// File: contracts/libs/common/ZeroCopySource.sol
// SPDX-License-Identifier: MIT
pragma solidity 0.6.12;
/**
* @dev Wrappers over decoding and deserialization operation from bytes into bassic types in Solidity for PolyNetwork cross chain utility.
*
* Decode into basic types in Solidity from bytes easily. It's designed to be used
* for PolyNetwork cross chain application, and the decoding rules on Ethereum chain
* and the encoding rule on other chains should be consistent, and . Here we
* follow the underlying deserialization rule with implementation found here:
* https://github.com/polynetwork/poly/blob/master/common/zero_copy_source.go
*
* Using this library instead of the unchecked serialization method can help reduce
* the risk of serious bugs and handfule, so it's recommended to use it.
*
* Please note that risk can be minimized, yet not eliminated.
*/
library ZeroCopySource {
/* @notice Read next byte as boolean type starting at offset from buff
* @param buff Source bytes array
* @param offset The position from where we read the boolean value
* @return The the read boolean value and new offset
*/
function NextBool(bytes memory buff, uint256 offset) internal pure returns(bool, uint256) {
require(offset + 1 <= buff.length && offset < offset + 1, "Offset exceeds limit");
// byte === bytes1
byte v;
assembly{
v := mload(add(add(buff, 0x20), offset))
}
bool value;
if (v == 0x01) {
value = true;
} else if (v == 0x00) {
value = false;
} else {
revert("NextBool value error");
}
return (value, offset + 1);
}
/* @notice Read next byte starting at offset from buff
* @param buff Source bytes array
* @param offset The position from where we read the byte value
* @return The read byte value and new offset
*/
function NextByte(bytes memory buff, uint256 offset) internal pure returns (byte, uint256) {
require(offset + 1 <= buff.length && offset < offset + 1, "NextByte, Offset exceeds maximum");
byte v;
assembly{
v := mload(add(add(buff, 0x20), offset))
}
return (v, offset + 1);
}
/* @notice Read next byte as uint8 starting at offset from buff
* @param buff Source bytes array
* @param offset The position from where we read the byte value
* @return The read uint8 value and new offset
*/
function NextUint8(bytes memory buff, uint256 offset) internal pure returns (uint8, uint256) {
require(offset + 1 <= buff.length && offset < offset + 1, "NextUint8, Offset exceeds maximum");
uint8 v;
assembly{
let tmpbytes := mload(0x40)
let bvalue := mload(add(add(buff, 0x20), offset))
mstore8(tmpbytes, byte(0, bvalue))
mstore(0x40, add(tmpbytes, 0x01))
v := mload(sub(tmpbytes, 0x1f))
}
return (v, offset + 1);
}
/* @notice Read next two bytes as uint16 type starting from offset
* @param buff Source bytes array
* @param offset The position from where we read the uint16 value
* @return The read uint16 value and updated offset
*/
function NextUint16(bytes memory buff, uint256 offset) internal pure returns (uint16, uint256) {
require(offset + 2 <= buff.length && offset < offset + 2, "NextUint16, offset exceeds maximum");
uint16 v;
assembly {
let tmpbytes := mload(0x40)
let bvalue := mload(add(add(buff, 0x20), offset))
mstore8(tmpbytes, byte(0x01, bvalue))
mstore8(add(tmpbytes, 0x01), byte(0, bvalue))
mstore(0x40, add(tmpbytes, 0x02))
v := mload(sub(tmpbytes, 0x1e))
}
return (v, offset + 2);
}
/* @notice Read next four bytes as uint32 type starting from offset
* @param buff Source bytes array
* @param offset The position from where we read the uint32 value
* @return The read uint32 value and updated offset
*/
function NextUint32(bytes memory buff, uint256 offset) internal pure returns (uint32, uint256) {
require(offset + 4 <= buff.length && offset < offset + 4, "NextUint32, offset exceeds maximum");
uint32 v;
assembly {
let tmpbytes := mload(0x40)
let byteLen := 0x04
for {
let tindex := 0x00
let bindex := sub(byteLen, 0x01)
let bvalue := mload(add(add(buff, 0x20), offset))
} lt(tindex, byteLen) {
tindex := add(tindex, 0x01)
bindex := sub(bindex, 0x01)
}{
mstore8(add(tmpbytes, tindex), byte(bindex, bvalue))
}
mstore(0x40, add(tmpbytes, byteLen))
v := mload(sub(tmpbytes, sub(0x20, byteLen)))
}
return (v, offset + 4);
}
/* @notice Read next eight bytes as uint64 type starting from offset
* @param buff Source bytes array
* @param offset The position from where we read the uint64 value
* @return The read uint64 value and updated offset
*/
function NextUint64(bytes memory buff, uint256 offset) internal pure returns (uint64, uint256) {
require(offset + 8 <= buff.length && offset < offset + 8, "NextUint64, offset exceeds maximum");
uint64 v;
assembly {
let tmpbytes := mload(0x40)
let byteLen := 0x08
for {
let tindex := 0x00
let bindex := sub(byteLen, 0x01)
let bvalue := mload(add(add(buff, 0x20), offset))
} lt(tindex, byteLen) {
tindex := add(tindex, 0x01)
bindex := sub(bindex, 0x01)
}{
mstore8(add(tmpbytes, tindex), byte(bindex, bvalue))
}
mstore(0x40, add(tmpbytes, byteLen))
v := mload(sub(tmpbytes, sub(0x20, byteLen)))
}
return (v, offset + 8);
}
/* @notice Read next 32 bytes as uint256 type starting from offset,
there are limits considering the numerical limits in multi-chain
