// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (access/AccessControl.sol)pragmasolidity ^0.8.20;import {IAccessControl} from"@openzeppelin/contracts/access/IAccessControl.sol";
import {ContextUpgradeable} from"../utils/ContextUpgradeable.sol";
import {ERC165Upgradeable} from"../utils/introspection/ERC165Upgradeable.sol";
import {Initializable} from"../proxy/utils/Initializable.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms. This is a lightweight version that doesn't allow enumerating role
* members except through off-chain means by accessing the contract event logs. Some
* applications may benefit from on-chain enumerability, for those cases see
* {AccessControlEnumerable}.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```solidity
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```solidity
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules}
* to enforce additional security measures for this role.
*/abstractcontractAccessControlUpgradeableisInitializable, ContextUpgradeable, IAccessControl, ERC165Upgradeable{
structRoleData {
mapping(address account =>bool) hasRole;
bytes32 adminRole;
}
bytes32publicconstant DEFAULT_ADMIN_ROLE =0x00;
/// @custom:storage-location erc7201:openzeppelin.storage.AccessControlstructAccessControlStorage {
mapping(bytes32 role => RoleData) _roles;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.AccessControl")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant AccessControlStorageLocation =0x02dd7bc7dec4dceedda775e58dd541e08a116c6c53815c0bd028192f7b626800;
function_getAccessControlStorage() privatepurereturns (AccessControlStorage storage $) {
assembly {
$.slot:= AccessControlStorageLocation
}
}
/**
* @dev Modifier that checks that an account has a specific role. Reverts
* with an {AccessControlUnauthorizedAccount} error including the required role.
*/modifieronlyRole(bytes32 role) {
_checkRole(role);
_;
}
function__AccessControl_init() internalonlyInitializing{
}
function__AccessControl_init_unchained() internalonlyInitializing{
}
/**
* @dev See {IERC165-supportsInterface}.
*/functionsupportsInterface(bytes4 interfaceId) publicviewvirtualoverridereturns (bool) {
return interfaceId ==type(IAccessControl).interfaceId||super.supportsInterface(interfaceId);
}
/**
* @dev Returns `true` if `account` has been granted `role`.
*/functionhasRole(bytes32 role, address account) publicviewvirtualreturns (bool) {
AccessControlStorage storage $ = _getAccessControlStorage();
return $._roles[role].hasRole[account];
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `_msgSender()`
* is missing `role`. Overriding this function changes the behavior of the {onlyRole} modifier.
*/function_checkRole(bytes32 role) internalviewvirtual{
_checkRole(role, _msgSender());
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `account`
* is missing `role`.
*/function_checkRole(bytes32 role, address account) internalviewvirtual{
if (!hasRole(role, account)) {
revert AccessControlUnauthorizedAccount(account, role);
}
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/functiongetRoleAdmin(bytes32 role) publicviewvirtualreturns (bytes32) {
AccessControlStorage storage $ = _getAccessControlStorage();
return $._roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleGranted} event.
*/functiongrantRole(bytes32 role, address account) publicvirtualonlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleRevoked} event.
*/functionrevokeRole(bytes32 role, address account) publicvirtualonlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been revoked `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*
* May emit a {RoleRevoked} event.
*/functionrenounceRole(bytes32 role, address callerConfirmation) publicvirtual{
if (callerConfirmation != _msgSender()) {
revert AccessControlBadConfirmation();
}
_revokeRole(role, callerConfirmation);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/function_setRoleAdmin(bytes32 role, bytes32 adminRole) internalvirtual{
AccessControlStorage storage $ = _getAccessControlStorage();
bytes32 previousAdminRole = getRoleAdmin(role);
$._roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
/**
* @dev Attempts to grant `role` to `account` and returns a boolean indicating if `role` was granted.
*
* Internal function without access restriction.
*
* May emit a {RoleGranted} event.
*/function_grantRole(bytes32 role, address account) internalvirtualreturns (bool) {
AccessControlStorage storage $ = _getAccessControlStorage();
if (!hasRole(role, account)) {
$._roles[role].hasRole[account] =true;
emit RoleGranted(role, account, _msgSender());
returntrue;
} else {
returnfalse;
}
}
/**
* @dev Attempts to revoke `role` to `account` and returns a boolean indicating if `role` was revoked.
*
* Internal function without access restriction.
*
* May emit a {RoleRevoked} event.
*/function_revokeRole(bytes32 role, address account) internalvirtualreturns (bool) {
AccessControlStorage storage $ = _getAccessControlStorage();
if (hasRole(role, account)) {
$._roles[role].hasRole[account] =false;
emit RoleRevoked(role, account, _msgSender());
returntrue;
} else {
returnfalse;
}
}
}
Contract Source Code
File 2 of 63: Address.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/Address.sol)pragmasolidity ^0.8.20;/**
* @dev Collection of functions related to the address type
*/libraryAddress{
/**
* @dev The ETH balance of the account is not enough to perform the operation.
*/errorAddressInsufficientBalance(address account);
/**
* @dev There's no code at `target` (it is not a contract).
*/errorAddressEmptyCode(address target);
/**
* @dev A call to an address target failed. The target may have reverted.
*/errorFailedInnerCall();
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/functionsendValue(addresspayable recipient, uint256 amount) internal{
if (address(this).balance< amount) {
revert AddressInsufficientBalance(address(this));
}
(bool success, ) = recipient.call{value: amount}("");
if (!success) {
revert FailedInnerCall();
}
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason or custom error, it is bubbled
* up by this function (like regular Solidity function calls). However, if
* the call reverted with no returned reason, this function reverts with a
* {FailedInnerCall} error.
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*/functionfunctionCall(address target, bytesmemory data) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, 0);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*/functionfunctionCallWithValue(address target, bytesmemory data, uint256 value) internalreturns (bytesmemory) {
if (address(this).balance< value) {
revert AddressInsufficientBalance(address(this));
}
(bool success, bytesmemory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*/functionfunctionStaticCall(address target, bytesmemory data) internalviewreturns (bytesmemory) {
(bool success, bytesmemory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*/functionfunctionDelegateCall(address target, bytesmemory data) internalreturns (bytesmemory) {
(bool success, bytesmemory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target
* was not a contract or bubbling up the revert reason (falling back to {FailedInnerCall}) in case of an
* unsuccessful call.
*/functionverifyCallResultFromTarget(address target,
bool success,
bytesmemory returndata
) internalviewreturns (bytesmemory) {
if (!success) {
_revert(returndata);
} else {
// only check if target is a contract if the call was successful and the return data is empty// otherwise we already know that it was a contractif (returndata.length==0&& target.code.length==0) {
revert AddressEmptyCode(target);
}
return returndata;
}
}
/**
* @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the
* revert reason or with a default {FailedInnerCall} error.
*/functionverifyCallResult(bool success, bytesmemory returndata) internalpurereturns (bytesmemory) {
if (!success) {
_revert(returndata);
} else {
return returndata;
}
}
/**
* @dev Reverts with returndata if present. Otherwise reverts with {FailedInnerCall}.
*/function_revert(bytesmemory returndata) privatepure{
// Look for revert reason and bubble it up if presentif (returndata.length>0) {
// The easiest way to bubble the revert reason is using memory via assembly/// @solidity memory-safe-assemblyassembly {
let returndata_size :=mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert FailedInnerCall();
}
}
}
Contract Source Code
File 3 of 63: Checkpoints.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/structs/Checkpoints.sol)// This file was procedurally generated from scripts/generate/templates/Checkpoints.js.pragmasolidity ^0.8.20;import {Math} from"../math/Math.sol";
/**
* @dev This library defines the `Trace*` struct, for checkpointing values as they change at different points in
* time, and later looking up past values by block number. See {Votes} as an example.
*
* To create a history of checkpoints define a variable type `Checkpoints.Trace*` in your contract, and store a new
* checkpoint for the current transaction block using the {push} function.
*/libraryCheckpoints{
/**
* @dev A value was attempted to be inserted on a past checkpoint.
*/errorCheckpointUnorderedInsertion();
structTrace224 {
Checkpoint224[] _checkpoints;
}
structCheckpoint224 {
uint32 _key;
uint224 _value;
}
/**
* @dev Pushes a (`key`, `value`) pair into a Trace224 so that it is stored as the checkpoint.
*
* Returns previous value and new value.
*
* IMPORTANT: Never accept `key` as a user input, since an arbitrary `type(uint32).max` key set will disable the
* library.
*/functionpush(Trace224 storageself, uint32 key, uint224 value) internalreturns (uint224, uint224) {
return _insert(self._checkpoints, key, value);
}
/**
* @dev Returns the value in the first (oldest) checkpoint with key greater or equal than the search key, or zero if
* there is none.
*/functionlowerLookup(Trace224 storageself, uint32 key) internalviewreturns (uint224) {
uint256 len =self._checkpoints.length;
uint256 pos = _lowerBinaryLookup(self._checkpoints, key, 0, len);
return pos == len ? 0 : _unsafeAccess(self._checkpoints, pos)._value;
}
/**
* @dev Returns the value in the last (most recent) checkpoint with key lower or equal than the search key, or zero
* if there is none.
*/functionupperLookup(Trace224 storageself, uint32 key) internalviewreturns (uint224) {
uint256 len =self._checkpoints.length;
uint256 pos = _upperBinaryLookup(self._checkpoints, key, 0, len);
return pos ==0 ? 0 : _unsafeAccess(self._checkpoints, pos -1)._value;
}
/**
* @dev Returns the value in the last (most recent) checkpoint with key lower or equal than the search key, or zero
* if there is none.
*
* NOTE: This is a variant of {upperLookup} that is optimised to find "recent" checkpoint (checkpoints with high
* keys).
*/functionupperLookupRecent(Trace224 storageself, uint32 key) internalviewreturns (uint224) {
uint256 len =self._checkpoints.length;
uint256 low =0;
uint256 high = len;
if (len >5) {
uint256 mid = len - Math.sqrt(len);
if (key < _unsafeAccess(self._checkpoints, mid)._key) {
high = mid;
} else {
low = mid +1;
}
}
uint256 pos = _upperBinaryLookup(self._checkpoints, key, low, high);
return pos ==0 ? 0 : _unsafeAccess(self._checkpoints, pos -1)._value;
}
/**
* @dev Returns the value in the most recent checkpoint, or zero if there are no checkpoints.
*/functionlatest(Trace224 storageself) internalviewreturns (uint224) {
uint256 pos =self._checkpoints.length;
return pos ==0 ? 0 : _unsafeAccess(self._checkpoints, pos -1)._value;
}
/**
* @dev Returns whether there is a checkpoint in the structure (i.e. it is not empty), and if so the key and value
* in the most recent checkpoint.
*/functionlatestCheckpoint(Trace224 storageself) internalviewreturns (bool exists, uint32 _key, uint224 _value) {
uint256 pos =self._checkpoints.length;
if (pos ==0) {
return (false, 0, 0);
} else {
Checkpoint224 memory ckpt = _unsafeAccess(self._checkpoints, pos -1);
return (true, ckpt._key, ckpt._value);
}
}
/**
* @dev Returns the number of checkpoint.
*/functionlength(Trace224 storageself) internalviewreturns (uint256) {
returnself._checkpoints.length;
}
/**
* @dev Returns checkpoint at given position.
*/functionat(Trace224 storageself, uint32 pos) internalviewreturns (Checkpoint224 memory) {
returnself._checkpoints[pos];
}
/**
* @dev Pushes a (`key`, `value`) pair into an ordered list of checkpoints, either by inserting a new checkpoint,
* or by updating the last one.
*/function_insert(Checkpoint224[] storageself, uint32 key, uint224 value) privatereturns (uint224, uint224) {
uint256 pos =self.length;
if (pos >0) {
// Copying to memory is important here.
Checkpoint224 memory last = _unsafeAccess(self, pos -1);
// Checkpoint keys must be non-decreasing.if (last._key > key) {
revert CheckpointUnorderedInsertion();
}
// Update or push new checkpointif (last._key == key) {
_unsafeAccess(self, pos -1)._value = value;
} else {
self.push(Checkpoint224({_key: key, _value: value}));
}
return (last._value, value);
} else {
self.push(Checkpoint224({_key: key, _value: value}));
return (0, value);
}
}
/**
* @dev Return the index of the last (most recent) checkpoint with key lower or equal than the search key, or `high`
* if there is none. `low` and `high` define a section where to do the search, with inclusive `low` and exclusive
* `high`.
*
* WARNING: `high` should not be greater than the array's length.
*/function_upperBinaryLookup(
Checkpoint224[] storageself,
uint32 key,
uint256 low,
uint256 high
) privateviewreturns (uint256) {
while (low < high) {
uint256 mid = Math.average(low, high);
if (_unsafeAccess(self, mid)._key > key) {
high = mid;
} else {
low = mid +1;
}
}
return high;
}
/**
* @dev Return the index of the first (oldest) checkpoint with key is greater or equal than the search key, or
* `high` if there is none. `low` and `high` define a section where to do the search, with inclusive `low` and
* exclusive `high`.
*
* WARNING: `high` should not be greater than the array's length.
*/function_lowerBinaryLookup(
Checkpoint224[] storageself,
uint32 key,
uint256 low,
uint256 high
) privateviewreturns (uint256) {
while (low < high) {
uint256 mid = Math.average(low, high);
if (_unsafeAccess(self, mid)._key < key) {
low = mid +1;
} else {
high = mid;
}
}
return high;
}
/**
* @dev Access an element of the array without performing bounds check. The position is assumed to be within bounds.
*/function_unsafeAccess(
Checkpoint224[] storageself,
uint256 pos
) privatepurereturns (Checkpoint224 storage result) {
assembly {
mstore(0, self.slot)
result.slot:=add(keccak256(0, 0x20), pos)
}
}
structTrace208 {
Checkpoint208[] _checkpoints;
}
structCheckpoint208 {
uint48 _key;
uint208 _value;
}
/**
* @dev Pushes a (`key`, `value`) pair into a Trace208 so that it is stored as the checkpoint.
*
* Returns previous value and new value.
*
* IMPORTANT: Never accept `key` as a user input, since an arbitrary `type(uint48).max` key set will disable the
* library.
*/functionpush(Trace208 storageself, uint48 key, uint208 value) internalreturns (uint208, uint208) {
return _insert(self._checkpoints, key, value);
}
/**
* @dev Returns the value in the first (oldest) checkpoint with key greater or equal than the search key, or zero if
* there is none.
*/functionlowerLookup(Trace208 storageself, uint48 key) internalviewreturns (uint208) {
uint256 len =self._checkpoints.length;
uint256 pos = _lowerBinaryLookup(self._checkpoints, key, 0, len);
return pos == len ? 0 : _unsafeAccess(self._checkpoints, pos)._value;
}
/**
* @dev Returns the value in the last (most recent) checkpoint with key lower or equal than the search key, or zero
* if there is none.
*/functionupperLookup(Trace208 storageself, uint48 key) internalviewreturns (uint208) {
uint256 len =self._checkpoints.length;
uint256 pos = _upperBinaryLookup(self._checkpoints, key, 0, len);
return pos ==0 ? 0 : _unsafeAccess(self._checkpoints, pos -1)._value;
}
/**
* @dev Returns the value in the last (most recent) checkpoint with key lower or equal than the search key, or zero
* if there is none.
*
* NOTE: This is a variant of {upperLookup} that is optimised to find "recent" checkpoint (checkpoints with high
* keys).
*/functionupperLookupRecent(Trace208 storageself, uint48 key) internalviewreturns (uint208) {
uint256 len =self._checkpoints.length;
uint256 low =0;
uint256 high = len;
if (len >5) {
uint256 mid = len - Math.sqrt(len);
if (key < _unsafeAccess(self._checkpoints, mid)._key) {
high = mid;
} else {
low = mid +1;
}
}
uint256 pos = _upperBinaryLookup(self._checkpoints, key, low, high);
return pos ==0 ? 0 : _unsafeAccess(self._checkpoints, pos -1)._value;
}
/**
* @dev Returns the value in the most recent checkpoint, or zero if there are no checkpoints.
*/functionlatest(Trace208 storageself) internalviewreturns (uint208) {
uint256 pos =self._checkpoints.length;
return pos ==0 ? 0 : _unsafeAccess(self._checkpoints, pos -1)._value;
}
/**
* @dev Returns whether there is a checkpoint in the structure (i.e. it is not empty), and if so the key and value
* in the most recent checkpoint.
*/functionlatestCheckpoint(Trace208 storageself) internalviewreturns (bool exists, uint48 _key, uint208 _value) {
uint256 pos =self._checkpoints.length;
if (pos ==0) {
return (false, 0, 0);
} else {
Checkpoint208 memory ckpt = _unsafeAccess(self._checkpoints, pos -1);
return (true, ckpt._key, ckpt._value);
}
}
/**
* @dev Returns the number of checkpoint.
*/functionlength(Trace208 storageself) internalviewreturns (uint256) {
returnself._checkpoints.length;
}
/**
* @dev Returns checkpoint at given position.
*/functionat(Trace208 storageself, uint32 pos) internalviewreturns (Checkpoint208 memory) {
returnself._checkpoints[pos];
}
/**
* @dev Pushes a (`key`, `value`) pair into an ordered list of checkpoints, either by inserting a new checkpoint,
* or by updating the last one.
*/function_insert(Checkpoint208[] storageself, uint48 key, uint208 value) privatereturns (uint208, uint208) {
uint256 pos =self.length;
if (pos >0) {
// Copying to memory is important here.
Checkpoint208 memory last = _unsafeAccess(self, pos -1);
// Checkpoint keys must be non-decreasing.if (last._key > key) {
revert CheckpointUnorderedInsertion();
}
// Update or push new checkpointif (last._key == key) {
_unsafeAccess(self, pos -1)._value = value;
} else {
self.push(Checkpoint208({_key: key, _value: value}));
}
return (last._value, value);
} else {
self.push(Checkpoint208({_key: key, _value: value}));
return (0, value);
}
}
/**
* @dev Return the index of the last (most recent) checkpoint with key lower or equal than the search key, or `high`
* if there is none. `low` and `high` define a section where to do the search, with inclusive `low` and exclusive
* `high`.
*
* WARNING: `high` should not be greater than the array's length.
*/function_upperBinaryLookup(
Checkpoint208[] storageself,
uint48 key,
uint256 low,
uint256 high
) privateviewreturns (uint256) {
while (low < high) {
uint256 mid = Math.average(low, high);
if (_unsafeAccess(self, mid)._key > key) {
high = mid;
} else {
low = mid +1;
}
}
return high;
}
/**
* @dev Return the index of the first (oldest) checkpoint with key is greater or equal than the search key, or
* `high` if there is none. `low` and `high` define a section where to do the search, with inclusive `low` and
* exclusive `high`.
*
* WARNING: `high` should not be greater than the array's length.
*/function_lowerBinaryLookup(
Checkpoint208[] storageself,
uint48 key,
uint256 low,
uint256 high
) privateviewreturns (uint256) {
while (low < high) {
uint256 mid = Math.average(low, high);
if (_unsafeAccess(self, mid)._key < key) {
low = mid +1;
} else {
high = mid;
}
}
return high;
}
/**
* @dev Access an element of the array without performing bounds check. The position is assumed to be within bounds.
*/function_unsafeAccess(
Checkpoint208[] storageself,
uint256 pos
) privatepurereturns (Checkpoint208 storage result) {
assembly {
mstore(0, self.slot)
result.slot:=add(keccak256(0, 0x20), pos)
}
}
structTrace160 {
Checkpoint160[] _checkpoints;
}
structCheckpoint160 {
uint96 _key;
uint160 _value;
}
/**
* @dev Pushes a (`key`, `value`) pair into a Trace160 so that it is stored as the checkpoint.
*
* Returns previous value and new value.
*
* IMPORTANT: Never accept `key` as a user input, since an arbitrary `type(uint96).max` key set will disable the
* library.
*/functionpush(Trace160 storageself, uint96 key, uint160 value) internalreturns (uint160, uint160) {
return _insert(self._checkpoints, key, value);
}
/**
* @dev Returns the value in the first (oldest) checkpoint with key greater or equal than the search key, or zero if
* there is none.
*/functionlowerLookup(Trace160 storageself, uint96 key) internalviewreturns (uint160) {
uint256 len =self._checkpoints.length;
uint256 pos = _lowerBinaryLookup(self._checkpoints, key, 0, len);
return pos == len ? 0 : _unsafeAccess(self._checkpoints, pos)._value;
}
/**
* @dev Returns the value in the last (most recent) checkpoint with key lower or equal than the search key, or zero
* if there is none.
*/functionupperLookup(Trace160 storageself, uint96 key) internalviewreturns (uint160) {
uint256 len =self._checkpoints.length;
uint256 pos = _upperBinaryLookup(self._checkpoints, key, 0, len);
return pos ==0 ? 0 : _unsafeAccess(self._checkpoints, pos -1)._value;
}
/**
* @dev Returns the value in the last (most recent) checkpoint with key lower or equal than the search key, or zero
* if there is none.
*
* NOTE: This is a variant of {upperLookup} that is optimised to find "recent" checkpoint (checkpoints with high
* keys).
*/functionupperLookupRecent(Trace160 storageself, uint96 key) internalviewreturns (uint160) {
uint256 len =self._checkpoints.length;
uint256 low =0;
uint256 high = len;
if (len >5) {
uint256 mid = len - Math.sqrt(len);
if (key < _unsafeAccess(self._checkpoints, mid)._key) {
high = mid;
} else {
low = mid +1;
}
}
uint256 pos = _upperBinaryLookup(self._checkpoints, key, low, high);
return pos ==0 ? 0 : _unsafeAccess(self._checkpoints, pos -1)._value;
}
/**
* @dev Returns the value in the most recent checkpoint, or zero if there are no checkpoints.
*/functionlatest(Trace160 storageself) internalviewreturns (uint160) {
uint256 pos =self._checkpoints.length;
return pos ==0 ? 0 : _unsafeAccess(self._checkpoints, pos -1)._value;
}
/**
* @dev Returns whether there is a checkpoint in the structure (i.e. it is not empty), and if so the key and value
* in the most recent checkpoint.
*/functionlatestCheckpoint(Trace160 storageself) internalviewreturns (bool exists, uint96 _key, uint160 _value) {
uint256 pos =self._checkpoints.length;
if (pos ==0) {
return (false, 0, 0);
} else {
Checkpoint160 memory ckpt = _unsafeAccess(self._checkpoints, pos -1);
return (true, ckpt._key, ckpt._value);
}
}
/**
* @dev Returns the number of checkpoint.
*/functionlength(Trace160 storageself) internalviewreturns (uint256) {
returnself._checkpoints.length;
}
/**
* @dev Returns checkpoint at given position.
*/functionat(Trace160 storageself, uint32 pos) internalviewreturns (Checkpoint160 memory) {
returnself._checkpoints[pos];
}
/**
* @dev Pushes a (`key`, `value`) pair into an ordered list of checkpoints, either by inserting a new checkpoint,
* or by updating the last one.
*/function_insert(Checkpoint160[] storageself, uint96 key, uint160 value) privatereturns (uint160, uint160) {
uint256 pos =self.length;
if (pos >0) {
// Copying to memory is important here.
Checkpoint160 memory last = _unsafeAccess(self, pos -1);
// Checkpoint keys must be non-decreasing.if (last._key > key) {
revert CheckpointUnorderedInsertion();
}
// Update or push new checkpointif (last._key == key) {
_unsafeAccess(self, pos -1)._value = value;
} else {
self.push(Checkpoint160({_key: key, _value: value}));
}
return (last._value, value);
} else {
self.push(Checkpoint160({_key: key, _value: value}));
return (0, value);
}
}
/**
* @dev Return the index of the last (most recent) checkpoint with key lower or equal than the search key, or `high`
* if there is none. `low` and `high` define a section where to do the search, with inclusive `low` and exclusive
* `high`.
*
* WARNING: `high` should not be greater than the array's length.
*/function_upperBinaryLookup(
Checkpoint160[] storageself,
uint96 key,
uint256 low,
uint256 high
) privateviewreturns (uint256) {
while (low < high) {
uint256 mid = Math.average(low, high);
if (_unsafeAccess(self, mid)._key > key) {
high = mid;
} else {
low = mid +1;
}
}
return high;
}
/**
* @dev Return the index of the first (oldest) checkpoint with key is greater or equal than the search key, or
* `high` if there is none. `low` and `high` define a section where to do the search, with inclusive `low` and
* exclusive `high`.
*
* WARNING: `high` should not be greater than the array's length.
*/function_lowerBinaryLookup(
Checkpoint160[] storageself,
uint96 key,
uint256 low,
uint256 high
) privateviewreturns (uint256) {
while (low < high) {
uint256 mid = Math.average(low, high);
if (_unsafeAccess(self, mid)._key < key) {
low = mid +1;
} else {
high = mid;
}
}
return high;
}
/**
* @dev Access an element of the array without performing bounds check. The position is assumed to be within bounds.
*/function_unsafeAccess(
Checkpoint160[] storageself,
uint256 pos
) privatepurereturns (Checkpoint160 storage result) {
assembly {
mstore(0, self.slot)
result.slot:=add(keccak256(0, 0x20), pos)
}
}
}
Contract Source Code
File 4 of 63: Context.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)pragmasolidity ^0.8.20;/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/abstractcontractContext{
function_msgSender() internalviewvirtualreturns (address) {
returnmsg.sender;
}
function_msgData() internalviewvirtualreturns (bytescalldata) {
returnmsg.data;
}
function_contextSuffixLength() internalviewvirtualreturns (uint256) {
return0;
}
}
Contract Source Code
File 5 of 63: ContextUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)pragmasolidity ^0.8.20;import {Initializable} from"../proxy/utils/Initializable.sol";
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/abstractcontractContextUpgradeableisInitializable{
function__Context_init() internalonlyInitializing{
}
function__Context_init_unchained() internalonlyInitializing{
}
function_msgSender() internalviewvirtualreturns (address) {
returnmsg.sender;
}
function_msgData() internalviewvirtualreturns (bytescalldata) {
returnmsg.data;
}
function_contextSuffixLength() internalviewvirtualreturns (uint256) {
return0;
}
}
Contract Source Code
File 6 of 63: DevRewardDistributor.sol
// SPDX-License-Identifier: Apache-2.0pragmasolidity >=0.8.15;import"./FluenceToken.sol";
import"./Executor.sol";
import"@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
import"@openzeppelin/contracts/utils/cryptography/MerkleProof.sol";
import"@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
/**
* @title DevRewardDistributor
* @notice Contract for managing developers reward
*/contractDevRewardDistributor{
usingSafeERC20forIERC20;
structLockedBalance {
uint256 amount;
uint256 unlockTime;
}
/**
* @notice Reward token
*
*/
FluenceToken publicimmutable token;
/**
* @notice DAO timelock contract address
*
*/
Executor publicimmutable executor;
/**
* @notice Canceler address (e.g. FluenceMultisig)
*
*/addresspublicimmutable canceler;
/**
* @notice Claiming end time
*
*/uint256publicimmutable claimingEndTime;
/**
* @notice Time when this contract was deployed
*
*/uint256publicimmutable deployTime;
/**
* @notice Merkle root from rewards tree
*
*/bytes32publicimmutable merkleRoot;
/**
* @notice Period for dividing the reward
*
*/uint256publicimmutable halvePeriod;
/**
* @notice Returns the vesting contract decimals
*
*/uint8publicimmutable decimals;
/**
* @notice Initial user's reward
*
*/uint256publicimmutable initialReward;
uint256publicimmutable lockupPeriod;
uint256publicimmutable maxClaimedSupply;
uint256public claimedSupply;
uint256private _totalSupply;
/**
* @notice Bitmap with claimed users ids
*
*/mapping(uint256=>uint256) private claimedBitMap;
mapping(address=> LockedBalance) public lockedBalances;
/**
* @notice Emitted when user claims reward
* @param userId - reward user id
* @param account - reward account
* @param amount - reward amount
* @param leaf - leaf with user's info in reward tree
*
*/eventClaimed(uint256indexed userId, address account, uint256 amount, bytes32 leaf);
/**
* @notice Emitted when claiming period is ended and tokens transfer to the executor
* @param amount - remainder balance
*
*/eventTransferUnclaimed(uint256 amount);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/eventTransfer(addressindexedfrom, addressindexed to, uint256 value);
/**
* @param _token - reward token
* @param _executor - DAO timelock contract
* @param _merkleRoot - merkle root from rewards tree
* @param _halvePeriod - period for dividing the reward
* @param _initialReward - initial user reward
* @param _claimingPeriod - claiming period
* @param _canceler - can cancel distribution, and withdraw to _executor.
*
*/constructor(
FluenceToken _token,
Executor _executor,
bytes32 _merkleRoot,
uint256 _halvePeriod,
uint256 _lockupPeriod,
uint256 _initialReward,
uint256 _claimingPeriod,
address _canceler,
uint256 _maxClaimedSupply
) {
token = _token;
executor = _executor;
canceler = _canceler;
merkleRoot = _merkleRoot;
halvePeriod = _halvePeriod;
lockupPeriod = _lockupPeriod;
initialReward = _initialReward;
deployTime =block.timestamp;
claimingEndTime =block.timestamp+ _claimingPeriod;
maxClaimedSupply = _maxClaimedSupply;
decimals = _token.decimals();
}
modifierwhenClaimingIs(bool isActive) {
require(isClaimingActive() == isActive, "Claiming status is not as expected");
_;
}
functionname() externalviewreturns (stringmemory) {
return"Fluence Drop";
}
functionsymbol() externalviewreturns (stringmemory) {
return"FLT-DROP";
}
functiontotalSupply() externalviewreturns (uint256) {
return _totalSupply;
}
functionbalanceOf(address account) externalviewreturns (uint256) {
return lockedBalances[account].amount;
}
functiontransfer(address to, uint256 value) externalreturns (bool) {
require(value >0, "Value is 0");
require(lockedBalances[msg.sender].amount == value, "Invalid amount");
require(block.timestamp> lockedBalances[msg.sender].unlockTime, "Tokens are locked");
lockedBalances[msg.sender].amount =0;
_totalSupply -= value;
IERC20(token).safeTransfer(msg.sender, value);
emit Transfer(msg.sender, address(0x00), value);
returntrue;
}
/**
* @notice Claim reward token
* @param userId - user id in merkle tree
* @param merkleProof - merkle proof for leaf
* @param temporaryAddress - temporary Ethereum address that's used only for signing
* @param signature - signature of temporary Ethereum address
*
*/functionclaimTokens(uint32 userId,
bytes32[] calldata merkleProof,
address temporaryAddress,
bytescalldata signature
) externalwhenClaimingIs(true) {
require(!isClaimed(userId), "Tokens already claimed");
require(lockedBalances[msg.sender].unlockTime ==0, "Tokens are already locked");
uint256 amount = currentReward();
uint256 claimedSupply_ = claimedSupply;
require(claimedSupply_ + amount <= maxClaimedSupply, "Total claimed exceeded max limit");
bytes32 leaf =keccak256(abi.encodePacked(userId, temporaryAddress));
require(MerkleProof.verify(merkleProof, merkleRoot, leaf), "Valid proof required");
bytes32 msgHash =keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n20", msg.sender));
address signer = ECDSA.recover(msgHash, signature);
require(signer == temporaryAddress, "Invalid signature");
_setClaimed(userId);
lockedBalances[msg.sender] = LockedBalance({amount: amount, unlockTime: block.timestamp+ lockupPeriod});
_totalSupply += amount;
claimedSupply = claimedSupply_ + amount;
emit Transfer(address(0x00), msg.sender, amount);
emit Claimed(userId, msg.sender, amount, leaf);
}
/**
* @notice used to move any remaining tokens out of the contract to Executor (DAO) in emergency situation.
*
*/functionwithdraw() external{
require(msg.sender== canceler, "Caller is not a canceler");
IERC20 rewardToken = IERC20(token); //gas savinguint256 remainingBalance = rewardToken.balanceOf(address(this));
rewardToken.safeTransfer(address(executor), remainingBalance);
emit TransferUnclaimed(remainingBalance);
}
/**
* @notice checks claimed bitMap for userId
* @dev fork from uniswap merkle distributor, unmodified
* @return - boolean
*
*/functionisClaimed(uint256 index) publicviewreturns (bool) {
uint256 claimedWordIndex = index /256;
uint256 claimedBitIndex = index %256;
uint256 claimedWord = claimedBitMap[claimedWordIndex];
uint256 mask = (1<< claimedBitIndex);
return claimedWord & mask == mask;
}
/**
* @notice Checking if claiming is active
* @return - boolean
*
*/functionisClaimingActive() publicviewreturns (bool) {
returnblock.timestamp< claimingEndTime;
}
/**
* @notice Get current user's reward
* @return - boolean
*
*/functioncurrentReward() publicviewreturns (uint256) {
if (!isClaimingActive()) {
return0;
}
uint256 halveTimes = (block.timestamp- deployTime) / halvePeriod;
uint256 denominator =2** halveTimes;
return initialReward / denominator;
}
/**
* @notice Sets a given user by index to claimed
* @dev taken from uniswap merkle distributor, unmodified
*
*/function_setClaimed(uint256 index) private{
uint256 claimedWordIndex = index /256;
uint256 claimedBitIndex = index %256;
claimedBitMap[claimedWordIndex] = claimedBitMap[claimedWordIndex] | (1<< claimedBitIndex);
}
}
Contract Source Code
File 7 of 63: DoubleEndedQueue.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/structs/DoubleEndedQueue.sol)pragmasolidity ^0.8.20;/**
* @dev A sequence of items with the ability to efficiently push and pop items (i.e. insert and remove) on both ends of
* the sequence (called front and back). Among other access patterns, it can be used to implement efficient LIFO and
* FIFO queues. Storage use is optimized, and all operations are O(1) constant time. This includes {clear}, given that
* the existing queue contents are left in storage.
