances[account];
require(accountBalance >= amount, "ERC20 TUP: burn amount exceeds balance");
unchecked {
_balances[account] = accountBalance - amount;
// Overflow not possible: amount <= accountBalance <= totalSupply.
_totalSupply -= amount;
}
emit Transfer(account, address(0), amount);
_afterTokenTransfer(account, address(0), amount);
}
/**
* @dev Use part of the funds to generate value for TIME Token, buying some amount and burning it after together with some TUP tokens, proportionally
* @param amount The amount to buy
*/function_buyTimeAndBurnWithTup(uint256 amount) private{
require(address(this).balance>= amount, "TUP_04");
timeToken.saveTime{ value: amount }();
uint256 balanceInTime = timeToken.balanceOf(address(this));
uint256 proportion = balanceInTime.mulDiv(FACTOR, timeToken.totalSupply() *2);
if (balanceOf(address(this)).mulDiv(proportion, FACTOR) >0)
_burn(address(this), balanceOf(address(this)).mulDiv(proportion, FACTOR));
address pairTupEth = helper.pairTupEth();
if (balanceOf(pairTupEth).mulDiv(proportion, FACTOR) >0)
_burn(pairTupEth, balanceOf(pairTupEth).mulDiv(proportion, FACTOR));
IUniswapV2Pair(pairTupEth).sync();
timeToken.burn(balanceInTime);
}
/**
* @dev Calculate comission value over the provided amount
* @return uint256 Comission value
*
*/function_calculateComissionOverAmount(uint256 amount) privatepurereturns (uint256) {
return amount.mulDiv(COMISSION_RATE, 10_000);
}
/**
* @dev Check for arbitrage opportunities and perform them if they are profitable. Profit is shared with TUP token holders
*
*/function_checkAndPerformArbitrage() private{
try helper.checkAndPerformArbitrage() returns (bool success) {
if (success) {
arbitrageCount++;
}
} catch { }
}
/**
* @dev Calculate the amount some address has to claim and credit for it
* @param account The account address
*
*/function_credit(address account) private{
uint256 amount = accountShareBalance(account);
if (amount >0) {
_balances[account] += amount;
emit Transfer(address(0), account, amount);
}
_consumedDividendPerToken[account] = _dividendPerToken;
}
/**
* @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/function_mint(address account, uint256 amount) internalvirtualoverride{
require(account !=address(0), "ERC20 TUP: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply += amount;
_totalForDividend += (account !=address(helper) && account !=address(this)) ? amount : 0;
unchecked {
// Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
_balances[account] += amount;
}
emit Transfer(address(0), account, amount);
_afterTokenTransfer(address(0), account, amount);
}
/**
* @dev Returns the optimal amount, in terms of TUP tokens, for the native amount passed
* @param amountNative The native amount to be converted
* @return uint256 The TUP optimal amount from native amount informed
*
*/function_queryAmountOptimal(uint256 amountNative) privateviewreturns (uint256) {
uint256 externalLP = queryAmountExternalLP(amountNative);
uint256 internalLP = queryAmountInternalLP(amountNative);
if (externalLP >= internalLP) {
return (msg.sender==address(helper)) ? externalLP : internalLP;
} else {
return (msg.sender==address(helper)) ? internalLP : externalLP;
}
}
/**
* @dev Returns the native amount for the amount of TUP tokens passed
* @param amount The amount of TUP tokens to be converted
* @return uint256 The amount of native tokens correspondent to the TUP tokens amount
*
*/function_queryNativeAmount(uint256 amount) privateviewreturns (uint256) {
return amount.mulDiv(queryPriceInverse(amount), FACTOR);
}
/**
* @dev Private receive function. Called when the external receive() or fallback() functions receive funds
*
*/function_receive() private{
if (totalSupply() ==0)
mint(0);
else
buy();
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `amount`.
*
* Does not update the allowance amount in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Might emit an {Approval} event.