* @param buff Source bytes array
* @param offset The position from where we read the uint256 value
* @return The read uint256 value and updated offset
*/
function NextUint255(bytes memory buff, uint256 offset) internal pure returns (uint256, uint256) {
require(offset + 32 <= buff.length && offset < offset + 32, "NextUint255, offset exceeds maximum");
uint256 v;
assembly {
let tmpbytes := mload(0x40)
let byteLen := 0x20
for {
let tindex := 0x00
let bindex := sub(byteLen, 0x01)
let bvalue := mload(add(add(buff, 0x20), offset))
} lt(tindex, byteLen) {
tindex := add(tindex, 0x01)
bindex := sub(bindex, 0x01)
}{
mstore8(add(tmpbytes, tindex), byte(bindex, bvalue))
}
mstore(0x40, add(tmpbytes, byteLen))
v := mload(tmpbytes)
}
require(v <= 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff, "Value exceeds the range");
return (v, offset + 32);
}
/* @notice Read next variable bytes starting from offset,
the decoding rule coming from multi-chain
* @param buff Source bytes array
* @param offset The position from where we read the bytes value
* @return The read variable bytes array value and updated offset
*/
function NextVarBytes(bytes memory buff, uint256 offset) internal pure returns(bytes memory, uint256) {
uint len;
(len, offset) = NextVarUint(buff, offset);
require(offset + len <= buff.length && offset < offset + len, "NextVarBytes, offset exceeds maximum");
bytes memory tempBytes;
assembly{
switch iszero(len)
case 0 {
// Get a location of some free memory and store it in tempBytes as
// Solidity does for memory variables.
tempBytes := mload(0x40)
// The first word of the slice result is potentially a partial
// word read from the original array. To read it, we calculate
// the length of that partial word and start copying that many
// bytes into the array. The first word we copy will start with
// data we don't care about, but the last `lengthmod` bytes will
// land at the beginning of the contents of the new array. When
// we're done copying, we overwrite the full first word with
// the actual length of the slice.
let lengthmod := and(len, 31)
// The multiplication in the next line is necessary
// because when slicing multiples of 32 bytes (lengthmod == 0)
// the following copy loop was copying the origin's length
// and then ending prematurely not copying everything it should.
let mc := add(add(tempBytes, lengthmod), mul(0x20, iszero(lengthmod)))
let end := add(mc, len)
for {
// The multiplication in the next line has the same exact purpose
// as the one above.
let cc := add(add(add(buff, lengthmod), mul(0x20, iszero(lengthmod))), offset)
} lt(mc, end) {
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
mstore(mc, mload(cc))
}
mstore(tempBytes, len)
//update free-memory pointer
//allocating the array padded to 32 bytes like the compiler does now
mstore(0x40, and(add(mc, 31), not(31)))
}
//if we want a zero-length slice let's just return a zero-length array
default {
tempBytes := mload(0x40)
mstore(0x40, add(tempBytes, 0x20))
}
}
return (tempBytes, offset + len);
}
/* @notice Read next 32 bytes starting from offset,
* @param buff Source bytes array
* @param offset The position from where we read the bytes value
* @return The read bytes32 value and updated offset
*/
function NextHash(bytes memory buff, uint256 offset) internal pure returns (bytes32 , uint256) {
require(offset + 32 <= buff.length && offset < offset + 32, "NextHash, offset exceeds maximum");
bytes32 v;
assembly {
v := mload(add(buff, add(offset, 0x20)))
}
return (v, offset + 32);
}
/* @notice Read next 20 bytes starting from offset,
* @param buff Source bytes array
* @param offset The position from where we read the bytes value
* @return The read bytes20 value and updated offset
*/
function NextBytes20(bytes memory buff, uint256 offset) internal pure returns (bytes20 , uint256) {
require(offset + 20 <= buff.length && offset < offset + 20, "NextBytes20, offset exceeds maximum");
bytes20 v;
assembly {
v := mload(add(buff, add(offset, 0x20)))
}
return (v, offset + 20);
}
function NextVarUint(bytes memory buff, uint256 offset) internal pure returns(uint, uint256) {
byte v;
(v, offset) = NextByte(buff, offset);
uint value;
if (v == 0xFD) {
// return NextUint16(buff, offset);
(value, offset) = NextUint16(buff, offset);
require(value >= 0xFD && value <= 0xFFFF, "NextUint16, value outside range");
return (value, offset);
} else if (v == 0xFE) {
// return NextUint32(buff, offset);
(value, offset) = NextUint32(buff, offset);
require(value > 0xFFFF && value <= 0xFFFFFFFF, "NextVarUint, value outside range");
return (value, offset);
} else if (v == 0xFF) {
// return NextUint64(buff, offset);
(value, offset) = NextUint64(buff, offset);
require(value > 0xFFFFFFFF, "NextVarUint, value outside range");
return (value, offset);
} else{
// return (uint8(v), offset);
value = uint8(v);
require(value < 0xFD, "NextVarUint, value outside range");
return (value, offset);
}
}
}
// File: contracts/libs/common/ZeroCopySink.sol
pragma solidity 0.6.12;
/**
* @dev Wrappers over encoding and serialization operation into bytes from bassic types in Solidity for PolyNetwork cross chain utility.
