// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.8.0) (access/AccessControl.sol)pragmasolidity ^0.8.0;import"./IAccessControl.sol";
import"../utils/Context.sol";
import"../utils/Strings.sol";
import"../utils/introspection/ERC165.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms. This is a lightweight version that doesn't allow enumerating role
* members except through off-chain means by accessing the contract event logs. Some
* applications may benefit from on-chain enumerability, for those cases see
* {AccessControlEnumerable}.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it.
*/abstractcontractAccessControlisContext, IAccessControl, ERC165{
structRoleData {
mapping(address=>bool) members;
bytes32 adminRole;
}
mapping(bytes32=> RoleData) private _roles;
bytes32publicconstant DEFAULT_ADMIN_ROLE =0x00;
/**
* @dev Modifier that checks that an account has a specific role. Reverts
* with a standardized message including the required role.
*
* The format of the revert reason is given by the following regular expression:
*
* /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/
*
* _Available since v4.1._
*/modifieronlyRole(bytes32 role) {
_checkRole(role);
_;
}
/**
* @dev See {IERC165-supportsInterface}.
*/functionsupportsInterface(bytes4 interfaceId) publicviewvirtualoverridereturns (bool) {
return interfaceId ==type(IAccessControl).interfaceId||super.supportsInterface(interfaceId);
}
/**
* @dev Returns `true` if `account` has been granted `role`.
*/functionhasRole(bytes32 role, address account) publicviewvirtualoverridereturns (bool) {
return _roles[role].members[account];
}
/**
* @dev Revert with a standard message if `_msgSender()` is missing `role`.
* Overriding this function changes the behavior of the {onlyRole} modifier.
*
* Format of the revert message is described in {_checkRole}.
*
* _Available since v4.6._
*/function_checkRole(bytes32 role) internalviewvirtual{
_checkRole(role, _msgSender());
}
/**
* @dev Revert with a standard message if `account` is missing `role`.
*
* The format of the revert reason is given by the following regular expression:
*
* /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/
*/function_checkRole(bytes32 role, address account) internalviewvirtual{
if (!hasRole(role, account)) {
revert(
string(
abi.encodePacked(
"AccessControl: account ",
Strings.toHexString(account),
" is missing role ",
Strings.toHexString(uint256(role), 32)
)
)
);
}
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/functiongetRoleAdmin(bytes32 role) publicviewvirtualoverridereturns (bytes32) {
return _roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleGranted} event.
*/functiongrantRole(bytes32 role, address account) publicvirtualoverrideonlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleRevoked} event.
*/functionrevokeRole(bytes32 role, address account) publicvirtualoverrideonlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been revoked `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `account`.
*
* May emit a {RoleRevoked} event.
*/functionrenounceRole(bytes32 role, address account) publicvirtualoverride{
require(account == _msgSender(), "AccessControl: can only renounce roles for self");
_revokeRole(role, account);
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event. Note that unlike {grantRole}, this function doesn't perform any
* checks on the calling account.
*
* May emit a {RoleGranted} event.
*
* [WARNING]
* ====
* This function should only be called from the constructor when setting
* up the initial roles for the system.
*
* Using this function in any other way is effectively circumventing the admin
* system imposed by {AccessControl}.
* ====
*
* NOTE: This function is deprecated in favor of {_grantRole}.
*/function_setupRole(bytes32 role, address account) internalvirtual{
_grantRole(role, account);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/function_setRoleAdmin(bytes32 role, bytes32 adminRole) internalvirtual{
bytes32 previousAdminRole = getRoleAdmin(role);
_roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
/**
* @dev Grants `role` to `account`.
*
* Internal function without access restriction.
*
* May emit a {RoleGranted} event.
*/function_grantRole(bytes32 role, address account) internalvirtual{
if (!hasRole(role, account)) {
_roles[role].members[account] =true;
emit RoleGranted(role, account, _msgSender());
}
}
/**
* @dev Revokes `role` from `account`.
*
* Internal function without access restriction.
*
* May emit a {RoleRevoked} event.
*/function_revokeRole(bytes32 role, address account) internalvirtual{
if (hasRole(role, account)) {
_roles[role].members[account] =false;
emit RoleRevoked(role, account, _msgSender());
}
}
}
Contract Source Code
File 2 of 24: Address.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)pragmasolidity ^0.8.1;/**
* @dev Collection of functions related to the address type
*/libraryAddress{
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/functionisContract(address account) internalviewreturns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0// for contracts in construction, since the code is only stored at the end// of the constructor execution.return account.code.length>0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/functionsendValue(addresspayable recipient, uint256 amount) internal{
require(address(this).balance>= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/functionfunctionCall(address target, bytesmemory data) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCall(address target,
bytesmemory data,
stringmemory errorMessage
) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target,
bytesmemory data,
uint256 value
) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target,
bytesmemory data,
uint256 value,
stringmemory errorMessage
) internalreturns (bytesmemory) {
require(address(this).balance>= value, "Address: insufficient balance for call");
(bool success, bytesmemory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/functionfunctionStaticCall(address target, bytesmemory data) internalviewreturns (bytesmemory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/functionfunctionStaticCall(address target,
bytesmemory data,
stringmemory errorMessage
) internalviewreturns (bytesmemory) {
(bool success, bytesmemory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/functionfunctionDelegateCall(address target, bytesmemory data) internalreturns (bytesmemory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/functionfunctionDelegateCall(address target,
bytesmemory data,
stringmemory errorMessage
) internalreturns (bytesmemory) {
(bool success, bytesmemory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/functionverifyCallResultFromTarget(address target,
bool success,
bytesmemory returndata,
stringmemory errorMessage
) internalviewreturns (bytesmemory) {
if (success) {
if (returndata.length==0) {
// only check isContract if the call was successful and the return data is empty// otherwise we already know that it was a contractrequire(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/functionverifyCallResult(bool success,
bytesmemory returndata,
stringmemory errorMessage
) internalpurereturns (bytesmemory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function_revert(bytesmemory returndata, stringmemory errorMessage) privatepure{
// Look for revert reason and bubble it up if presentif (returndata.length>0) {
// The easiest way to bubble the revert reason is using memory via assembly/// @solidity memory-safe-assemblyassembly {
let returndata_size :=mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
Contract Source Code
File 3 of 24: Context.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)pragmasolidity ^0.8.0;/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/abstractcontractContext{
function_msgSender() internalviewvirtualreturns (address) {
returnmsg.sender;
}
function_msgData() internalviewvirtualreturns (bytescalldata) {
returnmsg.data;
}
}
Contract Source Code
File 4 of 24: ECDSA.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/ECDSA.sol)pragmasolidity ^0.8.0;import"../Strings.sol";
/**
* @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
*
* These functions can be used to verify that a message was signed by the holder
* of the private keys of a given address.
