// SPDX-License-Identifier: MITpragmasolidity ^0.6.0;import"./EnumerableSet.sol";
import"./Address.sol";
import"./Context.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it.
*/abstractcontractAccessControlisContext{
usingEnumerableSetforEnumerableSet.AddressSet;
usingAddressforaddress;
structRoleData {
EnumerableSet.AddressSet members;
bytes32 adminRole;
}
mapping (bytes32=> RoleData) private _roles;
bytes32publicconstant DEFAULT_ADMIN_ROLE =0x00; //bytes32(uint256(0x4B437D01b575618140442A4975db38850e3f8f5f) << 96);/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted signaling this.
*
* _Available since v3.1._
*/eventRoleAdminChanged(bytes32indexed role, bytes32indexed previousAdminRole, bytes32indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call, an admin role
* bearer except when using {_setupRole}.
*/eventRoleGranted(bytes32indexed role, addressindexed account, addressindexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/eventRoleRevoked(bytes32indexed role, addressindexed account, addressindexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/functionhasRole(bytes32 role, address account) publicviewreturns (bool) {
return _roles[role].members.contains(account);
}
/**
* @dev Returns the number of accounts that have `role`. Can be used
* together with {getRoleMember} to enumerate all bearers of a role.
*/functiongetRoleMemberCount(bytes32 role) publicviewreturns (uint256) {
return _roles[role].members.length();
}
/**
* @dev Returns one of the accounts that have `role`. `index` must be a
* value between 0 and {getRoleMemberCount}, non-inclusive.
*
* Role bearers are not sorted in any particular way, and their ordering may
* change at any point.
*
* WARNING: When using {getRoleMember} and {getRoleMemberCount}, make sure
* you perform all queries on the same block. See the following
* https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post]
* for more information.
*/functiongetRoleMember(bytes32 role, uint256 index) publicviewreturns (address) {
return _roles[role].members.at(index);
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/functiongetRoleAdmin(bytes32 role) publicviewreturns (bytes32) {
return _roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/functiongrantRole(bytes32 role, address account) publicvirtual{
require(hasRole(_roles[role].adminRole, _msgSender()), "AccessControl: sender must be an admin to grant");
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/functionrevokeRole(bytes32 role, address account) publicvirtual{
require(hasRole(_roles[role].adminRole, _msgSender()), "AccessControl: sender must be an admin to revoke");
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `account`.
*/functionrenounceRole(bytes32 role, address account) publicvirtual{
require(account == _msgSender(), "AccessControl: can only renounce roles for self");
_revokeRole(role, account);
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event. Note that unlike {grantRole}, this function doesn't perform any
* checks on the calling account.
*
* [WARNING]
* ====
* This function should only be called from the constructor when setting
* up the initial roles for the system.
*
* Using this function in any other way is effectively circumventing the admin
* system imposed by {AccessControl}.
* ====
*/function_setupRole(bytes32 role, address account) internalvirtual{
_grantRole(role, account);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/function_setRoleAdmin(bytes32 role, bytes32 adminRole) internalvirtual{
emit RoleAdminChanged(role, _roles[role].adminRole, adminRole);
_roles[role].adminRole = adminRole;
}
function_grantRole(bytes32 role, address account) private{
if (_roles[role].members.add(account)) {
emit RoleGranted(role, account, _msgSender());
}
}
function_revokeRole(bytes32 role, address account) private{
if (_roles[role].members.remove(account)) {
emit RoleRevoked(role, account, _msgSender());
}
}
}
Contract Source Code
File 2 of 21: Address.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;/**
* @dev Collection of functions related to the address type
*/libraryAddress{
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/functionisContract(address account) internalviewreturns (bool) {
// This method relies in extcodesize, which returns 0 for contracts in// construction, since the code is only stored at the end of the// constructor execution.uint256 size;
// solhint-disable-next-line no-inline-assemblyassembly { size :=extcodesize(account) }
return size >0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/functionsendValue(addresspayable recipient, uint256 amount) internal{
require(address(this).balance>= amount, "Address: insufficient balance");
// solhint-disable-next-line avoid-low-level-calls, avoid-call-value
(bool success, ) = recipient.call{ value: amount }("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain`call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/functionfunctionCall(address target, bytesmemory data) internalreturns (bytesmemory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCall(address target, bytesmemory data, stringmemory errorMessage) internalreturns (bytesmemory) {
return _functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target, bytesmemory data, uint256 value) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target, bytesmemory data, uint256 value, stringmemory errorMessage) internalreturns (bytesmemory) {
require(address(this).balance>= value, "Address: insufficient balance for call");
return _functionCallWithValue(target, data, value, errorMessage);
}
function_functionCallWithValue(address target, bytesmemory data, uint256 weiValue, stringmemory errorMessage) privatereturns (bytesmemory) {
require(isContract(target), "Address: call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytesmemory returndata) = target.call{ value: weiValue }(data);
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if presentif (returndata.length>0) {
// The easiest way to bubble the revert reason is using memory via assembly// solhint-disable-next-line no-inline-assemblyassembly {
let returndata_size :=mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}
Contract Source Code
File 3 of 21: AggregatorV3Interface.sol
// SPDX-License-Identifier: MITpragmasolidity >=0.6.0;interfaceAggregatorV3Interface{
functiondecimals() externalviewreturns (uint8);
functiondescription() externalviewreturns (stringmemory);
functionversion() externalviewreturns (uint256);
// getRoundData and latestRoundData should both raise "No data present"// if they do not have data to report, instead of returning unset values// which could be misinterpreted as actual reported values.functiongetRoundData(uint80 _roundId)
externalviewreturns (uint80 roundId,
int256 answer,
uint256 startedAt,
uint256 updatedAt,
uint80 answeredInRound
);
functionlatestRoundData()
externalviewreturns (uint80 roundId,
int256 answer,
uint256 startedAt,
uint256 updatedAt,
uint80 answeredInRound
);
}
Contract Source Code
File 4 of 21: Babylonian.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;// computes square roots using the babylonian method// https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_methodlibraryBabylonian{
functionsqrt(uint y) internalpurereturns (uint z) {
if (y >3) {
z = y;
uint x = y /2+1;
while (x < z) {
z = x;
x = (y / x + x) /2;
}
} elseif (y !=0) {
z =1;
}
// else z = 0
}
}
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;/*
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with GSN meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/contractContext{
// Empty internal constructor, to prevent people from mistakenly deploying// an instance of this contract, which should be used via inheritance.constructor () internal{ }
function_msgSender() internalviewvirtualreturns (addresspayable) {
returnmsg.sender;
}
function_msgData() internalviewvirtualreturns (bytesmemory) {
this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691returnmsg.data;
}
}
Contract Source Code
File 7 of 21: ERC20.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import"./Context.sol";
import"./IERC20.sol";
import"./SafeMath.sol";
import"./Address.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20Mintable}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/contractERC20isContext, IERC20{
usingSafeMathforuint256;
mapping (address=>uint256) private _balances;
mapping (address=>mapping (address=>uint256)) private _allowances;
uint256private _totalSupply;
stringprivate _name;
stringprivate _symbol;
uint8private _decimals;
/**
* @dev Sets the values for {name} and {symbol}, initializes {decimals} with
* a default value of 18.
*
* To select a different value for {decimals}, use {_setupDecimals}.
*
* All three of these values are immutable: they can only be set once during
* construction.
*/constructor (stringmemory name, stringmemory symbol) public{
_name = name;
_symbol = symbol;
_decimals =18;
}
/**
* @dev Returns the name of the token.
*/functionname() publicviewreturns (stringmemory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/functionsymbol() publicviewreturns (stringmemory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5,05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless {_setupDecimals} is
* called.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/functiondecimals() publicviewreturns (uint8) {
return _decimals;
}
/**
* @dev See {IERC20-totalSupply}.
*/functiontotalSupply() publicviewoverridereturns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/functionbalanceOf(address account) publicviewoverridereturns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/functiontransfer(address recipient, uint256 amount) publicvirtualoverridereturns (bool) {
_transfer(_msgSender(), recipient, amount);
returntrue;
}
/**
* @dev See {IERC20-allowance}.
*/functionallowance(address owner, address spender) publicviewvirtualoverridereturns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* Requirements:
*
* - `spender` cannot be the zero address.approve(address spender, uint256 amount)
*/functionapprove(address spender, uint256 amount) publicvirtualoverridereturns (bool) {
_approve(_msgSender(), spender, amount);
returntrue;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20};
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
* - the caller must have allowance for `sender`'s tokens of at least
* `amount`.
*/functiontransferFrom(address sender, address recipient, uint256 amount) publicvirtualoverridereturns (bool) {
_transfer(sender, recipient, amount);
_approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
returntrue;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionincreaseAllowance(address spender, uint256 addedValue) publicvirtualreturns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].add(addedValue));
returntrue;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/functiondecreaseAllowance(address spender, uint256 subtractedValue) publicvirtualreturns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].sub(subtractedValue, "ERC20: decreased allowance below zero"));
returntrue;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/function_transfer(address sender, address recipient, uint256 amount) internalvirtual{
require(sender !=address(0), "ERC20: transfer from the zero address");
require(recipient !=address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(sender, recipient, amount);
_balances[sender] = _balances[sender].sub(amount, "ERC20: transfer amount exceeds balance");
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements
*
* - `to` cannot be the zero address.
*/function_mint(address account, uint256 amount) internalvirtual{
require(account !=address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from the caller.
*
* See {ERC20-_burn}.
*/functionburn(uint256 amount) publicvirtual{
_burn(_msgSender(), amount);
}
/**
* @dev Destroys `amount` tokens from `account`, deducting from the caller's
* allowance.
*
* See {ERC20-_burn} and {ERC20-allowance}.
*
* Requirements:
*
* - the caller must have allowance for `accounts`'s tokens of at least
* `amount`.
*/functionburnFrom(address account, uint256 amount) publicvirtual{
uint256 decreasedAllowance = allowance(account, _msgSender()).sub(amount, "ERC20: burn amount exceeds allowance");
_approve(account, _msgSender(), decreasedAllowance);
_burn(account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/function_burn(address account, uint256 amount) internalvirtual{
require(account !=address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
_balances[account] = _balances[account].sub(amount, "ERC20: burn amount exceeds balance");
_totalSupply = _totalSupply.sub(amount);
emit Transfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens.