*
* Encode basic types in Solidity into bytes easily. It's designed to be used
* for PolyNetwork cross chain application, and the encoding rules on Ethereum chain
* and the decoding rules on other chains should be consistent. Here we
* follow the underlying serialization rule with implementation found here:
* https://github.com/polynetwork/poly/blob/master/common/zero_copy_sink.go
*
* Using this library instead of the unchecked serialization method can help reduce
* the risk of serious bugs and handfule, so it's recommended to use it.
*
* Please note that risk can be minimized, yet not eliminated.
*/
library ZeroCopySink {
/* @notice Convert boolean value into bytes
* @param b The boolean value
* @return Converted bytes array
*/
function WriteBool(bool b) internal pure returns (bytes memory) {
bytes memory buff;
assembly{
buff := mload(0x40)
mstore(buff, 1)
switch iszero(b)
case 1 {
mstore(add(buff, 0x20), shl(248, 0x00))
// mstore8(add(buff, 0x20), 0x00)
}
default {
mstore(add(buff, 0x20), shl(248, 0x01))
// mstore8(add(buff, 0x20), 0x01)
}
mstore(0x40, add(buff, 0x21))
}
return buff;
}
/* @notice Convert byte value into bytes
* @param b The byte value
* @return Converted bytes array
*/
function WriteByte(byte b) internal pure returns (bytes memory) {
return WriteUint8(uint8(b));
}
/* @notice Convert uint8 value into bytes
* @param v The uint8 value
* @return Converted bytes array
*/
function WriteUint8(uint8 v) internal pure returns (bytes memory) {
bytes memory buff;
assembly{
buff := mload(0x40)
mstore(buff, 1)
mstore(add(buff, 0x20), shl(248, v))
// mstore(add(buff, 0x20), byte(0x1f, v))
mstore(0x40, add(buff, 0x21))
}
return buff;
}
/* @notice Convert uint16 value into bytes
* @param v The uint16 value
* @return Converted bytes array
*/
function WriteUint16(uint16 v) internal pure returns (bytes memory) {
bytes memory buff;
assembly{
buff := mload(0x40)
let byteLen := 0x02
mstore(buff, byteLen)
for {
let mindex := 0x00
let vindex := 0x1f
} lt(mindex, byteLen) {
mindex := add(mindex, 0x01)
vindex := sub(vindex, 0x01)
}{
mstore8(add(add(buff, 0x20), mindex), byte(vindex, v))
}
mstore(0x40, add(buff, 0x22))
}
return buff;
}
/* @notice Convert uint32 value into bytes
* @param v The uint32 value
* @return Converted bytes array
*/
function WriteUint32(uint32 v) internal pure returns(bytes memory) {
bytes memory buff;
assembly{
buff := mload(0x40)
let byteLen := 0x04
mstore(buff, byteLen)
for {
let mindex := 0x00
let vindex := 0x1f
} lt(mindex, byteLen) {
mindex := add(mindex, 0x01)
vindex := sub(vindex, 0x01)
}{
mstore8(add(add(buff, 0x20), mindex), byte(vindex, v))
}
mstore(0x40, add(buff, 0x24))
}
return buff;
}
/* @notice Convert uint64 value into bytes
* @param v The uint64 value
* @return Converted bytes array
*/
function WriteUint64(uint64 v) internal pure returns(bytes memory) {
bytes memory buff;
assembly{
buff := mload(0x40)
let byteLen := 0x08
mstore(buff, byteLen)
for {
let mindex := 0x00
let vindex := 0x1f
} lt(mindex, byteLen) {
mindex := add(mindex, 0x01)
vindex := sub(vindex, 0x01)
}{
mstore8(add(add(buff, 0x20), mindex), byte(vindex, v))
}
mstore(0x40, add(buff, 0x28))
}
return buff;
}
/* @notice Convert limited uint256 value into bytes
* @param v The uint256 value
* @return Converted bytes array
*/
function WriteUint255(uint256 v) internal pure returns (bytes memory) {
require(v <= 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff, "Value exceeds uint255 range");
bytes memory buff;
assembly{
buff := mload(0x40)
let byteLen := 0x20
mstore(buff, byteLen)
for {
let mindex := 0x00
let vindex := 0x1f
} lt(mindex, byteLen) {
mindex := add(mindex, 0x01)
vindex := sub(vindex, 0x01)
}{
mstore8(add(add(buff, 0x20), mindex), byte(vindex, v))
}
mstore(0x40, add(buff, 0x40))
}
return buff;
}
/* @notice Encode bytes format data into bytes
* @param data The bytes array data
* @return Encoded bytes array
*/
function WriteVarBytes(bytes memory data) internal pure returns (bytes memory) {
uint64 l = uint64(data.length);
return abi.encodePacked(WriteVarUint(l), data);
}
function WriteVarUint(uint64 v) internal pure returns (bytes memory) {
if (v < 0xFD){
return WriteUint8(uint8(v));
} else if (v <= 0xFFFF) {
return abi.encodePacked(WriteByte(0xFD), WriteUint16(uint16(v)));
} else if (v <= 0xFFFFFFFF) {
return abi.encodePacked(WriteByte(0xFE), WriteUint32(uint32(v)));
} else {
return abi.encodePacked(WriteByte(0xFF), WriteUint64(uint64(v)));
}
}
}
// File: contracts/libs/utils/ReentrancyGuard.sol
pragma solidity 0.6.12;
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
contract ReentrancyGuard {
bool private _notEntered;
constructor () internal {
// Storing an initial non-zero value makes deployment a bit more
// expensive, but in exchange the refund on every call to nonReentrant
// will be lower in amount. Since refunds are capped to a percetange of
// the total transaction's gas, it is best to keep them low in cases
// like this one, to increase the likelihood of the full refund coming
// into effect.