*/function_spendAllowance(address owner, address spender, uint256 amount) internalvirtualoverride{
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance !=type(uint256).max) {
require(currentAllowance >= amount, "ERC20 TUP: insufficient allowance");
unchecked {
_approve(owner, spender, currentAllowance - amount);
}
}
}
/**
* @dev Private function called when the system needs to split shares to the ecosystem (pools, holders, et cetera)
*/function_splitShares(bool isUsingTIME) private{
if (toBeShared >0) {
uint256 share = toBeShared /4;
// 1st PART - Calculates dividend to be shared among TUP holders and add it to the total supply, only if TIME Token is not being used. Otherwise, the amount is used to buy TIME and burn itif (!isUsingTIME) {
uint256 currentDividend = _dividendPerToken;
uint256 tokenAmount = queryAmountInternalLP(share);
_dividendPerToken += tokenAmount.mulDiv(FACTOR, _totalForDividend +1);
uint256 t = _totalForDividend.mulDiv(_dividendPerToken - currentDividend, FACTOR);
_totalSupply += t;
_totalForDividend += t;
} else {
_buyTimeAndBurnWithTup(share);
}
// 2nd and 3rd PARTs - Internal and External Pool
_mintForLiquidity(share);
// 4th PART - Employer - It gives value for TIME Token
_employerAddress.call{value: share}("");
toBeShared =0;
_checkAndPerformArbitrage();
_updatePoolBalance();
}
}
/**
* @dev Moves `amount` of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
*/function_transfer(addressfrom, address to, uint256 amount) internalvirtualoverride{
require(from!=address(0), "ERC20 TUP: transfer from the zero address");
require(to !=address(0), "ERC20 TUP: transfer to the zero address");
_checkAndPerformArbitrage();
_beforeTokenTransfer(from, to, amount);
uint256 fromBalance = _balances[from];
require(fromBalance >= amount, "ERC20 TUP: transfer amount exceeds balance");
unchecked {
_balances[from] = fromBalance - amount;
// Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by// decrementing then incrementing.
_balances[to] += amount;
}
emit Transfer(from, to, amount);
_afterTokenTransfer(from, to, amount);
}
/**
* @dev Updates the state of the internal pool balance
*
*/function_updatePoolBalance() private{
poolBalance =address(this).balance> toBeShared ? address(this).balance- toBeShared : 0;
}
/**
* @dev Returns the name of the token.
*/functionname() publicviewvirtualoverridereturns (stringmemory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/functionsymbol() publicviewvirtualoverridereturns (stringmemory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless this function is
* overridden;
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/functiondecimals() publicviewvirtualoverridereturns (uint8) {
return18;
}
/**
* @dev See {IERC20-totalSupply}.
*/functiontotalSupply() publicviewvirtualoverridereturns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/functionbalanceOf(address account) publicviewvirtualoverridereturns (uint256) {
return _balances[account] + accountShareBalance(account);
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/functiontransfer(address to, uint256 amount) publicvirtualoverridereturns (bool) {
if (to ==address(this)) {
sell(amount);
} else {
_transfer(msg.sender, to, amount);
}
returntrue;
}
/**
* @dev See {IERC20-allowance}.
*/functionallowance(address owner, address spender) publicviewvirtualoverridereturns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionapprove(address spender, uint256 amount) publicvirtualoverridereturns (bool) {
address owner =msg.sender;
_approve(owner, spender, amount);
returntrue;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
* - the caller must have allowance for ``from``'s tokens of at least
* `amount`.