*
* The struct is called `Bytes32Deque`. Other types can be cast to and from `bytes32`. This data structure can only be
* used in storage, and not in memory.
* ```solidity
* DoubleEndedQueue.Bytes32Deque queue;
* ```
*/libraryDoubleEndedQueue{
/**
* @dev An operation (e.g. {front}) couldn't be completed due to the queue being empty.
*/errorQueueEmpty();
/**
* @dev A push operation couldn't be completed due to the queue being full.
*/errorQueueFull();
/**
* @dev An operation (e.g. {at}) couldn't be completed due to an index being out of bounds.
*/errorQueueOutOfBounds();
/**
* @dev Indices are 128 bits so begin and end are packed in a single storage slot for efficient access.
*
* Struct members have an underscore prefix indicating that they are "private" and should not be read or written to
* directly. Use the functions provided below instead. Modifying the struct manually may violate assumptions and
* lead to unexpected behavior.
*
* The first item is at data[begin] and the last item is at data[end - 1]. This range can wrap around.
*/structBytes32Deque {
uint128 _begin;
uint128 _end;
mapping(uint128 index =>bytes32) _data;
}
/**
* @dev Inserts an item at the end of the queue.
*
* Reverts with {QueueFull} if the queue is full.
*/functionpushBack(Bytes32Deque storage deque, bytes32 value) internal{
unchecked {
uint128 backIndex = deque._end;
if (backIndex +1== deque._begin) revert QueueFull();
deque._data[backIndex] = value;
deque._end = backIndex +1;
}
}
/**
* @dev Removes the item at the end of the queue and returns it.
*
* Reverts with {QueueEmpty} if the queue is empty.
*/functionpopBack(Bytes32Deque storage deque) internalreturns (bytes32 value) {
unchecked {
uint128 backIndex = deque._end;
if (backIndex == deque._begin) revert QueueEmpty();
--backIndex;
value = deque._data[backIndex];
delete deque._data[backIndex];
deque._end = backIndex;
}
}
/**
* @dev Inserts an item at the beginning of the queue.
*
* Reverts with {QueueFull} if the queue is full.
*/functionpushFront(Bytes32Deque storage deque, bytes32 value) internal{
unchecked {
uint128 frontIndex = deque._begin -1;
if (frontIndex == deque._end) revert QueueFull();
deque._data[frontIndex] = value;
deque._begin = frontIndex;
}
}
/**
* @dev Removes the item at the beginning of the queue and returns it.
*
* Reverts with `QueueEmpty` if the queue is empty.
*/functionpopFront(Bytes32Deque storage deque) internalreturns (bytes32 value) {
unchecked {
uint128 frontIndex = deque._begin;
if (frontIndex == deque._end) revert QueueEmpty();
value = deque._data[frontIndex];
delete deque._data[frontIndex];
deque._begin = frontIndex +1;
}
}
/**
* @dev Returns the item at the beginning of the queue.
*
* Reverts with `QueueEmpty` if the queue is empty.
*/functionfront(Bytes32Deque storage deque) internalviewreturns (bytes32 value) {
if (empty(deque)) revert QueueEmpty();
return deque._data[deque._begin];
}
/**
* @dev Returns the item at the end of the queue.
*
* Reverts with `QueueEmpty` if the queue is empty.
*/functionback(Bytes32Deque storage deque) internalviewreturns (bytes32 value) {
if (empty(deque)) revert QueueEmpty();
unchecked {
return deque._data[deque._end -1];
}
}
/**
* @dev Return the item at a position in the queue given by `index`, with the first item at 0 and last item at
* `length(deque) - 1`.
*
* Reverts with `QueueOutOfBounds` if the index is out of bounds.
*/functionat(Bytes32Deque storage deque, uint256 index) internalviewreturns (bytes32 value) {
if (index >= length(deque)) revert QueueOutOfBounds();
// By construction, length is a uint128, so the check above ensures that index can be safely downcast to uint128unchecked {
return deque._data[deque._begin +uint128(index)];
}
}
/**
* @dev Resets the queue back to being empty.
*
* NOTE: The current items are left behind in storage. This does not affect the functioning of the queue, but misses
* out on potential gas refunds.
*/functionclear(Bytes32Deque storage deque) internal{
deque._begin =0;
deque._end =0;
}
/**
* @dev Returns the number of items in the queue.
*/functionlength(Bytes32Deque storage deque) internalviewreturns (uint256) {
unchecked {
returnuint256(deque._end - deque._begin);
}
}
/**
* @dev Returns true if the queue is empty.
*/functionempty(Bytes32Deque storage deque) internalviewreturns (bool) {
return deque._end == deque._begin;
}
}
Contract Source Code
File 8 of 63: ECDSA.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/cryptography/ECDSA.sol)pragmasolidity ^0.8.20;/**
* @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
*
* These functions can be used to verify that a message was signed by the holder
* of the private keys of a given address.
*/libraryECDSA{
enumRecoverError {
NoError,
InvalidSignature,
InvalidSignatureLength,
InvalidSignatureS
}
/**
* @dev The signature derives the `address(0)`.
*/errorECDSAInvalidSignature();
/**
* @dev The signature has an invalid length.
*/errorECDSAInvalidSignatureLength(uint256 length);
/**
* @dev The signature has an S value that is in the upper half order.
*/errorECDSAInvalidSignatureS(bytes32 s);
/**
* @dev Returns the address that signed a hashed message (`hash`) with `signature` or an error. This will not
* return address(0) without also returning an error description. Errors are documented using an enum (error type)
* and a bytes32 providing additional information about the error.
*
* If no error is returned, then the address can be used for verification purposes.
*
* The `ecrecover` EVM precompile allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {MessageHashUtils-toEthSignedMessageHash} on it.
*
* Documentation for signature generation:
* - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
* - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
*/functiontryRecover(bytes32 hash, bytesmemory signature) internalpurereturns (address, RecoverError, bytes32) {
if (signature.length==65) {
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them// currently is to use assembly./// @solidity memory-safe-assemblyassembly {
r :=mload(add(signature, 0x20))
s :=mload(add(signature, 0x40))
v :=byte(0, mload(add(signature, 0x60)))
}
return tryRecover(hash, v, r, s);
} else {
return (address(0), RecoverError.InvalidSignatureLength, bytes32(signature.length));
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature`. This address can then be used for verification purposes.
*
* The `ecrecover` EVM precompile allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {MessageHashUtils-toEthSignedMessageHash} on it.
*/functionrecover(bytes32 hash, bytesmemory signature) internalpurereturns (address) {
(address recovered, RecoverError error, bytes32errorArg) = tryRecover(hash, signature);
_throwError(error, errorArg);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
*
* See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
*/functiontryRecover(bytes32 hash, bytes32 r, bytes32 vs) internalpurereturns (address, RecoverError, bytes32) {
unchecked {
bytes32 s = vs &bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
// We do not check for an overflow here since the shift operation results in 0 or 1.uint8 v =uint8((uint256(vs) >>255) +27);
return tryRecover(hash, v, r, s);
}
}
/**
* @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
*/functionrecover(bytes32 hash, bytes32 r, bytes32 vs) internalpurereturns (address) {
(address recovered, RecoverError error, bytes32errorArg) = tryRecover(hash, r, vs);
_throwError(error, errorArg);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `v`,
* `r` and `s` signature fields separately.
*/functiontryRecover(bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internalpurereturns (address, RecoverError, bytes32) {
// EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature// unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines// the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most// signatures from current libraries generate a unique signature with an s-value in the lower half order.//// If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value// with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or// vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept// these malleable signatures as well.if (uint256(s) >0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
return (address(0), RecoverError.InvalidSignatureS, s);
}
// If the signature is valid (and not malleable), return the signer addressaddress signer =ecrecover(hash, v, r, s);
if (signer ==address(0)) {
return (address(0), RecoverError.InvalidSignature, bytes32(0));
}
return (signer, RecoverError.NoError, bytes32(0));
}
/**
* @dev Overload of {ECDSA-recover} that receives the `v`,
* `r` and `s` signature fields separately.
*/functionrecover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internalpurereturns (address) {
(address recovered, RecoverError error, bytes32errorArg) = tryRecover(hash, v, r, s);
_throwError(error, errorArg);
return recovered;
}
/**
* @dev Optionally reverts with the corresponding custom error according to the `error` argument provided.
*/function_throwError(RecoverError error, bytes32 errorArg) privatepure{
if (error == RecoverError.NoError) {
return; // no error: do nothing
} elseif (error == RecoverError.InvalidSignature) {
revert ECDSAInvalidSignature();
} elseif (error == RecoverError.InvalidSignatureLength) {
revert ECDSAInvalidSignatureLength(uint256(errorArg));
} elseif (error == RecoverError.InvalidSignatureS) {
revert ECDSAInvalidSignatureS(errorArg);
}
}
}
Contract Source Code
File 9 of 63: EIP712.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/cryptography/EIP712.sol)pragmasolidity ^0.8.20;import {MessageHashUtils} from"./MessageHashUtils.sol";
import {ShortStrings, ShortString} from"../ShortStrings.sol";
import {IERC5267} from"../../interfaces/IERC5267.sol";
/**
* @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data.
*
* The encoding scheme specified in the EIP requires a domain separator and a hash of the typed structured data, whose
* encoding is very generic and therefore its implementation in Solidity is not feasible, thus this contract
* does not implement the encoding itself. Protocols need to implement the type-specific encoding they need in order to
* produce the hash of their typed data using a combination of `abi.encode` and `keccak256`.
*
* This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding
* scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA
* ({_hashTypedDataV4}).
*
* The implementation of the domain separator was designed to be as efficient as possible while still properly updating
* the chain id to protect against replay attacks on an eventual fork of the chain.
*
* NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method
* https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask].
*
* NOTE: In the upgradeable version of this contract, the cached values will correspond to the address, and the domain
* separator of the implementation contract. This will cause the {_domainSeparatorV4} function to always rebuild the
* separator from the immutable values, which is cheaper than accessing a cached version in cold storage.
*
* @custom:oz-upgrades-unsafe-allow state-variable-immutable
*/abstractcontractEIP712isIERC5267{
usingShortStringsfor*;
bytes32privateconstant TYPE_HASH =keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)");
// Cache the domain separator as an immutable value, but also store the chain id that it corresponds to, in order to// invalidate the cached domain separator if the chain id changes.bytes32privateimmutable _cachedDomainSeparator;
uint256privateimmutable _cachedChainId;
addressprivateimmutable _cachedThis;
bytes32privateimmutable _hashedName;
bytes32privateimmutable _hashedVersion;
ShortString privateimmutable _name;
ShortString privateimmutable _version;
stringprivate _nameFallback;
stringprivate _versionFallback;
/**
* @dev Initializes the domain separator and parameter caches.
*
* The meaning of `name` and `version` is specified in
* https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]:
*
* - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol.
* - `version`: the current major version of the signing domain.
*
* NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart
* contract upgrade].
*/constructor(stringmemory name, stringmemory version) {
_name = name.toShortStringWithFallback(_nameFallback);
_version = version.toShortStringWithFallback(_versionFallback);
_hashedName =keccak256(bytes(name));
_hashedVersion =keccak256(bytes(version));
_cachedChainId =block.chainid;
_cachedDomainSeparator = _buildDomainSeparator();
_cachedThis =address(this);
}
/**
* @dev Returns the domain separator for the current chain.
*/function_domainSeparatorV4() internalviewreturns (bytes32) {
if (address(this) == _cachedThis &&block.chainid== _cachedChainId) {
return _cachedDomainSeparator;
} else {
return _buildDomainSeparator();
}
}
function_buildDomainSeparator() privateviewreturns (bytes32) {
returnkeccak256(abi.encode(TYPE_HASH, _hashedName, _hashedVersion, block.chainid, address(this)));
}
/**
* @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this
* function returns the hash of the fully encoded EIP712 message for this domain.
*
* This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example:
*
* ```solidity
* bytes32 digest = _hashTypedDataV4(keccak256(abi.encode(
* keccak256("Mail(address to,string contents)"),
* mailTo,
* keccak256(bytes(mailContents))
* )));
* address signer = ECDSA.recover(digest, signature);
* ```
*/function_hashTypedDataV4(bytes32 structHash) internalviewvirtualreturns (bytes32) {
return MessageHashUtils.toTypedDataHash(_domainSeparatorV4(), structHash);
}
/**
* @dev See {IERC-5267}.
*/functioneip712Domain()
publicviewvirtualreturns (bytes1 fields,
stringmemory name,
stringmemory version,
uint256 chainId,
address verifyingContract,
bytes32 salt,
uint256[] memory extensions
)
{
return (
hex"0f", // 01111
_EIP712Name(),
_EIP712Version(),
block.chainid,
address(this),
bytes32(0),
newuint256[](0)
);
}
/**
* @dev The name parameter for the EIP712 domain.
*
* NOTE: By default this function reads _name which is an immutable value.
* It only reads from storage if necessary (in case the value is too large to fit in a ShortString).
*/// solhint-disable-next-line func-name-mixedcasefunction_EIP712Name() internalviewreturns (stringmemory) {
return _name.toStringWithFallback(_nameFallback);
}
/**
* @dev The version parameter for the EIP712 domain.
*
* NOTE: By default this function reads _version which is an immutable value.
* It only reads from storage if necessary (in case the value is too large to fit in a ShortString).
*/// solhint-disable-next-line func-name-mixedcasefunction_EIP712Version() internalviewreturns (stringmemory) {
return _version.toStringWithFallback(_versionFallback);
}
}
Contract Source Code
File 10 of 63: EIP712Upgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/cryptography/EIP712.sol)pragmasolidity ^0.8.20;import {MessageHashUtils} from"@openzeppelin/contracts/utils/cryptography/MessageHashUtils.sol";
import {IERC5267} from"@openzeppelin/contracts/interfaces/IERC5267.sol";
import {Initializable} from"../../proxy/utils/Initializable.sol";
/**
* @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data.
*
* The encoding scheme specified in the EIP requires a domain separator and a hash of the typed structured data, whose
* encoding is very generic and therefore its implementation in Solidity is not feasible, thus this contract
* does not implement the encoding itself. Protocols need to implement the type-specific encoding they need in order to
* produce the hash of their typed data using a combination of `abi.encode` and `keccak256`.
*
* This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding
* scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA
* ({_hashTypedDataV4}).
*
* The implementation of the domain separator was designed to be as efficient as possible while still properly updating
* the chain id to protect against replay attacks on an eventual fork of the chain.
*
* NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method
* https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask].
*
* NOTE: In the upgradeable version of this contract, the cached values will correspond to the address, and the domain
* separator of the implementation contract. This will cause the {_domainSeparatorV4} function to always rebuild the
* separator from the immutable values, which is cheaper than accessing a cached version in cold storage.
*/abstractcontractEIP712UpgradeableisInitializable, IERC5267{
bytes32privateconstant TYPE_HASH =keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)");
/// @custom:storage-location erc7201:openzeppelin.storage.EIP712structEIP712Storage {
/// @custom:oz-renamed-from _HASHED_NAMEbytes32 _hashedName;
/// @custom:oz-renamed-from _HASHED_VERSIONbytes32 _hashedVersion;
string _name;
string _version;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.EIP712")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant EIP712StorageLocation =0xa16a46d94261c7517cc8ff89f61c0ce93598e3c849801011dee649a6a557d100;
function_getEIP712Storage() privatepurereturns (EIP712Storage storage $) {
assembly {
$.slot:= EIP712StorageLocation
}
}
/**
* @dev Initializes the domain separator and parameter caches.
*
* The meaning of `name` and `version` is specified in
* https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]:
*
* - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol.
* - `version`: the current major version of the signing domain.
*
* NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart
* contract upgrade].
*/function__EIP712_init(stringmemory name, stringmemory version) internalonlyInitializing{
__EIP712_init_unchained(name, version);
}
function__EIP712_init_unchained(stringmemory name, stringmemory version) internalonlyInitializing{
EIP712Storage storage $ = _getEIP712Storage();
$._name = name;
$._version = version;
// Reset prior values in storage if upgrading
$._hashedName =0;
$._hashedVersion =0;
}
/**
* @dev Returns the domain separator for the current chain.
*/function_domainSeparatorV4() internalviewreturns (bytes32) {
return _buildDomainSeparator();
}
function_buildDomainSeparator() privateviewreturns (bytes32) {
returnkeccak256(abi.encode(TYPE_HASH, _EIP712NameHash(), _EIP712VersionHash(), block.chainid, address(this)));
}
/**
* @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this
* function returns the hash of the fully encoded EIP712 message for this domain.
*
* This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example:
*
* ```solidity
* bytes32 digest = _hashTypedDataV4(keccak256(abi.encode(
* keccak256("Mail(address to,string contents)"),
* mailTo,
* keccak256(bytes(mailContents))
* )));
* address signer = ECDSA.recover(digest, signature);
* ```
*/function_hashTypedDataV4(bytes32 structHash) internalviewvirtualreturns (bytes32) {
return MessageHashUtils.toTypedDataHash(_domainSeparatorV4(), structHash);
}
/**
* @dev See {IERC-5267}.
*/functioneip712Domain()
publicviewvirtualreturns (bytes1 fields,
stringmemory name,
stringmemory version,
uint256 chainId,
address verifyingContract,
bytes32 salt,
uint256[] memory extensions
)
{
EIP712Storage storage $ = _getEIP712Storage();
// If the hashed name and version in storage are non-zero, the contract hasn't been properly initialized// and the EIP712 domain is not reliable, as it will be missing name and version.require($._hashedName ==0&& $._hashedVersion ==0, "EIP712: Uninitialized");
return (
hex"0f", // 01111
_EIP712Name(),
_EIP712Version(),
block.chainid,
address(this),
bytes32(0),
newuint256[](0)
);
}
/**
* @dev The name parameter for the EIP712 domain.
*
* NOTE: This function reads from storage by default, but can be redefined to return a constant value if gas costs
* are a concern.
*/function_EIP712Name() internalviewvirtualreturns (stringmemory) {
EIP712Storage storage $ = _getEIP712Storage();
return $._name;
}
/**
* @dev The version parameter for the EIP712 domain.
*
* NOTE: This function reads from storage by default, but can be redefined to return a constant value if gas costs
* are a concern.
*/function_EIP712Version() internalviewvirtualreturns (stringmemory) {
EIP712Storage storage $ = _getEIP712Storage();
return $._version;
}
/**
* @dev The hash of the name parameter for the EIP712 domain.
*
* NOTE: In previous versions this function was virtual. In this version you should override `_EIP712Name` instead.
*/function_EIP712NameHash() internalviewreturns (bytes32) {
EIP712Storage storage $ = _getEIP712Storage();
stringmemory name = _EIP712Name();
if (bytes(name).length>0) {
returnkeccak256(bytes(name));
} else {
// If the name is empty, the contract may have been upgraded without initializing the new storage.// We return the name hash in storage if non-zero, otherwise we assume the name is empty by design.bytes32 hashedName = $._hashedName;
if (hashedName !=0) {
return hashedName;
} else {
returnkeccak256("");
}
}
}
/**
* @dev The hash of the version parameter for the EIP712 domain.
*
* NOTE: In previous versions this function was virtual. In this version you should override `_EIP712Version` instead.
*/function_EIP712VersionHash() internalviewreturns (bytes32) {
EIP712Storage storage $ = _getEIP712Storage();
stringmemory version = _EIP712Version();
if (bytes(version).length>0) {
returnkeccak256(bytes(version));
} else {
// If the version is empty, the contract may have been upgraded without initializing the new storage.// We return the version hash in storage if non-zero, otherwise we assume the version is empty by design.bytes32 hashedVersion = $._hashedVersion;
if (hashedVersion !=0) {
return hashedVersion;
} else {
returnkeccak256("");
}
}
}
}
Contract Source Code
File 11 of 63: ERC1155HolderUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC1155/utils/ERC1155Holder.sol)pragmasolidity ^0.8.20;import {IERC165} from"@openzeppelin/contracts/utils/introspection/IERC165.sol";
import {ERC165Upgradeable} from"../../../utils/introspection/ERC165Upgradeable.sol";
import {IERC1155Receiver} from"@openzeppelin/contracts/token/ERC1155/IERC1155Receiver.sol";
import {Initializable} from"../../../proxy/utils/Initializable.sol";
/**
* @dev Simple implementation of `IERC1155Receiver` that will allow a contract to hold ERC1155 tokens.
*
* IMPORTANT: When inheriting this contract, you must include a way to use the received tokens, otherwise they will be
* stuck.
*/abstractcontractERC1155HolderUpgradeableisInitializable, ERC165Upgradeable, IERC1155Receiver{
function__ERC1155Holder_init() internalonlyInitializing{
}
function__ERC1155Holder_init_unchained() internalonlyInitializing{
}
/**
* @dev See {IERC165-supportsInterface}.
*/functionsupportsInterface(bytes4 interfaceId) publicviewvirtualoverride(ERC165Upgradeable, IERC165) returns (bool) {
return interfaceId ==type(IERC1155Receiver).interfaceId||super.supportsInterface(interfaceId);
}
functiononERC1155Received(address,
address,
uint256,
uint256,
bytesmemory) publicvirtualoverridereturns (bytes4) {
returnthis.onERC1155Received.selector;
}
functiononERC1155BatchReceived(address,
address,
uint256[] memory,
uint256[] memory,
bytesmemory) publicvirtualoverridereturns (bytes4) {
returnthis.onERC1155BatchReceived.selector;
}
}
Contract Source Code
File 12 of 63: ERC165Upgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/ERC165.sol)pragmasolidity ^0.8.20;import {IERC165} from"@openzeppelin/contracts/utils/introspection/IERC165.sol";
import {Initializable} from"../../proxy/utils/Initializable.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*/abstractcontractERC165UpgradeableisInitializable, IERC165{
function__ERC165_init() internalonlyInitializing{
}
function__ERC165_init_unchained() internalonlyInitializing{
}
/**
* @dev See {IERC165-supportsInterface}.
*/functionsupportsInterface(bytes4 interfaceId) publicviewvirtualreturns (bool) {
return interfaceId ==type(IERC165).interfaceId;
}
}
Contract Source Code
File 13 of 63: ERC1967Utils.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (proxy/ERC1967/ERC1967Utils.sol)pragmasolidity ^0.8.20;import {IBeacon} from"../beacon/IBeacon.sol";
import {Address} from"../../utils/Address.sol";
import {StorageSlot} from"../../utils/StorageSlot.sol";
/**
* @dev This abstract contract provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots.
*/libraryERC1967Utils{
// We re-declare ERC-1967 events here because they can't be used directly from IERC1967.// This will be fixed in Solidity 0.8.21. At that point we should remove these events./**
* @dev Emitted when the implementation is upgraded.
*/eventUpgraded(addressindexed implementation);
/**
* @dev Emitted when the admin account has changed.
*/eventAdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Emitted when the beacon is changed.
*/eventBeaconUpgraded(addressindexed beacon);
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1.
*/// solhint-disable-next-line private-vars-leading-underscorebytes32internalconstant IMPLEMENTATION_SLOT =0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev The `implementation` of the proxy is invalid.
*/errorERC1967InvalidImplementation(address implementation);
/**
* @dev The `admin` of the proxy is invalid.
*/errorERC1967InvalidAdmin(address admin);
/**
* @dev The `beacon` of the proxy is invalid.
*/errorERC1967InvalidBeacon(address beacon);
/**
* @dev An upgrade function sees `msg.value > 0` that may be lost.
*/errorERC1967NonPayable();
/**
* @dev Returns the current implementation address.
*/functiongetImplementation() internalviewreturns (address) {
return StorageSlot.getAddressSlot(IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/function_setImplementation(address newImplementation) private{
if (newImplementation.code.length==0) {
revert ERC1967InvalidImplementation(newImplementation);
}
StorageSlot.getAddressSlot(IMPLEMENTATION_SLOT).value= newImplementation;
}
/**
* @dev Performs implementation upgrade with additional setup call if data is nonempty.
* This function is payable only if the setup call is performed, otherwise `msg.value` is rejected
* to avoid stuck value in the contract.
*
* Emits an {IERC1967-Upgraded} event.
*/functionupgradeToAndCall(address newImplementation, bytesmemory data) internal{
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
if (data.length>0) {
Address.functionDelegateCall(newImplementation, data);
} else {
_checkNonPayable();
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1.
*/// solhint-disable-next-line private-vars-leading-underscorebytes32internalconstant ADMIN_SLOT =0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Returns the current admin.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using
* the https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`
*/functiongetAdmin() internalviewreturns (address) {
return StorageSlot.getAddressSlot(ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 admin slot.
*/function_setAdmin(address newAdmin) private{
if (newAdmin ==address(0)) {
revert ERC1967InvalidAdmin(address(0));
}
StorageSlot.getAddressSlot(ADMIN_SLOT).value= newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {IERC1967-AdminChanged} event.
*/functionchangeAdmin(address newAdmin) internal{
emit AdminChanged(getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is the keccak-256 hash of "eip1967.proxy.beacon" subtracted by 1.
*/// solhint-disable-next-line private-vars-leading-underscorebytes32internalconstant BEACON_SLOT =0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Returns the current beacon.
*/functiongetBeacon() internalviewreturns (address) {
return StorageSlot.getAddressSlot(BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the EIP1967 beacon slot.
*/function_setBeacon(address newBeacon) private{
if (newBeacon.code.length==0) {
revert ERC1967InvalidBeacon(newBeacon);
}
StorageSlot.getAddressSlot(BEACON_SLOT).value= newBeacon;
address beaconImplementation = IBeacon(newBeacon).implementation();
if (beaconImplementation.code.length==0) {
revert ERC1967InvalidImplementation(beaconImplementation);
}
}
/**
* @dev Change the beacon and trigger a setup call if data is nonempty.
* This function is payable only if the setup call is performed, otherwise `msg.value` is rejected
* to avoid stuck value in the contract.
*
* Emits an {IERC1967-BeaconUpgraded} event.
*
* CAUTION: Invoking this function has no effect on an instance of {BeaconProxy} since v5, since
* it uses an immutable beacon without looking at the value of the ERC-1967 beacon slot for
* efficiency.
*/functionupgradeBeaconToAndCall(address newBeacon, bytesmemory data) internal{
_setBeacon(newBeacon);
emit BeaconUpgraded(newBeacon);
if (data.length>0) {
Address.functionDelegateCall(IBeacon(newBeacon).implementation(), data);
} else {
_checkNonPayable();
}
}
/**
* @dev Reverts if `msg.value` is not zero. It can be used to avoid `msg.value` stuck in the contract
* if an upgrade doesn't perform an initialization call.
*/function_checkNonPayable() private{
if (msg.value>0) {
revert ERC1967NonPayable();
}
}
}
Contract Source Code
File 14 of 63: ERC20PermitUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/ERC20Permit.sol)pragmasolidity ^0.8.20;import {IERC20Permit} from"@openzeppelin/contracts/token/ERC20/extensions/IERC20Permit.sol";
import {ERC20Upgradeable} from"../ERC20Upgradeable.sol";
import {ECDSA} from"@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
import {EIP712Upgradeable} from"../../../utils/cryptography/EIP712Upgradeable.sol";
import {NoncesUpgradeable} from"../../../utils/NoncesUpgradeable.sol";
import {Initializable} from"../../../proxy/utils/Initializable.sol";
/**
* @dev Implementation of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on `{IERC20-approve}`, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/abstractcontractERC20PermitUpgradeableisInitializable, ERC20Upgradeable, IERC20Permit, EIP712Upgradeable, NoncesUpgradeable{
bytes32privateconstant PERMIT_TYPEHASH =keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");
/**
* @dev Permit deadline has expired.
*/errorERC2612ExpiredSignature(uint256 deadline);
/**
* @dev Mismatched signature.
*/errorERC2612InvalidSigner(address signer, address owner);
/**
* @dev Initializes the {EIP712} domain separator using the `name` parameter, and setting `version` to `"1"`.
*
* It's a good idea to use the same `name` that is defined as the ERC20 token name.
*/function__ERC20Permit_init(stringmemory name) internalonlyInitializing{
__EIP712_init_unchained(name, "1");
}
function__ERC20Permit_init_unchained(stringmemory) internalonlyInitializing{}
/**
* @inheritdoc IERC20Permit
*/functionpermit(address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) publicvirtual{
if (block.timestamp> deadline) {
revert ERC2612ExpiredSignature(deadline);
}
bytes32 structHash =keccak256(abi.encode(PERMIT_TYPEHASH, owner, spender, value, _useNonce(owner), deadline));
bytes32 hash = _hashTypedDataV4(structHash);
address signer = ECDSA.recover(hash, v, r, s);
if (signer != owner) {
revert ERC2612InvalidSigner(signer, owner);
}
_approve(owner, spender, value);
}
/**
* @inheritdoc IERC20Permit
*/functionnonces(address owner) publicviewvirtualoverride(IERC20Permit, NoncesUpgradeable) returns (uint256) {
returnsuper.nonces(owner);
}
/**
* @inheritdoc IERC20Permit
*/// solhint-disable-next-line func-name-mixedcasefunctionDOMAIN_SEPARATOR() externalviewvirtualreturns (bytes32) {
return _domainSeparatorV4();
}
}
Contract Source Code
File 15 of 63: ERC20Upgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/ERC20.sol)pragmasolidity ^0.8.20;import {IERC20} from"@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {IERC20Metadata} from"@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import {ContextUpgradeable} from"../../utils/ContextUpgradeable.sol";
import {IERC20Errors} from"@openzeppelin/contracts/interfaces/draft-IERC6093.sol";
import {Initializable} from"../../proxy/utils/Initializable.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* The default value of {decimals} is 18. To change this, you should override
* this function so it returns a different value.
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*/abstractcontractERC20UpgradeableisInitializable, ContextUpgradeable, IERC20, IERC20Metadata, IERC20Errors{
/// @custom:storage-location erc7201:openzeppelin.storage.ERC20structERC20Storage {
mapping(address account =>uint256) _balances;
mapping(address account =>mapping(address spender =>uint256)) _allowances;
uint256 _totalSupply;
string _name;
string _symbol;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.ERC20")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant ERC20StorageLocation =0x52c63247e1f47db19d5ce0460030c497f067ca4cebf71ba98eeadabe20bace00;
function_getERC20Storage() privatepurereturns (ERC20Storage storage $) {
assembly {
$.slot:= ERC20StorageLocation
}
}
/**
* @dev Sets the values for {name} and {symbol}.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/function__ERC20_init(stringmemory name_, stringmemory symbol_) internalonlyInitializing{
__ERC20_init_unchained(name_, symbol_);
}
function__ERC20_init_unchained(stringmemory name_, stringmemory symbol_) internalonlyInitializing{
ERC20Storage storage $ = _getERC20Storage();
$._name = name_;
$._symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/functionname() publicviewvirtualreturns (stringmemory) {
ERC20Storage storage $ = _getERC20Storage();
return $._name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/functionsymbol() publicviewvirtualreturns (stringmemory) {
ERC20Storage storage $ = _getERC20Storage();
return $._symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the default value returned by this function, unless
* it's overridden.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/functiondecimals() publicviewvirtualreturns (uint8) {
return18;
}
/**
* @dev See {IERC20-totalSupply}.
*/functiontotalSupply() publicviewvirtualreturns (uint256) {
ERC20Storage storage $ = _getERC20Storage();
return $._totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/functionbalanceOf(address account) publicviewvirtualreturns (uint256) {
ERC20Storage storage $ = _getERC20Storage();
return $._balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `value`.
*/functiontransfer(address to, uint256 value) publicvirtualreturns (bool) {
address owner = _msgSender();
_transfer(owner, to, value);
returntrue;
}
/**
* @dev See {IERC20-allowance}.