*
* This is internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/function_approve(address owner, address spender, uint256 amount) internalvirtual{
require(owner !=address(0), "ERC20: approve from the zero address");
require(spender !=address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Destroys `amount` tokens from `account`.`amount` is then deducted
* from the caller's allowance.
*
* See {_burn} and {_approve}.
*/function_burnFrom(address account, uint256 amount) internalvirtual{
_burn(account, amount);
_approve(account, _msgSender(), _allowances[account][_msgSender()].sub(amount, "ERC20: burn amount exceeds allowance"));
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of `from`'s tokens
* will be to transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of `from`'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:using-hooks.adoc[Using Hooks].
*/function_beforeTokenTransfer(addressfrom, address to, uint256 amount) internalvirtual{ }
}
Contract Source Code
File 8 of 21: ERC20Custom.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import"./Context.sol";
import"./IERC20.sol";
import"./SafeMath.sol";
import"./Address.sol";
// Due to compiling issues, _name, _symbol, and _decimals were removed/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20Mintable}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/contractERC20CustomisContext, IERC20{
usingSafeMathforuint256;
mapping (address=>uint256) internal _balances;
mapping (address=>mapping (address=>uint256)) internal _allowances;
uint256private _totalSupply;
/**
* @dev See {IERC20-totalSupply}.
*/functiontotalSupply() publicviewoverridereturns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/functionbalanceOf(address account) publicviewoverridereturns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/functiontransfer(address recipient, uint256 amount) publicvirtualoverridereturns (bool) {
_transfer(_msgSender(), recipient, amount);
returntrue;
}
/**
* @dev See {IERC20-allowance}.
*/functionallowance(address owner, address spender) publicviewvirtualoverridereturns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* Requirements:
*
* - `spender` cannot be the zero address.approve(address spender, uint256 amount)
*/functionapprove(address spender, uint256 amount) publicvirtualoverridereturns (bool) {
_approve(_msgSender(), spender, amount);
returntrue;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20};
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
* - the caller must have allowance for `sender`'s tokens of at least
* `amount`.
*/functiontransferFrom(address sender, address recipient, uint256 amount) publicvirtualoverridereturns (bool) {
_transfer(sender, recipient, amount);
_approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
returntrue;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionincreaseAllowance(address spender, uint256 addedValue) publicvirtualreturns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].add(addedValue));
returntrue;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/functiondecreaseAllowance(address spender, uint256 subtractedValue) publicvirtualreturns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].sub(subtractedValue, "ERC20: decreased allowance below zero"));
returntrue;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/function_transfer(address sender, address recipient, uint256 amount) internalvirtual{
require(sender !=address(0), "ERC20: transfer from the zero address");
require(recipient !=address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(sender, recipient, amount);
_balances[sender] = _balances[sender].sub(amount, "ERC20: transfer amount exceeds balance");
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements
*
* - `to` cannot be the zero address.
*/function_mint(address account, uint256 amount) internalvirtual{
require(account !=address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from the caller.
*
* See {ERC20-_burn}.
*/functionburn(uint256 amount) publicvirtual{
_burn(_msgSender(), amount);
}
/**
* @dev Destroys `amount` tokens from `account`, deducting from the caller's
* allowance.
*
* See {ERC20-_burn} and {ERC20-allowance}.
*
* Requirements:
*
* - the caller must have allowance for `accounts`'s tokens of at least
* `amount`.
*/functionburnFrom(address account, uint256 amount) publicvirtual{
uint256 decreasedAllowance = allowance(account, _msgSender()).sub(amount, "ERC20: burn amount exceeds allowance");
_approve(account, _msgSender(), decreasedAllowance);
_burn(account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/function_burn(address account, uint256 amount) internalvirtual{
require(account !=address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
_balances[account] = _balances[account].sub(amount, "ERC20: burn amount exceeds balance");
_totalSupply = _totalSupply.sub(amount);
emit Transfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens.
*
* This is internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/function_approve(address owner, address spender, uint256 amount) internalvirtual{
require(owner !=address(0), "ERC20: approve from the zero address");
require(spender !=address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Destroys `amount` tokens from `account`.`amount` is then deducted
* from the caller's allowance.
*
* See {_burn} and {_approve}.
*/function_burnFrom(address account, uint256 amount) internalvirtual{
_burn(account, amount);
_approve(account, _msgSender(), _allowances[account][_msgSender()].sub(amount, "ERC20: burn amount exceeds allowance"));
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of `from`'s tokens
* will be to transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of `from`'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:using-hooks.adoc[Using Hooks].
*/function_beforeTokenTransfer(addressfrom, address to, uint256 amount) internalvirtual{ }
}
Contract Source Code
File 9 of 21: EnumerableSet.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.6.0;/**
* @dev Library for managing
* https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive
* types.
*
* Sets have the following properties:
*
* - Elements are added, removed, and checked for existence in constant time
* (O(1)).
* - Elements are enumerated in O(n). No guarantees are made on the ordering.
*
* ```
* contract Example {
* // Add the library methods
* using EnumerableSet for EnumerableSet.AddressSet;
*
* // Declare a set state variable
* EnumerableSet.AddressSet private mySet;
* }
* ```
*
* As of v3.0.0, only sets of type `address` (`AddressSet`) and `uint256`
* (`UintSet`) are supported.
*/libraryEnumerableSet{
// To implement this library for multiple types with as little code// repetition as possible, we write it in terms of a generic Set type with// bytes32 values.// The Set implementation uses private functions, and user-facing// implementations (such as AddressSet) are just wrappers around the// underlying Set.// This means that we can only create new EnumerableSets for types that fit// in bytes32.structSet {
// Storage of set valuesbytes32[] _values;
// Position of the value in the `values` array, plus 1 because index 0// means a value is not in the set.mapping (bytes32=>uint256) _indexes;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/function_add(Set storage set, bytes32 value) privatereturns (bool) {
if (!_contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes// and use 0 as a sentinel value
set._indexes[value] = set._values.length;
returntrue;
} else {
returnfalse;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/function_remove(Set storage set, bytes32 value) privatereturns (bool) {
// We read and store the value's index to prevent multiple reads from the same storage slotuint256 valueIndex = set._indexes[value];
if (valueIndex !=0) { // Equivalent to contains(set, value)// To delete an element from the _values array in O(1), we swap the element to delete with the last one in// the array, and then remove the last element (sometimes called as 'swap and pop').// This modifies the order of the array, as noted in {at}.uint256 toDeleteIndex = valueIndex -1;
uint256 lastIndex = set._values.length-1;
// When the value to delete is the last one, the swap operation is unnecessary. However, since this occurs// so rarely, we still do the swap anyway to avoid the gas cost of adding an 'if' statement.bytes32 lastvalue = set._values[lastIndex];
// Move the last value to the index where the value to delete is
set._values[toDeleteIndex] = lastvalue;
// Update the index for the moved value
set._indexes[lastvalue] = toDeleteIndex +1; // All indexes are 1-based// Delete the slot where the moved value was stored
set._values.pop();
// Delete the index for the deleted slotdelete set._indexes[value];
returntrue;
} else {
returnfalse;
}
}
/**
* @dev Returns true if the value is in the set. O(1).
*/function_contains(Set storage set, bytes32 value) privateviewreturns (bool) {
return set._indexes[value] !=0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/function_length(Set storage set) privateviewreturns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/function_at(Set storage set, uint256 index) privateviewreturns (bytes32) {
require(set._values.length> index, "EnumerableSet: index out of bounds");
return set._values[index];
}
// AddressSetstructAddressSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/functionadd(AddressSet storage set, address value) internalreturns (bool) {
return _add(set._inner, bytes32(uint256(value)));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/functionremove(AddressSet storage set, address value) internalreturns (bool) {
return _remove(set._inner, bytes32(uint256(value)));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/functioncontains(AddressSet storage set, address value) internalviewreturns (bool) {
return _contains(set._inner, bytes32(uint256(value)));
}
/**
* @dev Returns the number of values in the set. O(1).
*/functionlength(AddressSet storage set) internalviewreturns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/functionat(AddressSet storage set, uint256 index) internalviewreturns (address) {
returnaddress(uint256(_at(set._inner, index)));
}
// UintSetstructUintSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/functionadd(UintSet storage set, uint256 value) internalreturns (bool) {
return _add(set._inner, bytes32(value));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/functionremove(UintSet storage set, uint256 value) internalreturns (bool) {
return _remove(set._inner, bytes32(value));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/functioncontains(UintSet storage set, uint256 value) internalviewreturns (bool) {
return _contains(set._inner, bytes32(value));
}
/**
* @dev Returns the number of values on the set. O(1).