*/functiontransferFrom(addressfrom, address to, uint256 amount) publicvirtualoverridereturns (bool) {
address spender =msg.sender;
_spendAllowance(from, spender, amount);
_transfer(from, to, amount);
returntrue;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionincreaseAllowance(address spender, uint256 addedValue) publicvirtualoverridereturns (bool) {
address owner =msg.sender;
_approve(owner, spender, allowance(owner, spender) + addedValue);
returntrue;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/functiondecreaseAllowance(address spender, uint256 subtractedValue) publicvirtualoverridereturns (bool) {
address owner =msg.sender;
uint256 currentAllowance = allowance(owner, spender);
require(currentAllowance >= subtractedValue, "ERC20 TUP: decreased allowance below zero");
unchecked {
_approve(owner, spender, currentAllowance - subtractedValue);
}
returntrue;
}
/**
* @dev Show the amount an account address can credit to itself
* @notice Shares are not calculated when running flash mint
* @param account The address of some account
* @return The claimable amount
*
*/functionaccountShareBalance(address account) publicviewreturns (uint256) {
if (account !=address(this) && account != helper.pairTupEth() && account !=address(helper) &&!_isFlashMintStarted) {
return _balances[account].mulDiv(_dividendPerToken - _consumedDividendPerToken[account], FACTOR);
} else {
return0;
}
}
/**
* @dev External function to burn TUP tokens. Sometimes is useful when you want to throw your money away... Who knows?
* @param amount The amount of TUP tokens to be burned
*
*/functionburn(uint256 amount) external{
require(amount <= balanceOf(msg.sender), "TUP_07");
_burn(msg.sender, amount);
}
/**
* @dev Main function of the TUP contract. Called whenever someone needs to generate tokens under the required conditions
* @param timeAmount The amount of TIME Tokens an investor wants to use in order to mint more TUP tokens
*
*/functionmint(uint256 timeAmount) publicpayablenonReentrant{
// It must transfer and burn TIME Token onto the contract in order to mint additional TUP tokensrequire(timeToken.allowance(msg.sender, address(this)) >= timeAmount, "TUP_02");
uint256 timeAmountNativeValue = queryNativeFromTimeAmount(timeAmount);
require(msg.value>= timeAmountNativeValue &&msg.value>0, "TUP_03");
toBeShared +=msg.value;
if (timeAmount >0) {
timeToken.transferFrom(msg.sender, address(this), timeAmount);
_splitShares(true);
} else {
_splitShares(false);
}
_mint(msg.sender, queryAmountOptimal(msg.value+ timeAmountNativeValue));
}
/**
* @dev Performs TUP minting for Liquidity Pools (Internal and External)
* @notice It should query Chainlink to check the USD rate/price of native currency in order to maintain the same rate on all deployed networks
* @param share The amount of ETH dedicated for the pools
*
*/function_mintForLiquidity(uint256 share) private{
uint256 shareForLiquidity = _queryAmountOptimal(share);
if (shareForLiquidity == share) {
(, int256 roundData,,,) =address(chainlink) !=address(0) ? chainlink.latestRoundData() : (uint80(0),int256(CHAINLINK_FACTOR),uint256(0),uint256(0),uint80(0));
shareForLiquidity = shareForLiquidity.mulDiv(uint256(roundData), CHAINLINK_FACTOR);
}
_addLiquidityNative(share, shareForLiquidity);
if (_balances[address(this)] ==0)
_mint(address(this), shareForLiquidity);
}
/**
* @dev Queries for the external amount, in terms of TUP tokens, given an informed native amount
* @notice It queries for the external LP
* @param amountNative The native amount
* @return uint256 The amount of TUP tokens
*
*/functionqueryAmountExternalLP(uint256 amountNative) publicviewreturns (uint256) {
uint256 amountExternalLP = amountNative.mulDiv(helper.queryRate(), FACTOR);
return (amountExternalLP ==0) ? amountNative : amountExternalLP;
}
/**
* @dev Queries for the internal amount, in terms of TUP tokens, given an informed native amount
* @notice It queries for the internal LP
* @param amountNative The native amount
* @return uint256 The amount of TUP tokens
*