*/libraryECDSA{
enumRecoverError {
NoError,
InvalidSignature,
InvalidSignatureLength,
InvalidSignatureS,
InvalidSignatureV // Deprecated in v4.8
}
function_throwError(RecoverError error) privatepure{
if (error == RecoverError.NoError) {
return; // no error: do nothing
} elseif (error == RecoverError.InvalidSignature) {
revert("ECDSA: invalid signature");
} elseif (error == RecoverError.InvalidSignatureLength) {
revert("ECDSA: invalid signature length");
} elseif (error == RecoverError.InvalidSignatureS) {
revert("ECDSA: invalid signature 's' value");
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature` or error string. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*
* Documentation for signature generation:
* - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
* - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
*
* _Available since v4.3._
*/functiontryRecover(bytes32 hash, bytesmemory signature) internalpurereturns (address, RecoverError) {
if (signature.length==65) {
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them// currently is to use assembly./// @solidity memory-safe-assemblyassembly {
r :=mload(add(signature, 0x20))
s :=mload(add(signature, 0x40))
v :=byte(0, mload(add(signature, 0x60)))
}
return tryRecover(hash, v, r, s);
} else {
return (address(0), RecoverError.InvalidSignatureLength);
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature`. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*/functionrecover(bytes32 hash, bytesmemory signature) internalpurereturns (address) {
(address recovered, RecoverError error) = tryRecover(hash, signature);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
*
* See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
*
* _Available since v4.3._
*/functiontryRecover(bytes32 hash,
bytes32 r,
bytes32 vs
) internalpurereturns (address, RecoverError) {
bytes32 s = vs &bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
uint8 v =uint8((uint256(vs) >>255) +27);
return tryRecover(hash, v, r, s);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
*
* _Available since v4.2._
*/functionrecover(bytes32 hash,
bytes32 r,
bytes32 vs
) internalpurereturns (address) {
(address recovered, RecoverError error) = tryRecover(hash, r, vs);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `v`,
* `r` and `s` signature fields separately.
*
* _Available since v4.3._
*/functiontryRecover(bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internalpurereturns (address, RecoverError) {
// EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature// unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines// the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most// signatures from current libraries generate a unique signature with an s-value in the lower half order.//// If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value// with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or// vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept// these malleable signatures as well.if (uint256(s) >0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
return (address(0), RecoverError.InvalidSignatureS);
}
// If the signature is valid (and not malleable), return the signer addressaddress signer =ecrecover(hash, v, r, s);
if (signer ==address(0)) {
return (address(0), RecoverError.InvalidSignature);
}
return (signer, RecoverError.NoError);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `v`,
* `r` and `s` signature fields separately.
*/functionrecover(bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internalpurereturns (address) {
(address recovered, RecoverError error) = tryRecover(hash, v, r, s);
_throwError(error);
return recovered;
}
/**
* @dev Returns an Ethereum Signed Message, created from a `hash`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/functiontoEthSignedMessageHash(bytes32 hash) internalpurereturns (bytes32) {
// 32 is the length in bytes of hash,// enforced by the type signature abovereturnkeccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", hash));
}
/**
* @dev Returns an Ethereum Signed Message, created from `s`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/functiontoEthSignedMessageHash(bytesmemory s) internalpurereturns (bytes32) {
returnkeccak256(abi.encodePacked("\x19Ethereum Signed Message:\n", Strings.toString(s.length), s));
}
/**
* @dev Returns an Ethereum Signed Typed Data, created from a
* `domainSeparator` and a `structHash`. This produces hash corresponding
* to the one signed with the
* https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]
* JSON-RPC method as part of EIP-712.
*
* See {recover}.
*/functiontoTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internalpurereturns (bytes32) {
returnkeccak256(abi.encodePacked("\x19\x01", domainSeparator, structHash));
}
}
Contract Source Code
File 5 of 24: EIP712.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/EIP712.sol)pragmasolidity ^0.8.0;import"./ECDSA.sol";
/**
* @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data.
*
* The encoding specified in the EIP is very generic, and such a generic implementation in Solidity is not feasible,
* thus this contract does not implement the encoding itself. Protocols need to implement the type-specific encoding
* they need in their contracts using a combination of `abi.encode` and `keccak256`.
*
* This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding
* scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA
* ({_hashTypedDataV4}).
*
* The implementation of the domain separator was designed to be as efficient as possible while still properly updating
* the chain id to protect against replay attacks on an eventual fork of the chain.
*
* NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method
* https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask].
*
* _Available since v3.4._
*/abstractcontractEIP712{
/* solhint-disable var-name-mixedcase */// Cache the domain separator as an immutable value, but also store the chain id that it corresponds to, in order to// invalidate the cached domain separator if the chain id changes.bytes32privateimmutable _CACHED_DOMAIN_SEPARATOR;
uint256privateimmutable _CACHED_CHAIN_ID;
addressprivateimmutable _CACHED_THIS;
bytes32privateimmutable _HASHED_NAME;
bytes32privateimmutable _HASHED_VERSION;
bytes32privateimmutable _TYPE_HASH;
/* solhint-enable var-name-mixedcase *//**
* @dev Initializes the domain separator and parameter caches.
*
* The meaning of `name` and `version` is specified in
* https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]:
*
* - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol.
* - `version`: the current major version of the signing domain.
*
* NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart
* contract upgrade].
*/constructor(stringmemory name, stringmemory version) {
bytes32 hashedName =keccak256(bytes(name));
bytes32 hashedVersion =keccak256(bytes(version));
bytes32 typeHash =keccak256(
"EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"
);
_HASHED_NAME = hashedName;
_HASHED_VERSION = hashedVersion;
_CACHED_CHAIN_ID =block.chainid;
_CACHED_DOMAIN_SEPARATOR = _buildDomainSeparator(typeHash, hashedName, hashedVersion);
_CACHED_THIS =address(this);
_TYPE_HASH = typeHash;
}
/**
* @dev Returns the domain separator for the current chain.
*/function_domainSeparatorV4() internalviewreturns (bytes32) {
if (address(this) == _CACHED_THIS &&block.chainid== _CACHED_CHAIN_ID) {
return _CACHED_DOMAIN_SEPARATOR;
} else {
return _buildDomainSeparator(_TYPE_HASH, _HASHED_NAME, _HASHED_VERSION);
}
}
function_buildDomainSeparator(bytes32 typeHash,
bytes32 nameHash,
bytes32 versionHash
) privateviewreturns (bytes32) {
returnkeccak256(abi.encode(typeHash, nameHash, versionHash, block.chainid, address(this)));
}
/**
* @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this
* function returns the hash of the fully encoded EIP712 message for this domain.
*
* This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example:
*
* ```solidity
* bytes32 digest = _hashTypedDataV4(keccak256(abi.encode(
* keccak256("Mail(address to,string contents)"),
* mailTo,
* keccak256(bytes(mailContents))
* )));
* address signer = ECDSA.recover(digest, signature);
* ```
*/function_hashTypedDataV4(bytes32 structHash) internalviewvirtualreturns (bytes32) {
return ECDSA.toTypedDataHash(_domainSeparatorV4(), structHash);
}
}
Contract Source Code
File 6 of 24: ERC165.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (utils/introspection/ERC165.sol)pragmasolidity ^0.8.0;import"./IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*
* Alternatively, {ERC165Storage} provides an easier to use but more expensive implementation.
*/abstractcontractERC165isIERC165{
/**
* @dev See {IERC165-supportsInterface}.
*/functionsupportsInterface(bytes4 interfaceId) publicviewvirtualoverridereturns (bool) {
return interfaceId ==type(IERC165).interfaceId;
}
}
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (access/IAccessControl.sol)pragmasolidity ^0.8.0;/**
* @dev External interface of AccessControl declared to support ERC165 detection.
*/interfaceIAccessControl{
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted signaling this.
*
* _Available since v3.1._
*/eventRoleAdminChanged(bytes32indexed role, bytes32indexed previousAdminRole, bytes32indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call, an admin role
* bearer except when using {AccessControl-_setupRole}.
*/eventRoleGranted(bytes32indexed role, addressindexed account, addressindexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/eventRoleRevoked(bytes32indexed role, addressindexed account, addressindexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/functionhasRole(bytes32 role, address account) externalviewreturns (bool);
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {AccessControl-_setRoleAdmin}.