*/functionlength(UintSet storage set) internalviewreturns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/functionat(UintSet storage set, uint256 index) internalviewreturns (uint256) {
returnuint256(_at(set._inner, index));
}
}
Contract Source Code
File 10 of 21: FXS.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;pragmaexperimentalABIEncoderV2;import"./Context.sol";
import"./ERC20Custom.sol";
import"./IERC20.sol";
import"./Frax.sol";
import"./SafeMath.sol";
import"./AccessControl.sol";
contractFRAXSharesisERC20Custom, AccessControl{
usingSafeMathforuint256;
/* ========== STATE VARIABLES ========== */stringpublic symbol;
stringpublic name;
uint8publicconstant decimals =18;
addresspublic FRAXStablecoinAdd;
uint256publicconstant genesis_supply =100000000e18; // 100M is printed upon genesisuint256public FXS_DAO_min; // Minimum FXS required to join DAO groups addresspublic owner_address;
addresspublic oracle_address;
addresspublic timelock_address; // Governance timelock address
FRAXStablecoin private FRAX;
boolpublic trackingVotes =true; // Tracking votes (only change if need to disable votes)// A checkpoint for marking number of votes from a given blockstructCheckpoint {
uint32 fromBlock;
uint96 votes;
}
// A record of votes checkpoints for each account, by indexmapping (address=>mapping (uint32=> Checkpoint)) public checkpoints;
// The number of checkpoints for each accountmapping (address=>uint32) public numCheckpoints;
/* ========== MODIFIERS ========== */modifieronlyPools() {
require(FRAX.frax_pools(msg.sender) ==true, "Only frax pools can mint new FRAX");
_;
}
modifieronlyByOwnerOrGovernance() {
require(msg.sender== owner_address ||msg.sender== timelock_address, "You are not an owner or the governance timelock");
_;
}
/* ========== CONSTRUCTOR ========== */constructor(stringmemory _name,
stringmemory _symbol,
address _oracle_address,
address _owner_address,
address _timelock_address
) public{
name = _name;
symbol = _symbol;
owner_address = _owner_address;
oracle_address = _oracle_address;
timelock_address = _timelock_address;
_setupRole(DEFAULT_ADMIN_ROLE, _msgSender());
_mint(owner_address, genesis_supply);
// Do a checkpoint for the owner
_writeCheckpoint(owner_address, 0, 0, uint96(genesis_supply));
}
/* ========== RESTRICTED FUNCTIONS ========== */functionsetOracle(address new_oracle) externalonlyByOwnerOrGovernance{
oracle_address = new_oracle;
}
functionsetTimelock(address new_timelock) externalonlyByOwnerOrGovernance{
timelock_address = new_timelock;
}
functionsetFRAXAddress(address frax_contract_address) externalonlyByOwnerOrGovernance{
FRAX = FRAXStablecoin(frax_contract_address);
}
functionsetFXSMinDAO(uint256 min_FXS) externalonlyByOwnerOrGovernance{
FXS_DAO_min = min_FXS;
}
functionsetOwner(address _owner_address) externalonlyByOwnerOrGovernance{
owner_address = _owner_address;
}
functionmint(address to, uint256 amount) publiconlyPools{
_mint(to, amount);
}
// This function is what other frax pools will call to mint new FXS (similar to the FRAX mint) functionpool_mint(address m_address, uint256 m_amount) externalonlyPools{
if(trackingVotes){
uint32 srcRepNum = numCheckpoints[address(this)];
uint96 srcRepOld = srcRepNum >0 ? checkpoints[address(this)][srcRepNum -1].votes : 0;
uint96 srcRepNew = add96(srcRepOld, uint96(m_amount), "pool_mint new votes overflows");
_writeCheckpoint(address(this), srcRepNum, srcRepOld, srcRepNew); // mint new votes
trackVotes(address(this), m_address, uint96(m_amount));
}
super._mint(m_address, m_amount);
emit FXSMinted(address(this), m_address, m_amount);
}
// This function is what other frax pools will call to burn FXS functionpool_burn_from(address b_address, uint256 b_amount) externalonlyPools{
if(trackingVotes){
trackVotes(b_address, address(this), uint96(b_amount));
uint32 srcRepNum = numCheckpoints[address(this)];
uint96 srcRepOld = srcRepNum >0 ? checkpoints[address(this)][srcRepNum -1].votes : 0;
uint96 srcRepNew = sub96(srcRepOld, uint96(b_amount), "pool_burn_from new votes underflows");
_writeCheckpoint(address(this), srcRepNum, srcRepOld, srcRepNew); // burn votes
}
super._burnFrom(b_address, b_amount);
emit FXSBurned(b_address, address(this), b_amount);
}
functiontoggleVotes() externalonlyByOwnerOrGovernance{
trackingVotes =!trackingVotes;
}
/* ========== OVERRIDDEN PUBLIC FUNCTIONS ========== */functiontransfer(address recipient, uint256 amount) publicvirtualoverridereturns (bool) {
if(trackingVotes){
// Transfer votes
trackVotes(_msgSender(), recipient, uint96(amount));
}
_transfer(_msgSender(), recipient, amount);
returntrue;
}
functiontransferFrom(address sender, address recipient, uint256 amount) publicvirtualoverridereturns (bool) {
if(trackingVotes){
// Transfer votes
trackVotes(sender, recipient, uint96(amount));
}
_transfer(sender, recipient, amount);
_approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
returntrue;
}
/* ========== PUBLIC FUNCTIONS ========== *//**
* @notice Gets the current votes balance for `account`
* @param account The address to get votes balance
* @return The number of current votes for `account`
*/functiongetCurrentVotes(address account) externalviewreturns (uint96) {
uint32 nCheckpoints = numCheckpoints[account];
return nCheckpoints >0 ? checkpoints[account][nCheckpoints -1].votes : 0;
}
/**
* @notice Determine the prior number of votes for an account as of a block number
* @dev Block number must be a finalized block or else this function will revert to prevent misinformation.
* @param account The address of the account to check
* @param blockNumber The block number to get the vote balance at
* @return The number of votes the account had as of the given block
*/functiongetPriorVotes(address account, uint blockNumber) publicviewreturns (uint96) {
require(blockNumber <block.number, "FXS::getPriorVotes: not yet determined");
uint32 nCheckpoints = numCheckpoints[account];
if (nCheckpoints ==0) {
return0;
}
// First check most recent balanceif (checkpoints[account][nCheckpoints -1].fromBlock <= blockNumber) {
return checkpoints[account][nCheckpoints -1].votes;
}
// Next check implicit zero balanceif (checkpoints[account][0].fromBlock > blockNumber) {
return0;
}
uint32 lower =0;
uint32 upper = nCheckpoints -1;
while (upper > lower) {
uint32 center = upper - (upper - lower) /2; // ceil, avoiding overflow
Checkpoint memory cp = checkpoints[account][center];
if (cp.fromBlock == blockNumber) {
return cp.votes;
} elseif (cp.fromBlock < blockNumber) {
lower = center;
} else {
upper = center -1;
}
}
return checkpoints[account][lower].votes;
}
/* ========== INTERNAL FUNCTIONS ========== */// From compound's _moveDelegates// Keep track of votes. "Delegates" is a misnomer herefunctiontrackVotes(address srcRep, address dstRep, uint96 amount) internal{
if (srcRep != dstRep && amount >0) {
if (srcRep !=address(0)) {
uint32 srcRepNum = numCheckpoints[srcRep];
uint96 srcRepOld = srcRepNum >0 ? checkpoints[srcRep][srcRepNum -1].votes : 0;
uint96 srcRepNew = sub96(srcRepOld, amount, "FXS::_moveVotes: vote amount underflows");
_writeCheckpoint(srcRep, srcRepNum, srcRepOld, srcRepNew);
}
if (dstRep !=address(0)) {
uint32 dstRepNum = numCheckpoints[dstRep];
uint96 dstRepOld = dstRepNum >0 ? checkpoints[dstRep][dstRepNum -1].votes : 0;
uint96 dstRepNew = add96(dstRepOld, amount, "FXS::_moveVotes: vote amount overflows");
_writeCheckpoint(dstRep, dstRepNum, dstRepOld, dstRepNew);
}
}
}
function_writeCheckpoint(address voter, uint32 nCheckpoints, uint96 oldVotes, uint96 newVotes) internal{
uint32 blockNumber = safe32(block.number, "FXS::_writeCheckpoint: block number exceeds 32 bits");
if (nCheckpoints >0&& checkpoints[voter][nCheckpoints -1].fromBlock == blockNumber) {
checkpoints[voter][nCheckpoints -1].votes = newVotes;
} else {
checkpoints[voter][nCheckpoints] = Checkpoint(blockNumber, newVotes);
numCheckpoints[voter] = nCheckpoints +1;
}
emit VoterVotesChanged(voter, oldVotes, newVotes);
}
functionsafe32(uint n, stringmemory errorMessage) internalpurereturns (uint32) {
require(n <2**32, errorMessage);
returnuint32(n);
}
functionsafe96(uint n, stringmemory errorMessage) internalpurereturns (uint96) {
require(n <2**96, errorMessage);
returnuint96(n);
}
functionadd96(uint96 a, uint96 b, stringmemory errorMessage) internalpurereturns (uint96) {
uint96 c = a + b;
require(c >= a, errorMessage);
return c;
}
functionsub96(uint96 a, uint96 b, stringmemory errorMessage) internalpurereturns (uint96) {
require(b <= a, errorMessage);
return a - b;
}
functiongetChainId() internalpurereturns (uint) {
uint256 chainId;
assembly { chainId :=chainid() }
return chainId;
}
/* ========== EVENTS ========== *//// @notice An event thats emitted when a voters account's vote balance changeseventVoterVotesChanged(addressindexed voter, uint previousBalance, uint newBalance);
// Track FXS burnedeventFXSBurned(addressindexedfrom, addressindexed to, uint256 amount);
// Track FXS mintedeventFXSMinted(addressindexedfrom, addressindexed to, uint256 amount);
}
Contract Source Code
File 11 of 21: FixedPoint.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import'./Babylonian.sol';
// a library for handling binary fixed point numbers (https://en.wikipedia.org/wiki/Q_(number_format))libraryFixedPoint{
// range: [0, 2**112 - 1]// resolution: 1 / 2**112structuq112x112 {
uint224 _x;
}