*/functionallowance(address owner, address spender) publicviewvirtualreturns (uint256) {
ERC20Storage storage $ = _getERC20Storage();
return $._allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `value` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionapprove(address spender, uint256 value) publicvirtualreturns (bool) {
address owner = _msgSender();
_approve(owner, spender, value);
returntrue;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `value`.
* - the caller must have allowance for ``from``'s tokens of at least
* `value`.
*/functiontransferFrom(addressfrom, address to, uint256 value) publicvirtualreturns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, value);
_transfer(from, to, value);
returntrue;
}
/**
* @dev Moves a `value` amount of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/function_transfer(addressfrom, address to, uint256 value) internal{
if (from==address(0)) {
revert ERC20InvalidSender(address(0));
}
if (to ==address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(from, to, value);
}
/**
* @dev Transfers a `value` amount of tokens from `from` to `to`, or alternatively mints (or burns) if `from`
* (or `to`) is the zero address. All customizations to transfers, mints, and burns should be done by overriding
* this function.
*
* Emits a {Transfer} event.
*/function_update(addressfrom, address to, uint256 value) internalvirtual{
ERC20Storage storage $ = _getERC20Storage();
if (from==address(0)) {
// Overflow check required: The rest of the code assumes that totalSupply never overflows
$._totalSupply += value;
} else {
uint256 fromBalance = $._balances[from];
if (fromBalance < value) {
revert ERC20InsufficientBalance(from, fromBalance, value);
}
unchecked {
// Overflow not possible: value <= fromBalance <= totalSupply.
$._balances[from] = fromBalance - value;
}
}
if (to ==address(0)) {
unchecked {
// Overflow not possible: value <= totalSupply or value <= fromBalance <= totalSupply.
$._totalSupply -= value;
}
} else {
unchecked {
// Overflow not possible: balance + value is at most totalSupply, which we know fits into a uint256.
$._balances[to] += value;
}
}
emit Transfer(from, to, value);
}
/**
* @dev Creates a `value` amount of tokens and assigns them to `account`, by transferring it from address(0).
* Relies on the `_update` mechanism
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/function_mint(address account, uint256 value) internal{
if (account ==address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(address(0), account, value);
}
/**
* @dev Destroys a `value` amount of tokens from `account`, lowering the total supply.
* Relies on the `_update` mechanism.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead
*/function_burn(address account, uint256 value) internal{
if (account ==address(0)) {
revert ERC20InvalidSender(address(0));
}
_update(account, address(0), value);
}
/**
* @dev Sets `value` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*
* Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
*/function_approve(address owner, address spender, uint256 value) internal{
_approve(owner, spender, value, true);
}
/**
* @dev Variant of {_approve} with an optional flag to enable or disable the {Approval} event.
*
* By default (when calling {_approve}) the flag is set to true. On the other hand, approval changes made by
* `_spendAllowance` during the `transferFrom` operation set the flag to false. This saves gas by not emitting any
* `Approval` event during `transferFrom` operations.
*
* Anyone who wishes to continue emitting `Approval` events on the`transferFrom` operation can force the flag to
* true using the following override:
* ```
* function _approve(address owner, address spender, uint256 value, bool) internal virtual override {
* super._approve(owner, spender, value, true);
* }
* ```
*
* Requirements are the same as {_approve}.
*/function_approve(address owner, address spender, uint256 value, bool emitEvent) internalvirtual{
ERC20Storage storage $ = _getERC20Storage();
if (owner ==address(0)) {
revert ERC20InvalidApprover(address(0));
}
if (spender ==address(0)) {
revert ERC20InvalidSpender(address(0));
}
$._allowances[owner][spender] = value;
if (emitEvent) {
emit Approval(owner, spender, value);
}
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `value`.
*
* Does not update the allowance value in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Does not emit an {Approval} event.
*/function_spendAllowance(address owner, address spender, uint256 value) internalvirtual{
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance !=type(uint256).max) {
if (currentAllowance < value) {
revert ERC20InsufficientAllowance(spender, currentAllowance, value);
}
unchecked {
_approve(owner, spender, currentAllowance - value, false);
}
}
}
}
Contract Source Code
File 16 of 63: ERC20VotesUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/ERC20Votes.sol)pragmasolidity ^0.8.20;import {ERC20Upgradeable} from"../ERC20Upgradeable.sol";
import {VotesUpgradeable} from"../../../governance/utils/VotesUpgradeable.sol";
import {Checkpoints} from"@openzeppelin/contracts/utils/structs/Checkpoints.sol";
import {Initializable} from"../../../proxy/utils/Initializable.sol";
/**
* @dev Extension of ERC20 to support Compound-like voting and delegation. This version is more generic than Compound's,
* and supports token supply up to 2^208^ - 1, while COMP is limited to 2^96^ - 1.
*
* NOTE: This contract does not provide interface compatibility with Compound's COMP token.
*
* This extension keeps a history (checkpoints) of each account's vote power. Vote power can be delegated either
* by calling the {delegate} function directly, or by providing a signature to be used with {delegateBySig}. Voting
* power can be queried through the public accessors {getVotes} and {getPastVotes}.
*
* By default, token balance does not account for voting power. This makes transfers cheaper. The downside is that it
* requires users to delegate to themselves in order to activate checkpoints and have their voting power tracked.
*/abstractcontractERC20VotesUpgradeableisInitializable, ERC20Upgradeable, VotesUpgradeable{
/**
* @dev Total supply cap has been exceeded, introducing a risk of votes overflowing.
*/errorERC20ExceededSafeSupply(uint256 increasedSupply, uint256 cap);
function__ERC20Votes_init() internalonlyInitializing{
}
function__ERC20Votes_init_unchained() internalonlyInitializing{
}
/**
* @dev Maximum token supply. Defaults to `type(uint208).max` (2^208^ - 1).
*
* This maximum is enforced in {_update}. It limits the total supply of the token, which is otherwise a uint256,
* so that checkpoints can be stored in the Trace208 structure used by {{Votes}}. Increasing this value will not
* remove the underlying limitation, and will cause {_update} to fail because of a math overflow in
* {_transferVotingUnits}. An override could be used to further restrict the total supply (to a lower value) if
* additional logic requires it. When resolving override conflicts on this function, the minimum should be
* returned.
*/function_maxSupply() internalviewvirtualreturns (uint256) {
returntype(uint208).max;
}
/**
* @dev Move voting power when tokens are transferred.
*
* Emits a {IVotes-DelegateVotesChanged} event.
*/function_update(addressfrom, address to, uint256 value) internalvirtualoverride{
super._update(from, to, value);
if (from==address(0)) {
uint256 supply = totalSupply();
uint256 cap = _maxSupply();
if (supply > cap) {
revert ERC20ExceededSafeSupply(supply, cap);
}
}
_transferVotingUnits(from, to, value);
}
/**
* @dev Returns the voting units of an `account`.
*
* WARNING: Overriding this function may compromise the internal vote accounting.
* `ERC20Votes` assumes tokens map to voting units 1:1 and this is not easy to change.
*/function_getVotingUnits(address account) internalviewvirtualoverridereturns (uint256) {
return balanceOf(account);
}
/**
* @dev Get number of checkpoints for `account`.
*/functionnumCheckpoints(address account) publicviewvirtualreturns (uint32) {
return _numCheckpoints(account);
}
/**
* @dev Get the `pos`-th checkpoint for `account`.
*/functioncheckpoints(address account, uint32 pos) publicviewvirtualreturns (Checkpoints.Checkpoint208 memory) {
return _checkpoints(account, pos);
}
}
Contract Source Code
File 17 of 63: ERC721HolderUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC721/utils/ERC721Holder.sol)pragmasolidity ^0.8.20;import {IERC721Receiver} from"@openzeppelin/contracts/token/ERC721/IERC721Receiver.sol";
import {Initializable} from"../../../proxy/utils/Initializable.sol";
/**
* @dev Implementation of the {IERC721Receiver} interface.
*
* Accepts all token transfers.
* Make sure the contract is able to use its token with {IERC721-safeTransferFrom}, {IERC721-approve} or
* {IERC721-setApprovalForAll}.
*/abstractcontractERC721HolderUpgradeableisInitializable, IERC721Receiver{
function__ERC721Holder_init() internalonlyInitializing{
}
function__ERC721Holder_init_unchained() internalonlyInitializing{
}
/**
* @dev See {IERC721Receiver-onERC721Received}.
*
* Always returns `IERC721Receiver.onERC721Received.selector`.
*/functiononERC721Received(address, address, uint256, bytesmemory) publicvirtualreturns (bytes4) {
returnthis.onERC721Received.selector;
}
}
Contract Source Code
File 18 of 63: Executor.sol
// SPDX-License-Identifier: Apache-2.0pragmasolidity >=0.8.15;import"@openzeppelin/contracts-upgradeable/governance/TimelockControllerUpgradeable.sol";
import"@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol";
import"./Governor.sol";
/**
* @title Executor
* @notice DAO timelock contract. This contract is called Executor because all successful DAO proposals results flow through it.
*/contractExecutorisTimelockControllerUpgradeable, UUPSUpgradeable{
/// @custom:oz-upgrades-unsafe-allow constructorconstructor() {
_disableInitializers();
}
/**
* @notice Constructor for this updatable contract
* @param minDelay - minimal delay time for timelock
**/functioninitialize(uint256 minDelay) publicinitializer{
__UUPSUpgradeable_init();
__TimelockController_init(
minDelay,
newaddress[](0),
newaddress[](1),
msg.sender
);
}
function_authorizeUpgrade(address/*newImplementation*/) internalviewoverride{
require(
msg.sender==address(this),
"Only this contract can authorize an upgrade"
);
}
}
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (governance/extensions/GovernorSettings.sol)pragmasolidity ^0.8.20;import {GovernorUpgradeable} from"../GovernorUpgradeable.sol";
import {Initializable} from"../../proxy/utils/Initializable.sol";
/**
* @dev Extension of {Governor} for settings updatable through governance.
*/abstractcontractGovernorSettingsUpgradeableisInitializable, GovernorUpgradeable{
/// @custom:storage-location erc7201:openzeppelin.storage.GovernorSettingsstructGovernorSettingsStorage {
// amount of tokenuint256 _proposalThreshold;
// timepoint: limited to uint48 in core (same as clock() type)uint48 _votingDelay;
// duration: limited to uint32 in coreuint32 _votingPeriod;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.GovernorSettings")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant GovernorSettingsStorageLocation =0x00d7616c8fe29c6c2fbe1d0c5bc8f2faa4c35b43746e70b24b4d532752affd00;
function_getGovernorSettingsStorage() privatepurereturns (GovernorSettingsStorage storage $) {
assembly {
$.slot:= GovernorSettingsStorageLocation
}
}
eventVotingDelaySet(uint256 oldVotingDelay, uint256 newVotingDelay);
eventVotingPeriodSet(uint256 oldVotingPeriod, uint256 newVotingPeriod);
eventProposalThresholdSet(uint256 oldProposalThreshold, uint256 newProposalThreshold);
/**
* @dev Initialize the governance parameters.
*/function__GovernorSettings_init(uint48 initialVotingDelay, uint32 initialVotingPeriod, uint256 initialProposalThreshold) internalonlyInitializing{
__GovernorSettings_init_unchained(initialVotingDelay, initialVotingPeriod, initialProposalThreshold);
}
function__GovernorSettings_init_unchained(uint48 initialVotingDelay, uint32 initialVotingPeriod, uint256 initialProposalThreshold) internalonlyInitializing{
_setVotingDelay(initialVotingDelay);
_setVotingPeriod(initialVotingPeriod);
_setProposalThreshold(initialProposalThreshold);
}
/**
* @dev See {IGovernor-votingDelay}.
*/functionvotingDelay() publicviewvirtualoverridereturns (uint256) {
GovernorSettingsStorage storage $ = _getGovernorSettingsStorage();
return $._votingDelay;
}
/**
* @dev See {IGovernor-votingPeriod}.
*/functionvotingPeriod() publicviewvirtualoverridereturns (uint256) {
GovernorSettingsStorage storage $ = _getGovernorSettingsStorage();
return $._votingPeriod;
}
/**
* @dev See {Governor-proposalThreshold}.
*/functionproposalThreshold() publicviewvirtualoverridereturns (uint256) {
GovernorSettingsStorage storage $ = _getGovernorSettingsStorage();
return $._proposalThreshold;
}
/**
* @dev Update the voting delay. This operation can only be performed through a governance proposal.
*
* Emits a {VotingDelaySet} event.
*/functionsetVotingDelay(uint48 newVotingDelay) publicvirtualonlyGovernance{
_setVotingDelay(newVotingDelay);
}
/**
* @dev Update the voting period. This operation can only be performed through a governance proposal.
*
* Emits a {VotingPeriodSet} event.
*/functionsetVotingPeriod(uint32 newVotingPeriod) publicvirtualonlyGovernance{
_setVotingPeriod(newVotingPeriod);
}
/**
* @dev Update the proposal threshold. This operation can only be performed through a governance proposal.
*
* Emits a {ProposalThresholdSet} event.
*/functionsetProposalThreshold(uint256 newProposalThreshold) publicvirtualonlyGovernance{
_setProposalThreshold(newProposalThreshold);
}
/**
* @dev Internal setter for the voting delay.
*
* Emits a {VotingDelaySet} event.
*/function_setVotingDelay(uint48 newVotingDelay) internalvirtual{
GovernorSettingsStorage storage $ = _getGovernorSettingsStorage();
emit VotingDelaySet($._votingDelay, newVotingDelay);
$._votingDelay = newVotingDelay;
}
/**
* @dev Internal setter for the voting period.
*
* Emits a {VotingPeriodSet} event.
*/function_setVotingPeriod(uint32 newVotingPeriod) internalvirtual{
GovernorSettingsStorage storage $ = _getGovernorSettingsStorage();
if (newVotingPeriod ==0) {
revert GovernorInvalidVotingPeriod(0);
}
emit VotingPeriodSet($._votingPeriod, newVotingPeriod);
$._votingPeriod = newVotingPeriod;
}
/**
* @dev Internal setter for the proposal threshold.
*
* Emits a {ProposalThresholdSet} event.
*/function_setProposalThreshold(uint256 newProposalThreshold) internalvirtual{
GovernorSettingsStorage storage $ = _getGovernorSettingsStorage();
emit ProposalThresholdSet($._proposalThreshold, newProposalThreshold);
$._proposalThreshold = newProposalThreshold;
}
}
Contract Source Code
File 23 of 63: GovernorTimelockControlUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (governance/extensions/GovernorTimelockControl.sol)pragmasolidity ^0.8.20;import {IGovernor} from"@openzeppelin/contracts/governance/IGovernor.sol";
import {GovernorUpgradeable} from"../GovernorUpgradeable.sol";
import {TimelockControllerUpgradeable} from"../TimelockControllerUpgradeable.sol";
import {IERC165} from"@openzeppelin/contracts/utils/introspection/IERC165.sol";
import {SafeCast} from"@openzeppelin/contracts/utils/math/SafeCast.sol";
import {Initializable} from"../../proxy/utils/Initializable.sol";
/**
* @dev Extension of {Governor} that binds the execution process to an instance of {TimelockController}. This adds a
* delay, enforced by the {TimelockController} to all successful proposal (in addition to the voting duration). The
* {Governor} needs the proposer (and ideally the executor) roles for the {Governor} to work properly.
*
* Using this model means the proposal will be operated by the {TimelockController} and not by the {Governor}. Thus,
* the assets and permissions must be attached to the {TimelockController}. Any asset sent to the {Governor} will be
* inaccessible from a proposal, unless executed via {Governor-relay}.
*
* WARNING: Setting up the TimelockController to have additional proposers or cancellers besides the governor is very
* risky, as it grants them the ability to: 1) execute operations as the timelock, and thus possibly performing
* operations or accessing funds that are expected to only be accessible through a vote, and 2) block governance
* proposals that have been approved by the voters, effectively executing a Denial of Service attack.
*
* NOTE: `AccessManager` does not support scheduling more than one operation with the same target and calldata at
* the same time. See {AccessManager-schedule} for a workaround.
*/abstractcontractGovernorTimelockControlUpgradeableisInitializable, GovernorUpgradeable{
/// @custom:storage-location erc7201:openzeppelin.storage.GovernorTimelockControlstructGovernorTimelockControlStorage {
TimelockControllerUpgradeable _timelock;
mapping(uint256 proposalId =>bytes32) _timelockIds;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.GovernorTimelockControl")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant GovernorTimelockControlStorageLocation =0x0d5829787b8befdbc6044ef7457d8a95c2a04bc99235349f1a212c063e59d400;
function_getGovernorTimelockControlStorage() privatepurereturns (GovernorTimelockControlStorage storage $) {
assembly {
$.slot:= GovernorTimelockControlStorageLocation
}
}
/**
* @dev Emitted when the timelock controller used for proposal execution is modified.
*/eventTimelockChange(address oldTimelock, address newTimelock);
/**
* @dev Set the timelock.
*/function__GovernorTimelockControl_init(TimelockControllerUpgradeable timelockAddress) internalonlyInitializing{
__GovernorTimelockControl_init_unchained(timelockAddress);
}
function__GovernorTimelockControl_init_unchained(TimelockControllerUpgradeable timelockAddress) internalonlyInitializing{
_updateTimelock(timelockAddress);
}
/**
* @dev Overridden version of the {Governor-state} function that considers the status reported by the timelock.
*/functionstate(uint256 proposalId) publicviewvirtualoverridereturns (ProposalState) {
GovernorTimelockControlStorage storage $ = _getGovernorTimelockControlStorage();
ProposalState currentState =super.state(proposalId);
if (currentState != ProposalState.Queued) {
return currentState;
}
bytes32 queueid = $._timelockIds[proposalId];
if ($._timelock.isOperationPending(queueid)) {
return ProposalState.Queued;
} elseif ($._timelock.isOperationDone(queueid)) {
// This can happen if the proposal is executed directly on the timelock.return ProposalState.Executed;
} else {
// This can happen if the proposal is canceled directly on the timelock.return ProposalState.Canceled;
}
}
/**
* @dev Public accessor to check the address of the timelock
*/functiontimelock() publicviewvirtualreturns (address) {
GovernorTimelockControlStorage storage $ = _getGovernorTimelockControlStorage();
returnaddress($._timelock);
}
/**
* @dev See {IGovernor-proposalNeedsQueuing}.
*/functionproposalNeedsQueuing(uint256) publicviewvirtualoverridereturns (bool) {
returntrue;
}
/**
* @dev Function to queue a proposal to the timelock.
*/function_queueOperations(uint256 proposalId,
address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
) internalvirtualoverridereturns (uint48) {
GovernorTimelockControlStorage storage $ = _getGovernorTimelockControlStorage();
uint256 delay = $._timelock.getMinDelay();
bytes32 salt = _timelockSalt(descriptionHash);
$._timelockIds[proposalId] = $._timelock.hashOperationBatch(targets, values, calldatas, 0, salt);
$._timelock.scheduleBatch(targets, values, calldatas, 0, salt, delay);
return SafeCast.toUint48(block.timestamp+ delay);
}
/**
* @dev Overridden version of the {Governor-_executeOperations} function that runs the already queued proposal
* through the timelock.
*/function_executeOperations(uint256 proposalId,
address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
) internalvirtualoverride{
GovernorTimelockControlStorage storage $ = _getGovernorTimelockControlStorage();
// execute
$._timelock.executeBatch{value: msg.value}(targets, values, calldatas, 0, _timelockSalt(descriptionHash));
// cleanup for refunddelete $._timelockIds[proposalId];
}
/**
* @dev Overridden version of the {Governor-_cancel} function to cancel the timelocked proposal if it has already
* been queued.
*/// This function can reenter through the external call to the timelock, but we assume the timelock is trusted and// well behaved (according to TimelockController) and this will not happen.// slither-disable-next-line reentrancy-no-ethfunction_cancel(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
) internalvirtualoverridereturns (uint256) {
GovernorTimelockControlStorage storage $ = _getGovernorTimelockControlStorage();
uint256 proposalId =super._cancel(targets, values, calldatas, descriptionHash);
bytes32 timelockId = $._timelockIds[proposalId];
if (timelockId !=0) {
// cancel
$._timelock.cancel(timelockId);
// cleanupdelete $._timelockIds[proposalId];
}
return proposalId;
}
/**
* @dev Address through which the governor executes action. In this case, the timelock.
*/function_executor() internalviewvirtualoverridereturns (address) {
GovernorTimelockControlStorage storage $ = _getGovernorTimelockControlStorage();
returnaddress($._timelock);
}
/**
* @dev Public endpoint to update the underlying timelock instance. Restricted to the timelock itself, so updates
* must be proposed, scheduled, and executed through governance proposals.
*
* CAUTION: It is not recommended to change the timelock while there are other queued governance proposals.
*/functionupdateTimelock(TimelockControllerUpgradeable newTimelock) externalvirtualonlyGovernance{
_updateTimelock(newTimelock);
}
function_updateTimelock(TimelockControllerUpgradeable newTimelock) private{
GovernorTimelockControlStorage storage $ = _getGovernorTimelockControlStorage();
emit TimelockChange(address($._timelock), address(newTimelock));
$._timelock = newTimelock;
}
/**
* @dev Computes the {TimelockController} operation salt.
*
* It is computed with the governor address itself to avoid collisions across governor instances using the
* same timelock.
*/function_timelockSalt(bytes32 descriptionHash) privateviewreturns (bytes32) {
returnbytes20(address(this)) ^ descriptionHash;
}
}
Contract Source Code
File 24 of 63: GovernorUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (governance/Governor.sol)pragmasolidity ^0.8.20;import {IERC721Receiver} from"@openzeppelin/contracts/token/ERC721/IERC721Receiver.sol";
import {IERC1155Receiver} from"@openzeppelin/contracts/token/ERC1155/IERC1155Receiver.sol";
import {EIP712Upgradeable} from"../utils/cryptography/EIP712Upgradeable.sol";
import {SignatureChecker} from"@openzeppelin/contracts/utils/cryptography/SignatureChecker.sol";
import {IERC165} from"@openzeppelin/contracts/utils/introspection/IERC165.sol";
import {ERC165Upgradeable} from"../utils/introspection/ERC165Upgradeable.sol";
import {SafeCast} from"@openzeppelin/contracts/utils/math/SafeCast.sol";
import {DoubleEndedQueue} from"@openzeppelin/contracts/utils/structs/DoubleEndedQueue.sol";
import {Address} from"@openzeppelin/contracts/utils/Address.sol";
import {ContextUpgradeable} from"../utils/ContextUpgradeable.sol";
import {NoncesUpgradeable} from"../utils/NoncesUpgradeable.sol";
import {IGovernor} from"@openzeppelin/contracts/governance/IGovernor.sol";
import {IERC6372} from"@openzeppelin/contracts/interfaces/IERC6372.sol";
import {Initializable} from"../proxy/utils/Initializable.sol";
/**
* @dev Core of the governance system, designed to be extended through various modules.
*
* This contract is abstract and requires several functions to be implemented in various modules:
*
* - A counting module must implement {quorum}, {_quorumReached}, {_voteSucceeded} and {_countVote}
* - A voting module must implement {_getVotes}
* - Additionally, {votingPeriod} must also be implemented
*/abstractcontractGovernorUpgradeableisInitializable, ContextUpgradeable, ERC165Upgradeable, EIP712Upgradeable, NoncesUpgradeable, IGovernor, IERC721Receiver, IERC1155Receiver{
usingDoubleEndedQueueforDoubleEndedQueue.Bytes32Deque;
bytes32publicconstant BALLOT_TYPEHASH =keccak256("Ballot(uint256 proposalId,uint8 support,address voter,uint256 nonce)");
bytes32publicconstant EXTENDED_BALLOT_TYPEHASH =keccak256(
"ExtendedBallot(uint256 proposalId,uint8 support,address voter,uint256 nonce,string reason,bytes params)"
);
structProposalCore {
address proposer;
uint48 voteStart;
uint32 voteDuration;
bool executed;
bool canceled;
uint48 etaSeconds;
}
bytes32privateconstant ALL_PROPOSAL_STATES_BITMAP =bytes32((2** (uint8(type(ProposalState).max) +1)) -1);
/// @custom:storage-location erc7201:openzeppelin.storage.GovernorstructGovernorStorage {
string _name;
mapping(uint256 proposalId => ProposalCore) _proposals;
// This queue keeps track of the governor operating on itself. Calls to functions protected by the {onlyGovernance}// modifier needs to be whitelisted in this queue. Whitelisting is set in {execute}, consumed by the// {onlyGovernance} modifier and eventually reset after {_executeOperations} completes. This ensures that the// execution of {onlyGovernance} protected calls can only be achieved through successful proposals.
DoubleEndedQueue.Bytes32Deque _governanceCall;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Governor")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant GovernorStorageLocation =0x7c712897014dbe49c045ef1299aa2d5f9e67e48eea4403efa21f1e0f3ac0cb00;
function_getGovernorStorage() privatepurereturns (GovernorStorage storage $) {
assembly {
$.slot:= GovernorStorageLocation
}
}
/**
* @dev Restricts a function so it can only be executed through governance proposals. For example, governance
* parameter setters in {GovernorSettings} are protected using this modifier.
*
* The governance executing address may be different from the Governor's own address, for example it could be a
* timelock. This can be customized by modules by overriding {_executor}. The executor is only able to invoke these
* functions during the execution of the governor's {execute} function, and not under any other circumstances. Thus,
* for example, additional timelock proposers are not able to change governance parameters without going through the
* governance protocol (since v4.6).
*/modifieronlyGovernance() {
_checkGovernance();
_;
}
/**
* @dev Sets the value for {name} and {version}
*/function__Governor_init(stringmemory name_) internalonlyInitializing{
__EIP712_init_unchained(name_, version());
__Governor_init_unchained(name_);
}
function__Governor_init_unchained(stringmemory name_) internalonlyInitializing{
GovernorStorage storage $ = _getGovernorStorage();
$._name = name_;
}
/**
* @dev Function to receive ETH that will be handled by the governor (disabled if executor is a third party contract)
*/receive() externalpayablevirtual{
if (_executor() !=address(this)) {
revert GovernorDisabledDeposit();
}
}
/**
* @dev See {IERC165-supportsInterface}.
*/functionsupportsInterface(bytes4 interfaceId) publicviewvirtualoverride(IERC165, ERC165Upgradeable) returns (bool) {
return
interfaceId ==type(IGovernor).interfaceId||
interfaceId ==type(IERC1155Receiver).interfaceId||super.supportsInterface(interfaceId);
}
/**
* @dev See {IGovernor-name}.
*/functionname() publicviewvirtualreturns (stringmemory) {
GovernorStorage storage $ = _getGovernorStorage();
return $._name;
}
/**
* @dev See {IGovernor-version}.
*/functionversion() publicviewvirtualreturns (stringmemory) {
return"1";
}
/**
* @dev See {IGovernor-hashProposal}.
*
* The proposal id is produced by hashing the ABI encoded `targets` array, the `values` array, the `calldatas` array
* and the descriptionHash (bytes32 which itself is the keccak256 hash of the description string). This proposal id
* can be produced from the proposal data which is part of the {ProposalCreated} event. It can even be computed in
* advance, before the proposal is submitted.
*
* Note that the chainId and the governor address are not part of the proposal id computation. Consequently, the
* same proposal (with same operation and same description) will have the same id if submitted on multiple governors
* across multiple networks. This also means that in order to execute the same operation twice (on the same
* governor) the proposer will have to change the description in order to avoid proposal id conflicts.
*/functionhashProposal(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
) publicpurevirtualreturns (uint256) {
returnuint256(keccak256(abi.encode(targets, values, calldatas, descriptionHash)));
}
/**
* @dev See {IGovernor-state}.
*/functionstate(uint256 proposalId) publicviewvirtualreturns (ProposalState) {
GovernorStorage storage $ = _getGovernorStorage();
// We read the struct fields into the stack at once so Solidity emits a single SLOAD
ProposalCore storage proposal = $._proposals[proposalId];
bool proposalExecuted = proposal.executed;
bool proposalCanceled = proposal.canceled;
if (proposalExecuted) {
return ProposalState.Executed;
}
if (proposalCanceled) {
return ProposalState.Canceled;
}
uint256 snapshot = proposalSnapshot(proposalId);
if (snapshot ==0) {
revert GovernorNonexistentProposal(proposalId);
}
uint256 currentTimepoint = clock();
if (snapshot >= currentTimepoint) {
return ProposalState.Pending;
}
uint256 deadline = proposalDeadline(proposalId);
if (deadline >= currentTimepoint) {
return ProposalState.Active;
} elseif (!_quorumReached(proposalId) ||!_voteSucceeded(proposalId)) {
return ProposalState.Defeated;
} elseif (proposalEta(proposalId) ==0) {
return ProposalState.Succeeded;
} else {
return ProposalState.Queued;
}
}
/**
* @dev See {IGovernor-proposalThreshold}.
*/functionproposalThreshold() publicviewvirtualreturns (uint256) {
return0;
}
/**
* @dev See {IGovernor-proposalSnapshot}.
*/functionproposalSnapshot(uint256 proposalId) publicviewvirtualreturns (uint256) {
GovernorStorage storage $ = _getGovernorStorage();
return $._proposals[proposalId].voteStart;
}
/**
* @dev See {IGovernor-proposalDeadline}.
*/functionproposalDeadline(uint256 proposalId) publicviewvirtualreturns (uint256) {
GovernorStorage storage $ = _getGovernorStorage();
return $._proposals[proposalId].voteStart + $._proposals[proposalId].voteDuration;
}
/**
* @dev See {IGovernor-proposalProposer}.
*/functionproposalProposer(uint256 proposalId) publicviewvirtualreturns (address) {
GovernorStorage storage $ = _getGovernorStorage();
return $._proposals[proposalId].proposer;
}
/**
* @dev See {IGovernor-proposalEta}.
*/functionproposalEta(uint256 proposalId) publicviewvirtualreturns (uint256) {
GovernorStorage storage $ = _getGovernorStorage();
return $._proposals[proposalId].etaSeconds;
}
/**
* @dev See {IGovernor-proposalNeedsQueuing}.
*/functionproposalNeedsQueuing(uint256) publicviewvirtualreturns (bool) {
returnfalse;
}
/**
* @dev Reverts if the `msg.sender` is not the executor. In case the executor is not this contract
* itself, the function reverts if `msg.data` is not whitelisted as a result of an {execute}
* operation. See {onlyGovernance}.
*/function_checkGovernance() internalvirtual{
GovernorStorage storage $ = _getGovernorStorage();
if (_executor() != _msgSender()) {
revert GovernorOnlyExecutor(_msgSender());
}
if (_executor() !=address(this)) {
bytes32 msgDataHash =keccak256(_msgData());
// loop until popping the expected operation - throw if deque is empty (operation not authorized)while ($._governanceCall.popFront() != msgDataHash) {}
}
}
/**
* @dev Amount of votes already cast passes the threshold limit.
*/function_quorumReached(uint256 proposalId) internalviewvirtualreturns (bool);
/**
* @dev Is the proposal successful or not.
*/function_voteSucceeded(uint256 proposalId) internalviewvirtualreturns (bool);
/**
* @dev Get the voting weight of `account` at a specific `timepoint`, for a vote as described by `params`.
*/function_getVotes(address account, uint256 timepoint, bytesmemory params) internalviewvirtualreturns (uint256);
/**
* @dev Register a vote for `proposalId` by `account` with a given `support`, voting `weight` and voting `params`.
*
* Note: Support is generic and can represent various things depending on the voting system used.
*/function_countVote(uint256 proposalId,
address account,
uint8 support,
uint256 weight,
bytesmemory params
) internalvirtual;
/**
* @dev Default additional encoded parameters used by castVote methods that don't include them
*
* Note: Should be overridden by specific implementations to use an appropriate value, the
* meaning of the additional params, in the context of that implementation
*/function_defaultParams() internalviewvirtualreturns (bytesmemory) {
return"";
}
/**
* @dev See {IGovernor-propose}. This function has opt-in frontrunning protection, described in {_isValidDescriptionForProposer}.
*/functionpropose(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
stringmemory description
) publicvirtualreturns (uint256) {
address proposer = _msgSender();
// check description restrictionif (!_isValidDescriptionForProposer(proposer, description)) {
revert GovernorRestrictedProposer(proposer);
}
// check proposal thresholduint256 proposerVotes = getVotes(proposer, clock() -1);
uint256 votesThreshold = proposalThreshold();
if (proposerVotes < votesThreshold) {
revert GovernorInsufficientProposerVotes(proposer, proposerVotes, votesThreshold);
}
return _propose(targets, values, calldatas, description, proposer);
}
/**
* @dev Internal propose mechanism. Can be overridden to add more logic on proposal creation.
*
* Emits a {IGovernor-ProposalCreated} event.