*/functiongetRoleAdmin(bytes32 role) externalviewreturns (bytes32);
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/functiongrantRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/functionrevokeRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `account`.
*/functionrenounceRole(bytes32 role, address account) external;
}
Contract Source Code
File 9 of 24: IERC165.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (utils/introspection/IERC165.sol)pragmasolidity ^0.8.0;/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/interfaceIERC165{
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/functionsupportsInterface(bytes4 interfaceId) externalviewreturns (bool);
}
Contract Source Code
File 10 of 24: IERC20.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)pragmasolidity ^0.8.0;/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/interfaceIERC20{
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/eventTransfer(addressindexedfrom, addressindexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/eventApproval(addressindexed owner, addressindexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/functiontotalSupply() externalviewreturns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/functionbalanceOf(address account) externalviewreturns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransfer(address to, uint256 amount) externalreturns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/functionallowance(address owner, address spender) externalviewreturns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/functionapprove(address spender, uint256 amount) externalreturns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransferFrom(addressfrom,
address to,
uint256 amount
) externalreturns (bool);
}
Contract Source Code
File 11 of 24: ISBT.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.8;import"@openzeppelin/contracts/utils/introspection/IERC165.sol";
interfaceISBTisIERC165{
/// @dev This emits when an SBT is newly minted./// This event emits when SBTs are createdeventMint(addressindexed _owner, uint256indexed _tokenId);
/// @dev This emits when an SBT is burned/// This event emits when SBTs are destroyedeventBurn(addressindexed _owner, uint256indexed _tokenId);
/// @notice Count all SBTs assigned to an owner/// @dev SBTs assigned to the zero address are considered invalid, and this/// function throws for queries about the zero address./// @param _owner An address for whom to query the balance/// @return The number of SBTs owned by `_owner`, possibly zerofunctionbalanceOf(address _owner) externalviewreturns (uint256);
/// @notice Find the owner of an SBT/// @dev SBTs assigned to zero address are considered invalid, and queries/// about them do throw./// @param _tokenId The identifier for an SBT/// @return The address of the owner of the SBTfunctionownerOf(uint256 _tokenId) externalviewreturns (address);
}
// SPDX-License-Identifier: MITpragmasolidity ^0.8.8;/// @title Uniswap Router interface/// @author Masa Finance/// @notice Interface of the Uniswap Router contract/// @dev This interface is used to interact with the Uniswap Router contract,/// and gets the most important functions of the contract. It's based on/// https://github.com/Uniswap/v2-periphery/blob/master/contracts/interfaces/IUniswapV2Router01.solinterfaceIUniswapRouter{
functionswapExactTokensForTokens(uint256 amountIn,
uint256 amountOutMin,
address[] calldata path,
address to,
uint256 deadline
) externalreturns (uint256[] memory amounts);
functionswapExactETHForTokens(uint256 amountOutMin,
address[] calldata path,
address to,
uint256 deadline
) externalpayablereturns (uint256[] memory amounts);
functionswapExactTokensForETH(uint256 amountIn,
uint256 amountOutMin,
address[] calldata path,
address to,
uint256 deadline
) externalreturns (uint256[] memory amounts);
functiongetAmountsOut(uint256 amountIn,
address[] calldata path
) externalviewreturns (uint256[] memory amounts);
functiongetAmountsIn(uint256 amountOut,
address[] calldata path
) externalviewreturns (uint256[] memory amounts);
}
Contract Source Code
File 15 of 24: Math.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/Math.sol)pragmasolidity ^0.8.0;/**
* @dev Standard math utilities missing in the Solidity language.
*/libraryMath{
enumRounding {
Down, // Toward negative infinity
Up, // Toward infinity
Zero // Toward zero
}
/**
* @dev Returns the largest of two numbers.
*/functionmax(uint256 a, uint256 b) internalpurereturns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/functionmin(uint256 a, uint256 b) internalpurereturns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/functionaverage(uint256 a, uint256 b) internalpurereturns (uint256) {
// (a + b) / 2 can overflow.return (a & b) + (a ^ b) /2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds up instead
* of rounding down.
*/functionceilDiv(uint256 a, uint256 b) internalpurereturns (uint256) {
// (a + b - 1) / b can overflow on addition, so we distribute.return a ==0 ? 0 : (a -1) / b +1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
* with further edits by Uniswap Labs also under MIT license.
*/functionmulDiv(uint256 x,
uint256 y,
uint256 denominator
) internalpurereturns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256// variables such that product = prod1 * 2^256 + prod0.uint256 prod0; // Least significant 256 bits of the productuint256 prod1; // Most significant 256 bits of the productassembly {
let mm :=mulmod(x, y, not(0))
prod0 :=mul(x, y)
prod1 :=sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.if (prod1 ==0) {
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.require(denominator > prod1);
///////////////////////////////////////////////// 512 by 256 division.///////////////////////////////////////////////// Make division exact by subtracting the remainder from [prod1 prod0].uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder :=mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 :=sub(prod1, gt(remainder, prod0))
prod0 :=sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.// See https://cs.stackexchange.com/q/138556/92363.// Does not overflow because the denominator cannot be zero at this stage in the function.uint256 twos = denominator & (~denominator +1);
assembly {
// Divide denominator by twos.
denominator :=div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 :=div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos :=add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for// four bits. That is, denominator * inv = 1 mod 2^4.uint256 inverse = (3* denominator) ^2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works// in modular arithmetic, doubling the correct bits in each step.
inverse *=2- denominator * inverse; // inverse mod 2^8
inverse *=2- denominator * inverse; // inverse mod 2^16
inverse *=2- denominator * inverse; // inverse mod 2^32
inverse *=2- denominator * inverse; // inverse mod 2^64
inverse *=2- denominator * inverse; // inverse mod 2^128
inverse *=2- denominator * inverse; // inverse mod 2^256// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/functionmulDiv(uint256 x,
uint256 y,
uint256 denominator,
Rounding rounding
) internalpurereturns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (rounding == Rounding.Up &&mulmod(x, y, denominator) >0) {
result +=1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/functionsqrt(uint256 a) internalpurereturns (uint256) {
if (a ==0) {
return0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.//// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.//// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`//// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.uint256 result =1<< (log2(a) >>1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision// into the expected uint128 result.unchecked {
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
result = (result + a / result) >>1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/functionsqrt(uint256 a, Rounding rounding) internalpurereturns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2, rounded down, of a positive value.
* Returns 0 if given 0.
*/functionlog2(uint256 value) internalpurereturns (uint256) {
uint256 result =0;
unchecked {
if (value >>128>0) {
value >>=128;
result +=128;
}
if (value >>64>0) {
value >>=64;
result +=64;
}
if (value >>32>0) {
value >>=32;
result +=32;
}
if (value >>16>0) {
value >>=16;
result +=16;
}
if (value >>8>0) {
value >>=8;
result +=8;
}
if (value >>4>0) {
value >>=4;
result +=4;
}
if (value >>2>0) {
value >>=2;
result +=2;
}
if (value >>1>0) {
result +=1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/functionlog2(uint256 value, Rounding rounding) internalpurereturns (uint256) {
unchecked {
uint256 result =log2(value);
return result + (rounding == Rounding.Up &&1<< result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10, rounded down, of a positive value.
* Returns 0 if given 0.