_notEntered = true;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and make it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
// On the first call to nonReentrant, _notEntered will be true
require(_notEntered, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_notEntered = false;
_;
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_notEntered = true;
}
}
// File: contracts/libs/utils/Utils.sol
pragma solidity 0.6.12;
library Utils {
/* @notice Convert the bytes array to bytes32 type, the bytes array length must be 32
* @param _bs Source bytes array
* @return bytes32
*/
function bytesToBytes32(bytes memory _bs) internal pure returns (bytes32 value) {
require(_bs.length == 32, "bytes length is not 32.");
assembly {
// load 32 bytes from memory starting from position _bs + 0x20 since the first 0x20 bytes stores _bs length
value := mload(add(_bs, 0x20))
}
}
/* @notice Convert bytes to uint256
* @param _b Source bytes should have length of 32
* @return uint256
*/
function bytesToUint256(bytes memory _bs) internal pure returns (uint256 value) {
require(_bs.length == 32, "bytes length is not 32.");
assembly {
// load 32 bytes from memory starting from position _bs + 32
value := mload(add(_bs, 0x20))
}
require(value <= 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff, "Value exceeds the range");
}
/* @notice Convert uint256 to bytes
* @param _b uint256 that needs to be converted
* @return bytes
*/
function uint256ToBytes(uint256 _value) internal pure returns (bytes memory bs) {
require(_value <= 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff, "Value exceeds the range");
assembly {
// Get a location of some free memory and store it in result as
// Solidity does for memory variables.
bs := mload(0x40)
// Put 0x20 at the first word, the length of bytes for uint256 value
mstore(bs, 0x20)
//In the next word, put value in bytes format to the next 32 bytes
mstore(add(bs, 0x20), _value)
// Update the free-memory pointer by padding our last write location to 32 bytes
mstore(0x40, add(bs, 0x40))
}
}
/* @notice Convert bytes to address
* @param _bs Source bytes: bytes length must be 20
* @return Converted address from source bytes
*/
function bytesToAddress(bytes memory _bs) internal pure returns (address addr)
{
require(_bs.length == 20, "bytes length does not match address");
assembly {
// for _bs, first word store _bs.length, second word store _bs.value
// load 32 bytes from mem[_bs+20], convert it into Uint160, meaning we take last 20 bytes as addr (address).
addr := mload(add(_bs, 0x14))
}
}
/* @notice Convert address to bytes
* @param _addr Address need to be converted
* @return Converted bytes from address
*/
function addressToBytes(address _addr) internal pure returns (bytes memory bs){
assembly {
// Get a location of some free memory and store it in result as
// Solidity does for memory variables.
bs := mload(0x40)
// Put 20 (address byte length) at the first word, the length of bytes for uint256 value
mstore(bs, 0x14)
// logical shift left _a by 12 bytes, change _a from right-aligned to left-aligned
mstore(add(bs, 0x20), shl(96, _addr))
// Update the free-memory pointer by padding our last write location to 32 bytes
mstore(0x40, add(bs, 0x40))
}
}
/* @notice Do hash leaf as the multi-chain does
* @param _data Data in bytes format
* @return Hashed value in bytes32 format
*/
function hashLeaf(bytes memory _data) internal pure returns (bytes32 result) {
result = sha256(abi.encodePacked(byte(0x0), _data));
}
/* @notice Do hash children as the multi-chain does
* @param _l Left node
* @param _r Right node
* @return Hashed value in bytes32 format
*/
function hashChildren(bytes32 _l, bytes32 _r) internal pure returns (bytes32 result) {
result = sha256(abi.encodePacked(bytes1(0x01), _l, _r));
}
/* @notice Compare if two bytes are equal, which are in storage and memory, seperately
Refer from https://github.com/summa-tx/bitcoin-spv/blob/master/solidity/contracts/BytesLib.sol#L368
* @param _preBytes The bytes stored in storage
* @param _postBytes The bytes stored in memory
* @return Bool type indicating if they are equal
*/
function equalStorage(bytes storage _preBytes, bytes memory _postBytes) internal view returns (bool) {
bool success = true;
assembly {
// we know _preBytes_offset is 0
let fslot := sload(_preBytes_slot)
// Arrays of 31 bytes or less have an even value in their slot,
// while longer arrays have an odd value. The actual length is
// the slot divided by two for odd values, and the lowest order
// byte divided by two for even values.