*/function_propose(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
stringmemory description,
address proposer
) internalvirtualreturns (uint256 proposalId) {
GovernorStorage storage $ = _getGovernorStorage();
proposalId = hashProposal(targets, values, calldatas, keccak256(bytes(description)));
if (targets.length!= values.length|| targets.length!= calldatas.length|| targets.length==0) {
revert GovernorInvalidProposalLength(targets.length, calldatas.length, values.length);
}
if ($._proposals[proposalId].voteStart !=0) {
revert GovernorUnexpectedProposalState(proposalId, state(proposalId), bytes32(0));
}
uint256 snapshot = clock() + votingDelay();
uint256 duration = votingPeriod();
ProposalCore storage proposal = $._proposals[proposalId];
proposal.proposer = proposer;
proposal.voteStart = SafeCast.toUint48(snapshot);
proposal.voteDuration = SafeCast.toUint32(duration);
emit ProposalCreated(
proposalId,
proposer,
targets,
values,
newstring[](targets.length),
calldatas,
snapshot,
snapshot + duration,
description
);
// Using a named return variable to avoid stack too deep errors
}
/**
* @dev See {IGovernor-queue}.
*/functionqueue(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
) publicvirtualreturns (uint256) {
GovernorStorage storage $ = _getGovernorStorage();
uint256 proposalId = hashProposal(targets, values, calldatas, descriptionHash);
_validateStateBitmap(proposalId, _encodeStateBitmap(ProposalState.Succeeded));
uint48 etaSeconds = _queueOperations(proposalId, targets, values, calldatas, descriptionHash);
if (etaSeconds !=0) {
$._proposals[proposalId].etaSeconds = etaSeconds;
emit ProposalQueued(proposalId, etaSeconds);
} else {
revert GovernorQueueNotImplemented();
}
return proposalId;
}
/**
* @dev Internal queuing mechanism. Can be overridden (without a super call) to modify the way queuing is
* performed (for example adding a vault/timelock).
*
* This is empty by default, and must be overridden to implement queuing.
*
* This function returns a timestamp that describes the expected ETA for execution. If the returned value is 0
* (which is the default value), the core will consider queueing did not succeed, and the public {queue} function
* will revert.
*
* NOTE: Calling this function directly will NOT check the current state of the proposal, or emit the
* `ProposalQueued` event. Queuing a proposal should be done using {queue}.
*/function_queueOperations(uint256/*proposalId*/,
address[] memory/*targets*/,
uint256[] memory/*values*/,
bytes[] memory/*calldatas*/,
bytes32/*descriptionHash*/) internalvirtualreturns (uint48) {
return0;
}
/**
* @dev See {IGovernor-execute}.
*/functionexecute(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
) publicpayablevirtualreturns (uint256) {
GovernorStorage storage $ = _getGovernorStorage();
uint256 proposalId = hashProposal(targets, values, calldatas, descriptionHash);
_validateStateBitmap(
proposalId,
_encodeStateBitmap(ProposalState.Succeeded) | _encodeStateBitmap(ProposalState.Queued)
);
// mark as executed before calls to avoid reentrancy
$._proposals[proposalId].executed =true;
// before execute: register governance call in queue.if (_executor() !=address(this)) {
for (uint256 i =0; i < targets.length; ++i) {
if (targets[i] ==address(this)) {
$._governanceCall.pushBack(keccak256(calldatas[i]));
}
}
}
_executeOperations(proposalId, targets, values, calldatas, descriptionHash);
// after execute: cleanup governance call queue.if (_executor() !=address(this) &&!$._governanceCall.empty()) {
$._governanceCall.clear();
}
emit ProposalExecuted(proposalId);
return proposalId;
}
/**
* @dev Internal execution mechanism. Can be overridden (without a super call) to modify the way execution is
* performed (for example adding a vault/timelock).
*
* NOTE: Calling this function directly will NOT check the current state of the proposal, set the executed flag to
* true or emit the `ProposalExecuted` event. Executing a proposal should be done using {execute} or {_execute}.
*/function_executeOperations(uint256/* proposalId */,
address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32/*descriptionHash*/) internalvirtual{
for (uint256 i =0; i < targets.length; ++i) {
(bool success, bytesmemory returndata) = targets[i].call{value: values[i]}(calldatas[i]);
Address.verifyCallResult(success, returndata);
}
}
/**
* @dev See {IGovernor-cancel}.
*/functioncancel(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
) publicvirtualreturns (uint256) {
// The proposalId will be recomputed in the `_cancel` call further down. However we need the value before we// do the internal call, because we need to check the proposal state BEFORE the internal `_cancel` call// changes it. The `hashProposal` duplication has a cost that is limited, and that we accept.uint256 proposalId = hashProposal(targets, values, calldatas, descriptionHash);
// public cancel restrictions (on top of existing _cancel restrictions).
_validateStateBitmap(proposalId, _encodeStateBitmap(ProposalState.Pending));
if (_msgSender() != proposalProposer(proposalId)) {
revert GovernorOnlyProposer(_msgSender());
}
return _cancel(targets, values, calldatas, descriptionHash);
}
/**
* @dev Internal cancel mechanism with minimal restrictions. A proposal can be cancelled in any state other than
* Canceled, Expired, or Executed. Once cancelled a proposal can't be re-submitted.
*
* Emits a {IGovernor-ProposalCanceled} event.
*/function_cancel(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
) internalvirtualreturns (uint256) {
GovernorStorage storage $ = _getGovernorStorage();
uint256 proposalId = hashProposal(targets, values, calldatas, descriptionHash);
_validateStateBitmap(
proposalId,
ALL_PROPOSAL_STATES_BITMAP ^
_encodeStateBitmap(ProposalState.Canceled) ^
_encodeStateBitmap(ProposalState.Expired) ^
_encodeStateBitmap(ProposalState.Executed)
);
$._proposals[proposalId].canceled =true;
emit ProposalCanceled(proposalId);
return proposalId;
}
/**
* @dev See {IGovernor-getVotes}.
*/functiongetVotes(address account, uint256 timepoint) publicviewvirtualreturns (uint256) {
return _getVotes(account, timepoint, _defaultParams());
}
/**
* @dev See {IGovernor-getVotesWithParams}.
*/functiongetVotesWithParams(address account,
uint256 timepoint,
bytesmemory params
) publicviewvirtualreturns (uint256) {
return _getVotes(account, timepoint, params);
}
/**
* @dev See {IGovernor-castVote}.
*/functioncastVote(uint256 proposalId, uint8 support) publicvirtualreturns (uint256) {
address voter = _msgSender();
return _castVote(proposalId, voter, support, "");
}
/**
* @dev See {IGovernor-castVoteWithReason}.
*/functioncastVoteWithReason(uint256 proposalId,
uint8 support,
stringcalldata reason
) publicvirtualreturns (uint256) {
address voter = _msgSender();
return _castVote(proposalId, voter, support, reason);
}
/**
* @dev See {IGovernor-castVoteWithReasonAndParams}.
*/functioncastVoteWithReasonAndParams(uint256 proposalId,
uint8 support,
stringcalldata reason,
bytesmemory params
) publicvirtualreturns (uint256) {
address voter = _msgSender();
return _castVote(proposalId, voter, support, reason, params);
}
/**
* @dev See {IGovernor-castVoteBySig}.
*/functioncastVoteBySig(uint256 proposalId,
uint8 support,
address voter,
bytesmemory signature
) publicvirtualreturns (uint256) {
bool valid = SignatureChecker.isValidSignatureNow(
voter,
_hashTypedDataV4(keccak256(abi.encode(BALLOT_TYPEHASH, proposalId, support, voter, _useNonce(voter)))),
signature
);
if (!valid) {
revert GovernorInvalidSignature(voter);
}
return _castVote(proposalId, voter, support, "");
}
/**
* @dev See {IGovernor-castVoteWithReasonAndParamsBySig}.
*/functioncastVoteWithReasonAndParamsBySig(uint256 proposalId,
uint8 support,
address voter,
stringcalldata reason,
bytesmemory params,
bytesmemory signature
) publicvirtualreturns (uint256) {
bool valid = SignatureChecker.isValidSignatureNow(
voter,
_hashTypedDataV4(
keccak256(
abi.encode(
EXTENDED_BALLOT_TYPEHASH,
proposalId,
support,
voter,
_useNonce(voter),
keccak256(bytes(reason)),
keccak256(params)
)
)
),
signature
);
if (!valid) {
revert GovernorInvalidSignature(voter);
}
return _castVote(proposalId, voter, support, reason, params);
}
/**
* @dev Internal vote casting mechanism: Check that the vote is pending, that it has not been cast yet, retrieve
* voting weight using {IGovernor-getVotes} and call the {_countVote} internal function. Uses the _defaultParams().
*
* Emits a {IGovernor-VoteCast} event.
*/function_castVote(uint256 proposalId,
address account,
uint8 support,
stringmemory reason
) internalvirtualreturns (uint256) {
return _castVote(proposalId, account, support, reason, _defaultParams());
}
/**
* @dev Internal vote casting mechanism: Check that the vote is pending, that it has not been cast yet, retrieve
* voting weight using {IGovernor-getVotes} and call the {_countVote} internal function.
*
* Emits a {IGovernor-VoteCast} event.
*/function_castVote(uint256 proposalId,
address account,
uint8 support,
stringmemory reason,
bytesmemory params
) internalvirtualreturns (uint256) {
_validateStateBitmap(proposalId, _encodeStateBitmap(ProposalState.Active));
uint256 weight = _getVotes(account, proposalSnapshot(proposalId), params);
_countVote(proposalId, account, support, weight, params);
if (params.length==0) {
emit VoteCast(account, proposalId, support, weight, reason);
} else {
emit VoteCastWithParams(account, proposalId, support, weight, reason, params);
}
return weight;
}
/**
* @dev Relays a transaction or function call to an arbitrary target. In cases where the governance executor
* is some contract other than the governor itself, like when using a timelock, this function can be invoked
* in a governance proposal to recover tokens or Ether that was sent to the governor contract by mistake.
* Note that if the executor is simply the governor itself, use of `relay` is redundant.
*/functionrelay(address target, uint256 value, bytescalldata data) externalpayablevirtualonlyGovernance{
(bool success, bytesmemory returndata) = target.call{value: value}(data);
Address.verifyCallResult(success, returndata);
}
/**
* @dev Address through which the governor executes action. Will be overloaded by module that execute actions
* through another contract such as a timelock.
*/function_executor() internalviewvirtualreturns (address) {
returnaddress(this);
}
/**
* @dev See {IERC721Receiver-onERC721Received}.
* Receiving tokens is disabled if the governance executor is other than the governor itself (eg. when using with a timelock).
*/functiononERC721Received(address, address, uint256, bytesmemory) publicvirtualreturns (bytes4) {
if (_executor() !=address(this)) {
revert GovernorDisabledDeposit();
}
returnthis.onERC721Received.selector;
}
/**
* @dev See {IERC1155Receiver-onERC1155Received}.
* Receiving tokens is disabled if the governance executor is other than the governor itself (eg. when using with a timelock).
*/functiononERC1155Received(address, address, uint256, uint256, bytesmemory) publicvirtualreturns (bytes4) {
if (_executor() !=address(this)) {
revert GovernorDisabledDeposit();
}
returnthis.onERC1155Received.selector;
}
/**
* @dev See {IERC1155Receiver-onERC1155BatchReceived}.
* Receiving tokens is disabled if the governance executor is other than the governor itself (eg. when using with a timelock).
*/functiononERC1155BatchReceived(address,
address,
uint256[] memory,
uint256[] memory,
bytesmemory) publicvirtualreturns (bytes4) {
if (_executor() !=address(this)) {
revert GovernorDisabledDeposit();
}
returnthis.onERC1155BatchReceived.selector;
}
/**
* @dev Encodes a `ProposalState` into a `bytes32` representation where each bit enabled corresponds to
* the underlying position in the `ProposalState` enum. For example:
*
* 0x000...10000
* ^^^^^^------ ...
* ^----- Succeeded
* ^---- Defeated
* ^--- Canceled
* ^-- Active
* ^- Pending
*/function_encodeStateBitmap(ProposalState proposalState) internalpurereturns (bytes32) {
returnbytes32(1<<uint8(proposalState));
}
/**
* @dev Check that the current state of a proposal matches the requirements described by the `allowedStates` bitmap.
* This bitmap should be built using `_encodeStateBitmap`.
*
* If requirements are not met, reverts with a {GovernorUnexpectedProposalState} error.
*/function_validateStateBitmap(uint256 proposalId, bytes32 allowedStates) privateviewreturns (ProposalState) {
ProposalState currentState = state(proposalId);
if (_encodeStateBitmap(currentState) & allowedStates ==bytes32(0)) {
revert GovernorUnexpectedProposalState(proposalId, currentState, allowedStates);
}
return currentState;
}
/*
* @dev Check if the proposer is authorized to submit a proposal with the given description.
*
* If the proposal description ends with `#proposer=0x???`, where `0x???` is an address written as a hex string
* (case insensitive), then the submission of this proposal will only be authorized to said address.
*
* This is used for frontrunning protection. By adding this pattern at the end of their proposal, one can ensure
* that no other address can submit the same proposal. An attacker would have to either remove or change that part,
* which would result in a different proposal id.
*
* If the description does not match this pattern, it is unrestricted and anyone can submit it. This includes:
* - If the `0x???` part is not a valid hex string.
* - If the `0x???` part is a valid hex string, but does not contain exactly 40 hex digits.
* - If it ends with the expected suffix followed by newlines or other whitespace.
* - If it ends with some other similar suffix, e.g. `#other=abc`.
* - If it does not end with any such suffix.
*/function_isValidDescriptionForProposer(address proposer,
stringmemory description
) internalviewvirtualreturns (bool) {
uint256 len =bytes(description).length;
// Length is too short to contain a valid proposer suffixif (len <52) {
returntrue;
}
// Extract what would be the `#proposer=0x` marker beginning the suffixbytes12 marker;
assembly {
// - Start of the string contents in memory = description + 32// - First character of the marker = len - 52// - Length of "#proposer=0x0000000000000000000000000000000000000000" = 52// - We read the memory word starting at the first character of the marker:// - (description + 32) + (len - 52) = description + (len - 20)// - Note: Solidity will ignore anything past the first 12 bytes
marker :=mload(add(description, sub(len, 20)))
}
// If the marker is not found, there is no proposer suffix to checkif (marker !=bytes12("#proposer=0x")) {
returntrue;
}
// Parse the 40 characters following the marker as uint160uint160 recovered =0;
for (uint256 i = len -40; i < len; ++i) {
(bool isHex, uint8 value) = _tryHexToUint(bytes(description)[i]);
// If any of the characters is not a hex digit, ignore the suffix entirelyif (!isHex) {
returntrue;
}
recovered = (recovered <<4) | value;
}
return recovered ==uint160(proposer);
}
/**
* @dev Try to parse a character from a string as a hex value. Returns `(true, value)` if the char is in
* `[0-9a-fA-F]` and `(false, 0)` otherwise. Value is guaranteed to be in the range `0 <= value < 16`
*/function_tryHexToUint(bytes1 char) privatepurereturns (bool, uint8) {
uint8 c =uint8(char);
unchecked {
// Case 0-9if (47< c && c <58) {
return (true, c -48);
}
// Case A-Felseif (64< c && c <71) {
return (true, c -55);
}
// Case a-felseif (96< c && c <103) {
return (true, c -87);
}
// Else: not a hex charelse {
return (false, 0);
}
}
}
/**
* @inheritdoc IERC6372
*/functionclock() publicviewvirtualreturns (uint48);
/**
* @inheritdoc IERC6372
*/// solhint-disable-next-line func-name-mixedcasefunctionCLOCK_MODE() publicviewvirtualreturns (stringmemory);
/**
* @inheritdoc IGovernor
*/functionvotingDelay() publicviewvirtualreturns (uint256);
/**
* @inheritdoc IGovernor
*/functionvotingPeriod() publicviewvirtualreturns (uint256);
/**
* @inheritdoc IGovernor
*/functionquorum(uint256 timepoint) publicviewvirtualreturns (uint256);
}
Contract Source Code
File 25 of 63: GovernorVotesQuorumFractionUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (governance/extensions/GovernorVotesQuorumFraction.sol)pragmasolidity ^0.8.20;import {GovernorVotesUpgradeable} from"./GovernorVotesUpgradeable.sol";
import {SafeCast} from"@openzeppelin/contracts/utils/math/SafeCast.sol";
import {Checkpoints} from"@openzeppelin/contracts/utils/structs/Checkpoints.sol";
import {Initializable} from"../../proxy/utils/Initializable.sol";
/**
* @dev Extension of {Governor} for voting weight extraction from an {ERC20Votes} token and a quorum expressed as a
* fraction of the total supply.
*/abstractcontractGovernorVotesQuorumFractionUpgradeableisInitializable, GovernorVotesUpgradeable{
usingCheckpointsforCheckpoints.Trace208;
/// @custom:storage-location erc7201:openzeppelin.storage.GovernorVotesQuorumFractionstructGovernorVotesQuorumFractionStorage {
Checkpoints.Trace208 _quorumNumeratorHistory;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.GovernorVotesQuorumFraction")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant GovernorVotesQuorumFractionStorageLocation =0xe770710421fd2cad75ad828c61aa98f2d77d423a440b67872d0f65554148e000;
function_getGovernorVotesQuorumFractionStorage() privatepurereturns (GovernorVotesQuorumFractionStorage storage $) {
assembly {
$.slot:= GovernorVotesQuorumFractionStorageLocation
}
}
eventQuorumNumeratorUpdated(uint256 oldQuorumNumerator, uint256 newQuorumNumerator);
/**
* @dev The quorum set is not a valid fraction.
*/errorGovernorInvalidQuorumFraction(uint256 quorumNumerator, uint256 quorumDenominator);
/**
* @dev Initialize quorum as a fraction of the token's total supply.
*
* The fraction is specified as `numerator / denominator`. By default the denominator is 100, so quorum is
* specified as a percent: a numerator of 10 corresponds to quorum being 10% of total supply. The denominator can be
* customized by overriding {quorumDenominator}.
*/function__GovernorVotesQuorumFraction_init(uint256 quorumNumeratorValue) internalonlyInitializing{
__GovernorVotesQuorumFraction_init_unchained(quorumNumeratorValue);
}
function__GovernorVotesQuorumFraction_init_unchained(uint256 quorumNumeratorValue) internalonlyInitializing{
_updateQuorumNumerator(quorumNumeratorValue);
}
/**
* @dev Returns the current quorum numerator. See {quorumDenominator}.
*/functionquorumNumerator() publicviewvirtualreturns (uint256) {
GovernorVotesQuorumFractionStorage storage $ = _getGovernorVotesQuorumFractionStorage();
return $._quorumNumeratorHistory.latest();
}
/**
* @dev Returns the quorum numerator at a specific timepoint. See {quorumDenominator}.
*/functionquorumNumerator(uint256 timepoint) publicviewvirtualreturns (uint256) {
GovernorVotesQuorumFractionStorage storage $ = _getGovernorVotesQuorumFractionStorage();
uint256 length = $._quorumNumeratorHistory._checkpoints.length;
// Optimistic search, check the latest checkpoint
Checkpoints.Checkpoint208 storage latest = $._quorumNumeratorHistory._checkpoints[length -1];
uint48 latestKey = latest._key;
uint208 latestValue = latest._value;
if (latestKey <= timepoint) {
return latestValue;
}
// Otherwise, do the binary searchreturn $._quorumNumeratorHistory.upperLookupRecent(SafeCast.toUint48(timepoint));
}
/**
* @dev Returns the quorum denominator. Defaults to 100, but may be overridden.
*/functionquorumDenominator() publicviewvirtualreturns (uint256) {
return100;
}
/**
* @dev Returns the quorum for a timepoint, in terms of number of votes: `supply * numerator / denominator`.
*/functionquorum(uint256 timepoint) publicviewvirtualoverridereturns (uint256) {
return (token().getPastTotalSupply(timepoint) * quorumNumerator(timepoint)) / quorumDenominator();
}
/**
* @dev Changes the quorum numerator.
*
* Emits a {QuorumNumeratorUpdated} event.
*
* Requirements:
*
* - Must be called through a governance proposal.
* - New numerator must be smaller or equal to the denominator.
*/functionupdateQuorumNumerator(uint256 newQuorumNumerator) externalvirtualonlyGovernance{
_updateQuorumNumerator(newQuorumNumerator);
}
/**
* @dev Changes the quorum numerator.
*
* Emits a {QuorumNumeratorUpdated} event.
*
* Requirements:
*
* - New numerator must be smaller or equal to the denominator.
*/function_updateQuorumNumerator(uint256 newQuorumNumerator) internalvirtual{
GovernorVotesQuorumFractionStorage storage $ = _getGovernorVotesQuorumFractionStorage();
uint256 denominator = quorumDenominator();
if (newQuorumNumerator > denominator) {
revert GovernorInvalidQuorumFraction(newQuorumNumerator, denominator);
}
uint256 oldQuorumNumerator = quorumNumerator();
$._quorumNumeratorHistory.push(clock(), SafeCast.toUint208(newQuorumNumerator));
emit QuorumNumeratorUpdated(oldQuorumNumerator, newQuorumNumerator);
}
}
Contract Source Code
File 26 of 63: GovernorVotesUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (governance/extensions/GovernorVotes.sol)pragmasolidity ^0.8.20;import {GovernorUpgradeable} from"../GovernorUpgradeable.sol";
import {IVotes} from"@openzeppelin/contracts/governance/utils/IVotes.sol";
import {IERC5805} from"@openzeppelin/contracts/interfaces/IERC5805.sol";
import {SafeCast} from"@openzeppelin/contracts/utils/math/SafeCast.sol";
import {Time} from"@openzeppelin/contracts/utils/types/Time.sol";
import {Initializable} from"../../proxy/utils/Initializable.sol";
/**
* @dev Extension of {Governor} for voting weight extraction from an {ERC20Votes} token, or since v4.5 an {ERC721Votes}
* token.
*/abstractcontractGovernorVotesUpgradeableisInitializable, GovernorUpgradeable{
/// @custom:storage-location erc7201:openzeppelin.storage.GovernorVotesstructGovernorVotesStorage {
IERC5805 _token;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.GovernorVotes")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant GovernorVotesStorageLocation =0x3ba4977254e415696610a40ebf2258dbfa0ec6a2ff64e84bfe715ff16977cc00;
function_getGovernorVotesStorage() privatepurereturns (GovernorVotesStorage storage $) {
assembly {
$.slot:= GovernorVotesStorageLocation
}
}
function__GovernorVotes_init(IVotes tokenAddress) internalonlyInitializing{
__GovernorVotes_init_unchained(tokenAddress);
}
function__GovernorVotes_init_unchained(IVotes tokenAddress) internalonlyInitializing{
GovernorVotesStorage storage $ = _getGovernorVotesStorage();
$._token = IERC5805(address(tokenAddress));
}
/**
* @dev The token that voting power is sourced from.
*/functiontoken() publicviewvirtualreturns (IERC5805) {
GovernorVotesStorage storage $ = _getGovernorVotesStorage();
return $._token;
}
/**
* @dev Clock (as specified in EIP-6372) is set to match the token's clock. Fallback to block numbers if the token
* does not implement EIP-6372.
*/functionclock() publicviewvirtualoverridereturns (uint48) {
try token().clock() returns (uint48 timepoint) {
return timepoint;
} catch {
return Time.blockNumber();
}
}
/**
* @dev Machine-readable description of the clock as specified in EIP-6372.
*/// solhint-disable-next-line func-name-mixedcasefunctionCLOCK_MODE() publicviewvirtualoverridereturns (stringmemory) {
try token().CLOCK_MODE() returns (stringmemory clockmode) {
return clockmode;
} catch {
return"mode=blocknumber&from=default";
}
}
/**
* Read the voting weight from the token's built in snapshot mechanism (see {Governor-_getVotes}).
*/function_getVotes(address account,
uint256 timepoint,
bytesmemory/*params*/) internalviewvirtualoverridereturns (uint256) {
return token().getPastVotes(account, timepoint);
}
}
Contract Source Code
File 27 of 63: IAccessControl.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (access/IAccessControl.sol)pragmasolidity ^0.8.20;/**
* @dev External interface of AccessControl declared to support ERC165 detection.
*/interfaceIAccessControl{
/**
* @dev The `account` is missing a role.
*/errorAccessControlUnauthorizedAccount(address account, bytes32 neededRole);
/**
* @dev The caller of a function is not the expected one.
*
* NOTE: Don't confuse with {AccessControlUnauthorizedAccount}.
*/errorAccessControlBadConfirmation();
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted signaling this.
*/eventRoleAdminChanged(bytes32indexed role, bytes32indexed previousAdminRole, bytes32indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call, an admin role
* bearer except when using {AccessControl-_setupRole}.
*/eventRoleGranted(bytes32indexed role, addressindexed account, addressindexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/eventRoleRevoked(bytes32indexed role, addressindexed account, addressindexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/functionhasRole(bytes32 role, address account) externalviewreturns (bool);
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {AccessControl-_setRoleAdmin}.
*/functiongetRoleAdmin(bytes32 role) externalviewreturns (bytes32);
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/functiongrantRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/functionrevokeRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*/functionrenounceRole(bytes32 role, address callerConfirmation) external;
}
Contract Source Code
File 28 of 63: IBeacon.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (proxy/beacon/IBeacon.sol)pragmasolidity ^0.8.20;/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/interfaceIBeacon{
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {UpgradeableBeacon} will check that this address is a contract.
*/functionimplementation() externalviewreturns (address);
}
Contract Source Code
File 29 of 63: IERC1155Receiver.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC1155/IERC1155Receiver.sol)pragmasolidity ^0.8.20;import {IERC165} from"../../utils/introspection/IERC165.sol";
/**
* @dev Interface that must be implemented by smart contracts in order to receive
* ERC-1155 token transfers.
*/interfaceIERC1155ReceiverisIERC165{
/**
* @dev Handles the receipt of a single ERC1155 token type. This function is
* called at the end of a `safeTransferFrom` after the balance has been updated.
*
* NOTE: To accept the transfer, this must return
* `bytes4(keccak256("onERC1155Received(address,address,uint256,uint256,bytes)"))`
* (i.e. 0xf23a6e61, or its own function selector).
*
* @param operator The address which initiated the transfer (i.e. msg.sender)
* @param from The address which previously owned the token
* @param id The ID of the token being transferred
* @param value The amount of tokens being transferred
* @param data Additional data with no specified format
* @return `bytes4(keccak256("onERC1155Received(address,address,uint256,uint256,bytes)"))` if transfer is allowed
*/functiononERC1155Received(address operator,
addressfrom,
uint256 id,
uint256 value,
bytescalldata data
) externalreturns (bytes4);
/**
* @dev Handles the receipt of a multiple ERC1155 token types. This function
* is called at the end of a `safeBatchTransferFrom` after the balances have
* been updated.
*
* NOTE: To accept the transfer(s), this must return
* `bytes4(keccak256("onERC1155BatchReceived(address,address,uint256[],uint256[],bytes)"))`
* (i.e. 0xbc197c81, or its own function selector).
*
* @param operator The address which initiated the batch transfer (i.e. msg.sender)
* @param from The address which previously owned the token
* @param ids An array containing ids of each token being transferred (order and length must match values array)
* @param values An array containing amounts of each token being transferred (order and length must match ids array)
* @param data Additional data with no specified format
* @return `bytes4(keccak256("onERC1155BatchReceived(address,address,uint256[],uint256[],bytes)"))` if transfer is allowed
*/functiononERC1155BatchReceived(address operator,
addressfrom,
uint256[] calldata ids,
uint256[] calldata values,
bytescalldata data
) externalreturns (bytes4);
}
Contract Source Code
File 30 of 63: IERC1271.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC1271.sol)pragmasolidity ^0.8.20;/**
* @dev Interface of the ERC1271 standard signature validation method for
* contracts as defined in https://eips.ethereum.org/EIPS/eip-1271[ERC-1271].
*/interfaceIERC1271{
/**
* @dev Should return whether the signature provided is valid for the provided data
* @param hash Hash of the data to be signed
* @param signature Signature byte array associated with _data
*/functionisValidSignature(bytes32 hash, bytesmemory signature) externalviewreturns (bytes4 magicValue);
}
Contract Source Code
File 31 of 63: IERC165.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/IERC165.sol)pragmasolidity ^0.8.20;/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/interfaceIERC165{
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/functionsupportsInterface(bytes4 interfaceId) externalviewreturns (bool);
}
Contract Source Code
File 32 of 63: IERC20.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/IERC20.sol)pragmasolidity ^0.8.20;/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/interfaceIERC20{
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/eventTransfer(addressindexedfrom, addressindexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/eventApproval(addressindexed owner, addressindexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/functiontotalSupply() externalviewreturns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/functionbalanceOf(address account) externalviewreturns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransfer(address to, uint256 value) externalreturns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/functionallowance(address owner, address spender) externalviewreturns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/functionapprove(address spender, uint256 value) externalreturns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransferFrom(addressfrom, address to, uint256 value) externalreturns (bool);
}
Contract Source Code
File 33 of 63: IERC20Metadata.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/IERC20Metadata.sol)pragmasolidity ^0.8.20;import {IERC20} from"../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*/interfaceIERC20MetadataisIERC20{
/**
* @dev Returns the name of the token.
*/functionname() externalviewreturns (stringmemory);
/**
* @dev Returns the symbol of the token.
*/functionsymbol() externalviewreturns (stringmemory);
/**
* @dev Returns the decimals places of the token.
*/functiondecimals() externalviewreturns (uint8);
}
Contract Source Code
File 34 of 63: IERC20Permit.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/IERC20Permit.sol)pragmasolidity ^0.8.20;/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*
* ==== Security Considerations
*
* There are two important considerations concerning the use of `permit`. The first is that a valid permit signature
* expresses an allowance, and it should not be assumed to convey additional meaning. In particular, it should not be
* considered as an intention to spend the allowance in any specific way. The second is that because permits have
* built-in replay protection and can be submitted by anyone, they can be frontrun. A protocol that uses permits should
* take this into consideration and allow a `permit` call to fail. Combining these two aspects, a pattern that may be
* generally recommended is:
*
* ```solidity
* function doThingWithPermit(..., uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s) public {
* try token.permit(msg.sender, address(this), value, deadline, v, r, s) {} catch {}
* doThing(..., value);
* }
*
* function doThing(..., uint256 value) public {
* token.safeTransferFrom(msg.sender, address(this), value);
* ...
* }
* ```
*
* Observe that: 1) `msg.sender` is used as the owner, leaving no ambiguity as to the signer intent, and 2) the use of
* `try/catch` allows the permit to fail and makes the code tolerant to frontrunning. (See also
* {SafeERC20-safeTransferFrom}).
*
* Additionally, note that smart contract wallets (such as Argent or Safe) are not able to produce permit signatures, so
* contracts should have entry points that don't rely on permit.
*/interfaceIERC20Permit{
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*
* CAUTION: See Security Considerations above.
*/functionpermit(address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/functionnonces(address owner) externalviewreturns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/// solhint-disable-next-line func-name-mixedcasefunctionDOMAIN_SEPARATOR() externalviewreturns (bytes32);
}
Contract Source Code
File 35 of 63: IERC5267.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC5267.sol)pragmasolidity ^0.8.20;interfaceIERC5267{
/**
* @dev MAY be emitted to signal that the domain could have changed.
*/eventEIP712DomainChanged();
/**
* @dev returns the fields and values that describe the domain separator used by this contract for EIP-712
* signature.
*/functioneip712Domain()
externalviewreturns (bytes1 fields,
stringmemory name,
stringmemory version,
uint256 chainId,
address verifyingContract,
bytes32 salt,
uint256[] memory extensions
);
}
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC6372.sol)pragmasolidity ^0.8.20;interfaceIERC6372{
/**
* @dev Clock used for flagging checkpoints. Can be overridden to implement timestamp based checkpoints (and voting).
*/functionclock() externalviewreturns (uint48);
/**
* @dev Description of the clock
*/// solhint-disable-next-line func-name-mixedcasefunctionCLOCK_MODE() externalviewreturns (stringmemory);
}
Contract Source Code
File 38 of 63: IERC721Receiver.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC721/IERC721Receiver.sol)pragmasolidity ^0.8.20;/**
* @title ERC721 token receiver interface
* @dev Interface for any contract that wants to support safeTransfers
* from ERC721 asset contracts.
*/interfaceIERC721Receiver{
/**
* @dev Whenever an {IERC721} `tokenId` token is transferred to this contract via {IERC721-safeTransferFrom}
* by `operator` from `from`, this function is called.
*
* It must return its Solidity selector to confirm the token transfer.
* If any other value is returned or the interface is not implemented by the recipient, the transfer will be
* reverted.
*
* The selector can be obtained in Solidity with `IERC721Receiver.onERC721Received.selector`.