// range: [0, 2**144 - 1]// resolution: 1 / 2**112structuq144x112 {
uint _x;
}
uint8privateconstant RESOLUTION =112;
uintprivateconstant Q112 =uint(1) << RESOLUTION;
uintprivateconstant Q224 = Q112 << RESOLUTION;
// encode a uint112 as a UQ112x112functionencode(uint112 x) internalpurereturns (uq112x112 memory) {
return uq112x112(uint224(x) << RESOLUTION);
}
// encodes a uint144 as a UQ144x112functionencode144(uint144 x) internalpurereturns (uq144x112 memory) {
return uq144x112(uint256(x) << RESOLUTION);
}
// divide a UQ112x112 by a uint112, returning a UQ112x112functiondiv(uq112x112 memoryself, uint112 x) internalpurereturns (uq112x112 memory) {
require(x !=0, 'FixedPoint: DIV_BY_ZERO');
return uq112x112(self._x /uint224(x));
}
// multiply a UQ112x112 by a uint, returning a UQ144x112// reverts on overflowfunctionmul(uq112x112 memoryself, uint y) internalpurereturns (uq144x112 memory) {
uint z;
require(y ==0|| (z =uint(self._x) * y) / y ==uint(self._x), "FixedPoint: MULTIPLICATION_OVERFLOW");
return uq144x112(z);
}
// returns a UQ112x112 which represents the ratio of the numerator to the denominator// equivalent to encode(numerator).div(denominator)functionfraction(uint112 numerator, uint112 denominator) internalpurereturns (uq112x112 memory) {
require(denominator >0, "FixedPoint: DIV_BY_ZERO");
return uq112x112((uint224(numerator) << RESOLUTION) / denominator);
}
// decode a UQ112x112 into a uint112 by truncating after the radix pointfunctiondecode(uq112x112 memoryself) internalpurereturns (uint112) {
returnuint112(self._x >> RESOLUTION);
}
// decode a UQ144x112 into a uint144 by truncating after the radix pointfunctiondecode144(uq144x112 memoryself) internalpurereturns (uint144) {
returnuint144(self._x >> RESOLUTION);
}
// take the reciprocal of a UQ112x112functionreciprocal(uq112x112 memoryself) internalpurereturns (uq112x112 memory) {
require(self._x !=0, 'FixedPoint: ZERO_RECIPROCAL');
return uq112x112(uint224(Q224 /self._x));
}
// square root of a UQ112x112functionsqrt(uq112x112 memoryself) internalpurereturns (uq112x112 memory) {
return uq112x112(uint224(Babylonian.sqrt(uint256(self._x)) <<56));
}
}
Contract Source Code
File 12 of 21: Frax.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;pragmaexperimentalABIEncoderV2;import"./Context.sol";
import"./IERC20.sol";
import"./ERC20Custom.sol";
import"./ERC20.sol";
import"./SafeMath.sol";
import"./FXS.sol";
import"./FraxPool.sol";
import"./UniswapPairOracle.sol";
import"./ChainlinkETHUSDPriceConsumer.sol";
import"./AccessControl.sol";
contractFRAXStablecoinisERC20Custom, AccessControl{
usingSafeMathforuint256;
/* ========== STATE VARIABLES ========== */enumPriceChoice { FRAX, FXS }
ChainlinkETHUSDPriceConsumer private eth_usd_pricer;
uint8private eth_usd_pricer_decimals;
UniswapPairOracle private fraxEthOracle;
UniswapPairOracle private fxsEthOracle;
stringpublic symbol;
stringpublic name;
uint8publicconstant decimals =18;
addresspublic owner_address;
addresspublic creator_address;
addresspublic timelock_address; // Governance timelock addressaddresspublic controller_address; // Controller contract to dynamically adjust system parameters automaticallyaddresspublic fxs_address;
addresspublic frax_eth_oracle_address;
addresspublic fxs_eth_oracle_address;
addresspublic weth_address;
addresspublic eth_usd_consumer_address;
uint256publicconstant genesis_supply =2000000e18; // 2M FRAX (only for testing, genesis supply will be 5k on Mainnet). This is to help with establishing the Uniswap pools, as they need liquidity// The addresses in this array are added by the oracle and these contracts are able to mint fraxaddress[] public frax_pools_array;
// Mapping is also used for faster verificationmapping(address=>bool) public frax_pools;
// Constants for various precisionsuint256privateconstant PRICE_PRECISION =1e6;
uint256public global_collateral_ratio; // 6 decimals of precision, e.g. 924102 = 0.924102uint256public redemption_fee; // 6 decimals of precision, divide by 1000000 in calculations for feeuint256public minting_fee; // 6 decimals of precision, divide by 1000000 in calculations for feeuint256public frax_step; // Amount to change the collateralization ratio by upon refreshCollateralRatio()uint256public refresh_cooldown; // Seconds to wait before being able to run refreshCollateralRatio() againuint256public price_target; // The price of FRAX at which the collateral ratio will respond to; this value is only used for the collateral ratio mechanism and not for minting and redeeming which are hardcoded at $1uint256public price_band; // The bound above and below the price target at which the refreshCollateralRatio() will not change the collateral ratioaddresspublic DEFAULT_ADMIN_ADDRESS;
bytes32publicconstant COLLATERAL_RATIO_PAUSER =keccak256("COLLATERAL_RATIO_PAUSER");
boolpublic collateral_ratio_paused =false;
/* ========== MODIFIERS ========== */modifieronlyCollateralRatioPauser() {
require(hasRole(COLLATERAL_RATIO_PAUSER, msg.sender));
_;
}
modifieronlyPools() {
require(frax_pools[msg.sender] ==true, "Only frax pools can call this function");
_;
}
modifieronlyByOwnerOrGovernance() {
require(msg.sender== owner_address ||msg.sender== timelock_address ||msg.sender== controller_address, "You are not the owner, controller, or the governance timelock");
_;
}
modifieronlyByOwnerGovernanceOrPool() {
require(
msg.sender== owner_address
||msg.sender== timelock_address
|| frax_pools[msg.sender] ==true,
"You are not the owner, the governance timelock, or a pool");
_;
}
/* ========== CONSTRUCTOR ========== */constructor(stringmemory _name,
stringmemory _symbol,
address _creator_address,
address _timelock_address
) public{
name = _name;
symbol = _symbol;
creator_address = _creator_address;
timelock_address = _timelock_address;
_setupRole(DEFAULT_ADMIN_ROLE, _msgSender());
DEFAULT_ADMIN_ADDRESS = _msgSender();
owner_address = _creator_address;
_mint(creator_address, genesis_supply);
grantRole(COLLATERAL_RATIO_PAUSER, creator_address);
grantRole(COLLATERAL_RATIO_PAUSER, timelock_address);
frax_step =2500; // 6 decimals of precision, equal to 0.25%
global_collateral_ratio =1000000; // Frax system starts off fully collateralized (6 decimals of precision)
refresh_cooldown =3600; // Refresh cooldown period is set to 1 hour (3600 seconds) at genesis
price_target =1000000; // Collateral ratio will adjust according to the $1 price target at genesis
price_band =5000; // Collateral ratio will not adjust if between $0.995 and $1.005 at genesis
}
/* ========== VIEWS ========== */// Choice = 'FRAX' or 'FXS' for nowfunctionoracle_price(PriceChoice choice) internalviewreturns (uint256) {
// Get the ETH / USD price first, and cut it down to 1e6 precisionuint256 eth_usd_price =uint256(eth_usd_pricer.getLatestPrice()).mul(PRICE_PRECISION).div(uint256(10) ** eth_usd_pricer_decimals);
uint256 price_vs_eth;
if (choice == PriceChoice.FRAX) {
price_vs_eth =uint256(fraxEthOracle.consult(weth_address, PRICE_PRECISION)); // How much FRAX if you put in PRICE_PRECISION WETH
}
elseif (choice == PriceChoice.FXS) {
price_vs_eth =uint256(fxsEthOracle.consult(weth_address, PRICE_PRECISION)); // How much FXS if you put in PRICE_PRECISION WETH
}
elserevert("INVALID PRICE CHOICE. Needs to be either 0 (FRAX) or 1 (FXS)");
// Will be in 1e6 formatreturn eth_usd_price.mul(PRICE_PRECISION).div(price_vs_eth);
}
// Returns X FRAX = 1 USDfunctionfrax_price() publicviewreturns (uint256) {
return oracle_price(PriceChoice.FRAX);
}
// Returns X FXS = 1 USDfunctionfxs_price() publicviewreturns (uint256) {
return oracle_price(PriceChoice.FXS);
}
functioneth_usd_price() publicviewreturns (uint256) {
returnuint256(eth_usd_pricer.getLatestPrice()).mul(PRICE_PRECISION).div(uint256(10) ** eth_usd_pricer_decimals);
}
// This is needed to avoid costly repeat calls to different getter functions// It is cheaper gas-wise to just dump everything and only use some of the infofunctionfrax_info() publicviewreturns (uint256, uint256, uint256, uint256, uint256, uint256, uint256, uint256) {
return (
oracle_price(PriceChoice.FRAX), // frax_price()
oracle_price(PriceChoice.FXS), // fxs_price()
totalSupply(), // totalSupply()
global_collateral_ratio, // global_collateral_ratio()
globalCollateralValue(), // globalCollateralValue
minting_fee, // minting_fee()
redemption_fee, // redemption_fee()uint256(eth_usd_pricer.getLatestPrice()).mul(PRICE_PRECISION).div(uint256(10) ** eth_usd_pricer_decimals) //eth_usd_price
);
}
// Iterate through all frax pools and calculate all value of collateral in all pools globally functionglobalCollateralValue() publicviewreturns (uint256) {
uint256 total_collateral_value_d18 =0;
for (uint i =0; i < frax_pools_array.length; i++){
// Exclude null addressesif (frax_pools_array[i] !=address(0)){
total_collateral_value_d18 = total_collateral_value_d18.add(FraxPool(frax_pools_array[i]).collatDollarBalance());
}
}
return total_collateral_value_d18;
}
/* ========== PUBLIC FUNCTIONS ========== */// There needs to be a time interval that this can be called. Otherwise it can be called multiple times per expansion.uint256public last_call_time; // Last time the refreshCollateralRatio function was calledfunctionrefreshCollateralRatio() public{
require(collateral_ratio_paused ==false, "Collateral Ratio has been paused");
uint256 frax_price_cur = frax_price();