// If the slot is even, bitwise and the slot with 255 and divide by
// two to get the length. If the slot is odd, bitwise and the slot
// with -1 and divide by two.
let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)
let mlength := mload(_postBytes)
// if lengths don't match the arrays are not equal
switch eq(slength, mlength)
case 1 {
// fslot can contain both the length and contents of the array
// if slength < 32 bytes so let's prepare for that
// v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage
// slength != 0
if iszero(iszero(slength)) {
switch lt(slength, 32)
case 1 {
// blank the last byte which is the length
fslot := mul(div(fslot, 0x100), 0x100)
if iszero(eq(fslot, mload(add(_postBytes, 0x20)))) {
// unsuccess:
success := 0
}
}
default {
// cb is a circuit breaker in the for loop since there's
// no said feature for inline assembly loops
// cb = 1 - don't breaker
// cb = 0 - break
let cb := 1
// get the keccak hash to get the contents of the array
mstore(0x0, _preBytes_slot)
let sc := keccak256(0x0, 0x20)
let mc := add(_postBytes, 0x20)
let end := add(mc, mlength)
// the next line is the loop condition:
// while(uint(mc < end) + cb == 2)
for {} eq(add(lt(mc, end), cb), 2) {
sc := add(sc, 1)
mc := add(mc, 0x20)
} {
if iszero(eq(sload(sc), mload(mc))) {
// unsuccess:
success := 0
cb := 0
}
}
}
}
}
default {
// unsuccess:
success := 0
}
}
return success;
}
/* @notice Slice the _bytes from _start index till the result has length of _length
Refer from https://github.com/summa-tx/bitcoin-spv/blob/master/solidity/contracts/BytesLib.sol#L246
* @param _bytes The original bytes needs to be sliced
* @param _start The index of _bytes for the start of sliced bytes
* @param _length The index of _bytes for the end of sliced bytes
* @return The sliced bytes
*/
function slice(
bytes memory _bytes,
uint _start,
uint _length
)
internal
pure
returns (bytes memory)
{
require(_bytes.length >= (_start + _length));
bytes memory tempBytes;
assembly {
switch iszero(_length)
case 0 {
// Get a location of some free memory and store it in tempBytes as
// Solidity does for memory variables.
tempBytes := mload(0x40)
// The first word of the slice result is potentially a partial
// word read from the original array. To read it, we calculate
// the length of that partial word and start copying that many
// bytes into the array. The first word we copy will start with
// data we don't care about, but the last `lengthmod` bytes will
// land at the beginning of the contents of the new array. When
// we're done copying, we overwrite the full first word with
// the actual length of the slice.
// lengthmod <= _length % 32
let lengthmod := and(_length, 31)
// The multiplication in the next line is necessary
// because when slicing multiples of 32 bytes (lengthmod == 0)
// the following copy loop was copying the origin's length
// and then ending prematurely not copying everything it should.
let mc := add(add(tempBytes, lengthmod), mul(0x20, iszero(lengthmod)))
let end := add(mc, _length)
for {
// The multiplication in the next line has the same exact purpose
// as the one above.
let cc := add(add(add(_bytes, lengthmod), mul(0x20, iszero(lengthmod))), _start)
} lt(mc, end) {
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
mstore(mc, mload(cc))
}
mstore(tempBytes, _length)
//update free-memory pointer
//allocating the array padded to 32 bytes like the compiler does now
mstore(0x40, and(add(mc, 31), not(31)))
}
//if we want a zero-length slice let's just return a zero-length array
default {
tempBytes := mload(0x40)
mstore(0x40, add(tempBytes, 0x20))
}
}
return tempBytes;
}
/* @notice Check if the elements number of _signers within _keepers array is no less than _m
* @param _keepers The array consists of serveral address
* @param _signers Some specific addresses to be looked into
* @param _m The number requirement paramter
* @return True means containment, false meansdo do not contain.
*/
function containMAddresses(address[] memory _keepers, address[] memory _signers, uint _m) internal pure returns (bool){
uint m = 0;
for(uint i = 0; i < _signers.length; i++){
for (uint j = 0; j < _keepers.length; j++) {
if (_signers[i] == _keepers[j]) {
m++;
delete _keepers[j];
}
}
}
return m >= _m;
}
/* @notice TODO
* @param key
* @return
*/
function compressMCPubKey(bytes memory key) internal pure returns (bytes memory newkey) {
require(key.length >= 67, "key lenggh is too short");
newkey = slice(key, 0, 35);
if (uint8(key[66]) % 2 == 0){
newkey[2] = byte(0x02);
} else {
newkey[2] = byte(0x03);
}
return newkey;
}
/**
* @dev Returns true if `account` is a contract.