*/functiononERC721Received(address operator,
addressfrom,
uint256 tokenId,
bytescalldata data
) externalreturns (bytes4);
}
Contract Source Code
File 39 of 63: IGovernor.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (governance/IGovernor.sol)pragmasolidity ^0.8.20;import {IERC165} from"../interfaces/IERC165.sol";
import {IERC6372} from"../interfaces/IERC6372.sol";
/**
* @dev Interface of the {Governor} core.
*/interfaceIGovernorisIERC165, IERC6372{
enumProposalState {
Pending,
Active,
Canceled,
Defeated,
Succeeded,
Queued,
Expired,
Executed
}
/**
* @dev Empty proposal or a mismatch between the parameters length for a proposal call.
*/errorGovernorInvalidProposalLength(uint256 targets, uint256 calldatas, uint256 values);
/**
* @dev The vote was already cast.
*/errorGovernorAlreadyCastVote(address voter);
/**
* @dev Token deposits are disabled in this contract.
*/errorGovernorDisabledDeposit();
/**
* @dev The `account` is not a proposer.
*/errorGovernorOnlyProposer(address account);
/**
* @dev The `account` is not the governance executor.
*/errorGovernorOnlyExecutor(address account);
/**
* @dev The `proposalId` doesn't exist.
*/errorGovernorNonexistentProposal(uint256 proposalId);
/**
* @dev The current state of a proposal is not the required for performing an operation.
* The `expectedStates` is a bitmap with the bits enabled for each ProposalState enum position
* counting from right to left.
*
* NOTE: If `expectedState` is `bytes32(0)`, the proposal is expected to not be in any state (i.e. not exist).
* This is the case when a proposal that is expected to be unset is already initiated (the proposal is duplicated).
*
* See {Governor-_encodeStateBitmap}.
*/errorGovernorUnexpectedProposalState(uint256 proposalId, ProposalState current, bytes32 expectedStates);
/**
* @dev The voting period set is not a valid period.
*/errorGovernorInvalidVotingPeriod(uint256 votingPeriod);
/**
* @dev The `proposer` does not have the required votes to create a proposal.
*/errorGovernorInsufficientProposerVotes(address proposer, uint256 votes, uint256 threshold);
/**
* @dev The `proposer` is not allowed to create a proposal.
*/errorGovernorRestrictedProposer(address proposer);
/**
* @dev The vote type used is not valid for the corresponding counting module.
*/errorGovernorInvalidVoteType();
/**
* @dev Queue operation is not implemented for this governor. Execute should be called directly.
*/errorGovernorQueueNotImplemented();
/**
* @dev The proposal hasn't been queued yet.
*/errorGovernorNotQueuedProposal(uint256 proposalId);
/**
* @dev The proposal has already been queued.
*/errorGovernorAlreadyQueuedProposal(uint256 proposalId);
/**
* @dev The provided signature is not valid for the expected `voter`.
* If the `voter` is a contract, the signature is not valid using {IERC1271-isValidSignature}.
*/errorGovernorInvalidSignature(address voter);
/**
* @dev Emitted when a proposal is created.
*/eventProposalCreated(uint256 proposalId,
address proposer,
address[] targets,
uint256[] values,
string[] signatures,
bytes[] calldatas,
uint256 voteStart,
uint256 voteEnd,
string description
);
/**
* @dev Emitted when a proposal is queued.
*/eventProposalQueued(uint256 proposalId, uint256 etaSeconds);
/**
* @dev Emitted when a proposal is executed.
*/eventProposalExecuted(uint256 proposalId);
/**
* @dev Emitted when a proposal is canceled.
*/eventProposalCanceled(uint256 proposalId);
/**
* @dev Emitted when a vote is cast without params.
*
* Note: `support` values should be seen as buckets. Their interpretation depends on the voting module used.
*/eventVoteCast(addressindexed voter, uint256 proposalId, uint8 support, uint256 weight, string reason);
/**
* @dev Emitted when a vote is cast with params.
*
* Note: `support` values should be seen as buckets. Their interpretation depends on the voting module used.
* `params` are additional encoded parameters. Their interpepretation also depends on the voting module used.
*/eventVoteCastWithParams(addressindexed voter,
uint256 proposalId,
uint8 support,
uint256 weight,
string reason,
bytes params
);
/**
* @notice module:core
* @dev Name of the governor instance (used in building the ERC712 domain separator).
*/functionname() externalviewreturns (stringmemory);
/**
* @notice module:core
* @dev Version of the governor instance (used in building the ERC712 domain separator). Default: "1"
*/functionversion() externalviewreturns (stringmemory);
/**
* @notice module:voting
* @dev A description of the possible `support` values for {castVote} and the way these votes are counted, meant to
* be consumed by UIs to show correct vote options and interpret the results. The string is a URL-encoded sequence of
* key-value pairs that each describe one aspect, for example `support=bravo&quorum=for,abstain`.
*
* There are 2 standard keys: `support` and `quorum`.
*
* - `support=bravo` refers to the vote options 0 = Against, 1 = For, 2 = Abstain, as in `GovernorBravo`.
* - `quorum=bravo` means that only For votes are counted towards quorum.
* - `quorum=for,abstain` means that both For and Abstain votes are counted towards quorum.
*
* If a counting module makes use of encoded `params`, it should include this under a `params` key with a unique
* name that describes the behavior. For example:
*
* - `params=fractional` might refer to a scheme where votes are divided fractionally between for/against/abstain.
* - `params=erc721` might refer to a scheme where specific NFTs are delegated to vote.
*
* NOTE: The string can be decoded by the standard
* https://developer.mozilla.org/en-US/docs/Web/API/URLSearchParams[`URLSearchParams`]
* JavaScript class.
*/// solhint-disable-next-line func-name-mixedcasefunctionCOUNTING_MODE() externalviewreturns (stringmemory);
/**
* @notice module:core
* @dev Hashing function used to (re)build the proposal id from the proposal details..
*/functionhashProposal(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
) externalpurereturns (uint256);
/**
* @notice module:core
* @dev Current state of a proposal, following Compound's convention
*/functionstate(uint256 proposalId) externalviewreturns (ProposalState);
/**
* @notice module:core
* @dev The number of votes required in order for a voter to become a proposer.
*/functionproposalThreshold() externalviewreturns (uint256);
/**
* @notice module:core
* @dev Timepoint used to retrieve user's votes and quorum. If using block number (as per Compound's Comp), the
* snapshot is performed at the end of this block. Hence, voting for this proposal starts at the beginning of the
* following block.
*/functionproposalSnapshot(uint256 proposalId) externalviewreturns (uint256);
/**
* @notice module:core
* @dev Timepoint at which votes close. If using block number, votes close at the end of this block, so it is
* possible to cast a vote during this block.
*/functionproposalDeadline(uint256 proposalId) externalviewreturns (uint256);
/**
* @notice module:core
* @dev The account that created a proposal.
*/functionproposalProposer(uint256 proposalId) externalviewreturns (address);
/**
* @notice module:core
* @dev The time when a queued proposal becomes executable ("ETA"). Unlike {proposalSnapshot} and
* {proposalDeadline}, this doesn't use the governor clock, and instead relies on the executor's clock which may be
* different. In most cases this will be a timestamp.
*/functionproposalEta(uint256 proposalId) externalviewreturns (uint256);
/**
* @notice module:core
* @dev Whether a proposal needs to be queued before execution.
*/functionproposalNeedsQueuing(uint256 proposalId) externalviewreturns (bool);
/**
* @notice module:user-config
* @dev Delay, between the proposal is created and the vote starts. The unit this duration is expressed in depends
* on the clock (see EIP-6372) this contract uses.
*
* This can be increased to leave time for users to buy voting power, or delegate it, before the voting of a
* proposal starts.
*
* NOTE: While this interface returns a uint256, timepoints are stored as uint48 following the ERC-6372 clock type.
* Consequently this value must fit in a uint48 (when added to the current clock). See {IERC6372-clock}.
*/functionvotingDelay() externalviewreturns (uint256);
/**
* @notice module:user-config
* @dev Delay between the vote start and vote end. The unit this duration is expressed in depends on the clock
* (see EIP-6372) this contract uses.
*
* NOTE: The {votingDelay} can delay the start of the vote. This must be considered when setting the voting
* duration compared to the voting delay.
*
* NOTE: This value is stored when the proposal is submitted so that possible changes to the value do not affect
* proposals that have already been submitted. The type used to save it is a uint32. Consequently, while this
* interface returns a uint256, the value it returns should fit in a uint32.
*/functionvotingPeriod() externalviewreturns (uint256);
/**
* @notice module:user-config
* @dev Minimum number of cast voted required for a proposal to be successful.
*
* NOTE: The `timepoint` parameter corresponds to the snapshot used for counting vote. This allows to scale the
* quorum depending on values such as the totalSupply of a token at this timepoint (see {ERC20Votes}).
*/functionquorum(uint256 timepoint) externalviewreturns (uint256);
/**
* @notice module:reputation
* @dev Voting power of an `account` at a specific `timepoint`.
*
* Note: this can be implemented in a number of ways, for example by reading the delegated balance from one (or
* multiple), {ERC20Votes} tokens.
*/functiongetVotes(address account, uint256 timepoint) externalviewreturns (uint256);
/**
* @notice module:reputation
* @dev Voting power of an `account` at a specific `timepoint` given additional encoded parameters.
*/functiongetVotesWithParams(address account,
uint256 timepoint,
bytesmemory params
) externalviewreturns (uint256);
/**
* @notice module:voting
* @dev Returns whether `account` has cast a vote on `proposalId`.
*/functionhasVoted(uint256 proposalId, address account) externalviewreturns (bool);
/**
* @dev Create a new proposal. Vote start after a delay specified by {IGovernor-votingDelay} and lasts for a
* duration specified by {IGovernor-votingPeriod}.
*
* Emits a {ProposalCreated} event.
*/functionpropose(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
stringmemory description
) externalreturns (uint256 proposalId);
/**
* @dev Queue a proposal. Some governors require this step to be performed before execution can happen. If queuing
* is not necessary, this function may revert.
* Queuing a proposal requires the quorum to be reached, the vote to be successful, and the deadline to be reached.
*
* Emits a {ProposalQueued} event.
*/functionqueue(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
) externalreturns (uint256 proposalId);
/**
* @dev Execute a successful proposal. This requires the quorum to be reached, the vote to be successful, and the
* deadline to be reached. Depending on the governor it might also be required that the proposal was queued and
* that some delay passed.
*
* Emits a {ProposalExecuted} event.
*
* NOTE: Some modules can modify the requirements for execution, for example by adding an additional timelock.
*/functionexecute(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
) externalpayablereturns (uint256 proposalId);
/**
* @dev Cancel a proposal. A proposal is cancellable by the proposer, but only while it is Pending state, i.e.
* before the vote starts.
*
* Emits a {ProposalCanceled} event.
*/functioncancel(address[] memory targets,
uint256[] memory values,
bytes[] memory calldatas,
bytes32 descriptionHash
) externalreturns (uint256 proposalId);
/**
* @dev Cast a vote
*
* Emits a {VoteCast} event.
*/functioncastVote(uint256 proposalId, uint8 support) externalreturns (uint256 balance);
/**
* @dev Cast a vote with a reason
*
* Emits a {VoteCast} event.
*/functioncastVoteWithReason(uint256 proposalId,
uint8 support,
stringcalldata reason
) externalreturns (uint256 balance);
/**
* @dev Cast a vote with a reason and additional encoded parameters
*
* Emits a {VoteCast} or {VoteCastWithParams} event depending on the length of params.
*/functioncastVoteWithReasonAndParams(uint256 proposalId,
uint8 support,
stringcalldata reason,
bytesmemory params
) externalreturns (uint256 balance);
/**
* @dev Cast a vote using the voter's signature, including ERC-1271 signature support.
*
* Emits a {VoteCast} event.
*/functioncastVoteBySig(uint256 proposalId,
uint8 support,
address voter,
bytesmemory signature
) externalreturns (uint256 balance);
/**
* @dev Cast a vote with a reason and additional encoded parameters using the voter's signature,
* including ERC-1271 signature support.
*
* Emits a {VoteCast} or {VoteCastWithParams} event depending on the length of params.
*/functioncastVoteWithReasonAndParamsBySig(uint256 proposalId,
uint8 support,
address voter,
stringcalldata reason,
bytesmemory params,
bytesmemory signature
) externalreturns (uint256 balance);
}
Contract Source Code
File 40 of 63: IVotes.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (governance/utils/IVotes.sol)pragmasolidity ^0.8.20;/**
* @dev Common interface for {ERC20Votes}, {ERC721Votes}, and other {Votes}-enabled contracts.
*/interfaceIVotes{
/**
* @dev The signature used has expired.
*/errorVotesExpiredSignature(uint256 expiry);
/**
* @dev Emitted when an account changes their delegate.
*/eventDelegateChanged(addressindexed delegator, addressindexed fromDelegate, addressindexed toDelegate);
/**
* @dev Emitted when a token transfer or delegate change results in changes to a delegate's number of voting units.
*/eventDelegateVotesChanged(addressindexed delegate, uint256 previousVotes, uint256 newVotes);
/**
* @dev Returns the current amount of votes that `account` has.
*/functiongetVotes(address account) externalviewreturns (uint256);
/**
* @dev Returns the amount of votes that `account` had at a specific moment in the past. If the `clock()` is
* configured to use block numbers, this will return the value at the end of the corresponding block.
*/functiongetPastVotes(address account, uint256 timepoint) externalviewreturns (uint256);
/**
* @dev Returns the total supply of votes available at a specific moment in the past. If the `clock()` is
* configured to use block numbers, this will return the value at the end of the corresponding block.
*
* NOTE: This value is the sum of all available votes, which is not necessarily the sum of all delegated votes.
* Votes that have not been delegated are still part of total supply, even though they would not participate in a
* vote.
*/functiongetPastTotalSupply(uint256 timepoint) externalviewreturns (uint256);
/**
* @dev Returns the delegate that `account` has chosen.
*/functiondelegates(address account) externalviewreturns (address);
/**
* @dev Delegates votes from the sender to `delegatee`.
*/functiondelegate(address delegatee) external;
/**
* @dev Delegates votes from signer to `delegatee`.
*/functiondelegateBySig(address delegatee, uint256 nonce, uint256 expiry, uint8 v, bytes32 r, bytes32 s) external;
}
Contract Source Code
File 41 of 63: Initializable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (proxy/utils/Initializable.sol)pragmasolidity ^0.8.20;/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/abstractcontractInitializable{
/**
* @dev Storage of the initializable contract.
*
* It's implemented on a custom ERC-7201 namespace to reduce the risk of storage collisions
* when using with upgradeable contracts.
*
* @custom:storage-location erc7201:openzeppelin.storage.Initializable
*/structInitializableStorage {
/**
* @dev Indicates that the contract has been initialized.
*/uint64 _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/bool _initializing;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Initializable")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant INITIALIZABLE_STORAGE =0xf0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00;
/**
* @dev The contract is already initialized.
*/errorInvalidInitialization();
/**
* @dev The contract is not initializing.
*/errorNotInitializing();
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/eventInitialized(uint64 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that in the context of a constructor an `initializer` may be invoked any
* number of times. This behavior in the constructor can be useful during testing and is not expected to be used in
* production.
*
* Emits an {Initialized} event.
*/modifierinitializer() {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
// Cache values to avoid duplicated sloadsbool isTopLevelCall =!$._initializing;
uint64 initialized = $._initialized;
// Allowed calls:// - initialSetup: the contract is not in the initializing state and no previous version was// initialized// - construction: the contract is initialized at version 1 (no reininitialization) and the// current contract is just being deployedbool initialSetup = initialized ==0&& isTopLevelCall;
bool construction = initialized ==1&&address(this).code.length==0;
if (!initialSetup &&!construction) {
revert InvalidInitialization();
}
$._initialized =1;
if (isTopLevelCall) {
$._initializing =true;
}
_;
if (isTopLevelCall) {
$._initializing =false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: Setting the version to 2**64 - 1 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/modifierreinitializer(uint64 version) {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing || $._initialized >= version) {
revert InvalidInitialization();
}
$._initialized = version;
$._initializing =true;
_;
$._initializing =false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/modifieronlyInitializing() {
_checkInitializing();
_;
}
/**
* @dev Reverts if the contract is not in an initializing state. See {onlyInitializing}.
*/function_checkInitializing() internalviewvirtual{
if (!_isInitializing()) {
revert NotInitializing();
}
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/function_disableInitializers() internalvirtual{
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing) {
revert InvalidInitialization();
}
if ($._initialized !=type(uint64).max) {
$._initialized =type(uint64).max;
emit Initialized(type(uint64).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/function_getInitializedVersion() internalviewreturns (uint64) {
return _getInitializableStorage()._initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/function_isInitializing() internalviewreturns (bool) {
return _getInitializableStorage()._initializing;
}
/**
* @dev Returns a pointer to the storage namespace.
*/// solhint-disable-next-line var-name-mixedcasefunction_getInitializableStorage() privatepurereturns (InitializableStorage storage $) {
assembly {
$.slot:= INITIALIZABLE_STORAGE
}
}
}
Contract Source Code
File 42 of 63: Math.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/math/Math.sol)pragmasolidity ^0.8.20;/**
* @dev Standard math utilities missing in the Solidity language.
*/libraryMath{
/**
* @dev Muldiv operation overflow.
*/errorMathOverflowedMulDiv();
enumRounding {
Floor, // Toward negative infinity
Ceil, // Toward positive infinity
Trunc, // Toward zero
Expand // Away from zero
}
/**
* @dev Returns the addition of two unsigned integers, with an overflow flag.
*/functiontryAdd(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
uint256 c = a + b;
if (c < a) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with an overflow flag.
*/functiontrySub(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
if (b > a) return (false, 0);
return (true, a - b);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with an overflow flag.
*/functiontryMul(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the// benefit is lost if 'b' is also tested.// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522if (a ==0) return (true, 0);
uint256 c = a * b;
if (c / a != b) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the division of two unsigned integers, with a division by zero flag.
*/functiontryDiv(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
if (b ==0) return (false, 0);
return (true, a / b);
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a division by zero flag.
*/functiontryMod(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
if (b ==0) return (false, 0);
return (true, a % b);
}
}
/**
* @dev Returns the largest of two numbers.
*/functionmax(uint256 a, uint256 b) internalpurereturns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/functionmin(uint256 a, uint256 b) internalpurereturns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/functionaverage(uint256 a, uint256 b) internalpurereturns (uint256) {
// (a + b) / 2 can overflow.return (a & b) + (a ^ b) /2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds towards infinity instead
* of rounding towards zero.
*/functionceilDiv(uint256 a, uint256 b) internalpurereturns (uint256) {
if (b ==0) {
// Guarantee the same behavior as in a regular Solidity division.return a / b;
}
// (a + b - 1) / b can overflow on addition, so we distribute.return a ==0 ? 0 : (a -1) / b +1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
* denominator == 0.
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
* Uniswap Labs also under MIT license.
*/functionmulDiv(uint256 x, uint256 y, uint256 denominator) internalpurereturns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256// variables such that product = prod1 * 2^256 + prod0.uint256 prod0 = x * y; // Least significant 256 bits of the productuint256 prod1; // Most significant 256 bits of the productassembly {
let mm :=mulmod(x, y, not(0))
prod1 :=sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.if (prod1 ==0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.// The surrounding unchecked block does not change this fact.// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.if (denominator <= prod1) {
revert MathOverflowedMulDiv();
}
///////////////////////////////////////////////// 512 by 256 division.///////////////////////////////////////////////// Make division exact by subtracting the remainder from [prod1 prod0].uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder :=mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 :=sub(prod1, gt(remainder, prod0))
prod0 :=sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator.// Always >= 1. See https://cs.stackexchange.com/q/138556/92363.uint256 twos = denominator & (0- denominator);
assembly {
// Divide denominator by twos.
denominator :=div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 :=div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos :=add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for// four bits. That is, denominator * inv = 1 mod 2^4.uint256 inverse = (3* denominator) ^2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also// works in modular arithmetic, doubling the correct bits in each step.
inverse *=2- denominator * inverse; // inverse mod 2^8
inverse *=2- denominator * inverse; // inverse mod 2^16
inverse *=2- denominator * inverse; // inverse mod 2^32
inverse *=2- denominator * inverse; // inverse mod 2^64
inverse *=2- denominator * inverse; // inverse mod 2^128
inverse *=2- denominator * inverse; // inverse mod 2^256// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/functionmulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internalpurereturns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (unsignedRoundsUp(rounding) &&mulmod(x, y, denominator) >0) {
result +=1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded
* towards zero.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/functionsqrt(uint256 a) internalpurereturns (uint256) {
if (a ==0) {
return0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.//// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.//// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`//// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.uint256 result =1<< (log2(a) >>1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision// into the expected uint128 result.unchecked {
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/functionsqrt(uint256 a, Rounding rounding) internalpurereturns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (unsignedRoundsUp(rounding) && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/functionlog2(uint256 value) internalpurereturns (uint256) {
uint256 result =0;
unchecked {
if (value >>128>0) {
value >>=128;
result +=128;
}
if (value >>64>0) {
value >>=64;
result +=64;
}
if (value >>32>0) {
value >>=32;
result +=32;
}
if (value >>16>0) {
value >>=16;
result +=16;
}
if (value >>8>0) {
value >>=8;
result +=8;
}
if (value >>4>0) {
value >>=4;
result +=4;
}
if (value >>2>0) {
value >>=2;
result +=2;
}
if (value >>1>0) {
result +=1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/functionlog2(uint256 value, Rounding rounding) internalpurereturns (uint256) {
unchecked {
uint256 result =log2(value);
return result + (unsignedRoundsUp(rounding) &&1<< result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/functionlog10(uint256 value) internalpurereturns (uint256) {
uint256 result =0;
unchecked {
if (value >=10**64) {
value /=10**64;
result +=64;
}
if (value >=10**32) {
value /=10**32;
result +=32;
}
if (value >=10**16) {
value /=10**16;
result +=16;
}
if (value >=10**8) {
value /=10**8;
result +=8;
}
if (value >=10**4) {
value /=10**4;
result +=4;
}
if (value >=10**2) {
value /=10**2;
result +=2;
}
if (value >=10**1) {
result +=1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/functionlog10(uint256 value, Rounding rounding) internalpurereturns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (unsignedRoundsUp(rounding) &&10** result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256 of a positive value rounded towards zero.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/functionlog256(uint256 value) internalpurereturns (uint256) {
uint256 result =0;
unchecked {
if (value >>128>0) {
value >>=128;
result +=16;
}
if (value >>64>0) {
value >>=64;
result +=8;
}
if (value >>32>0) {
value >>=32;
result +=4;
}
if (value >>16>0) {
value >>=16;
result +=2;
}
if (value >>8>0) {
result +=1;
}
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/functionlog256(uint256 value, Rounding rounding) internalpurereturns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (unsignedRoundsUp(rounding) &&1<< (result <<3) < value ? 1 : 0);
}
}
/**
* @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.
*/functionunsignedRoundsUp(Rounding rounding) internalpurereturns (bool) {
returnuint8(rounding) %2==1;
}
}
Contract Source Code
File 43 of 63: MerkleProof.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/cryptography/MerkleProof.sol)pragmasolidity ^0.8.20;/**
* @dev These functions deal with verification of Merkle Tree proofs.
*
* The tree and the proofs can be generated using our
* https://github.com/OpenZeppelin/merkle-tree[JavaScript library].
* You will find a quickstart guide in the readme.
*
* WARNING: You should avoid using leaf values that are 64 bytes long prior to
* hashing, or use a hash function other than keccak256 for hashing leaves.
* This is because the concatenation of a sorted pair of internal nodes in
* the Merkle tree could be reinterpreted as a leaf value.
* OpenZeppelin's JavaScript library generates Merkle trees that are safe
* against this attack out of the box.
*/libraryMerkleProof{
/**
*@dev The multiproof provided is not valid.
*/errorMerkleProofInvalidMultiproof();
/**
* @dev Returns true if a `leaf` can be proved to be a part of a Merkle tree
* defined by `root`. For this, a `proof` must be provided, containing
* sibling hashes on the branch from the leaf to the root of the tree. Each
* pair of leaves and each pair of pre-images are assumed to be sorted.
*/functionverify(bytes32[] memory proof, bytes32 root, bytes32 leaf) internalpurereturns (bool) {
return processProof(proof, leaf) == root;
}
/**
* @dev Calldata version of {verify}
*/functionverifyCalldata(bytes32[] calldata proof, bytes32 root, bytes32 leaf) internalpurereturns (bool) {
return processProofCalldata(proof, leaf) == root;
}
/**
* @dev Returns the rebuilt hash obtained by traversing a Merkle tree up
* from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt
* hash matches the root of the tree. When processing the proof, the pairs
* of leafs & pre-images are assumed to be sorted.
*/functionprocessProof(bytes32[] memory proof, bytes32 leaf) internalpurereturns (bytes32) {
bytes32 computedHash = leaf;
for (uint256 i =0; i < proof.length; i++) {
computedHash = _hashPair(computedHash, proof[i]);
}
return computedHash;
}
/**
* @dev Calldata version of {processProof}
*/functionprocessProofCalldata(bytes32[] calldata proof, bytes32 leaf) internalpurereturns (bytes32) {
bytes32 computedHash = leaf;
for (uint256 i =0; i < proof.length; i++) {
computedHash = _hashPair(computedHash, proof[i]);
}
return computedHash;
}
/**
* @dev Returns true if the `leaves` can be simultaneously proven to be a part of a Merkle tree defined by
* `root`, according to `proof` and `proofFlags` as described in {processMultiProof}.
*
* CAUTION: Not all Merkle trees admit multiproofs. See {processMultiProof} for details.
*/functionmultiProofVerify(bytes32[] memory proof,
bool[] memory proofFlags,
bytes32 root,
bytes32[] memory leaves
) internalpurereturns (bool) {
return processMultiProof(proof, proofFlags, leaves) == root;
}
/**
* @dev Calldata version of {multiProofVerify}
*
* CAUTION: Not all Merkle trees admit multiproofs. See {processMultiProof} for details.
*/functionmultiProofVerifyCalldata(bytes32[] calldata proof,
bool[] calldata proofFlags,
bytes32 root,
bytes32[] memory leaves
) internalpurereturns (bool) {
return processMultiProofCalldata(proof, proofFlags, leaves) == root;
}
/**
* @dev Returns the root of a tree reconstructed from `leaves` and sibling nodes in `proof`. The reconstruction
* proceeds by incrementally reconstructing all inner nodes by combining a leaf/inner node with either another
* leaf/inner node or a proof sibling node, depending on whether each `proofFlags` item is true or false
* respectively.
*
* CAUTION: Not all Merkle trees admit multiproofs. To use multiproofs, it is sufficient to ensure that: 1) the tree
* is complete (but not necessarily perfect), 2) the leaves to be proven are in the opposite order they are in the
* tree (i.e., as seen from right to left starting at the deepest layer and continuing at the next layer).
*/functionprocessMultiProof(bytes32[] memory proof,
bool[] memory proofFlags,
bytes32[] memory leaves
) internalpurereturns (bytes32 merkleRoot) {
// This function rebuilds the root hash by traversing the tree up from the leaves. The root is rebuilt by// consuming and producing values on a queue. The queue starts with the `leaves` array, then goes onto the// `hashes` array. At the end of the process, the last hash in the `hashes` array should contain the root of// the Merkle tree.uint256 leavesLen = leaves.length;
uint256 proofLen = proof.length;
uint256 totalHashes = proofFlags.length;
// Check proof validity.if (leavesLen + proofLen != totalHashes +1) {
revert MerkleProofInvalidMultiproof();
}
// The xxxPos values are "pointers" to the next value to consume in each array. All accesses are done using// `xxx[xxxPos++]`, which return the current value and increment the pointer, thus mimicking a queue's "pop".bytes32[] memory hashes =newbytes32[](totalHashes);
uint256 leafPos =0;
uint256 hashPos =0;
uint256 proofPos =0;
// At each step, we compute the next hash using two values:// - a value from the "main queue". If not all leaves have been consumed, we get the next leaf, otherwise we// get the next hash.// - depending on the flag, either another value from the "main queue" (merging branches) or an element from the// `proof` array.for (uint256 i =0; i < totalHashes; i++) {
bytes32 a = leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++];
bytes32 b = proofFlags[i]
? (leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++])
: proof[proofPos++];
hashes[i] = _hashPair(a, b);
}
if (totalHashes >0) {
if (proofPos != proofLen) {
revert MerkleProofInvalidMultiproof();
}
unchecked {
return hashes[totalHashes -1];
}
} elseif (leavesLen >0) {
return leaves[0];
} else {
return proof[0];
}
}
/**
* @dev Calldata version of {processMultiProof}.
*
* CAUTION: Not all Merkle trees admit multiproofs. See {processMultiProof} for details.
*/functionprocessMultiProofCalldata(bytes32[] calldata proof,
bool[] calldata proofFlags,
bytes32[] memory leaves
) internalpurereturns (bytes32 merkleRoot) {
// This function rebuilds the root hash by traversing the tree up from the leaves. The root is rebuilt by// consuming and producing values on a queue. The queue starts with the `leaves` array, then goes onto the// `hashes` array. At the end of the process, the last hash in the `hashes` array should contain the root of// the Merkle tree.uint256 leavesLen = leaves.length;
uint256 proofLen = proof.length;
uint256 totalHashes = proofFlags.length;
// Check proof validity.if (leavesLen + proofLen != totalHashes +1) {
revert MerkleProofInvalidMultiproof();
}
// The xxxPos values are "pointers" to the next value to consume in each array. All accesses are done using// `xxx[xxxPos++]`, which return the current value and increment the pointer, thus mimicking a queue's "pop".bytes32[] memory hashes =newbytes32[](totalHashes);
uint256 leafPos =0;
uint256 hashPos =0;
uint256 proofPos =0;
// At each step, we compute the next hash using two values:// - a value from the "main queue". If not all leaves have been consumed, we get the next leaf, otherwise we// get the next hash.// - depending on the flag, either another value from the "main queue" (merging branches) or an element from the// `proof` array.for (uint256 i =0; i < totalHashes; i++) {
bytes32 a = leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++];
bytes32 b = proofFlags[i]
? (leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++])
: proof[proofPos++];
hashes[i] = _hashPair(a, b);
}
if (totalHashes >0) {
if (proofPos != proofLen) {
revert MerkleProofInvalidMultiproof();
}
unchecked {
return hashes[totalHashes -1];
}
} elseif (leavesLen >0) {
return leaves[0];
} else {
return proof[0];
}
}
/**
* @dev Sorts the pair (a, b) and hashes the result.
*/function_hashPair(bytes32 a, bytes32 b) privatepurereturns (bytes32) {
return a < b ? _efficientHash(a, b) : _efficientHash(b, a);
}
/**
* @dev Implementation of keccak256(abi.encode(a, b)) that doesn't allocate or expand memory.
*/function_efficientHash(bytes32 a, bytes32 b) privatepurereturns (bytes32 value) {
/// @solidity memory-safe-assemblyassembly {
mstore(0x00, a)
mstore(0x20, b)
value :=keccak256(0x00, 0x40)
}
}
}
Contract Source Code
File 44 of 63: MessageHashUtils.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/cryptography/MessageHashUtils.sol)pragmasolidity ^0.8.20;import {Strings} from"../Strings.sol";
/**
* @dev Signature message hash utilities for producing digests to be consumed by {ECDSA} recovery or signing.
*
* The library provides methods for generating a hash of a message that conforms to the
* https://eips.ethereum.org/EIPS/eip-191[EIP 191] and https://eips.ethereum.org/EIPS/eip-712[EIP 712]
* specifications.
*/libraryMessageHashUtils{
/**
* @dev Returns the keccak256 digest of an EIP-191 signed data with version
* `0x45` (`personal_sign` messages).
*
* The digest is calculated by prefixing a bytes32 `messageHash` with
* `"\x19Ethereum Signed Message:\n32"` and hashing the result. It corresponds with the
* hash signed when using the https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`] JSON-RPC method.
*
* NOTE: The `messageHash` parameter is intended to be the result of hashing a raw message with
* keccak256, although any bytes32 value can be safely used because the final digest will
* be re-hashed.
*
* See {ECDSA-recover}.
*/functiontoEthSignedMessageHash(bytes32 messageHash) internalpurereturns (bytes32 digest) {
/// @solidity memory-safe-assemblyassembly {
mstore(0x00, "\x19Ethereum Signed Message:\n32") // 32 is the bytes-length of messageHashmstore(0x1c, messageHash) // 0x1c (28) is the length of the prefix
digest :=keccak256(0x00, 0x3c) // 0x3c is the length of the prefix (0x1c) + messageHash (0x20)
}
}
/**
* @dev Returns the keccak256 digest of an EIP-191 signed data with version
* `0x45` (`personal_sign` messages).