require(block.timestamp- last_call_time >= refresh_cooldown, "Must wait for the refresh cooldown since last refresh");
// Step increments are 0.25% (upon genesis, changable by setFraxStep()) if (frax_price_cur > price_target.add(price_band)) { //decrease collateral ratioif(global_collateral_ratio <= frax_step){ //if within a step of 0, go to 0
global_collateral_ratio =0;
} else {
global_collateral_ratio = global_collateral_ratio.sub(frax_step);
}
} elseif (frax_price_cur < price_target.sub(price_band)) { //increase collateral ratioif(global_collateral_ratio.add(frax_step) >=1000000){
global_collateral_ratio =1000000; // cap collateral ratio at 1.000000
} else {
global_collateral_ratio = global_collateral_ratio.add(frax_step);
}
}
last_call_time =block.timestamp; // Set the time of the last expansion
}
/* ========== RESTRICTED FUNCTIONS ========== */// Used by pools when user redeemsfunctionpool_burn_from(address b_address, uint256 b_amount) publiconlyPools{
super._burnFrom(b_address, b_amount);
emit FRAXBurned(b_address, msg.sender, b_amount);
}
// This function is what other frax pools will call to mint new FRAX functionpool_mint(address m_address, uint256 m_amount) publiconlyPools{
super._mint(m_address, m_amount);
emit FRAXMinted(msg.sender, m_address, m_amount);
}
// Adds collateral addresses supported, such as tether and busd, must be ERC20 functionaddPool(address pool_address) publiconlyByOwnerOrGovernance{
require(frax_pools[pool_address] ==false, "address already exists");
frax_pools[pool_address] =true;
frax_pools_array.push(pool_address);
}
// Remove a pool functionremovePool(address pool_address) publiconlyByOwnerOrGovernance{
require(frax_pools[pool_address] ==true, "address doesn't exist already");
// Delete from the mappingdelete frax_pools[pool_address];
// 'Delete' from the array by setting the address to 0x0for (uint i =0; i < frax_pools_array.length; i++){
if (frax_pools_array[i] == pool_address) {
frax_pools_array[i] =address(0); // This will leave a null in the array and keep the indices the samebreak;
}
}
}
functionsetOwner(address _owner_address) externalonlyByOwnerOrGovernance{
owner_address = _owner_address;
}
functionsetRedemptionFee(uint256 red_fee) publiconlyByOwnerOrGovernance{
redemption_fee = red_fee;
}
functionsetMintingFee(uint256 min_fee) publiconlyByOwnerOrGovernance{
minting_fee = min_fee;
}
functionsetFraxStep(uint256 _new_step) publiconlyByOwnerOrGovernance{
frax_step = _new_step;
}
functionsetPriceTarget (uint256 _new_price_target) publiconlyByOwnerOrGovernance{
price_target = _new_price_target;
}
functionsetRefreshCooldown(uint256 _new_cooldown) publiconlyByOwnerOrGovernance{
refresh_cooldown = _new_cooldown;
}
functionsetFXSAddress(address _fxs_address) publiconlyByOwnerOrGovernance{
fxs_address = _fxs_address;
}
functionsetETHUSDOracle(address _eth_usd_consumer_address) publiconlyByOwnerOrGovernance{
eth_usd_consumer_address = _eth_usd_consumer_address;
eth_usd_pricer = ChainlinkETHUSDPriceConsumer(eth_usd_consumer_address);
eth_usd_pricer_decimals = eth_usd_pricer.getDecimals();
}
functionsetTimelock(address new_timelock) externalonlyByOwnerOrGovernance{
timelock_address = new_timelock;
}
functionsetController(address _controller_address) externalonlyByOwnerOrGovernance{
controller_address = _controller_address;
}
functionsetPriceBand(uint256 _price_band) externalonlyByOwnerOrGovernance{
price_band = _price_band;
}
// Sets the FRAX_ETH Uniswap oracle address functionsetFRAXEthOracle(address _frax_oracle_addr, address _weth_address) publiconlyByOwnerOrGovernance{
frax_eth_oracle_address = _frax_oracle_addr;
fraxEthOracle = UniswapPairOracle(_frax_oracle_addr);
weth_address = _weth_address;
}
// Sets the FXS_ETH Uniswap oracle address functionsetFXSEthOracle(address _fxs_oracle_addr, address _weth_address) publiconlyByOwnerOrGovernance{
fxs_eth_oracle_address = _fxs_oracle_addr;
fxsEthOracle = UniswapPairOracle(_fxs_oracle_addr);
weth_address = _weth_address;
}
functiontoggleCollateralRatio() publiconlyCollateralRatioPauser{
collateral_ratio_paused =!collateral_ratio_paused;
}
/* ========== EVENTS ========== */// Track FRAX burnedeventFRAXBurned(addressindexedfrom, addressindexed to, uint256 amount);
// Track FRAX mintedeventFRAXMinted(addressindexedfrom, addressindexed to, uint256 amount);
}
Contract Source Code
File 13 of 21: FraxPool.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;pragmaexperimentalABIEncoderV2;import"./SafeMath.sol";
import"./FXS.sol";
import"./Frax.sol";
import"./ERC20.sol";
// import '../../Uniswap/TransferHelper.sol';import"./UniswapPairOracle.sol";
import"./AccessControl.sol";
// import "../../Utils/StringHelpers.sol";import"./FraxPoolLibrary.sol";
/*
Same as FraxPool.sol, but has some gas optimizations
*/contractFraxPoolisAccessControl{
usingSafeMathforuint256;
/* ========== STATE VARIABLES ========== */
ERC20 private collateral_token;
addressprivate collateral_address;
addressprivate owner_address;
// address private oracle_address;addressprivate frax_contract_address;
addressprivate fxs_contract_address;
addressprivate timelock_address; // Timelock address for the governance contract
FRAXShares private FXS;
FRAXStablecoin private FRAX;
// UniswapPairOracle private oracle;
UniswapPairOracle private collatEthOracle;
addressprivate collat_eth_oracle_address;
addressprivate weth_address;
uint256private minting_fee;
uint256private redemption_fee;
mapping (address=>uint256) public redeemFXSBalances;
mapping (address=>uint256) public redeemCollateralBalances;
uint256public unclaimedPoolCollateral;
uint256public unclaimedPoolFXS;
mapping (address=>uint256) public lastRedeemed;
// Constants for various precisionsuint256privateconstant PRICE_PRECISION =1e6;
uint256privateconstant COLLATERAL_RATIO_PRECISION =1e6;
uint256privateconstant COLLATERAL_RATIO_MAX =1e6;
// Number of decimals needed to get to 18uint256private missing_decimals;
// Pool_ceiling is the total units of collateral that a pool contract can holduint256public pool_ceiling =0;
// Stores price of the collateral, if price is pauseduint256public pausedPrice =0;
// Bonus rate on FXS minted during recollateralizeFRAX(); 6 decimals of precision, set to 0.75% on genesisuint256public bonus_rate =7500;
// Number of blocks to wait before being able to collectRedemption()uint256public redemption_delay =1;
// AccessControl Rolesbytes32privateconstant MINT_PAUSER =keccak256("MINT_PAUSER");
bytes32privateconstant REDEEM_PAUSER =keccak256("REDEEM_PAUSER");
bytes32privateconstant BUYBACK_PAUSER =keccak256("BUYBACK_PAUSER");
bytes32privateconstant RECOLLATERALIZE_PAUSER =keccak256("RECOLLATERALIZE_PAUSER");
bytes32privateconstant COLLATERAL_PRICE_PAUSER =keccak256("COLLATERAL_PRICE_PAUSER");
// AccessControl state variablesboolprivate mintPaused =false;
boolprivate redeemPaused =false;
boolprivate recollateralizePaused =false;
boolprivate buyBackPaused =false;
boolprivate collateralPricePaused =false;
/* ========== MODIFIERS ========== */modifieronlyByOwnerOrGovernance() {
require(msg.sender== timelock_address ||msg.sender== owner_address, "You are not the owner or the governance timelock");
_;
}
modifiernotRedeemPaused() {
require(redeemPaused ==false, "Redeeming is paused");
_;
}
modifiernotMintPaused() {
require(mintPaused ==false, "Minting is paused");
_;
}
/* ========== CONSTRUCTOR ========== */constructor(address _frax_contract_address,
address _fxs_contract_address,
address _collateral_address,
address _creator_address,
address _timelock_address,
uint256 _pool_ceiling
) public{
FRAX = FRAXStablecoin(_frax_contract_address);
FXS = FRAXShares(_fxs_contract_address);
frax_contract_address = _frax_contract_address;
fxs_contract_address = _fxs_contract_address;
collateral_address = _collateral_address;
timelock_address = _timelock_address;
owner_address = _creator_address;
collateral_token = ERC20(_collateral_address);
pool_ceiling = _pool_ceiling;
missing_decimals =uint(18).sub(collateral_token.decimals());
_setupRole(DEFAULT_ADMIN_ROLE, _msgSender());
grantRole(MINT_PAUSER, timelock_address);
grantRole(REDEEM_PAUSER, timelock_address);
grantRole(RECOLLATERALIZE_PAUSER, timelock_address);
grantRole(BUYBACK_PAUSER, timelock_address);
grantRole(COLLATERAL_PRICE_PAUSER, timelock_address);
}
/* ========== VIEWS ========== */// Returns dollar value of collateral held in this Frax poolfunctioncollatDollarBalance() publicviewreturns (uint256) {
uint256 eth_usd_price = FRAX.eth_usd_price();
uint256 eth_collat_price = collatEthOracle.consult(weth_address, (PRICE_PRECISION * (10** missing_decimals)));
uint256 collat_usd_price = eth_usd_price.mul(PRICE_PRECISION).div(eth_collat_price);
return (collateral_token.balanceOf(address(this)).sub(unclaimedPoolCollateral)).mul(10** missing_decimals).mul(collat_usd_price).div(PRICE_PRECISION); //.mul(getCollateralPrice()).div(1e6);
}
// Returns the value of excess collateral held in this Frax pool, compared to what is needed to maintain the global collateral ratiofunctionavailableExcessCollatDV() publicviewreturns (uint256) {
uint256 total_supply = FRAX.totalSupply();
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
uint256 global_collat_value = FRAX.globalCollateralValue();