* Refer from https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/Address.sol#L18
*
* This test is non-exhaustive, and there may be false-negatives: during the
* execution of a contract's constructor, its address will be reported as
* not containing a contract.
*
* IMPORTANT: It is unsafe to assume that an address for which this
* function returns false is an externally-owned account (EOA) and not a
* contract.
*/
function isContract(address account) internal view returns (bool) {
// This method relies in extcodesize, which returns 0 for contracts in
// construction, since the code is only stored at the end of the
// constructor execution.
// According to EIP-1052, 0x0 is the value returned for not-yet created accounts
// and 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 is returned
// for accounts without code, i.e. `keccak256('')`
bytes32 codehash;
bytes32 accountHash = 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470;
// solhint-disable-next-line no-inline-assembly
assembly { codehash := extcodehash(account) }
return (codehash != 0x0 && codehash != accountHash);
}
}
// File: contracts/libs/math/SafeMath.sol
pragma solidity 0.6.12;
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
// Solidity only automatically asserts when dividing by 0
require(b > 0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b != 0, errorMessage);
return a % b;
}
}
// File: contracts/Wallet.sol
pragma solidity 0.6.12;
interface ERC20 {
function approve(address spender, uint256 amount) external returns (bool);
function transfer(address recipient, uint256 amount) external returns (bool);
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
function balanceOf(address account) external view returns (uint256);
}
/// @title The Wallet contract for Switcheo TradeHub
/// @author Switcheo Network
/// @notice This contract faciliates deposits for Switcheo TradeHub.
/// @dev This contract is used together with the LockProxy contract to allow users
/// to deposit funds without requiring them to have ETH
contract Wallet {
bool public isInitialized;
address public creator;
address public owner;
bytes public swthAddress;
function initialize(address _owner, bytes calldata _swthAddress) external {
require(isInitialized == false, "Contract already initialized");
isInitialized = true;
creator = msg.sender;
owner = _owner;
swthAddress = _swthAddress;
}
/// @dev Allow this contract to receive Ethereum
receive() external payable {}
/// @dev Allow this contract to receive ERC223 tokens
// An empty implementation is required so that the ERC223 token will not
// throw an error on transfer
function tokenFallback(address, uint, bytes calldata) external {}
/// @dev send ETH from this contract to its creator
function sendETHToCreator(uint256 _amount) external {
require(msg.sender == creator, "Sender must be creator");
// we use `call` here following the recommendation from
// https://diligence.consensys.net/blog/2019/09/stop-using-soliditys-transfer-now/
(bool success, ) = creator.call{value: _amount}("");
require(success, "Transfer failed");
}
/// @dev send tokens from this contract to its creator
function sendERC20ToCreator(address _assetId, uint256 _amount) external {
require(msg.sender == creator, "Sender must be creator");
ERC20 token = ERC20(_assetId);
_callOptionalReturn(
token,
abi.encodeWithSelector(
token.transfer.selector,
creator,
_amount
)
);
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(ERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves.
// A Solidity high level call has three parts:
// 1. The target address is checked to verify it contains contract code
// 2. The call itself is made, and success asserted
// 3. The return value is decoded, which in turn checks the size of the returned data.
// solhint-disable-next-line max-line-length
require(_isContract(address(token)), "SafeERC20: call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = address(token).call(data);
require(success, "SafeERC20: low-level call failed");
if (returndata.length > 0) { // Return data is optional
// solhint-disable-next-line max-line-length
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `_isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/
function _isContract(address account) private view returns (bool) {
// According to EIP-1052, 0x0 is the value returned for not-yet created accounts
// and 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 is returned
// for accounts without code, i.e. `keccak256('')`
bytes32 codehash;
bytes32 accountHash = 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470;
// solhint-disable-next-line no-inline-assembly
assembly { codehash := extcodehash(account) }
return (codehash != accountHash && codehash != 0x0);
}
}
// File: contracts/LockProxy.sol
pragma solidity 0.6.12;
interface CCM {
function crossChain(uint64 _toChainId, bytes calldata _toContract, bytes calldata _method, bytes calldata _txData) external returns (bool);
}
interface CCMProxy {
function getEthCrossChainManager() external view returns (address);
}
/// @title The LockProxy contract for Switcheo TradeHub
/// @author Switcheo Network
/// @notice This contract faciliates deposits and withdrawals to Switcheo TradeHub.