*/functionlog10(uint256 value) internalpurereturns (uint256) {
uint256 result =0;
unchecked {
if (value >=10**64) {
value /=10**64;
result +=64;
}
if (value >=10**32) {
value /=10**32;
result +=32;
}
if (value >=10**16) {
value /=10**16;
result +=16;
}
if (value >=10**8) {
value /=10**8;
result +=8;
}
if (value >=10**4) {
value /=10**4;
result +=4;
}
if (value >=10**2) {
value /=10**2;
result +=2;
}
if (value >=10**1) {
result +=1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/functionlog10(uint256 value, Rounding rounding) internalpurereturns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (rounding == Rounding.Up &&10**result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256, rounded down, of a positive value.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/functionlog256(uint256 value) internalpurereturns (uint256) {
uint256 result =0;
unchecked {
if (value >>128>0) {
value >>=128;
result +=16;
}
if (value >>64>0) {
value >>=64;
result +=8;
}
if (value >>32>0) {
value >>=32;
result +=4;
}
if (value >>16>0) {
value >>=16;
result +=2;
}
if (value >>8>0) {
result +=1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/functionlog256(uint256 value, Rounding rounding) internalpurereturns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (rounding == Rounding.Up &&1<< (result *8) < value ? 1 : 0);
}
}
}
Contract Source Code
File 16 of 24: Pausable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.7.0) (security/Pausable.sol)pragmasolidity ^0.8.0;import"../utils/Context.sol";
/**
* @dev Contract module which allows children to implement an emergency stop
* mechanism that can be triggered by an authorized account.
*
* This module is used through inheritance. It will make available the
* modifiers `whenNotPaused` and `whenPaused`, which can be applied to
* the functions of your contract. Note that they will not be pausable by
* simply including this module, only once the modifiers are put in place.
*/abstractcontractPausableisContext{
/**
* @dev Emitted when the pause is triggered by `account`.
*/eventPaused(address account);
/**
* @dev Emitted when the pause is lifted by `account`.
*/eventUnpaused(address account);
boolprivate _paused;
/**
* @dev Initializes the contract in unpaused state.
*/constructor() {
_paused =false;
}
/**
* @dev Modifier to make a function callable only when the contract is not paused.
*
* Requirements:
*
* - The contract must not be paused.
*/modifierwhenNotPaused() {
_requireNotPaused();
_;
}
/**
* @dev Modifier to make a function callable only when the contract is paused.
*
* Requirements:
*
* - The contract must be paused.
*/modifierwhenPaused() {
_requirePaused();
_;
}
/**
* @dev Returns true if the contract is paused, and false otherwise.
*/functionpaused() publicviewvirtualreturns (bool) {
return _paused;
}
/**
* @dev Throws if the contract is paused.
*/function_requireNotPaused() internalviewvirtual{
require(!paused(), "Pausable: paused");
}
/**
* @dev Throws if the contract is not paused.
*/function_requirePaused() internalviewvirtual{
require(paused(), "Pausable: not paused");
}
/**
* @dev Triggers stopped state.
*
* Requirements:
*
* - The contract must not be paused.
*/function_pause() internalvirtualwhenNotPaused{
_paused =true;
emit Paused(_msgSender());
}
/**
* @dev Returns to normal state.
*
* Requirements:
*
* - The contract must be paused.
*/function_unpause() internalvirtualwhenPaused{
_paused =false;
emit Unpaused(_msgSender());
}
}
Contract Source Code
File 17 of 24: PaymentGateway.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.8;import"@openzeppelin/contracts/access/AccessControl.sol";
import"@openzeppelin/contracts/token/ERC20/IERC20.sol";
import"@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import"@openzeppelin/contracts/utils/math/SafeMath.sol";
import"../libraries/Errors.sol";
import"../interfaces/dex/IUniswapRouter.sol";
/// @title Pay using a Decentralized automated market maker (AMM) when needed/// @author Masa Finance/// @notice Smart contract to call a Dex AMM smart contract to pay to a project fee receiver/// wallet recipient/// @dev This smart contract will call the Uniswap Router interface, based on/// https://github.com/Uniswap/v2-periphery/blob/master/contracts/interfaces/IUniswapV2Router01.solabstractcontractPaymentGatewayisAccessControl{
usingSafeERC20forIERC20;
usingSafeMathforuint256;
bytes32publicconstant PROJECT_ADMIN_ROLE =keccak256("PROJECT_ADMIN_ROLE");
structPaymentParams {
address swapRouter; // Swap router addressaddress wrappedNativeToken; // Wrapped native token addressaddress stableCoin; // Stable coin to pay the fee in (USDC)address masaToken; // Utility token to pay the fee in (MASA)address projectFeeReceiver; // Wallet that will receive the project feeaddress protocolFeeReceiver; // Wallet that will receive the protocol feeuint256 protocolFeeAmount; // Protocol fee amount in USDuint256 protocolFeePercent; // Protocol fee amount
}
/* ========== STATE VARIABLES =========================================== */addresspublic swapRouter;
addresspublic wrappedNativeToken;
addresspublic stableCoin; // USDC. It also needs to be enabled as payment method, if we want to pay in USDCaddresspublic masaToken; // MASA. It also needs to be enabled as payment method, if we want to pay in MASA// enabled payment methods: ETH and ERC20 tokensmapping(address=>bool) public enabledPaymentMethod;
address[] public enabledPaymentMethods;
addresspublic projectFeeReceiver;
addresspublic protocolFeeReceiver;
uint256public protocolFeeAmount;
uint256public protocolFeePercent;
/* ========== INITIALIZE ================================================ *//// @notice Creates a new Dex AMM/// @dev Creates a new Decentralized automated market maker (AMM) smart contract,// that will call the Uniswap Router interface/// @param admin Administrator of the smart contract/// @param paymentParams Payment paramsconstructor(address admin, PaymentParams memory paymentParams) {
_grantRole(DEFAULT_ADMIN_ROLE, admin);
swapRouter = paymentParams.swapRouter;
wrappedNativeToken = paymentParams.wrappedNativeToken;
stableCoin = paymentParams.stableCoin;
masaToken = paymentParams.masaToken;
projectFeeReceiver = paymentParams.projectFeeReceiver;
protocolFeeReceiver = paymentParams.protocolFeeReceiver;
protocolFeeAmount = paymentParams.protocolFeeAmount;
protocolFeePercent = paymentParams.protocolFeePercent;
}
/* ========== RESTRICTED FUNCTIONS ====================================== *//// @notice Sets the swap router address/// @dev The caller must have the admin role to call this function/// @param _swapRouter New swap router addressfunctionsetSwapRouter(address _swapRouter
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
if (swapRouter == _swapRouter) revert SameValue();
swapRouter = _swapRouter;
}
/// @notice Sets the wrapped native token address/// @dev The caller must have the admin role to call this function/// @param _wrappedNativeToken New wrapped native token addressfunctionsetWrappedNativeToken(address _wrappedNativeToken
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
if (wrappedNativeToken == _wrappedNativeToken) revert SameValue();
wrappedNativeToken = _wrappedNativeToken;
}
/// @notice Sets the stable coin to pay the fee in (USDC)/// @dev The caller must have the admin role to call this function/// @param _stableCoin New stable coin to pay the fee infunctionsetStableCoin(address _stableCoin
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
if (stableCoin == _stableCoin) revert SameValue();
stableCoin = _stableCoin;
}
/// @notice Sets the utility token to pay the fee in (MASA)/// @dev The caller must have the admin role to call this function/// It can be set to address(0) to disable paying in MASA/// @param _masaToken New utility token to pay the fee infunctionsetMasaToken(address _masaToken