if (global_collateral_ratio > COLLATERAL_RATIO_PRECISION) global_collateral_ratio = COLLATERAL_RATIO_PRECISION; // Handles an overcollateralized contract with CR > 1uint256 required_collat_dollar_value_d18 = (total_supply.mul(global_collateral_ratio)).div(COLLATERAL_RATIO_PRECISION); // Calculates collateral needed to back each 1 FRAX with $1 of collateral at current collat ratioif (global_collat_value > required_collat_dollar_value_d18) return global_collat_value.sub(required_collat_dollar_value_d18);
elsereturn0;
}
/* ========== PUBLIC FUNCTIONS ========== */// Returns the price of the pool collateral in USDfunctiongetCollateralPrice() publicviewreturns (uint256) {
if(collateralPricePaused ==true){
return pausedPrice;
} else {
uint256 eth_usd_price = FRAX.eth_usd_price();
return eth_usd_price.mul(PRICE_PRECISION).div(collatEthOracle.consult(weth_address, PRICE_PRECISION * (10** missing_decimals)));
}
}
functionsetCollatETHOracle(address _collateral_weth_oracle_address, address _weth_address) externalonlyByOwnerOrGovernance{
collat_eth_oracle_address = _collateral_weth_oracle_address;
collatEthOracle = UniswapPairOracle(_collateral_weth_oracle_address);
weth_address = _weth_address;
}
// We separate out the 1t1, fractional and algorithmic minting functions for gas efficiency functionmint1t1FRAX(uint256 collateral_amount, uint256 FRAX_out_min) externalnotMintPaused{
uint256 collateral_amount_d18 = collateral_amount * (10** missing_decimals);
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
require(global_collateral_ratio >= COLLATERAL_RATIO_MAX, "Collateral ratio must be >= 1");
require((collateral_token.balanceOf(address(this))).sub(unclaimedPoolCollateral).add(collateral_amount) <= pool_ceiling, "[Pool's Closed]: Ceiling reached");
(uint256 frax_amount_d18) = FraxPoolLibrary.calcMint1t1FRAX(
getCollateralPrice(),
minting_fee,
collateral_amount_d18
); //1 FRAX for each $1 worth of collateralrequire(FRAX_out_min <= frax_amount_d18, "Slippage limit reached");
collateral_token.transferFrom(msg.sender, address(this), collateral_amount);
FRAX.pool_mint(msg.sender, frax_amount_d18);
}
// 0% collateral-backedfunctionmintAlgorithmicFRAX(uint256 fxs_amount_d18, uint256 FRAX_out_min) externalnotMintPaused{
uint256 fxs_price = FRAX.fxs_price();
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
require(global_collateral_ratio ==0, "Collateral ratio must be 0");
(uint256 frax_amount_d18) = FraxPoolLibrary.calcMintAlgorithmicFRAX(
minting_fee,
fxs_price, // X FXS / 1 USD
fxs_amount_d18
);
require(FRAX_out_min <= frax_amount_d18, "Slippage limit reached");
FXS.pool_burn_from(msg.sender, fxs_amount_d18);
FRAX.pool_mint(msg.sender, frax_amount_d18);
}
// Will fail if fully collateralized or fully algorithmic// > 0% and < 100% collateral-backedfunctionmintFractionalFRAX(uint256 collateral_amount, uint256 fxs_amount, uint256 FRAX_out_min) externalnotMintPaused{
uint256 frax_price = FRAX.frax_price();
uint256 fxs_price = FRAX.fxs_price();
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
require(global_collateral_ratio < COLLATERAL_RATIO_MAX && global_collateral_ratio >0, "Collateral ratio needs to be between .000001 and .999999");
require(collateral_token.balanceOf(address(this)).sub(unclaimedPoolCollateral).add(collateral_amount) <= pool_ceiling, "Pool ceiling reached, no more FRAX can be minted with this collateral");
uint256 collateral_amount_d18 = collateral_amount * (10** missing_decimals);
FraxPoolLibrary.MintFF_Params memory input_params = FraxPoolLibrary.MintFF_Params(
minting_fee,
fxs_price,
frax_price,
getCollateralPrice(),
fxs_amount,
collateral_amount_d18,
(collateral_token.balanceOf(address(this)).sub(unclaimedPoolCollateral)),
pool_ceiling,
global_collateral_ratio
);
(uint256 mint_amount, uint256 fxs_needed) = FraxPoolLibrary.calcMintFractionalFRAX(input_params);
require(FRAX_out_min <= mint_amount, "Slippage limit reached");
require(fxs_needed <= fxs_amount, "Not enough FXS inputted");
FXS.pool_burn_from(msg.sender, fxs_needed);
collateral_token.transferFrom(msg.sender, address(this), collateral_amount);
FRAX.pool_mint(msg.sender, mint_amount);
}
// Redeem collateral. 100% collateral-backedfunctionredeem1t1FRAX(uint256 FRAX_amount, uint256 COLLATERAL_out_min) externalnotRedeemPaused{
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
require(global_collateral_ratio == COLLATERAL_RATIO_MAX, "Collateral ratio must be == 1");
// Need to adjust for decimals of collateraluint256 FRAX_amount_precision = FRAX_amount.div(10** missing_decimals);
(uint256 collateral_needed) = FraxPoolLibrary.calcRedeem1t1FRAX(
getCollateralPrice(),
FRAX_amount_precision,
redemption_fee
);
require(collateral_needed <= collateral_token.balanceOf(address(this)).sub(unclaimedPoolCollateral), "Not enough collateral in pool");
redeemCollateralBalances[msg.sender] = redeemCollateralBalances[msg.sender].add(collateral_needed);
unclaimedPoolCollateral = unclaimedPoolCollateral.add(collateral_needed);
lastRedeemed[msg.sender] =block.number;
require(COLLATERAL_out_min <= collateral_needed, "Slippage limit reached");
// Move all external functions to the end
FRAX.pool_burn_from(msg.sender, FRAX_amount);
}
// Will fail if fully collateralized or algorithmic// Redeem FRAX for collateral and FXS. > 0% and < 100% collateral-backedfunctionredeemFractionalFRAX(uint256 FRAX_amount, uint256 FXS_out_min, uint256 COLLATERAL_out_min) externalnotRedeemPaused{
uint256 fxs_price = FRAX.fxs_price();
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
require(global_collateral_ratio < COLLATERAL_RATIO_MAX && global_collateral_ratio >0, "Collateral ratio needs to be between .000001 and .999999");
uint256 col_price_usd = getCollateralPrice();
uint256 FRAX_amount_post_fee = FRAX_amount.sub((FRAX_amount.mul(redemption_fee)).div(PRICE_PRECISION));
uint256 fxs_dollar_value_d18 = FRAX_amount_post_fee.sub(FRAX_amount_post_fee.mul(global_collateral_ratio).div(PRICE_PRECISION));
uint256 fxs_amount = fxs_dollar_value_d18.mul(PRICE_PRECISION).div(fxs_price);
// Need to adjust for decimals of collateraluint256 FRAX_amount_precision = FRAX_amount_post_fee.div(10** missing_decimals);
uint256 collateral_dollar_value = FRAX_amount_precision.mul(global_collateral_ratio).div(PRICE_PRECISION);
uint256 collateral_amount = collateral_dollar_value.mul(PRICE_PRECISION).div(col_price_usd);
redeemCollateralBalances[msg.sender] = redeemCollateralBalances[msg.sender].add(collateral_amount);
unclaimedPoolCollateral = unclaimedPoolCollateral.add(collateral_amount);
redeemFXSBalances[msg.sender] = redeemFXSBalances[msg.sender].add(fxs_amount);
unclaimedPoolFXS = unclaimedPoolFXS.add(fxs_amount);
lastRedeemed[msg.sender] =block.number;
require(collateral_amount <= collateral_token.balanceOf(address(this)).sub(unclaimedPoolCollateral), "Not enough collateral in pool");
require(COLLATERAL_out_min <= collateral_amount, "Slippage limit reached [collateral]");
require(FXS_out_min <= fxs_amount, "Slippage limit reached [FXS]");
// Move all external functions to the end
FRAX.pool_burn_from(msg.sender, FRAX_amount);
FXS.pool_mint(address(this), fxs_amount);
}
// Redeem FRAX for FXS. 0% collateral-backedfunctionredeemAlgorithmicFRAX(uint256 FRAX_amount, uint256 FXS_out_min) externalnotRedeemPaused{
uint256 fxs_price = FRAX.fxs_price();
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
require(global_collateral_ratio ==0, "Collateral ratio must be 0");
uint256 fxs_dollar_value_d18 = FRAX_amount;
fxs_dollar_value_d18 = fxs_dollar_value_d18.sub((fxs_dollar_value_d18.mul(redemption_fee)).div(PRICE_PRECISION)); //apply redemption feeuint256 fxs_amount = fxs_dollar_value_d18.mul(PRICE_PRECISION).div(fxs_price);
redeemFXSBalances[msg.sender] = redeemFXSBalances[msg.sender].add(fxs_amount);
unclaimedPoolFXS = unclaimedPoolFXS.add(fxs_amount);
lastRedeemed[msg.sender] =block.number;
require(FXS_out_min <= fxs_amount, "Slippage limit reached");
// Move all external functions to the end
FRAX.pool_burn_from(msg.sender, FRAX_amount);
FXS.pool_mint(address(this), fxs_amount);
}
// After a redemption happens, transfer the newly minted FXS and owed collateral from this pool// contract to the user. Redemption is split into two functions to prevent flash loans from being able// to take out FRAX/collateral from the system, use an AMM to trade the new price, and then mint back into the system.functioncollectRedemption() external{
require((lastRedeemed[msg.sender].add(redemption_delay)) <=block.number, "Must wait for redemption_delay blocks before collecting redemption");
bool sendFXS =false;
bool sendCollateral =false;
uint FXSAmount;
uint CollateralAmount;
// Use Checks-Effects-Interactions patternif(redeemFXSBalances[msg.sender] >0){
FXSAmount = redeemFXSBalances[msg.sender];
redeemFXSBalances[msg.sender] =0;
unclaimedPoolFXS = unclaimedPoolFXS.sub(FXSAmount);
sendFXS =true;
}
if(redeemCollateralBalances[msg.sender] >0){
CollateralAmount = redeemCollateralBalances[msg.sender];
redeemCollateralBalances[msg.sender] =0;
unclaimedPoolCollateral = unclaimedPoolCollateral.sub(CollateralAmount);
sendCollateral =true;
}
if(sendFXS ==true){
FXS.transfer(msg.sender, FXSAmount);
}
if(sendCollateral ==true){
collateral_token.transfer(msg.sender, CollateralAmount);
}
}