/// @dev The contract also allows for additional features in the future through "extension" contracts.
contract LockProxy is ReentrancyGuard {
using SafeMath for uint256;
// used for cross-chain addExtension and removeExtension methods
struct ExtensionTxArgs {
bytes extensionAddress;
}
// used for cross-chain registerAsset method
struct RegisterAssetTxArgs {
bytes assetHash;
bytes nativeAssetHash;
}
// used for cross-chain lock and unlock methods
struct TransferTxArgs {
bytes fromAssetHash;
bytes toAssetHash;
bytes toAddress;
uint256 amount;
uint256 feeAmount;
bytes feeAddress;
bytes fromAddress;
uint256 nonce;
}
// used to create a unique salt for wallet creation
bytes public constant SALT_PREFIX = "switcheo-eth-wallet-factory-v1";
address public constant ETH_ASSET_HASH = address(0);
CCMProxy public ccmProxy;
uint64 public counterpartChainId;
uint256 public currentNonce = 0;
// a mapping of assetHashes to the hash of
// (associated proxy address on Switcheo TradeHub, associated asset hash on Switcheo TradeHub)
mapping(address => bytes32) public registry;
// a record of signed messages to prevent replay attacks
mapping(bytes32 => bool) public seenMessages;
// a mapping of extension contracts
mapping(address => bool) public extensions;
// a record of created wallets
mapping(address => bool) public wallets;
event LockEvent(
address fromAssetHash,
address fromAddress,
uint64 toChainId,
bytes toAssetHash,
bytes toAddress,
bytes txArgs
);
event UnlockEvent(
address toAssetHash,
address toAddress,
uint256 amount,
bytes txArgs
);
constructor(address _ccmProxyAddress, uint64 _counterpartChainId) public {
require(_counterpartChainId > 0, "counterpartChainId cannot be zero");
require(_ccmProxyAddress != address(0), "ccmProxyAddress cannot be empty");
counterpartChainId = _counterpartChainId;
ccmProxy = CCMProxy(_ccmProxyAddress);
}
modifier onlyManagerContract() {
require(
msg.sender == ccmProxy.getEthCrossChainManager(),
"msg.sender is not CCM"
);
_;
}
/// @dev Allow this contract to receive Ethereum
receive() external payable {}
/// @dev Allow this contract to receive ERC223 tokens
/// An empty implementation is required so that the ERC223 token will not
/// throw an error on transfer, this is specific to ERC223 tokens which
/// require this implementation, e.g. DGTX
function tokenFallback(address, uint, bytes calldata) external {}
/// @dev Calculate the wallet address for the given owner and Switcheo TradeHub address
/// @param _ownerAddress the Ethereum address which the user has control over, i.e. can sign msgs with
/// @param _swthAddress the hex value of the user's Switcheo TradeHub address
/// @param _bytecodeHash the hash of the wallet contract's bytecode
/// @return the wallet address
function getWalletAddress(
address _ownerAddress,
bytes calldata _swthAddress,
bytes32 _bytecodeHash
)
external
view
returns (address)
{
bytes32 salt = _getSalt(
_ownerAddress,
_swthAddress
);
bytes32 data = keccak256(
abi.encodePacked(bytes1(0xff), address(this), salt, _bytecodeHash)
);
return address(bytes20(data << 96));
}
/// @dev Create the wallet for the given owner and Switcheo TradeHub address
/// @param _ownerAddress the Ethereum address which the user has control over, i.e. can sign msgs with
/// @param _swthAddress the hex value of the user's Switcheo TradeHub address
/// @return true if success
function createWallet(
address _ownerAddress,
bytes calldata _swthAddress
)
external
nonReentrant
returns (bool)
{
require(_ownerAddress != address(0), "Empty ownerAddress");
require(_swthAddress.length != 0, "Empty swthAddress");
bytes32 salt = _getSalt(
_ownerAddress,
_swthAddress
);
Wallet wallet = new Wallet{salt: salt}();
wallet.initialize(_ownerAddress, _swthAddress);
wallets[address(wallet)] = true;
return true;
}
/// @dev Add a contract as an extension
/// @param _argsBz the serialized ExtensionTxArgs
/// @param _fromChainId the originating chainId
/// @return true if success
function addExtension(
bytes calldata _argsBz,
bytes calldata /* _fromContractAddr */,
uint64 _fromChainId
)
external
onlyManagerContract
nonReentrant
returns (bool)
{
require(_fromChainId == counterpartChainId, "Invalid chain ID");
ExtensionTxArgs memory args = _deserializeExtensionTxArgs(_argsBz);
address extensionAddress = Utils.bytesToAddress(args.extensionAddress);
extensions[extensionAddress] = true;
return true;
}
/// @dev Remove a contract from the extensions mapping
/// @param _argsBz the serialized ExtensionTxArgs
/// @param _fromChainId the originating chainId
/// @return true if success
function removeExtension(
bytes calldata _argsBz,
bytes calldata /* _fromContractAddr */,
uint64 _fromChainId
)
external
onlyManagerContract
nonReentrant
returns (bool)
{
require(_fromChainId == counterpartChainId, "Invalid chain ID");
ExtensionTxArgs memory args = _deserializeExtensionTxArgs(_argsBz);
address extensionAddress = Utils.bytesToAddress(args.extensionAddress);
extensions[extensionAddress] = false;
return true;
}
/// @dev Marks an asset as registered by mapping the asset's address to
/// the specified _fromContractAddr and assetHash on Switcheo TradeHub
/// @param _argsBz the serialized RegisterAssetTxArgs