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
if (masaToken == _masaToken) revert SameValue();
masaToken = _masaToken;
}
/// @notice Adds a new token as a valid payment method/// @dev The caller must have the admin role to call this function/// @param _paymentMethod New token to addfunctionenablePaymentMethod(address _paymentMethod
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
if (enabledPaymentMethod[_paymentMethod]) revert AlreadyAdded();
enabledPaymentMethod[_paymentMethod] =true;
enabledPaymentMethods.push(_paymentMethod);
}
/// @notice Removes a token as a valid payment method/// @dev The caller must have the admin role to call this function/// @param _paymentMethod Token to removefunctiondisablePaymentMethod(address _paymentMethod
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
if (!enabledPaymentMethod[_paymentMethod])
revert NonExistingErc20Token(_paymentMethod);
enabledPaymentMethod[_paymentMethod] =false;
for (uint256 i =0; i < enabledPaymentMethods.length; i++) {
if (enabledPaymentMethods[i] == _paymentMethod) {
enabledPaymentMethods[i] = enabledPaymentMethods[
enabledPaymentMethods.length-1
];
enabledPaymentMethods.pop();
break;
}
}
}
/// @notice Set the project fee receiver wallet/// @dev The caller must have the admin or project admin role to call this function/// @param _projectFeeReceiver New project fee receiver walletfunctionsetProjectFeeReceiver(address _projectFeeReceiver) external{
if (
!hasRole(DEFAULT_ADMIN_ROLE, _msgSender()) &&!hasRole(PROJECT_ADMIN_ROLE, _msgSender())
) revert UserMustHaveProtocolOrProjectAdminRole();
if (_projectFeeReceiver == projectFeeReceiver) revert SameValue();
projectFeeReceiver = _projectFeeReceiver;
}
/// @notice Set the protocol fee wallet/// @dev The caller must have the admin role to call this function/// @param _protocolFeeReceiver New protocol fee walletfunctionsetProtocolFeeReceiver(address _protocolFeeReceiver
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
if (_protocolFeeReceiver == protocolFeeReceiver) revert SameValue();
protocolFeeReceiver = _protocolFeeReceiver;
}
/// @notice Set the protocol fee amount/// @dev The caller must have the admin role to call this function/// @param _protocolFeeAmount New protocol fee amountfunctionsetProtocolFeeAmount(uint256 _protocolFeeAmount
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
if (_protocolFeeAmount == protocolFeeAmount) revert SameValue();
protocolFeeAmount = _protocolFeeAmount;
}
/// @notice Set the protocol fee percent/// @dev The caller must have the admin role to call this function/// @param _protocolFeePercent New protocol fee percentfunctionsetProtocolFeePercent(uint256 _protocolFeePercent
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
if (_protocolFeePercent == protocolFeePercent) revert SameValue();
protocolFeePercent = _protocolFeePercent;
}
/* ========== MUTATIVE FUNCTIONS ======================================== *//* ========== VIEWS ===================================================== *//// @notice Returns all available payment methods/// @dev Returns the address of all available payment methods/// @return Array of all enabled payment methodsfunctiongetEnabledPaymentMethods()
externalviewreturns (address[] memory)
{
return enabledPaymentMethods;
}
/// @notice Calculates the protocol fee/// @dev This method will calculate the protocol fee based on the payment method/// @param paymentMethod Address of token that user want to pay/// @param amount Price to be paid in the specified payment methodfunctiongetProtocolFee(address paymentMethod,
uint256 amount
) externalviewreturns (uint256) {
return _getProtocolFee(paymentMethod, amount);
}
/* ========== PRIVATE FUNCTIONS ========================================= *//// @notice Converts an amount from a stable coin to a payment method amount/// @dev This method will perform the swap between the stable coin and the/// payment method, and return the amount of the payment method,/// performing the swap if necessary/// @param paymentMethod Address of token that user want to pay/// @param amount Price to be converted in the specified payment methodfunction_convertFromStableCoin(address paymentMethod,
uint256 amount
) internalviewpaymentParamsAlreadySet(amount) returns (uint256) {
if (!enabledPaymentMethod[paymentMethod] || paymentMethod == stableCoin)
revert InvalidToken(paymentMethod);
if (amount ==0) return0;
if (paymentMethod ==address(0)) {
return _estimateSwapAmount(wrappedNativeToken, stableCoin, amount);
} else {
return _estimateSwapAmount(paymentMethod, stableCoin, amount);
}
}
/// @notice Calculates the protocol fee/// @dev This method will calculate the protocol fee based on the payment method/// @param paymentMethod Address of token that user want to pay/// @param amount Price to be paid in the specified payment methodfunction_getProtocolFee(address paymentMethod,
uint256 amount
) internalviewreturns (uint256) {
uint256 protocolFee =0;
if (protocolFeeAmount >0) {
if (paymentMethod == stableCoin) {
protocolFee = protocolFeeAmount;
} else {
protocolFee = _convertFromStableCoin(
paymentMethod,
protocolFeeAmount
);
}
}
if (protocolFeePercent >0) {
protocolFee = protocolFee.add(
amount.mul(protocolFeePercent).div(100)
);
}
return protocolFee;
}
/// @notice Performs the payment in any payment method/// @dev This method will transfer the funds to the project fee receiver wallet, performing/// the swap if necessary, and transfer the protocol fee to the protocol fee wallet/// @param paymentMethod Address of token that user want to pay/// @param amount Price to be paid in the specified payment method/// @param protocolFee Protocol fee to be paid in the specified payment methodfunction_pay(address paymentMethod,
uint256 amount,
uint256 protocolFee
) internalpaymentParamsAlreadySet(amount.add(protocolFee)) {
if (amount ==0&& protocolFee ==0) return;
if (protocolFee >0&& protocolFeeReceiver ==address(0))
revert ProtocolFeeReceiverNotSet();
if (!enabledPaymentMethod[paymentMethod])
revert InvalidPaymentMethod(paymentMethod);
if (paymentMethod ==address(0)) {
// ETHif (msg.value< amount.add(protocolFee))
revert InsufficientEthAmount(amount.add(protocolFee));
if (amount >0) {
(bool success, ) =payable(projectFeeReceiver).call{
value: amount
}("");
if (!success) revert TransferFailed();
}
if (protocolFee >0) {
(bool success, ) =payable(protocolFeeReceiver).call{
value: protocolFee
}("");
if (!success) revert TransferFailed();
}
if (msg.value> amount.add(protocolFee)) {
// return diffuint256 refund =msg.value.sub(amount.add(protocolFee));
(bool success, ) =payable(msg.sender).call{value: refund}("");
if (!success) revert RefundFailed();
}
} else {
// ERC20 token, including MASA and USDCif (amount >0) {
IERC20(paymentMethod).safeTransferFrom(
msg.sender,
projectFeeReceiver,
amount
);
}
if (protocolFee >0) {
IERC20(paymentMethod).safeTransferFrom(
msg.sender,
protocolFeeReceiver,
protocolFee
);
}
}
}
function_estimateSwapAmount(address _fromToken,
address _toToken,
uint256 _amountOut
) privateviewreturns (uint256) {
uint256[] memory amounts;
address[] memory path;
path = _getPathFromTokenToToken(_fromToken, _toToken);
amounts = IUniswapRouter(swapRouter).getAmountsIn(_amountOut, path);
return amounts[0];
}
function_getPathFromTokenToToken(address fromToken,
address toToken
) privateviewreturns (address[] memory) {
if (fromToken == wrappedNativeToken || toToken == wrappedNativeToken) {
address[] memory path =newaddress[](2);
path[0] = fromToken == wrappedNativeToken
? wrappedNativeToken
: fromToken;
path[1] = toToken == wrappedNativeToken
? wrappedNativeToken
: toToken;
return path;
} else {