// When the protocol is recollateralizing, we need to give a discount of FXS to hit the new CR target// Thus, if the target collateral ratio is higher than the actual value of collateral, minters get FXS for adding collateral// This function simply rewards anyone that sends collateral to a pool with the same amount of FXS + the bonus rate// Anyone can call this function to recollateralize the protocol and take the extra FXS value from the bonus rate as an arb opportunityfunctionrecollateralizeFRAX(uint256 collateral_amount, uint256 FXS_out_min) external{
require(recollateralizePaused ==false, "Recollateralize is paused");
uint256 collateral_amount_d18 = collateral_amount * (10** missing_decimals);
uint256 fxs_price = FRAX.fxs_price();
uint256 frax_total_supply = FRAX.totalSupply();
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
uint256 global_collat_value = FRAX.globalCollateralValue();
(uint256 collateral_units, uint256 amount_to_recollat) = FraxPoolLibrary.calcRecollateralizeFRAXInner(
collateral_amount_d18,
getCollateralPrice(),
global_collat_value,
frax_total_supply,
global_collateral_ratio
);
uint256 collateral_units_precision = collateral_units.div(10** missing_decimals);
uint256 fxs_paid_back = amount_to_recollat.mul(uint(1e6).add(bonus_rate)).div(fxs_price);
require(FXS_out_min <= fxs_paid_back, "Slippage limit reached");
collateral_token.transferFrom(msg.sender, address(this), collateral_units_precision);
FXS.pool_mint(msg.sender, fxs_paid_back);
}
// Function can be called by an FXS holder to have the protocol buy back FXS with excess collateral value from a desired collateral pool// This can also happen if the collateral ratio > 1functionbuyBackFXS(uint256 FXS_amount, uint256 COLLATERAL_out_min) external{
require(buyBackPaused ==false, "Buyback is paused");
uint256 fxs_price = FRAX.fxs_price();
FraxPoolLibrary.BuybackFXS_Params memory input_params = FraxPoolLibrary.BuybackFXS_Params(
availableExcessCollatDV(),
fxs_price,
getCollateralPrice(),
FXS_amount
);
(uint256 collateral_equivalent_d18) = FraxPoolLibrary.calcBuyBackFXS(input_params);
uint256 collateral_precision = collateral_equivalent_d18.div(10** missing_decimals);
require(COLLATERAL_out_min <= collateral_precision, "Slippage limit reached");
// Give the sender their desired collateral and burn the FXS
FXS.pool_burn_from(msg.sender, FXS_amount);
collateral_token.transfer(msg.sender, collateral_precision);
}
/* ========== RESTRICTED FUNCTIONS ========== */functiontoggleMinting() external{
require(hasRole(MINT_PAUSER, msg.sender));
mintPaused =!mintPaused;
}
functiontoggleRedeeming() external{
require(hasRole(REDEEM_PAUSER, msg.sender));
redeemPaused =!redeemPaused;
}
functiontoggleRecollateralize() external{
require(hasRole(RECOLLATERALIZE_PAUSER, msg.sender));
recollateralizePaused =!recollateralizePaused;
}
functiontoggleBuyBack() external{
require(hasRole(BUYBACK_PAUSER, msg.sender));
buyBackPaused =!buyBackPaused;
}
functiontoggleCollateralPrice() external{
require(hasRole(COLLATERAL_PRICE_PAUSER, msg.sender));
// If pausing, set paused price; else if unpausing, clear pausedPriceif(collateralPricePaused ==false){
pausedPrice = getCollateralPrice();
} else {
pausedPrice =0;
}
collateralPricePaused =!collateralPricePaused;
}
// Combined into one function due to 24KiB contract memory limitfunctionsetPoolParameters(uint256 new_ceiling, uint256 new_bonus_rate, uint256 new_redemption_delay) externalonlyByOwnerOrGovernance{
pool_ceiling = new_ceiling;
bonus_rate = new_bonus_rate;
redemption_delay = new_redemption_delay;
minting_fee = FRAX.minting_fee();
redemption_fee = FRAX.redemption_fee();
}
functionsetTimelock(address new_timelock) externalonlyByOwnerOrGovernance{
timelock_address = new_timelock;
}
functionsetOwner(address _owner_address) externalonlyByOwnerOrGovernance{
owner_address = _owner_address;
}
/* ========== EVENTS ========== */
}
Contract Source Code
File 14 of 21: FraxPoolLibrary.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.6.0;pragmaexperimentalABIEncoderV2;import"./SafeMath.sol";
libraryFraxPoolLibrary{
usingSafeMathforuint256;
// Constants for various precisionsuint256privateconstant PRICE_PRECISION =1e6;
// ================ Structs ================// Needed to lower stack sizestructMintFF_Params {
uint256 mint_fee;
uint256 fxs_price_usd;
uint256 frax_price_usd;
uint256 col_price_usd;
uint256 fxs_amount;
uint256 collateral_amount;
uint256 collateral_token_balance;
uint256 pool_ceiling;
uint256 col_ratio;
}
structBuybackFXS_Params {
uint256 excess_collateral_dollar_value_d18;
uint256 fxs_price_usd;
uint256 col_price_usd;
uint256 FXS_amount;
}
// ================ Functions ================functioncalcMint1t1FRAX(uint256 col_price, uint256 mint_fee, uint256 collateral_amount_d18) publicpurereturns (uint256) {
uint256 col_price_usd = col_price;
uint256 c_dollar_value_d18 = (collateral_amount_d18.mul(col_price_usd)).div(1e6);
return c_dollar_value_d18.sub((c_dollar_value_d18.mul(mint_fee)).div(1e6));
}
functioncalcMintAlgorithmicFRAX(uint256 mint_fee, uint256 fxs_price_usd, uint256 fxs_amount_d18) publicpurereturns (uint256) {
uint256 fxs_dollar_value_d18 = fxs_amount_d18.mul(fxs_price_usd).div(1e6);
return fxs_dollar_value_d18.sub((fxs_dollar_value_d18.mul(mint_fee)).div(1e6));
}
// Must be internal because of the structfunctioncalcMintFractionalFRAX(MintFF_Params memory params) internalpurereturns (uint256, uint256) {
// Since solidity truncates division, every division operation must be the last operation in the equation to ensure minimum error// The contract must check the proper ratio was sent to mint FRAX. We do this by seeing the minimum mintable FRAX based on each amount uint256 fxs_dollar_value_d18;
uint256 c_dollar_value_d18;
// Scoping for stack concerns
{
// USD amounts of the collateral and the FXS
fxs_dollar_value_d18 = params.fxs_amount.mul(params.fxs_price_usd).div(1e6);
c_dollar_value_d18 = params.collateral_amount.mul(params.col_price_usd).div(1e6);
}
uint calculated_fxs_dollar_value_d18 =
(c_dollar_value_d18.mul(1e6).div(params.col_ratio))
.sub(c_dollar_value_d18);
uint calculated_fxs_needed = calculated_fxs_dollar_value_d18.mul(1e6).div(params.fxs_price_usd);
return (
(c_dollar_value_d18.add(calculated_fxs_dollar_value_d18)).sub(((c_dollar_value_d18.add(calculated_fxs_dollar_value_d18)).mul(params.mint_fee)).div(1e6)),
calculated_fxs_needed
);
}
functioncalcRedeem1t1FRAX(uint256 col_price_usd, uint256 FRAX_amount, uint256 redemption_fee) publicpurereturns (uint256) {
uint256 collateral_needed_d18 = FRAX_amount.mul(1e6).div(col_price_usd);
return collateral_needed_d18.sub((collateral_needed_d18.mul(redemption_fee)).div(1e6));
}
// Must be internal because of the structfunctioncalcBuyBackFXS(BuybackFXS_Params memory params) internalpurereturns (uint256) {
// If the total collateral value is higher than the amount required at the current collateral ratio then buy back up to the possible FXS with the desired collateralrequire(params.excess_collateral_dollar_value_d18 >0, "No excess collateral to buy back!");
// Make sure not to take more than is availableuint256 fxs_dollar_value_d18 = params.FXS_amount.mul(params.fxs_price_usd).div(1e6);
require(fxs_dollar_value_d18 <= params.excess_collateral_dollar_value_d18, "You are trying to buy back more than the excess!");
// Get the equivalent amount of collateral based on the market value of FXS provided uint256 collateral_equivalent_d18 = fxs_dollar_value_d18.mul(1e6).div(params.col_price_usd);
//collateral_equivalent_d18 = collateral_equivalent_d18.sub((collateral_equivalent_d18.mul(params.buyback_fee)).div(1e6));return (
collateral_equivalent_d18
);
}
// Returns value of collateral that must increase to reach recollateralization target (if 0 means no recollateralization)functionrecollateralizeAmount(uint256 total_supply, uint256 global_collateral_ratio, uint256 global_collat_value) publicpurereturns (uint256) {
uint256 target_collat_value = total_supply.mul(global_collateral_ratio).div(1e6); // We want 18 decimals of precision so divide by 1e6; total_supply is 1e18 and global_collateral_ratio is 1e6// Subtract the current value of collateral from the target value needed, if higher than 0 then system needs to recollateralizeuint256 recollateralization_left = target_collat_value.sub(global_collat_value); // If recollateralization is not needed, throws a subtraction underflowreturn(recollateralization_left);
}
functioncalcRecollateralizeFRAXInner(uint256 collateral_amount,
uint256 col_price,
uint256 global_collat_value,
uint256 frax_total_supply,
uint256 global_collateral_ratio
) publicpurereturns (uint256, uint256) {
uint256 collat_value_attempted = collateral_amount.mul(col_price).div(1e6);
uint256 effective_collateral_ratio = global_collat_value.mul(1e6).div(frax_total_supply); //returns it in 1e6uint256 recollat_possible = (global_collateral_ratio.mul(frax_total_supply).sub(frax_total_supply.mul(effective_collateral_ratio))).div(1e6);
uint256 amount_to_recollat;
if(collat_value_attempted <= recollat_possible){
amount_to_recollat = collat_value_attempted;
} else {
amount_to_recollat = recollat_possible;
}
return (amount_to_recollat.mul(1e6).div(col_price), amount_to_recollat);
}
}
Contract Source Code
File 15 of 21: IERC20.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import"./Context.sol";
import"./SafeMath.sol";
/**
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include
* the optional functions; to access them see {ERC20Detailed}.
*/interfaceIERC20{
/**
* @dev Returns the amount of tokens in existence.