*
* The digest is calculated by prefixing an arbitrary `message` with
* `"\x19Ethereum Signed Message:\n" + len(message)` and hashing the result. It corresponds with the
* hash signed when using the https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`] JSON-RPC method.
*
* See {ECDSA-recover}.
*/functiontoEthSignedMessageHash(bytesmemory message) internalpurereturns (bytes32) {
returnkeccak256(bytes.concat("\x19Ethereum Signed Message:\n", bytes(Strings.toString(message.length)), message));
}
/**
* @dev Returns the keccak256 digest of an EIP-191 signed data with version
* `0x00` (data with intended validator).
*
* The digest is calculated by prefixing an arbitrary `data` with `"\x19\x00"` and the intended
* `validator` address. Then hashing the result.
*
* See {ECDSA-recover}.
*/functiontoDataWithIntendedValidatorHash(address validator, bytesmemory data) internalpurereturns (bytes32) {
returnkeccak256(abi.encodePacked(hex"19_00", validator, data));
}
/**
* @dev Returns the keccak256 digest of an EIP-712 typed data (EIP-191 version `0x01`).
*
* The digest is calculated from a `domainSeparator` and a `structHash`, by prefixing them with
* `\x19\x01` and hashing the result. It corresponds to the hash signed by the
* https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`] JSON-RPC method as part of EIP-712.
*
* See {ECDSA-recover}.
*/functiontoTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internalpurereturns (bytes32 digest) {
/// @solidity memory-safe-assemblyassembly {
let ptr :=mload(0x40)
mstore(ptr, hex"19_01")
mstore(add(ptr, 0x02), domainSeparator)
mstore(add(ptr, 0x22), structHash)
digest :=keccak256(ptr, 0x42)
}
}
}
Contract Source Code
File 45 of 63: Nonces.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/Nonces.sol)pragmasolidity ^0.8.20;/**
* @dev Provides tracking nonces for addresses. Nonces will only increment.
*/abstractcontractNonces{
/**
* @dev The nonce used for an `account` is not the expected current nonce.
*/errorInvalidAccountNonce(address account, uint256 currentNonce);
mapping(address account =>uint256) private _nonces;
/**
* @dev Returns the next unused nonce for an address.
*/functionnonces(address owner) publicviewvirtualreturns (uint256) {
return _nonces[owner];
}
/**
* @dev Consumes a nonce.
*
* Returns the current value and increments nonce.
*/function_useNonce(address owner) internalvirtualreturns (uint256) {
// For each account, the nonce has an initial value of 0, can only be incremented by one, and cannot be// decremented or reset. This guarantees that the nonce never overflows.unchecked {
// It is important to do x++ and not ++x here.return _nonces[owner]++;
}
}
/**
* @dev Same as {_useNonce} but checking that `nonce` is the next valid for `owner`.
*/function_useCheckedNonce(address owner, uint256 nonce) internalvirtual{
uint256 current = _useNonce(owner);
if (nonce != current) {
revert InvalidAccountNonce(owner, current);
}
}
}
Contract Source Code
File 46 of 63: NoncesUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/Nonces.sol)pragmasolidity ^0.8.20;import {Initializable} from"../proxy/utils/Initializable.sol";
/**
* @dev Provides tracking nonces for addresses. Nonces will only increment.
*/abstractcontractNoncesUpgradeableisInitializable{
/**
* @dev The nonce used for an `account` is not the expected current nonce.
*/errorInvalidAccountNonce(address account, uint256 currentNonce);
/// @custom:storage-location erc7201:openzeppelin.storage.NoncesstructNoncesStorage {
mapping(address account =>uint256) _nonces;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Nonces")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant NoncesStorageLocation =0x5ab42ced628888259c08ac98db1eb0cf702fc1501344311d8b100cd1bfe4bb00;
function_getNoncesStorage() privatepurereturns (NoncesStorage storage $) {
assembly {
$.slot:= NoncesStorageLocation
}
}
function__Nonces_init() internalonlyInitializing{
}
function__Nonces_init_unchained() internalonlyInitializing{
}
/**
* @dev Returns the next unused nonce for an address.
*/functionnonces(address owner) publicviewvirtualreturns (uint256) {
NoncesStorage storage $ = _getNoncesStorage();
return $._nonces[owner];
}
/**
* @dev Consumes a nonce.
*
* Returns the current value and increments nonce.
*/function_useNonce(address owner) internalvirtualreturns (uint256) {
NoncesStorage storage $ = _getNoncesStorage();
// For each account, the nonce has an initial value of 0, can only be incremented by one, and cannot be// decremented or reset. This guarantees that the nonce never overflows.unchecked {
// It is important to do x++ and not ++x here.return $._nonces[owner]++;
}
}
/**
* @dev Same as {_useNonce} but checking that `nonce` is the next valid for `owner`.
*/function_useCheckedNonce(address owner, uint256 nonce) internalvirtual{
uint256 current = _useNonce(owner);
if (nonce != current) {
revert InvalidAccountNonce(owner, current);
}
}
}
Contract Source Code
File 47 of 63: OwnableUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)pragmasolidity ^0.8.20;import {ContextUpgradeable} from"../utils/ContextUpgradeable.sol";
import {Initializable} from"../proxy/utils/Initializable.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* The initial owner is set to the address provided by the deployer. This can
* later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/abstractcontractOwnableUpgradeableisInitializable, ContextUpgradeable{
/// @custom:storage-location erc7201:openzeppelin.storage.OwnablestructOwnableStorage {
address _owner;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Ownable")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant OwnableStorageLocation =0x9016d09d72d40fdae2fd8ceac6b6234c7706214fd39c1cd1e609a0528c199300;
function_getOwnableStorage() privatepurereturns (OwnableStorage storage $) {
assembly {
$.slot:= OwnableStorageLocation
}
}
/**
* @dev The caller account is not authorized to perform an operation.
*/errorOwnableUnauthorizedAccount(address account);
/**
* @dev The owner is not a valid owner account. (eg. `address(0)`)
*/errorOwnableInvalidOwner(address owner);
eventOwnershipTransferred(addressindexed previousOwner, addressindexed newOwner);
/**
* @dev Initializes the contract setting the address provided by the deployer as the initial owner.
*/function__Ownable_init(address initialOwner) internalonlyInitializing{
__Ownable_init_unchained(initialOwner);
}
function__Ownable_init_unchained(address initialOwner) internalonlyInitializing{
if (initialOwner ==address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(initialOwner);
}
/**
* @dev Throws if called by any account other than the owner.
*/modifieronlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/functionowner() publicviewvirtualreturns (address) {
OwnableStorage storage $ = _getOwnableStorage();
return $._owner;
}
/**
* @dev Throws if the sender is not the owner.
*/function_checkOwner() internalviewvirtual{
if (owner() != _msgSender()) {
revert OwnableUnauthorizedAccount(_msgSender());
}
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/functionrenounceOwnership() publicvirtualonlyOwner{
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/functiontransferOwnership(address newOwner) publicvirtualonlyOwner{
if (newOwner ==address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/function_transferOwnership(address newOwner) internalvirtual{
OwnableStorage storage $ = _getOwnableStorage();
address oldOwner = $._owner;
$._owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
Contract Source Code
File 48 of 63: SafeCast.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/math/SafeCast.sol)// This file was procedurally generated from scripts/generate/templates/SafeCast.js.pragmasolidity ^0.8.20;/**
* @dev Wrappers over Solidity's uintXX/intXX casting operators with added overflow
* checks.
*
* Downcasting from uint256/int256 in Solidity does not revert on overflow. This can
* easily result in undesired exploitation or bugs, since developers usually
* assume that overflows raise errors. `SafeCast` restores this intuition by
* reverting the transaction when such an operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/librarySafeCast{
/**
* @dev Value doesn't fit in an uint of `bits` size.
*/errorSafeCastOverflowedUintDowncast(uint8 bits, uint256 value);
/**
* @dev An int value doesn't fit in an uint of `bits` size.
*/errorSafeCastOverflowedIntToUint(int256 value);
/**
* @dev Value doesn't fit in an int of `bits` size.
*/errorSafeCastOverflowedIntDowncast(uint8 bits, int256 value);
/**
* @dev An uint value doesn't fit in an int of `bits` size.
*/errorSafeCastOverflowedUintToInt(uint256 value);
/**
* @dev Returns the downcasted uint248 from uint256, reverting on
* overflow (when the input is greater than largest uint248).
*
* Counterpart to Solidity's `uint248` operator.
*
* Requirements:
*
* - input must fit into 248 bits
*/functiontoUint248(uint256 value) internalpurereturns (uint248) {
if (value >type(uint248).max) {
revert SafeCastOverflowedUintDowncast(248, value);
}
returnuint248(value);
}
/**
* @dev Returns the downcasted uint240 from uint256, reverting on
* overflow (when the input is greater than largest uint240).
*
* Counterpart to Solidity's `uint240` operator.
*
* Requirements:
*
* - input must fit into 240 bits
*/functiontoUint240(uint256 value) internalpurereturns (uint240) {
if (value >type(uint240).max) {
revert SafeCastOverflowedUintDowncast(240, value);
}
returnuint240(value);
}
/**
* @dev Returns the downcasted uint232 from uint256, reverting on
* overflow (when the input is greater than largest uint232).
*
* Counterpart to Solidity's `uint232` operator.
*
* Requirements:
*
* - input must fit into 232 bits
*/functiontoUint232(uint256 value) internalpurereturns (uint232) {
if (value >type(uint232).max) {
revert SafeCastOverflowedUintDowncast(232, value);
}
returnuint232(value);
}
/**
* @dev Returns the downcasted uint224 from uint256, reverting on
* overflow (when the input is greater than largest uint224).
*
* Counterpart to Solidity's `uint224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*/functiontoUint224(uint256 value) internalpurereturns (uint224) {
if (value >type(uint224).max) {
revert SafeCastOverflowedUintDowncast(224, value);
}
returnuint224(value);
}
/**
* @dev Returns the downcasted uint216 from uint256, reverting on
* overflow (when the input is greater than largest uint216).
*
* Counterpart to Solidity's `uint216` operator.
*
* Requirements:
*
* - input must fit into 216 bits
*/functiontoUint216(uint256 value) internalpurereturns (uint216) {
if (value >type(uint216).max) {
revert SafeCastOverflowedUintDowncast(216, value);
}
returnuint216(value);
}
/**
* @dev Returns the downcasted uint208 from uint256, reverting on
* overflow (when the input is greater than largest uint208).
*
* Counterpart to Solidity's `uint208` operator.
*
* Requirements:
*
* - input must fit into 208 bits
*/functiontoUint208(uint256 value) internalpurereturns (uint208) {
if (value >type(uint208).max) {
revert SafeCastOverflowedUintDowncast(208, value);
}
returnuint208(value);
}
/**
* @dev Returns the downcasted uint200 from uint256, reverting on
* overflow (when the input is greater than largest uint200).
*
* Counterpart to Solidity's `uint200` operator.
*
* Requirements:
*
* - input must fit into 200 bits
*/functiontoUint200(uint256 value) internalpurereturns (uint200) {
if (value >type(uint200).max) {
revert SafeCastOverflowedUintDowncast(200, value);
}
returnuint200(value);
}
/**
* @dev Returns the downcasted uint192 from uint256, reverting on
* overflow (when the input is greater than largest uint192).
*
* Counterpart to Solidity's `uint192` operator.
*
* Requirements:
*
* - input must fit into 192 bits
*/functiontoUint192(uint256 value) internalpurereturns (uint192) {
if (value >type(uint192).max) {
revert SafeCastOverflowedUintDowncast(192, value);
}
returnuint192(value);
}
/**
* @dev Returns the downcasted uint184 from uint256, reverting on
* overflow (when the input is greater than largest uint184).
*
* Counterpart to Solidity's `uint184` operator.
*
* Requirements:
*
* - input must fit into 184 bits
*/functiontoUint184(uint256 value) internalpurereturns (uint184) {
if (value >type(uint184).max) {
revert SafeCastOverflowedUintDowncast(184, value);
}
returnuint184(value);
}
/**
* @dev Returns the downcasted uint176 from uint256, reverting on
* overflow (when the input is greater than largest uint176).
*
* Counterpart to Solidity's `uint176` operator.
*
* Requirements:
*
* - input must fit into 176 bits
*/functiontoUint176(uint256 value) internalpurereturns (uint176) {
if (value >type(uint176).max) {
revert SafeCastOverflowedUintDowncast(176, value);
}
returnuint176(value);
}
/**
* @dev Returns the downcasted uint168 from uint256, reverting on
* overflow (when the input is greater than largest uint168).
*
* Counterpart to Solidity's `uint168` operator.
*
* Requirements:
*
* - input must fit into 168 bits
*/functiontoUint168(uint256 value) internalpurereturns (uint168) {
if (value >type(uint168).max) {
revert SafeCastOverflowedUintDowncast(168, value);
}
returnuint168(value);
}
/**
* @dev Returns the downcasted uint160 from uint256, reverting on
* overflow (when the input is greater than largest uint160).
*
* Counterpart to Solidity's `uint160` operator.
*
* Requirements:
*
* - input must fit into 160 bits
*/functiontoUint160(uint256 value) internalpurereturns (uint160) {
if (value >type(uint160).max) {
revert SafeCastOverflowedUintDowncast(160, value);
}
returnuint160(value);
}
/**
* @dev Returns the downcasted uint152 from uint256, reverting on
* overflow (when the input is greater than largest uint152).
*
* Counterpart to Solidity's `uint152` operator.
*
* Requirements:
*
* - input must fit into 152 bits
*/functiontoUint152(uint256 value) internalpurereturns (uint152) {
if (value >type(uint152).max) {
revert SafeCastOverflowedUintDowncast(152, value);
}
returnuint152(value);
}
/**
* @dev Returns the downcasted uint144 from uint256, reverting on
* overflow (when the input is greater than largest uint144).
*
* Counterpart to Solidity's `uint144` operator.
*
* Requirements:
*
* - input must fit into 144 bits
*/functiontoUint144(uint256 value) internalpurereturns (uint144) {
if (value >type(uint144).max) {
revert SafeCastOverflowedUintDowncast(144, value);
}
returnuint144(value);
}
/**
* @dev Returns the downcasted uint136 from uint256, reverting on
* overflow (when the input is greater than largest uint136).
*
* Counterpart to Solidity's `uint136` operator.
*
* Requirements:
*
* - input must fit into 136 bits
*/functiontoUint136(uint256 value) internalpurereturns (uint136) {
if (value >type(uint136).max) {
revert SafeCastOverflowedUintDowncast(136, value);
}
returnuint136(value);
}
/**
* @dev Returns the downcasted uint128 from uint256, reverting on
* overflow (when the input is greater than largest uint128).
*
* Counterpart to Solidity's `uint128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*/functiontoUint128(uint256 value) internalpurereturns (uint128) {
if (value >type(uint128).max) {
revert SafeCastOverflowedUintDowncast(128, value);
}
returnuint128(value);
}
/**
* @dev Returns the downcasted uint120 from uint256, reverting on
* overflow (when the input is greater than largest uint120).
*
* Counterpart to Solidity's `uint120` operator.
*
* Requirements:
*
* - input must fit into 120 bits
*/functiontoUint120(uint256 value) internalpurereturns (uint120) {
if (value >type(uint120).max) {
revert SafeCastOverflowedUintDowncast(120, value);
}
returnuint120(value);
}
/**
* @dev Returns the downcasted uint112 from uint256, reverting on
* overflow (when the input is greater than largest uint112).
*
* Counterpart to Solidity's `uint112` operator.
*
* Requirements:
*
* - input must fit into 112 bits
*/functiontoUint112(uint256 value) internalpurereturns (uint112) {
if (value >type(uint112).max) {
revert SafeCastOverflowedUintDowncast(112, value);
}
returnuint112(value);
}
/**
* @dev Returns the downcasted uint104 from uint256, reverting on
* overflow (when the input is greater than largest uint104).
*
* Counterpart to Solidity's `uint104` operator.
*
* Requirements:
*
* - input must fit into 104 bits
*/functiontoUint104(uint256 value) internalpurereturns (uint104) {
if (value >type(uint104).max) {
revert SafeCastOverflowedUintDowncast(104, value);
}
returnuint104(value);
}
/**
* @dev Returns the downcasted uint96 from uint256, reverting on
* overflow (when the input is greater than largest uint96).
*
* Counterpart to Solidity's `uint96` operator.
*
* Requirements:
*
* - input must fit into 96 bits
*/functiontoUint96(uint256 value) internalpurereturns (uint96) {
if (value >type(uint96).max) {
revert SafeCastOverflowedUintDowncast(96, value);
}
returnuint96(value);
}
/**
* @dev Returns the downcasted uint88 from uint256, reverting on
* overflow (when the input is greater than largest uint88).
*
* Counterpart to Solidity's `uint88` operator.
*
* Requirements:
*
* - input must fit into 88 bits
*/functiontoUint88(uint256 value) internalpurereturns (uint88) {
if (value >type(uint88).max) {
revert SafeCastOverflowedUintDowncast(88, value);
}
returnuint88(value);
}
/**
* @dev Returns the downcasted uint80 from uint256, reverting on
* overflow (when the input is greater than largest uint80).
*
* Counterpart to Solidity's `uint80` operator.
*
* Requirements:
*
* - input must fit into 80 bits
*/functiontoUint80(uint256 value) internalpurereturns (uint80) {
if (value >type(uint80).max) {
revert SafeCastOverflowedUintDowncast(80, value);
}
returnuint80(value);
}
/**
* @dev Returns the downcasted uint72 from uint256, reverting on
* overflow (when the input is greater than largest uint72).
*
* Counterpart to Solidity's `uint72` operator.
*
* Requirements:
*
* - input must fit into 72 bits
*/functiontoUint72(uint256 value) internalpurereturns (uint72) {
if (value >type(uint72).max) {
revert SafeCastOverflowedUintDowncast(72, value);
}
returnuint72(value);
}
/**
* @dev Returns the downcasted uint64 from uint256, reverting on
* overflow (when the input is greater than largest uint64).
*
* Counterpart to Solidity's `uint64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*/functiontoUint64(uint256 value) internalpurereturns (uint64) {
if (value >type(uint64).max) {
revert SafeCastOverflowedUintDowncast(64, value);
}
returnuint64(value);
}
/**
* @dev Returns the downcasted uint56 from uint256, reverting on
* overflow (when the input is greater than largest uint56).
*
* Counterpart to Solidity's `uint56` operator.
*
* Requirements:
*
* - input must fit into 56 bits
*/functiontoUint56(uint256 value) internalpurereturns (uint56) {
if (value >type(uint56).max) {
revert SafeCastOverflowedUintDowncast(56, value);
}
returnuint56(value);
}
/**
* @dev Returns the downcasted uint48 from uint256, reverting on
* overflow (when the input is greater than largest uint48).
*
* Counterpart to Solidity's `uint48` operator.
*
* Requirements:
*
* - input must fit into 48 bits
*/functiontoUint48(uint256 value) internalpurereturns (uint48) {
if (value >type(uint48).max) {
revert SafeCastOverflowedUintDowncast(48, value);
}
returnuint48(value);
}
/**
* @dev Returns the downcasted uint40 from uint256, reverting on
* overflow (when the input is greater than largest uint40).
*
* Counterpart to Solidity's `uint40` operator.
*
* Requirements:
*
* - input must fit into 40 bits
*/functiontoUint40(uint256 value) internalpurereturns (uint40) {
if (value >type(uint40).max) {
revert SafeCastOverflowedUintDowncast(40, value);
}
returnuint40(value);
}
/**
* @dev Returns the downcasted uint32 from uint256, reverting on
* overflow (when the input is greater than largest uint32).
*
* Counterpart to Solidity's `uint32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*/functiontoUint32(uint256 value) internalpurereturns (uint32) {
if (value >type(uint32).max) {
revert SafeCastOverflowedUintDowncast(32, value);
}
returnuint32(value);
}
/**
* @dev Returns the downcasted uint24 from uint256, reverting on
* overflow (when the input is greater than largest uint24).
*
* Counterpart to Solidity's `uint24` operator.
*
* Requirements:
*
* - input must fit into 24 bits
*/functiontoUint24(uint256 value) internalpurereturns (uint24) {
if (value >type(uint24).max) {
revert SafeCastOverflowedUintDowncast(24, value);
}
returnuint24(value);
}
/**
* @dev Returns the downcasted uint16 from uint256, reverting on
* overflow (when the input is greater than largest uint16).
*
* Counterpart to Solidity's `uint16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*/functiontoUint16(uint256 value) internalpurereturns (uint16) {
if (value >type(uint16).max) {
revert SafeCastOverflowedUintDowncast(16, value);
}
returnuint16(value);
}
/**
* @dev Returns the downcasted uint8 from uint256, reverting on
* overflow (when the input is greater than largest uint8).
*
* Counterpart to Solidity's `uint8` operator.
*
* Requirements:
*
* - input must fit into 8 bits
*/functiontoUint8(uint256 value) internalpurereturns (uint8) {
if (value >type(uint8).max) {
revert SafeCastOverflowedUintDowncast(8, value);
}
returnuint8(value);
}
/**
* @dev Converts a signed int256 into an unsigned uint256.
*
* Requirements:
*
* - input must be greater than or equal to 0.
*/functiontoUint256(int256 value) internalpurereturns (uint256) {
if (value <0) {
revert SafeCastOverflowedIntToUint(value);
}
returnuint256(value);
}
/**
* @dev Returns the downcasted int248 from int256, reverting on
* overflow (when the input is less than smallest int248 or
* greater than largest int248).
*
* Counterpart to Solidity's `int248` operator.
*
* Requirements:
*
* - input must fit into 248 bits
*/functiontoInt248(int256 value) internalpurereturns (int248 downcasted) {
downcasted =int248(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(248, value);
}
}
/**
* @dev Returns the downcasted int240 from int256, reverting on
* overflow (when the input is less than smallest int240 or
* greater than largest int240).
*
* Counterpart to Solidity's `int240` operator.
*
* Requirements:
*
* - input must fit into 240 bits
*/functiontoInt240(int256 value) internalpurereturns (int240 downcasted) {
downcasted =int240(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(240, value);
}
}
/**
* @dev Returns the downcasted int232 from int256, reverting on
* overflow (when the input is less than smallest int232 or
* greater than largest int232).
*
* Counterpart to Solidity's `int232` operator.
*
* Requirements:
*
* - input must fit into 232 bits
*/functiontoInt232(int256 value) internalpurereturns (int232 downcasted) {
downcasted =int232(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(232, value);
}
}
/**
* @dev Returns the downcasted int224 from int256, reverting on
* overflow (when the input is less than smallest int224 or
* greater than largest int224).
*
* Counterpart to Solidity's `int224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*/functiontoInt224(int256 value) internalpurereturns (int224 downcasted) {
downcasted =int224(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(224, value);
}
}
/**
* @dev Returns the downcasted int216 from int256, reverting on
* overflow (when the input is less than smallest int216 or
* greater than largest int216).
*
* Counterpart to Solidity's `int216` operator.
*
* Requirements:
*
* - input must fit into 216 bits
*/functiontoInt216(int256 value) internalpurereturns (int216 downcasted) {
downcasted =int216(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(216, value);
}
}
/**
* @dev Returns the downcasted int208 from int256, reverting on
* overflow (when the input is less than smallest int208 or
* greater than largest int208).
*
* Counterpart to Solidity's `int208` operator.
*
* Requirements:
*
* - input must fit into 208 bits
*/functiontoInt208(int256 value) internalpurereturns (int208 downcasted) {
downcasted =int208(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(208, value);
}
}
/**
* @dev Returns the downcasted int200 from int256, reverting on
* overflow (when the input is less than smallest int200 or
* greater than largest int200).
*
* Counterpart to Solidity's `int200` operator.
*
* Requirements:
*
* - input must fit into 200 bits
*/functiontoInt200(int256 value) internalpurereturns (int200 downcasted) {
downcasted =int200(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(200, value);
}
}
/**
* @dev Returns the downcasted int192 from int256, reverting on
* overflow (when the input is less than smallest int192 or
* greater than largest int192).
*
* Counterpart to Solidity's `int192` operator.
*
* Requirements:
*
* - input must fit into 192 bits
*/functiontoInt192(int256 value) internalpurereturns (int192 downcasted) {
downcasted =int192(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(192, value);
}
}
/**
* @dev Returns the downcasted int184 from int256, reverting on
* overflow (when the input is less than smallest int184 or
* greater than largest int184).
*
* Counterpart to Solidity's `int184` operator.
*
* Requirements:
*
* - input must fit into 184 bits
*/functiontoInt184(int256 value) internalpurereturns (int184 downcasted) {
downcasted =int184(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(184, value);
}
}
/**
* @dev Returns the downcasted int176 from int256, reverting on
* overflow (when the input is less than smallest int176 or
* greater than largest int176).
*
* Counterpart to Solidity's `int176` operator.
*
* Requirements:
*
* - input must fit into 176 bits
*/functiontoInt176(int256 value) internalpurereturns (int176 downcasted) {
downcasted =int176(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(176, value);
}
}
/**
* @dev Returns the downcasted int168 from int256, reverting on
* overflow (when the input is less than smallest int168 or
* greater than largest int168).
*
* Counterpart to Solidity's `int168` operator.
*
* Requirements:
*
* - input must fit into 168 bits
*/functiontoInt168(int256 value) internalpurereturns (int168 downcasted) {
downcasted =int168(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(168, value);
}
}
/**
* @dev Returns the downcasted int160 from int256, reverting on
* overflow (when the input is less than smallest int160 or
* greater than largest int160).
*
* Counterpart to Solidity's `int160` operator.
*
* Requirements:
*
* - input must fit into 160 bits
*/functiontoInt160(int256 value) internalpurereturns (int160 downcasted) {
downcasted =int160(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(160, value);
}
}
/**
* @dev Returns the downcasted int152 from int256, reverting on
* overflow (when the input is less than smallest int152 or
* greater than largest int152).
*
* Counterpart to Solidity's `int152` operator.
*
* Requirements:
*
* - input must fit into 152 bits
*/functiontoInt152(int256 value) internalpurereturns (int152 downcasted) {
downcasted =int152(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(152, value);
}
}
/**
* @dev Returns the downcasted int144 from int256, reverting on
* overflow (when the input is less than smallest int144 or
* greater than largest int144).
*
* Counterpart to Solidity's `int144` operator.
*
* Requirements:
*
* - input must fit into 144 bits
*/functiontoInt144(int256 value) internalpurereturns (int144 downcasted) {
downcasted =int144(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(144, value);
}
}
/**
* @dev Returns the downcasted int136 from int256, reverting on
* overflow (when the input is less than smallest int136 or
* greater than largest int136).
*
* Counterpart to Solidity's `int136` operator.
*
* Requirements:
*
* - input must fit into 136 bits
*/functiontoInt136(int256 value) internalpurereturns (int136 downcasted) {
downcasted =int136(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(136, value);
}
}
/**
* @dev Returns the downcasted int128 from int256, reverting on
* overflow (when the input is less than smallest int128 or
* greater than largest int128).
*
* Counterpart to Solidity's `int128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*/functiontoInt128(int256 value) internalpurereturns (int128 downcasted) {
downcasted =int128(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(128, value);
}
}
/**
* @dev Returns the downcasted int120 from int256, reverting on
* overflow (when the input is less than smallest int120 or
* greater than largest int120).
*
* Counterpart to Solidity's `int120` operator.
*
* Requirements:
*
* - input must fit into 120 bits
*/functiontoInt120(int256 value) internalpurereturns (int120 downcasted) {
downcasted =int120(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(120, value);
}
}
/**
* @dev Returns the downcasted int112 from int256, reverting on
* overflow (when the input is less than smallest int112 or
* greater than largest int112).
*
* Counterpart to Solidity's `int112` operator.
*
* Requirements:
*
* - input must fit into 112 bits
*/functiontoInt112(int256 value) internalpurereturns (int112 downcasted) {
downcasted =int112(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(112, value);
}
}
/**
* @dev Returns the downcasted int104 from int256, reverting on
* overflow (when the input is less than smallest int104 or
* greater than largest int104).
*
* Counterpart to Solidity's `int104` operator.
*
* Requirements:
*
* - input must fit into 104 bits
*/functiontoInt104(int256 value) internalpurereturns (int104 downcasted) {
downcasted =int104(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(104, value);
}
}
/**
* @dev Returns the downcasted int96 from int256, reverting on
* overflow (when the input is less than smallest int96 or
* greater than largest int96).
*
* Counterpart to Solidity's `int96` operator.
*
* Requirements:
*
* - input must fit into 96 bits
*/functiontoInt96(int256 value) internalpurereturns (int96 downcasted) {
downcasted =int96(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(96, value);
}
}
/**
* @dev Returns the downcasted int88 from int256, reverting on
* overflow (when the input is less than smallest int88 or
* greater than largest int88).
*
* Counterpart to Solidity's `int88` operator.
*
* Requirements:
*
* - input must fit into 88 bits
*/functiontoInt88(int256 value) internalpurereturns (int88 downcasted) {
downcasted =int88(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(88, value);
}
}
/**
* @dev Returns the downcasted int80 from int256, reverting on
* overflow (when the input is less than smallest int80 or
* greater than largest int80).
*
* Counterpart to Solidity's `int80` operator.
*
* Requirements:
*
* - input must fit into 80 bits
*/functiontoInt80(int256 value) internalpurereturns (int80 downcasted) {
downcasted =int80(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(80, value);
}
}
/**
* @dev Returns the downcasted int72 from int256, reverting on
* overflow (when the input is less than smallest int72 or
* greater than largest int72).
*
* Counterpart to Solidity's `int72` operator.
*
* Requirements:
*
* - input must fit into 72 bits
*/functiontoInt72(int256 value) internalpurereturns (int72 downcasted) {
downcasted =int72(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(72, value);
}
}
/**
* @dev Returns the downcasted int64 from int256, reverting on
* overflow (when the input is less than smallest int64 or
* greater than largest int64).
*
* Counterpart to Solidity's `int64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*/functiontoInt64(int256 value) internalpurereturns (int64 downcasted) {
downcasted =int64(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(64, value);
}
}
/**
* @dev Returns the downcasted int56 from int256, reverting on
* overflow (when the input is less than smallest int56 or
* greater than largest int56).
*
* Counterpart to Solidity's `int56` operator.
*
* Requirements:
*
* - input must fit into 56 bits
*/functiontoInt56(int256 value) internalpurereturns (int56 downcasted) {
downcasted =int56(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(56, value);
}
}
/**
* @dev Returns the downcasted int48 from int256, reverting on
* overflow (when the input is less than smallest int48 or
* greater than largest int48).
*
* Counterpart to Solidity's `int48` operator.
*
* Requirements:
*
* - input must fit into 48 bits
*/functiontoInt48(int256 value) internalpurereturns (int48 downcasted) {
downcasted =int48(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(48, value);
}
}
/**
* @dev Returns the downcasted int40 from int256, reverting on
* overflow (when the input is less than smallest int40 or
* greater than largest int40).
*
* Counterpart to Solidity's `int40` operator.
*
* Requirements:
*
* - input must fit into 40 bits
*/functiontoInt40(int256 value) internalpurereturns (int40 downcasted) {
downcasted =int40(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(40, value);
}
}
/**
* @dev Returns the downcasted int32 from int256, reverting on
* overflow (when the input is less than smallest int32 or
* greater than largest int32).
*
* Counterpart to Solidity's `int32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*/functiontoInt32(int256 value) internalpurereturns (int32 downcasted) {
downcasted =int32(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(32, value);
}
}
/**
* @dev Returns the downcasted int24 from int256, reverting on
* overflow (when the input is less than smallest int24 or
* greater than largest int24).
*
* Counterpart to Solidity's `int24` operator.
*
* Requirements:
*
* - input must fit into 24 bits
*/functiontoInt24(int256 value) internalpurereturns (int24 downcasted) {
downcasted =int24(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(24, value);
}
}
/**
* @dev Returns the downcasted int16 from int256, reverting on
* overflow (when the input is less than smallest int16 or
* greater than largest int16).
*
* Counterpart to Solidity's `int16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*/functiontoInt16(int256 value) internalpurereturns (int16 downcasted) {
downcasted =int16(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(16, value);
}
}
/**
* @dev Returns the downcasted int8 from int256, reverting on
* overflow (when the input is less than smallest int8 or
* greater than largest int8).
*
* Counterpart to Solidity's `int8` operator.
*
* Requirements:
*
* - input must fit into 8 bits
*/functiontoInt8(int256 value) internalpurereturns (int8 downcasted) {
downcasted =int8(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(8, value);
}
}
/**
* @dev Converts an unsigned uint256 into a signed int256.