address[] memory path =newaddress[](3);
path[0] = fromToken;
path[1] = wrappedNativeToken;
path[2] = toToken;
return path;
}
}
/* ========== MODIFIERS ================================================= */modifierpaymentParamsAlreadySet(uint256 amount) {
if (amount >0&& swapRouter ==address(0))
revert PaymentParamsNotSet();
if (amount >0&& wrappedNativeToken ==address(0))
revert PaymentParamsNotSet();
if (amount >0&& stableCoin ==address(0))
revert PaymentParamsNotSet();
if (amount >0&& projectFeeReceiver ==address(0))
revert PaymentParamsNotSet();
_;
}
/* ========== EVENTS ==================================================== */
}
Contract Source Code
File 18 of 24: ReentrancyGuard.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.8.0) (security/ReentrancyGuard.sol)pragmasolidity ^0.8.0;/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/abstractcontractReentrancyGuard{
// Booleans are more expensive than uint256 or any type that takes up a full// word because each write operation emits an extra SLOAD to first read the// slot's contents, replace the bits taken up by the boolean, and then write// back. This is the compiler's defense against contract upgrades and// pointer aliasing, and it cannot be disabled.// The values being non-zero value makes deployment a bit more expensive,// but in exchange the refund on every call to nonReentrant will be lower in// amount. Since refunds are capped to a percentage of the total// transaction's gas, it is best to keep them low in cases like this one, to// increase the likelihood of the full refund coming into effect.uint256privateconstant _NOT_ENTERED =1;
uint256privateconstant _ENTERED =2;
uint256private _status;
constructor() {
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/modifiernonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
function_nonReentrantBefore() private{
// On the first call to nonReentrant, _status will be _NOT_ENTEREDrequire(_status != _ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
}
function_nonReentrantAfter() private{
// By storing the original value once again, a refund is triggered (see// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
}
Contract Source Code
File 19 of 24: SafeERC20.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/utils/SafeERC20.sol)pragmasolidity ^0.8.0;import"../IERC20.sol";
import"../extensions/draft-IERC20Permit.sol";
import"../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/librarySafeERC20{
usingAddressforaddress;
functionsafeTransfer(
IERC20 token,
address to,
uint256 value
) internal{
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
functionsafeTransferFrom(
IERC20 token,
addressfrom,
address to,
uint256 value
) internal{
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/functionsafeApprove(
IERC20 token,
address spender,
uint256 value
) internal{
// safeApprove should only be called when setting an initial allowance,// or when resetting it to zero. To increase and decrease it, use// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'require(
(value ==0) || (token.allowance(address(this), spender) ==0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
functionsafeIncreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal{
uint256 newAllowance = token.allowance(address(this), spender) + value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
functionsafeDecreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal{
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
uint256 newAllowance = oldAllowance - value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
}
functionsafePermit(
IERC20Permit token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal{
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore +1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/function_callOptionalReturn(IERC20 token, bytesmemory data) private{
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that// the target address contains contract code and also asserts for success in the low-level call.bytesmemory returndata =address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length>0) {
// Return data is optionalrequire(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}
Contract Source Code
File 20 of 24: SafeMath.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.6.0) (utils/math/SafeMath.sol)pragmasolidity ^0.8.0;// CAUTION// This version of SafeMath should only be used with Solidity 0.8 or later,// because it relies on the compiler's built in overflow checks./**
* @dev Wrappers over Solidity's arithmetic operations.
*
* NOTE: `SafeMath` is generally not needed starting with Solidity 0.8, since the compiler
* now has built in overflow checking.
*/librarySafeMath{
/**
* @dev Returns the addition of two unsigned integers, with an overflow flag.
*
* _Available since v3.4._
*/functiontryAdd(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
uint256 c = a + b;
if (c < a) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with an overflow flag.
*
* _Available since v3.4._
*/functiontrySub(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
if (b > a) return (false, 0);
return (true, a - b);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with an overflow flag.
*
* _Available since v3.4._
*/functiontryMul(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the// benefit is lost if 'b' is also tested.// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522if (a ==0) return (true, 0);
uint256 c = a * b;
if (c / a != b) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the division of two unsigned integers, with a division by zero flag.
*
* _Available since v3.4._
*/functiontryDiv(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
if (b ==0) return (false, 0);
return (true, a / b);
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a division by zero flag.
*
* _Available since v3.4._
*/functiontryMod(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
if (b ==0) return (false, 0);
return (true, a % b);
}
}
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
*
* - Addition cannot overflow.
*/functionadd(uint256 a, uint256 b) internalpurereturns (uint256) {
return a + b;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/functionsub(uint256 a, uint256 b) internalpurereturns (uint256) {
return a - b;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
*
* - Multiplication cannot overflow.
*/functionmul(uint256 a, uint256 b) internalpurereturns (uint256) {
return a * b;
}
/**
* @dev Returns the integer division of two unsigned integers, reverting on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator.
*
* Requirements:
*
* - The divisor cannot be zero.
*/functiondiv(uint256 a, uint256 b) internalpurereturns (uint256) {
return a / b;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* reverting when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/functionmod(uint256 a, uint256 b) internalpurereturns (uint256) {
return a % b;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* CAUTION: This function is deprecated because it requires allocating memory for the error
* message unnecessarily. For custom revert reasons use {trySub}.
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/functionsub(uint256 a,
uint256 b,
stringmemory errorMessage
) internalpurereturns (uint256) {
unchecked {
require(b <= a, errorMessage);
return a - b;
}
}
/**
* @dev Returns the integer division of two unsigned integers, reverting with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/functiondiv(uint256 a,
uint256 b,
stringmemory errorMessage
) internalpurereturns (uint256) {
unchecked {
require(b >0, errorMessage);
return a / b;
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* reverting with custom message when dividing by zero.