*/functiontotalSupply() externalviewreturns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/functionbalanceOf(address account) externalviewreturns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransfer(address recipient, uint256 amount) externalreturns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/functionallowance(address owner, address spender) externalviewreturns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/functionapprove(address spender, uint256 amount) externalreturns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransferFrom(address sender, address recipient, uint256 amount) externalreturns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/eventTransfer(addressindexedfrom, addressindexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/eventApproval(addressindexed owner, addressindexed spender, uint256 value);
}
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/librarySafeMath{
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/functionadd(uint256 a, uint256 b) internalpurereturns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/functionsub(uint256 a, uint256 b) internalpurereturns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*
* _Available since v2.4.0._
*/functionsub(uint256 a, uint256 b, stringmemory errorMessage) internalpurereturns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/functionmul(uint256 a, uint256 b) internalpurereturns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the// benefit is lost if 'b' is also tested.// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522if (a ==0) {
return0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/functiondiv(uint256 a, uint256 b) internalpurereturns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/functiondiv(uint256 a, uint256 b, stringmemory errorMessage) internalpurereturns (uint256) {
// Solidity only automatically asserts when dividing by 0require(b >0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't holdreturn c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/functionmod(uint256 a, uint256 b) internalpurereturns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/functionmod(uint256 a, uint256 b, stringmemory errorMessage) internalpurereturns (uint256) {
require(b !=0, errorMessage);
return a % b;
}
}
Contract Source Code
File 19 of 21: UniswapPairOracle.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import'./IUniswapV2Factory.sol';
import'./IUniswapV2Pair.sol';
import'./FixedPoint.sol';
import'./UniswapV2OracleLibrary.sol';
import'./UniswapV2Library.sol';
// Fixed window oracle that recomputes the average price for the entire period once every period// Note that the price average is only guaranteed to be over at least 1 period, but may be over a longer periodcontractUniswapPairOracle{
usingFixedPointfor*;
address owner_address;
address timelock_address;
uintpublic PERIOD =3600; // 1 hour TWAP (time-weighted average price)
IUniswapV2Pair publicimmutable pair;
addresspublicimmutable token0;
addresspublicimmutable token1;
uintpublic price0CumulativeLast;
uintpublic price1CumulativeLast;
uint32public blockTimestampLast;
FixedPoint.uq112x112 public price0Average;
FixedPoint.uq112x112 public price1Average;
modifieronlyByOwnerOrGovernance() {
require(msg.sender== owner_address ||msg.sender== timelock_address, "You are not an owner or the governance timelock");
_;
}
constructor(address factory, address tokenA, address tokenB, address _owner_address, address _timelock_address) public{
IUniswapV2Pair _pair = IUniswapV2Pair(UniswapV2Library.pairFor(factory, tokenA, tokenB));
pair = _pair;
token0 = _pair.token0();
token1 = _pair.token1();
price0CumulativeLast = _pair.price0CumulativeLast(); // Fetch the current accumulated price value (1 / 0)
price1CumulativeLast = _pair.price1CumulativeLast(); // Fetch the current accumulated price value (0 / 1)uint112 reserve0;
uint112 reserve1;
(reserve0, reserve1, blockTimestampLast) = _pair.getReserves();
require(reserve0 !=0&& reserve1 !=0, 'UniswapPairOracle: NO_RESERVES'); // Ensure that there's liquidity in the pair
owner_address = _owner_address;
timelock_address = _timelock_address;
}
functionsetOwner(address _owner_address) externalonlyByOwnerOrGovernance{
owner_address = _owner_address;
}
functionsetTimelock(address _timelock_address) externalonlyByOwnerOrGovernance{
timelock_address = _timelock_address;
}
functionsetPeriod(uint _period) externalonlyByOwnerOrGovernance{
PERIOD = _period;
}
functionupdate() external{
(uint price0Cumulative, uint price1Cumulative, uint32 blockTimestamp) =
UniswapV2OracleLibrary.currentCumulativePrices(address(pair));
uint32 timeElapsed = blockTimestamp - blockTimestampLast; // Overflow is desired// Ensure that at least one full period has passed since the last updaterequire(timeElapsed >= PERIOD, 'UniswapPairOracle: PERIOD_NOT_ELAPSED');
// Overflow is desired, casting never truncates// Cumulative price is in (uq112x112 price * seconds) units so we simply wrap it after division by time elapsed
price0Average = FixedPoint.uq112x112(uint224((price0Cumulative - price0CumulativeLast) / timeElapsed));
price1Average = FixedPoint.uq112x112(uint224((price1Cumulative - price1CumulativeLast) / timeElapsed));
price0CumulativeLast = price0Cumulative;
price1CumulativeLast = price1Cumulative;
blockTimestampLast = blockTimestamp;
}
// Note this will always return 0 before update has been called successfully for the first time.functionconsult(address token, uint amountIn) externalviewreturns (uint amountOut) {
if (token == token0) {
amountOut = price0Average.mul(amountIn).decode144();
} else {
require(token == token1, 'UniswapPairOracle: INVALID_TOKEN');
amountOut = price1Average.mul(amountIn).decode144();
}
}
}
Contract Source Code
File 20 of 21: UniswapV2Library.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import'./IUniswapV2Pair.sol';
import'./IUniswapV2Factory.sol';
import"./SafeMath.sol";
libraryUniswapV2Library{
usingSafeMathforuint;
// returns sorted token addresses, used to handle return values from pairs sorted in this orderfunctionsortTokens(address tokenA, address tokenB) internalpurereturns (address token0, address token1) {
require(tokenA != tokenB, 'UniswapV2Library: IDENTICAL_ADDRESSES');
(token0, token1) = tokenA < tokenB ? (tokenA, tokenB) : (tokenB, tokenA);
require(token0 !=address(0), 'UniswapV2Library: ZERO_ADDRESS');
}
// Less efficient than the CREATE2 method belowfunctionpairFor(address factory, address tokenA, address tokenB) internalviewreturns (address pair) {
(address token0, address token1) = sortTokens(tokenA, tokenB);
pair = IUniswapV2Factory(factory).getPair(token0, token1);
}
// calculates the CREATE2 address for a pair without making any external callsfunctionpairForCreate2(address factory, address tokenA, address tokenB) internalpurereturns (address pair) {
(address token0, address token1) = sortTokens(tokenA, tokenB);
pair =address(uint(keccak256(abi.encodePacked(
hex'ff',
factory,
keccak256(abi.encodePacked(token0, token1)),
hex'96e8ac4277198ff8b6f785478aa9a39f403cb768dd02cbee326c3e7da348845f'// init code hash
)))); // this matches the CREATE2 in UniswapV2Factory.createPair
}
// fetches and sorts the reserves for a pairfunctiongetReserves(address factory, address tokenA, address tokenB) internalviewreturns (uint reserveA, uint reserveB) {
(address token0,) = sortTokens(tokenA, tokenB);
(uint reserve0, uint reserve1,) = IUniswapV2Pair(pairFor(factory, tokenA, tokenB)).getReserves();
(reserveA, reserveB) = tokenA == token0 ? (reserve0, reserve1) : (reserve1, reserve0);
}
// given some amount of an asset and pair reserves, returns an equivalent amount of the other assetfunctionquote(uint amountA, uint reserveA, uint reserveB) internalpurereturns (uint amountB) {
require(amountA >0, 'UniswapV2Library: INSUFFICIENT_AMOUNT');
require(reserveA >0&& reserveB >0, 'UniswapV2Library: INSUFFICIENT_LIQUIDITY');
amountB = amountA.mul(reserveB) / reserveA;
}
// given an input amount of an asset and pair reserves, returns the maximum output amount of the other assetfunctiongetAmountOut(uint amountIn, uint reserveIn, uint reserveOut) internalpurereturns (uint amountOut) {
require(amountIn >0, 'UniswapV2Library: INSUFFICIENT_INPUT_AMOUNT');
require(reserveIn >0&& reserveOut >0, 'UniswapV2Library: INSUFFICIENT_LIQUIDITY');
uint amountInWithFee = amountIn.mul(997);
uint numerator = amountInWithFee.mul(reserveOut);
uint denominator = reserveIn.mul(1000).add(amountInWithFee);
amountOut = numerator / denominator;
}
// given an output amount of an asset and pair reserves, returns a required input amount of the other assetfunctiongetAmountIn(uint amountOut, uint reserveIn, uint reserveOut) internalpurereturns (uint amountIn) {
require(amountOut >0, 'UniswapV2Library: INSUFFICIENT_OUTPUT_AMOUNT');
require(reserveIn >0&& reserveOut >0, 'UniswapV2Library: INSUFFICIENT_LIQUIDITY');
uint numerator = reserveIn.mul(amountOut).mul(1000);
uint denominator = reserveOut.sub(amountOut).mul(997);
amountIn = (numerator / denominator).add(1);
}
// performs chained getAmountOut calculations on any number of pairsfunctiongetAmountsOut(address factory, uint amountIn, address[] memory path) internalviewreturns (uint[] memory amounts) {
require(path.length>=2, 'UniswapV2Library: INVALID_PATH');
amounts =newuint[](path.length);
amounts[0] = amountIn;
for (uint i; i < path.length-1; i++) {
(uint reserveIn, uint reserveOut) = getReserves(factory, path[i], path[i +1]);
amounts[i +1] = getAmountOut(amounts[i], reserveIn, reserveOut);
}
}
// performs chained getAmountIn calculations on any number of pairsfunctiongetAmountsIn(address factory, uint amountOut, address[] memory path) internalviewreturns (uint[] memory amounts) {
require(path.length>=2, 'UniswapV2Library: INVALID_PATH');
amounts =newuint[](path.length);
amounts[amounts.length-1] = amountOut;
for (uint i = path.length-1; i >0; i--) {
(uint reserveIn, uint reserveOut) = getReserves(factory, path[i -1], path[i]);
amounts[i -1] = getAmountIn(amounts[i], reserveIn, reserveOut);
}
}
}
Contract Source Code
File 21 of 21: UniswapV2OracleLibrary.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import'./IUniswapV2Pair.sol';
import'./FixedPoint.sol';
// library with helper methods for oracles that are concerned with computing average priceslibraryUniswapV2OracleLibrary{
usingFixedPointfor*;
// helper function that returns the current block timestamp within the range of uint32, i.e. [0, 2**32 - 1]functioncurrentBlockTimestamp() internalviewreturns (uint32) {
returnuint32(block.timestamp%2**32);
}
// produces the cumulative price using counterfactuals to save gas and avoid a call to sync.functioncurrentCumulativePrices(address pair
) internalviewreturns (uint price0Cumulative, uint price1Cumulative, uint32 blockTimestamp) {
blockTimestamp = currentBlockTimestamp();
price0Cumulative = IUniswapV2Pair(pair).price0CumulativeLast();
price1Cumulative = IUniswapV2Pair(pair).price1CumulativeLast();
// if time has elapsed since the last update on the pair, mock the accumulated price values
(uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast) = IUniswapV2Pair(pair).getReserves();
if (blockTimestampLast != blockTimestamp) {
// subtraction overflow is desireduint32 timeElapsed = blockTimestamp - blockTimestampLast;
// addition overflow is desired// counterfactual
price0Cumulative +=uint(FixedPoint.fraction(reserve1, reserve0)._x) * timeElapsed;
// counterfactual
price1Cumulative +=uint(FixedPoint.fraction(reserve0, reserve1)._x) * timeElapsed;
}
}
}