*
* Requirements:
*
* - input must be less than or equal to maxInt256.
*/functiontoInt256(uint256 value) internalpurereturns (int256) {
// Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positiveif (value >uint256(type(int256).max)) {
revert SafeCastOverflowedUintToInt(value);
}
returnint256(value);
}
}
Contract Source Code
File 49 of 63: SafeERC20.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/utils/SafeERC20.sol)pragmasolidity ^0.8.20;import {IERC20} from"../IERC20.sol";
import {IERC20Permit} from"../extensions/IERC20Permit.sol";
import {Address} from"../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/librarySafeERC20{
usingAddressforaddress;
/**
* @dev An operation with an ERC20 token failed.
*/errorSafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/errorSafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/functionsafeTransfer(IERC20 token, address to, uint256 value) internal{
_callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/functionsafeTransferFrom(IERC20 token, addressfrom, address to, uint256 value) internal{
_callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/functionsafeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal{
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*/functionsafeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal{
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*/functionforceApprove(IERC20 token, address spender, uint256 value) internal{
bytesmemory approvalCall =abi.encodeCall(token.approve, (spender, value));
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeCall(token.approve, (spender, 0)));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/function_callOptionalReturn(IERC20 token, bytesmemory data) private{
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that// the target address contains contract code and also asserts for success in the low-level call.bytesmemory returndata =address(token).functionCall(data);
if (returndata.length!=0&&!abi.decode(returndata, (bool))) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead.
*/function_callOptionalReturnBool(IERC20 token, bytesmemory data) privatereturns (bool) {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since// we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false// and not revert is the subcall reverts.
(bool success, bytesmemory returndata) =address(token).call(data);
return success && (returndata.length==0||abi.decode(returndata, (bool))) &&address(token).code.length>0;
}
}
Contract Source Code
File 50 of 63: ShortStrings.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/ShortStrings.sol)pragmasolidity ^0.8.20;import {StorageSlot} from"./StorageSlot.sol";
// | string | 0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |// | length | 0x BB |type ShortString isbytes32;
/**
* @dev This library provides functions to convert short memory strings
* into a `ShortString` type that can be used as an immutable variable.
*
* Strings of arbitrary length can be optimized using this library if
* they are short enough (up to 31 bytes) by packing them with their
* length (1 byte) in a single EVM word (32 bytes). Additionally, a
* fallback mechanism can be used for every other case.
*
* Usage example:
*
* ```solidity
* contract Named {
* using ShortStrings for *;
*
* ShortString private immutable _name;
* string private _nameFallback;
*
* constructor(string memory contractName) {
* _name = contractName.toShortStringWithFallback(_nameFallback);
* }
*
* function name() external view returns (string memory) {
* return _name.toStringWithFallback(_nameFallback);
* }
* }
* ```
*/libraryShortStrings{
// Used as an identifier for strings longer than 31 bytes.bytes32privateconstant FALLBACK_SENTINEL =0x00000000000000000000000000000000000000000000000000000000000000FF;
errorStringTooLong(string str);
errorInvalidShortString();
/**
* @dev Encode a string of at most 31 chars into a `ShortString`.
*
* This will trigger a `StringTooLong` error is the input string is too long.
*/functiontoShortString(stringmemory str) internalpurereturns (ShortString) {
bytesmemory bstr =bytes(str);
if (bstr.length>31) {
revert StringTooLong(str);
}
return ShortString.wrap(bytes32(uint256(bytes32(bstr)) | bstr.length));
}
/**
* @dev Decode a `ShortString` back to a "normal" string.
*/functiontoString(ShortString sstr) internalpurereturns (stringmemory) {
uint256 len = byteLength(sstr);
// using `new string(len)` would work locally but is not memory safe.stringmemory str =newstring(32);
/// @solidity memory-safe-assemblyassembly {
mstore(str, len)
mstore(add(str, 0x20), sstr)
}
return str;
}
/**
* @dev Return the length of a `ShortString`.
*/functionbyteLength(ShortString sstr) internalpurereturns (uint256) {
uint256 result =uint256(ShortString.unwrap(sstr)) &0xFF;
if (result >31) {
revert InvalidShortString();
}
return result;
}
/**
* @dev Encode a string into a `ShortString`, or write it to storage if it is too long.
*/functiontoShortStringWithFallback(stringmemory value, stringstorage store) internalreturns (ShortString) {
if (bytes(value).length<32) {
return toShortString(value);
} else {
StorageSlot.getStringSlot(store).value= value;
return ShortString.wrap(FALLBACK_SENTINEL);
}
}
/**
* @dev Decode a string that was encoded to `ShortString` or written to storage using {setWithFallback}.
*/functiontoStringWithFallback(ShortString value, stringstorage store) internalpurereturns (stringmemory) {
if (ShortString.unwrap(value) != FALLBACK_SENTINEL) {
return toString(value);
} else {
return store;
}
}
/**
* @dev Return the length of a string that was encoded to `ShortString` or written to storage using
* {setWithFallback}.
*
* WARNING: This will return the "byte length" of the string. This may not reflect the actual length in terms of
* actual characters as the UTF-8 encoding of a single character can span over multiple bytes.
*/functionbyteLengthWithFallback(ShortString value, stringstorage store) internalviewreturns (uint256) {
if (ShortString.unwrap(value) != FALLBACK_SENTINEL) {
return byteLength(value);
} else {
returnbytes(store).length;
}
}
}
Contract Source Code
File 51 of 63: SignatureChecker.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/cryptography/SignatureChecker.sol)pragmasolidity ^0.8.20;import {ECDSA} from"./ECDSA.sol";
import {IERC1271} from"../../interfaces/IERC1271.sol";
/**
* @dev Signature verification helper that can be used instead of `ECDSA.recover` to seamlessly support both ECDSA
* signatures from externally owned accounts (EOAs) as well as ERC1271 signatures from smart contract wallets like
* Argent and Safe Wallet (previously Gnosis Safe).
*/librarySignatureChecker{
/**
* @dev Checks if a signature is valid for a given signer and data hash. If the signer is a smart contract, the
* signature is validated against that smart contract using ERC1271, otherwise it's validated using `ECDSA.recover`.
*
* NOTE: Unlike ECDSA signatures, contract signatures are revocable, and the outcome of this function can thus
* change through time. It could return true at block N and false at block N+1 (or the opposite).
*/functionisValidSignatureNow(address signer, bytes32 hash, bytesmemory signature) internalviewreturns (bool) {
(address recovered, ECDSA.RecoverError error, ) = ECDSA.tryRecover(hash, signature);
return
(error == ECDSA.RecoverError.NoError && recovered == signer) ||
isValidERC1271SignatureNow(signer, hash, signature);
}
/**
* @dev Checks if a signature is valid for a given signer and data hash. The signature is validated
* against the signer smart contract using ERC1271.
*
* NOTE: Unlike ECDSA signatures, contract signatures are revocable, and the outcome of this function can thus
* change through time. It could return true at block N and false at block N+1 (or the opposite).
*/functionisValidERC1271SignatureNow(address signer,
bytes32 hash,
bytesmemory signature
) internalviewreturns (bool) {
(bool success, bytesmemory result) = signer.staticcall(
abi.encodeCall(IERC1271.isValidSignature, (hash, signature))
);
return (success &&
result.length>=32&&abi.decode(result, (bytes32)) ==bytes32(IERC1271.isValidSignature.selector));
}
}
Contract Source Code
File 52 of 63: SignedMath.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/math/SignedMath.sol)pragmasolidity ^0.8.20;/**
* @dev Standard signed math utilities missing in the Solidity language.
*/librarySignedMath{
/**
* @dev Returns the largest of two signed numbers.
*/functionmax(int256 a, int256 b) internalpurereturns (int256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two signed numbers.
*/functionmin(int256 a, int256 b) internalpurereturns (int256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two signed numbers without overflow.
* The result is rounded towards zero.
*/functionaverage(int256 a, int256 b) internalpurereturns (int256) {
// Formula from the book "Hacker's Delight"int256 x = (a & b) + ((a ^ b) >>1);
return x + (int256(uint256(x) >>255) & (a ^ b));
}
/**
* @dev Returns the absolute unsigned value of a signed value.
*/functionabs(int256 n) internalpurereturns (uint256) {
unchecked {
// must be unchecked in order to support `n = type(int256).min`returnuint256(n >=0 ? n : -n);
}
}
}
Contract Source Code
File 53 of 63: StorageSlot.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/StorageSlot.sol)// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.pragmasolidity ^0.8.20;/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```solidity
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(newImplementation.code.length > 0);
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*/libraryStorageSlot{
structAddressSlot {
address value;
}
structBooleanSlot {
bool value;
}
structBytes32Slot {
bytes32 value;
}
structUint256Slot {
uint256 value;
}
structStringSlot {
string value;
}
structBytesSlot {
bytes value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/functiongetAddressSlot(bytes32 slot) internalpurereturns (AddressSlot storage r) {
/// @solidity memory-safe-assemblyassembly {
r.slot:= slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/functiongetBooleanSlot(bytes32 slot) internalpurereturns (BooleanSlot storage r) {
/// @solidity memory-safe-assemblyassembly {
r.slot:= slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/functiongetBytes32Slot(bytes32 slot) internalpurereturns (Bytes32Slot storage r) {
/// @solidity memory-safe-assemblyassembly {
r.slot:= slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/functiongetUint256Slot(bytes32 slot) internalpurereturns (Uint256Slot storage r) {
/// @solidity memory-safe-assemblyassembly {
r.slot:= slot
}
}
/**
* @dev Returns an `StringSlot` with member `value` located at `slot`.
*/functiongetStringSlot(bytes32 slot) internalpurereturns (StringSlot storage r) {
/// @solidity memory-safe-assemblyassembly {
r.slot:= slot
}
}
/**
* @dev Returns an `StringSlot` representation of the string storage pointer `store`.
*/functiongetStringSlot(stringstorage store) internalpurereturns (StringSlot storage r) {
/// @solidity memory-safe-assemblyassembly {
r.slot:= store.slot
}
}
/**
* @dev Returns an `BytesSlot` with member `value` located at `slot`.
*/functiongetBytesSlot(bytes32 slot) internalpurereturns (BytesSlot storage r) {
/// @solidity memory-safe-assemblyassembly {
r.slot:= slot
}
}
/**
* @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.
*/functiongetBytesSlot(bytesstorage store) internalpurereturns (BytesSlot storage r) {
/// @solidity memory-safe-assemblyassembly {
r.slot:= store.slot
}
}
}
Contract Source Code
File 54 of 63: Strings.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/Strings.sol)pragmasolidity ^0.8.20;import {Math} from"./math/Math.sol";
import {SignedMath} from"./math/SignedMath.sol";
/**
* @dev String operations.
*/libraryStrings{
bytes16privateconstant HEX_DIGITS ="0123456789abcdef";
uint8privateconstant ADDRESS_LENGTH =20;
/**
* @dev The `value` string doesn't fit in the specified `length`.
*/errorStringsInsufficientHexLength(uint256 value, uint256 length);
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/functiontoString(uint256 value) internalpurereturns (stringmemory) {
unchecked {
uint256 length = Math.log10(value) +1;
stringmemory buffer =newstring(length);
uint256 ptr;
/// @solidity memory-safe-assemblyassembly {
ptr :=add(buffer, add(32, length))
}
while (true) {
ptr--;
/// @solidity memory-safe-assemblyassembly {
mstore8(ptr, byte(mod(value, 10), HEX_DIGITS))
}
value /=10;
if (value ==0) break;
}
return buffer;
}
}
/**
* @dev Converts a `int256` to its ASCII `string` decimal representation.
*/functiontoStringSigned(int256 value) internalpurereturns (stringmemory) {
returnstring.concat(value <0 ? "-" : "", toString(SignedMath.abs(value)));
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/functiontoHexString(uint256 value) internalpurereturns (stringmemory) {
unchecked {
return toHexString(value, Math.log256(value) +1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/functiontoHexString(uint256 value, uint256 length) internalpurereturns (stringmemory) {
uint256 localValue = value;
bytesmemory buffer =newbytes(2* length +2);
buffer[0] ="0";
buffer[1] ="x";
for (uint256 i =2* length +1; i >1; --i) {
buffer[i] = HEX_DIGITS[localValue &0xf];
localValue >>=4;
}
if (localValue !=0) {
revert StringsInsufficientHexLength(value, length);
}
returnstring(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal
* representation.
*/functiontoHexString(address addr) internalpurereturns (stringmemory) {
return toHexString(uint256(uint160(addr)), ADDRESS_LENGTH);
}
/**
* @dev Returns true if the two strings are equal.
*/functionequal(stringmemory a, stringmemory b) internalpurereturns (bool) {
returnbytes(a).length==bytes(b).length&&keccak256(bytes(a)) ==keccak256(bytes(b));
}
}
Contract Source Code
File 55 of 63: Time.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (utils/types/Time.sol)pragmasolidity ^0.8.20;import {Math} from"../math/Math.sol";
import {SafeCast} from"../math/SafeCast.sol";
/**
* @dev This library provides helpers for manipulating time-related objects.
*
* It uses the following types:
* - `uint48` for timepoints
* - `uint32` for durations
*
* While the library doesn't provide specific types for timepoints and duration, it does provide:
* - a `Delay` type to represent duration that can be programmed to change value automatically at a given point
* - additional helper functions
*/libraryTime{
usingTimefor*;
/**
* @dev Get the block timestamp as a Timepoint.
*/functiontimestamp() internalviewreturns (uint48) {
return SafeCast.toUint48(block.timestamp);
}
/**
* @dev Get the block number as a Timepoint.
*/functionblockNumber() internalviewreturns (uint48) {
return SafeCast.toUint48(block.number);
}
// ==================================================== Delay =====================================================/**
* @dev A `Delay` is a uint32 duration that can be programmed to change value automatically at a given point in the
* future. The "effect" timepoint describes when the transitions happens from the "old" value to the "new" value.
* This allows updating the delay applied to some operation while keeping some guarantees.
*
* In particular, the {update} function guarantees that if the delay is reduced, the old delay still applies for
* some time. For example if the delay is currently 7 days to do an upgrade, the admin should not be able to set
* the delay to 0 and upgrade immediately. If the admin wants to reduce the delay, the old delay (7 days) should
* still apply for some time.
*
*
* The `Delay` type is 112 bits long, and packs the following:
*
* ```
* | [uint48]: effect date (timepoint)
* | | [uint32]: value before (duration)
* ↓ ↓ ↓ [uint32]: value after (duration)
* 0xAAAAAAAAAAAABBBBBBBBCCCCCCCC
* ```
*
* NOTE: The {get} and {withUpdate} functions operate using timestamps. Block number based delays are not currently
* supported.
*/type Delay isuint112;
/**
* @dev Wrap a duration into a Delay to add the one-step "update in the future" feature
*/functiontoDelay(uint32 duration) internalpurereturns (Delay) {
return Delay.wrap(duration);
}
/**
* @dev Get the value at a given timepoint plus the pending value and effect timepoint if there is a scheduled
* change after this timepoint. If the effect timepoint is 0, then the pending value should not be considered.
*/function_getFullAt(Delay self, uint48 timepoint) privatepurereturns (uint32, uint32, uint48) {
(uint32 valueBefore, uint32 valueAfter, uint48 effect) =self.unpack();
return effect <= timepoint ? (valueAfter, 0, 0) : (valueBefore, valueAfter, effect);
}
/**
* @dev Get the current value plus the pending value and effect timepoint if there is a scheduled change. If the
* effect timepoint is 0, then the pending value should not be considered.
*/functiongetFull(Delay self) internalviewreturns (uint32, uint32, uint48) {
return _getFullAt(self, timestamp());
}
/**
* @dev Get the current value.
*/functionget(Delay self) internalviewreturns (uint32) {
(uint32 delay, , ) =self.getFull();
return delay;
}
/**
* @dev Update a Delay object so that it takes a new duration after a timepoint that is automatically computed to
* enforce the old delay at the moment of the update. Returns the updated Delay object and the timestamp when the
* new delay becomes effective.
*/functionwithUpdate(
Delay self,
uint32 newValue,
uint32 minSetback
) internalviewreturns (Delay updatedDelay, uint48 effect) {
uint32 value =self.get();
uint32 setback =uint32(Math.max(minSetback, value > newValue ? value - newValue : 0));
effect = timestamp() + setback;
return (pack(value, newValue, effect), effect);
}
/**
* @dev Split a delay into its components: valueBefore, valueAfter and effect (transition timepoint).
*/functionunpack(Delay self) internalpurereturns (uint32 valueBefore, uint32 valueAfter, uint48 effect) {
uint112 raw = Delay.unwrap(self);
valueAfter =uint32(raw);
valueBefore =uint32(raw >>32);
effect =uint48(raw >>64);
return (valueBefore, valueAfter, effect);
}
/**
* @dev pack the components into a Delay object.
*/functionpack(uint32 valueBefore, uint32 valueAfter, uint48 effect) internalpurereturns (Delay) {
return Delay.wrap((uint112(effect) <<64) | (uint112(valueBefore) <<32) |uint112(valueAfter));
}
}
Contract Source Code
File 56 of 63: TimelockControllerUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (governance/TimelockController.sol)pragmasolidity ^0.8.20;import {AccessControlUpgradeable} from"../access/AccessControlUpgradeable.sol";
import {ERC721HolderUpgradeable} from"../token/ERC721/utils/ERC721HolderUpgradeable.sol";
import {ERC1155HolderUpgradeable} from"../token/ERC1155/utils/ERC1155HolderUpgradeable.sol";
import {Address} from"@openzeppelin/contracts/utils/Address.sol";
import {Initializable} from"../proxy/utils/Initializable.sol";
/**
* @dev Contract module which acts as a timelocked controller. When set as the
* owner of an `Ownable` smart contract, it enforces a timelock on all
* `onlyOwner` maintenance operations. This gives time for users of the
* controlled contract to exit before a potentially dangerous maintenance
* operation is applied.
*
* By default, this contract is self administered, meaning administration tasks
* have to go through the timelock process. The proposer (resp executor) role
* is in charge of proposing (resp executing) operations. A common use case is
* to position this {TimelockController} as the owner of a smart contract, with
* a multisig or a DAO as the sole proposer.
*/contractTimelockControllerUpgradeableisInitializable, AccessControlUpgradeable, ERC721HolderUpgradeable, ERC1155HolderUpgradeable{
bytes32publicconstant PROPOSER_ROLE =keccak256("PROPOSER_ROLE");
bytes32publicconstant EXECUTOR_ROLE =keccak256("EXECUTOR_ROLE");
bytes32publicconstant CANCELLER_ROLE =keccak256("CANCELLER_ROLE");
uint256internalconstant _DONE_TIMESTAMP =uint256(1);
/// @custom:storage-location erc7201:openzeppelin.storage.TimelockControllerstructTimelockControllerStorage {
mapping(bytes32 id =>uint256) _timestamps;
uint256 _minDelay;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.TimelockController")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant TimelockControllerStorageLocation =0x9a37c2aa9d186a0969ff8a8267bf4e07e864c2f2768f5040949e28a624fb3600;
function_getTimelockControllerStorage() privatepurereturns (TimelockControllerStorage storage $) {
assembly {
$.slot:= TimelockControllerStorageLocation
}
}
enumOperationState {
Unset,
Waiting,
Ready,
Done
}
/**
* @dev Mismatch between the parameters length for an operation call.
*/errorTimelockInvalidOperationLength(uint256 targets, uint256 payloads, uint256 values);
/**
* @dev The schedule operation doesn't meet the minimum delay.
*/errorTimelockInsufficientDelay(uint256 delay, uint256 minDelay);
/**
* @dev The current state of an operation is not as required.
* The `expectedStates` is a bitmap with the bits enabled for each OperationState enum position
* counting from right to left.
*
* See {_encodeStateBitmap}.
*/errorTimelockUnexpectedOperationState(bytes32 operationId, bytes32 expectedStates);
/**
* @dev The predecessor to an operation not yet done.
*/errorTimelockUnexecutedPredecessor(bytes32 predecessorId);
/**
* @dev The caller account is not authorized.
*/errorTimelockUnauthorizedCaller(address caller);
/**
* @dev Emitted when a call is scheduled as part of operation `id`.
*/eventCallScheduled(bytes32indexed id,
uint256indexed index,
address target,
uint256 value,
bytes data,
bytes32 predecessor,
uint256 delay
);
/**
* @dev Emitted when a call is performed as part of operation `id`.
*/eventCallExecuted(bytes32indexed id, uint256indexed index, address target, uint256 value, bytes data);
/**
* @dev Emitted when new proposal is scheduled with non-zero salt.
*/eventCallSalt(bytes32indexed id, bytes32 salt);
/**
* @dev Emitted when operation `id` is cancelled.
*/eventCancelled(bytes32indexed id);
/**
* @dev Emitted when the minimum delay for future operations is modified.
*/eventMinDelayChange(uint256 oldDuration, uint256 newDuration);
/**
* @dev Initializes the contract with the following parameters:
*
* - `minDelay`: initial minimum delay in seconds for operations
* - `proposers`: accounts to be granted proposer and canceller roles
* - `executors`: accounts to be granted executor role
* - `admin`: optional account to be granted admin role; disable with zero address
*
* IMPORTANT: The optional admin can aid with initial configuration of roles after deployment
* without being subject to delay, but this role should be subsequently renounced in favor of
* administration through timelocked proposals. Previous versions of this contract would assign
* this admin to the deployer automatically and should be renounced as well.
*/function__TimelockController_init(uint256 minDelay, address[] memory proposers, address[] memory executors, address admin) internalonlyInitializing{
__TimelockController_init_unchained(minDelay, proposers, executors, admin);
}
function__TimelockController_init_unchained(uint256 minDelay, address[] memory proposers, address[] memory executors, address admin) internalonlyInitializing{
TimelockControllerStorage storage $ = _getTimelockControllerStorage();
// self administration
_grantRole(DEFAULT_ADMIN_ROLE, address(this));
// optional adminif (admin !=address(0)) {
_grantRole(DEFAULT_ADMIN_ROLE, admin);
}
// register proposers and cancellersfor (uint256 i =0; i < proposers.length; ++i) {
_grantRole(PROPOSER_ROLE, proposers[i]);
_grantRole(CANCELLER_ROLE, proposers[i]);
}
// register executorsfor (uint256 i =0; i < executors.length; ++i) {
_grantRole(EXECUTOR_ROLE, executors[i]);
}
$._minDelay = minDelay;
emit MinDelayChange(0, minDelay);
}
/**
* @dev Modifier to make a function callable only by a certain role. In
* addition to checking the sender's role, `address(0)` 's role is also
* considered. Granting a role to `address(0)` is equivalent to enabling
* this role for everyone.
*/modifieronlyRoleOrOpenRole(bytes32 role) {
if (!hasRole(role, address(0))) {
_checkRole(role, _msgSender());
}
_;
}
/**
* @dev Contract might receive/hold ETH as part of the maintenance process.
*/receive() externalpayable{}
/**
* @dev See {IERC165-supportsInterface}.
*/functionsupportsInterface(bytes4 interfaceId
) publicviewvirtualoverride(AccessControlUpgradeable, ERC1155HolderUpgradeable) returns (bool) {
returnsuper.supportsInterface(interfaceId);
}
/**
* @dev Returns whether an id corresponds to a registered operation. This
* includes both Waiting, Ready, and Done operations.
*/functionisOperation(bytes32 id) publicviewreturns (bool) {
return getOperationState(id) != OperationState.Unset;
}
/**
* @dev Returns whether an operation is pending or not. Note that a "pending" operation may also be "ready".
*/functionisOperationPending(bytes32 id) publicviewreturns (bool) {
OperationState state = getOperationState(id);
return state == OperationState.Waiting || state == OperationState.Ready;
}
/**
* @dev Returns whether an operation is ready for execution. Note that a "ready" operation is also "pending".
*/functionisOperationReady(bytes32 id) publicviewreturns (bool) {
return getOperationState(id) == OperationState.Ready;
}
/**
* @dev Returns whether an operation is done or not.
*/functionisOperationDone(bytes32 id) publicviewreturns (bool) {
return getOperationState(id) == OperationState.Done;
}
/**
* @dev Returns the timestamp at which an operation becomes ready (0 for
* unset operations, 1 for done operations).
*/functiongetTimestamp(bytes32 id) publicviewvirtualreturns (uint256) {
TimelockControllerStorage storage $ = _getTimelockControllerStorage();
return $._timestamps[id];
}
/**
* @dev Returns operation state.
*/functiongetOperationState(bytes32 id) publicviewvirtualreturns (OperationState) {
uint256 timestamp = getTimestamp(id);
if (timestamp ==0) {
return OperationState.Unset;
} elseif (timestamp == _DONE_TIMESTAMP) {
return OperationState.Done;
} elseif (timestamp >block.timestamp) {
return OperationState.Waiting;
} else {
return OperationState.Ready;
}
}
/**
* @dev Returns the minimum delay in seconds for an operation to become valid.
*
* This value can be changed by executing an operation that calls `updateDelay`.
*/functiongetMinDelay() publicviewvirtualreturns (uint256) {
TimelockControllerStorage storage $ = _getTimelockControllerStorage();
return $._minDelay;
}
/**
* @dev Returns the identifier of an operation containing a single
* transaction.
*/functionhashOperation(address target,
uint256 value,
bytescalldata data,
bytes32 predecessor,
bytes32 salt
) publicpurevirtualreturns (bytes32) {
returnkeccak256(abi.encode(target, value, data, predecessor, salt));
}
/**
* @dev Returns the identifier of an operation containing a batch of
* transactions.
*/functionhashOperationBatch(address[] calldata targets,
uint256[] calldata values,
bytes[] calldata payloads,
bytes32 predecessor,
bytes32 salt
) publicpurevirtualreturns (bytes32) {
returnkeccak256(abi.encode(targets, values, payloads, predecessor, salt));
}
/**
* @dev Schedule an operation containing a single transaction.
*
* Emits {CallSalt} if salt is nonzero, and {CallScheduled}.
*
* Requirements:
*
* - the caller must have the 'proposer' role.
*/functionschedule(address target,
uint256 value,
bytescalldata data,
bytes32 predecessor,
bytes32 salt,
uint256 delay
) publicvirtualonlyRole(PROPOSER_ROLE) {
bytes32 id = hashOperation(target, value, data, predecessor, salt);
_schedule(id, delay);
emit CallScheduled(id, 0, target, value, data, predecessor, delay);
if (salt !=bytes32(0)) {
emit CallSalt(id, salt);
}
}
/**
* @dev Schedule an operation containing a batch of transactions.
*
* Emits {CallSalt} if salt is nonzero, and one {CallScheduled} event per transaction in the batch.
*
* Requirements:
*
* - the caller must have the 'proposer' role.
*/functionscheduleBatch(address[] calldata targets,
uint256[] calldata values,
bytes[] calldata payloads,
bytes32 predecessor,
bytes32 salt,
uint256 delay
) publicvirtualonlyRole(PROPOSER_ROLE) {
if (targets.length!= values.length|| targets.length!= payloads.length) {
revert TimelockInvalidOperationLength(targets.length, payloads.length, values.length);
}
bytes32 id = hashOperationBatch(targets, values, payloads, predecessor, salt);
_schedule(id, delay);
for (uint256 i =0; i < targets.length; ++i) {
emit CallScheduled(id, i, targets[i], values[i], payloads[i], predecessor, delay);
}
if (salt !=bytes32(0)) {
emit CallSalt(id, salt);
}
}
/**
* @dev Schedule an operation that is to become valid after a given delay.
*/function_schedule(bytes32 id, uint256 delay) private{
TimelockControllerStorage storage $ = _getTimelockControllerStorage();
if (isOperation(id)) {
revert TimelockUnexpectedOperationState(id, _encodeStateBitmap(OperationState.Unset));
}
uint256 minDelay = getMinDelay();
if (delay < minDelay) {
revert TimelockInsufficientDelay(delay, minDelay);
}
$._timestamps[id] =block.timestamp+ delay;
}
/**
* @dev Cancel an operation.
*
* Requirements:
*
* - the caller must have the 'canceller' role.
*/functioncancel(bytes32 id) publicvirtualonlyRole(CANCELLER_ROLE) {
TimelockControllerStorage storage $ = _getTimelockControllerStorage();
if (!isOperationPending(id)) {
revert TimelockUnexpectedOperationState(
id,
_encodeStateBitmap(OperationState.Waiting) | _encodeStateBitmap(OperationState.Ready)
);
}
delete $._timestamps[id];
emit Cancelled(id);
}
/**
* @dev Execute an (ready) operation containing a single transaction.
*
* Emits a {CallExecuted} event.
*
* Requirements:
*
* - the caller must have the 'executor' role.
*/// This function can reenter, but it doesn't pose a risk because _afterCall checks that the proposal is pending,// thus any modifications to the operation during reentrancy should be caught.// slither-disable-next-line reentrancy-ethfunctionexecute(address target,
uint256 value,
bytescalldata payload,
bytes32 predecessor,
bytes32 salt
) publicpayablevirtualonlyRoleOrOpenRole(EXECUTOR_ROLE) {
bytes32 id = hashOperation(target, value, payload, predecessor, salt);
_beforeCall(id, predecessor);
_execute(target, value, payload);
emit CallExecuted(id, 0, target, value, payload);
_afterCall(id);
}
/**
* @dev Execute an (ready) operation containing a batch of transactions.
*
* Emits one {CallExecuted} event per transaction in the batch.
*
* Requirements:
*
* - the caller must have the 'executor' role.
*/// This function can reenter, but it doesn't pose a risk because _afterCall checks that the proposal is pending,// thus any modifications to the operation during reentrancy should be caught.// slither-disable-next-line reentrancy-ethfunctionexecuteBatch(address[] calldata targets,
uint256[] calldata values,
bytes[] calldata payloads,
bytes32 predecessor,
bytes32 salt
) publicpayablevirtualonlyRoleOrOpenRole(EXECUTOR_ROLE) {
if (targets.length!= values.length|| targets.length!= payloads.length) {
revert TimelockInvalidOperationLength(targets.length, payloads.length, values.length);
}
bytes32 id = hashOperationBatch(targets, values, payloads, predecessor, salt);
_beforeCall(id, predecessor);
for (uint256 i =0; i < targets.length; ++i) {
address target = targets[i];
uint256 value = values[i];
bytescalldata payload = payloads[i];
_execute(target, value, payload);
emit CallExecuted(id, i, target, value, payload);
}
_afterCall(id);
}
/**
* @dev Execute an operation's call.
*/function_execute(address target, uint256 value, bytescalldata data) internalvirtual{
(bool success, bytesmemory returndata) = target.call{value: value}(data);
Address.verifyCallResult(success, returndata);
}
/**
* @dev Checks before execution of an operation's calls.
*/function_beforeCall(bytes32 id, bytes32 predecessor) privateview{
if (!isOperationReady(id)) {
revert TimelockUnexpectedOperationState(id, _encodeStateBitmap(OperationState.Ready));
}
if (predecessor !=bytes32(0) &&!isOperationDone(predecessor)) {
revert TimelockUnexecutedPredecessor(predecessor);
}
}
/**
* @dev Checks after execution of an operation's calls.
*/function_afterCall(bytes32 id) private{
TimelockControllerStorage storage $ = _getTimelockControllerStorage();
if (!isOperationReady(id)) {
revert TimelockUnexpectedOperationState(id, _encodeStateBitmap(OperationState.Ready));
}
$._timestamps[id] = _DONE_TIMESTAMP;
}
/**
* @dev Changes the minimum timelock duration for future operations.
*
* Emits a {MinDelayChange} event.
*
* Requirements:
*
* - the caller must be the timelock itself. This can only be achieved by scheduling and later executing
* an operation where the timelock is the target and the data is the ABI-encoded call to this function.
*/functionupdateDelay(uint256 newDelay) externalvirtual{
TimelockControllerStorage storage $ = _getTimelockControllerStorage();
address sender = _msgSender();
if (sender !=address(this)) {
revert TimelockUnauthorizedCaller(sender);
}
emit MinDelayChange($._minDelay, newDelay);
$._minDelay = newDelay;
}
/**
* @dev Encodes a `OperationState` into a `bytes32` representation where each bit enabled corresponds to
* the underlying position in the `OperationState` enum. For example:
*
* 0x000...1000
* ^^^^^^----- ...
* ^---- Done
* ^--- Ready
* ^-- Waiting
* ^- Unset
*/function_encodeStateBitmap(OperationState operationState) internalpurereturns (bytes32) {
returnbytes32(1<<uint8(operationState));
}
}
Contract Source Code
File 57 of 63: UUPSUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (proxy/utils/UUPSUpgradeable.sol)pragmasolidity ^0.8.20;import {IERC1822Proxiable} from"@openzeppelin/contracts/interfaces/draft-IERC1822.sol";
import {ERC1967Utils} from"@openzeppelin/contracts/proxy/ERC1967/ERC1967Utils.sol";
import {Initializable} from"./Initializable.sol";
/**
* @dev An upgradeability mechanism designed for UUPS proxies. The functions included here can perform an upgrade of an
* {ERC1967Proxy}, when this contract is set as the implementation behind such a proxy.