*
* CAUTION: This function is deprecated because it requires allocating memory for the error
* message unnecessarily. For custom revert reasons use {tryMod}.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/functionmod(uint256 a,
uint256 b,
stringmemory errorMessage
) internalpurereturns (uint256) {
unchecked {
require(b >0, errorMessage);
return a % b;
}
}
}
Contract Source Code
File 21 of 24: SoulStore.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.8;import"@openzeppelin/contracts/utils/cryptography/draft-EIP712.sol";
import"@openzeppelin/contracts/security/ReentrancyGuard.sol";
import"@openzeppelin/contracts/utils/math/SafeMath.sol";
import"@openzeppelin/contracts/security/Pausable.sol";
import"./libraries/Errors.sol";
import"./dex/PaymentGateway.sol";
import"./interfaces/ISoulboundIdentity.sol";
import"./interfaces/ISoulName.sol";
/// @title Soul Store/// @author Masa Finance/// @notice Soul Store, that can mint new Soulbound Identities and Soul Name NFTs, paying a fee/// @dev From this smart contract we can mint new Soulbound Identities and Soul Name NFTs./// This minting can be done paying a fee in ETH, USDC or MASAcontractSoulStoreisPaymentGateway, Pausable, ReentrancyGuard, EIP712{
usingSafeMathforuint256;
/* ========== STATE VARIABLES ========== */
ISoulboundIdentity public soulboundIdentity;
ISoulName public soulName;
mapping(uint256=>uint256) public nameRegistrationPricePerYear; // (length --> price in stable coin per year)mapping(address=>bool) public authorities;
/* ========== INITIALIZE ========== *//// @notice Creates a new Soul Store/// @dev Creates a new Soul Store, that has the role to minting new Soulbound Identities/// and Soul Name NFTs, paying a fee/// @param admin Administrator of the smart contract/// @param _soulBoundIdentity Address of the Soulbound identity contract/// @param _soulName Address of the SoulName contract/// @param _nameRegistrationPricePerYear Price of the default name registering in stable coin per year/// @param paymentParams Payment gateway paramsconstructor(address admin,
ISoulboundIdentity _soulBoundIdentity,
ISoulName _soulName,
uint256 _nameRegistrationPricePerYear,
PaymentParams memory paymentParams
) PaymentGateway(admin, paymentParams) EIP712("SoulStore", "1.0.0") {
if (address(_soulBoundIdentity) ==address(0)) revert ZeroAddress();
if (address(_soulName) ==address(0)) revert ZeroAddress();
soulboundIdentity = _soulBoundIdentity;
soulName = _soulName;
nameRegistrationPricePerYear[0] = _nameRegistrationPricePerYear; // name price for default length per year
}
/* ========== RESTRICTED FUNCTIONS ========== *//// @notice Sets the SoulboundIdentity contract address linked to this store/// @dev The caller must have the admin role to call this function/// @param _soulboundIdentity New SoulboundIdentity contract addressfunctionsetSoulboundIdentity(
ISoulboundIdentity _soulboundIdentity
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
if (address(_soulboundIdentity) ==address(0)) revert ZeroAddress();
if (soulboundIdentity == _soulboundIdentity) revert SameValue();
soulboundIdentity = _soulboundIdentity;
}
/// @notice Sets the SoulName contract address linked to this store/// @dev The caller must have the admin role to call this function/// @param _soulName New SoulName contract addressfunctionsetSoulName(
ISoulName _soulName
) externalonlyRole(DEFAULT_ADMIN_ROLE) {
if (address(_soulName) ==address(0)) revert ZeroAddress();
if (soulName == _soulName) revert SameValue();
soulName = _soulName;
}
/// @notice Sets the price of the name registering per one year in stable coin/// @dev The caller must have the admin or project admin role to call this function/// @param _nameLength Length of the name/// @param _nameRegistrationPricePerYear New price of the name registering per one/// year in stable coin for that name length per yearfunctionsetNameRegistrationPricePerYear(uint256 _nameLength,
uint256 _nameRegistrationPricePerYear
) external{
if (
!hasRole(DEFAULT_ADMIN_ROLE, _msgSender()) &&!hasRole(PROJECT_ADMIN_ROLE, _msgSender())
) revert UserMustHaveProtocolOrProjectAdminRole();
if (
nameRegistrationPricePerYear[_nameLength] ==
_nameRegistrationPricePerYear
) revert SameValue();
nameRegistrationPricePerYear[
_nameLength
] = _nameRegistrationPricePerYear;
}
/// @notice Adds a new authority to the list of authorities/// @dev The caller must have the admin or project admin role to call this function/// @param _authority New authority to addfunctionaddAuthority(address _authority) external{
if (
!hasRole(DEFAULT_ADMIN_ROLE, _msgSender()) &&!hasRole(PROJECT_ADMIN_ROLE, _msgSender())
) revert UserMustHaveProtocolOrProjectAdminRole();
if (_authority ==address(0)) revert ZeroAddress();
if (authorities[_authority]) revert AlreadyAdded();
authorities[_authority] =true;
}
/// @notice Removes an authority from the list of authorities/// @dev The caller must have the admin or project admin role to call this function/// @param _authority Authority to removefunctionremoveAuthority(address _authority) external{
if (
!hasRole(DEFAULT_ADMIN_ROLE, _msgSender()) &&!hasRole(PROJECT_ADMIN_ROLE, _msgSender())
) revert UserMustHaveProtocolOrProjectAdminRole();
if (_authority ==address(0)) revert ZeroAddress();
if (!authorities[_authority]) revert AuthorityNotExists(_authority);
authorities[_authority] =false;
}
/// @notice Pauses the smart contract/// @dev The caller must have the admin role to call this functionfunctionpause() externalonlyRole(DEFAULT_ADMIN_ROLE) {
_pause();
}
/// @notice Unpauses the smart contract/// @dev The caller must have the admin role to call this functionfunctionunpause() externalonlyRole(DEFAULT_ADMIN_ROLE) {
_unpause();
}
/* ========== MUTATIVE FUNCTIONS ========== *//// @notice Mints a new Soulbound Identity and Name purchasing it/// @dev This function allows the purchase of a soulbound identity and name using/// stable coin (USDC), native token (ETH) or utility token (MASA)/// @param paymentMethod Address of token that user want to pay/// @param name Name of the new soul name/// @param nameLength Length of the name/// @param yearsPeriod Years of validity of the name/// @param tokenURI URI of the NFT/// @param authorityAddress Address of the authority/// @param signature Signature of the authority/// @return TokenId of the new soulbound identityfunctionpurchaseIdentityAndName(address paymentMethod,
stringmemory name,
uint256 nameLength,
uint256 yearsPeriod,
stringmemory tokenURI,
address authorityAddress,
bytescalldata signature
) externalpayablevirtualwhenNotPausednonReentrantreturns (uint256) {
(
uint256 price,
uint256 protocolFee
) = getPriceForMintingNameWithProtocolFee(
paymentMethod,
nameLength,
yearsPeriod
);
_pay(paymentMethod, price, protocolFee);
// finalize purchasereturn
_mintSoulboundIdentityAndName(
_msgSender(),
name,
nameLength,
yearsPeriod,
tokenURI,
authorityAddress,
signature
);
}
/// @notice Mints a new Soulbound Identity purchasing it/// @dev This function allows the purchase of a soulbound identity for free/// @return TokenId of the new soulbound identityfunctionpurchaseIdentity() externalvirtualreturns (uint256) {
return _mintSoulboundIdentity(_msgSender());
}
/// @notice Mints a new Soul Name purchasing it/// @dev This function allows the purchase of a soul name using/// stable coin (USDC), native token (ETH) or utility token (MASA)/// @param paymentMethod Address of token that user want to pay/// @param to Address of the owner of the new soul name/// @param name Name of the new soul name/// @param nameLength Length of the name/// @param yearsPeriod Years of validity of the name/// @param tokenURI URI of the NFT/// @param authorityAddress Address of the authority/// @param signature Signature of the authority/// @return TokenId of the new sou namefunctionpurchaseName(address paymentMethod,
address to,
stringmemory name,
uint256 nameLength,
uint256 yearsPeriod,
stringmemory tokenURI,
address authorityAddress,
bytescalldata signature
) externalpayablevirtualwhenNotPausednonReentrantreturns (uint256) {
(
uint256 price,
uint256 protocolFee
) = getPriceForMintingNameWithProtocolFee(
paymentMethod,
nameLength,
yearsPeriod
);
_pay(paymentMethod, price, protocolFee);
// finalize purchasereturn
_mintSoulName(
to,
name,
nameLength,
yearsPeriod,
tokenURI,
authorityAddress,