*/functionqueryAmountInternalLP(uint256 amountNative) publicviewreturns (uint256) {
uint256 amountInternalLP = amountNative.mulDiv(queryPriceNative(amountNative), FACTOR);
return (amountInternalLP ==0) ? amountNative : amountInternalLP;
}
/**
* @dev Queries for the optimal amount, in terms of TUP tokens, given an informed native amount
* @param amountNative The native amount
* @return uint256 The amount of TUP tokens
*
*/functionqueryAmountOptimal(uint256 amountNative) publicviewreturns (uint256) {
uint256 amountOptimal = _queryAmountOptimal(amountNative);
return (amountOptimal - _calculateComissionOverAmount(amountOptimal));
}
/**
* @dev Queries for the native amount value given some TUP tokens informed
* @param amount The amount of TUP tokens
* @return uint256 The native amount
*
*/functionqueryNativeAmount(uint256 amount) externalviewreturns (uint256) {
uint256 amountNativeValue = _queryNativeAmount(amount);
return (amountNativeValue - _calculateComissionOverAmount(amountNativeValue));
}
/**
* @dev Queries for the native amount value given some TIME Token amount passed
* @param timeAmount The amount of TIME Tokens informed
* @return uint256 The native amount
*
*/functionqueryNativeFromTimeAmount(uint256 timeAmount) publicviewreturns (uint256) {
if (timeAmount !=0) {
return timeAmount.mulDiv(timeToken.swapPriceTimeInverse(timeAmount), FACTOR);
} else {
return0;
}
}
/**
* @dev Query for market price before swap, in TUP/ETH, in terms of native cryptocurrency (ETH)
* @notice Constant Function Market Maker
* @param amountNative The amount of ETH a user wants to exchange
* @return Local market price, in TUP/ETH, given the amount of ETH a user informed
*
*/functionqueryPriceNative(uint256 amountNative) publicviewreturns (uint256) {
if (poolBalance >0&& _balances[address(this)] >0) {
uint256 ratio = poolBalance.mulDiv(FACTOR, amountNative +1);
uint256 deltaSupply = _balances[address(this)].mulDiv(amountNative.mulDiv(ratio, 1), poolBalance + amountNative);
return deltaSupply / poolBalance;
} else {
return FACTOR;
}
}
/**
* @dev Query for market price before swap, in ETH/TUP, in terms of ETH currency
* @param amount The amount of TUP a user wants to exchange
* @return Local market price, in ETH/TUP, given the amount of TUP a user informed
*
*/functionqueryPriceInverse(uint256 amount) publicviewreturns (uint256) {
if (poolBalance >0&& _balances[address(this)] >0) {
uint256 deltaBalance =
poolBalance.mulDiv(amount.mulDiv(_balances[address(this)].mulDiv(FACTOR, amount +1), 1), _balances[address(this)] + amount);
return deltaBalance / _balances[address(this)];
} else {
return1;
}
}
/**
* @dev Queries the amount to be paid to callers of the splitSharesDinamicallyWithReward() function
* @return uint256 The amount to be paid
*
*/functionqueryPublicReward() publicviewreturns (uint256) {
return toBeShared.mulDiv(COMISSION_RATE, 10_000);
}
/**
* @notice Receives ETH as profit and set to be shared among TUP holders
* @dev Usually called by Helper contract, but anyone can call it
* @return response Just a silly response
*
*/functionreceiveProfit() externalpayablereturns (bool response) {
if (msg.value>0) {
toBeShared +=msg.value;
totalEarned +=msg.value;
_updatePoolBalance();
response =true;
}
return response;
}
/**
* @dev Returns native amount back to the TUP contract when it is not desired to share the amount with holders. Usually called by Helper
* @return bool Just a silly response
*
*/functionreturnNative() externalpayablenonReentrantreturns (bool) {
_updatePoolBalance();
returntrue;
}
/**
* @notice Define a new Helper contract to TUP token
* @dev Established as a security measure. Only the owner of this contract can call it
* @param newHelperAddress The address of the new Helper contract
*/functionsetHelper(address newHelperAddress) externalonlyOwner{
helper = IHelperBase(newHelperAddress);
}
/**
* @dev Splits the share (earned amount) among the TUP token holders and pays a reward for the caller
* @notice This function should be called sometimes in order to make the contract works as desired