*
* A security mechanism ensures that an upgrade does not turn off upgradeability accidentally, although this risk is
* reinstated if the upgrade retains upgradeability but removes the security mechanism, e.g. by replacing
* `UUPSUpgradeable` with a custom implementation of upgrades.
*
* The {_authorizeUpgrade} function must be overridden to include access restriction to the upgrade mechanism.
*/abstractcontractUUPSUpgradeableisInitializable, IERC1822Proxiable{
/// @custom:oz-upgrades-unsafe-allow state-variable-immutableaddressprivateimmutable __self =address(this);
/**
* @dev The version of the upgrade interface of the contract. If this getter is missing, both `upgradeTo(address)`
* and `upgradeToAndCall(address,bytes)` are present, and `upgradeTo` must be used if no function should be called,
* while `upgradeToAndCall` will invoke the `receive` function if the second argument is the empty byte string.
* If the getter returns `"5.0.0"`, only `upgradeToAndCall(address,bytes)` is present, and the second argument must
* be the empty byte string if no function should be called, making it impossible to invoke the `receive` function
* during an upgrade.
*/stringpublicconstant UPGRADE_INTERFACE_VERSION ="5.0.0";
/**
* @dev The call is from an unauthorized context.
*/errorUUPSUnauthorizedCallContext();
/**
* @dev The storage `slot` is unsupported as a UUID.
*/errorUUPSUnsupportedProxiableUUID(bytes32 slot);
/**
* @dev Check that the execution is being performed through a delegatecall call and that the execution context is
* a proxy contract with an implementation (as defined in ERC1967) pointing to self. This should only be the case
* for UUPS and transparent proxies that are using the current contract as their implementation. Execution of a
* function through ERC1167 minimal proxies (clones) would not normally pass this test, but is not guaranteed to
* fail.
*/modifieronlyProxy() {
_checkProxy();
_;
}
/**
* @dev Check that the execution is not being performed through a delegate call. This allows a function to be
* callable on the implementing contract but not through proxies.
*/modifiernotDelegated() {
_checkNotDelegated();
_;
}
function__UUPSUpgradeable_init() internalonlyInitializing{
}
function__UUPSUpgradeable_init_unchained() internalonlyInitializing{
}
/**
* @dev Implementation of the ERC1822 {proxiableUUID} function. This returns the storage slot used by the
* implementation. It is used to validate the implementation's compatibility when performing an upgrade.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy. This is guaranteed by the `notDelegated` modifier.
*/functionproxiableUUID() externalviewvirtualnotDelegatedreturns (bytes32) {
return ERC1967Utils.IMPLEMENTATION_SLOT;
}
/**
* @dev Upgrade the implementation of the proxy to `newImplementation`, and subsequently execute the function call
* encoded in `data`.
*
* Calls {_authorizeUpgrade}.
*
* Emits an {Upgraded} event.
*
* @custom:oz-upgrades-unsafe-allow-reachable delegatecall
*/functionupgradeToAndCall(address newImplementation, bytesmemory data) publicpayablevirtualonlyProxy{
_authorizeUpgrade(newImplementation);
_upgradeToAndCallUUPS(newImplementation, data);
}
/**
* @dev Reverts if the execution is not performed via delegatecall or the execution
* context is not of a proxy with an ERC1967-compliant implementation pointing to self.
* See {_onlyProxy}.
*/function_checkProxy() internalviewvirtual{
if (
address(this) == __self ||// Must be called through delegatecall
ERC1967Utils.getImplementation() != __self // Must be called through an active proxy
) {
revert UUPSUnauthorizedCallContext();
}
}
/**
* @dev Reverts if the execution is performed via delegatecall.
* See {notDelegated}.
*/function_checkNotDelegated() internalviewvirtual{
if (address(this) != __self) {
// Must not be called through delegatecallrevert UUPSUnauthorizedCallContext();
}
}
/**
* @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract. Called by
* {upgradeToAndCall}.
*
* Normally, this function will use an xref:access.adoc[access control] modifier such as {Ownable-onlyOwner}.
*
* ```solidity
* function _authorizeUpgrade(address) internal onlyOwner {}
* ```
*/function_authorizeUpgrade(address newImplementation) internalvirtual;
/**
* @dev Performs an implementation upgrade with a security check for UUPS proxies, and additional setup call.
*
* As a security check, {proxiableUUID} is invoked in the new implementation, and the return value
* is expected to be the implementation slot in ERC1967.
*
* Emits an {IERC1967-Upgraded} event.
*/function_upgradeToAndCallUUPS(address newImplementation, bytesmemory data) private{
try IERC1822Proxiable(newImplementation).proxiableUUID() returns (bytes32 slot) {
if (slot != ERC1967Utils.IMPLEMENTATION_SLOT) {
revert UUPSUnsupportedProxiableUUID(slot);
}
ERC1967Utils.upgradeToAndCall(newImplementation, data);
} catch {
// The implementation is not UUPSrevert ERC1967Utils.ERC1967InvalidImplementation(newImplementation);
}
}
}
Contract Source Code
File 58 of 63: Vesting.sol
// SPDX-License-Identifier: Apache-2.0pragmasolidity >=0.8.15;import"@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import"@openzeppelin/contracts/token/ERC20/IERC20.sol";
import"./FluenceToken.sol";
/**
* @title Vesting with Delayed Start
* @notice Vesting Fluence token contract
* @dev This contract implements the ERC20 standard. It is possible to add the contract to a wallet. Transferring to zero address is unlocking the released amount.
*/contractVestingisIERC20{
usingSafeERC20forIERC20;
/**
* @notice Returns the vesting token
*
*/
FluenceToken publicimmutable token;
/**
* @notice Returns the start vesting time
*
*/uint256publicimmutable startTimestamp;
/**
* @notice Returns the vesting duration since vesting start
*
*/uint256publicimmutable vestingDuration;
/**
* @notice Returns the vesting contract decimals
*
*/uint8publicimmutable decimals;
bytes32privateimmutable _name;
uint256privateimmutable _nameLength;
bytes32privateimmutable _symbol;
uint256privateimmutable _symbolLength;
/**
* @notice Returns the locked vesting user's balance
*
*/mapping(address=>uint256) public lockedBalances;
/**
* @notice Returns the current vesting user's balance
*
*/mapping(address=>uint256) public balanceOf;
uint256private _totalSupply;
/**
* @notice constructor
* @param token_ - vesting token address
* @param name_ - vesting contract name
* @param symbol_ - vesting contract symbol
* @param _vestingDelay - delay before vesting start
* @param _vestingDuration - vesting duration
* @param accounts - vesting accounts
* @param amounts - vesting amounts of accounts
*
*/constructor(
FluenceToken token_,
stringmemory name_,
stringmemory symbol_,
uint256 _vestingDelay,
uint256 _vestingDuration,
address[] memory accounts,
uint256[] memory amounts
) {
require(accounts.length== amounts.length, "accounts and amounts must have the same length");
require(bytes(name_).length<=31, "invalid name length");
require(bytes(symbol_).length<=31, "invalid symbol length");
startTimestamp =block.timestamp+ _vestingDelay;
vestingDuration = _vestingDuration;
token = token_;
_name =bytes32(bytes(name_));
_nameLength =bytes(name_).length;
_symbol =bytes32(bytes(symbol_));
_symbolLength =bytes(symbol_).length;
decimals = token.decimals();
for (uint256 i =0; i < accounts.length; i++) {
uint256 amount = amounts[i];
lockedBalances[accounts[i]] = amount;
balanceOf[accounts[i]] = amount;
_totalSupply += amount;
emit Transfer(address(0x00), accounts[i], amount);
}
}
/**
* @notice Returns vesting contract name
*
*/functionname() externalviewreturns (stringmemory n) {
n =string(abi.encodePacked(_name));
uint256 length = _nameLength;
assembly {
mstore(n, length)
}
}
/**
* @notice Returns vesting contract symbol
*
*/functionsymbol() externalviewreturns (stringmemory s) {
s =string(abi.encodePacked(_symbol));
uint256 length = _symbolLength;
assembly {
mstore(s, length)
}
}
/**
* @notice Get a available amount by user
* @return available amount
*
*/functiongetAvailableAmount(address account) publicviewreturns (uint256) {
if (block.timestamp<= startTimestamp) {
return0;
}
uint256 totalTime = vestingDuration;
uint256 locked = lockedBalances[account];
uint256 released = locked - balanceOf[account];
uint256 past =block.timestamp- startTimestamp;
uint256 amount =0;
if (past >= totalTime) {
amount = locked - released;
} else {
uint256 amountBySec = locked / totalTime;
amount = past * amountBySec - released;
}
return amount;
}
/**
* @notice Unsupported operation
*
*/functionallowance(address owner, address spender) externalviewreturns (uint256) {
return0;
}
/**
* @notice Returns total locked amount
*
*/functiontotalSupply() externalviewvirtualoverridereturns (uint256) {
return _totalSupply;
}
/**
* @notice Returns released amount
* @param to - always address 0x00
* @param amount - the full released amount or part of it
*
*/functiontransfer(address to, uint256 amount) externalreturns (bool) {
require(to ==address(0x00), "Transfer allowed only to the zero address");
address sender =msg.sender;
_burn(sender, amount);
emit Transfer(sender, to, amount);
returntrue;
}
/**
* @notice Unsupported operation
*
*/functiontransferFrom(addressfrom, address to, uint256 value) externalreturns (bool) {
revert("Unsupported operation");
}
/**
* @notice Unsupported operation
*
*/functionapprove(address spender, uint256 amount) externalreturns (bool) {
revert("Unsupported operation");
}
function_burn(addressfrom, uint256 amount) internal{
uint256 releaseAmount = getAvailableAmount(from);
require(releaseAmount >0, "Not enough the release amount");
if (amount !=0) {
require(amount <= releaseAmount, "Not enough the release amount");
} else {
amount = releaseAmount;
}
_beforeBurn(from, amount);
balanceOf[from] -= amount;
_totalSupply -= amount;
IERC20(token).safeTransfer(from, amount);
}
function_beforeBurn(addressfrom, uint256 amount) internalvirtual{}
}
Contract Source Code
File 59 of 63: VestingWithVoting.sol
// SPDX-License-Identifier: Apache-2.0pragmasolidity >=0.8.15;import"@openzeppelin/contracts/governance/utils/Votes.sol";
import"@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import"./Vesting.sol";
import"./FluenceToken.sol";
import"@openzeppelin/contracts/utils/cryptography/EIP712.sol";
/**
* @title Vesting with voting
* @notice Vesting fluence token contract for team
* @dev This contract implements the ERC20 standard. It is possible to add the contract to a wallet. Transferring to zero address is unlocking the released amount.
* This contract is possible for voting when the token is vesting.
*/contractVestingWithVotingisVesting, Votes{
constructor(
FluenceToken token_,
stringmemory name_,
stringmemory symbol_,
uint256 vestingDelay_,
uint256 vestingDuration_,
address[] memory accounts,
uint256[] memory amounts
) Vesting(token_, name_, symbol_, vestingDelay_, vestingDuration_, accounts, amounts) EIP712(name_, "1") {
for (uint256 i =0; i < accounts.length; i++) {
address account = accounts[i];
_transferVotingUnits(address(0x00), account, amounts[i]);
_delegate(account, account);
}
}
/// @inheritdoc VestingfunctiontotalSupply() externalviewoverridereturns (uint256) {
return _getTotalSupply();
}
function_getVotingUnits(address account) internalviewoverridereturns (uint256) {
return balanceOf[account];
}
function_beforeBurn(addressfrom, uint256 amount) internaloverride{
_transferVotingUnits(from, address(0x00), amount);
}
}
Contract Source Code
File 60 of 63: Votes.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (governance/utils/Votes.sol)pragmasolidity ^0.8.20;import {IERC5805} from"../../interfaces/IERC5805.sol";
import {Context} from"../../utils/Context.sol";
import {Nonces} from"../../utils/Nonces.sol";
import {EIP712} from"../../utils/cryptography/EIP712.sol";
import {Checkpoints} from"../../utils/structs/Checkpoints.sol";
import {SafeCast} from"../../utils/math/SafeCast.sol";
import {ECDSA} from"../../utils/cryptography/ECDSA.sol";
import {Time} from"../../utils/types/Time.sol";
/**
* @dev This is a base abstract contract that tracks voting units, which are a measure of voting power that can be
* transferred, and provides a system of vote delegation, where an account can delegate its voting units to a sort of
* "representative" that will pool delegated voting units from different accounts and can then use it to vote in
* decisions. In fact, voting units _must_ be delegated in order to count as actual votes, and an account has to
* delegate those votes to itself if it wishes to participate in decisions and does not have a trusted representative.
*
* This contract is often combined with a token contract such that voting units correspond to token units. For an
* example, see {ERC721Votes}.
*
* The full history of delegate votes is tracked on-chain so that governance protocols can consider votes as distributed
* at a particular block number to protect against flash loans and double voting. The opt-in delegate system makes the
* cost of this history tracking optional.
*
* When using this module the derived contract must implement {_getVotingUnits} (for example, make it return
* {ERC721-balanceOf}), and can use {_transferVotingUnits} to track a change in the distribution of those units (in the
* previous example, it would be included in {ERC721-_update}).
*/abstractcontractVotesisContext, EIP712, Nonces, IERC5805{
usingCheckpointsforCheckpoints.Trace208;
bytes32privateconstant DELEGATION_TYPEHASH =keccak256("Delegation(address delegatee,uint256 nonce,uint256 expiry)");
mapping(address account =>address) private _delegatee;
mapping(address delegatee => Checkpoints.Trace208) private _delegateCheckpoints;
Checkpoints.Trace208 private _totalCheckpoints;
/**
* @dev The clock was incorrectly modified.
*/errorERC6372InconsistentClock();
/**
* @dev Lookup to future votes is not available.
*/errorERC5805FutureLookup(uint256 timepoint, uint48 clock);
/**
* @dev Clock used for flagging checkpoints. Can be overridden to implement timestamp based
* checkpoints (and voting), in which case {CLOCK_MODE} should be overridden as well to match.
*/functionclock() publicviewvirtualreturns (uint48) {
return Time.blockNumber();
}
/**
* @dev Machine-readable description of the clock as specified in EIP-6372.
*/// solhint-disable-next-line func-name-mixedcasefunctionCLOCK_MODE() publicviewvirtualreturns (stringmemory) {
// Check that the clock was not modifiedif (clock() != Time.blockNumber()) {
revert ERC6372InconsistentClock();
}
return"mode=blocknumber&from=default";
}
/**
* @dev Returns the current amount of votes that `account` has.
*/functiongetVotes(address account) publicviewvirtualreturns (uint256) {
return _delegateCheckpoints[account].latest();
}
/**
* @dev Returns the amount of votes that `account` had at a specific moment in the past. If the `clock()` is
* configured to use block numbers, this will return the value at the end of the corresponding block.
*
* Requirements:
*
* - `timepoint` must be in the past. If operating using block numbers, the block must be already mined.
*/functiongetPastVotes(address account, uint256 timepoint) publicviewvirtualreturns (uint256) {
uint48 currentTimepoint = clock();
if (timepoint >= currentTimepoint) {
revert ERC5805FutureLookup(timepoint, currentTimepoint);
}
return _delegateCheckpoints[account].upperLookupRecent(SafeCast.toUint48(timepoint));
}
/**
* @dev Returns the total supply of votes available at a specific moment in the past. If the `clock()` is
* configured to use block numbers, this will return the value at the end of the corresponding block.
*
* NOTE: This value is the sum of all available votes, which is not necessarily the sum of all delegated votes.
* Votes that have not been delegated are still part of total supply, even though they would not participate in a
* vote.
*
* Requirements:
*
* - `timepoint` must be in the past. If operating using block numbers, the block must be already mined.
*/functiongetPastTotalSupply(uint256 timepoint) publicviewvirtualreturns (uint256) {
uint48 currentTimepoint = clock();
if (timepoint >= currentTimepoint) {
revert ERC5805FutureLookup(timepoint, currentTimepoint);
}
return _totalCheckpoints.upperLookupRecent(SafeCast.toUint48(timepoint));
}
/**
* @dev Returns the current total supply of votes.
*/function_getTotalSupply() internalviewvirtualreturns (uint256) {
return _totalCheckpoints.latest();
}
/**
* @dev Returns the delegate that `account` has chosen.
*/functiondelegates(address account) publicviewvirtualreturns (address) {
return _delegatee[account];
}
/**
* @dev Delegates votes from the sender to `delegatee`.
*/functiondelegate(address delegatee) publicvirtual{
address account = _msgSender();
_delegate(account, delegatee);
}
/**
* @dev Delegates votes from signer to `delegatee`.
*/functiondelegateBySig(address delegatee,
uint256 nonce,
uint256 expiry,
uint8 v,
bytes32 r,
bytes32 s
) publicvirtual{
if (block.timestamp> expiry) {
revert VotesExpiredSignature(expiry);
}
address signer = ECDSA.recover(
_hashTypedDataV4(keccak256(abi.encode(DELEGATION_TYPEHASH, delegatee, nonce, expiry))),
v,
r,
s
);
_useCheckedNonce(signer, nonce);
_delegate(signer, delegatee);
}
/**
* @dev Delegate all of `account`'s voting units to `delegatee`.
*
* Emits events {IVotes-DelegateChanged} and {IVotes-DelegateVotesChanged}.
*/function_delegate(address account, address delegatee) internalvirtual{
address oldDelegate = delegates(account);
_delegatee[account] = delegatee;
emit DelegateChanged(account, oldDelegate, delegatee);
_moveDelegateVotes(oldDelegate, delegatee, _getVotingUnits(account));
}
/**
* @dev Transfers, mints, or burns voting units. To register a mint, `from` should be zero. To register a burn, `to`
* should be zero. Total supply of voting units will be adjusted with mints and burns.
*/function_transferVotingUnits(addressfrom, address to, uint256 amount) internalvirtual{
if (from==address(0)) {
_push(_totalCheckpoints, _add, SafeCast.toUint208(amount));
}
if (to ==address(0)) {
_push(_totalCheckpoints, _subtract, SafeCast.toUint208(amount));
}
_moveDelegateVotes(delegates(from), delegates(to), amount);
}
/**
* @dev Moves delegated votes from one delegate to another.
*/function_moveDelegateVotes(addressfrom, address to, uint256 amount) private{
if (from!= to && amount >0) {
if (from!=address(0)) {
(uint256 oldValue, uint256 newValue) = _push(
_delegateCheckpoints[from],
_subtract,
SafeCast.toUint208(amount)
);
emit DelegateVotesChanged(from, oldValue, newValue);
}
if (to !=address(0)) {
(uint256 oldValue, uint256 newValue) = _push(
_delegateCheckpoints[to],
_add,
SafeCast.toUint208(amount)
);
emit DelegateVotesChanged(to, oldValue, newValue);
}
}
}
/**
* @dev Get number of checkpoints for `account`.
*/function_numCheckpoints(address account) internalviewvirtualreturns (uint32) {
return SafeCast.toUint32(_delegateCheckpoints[account].length());
}
/**
* @dev Get the `pos`-th checkpoint for `account`.
*/function_checkpoints(address account,
uint32 pos
) internalviewvirtualreturns (Checkpoints.Checkpoint208 memory) {
return _delegateCheckpoints[account].at(pos);
}
function_push(
Checkpoints.Trace208 storage store,
function(uint208, uint208) viewreturns (uint208) op,
uint208 delta
) privatereturns (uint208, uint208) {
return store.push(clock(), op(store.latest(), delta));
}
function_add(uint208 a, uint208 b) privatepurereturns (uint208) {
return a + b;
}
function_subtract(uint208 a, uint208 b) privatepurereturns (uint208) {
return a - b;
}
/**
* @dev Must return the voting units held by an account.
*/function_getVotingUnits(address) internalviewvirtualreturns (uint256);
}
Contract Source Code
File 61 of 63: VotesUpgradeable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (governance/utils/Votes.sol)pragmasolidity ^0.8.20;import {IERC5805} from"@openzeppelin/contracts/interfaces/IERC5805.sol";
import {ContextUpgradeable} from"../../utils/ContextUpgradeable.sol";
import {NoncesUpgradeable} from"../../utils/NoncesUpgradeable.sol";
import {EIP712Upgradeable} from"../../utils/cryptography/EIP712Upgradeable.sol";
import {Checkpoints} from"@openzeppelin/contracts/utils/structs/Checkpoints.sol";
import {SafeCast} from"@openzeppelin/contracts/utils/math/SafeCast.sol";
import {ECDSA} from"@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
import {Time} from"@openzeppelin/contracts/utils/types/Time.sol";
import {Initializable} from"../../proxy/utils/Initializable.sol";
/**
* @dev This is a base abstract contract that tracks voting units, which are a measure of voting power that can be
* transferred, and provides a system of vote delegation, where an account can delegate its voting units to a sort of
* "representative" that will pool delegated voting units from different accounts and can then use it to vote in
* decisions. In fact, voting units _must_ be delegated in order to count as actual votes, and an account has to
* delegate those votes to itself if it wishes to participate in decisions and does not have a trusted representative.
*
* This contract is often combined with a token contract such that voting units correspond to token units. For an
* example, see {ERC721Votes}.
*
* The full history of delegate votes is tracked on-chain so that governance protocols can consider votes as distributed
* at a particular block number to protect against flash loans and double voting. The opt-in delegate system makes the
* cost of this history tracking optional.
*
* When using this module the derived contract must implement {_getVotingUnits} (for example, make it return
* {ERC721-balanceOf}), and can use {_transferVotingUnits} to track a change in the distribution of those units (in the
* previous example, it would be included in {ERC721-_update}).
*/abstractcontractVotesUpgradeableisInitializable, ContextUpgradeable, EIP712Upgradeable, NoncesUpgradeable, IERC5805{
usingCheckpointsforCheckpoints.Trace208;
bytes32privateconstant DELEGATION_TYPEHASH =keccak256("Delegation(address delegatee,uint256 nonce,uint256 expiry)");
/// @custom:storage-location erc7201:openzeppelin.storage.VotesstructVotesStorage {
mapping(address account =>address) _delegatee;
mapping(address delegatee => Checkpoints.Trace208) _delegateCheckpoints;
Checkpoints.Trace208 _totalCheckpoints;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Votes")) - 1)) & ~bytes32(uint256(0xff))bytes32privateconstant VotesStorageLocation =0xe8b26c30fad74198956032a3533d903385d56dd795af560196f9c78d4af40d00;
function_getVotesStorage() privatepurereturns (VotesStorage storage $) {
assembly {
$.slot:= VotesStorageLocation
}
}
/**
* @dev The clock was incorrectly modified.
*/errorERC6372InconsistentClock();
/**
* @dev Lookup to future votes is not available.
*/errorERC5805FutureLookup(uint256 timepoint, uint48 clock);
function__Votes_init() internalonlyInitializing{
}
function__Votes_init_unchained() internalonlyInitializing{
}
/**
* @dev Clock used for flagging checkpoints. Can be overridden to implement timestamp based
* checkpoints (and voting), in which case {CLOCK_MODE} should be overridden as well to match.
*/functionclock() publicviewvirtualreturns (uint48) {
return Time.blockNumber();
}
/**
* @dev Machine-readable description of the clock as specified in EIP-6372.
*/// solhint-disable-next-line func-name-mixedcasefunctionCLOCK_MODE() publicviewvirtualreturns (stringmemory) {
// Check that the clock was not modifiedif (clock() != Time.blockNumber()) {
revert ERC6372InconsistentClock();
}
return"mode=blocknumber&from=default";
}
/**
* @dev Returns the current amount of votes that `account` has.
*/functiongetVotes(address account) publicviewvirtualreturns (uint256) {
VotesStorage storage $ = _getVotesStorage();
return $._delegateCheckpoints[account].latest();
}
/**
* @dev Returns the amount of votes that `account` had at a specific moment in the past. If the `clock()` is
* configured to use block numbers, this will return the value at the end of the corresponding block.
*
* Requirements:
*
* - `timepoint` must be in the past. If operating using block numbers, the block must be already mined.
*/functiongetPastVotes(address account, uint256 timepoint) publicviewvirtualreturns (uint256) {
VotesStorage storage $ = _getVotesStorage();
uint48 currentTimepoint = clock();
if (timepoint >= currentTimepoint) {
revert ERC5805FutureLookup(timepoint, currentTimepoint);
}
return $._delegateCheckpoints[account].upperLookupRecent(SafeCast.toUint48(timepoint));
}
/**
* @dev Returns the total supply of votes available at a specific moment in the past. If the `clock()` is
* configured to use block numbers, this will return the value at the end of the corresponding block.
*
* NOTE: This value is the sum of all available votes, which is not necessarily the sum of all delegated votes.
* Votes that have not been delegated are still part of total supply, even though they would not participate in a
* vote.
*
* Requirements:
*
* - `timepoint` must be in the past. If operating using block numbers, the block must be already mined.
*/functiongetPastTotalSupply(uint256 timepoint) publicviewvirtualreturns (uint256) {
VotesStorage storage $ = _getVotesStorage();
uint48 currentTimepoint = clock();
if (timepoint >= currentTimepoint) {
revert ERC5805FutureLookup(timepoint, currentTimepoint);
}
return $._totalCheckpoints.upperLookupRecent(SafeCast.toUint48(timepoint));
}
/**
* @dev Returns the current total supply of votes.
*/function_getTotalSupply() internalviewvirtualreturns (uint256) {
VotesStorage storage $ = _getVotesStorage();
return $._totalCheckpoints.latest();
}
/**
* @dev Returns the delegate that `account` has chosen.
*/functiondelegates(address account) publicviewvirtualreturns (address) {
VotesStorage storage $ = _getVotesStorage();
return $._delegatee[account];
}
/**
* @dev Delegates votes from the sender to `delegatee`.
*/functiondelegate(address delegatee) publicvirtual{
address account = _msgSender();
_delegate(account, delegatee);
}
/**
* @dev Delegates votes from signer to `delegatee`.
*/functiondelegateBySig(address delegatee,
uint256 nonce,
uint256 expiry,
uint8 v,
bytes32 r,
bytes32 s
) publicvirtual{
if (block.timestamp> expiry) {
revert VotesExpiredSignature(expiry);
}
address signer = ECDSA.recover(
_hashTypedDataV4(keccak256(abi.encode(DELEGATION_TYPEHASH, delegatee, nonce, expiry))),
v,
r,
s
);
_useCheckedNonce(signer, nonce);
_delegate(signer, delegatee);
}
/**
* @dev Delegate all of `account`'s voting units to `delegatee`.
*
* Emits events {IVotes-DelegateChanged} and {IVotes-DelegateVotesChanged}.
*/function_delegate(address account, address delegatee) internalvirtual{
VotesStorage storage $ = _getVotesStorage();
address oldDelegate = delegates(account);
$._delegatee[account] = delegatee;
emit DelegateChanged(account, oldDelegate, delegatee);
_moveDelegateVotes(oldDelegate, delegatee, _getVotingUnits(account));
}
/**
* @dev Transfers, mints, or burns voting units. To register a mint, `from` should be zero. To register a burn, `to`
* should be zero. Total supply of voting units will be adjusted with mints and burns.
*/function_transferVotingUnits(addressfrom, address to, uint256 amount) internalvirtual{
VotesStorage storage $ = _getVotesStorage();
if (from==address(0)) {
_push($._totalCheckpoints, _add, SafeCast.toUint208(amount));
}
if (to ==address(0)) {
_push($._totalCheckpoints, _subtract, SafeCast.toUint208(amount));
}
_moveDelegateVotes(delegates(from), delegates(to), amount);
}
/**
* @dev Moves delegated votes from one delegate to another.
*/function_moveDelegateVotes(addressfrom, address to, uint256 amount) private{
VotesStorage storage $ = _getVotesStorage();
if (from!= to && amount >0) {
if (from!=address(0)) {
(uint256 oldValue, uint256 newValue) = _push(
$._delegateCheckpoints[from],
_subtract,
SafeCast.toUint208(amount)
);
emit DelegateVotesChanged(from, oldValue, newValue);
}
if (to !=address(0)) {
(uint256 oldValue, uint256 newValue) = _push(
$._delegateCheckpoints[to],
_add,
SafeCast.toUint208(amount)
);
emit DelegateVotesChanged(to, oldValue, newValue);
}
}
}
/**
* @dev Get number of checkpoints for `account`.
*/function_numCheckpoints(address account) internalviewvirtualreturns (uint32) {
VotesStorage storage $ = _getVotesStorage();
return SafeCast.toUint32($._delegateCheckpoints[account].length());
}
/**
* @dev Get the `pos`-th checkpoint for `account`.
*/function_checkpoints(address account,
uint32 pos
) internalviewvirtualreturns (Checkpoints.Checkpoint208 memory) {
VotesStorage storage $ = _getVotesStorage();
return $._delegateCheckpoints[account].at(pos);
}
function_push(
Checkpoints.Trace208 storage store,
function(uint208, uint208) viewreturns (uint208) op,
uint208 delta
) privatereturns (uint208, uint208) {
return store.push(clock(), op(store.latest(), delta));
}
function_add(uint208 a, uint208 b) privatepurereturns (uint208) {
return a + b;
}
function_subtract(uint208 a, uint208 b) privatepurereturns (uint208) {
return a - b;
}
/**
* @dev Must return the voting units held by an account.
*/function_getVotingUnits(address) internalviewvirtualreturns (uint256);
}
Contract Source Code
File 62 of 63: draft-IERC1822.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/draft-IERC1822.sol)pragmasolidity ^0.8.20;/**
* @dev ERC1822: Universal Upgradeable Proxy Standard (UUPS) documents a method for upgradeability through a simplified
* proxy whose upgrades are fully controlled by the current implementation.
*/interfaceIERC1822Proxiable{
/**
* @dev Returns the storage slot that the proxiable contract assumes is being used to store the implementation
* address.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy.
*/functionproxiableUUID() externalviewreturns (bytes32);
}
Contract Source Code
File 63 of 63: draft-IERC6093.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/draft-IERC6093.sol)pragmasolidity ^0.8.20;/**
* @dev Standard ERC20 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC20 tokens.
*/interfaceIERC20Errors{
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
*/errorERC20InsufficientBalance(address sender, uint256 balance, uint256 needed);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/errorERC20InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/errorERC20InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `spender`’s `allowance`. Used in transfers.
* @param spender Address that may be allowed to operate on tokens without being their owner.
* @param allowance Amount of tokens a `spender` is allowed to operate with.
* @param needed Minimum amount required to perform a transfer.
*/errorERC20InsufficientAllowance(address spender, uint256 allowance, uint256 needed);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/errorERC20InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `spender` to be approved. Used in approvals.
* @param spender Address that may be allowed to operate on tokens without being their owner.
*/errorERC20InvalidSpender(address spender);
}
/**
* @dev Standard ERC721 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC721 tokens.
*/interfaceIERC721Errors{
/**
* @dev Indicates that an address can't be an owner. For example, `address(0)` is a forbidden owner in EIP-20.
* Used in balance queries.
* @param owner Address of the current owner of a token.
*/errorERC721InvalidOwner(address owner);
/**
* @dev Indicates a `tokenId` whose `owner` is the zero address.
* @param tokenId Identifier number of a token.
*/errorERC721NonexistentToken(uint256 tokenId);
/**
* @dev Indicates an error related to the ownership over a particular token. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param tokenId Identifier number of a token.
* @param owner Address of the current owner of a token.
*/errorERC721IncorrectOwner(address sender, uint256 tokenId, address owner);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/errorERC721InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/errorERC721InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param tokenId Identifier number of a token.
*/errorERC721InsufficientApproval(address operator, uint256 tokenId);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/errorERC721InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/errorERC721InvalidOperator(address operator);
}
/**
* @dev Standard ERC1155 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC1155 tokens.
*/interfaceIERC1155Errors{
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
* @param tokenId Identifier number of a token.
*/errorERC1155InsufficientBalance(address sender, uint256 balance, uint256 needed, uint256 tokenId);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/errorERC1155InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/errorERC1155InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param owner Address of the current owner of a token.
*/errorERC1155MissingApprovalForAll(address operator, address owner);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/errorERC1155InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/errorERC1155InvalidOperator(address operator);
/**
* @dev Indicates an array length mismatch between ids and values in a safeBatchTransferFrom operation.
* Used in batch transfers.
* @param idsLength Length of the array of token identifiers
* @param valuesLength Length of the array of token amounts
*/errorERC1155InvalidArrayLength(uint256 idsLength, uint256 valuesLength);
}