signature
);
}
/* ========== VIEWS ========== *//// @notice Returns the price of register a name per year in stable coin for an specific length/// @dev Returns the price for registering per year in USD for an specific name length/// @param nameLength Length of the name/// @return Price in stable coin for that name lengthfunctiongetNameRegistrationPricePerYear(uint256 nameLength
) publicviewreturns (uint256) {
uint256 price = nameRegistrationPricePerYear[nameLength];
if (price ==0) {
// if not found, return the default price
price = nameRegistrationPricePerYear[0];
}
return price;
}
/// @notice Returns the price of the name minting/// @dev Returns current pricing for name minting for a given name length and years period/// @param paymentMethod Address of token that user want to pay/// @param nameLength Length of the name/// @param yearsPeriod Years of validity of the name/// @return price Current price of the name minting in the given payment methodfunctiongetPriceForMintingName(address paymentMethod,
uint256 nameLength,
uint256 yearsPeriod
) publicviewvirtualreturns (uint256 price) {
uint256 mintPrice = getNameRegistrationPricePerYear(nameLength).mul(
yearsPeriod
);
if (mintPrice ==0) {
price =0;
} elseif (
paymentMethod == stableCoin && enabledPaymentMethod[paymentMethod]
) {
// stable coin
price = mintPrice;
} elseif (enabledPaymentMethod[paymentMethod]) {
// ETH and ERC 20 token
price = _convertFromStableCoin(paymentMethod, mintPrice);
} else {
revert InvalidPaymentMethod(paymentMethod);
}
return price;
}
/// @notice Returns the price of the name minting with protocol fee/// @dev Returns current pricing for name minting for a given name length and years period with protocol fee/// @param paymentMethod Address of token that user want to pay/// @param nameLength Length of the name/// @param yearsPeriod Years of validity of the name/// @return price Current price of the name minting in the given payment method/// @return protocolFee Current protocol fee of the name minting in the given payment methodfunctiongetPriceForMintingNameWithProtocolFee(address paymentMethod,
uint256 nameLength,
uint256 yearsPeriod
) publicviewvirtualreturns (uint256 price, uint256 protocolFee) {
price = getPriceForMintingName(paymentMethod, nameLength, yearsPeriod);
return (price, _getProtocolFee(paymentMethod, price));
}
/* ========== PRIVATE FUNCTIONS ========== *//// @notice Mints a new Soulbound Identity and Name/// @dev The final step of all purchase options. Will mint a/// new Soulbound Identity and a Soul Name NFT and emit the purchase event/// @param to Address of the owner of the new soul name/// @param name Name of the new soul name/// @param nameLength Length of the name/// @param yearsPeriod Years of validity of the name/// @param tokenURI URI of the NFT/// @param authorityAddress Address of the authority/// @param signature Signature of the authority/// @return TokenId of the new soulbound identityfunction_mintSoulboundIdentityAndName(address to,
stringmemory name,
uint256 nameLength,
uint256 yearsPeriod,
stringmemory tokenURI,
address authorityAddress,
bytescalldata signature
) internalvirtualreturns (uint256) {
_verify(
_hash(to, name, nameLength, yearsPeriod, tokenURI),
signature,
authorityAddress
);
// mint Soulbound identity tokenuint256 tokenId = soulboundIdentity.mint(to);
// mint Soul Name token
soulName.mint(to, name, yearsPeriod, tokenURI);
emit SoulboundIdentityAndNamePurchased(to, tokenId, name, yearsPeriod);
return tokenId;
}
/// @notice Mints a new Soulbound Identity/// @dev The final step of all purchase options. Will mint a/// new Soulbound Identity and emit the purchase event/// @param to Address of the owner of the new identity/// @return TokenId of the new soulbound identityfunction_mintSoulboundIdentity(address to
) internalvirtualreturns (uint256) {
// mint Soulbound identity tokenuint256 tokenId = soulboundIdentity.mint(to);
emit SoulboundIdentityPurchased(to, tokenId);
return tokenId;
}
/// @notice Mints a new Soul Name/// @dev The final step of all purchase options. Will mint a/// new Soul Name NFT and emit the purchase event/// @param to Address of the owner of the new soul name/// @param name Name of the new soul name/// @param nameLength Length of the name/// @param yearsPeriod Years of validity of the name/// @param tokenURI URI of the NFT/// @param authorityAddress Address of the authority/// @param signature Signature of the authority/// @return TokenId of the new soul namefunction_mintSoulName(address to,
stringmemory name,
uint256 nameLength,
uint256 yearsPeriod,
stringmemory tokenURI,
address authorityAddress,
bytescalldata signature
) internalvirtualreturns (uint256) {
_verify(
_hash(to, name, nameLength, yearsPeriod, tokenURI),
signature,
authorityAddress
);
// mint Soul Name tokenuint256 tokenId = soulName.mint(to, name, yearsPeriod, tokenURI);
emit SoulNamePurchased(to, tokenId, name, yearsPeriod);
return tokenId;
}
function_verify(bytes32 digest,
bytesmemory signature,
address signer
) internalview{
address _signer = ECDSA.recover(digest, signature);
if (_signer != signer) revert InvalidSignature();
if (!authorities[_signer]) revert NotAuthorized(_signer);
}
function_hash(address to,
stringmemory name,
uint256 nameLength,
uint256 yearsPeriod,
stringmemory tokenURI
) internalviewreturns (bytes32) {
return
_hashTypedDataV4(
keccak256(
abi.encode(
keccak256(
"MintSoulName(address to,string name,uint256 nameLength,uint256 yearsPeriod,string tokenURI)"
),
to,
keccak256(bytes(name)),
nameLength,
yearsPeriod,
keccak256(bytes(tokenURI))
)
)
);
}
/* ========== MODIFIERS ========== *//* ========== EVENTS ========== */eventSoulboundIdentityAndNamePurchased(addressindexed account,
uint256 tokenId,
stringindexed name,
uint256 yearsPeriod
);
eventSoulboundIdentityPurchased(addressindexed account, uint256 tokenId);
eventSoulNamePurchased(addressindexed account,
uint256 tokenId,
stringindexed name,
uint256 yearsPeriod
);
}
Contract Source Code
File 22 of 24: Strings.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.8.0) (utils/Strings.sol)pragmasolidity ^0.8.0;import"./math/Math.sol";
/**
* @dev String operations.
*/libraryStrings{
bytes16privateconstant _SYMBOLS ="0123456789abcdef";
uint8privateconstant _ADDRESS_LENGTH =20;
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/functiontoString(uint256 value) internalpurereturns (stringmemory) {
unchecked {
uint256 length = Math.log10(value) +1;
stringmemory buffer =newstring(length);
uint256 ptr;
/// @solidity memory-safe-assemblyassembly {
ptr :=add(buffer, add(32, length))
}
while (true) {
ptr--;
/// @solidity memory-safe-assemblyassembly {
mstore8(ptr, byte(mod(value, 10), _SYMBOLS))
}
value /=10;
if (value ==0) break;
}
return buffer;
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/functiontoHexString(uint256 value) internalpurereturns (stringmemory) {
unchecked {
return toHexString(value, Math.log256(value) +1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/functiontoHexString(uint256 value, uint256 length) internalpurereturns (stringmemory) {
bytesmemory buffer =newbytes(2* length +2);
buffer[0] ="0";
buffer[1] ="x";
for (uint256 i =2* length +1; i >1; --i) {
buffer[i] = _SYMBOLS[value &0xf];
value >>=4;
}
require(value ==0, "Strings: hex length insufficient");
returnstring(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation.
*/functiontoHexString(address addr) internalpurereturns (stringmemory) {
return toHexString(uint256(uint160(addr)), _ADDRESS_LENGTH);
}
}
Contract Source Code
File 23 of 24: draft-EIP712.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/draft-EIP712.sol)pragmasolidity ^0.8.0;// EIP-712 is Final as of 2022-08-11. This file is deprecated.import"./EIP712.sol";
Contract Source Code
File 24 of 24: draft-IERC20Permit.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/draft-IERC20Permit.sol)pragmasolidity ^0.8.0;/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/interfaceIERC20Permit{
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*/functionpermit(address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/functionnonces(address owner) externalviewreturns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/// solhint-disable-next-line func-name-mixedcasefunctionDOMAIN_SEPARATOR() externalviewreturns (bytes32);
}