*
*/functionsplitSharesWithReward() externalnonReentrant{
if (toBeShared >0) {
uint256 reward = queryPublicReward();
toBeShared -= reward;
_splitShares(false);
payable(msg.sender).transfer(reward);
_updatePoolBalance();
}
}
/**
* @dev Investor send native cryptocurrency in exchange for TUP tokens. Here, he sends some amount and the contract calculates the equivalent amount in TUP units
* @notice msg.value - The amount of TUP in terms of ETH an investor wants to buy
* @return success If the operation was performed well
*/functionbuy() publicpayablenonReentrantreturns (bool success) {
if (msg.value>0) {
uint256 nativeAmountValue = _queryAmountOptimal(msg.value);
require(nativeAmountValue <= _balances[address(this)], "TUP_05");
if (msg.sender==address(helper)) {
_transfer(address(this), msg.sender, nativeAmountValue);
} else {
uint256 comission = _calculateComissionOverAmount(nativeAmountValue);
_transfer(address(this), msg.sender, nativeAmountValue - comission);
if (comission < _balances[address(this)])
_burn(address(this), comission);
address pairTupEth = helper.pairTupEth();
if (comission < balanceOf(pairTupEth)) {
_burn(pairTupEth, comission);
IUniswapV2Pair(pairTupEth).sync();
}
}
_updatePoolBalance();
success =true;
}
return success;
}
/**
* @dev Investor send TUP tokens in exchange for native cryptocurrency
* @param amount The amount of TUP tokens for exchange
* @return success Informs if the sell was performed well
*/functionsell(uint256 amount) publicnonReentrantreturns (bool success) {
require(!_isFlashMintStarted, "TUP_08");
require(balanceOf(msg.sender) >= amount, "TUP_06");
uint256 amountNativeValue = _queryNativeAmount(amount);
require(amountNativeValue <= poolBalance, "TUP_05");
_transfer(msg.sender, address(this), amount);
if (msg.sender==address(helper)) {
payable(msg.sender).transfer(amountNativeValue);
} else {
uint256 comission = _calculateComissionOverAmount(amountNativeValue);
payable(msg.sender).transfer(amountNativeValue - comission);
uint256 internalAmount = queryAmountInternalLP(comission);
if (internalAmount >0&& internalAmount < _balances[address(this)])
_burn(address(this), internalAmount);
address pairTupEth = helper.pairTupEth();
uint256 externalAmount = queryAmountExternalLP(comission);
if (externalAmount >0&& externalAmount < _balances[pairTupEth])
_burn(pairTupEth, externalAmount);
IUniswapV2Pair(pairTupEth).sync();
toBeShared += comission;
totalEarned += comission;
}
_updatePoolBalance();
return success;
}
/**
* @dev Performs flash mint of TUP tokens for msg.sender address, limited to the _totalSupply amount
* @notice The user must implement his logic inside the doSomething() function. The fee for flash mint must be paid in native tokens by calling and passing the value for the payFlashMintFee() function from the doSomething() function
* @param amountToBorrow The amount of TUP tokens the user wants to borrow
* @param data Arbitrary data the user wants to pass to its doSomething() function
*
*/functionflashMint(uint256 amountToBorrow, bytescalldata data) externalnonReentrantperformFlashMint{
require(amountToBorrow <= _totalSupply, "TUP_09");
uint256 earnedBefore = totalEarnedFromFlashMintFee;
_currentFlashMintFee = _queryNativeAmount(amountToBorrow).mulDiv(FLASH_MINT_FEE, 10_000);
_mint(msg.sender, amountToBorrow);
// Here the borrower should perform some action with the borrowed TUP amount
IFlashMintBorrower(msg.sender).doSomething(amountToBorrow, _currentFlashMintFee, data);
require((totalEarnedFromFlashMintFee - earnedBefore) >= _currentFlashMintFee, "TUP_10");
require(_isFlashMintPaid, "TUP_11");
_burn(msg.sender, amountToBorrow);
}
/**
* @dev Function called inside the doSomething() function to pay fees for the flash minted amount
*
*/functionpayFlashMintFee() externalpayable{
require(_isFlashMintStarted, "TUP_08");
require(msg.value>= _currentFlashMintFee, "TUP_10");
totalEarned +=msg.value;
totalEarnedFromFlashMintFee +=msg.value;
toBeShared +=msg.value;
_updatePoolBalance();
_isFlashMintPaid =true;
}
}