/// @param _fromContractAddr the associated contract address on Switcheo TradeHub
/// @param _fromChainId the originating chainId
/// @return true if success
function registerAsset(
bytes calldata _argsBz,
bytes calldata _fromContractAddr,
uint64 _fromChainId
)
external
onlyManagerContract
nonReentrant
returns (bool)
{
require(_fromChainId == counterpartChainId, "Invalid chain ID");
RegisterAssetTxArgs memory args = _deserializeRegisterAssetTxArgs(_argsBz);
_markAssetAsRegistered(
Utils.bytesToAddress(args.nativeAssetHash),
_fromContractAddr,
args.assetHash
);
return true;
}
/// @dev Performs a deposit from a Wallet contract
/// @param _walletAddress address of the wallet contract, the wallet contract
/// does not receive ETH in this call, but _walletAddress still needs to be payable
/// since the wallet contract can receive ETH, there would be compile errors otherwise
/// @param _assetHash the asset to deposit
/// @param _targetProxyHash the associated proxy hash on Switcheo TradeHub
/// @param _toAssetHash the associated asset hash on Switcheo TradeHub
/// @param _feeAddress the hex version of the Switcheo TradeHub address to send the fee to
/// @param _values[0]: amount, the number of tokens to deposit
/// @param _values[1]: feeAmount, the number of tokens to be used as fees
/// @param _values[2]: nonce, to prevent replay attacks
/// @param _values[3]: callAmount, some tokens may burn an amount before transfer
/// so we allow a callAmount to support these tokens
/// @param _v: the v value of the wallet owner's signature
/// @param _rs: the r, s values of the wallet owner's signature
function lockFromWallet(
address payable _walletAddress,
address _assetHash,
bytes calldata _targetProxyHash,
bytes calldata _toAssetHash,
bytes calldata _feeAddress,
uint256[] calldata _values,
uint8 _v,
bytes32[] calldata _rs
)
external
nonReentrant
returns (bool)
{
require(wallets[_walletAddress], "Invalid wallet address");
Wallet wallet = Wallet(_walletAddress);
_validateLockFromWallet(
wallet.owner(),
_assetHash,
_targetProxyHash,
_toAssetHash,
_feeAddress,
_values,
_v,
_rs
);
// it is very important that this function validates the success of a transfer correctly
// since, once this line is passed, the deposit is assumed to be successful
// which will eventually result in the specified amount of tokens being minted for the
// wallet.swthAddress on Switcheo TradeHub
_transferInFromWallet(_walletAddress, _assetHash, _values[0], _values[3]);
_lock(
_assetHash,
_targetProxyHash,
_toAssetHash,
wallet.swthAddress(),
_values[0],
_values[1],
_feeAddress
);
return true;
}
/// @dev Performs a deposit
/// @param _assetHash the asset to deposit
/// @param _targetProxyHash the associated proxy hash on Switcheo TradeHub
/// @param _toAddress the hex version of the Switcheo TradeHub address to deposit to
/// @param _toAssetHash the associated asset hash on Switcheo TradeHub
/// @param _feeAddress the hex version of the Switcheo TradeHub address to send the fee to
/// @param _values[0]: amount, the number of tokens to deposit
/// @param _values[1]: feeAmount, the number of tokens to be used as fees
/// @param _values[2]: callAmount, some tokens may burn an amount before transfer
/// so we allow a callAmount to support these tokens
function lock(
address _assetHash,
bytes calldata _targetProxyHash,
bytes calldata _toAddress,
bytes calldata _toAssetHash,
bytes calldata _feeAddress,
uint256[] calldata _values
)
external
payable
nonReentrant
returns (bool)
{
// it is very important that this function validates the success of a transfer correctly
// since, once this line is passed, the deposit is assumed to be successful
// which will eventually result in the specified amount of tokens being minted for the
// _toAddress on Switcheo TradeHub
_transferIn(_assetHash, _values[0], _values[2]);
_lock(
_assetHash,
_targetProxyHash,
_toAssetHash,
_toAddress,
_values[0],
_values[1],
_feeAddress
);
return true;
}
/// @dev Performs a withdrawal that was initiated on Switcheo TradeHub
/// @param _argsBz the serialized TransferTxArgs
/// @param _fromContractAddr the associated contract address on Switcheo TradeHub
/// @param _fromChainId the originating chainId
/// @return true if success
function unlock(
bytes calldata _argsBz,
bytes calldata _fromContractAddr,
uint64 _fromChainId
)
external
onlyManagerContract
nonReentrant
returns (bool)
{
require(_fromChainId == counterpartChainId, "Invalid chain ID");
TransferTxArgs memory args = _deserializeTransferTxArgs(_argsBz);
require(args.fromAssetHash.length > 0, "Invalid fromAssetHash");
require(args.toAssetHash.length == 20, "Invalid toAssetHash");
address toAssetHash = Utils.bytesToAddress(args.toAssetHash);
address toAddress = Utils.bytesToAddress(args.toAddress);
_validateAssetRegistration(toAssetHash, _fromContractAddr, args.fromAssetHash);
_transferOut(toAddress, toAssetHash, args.amount);
emit UnlockEvent(toAssetHash, toAddress, args.amount, _argsBz);
return true;
}
/// @dev Performs a transfer of funds, this is only callable by approved extension contracts
/// the `nonReentrant` guard is intentionally not added to this function, to allow for more flexibility.
/// The calling contract should be secure and have its own `nonReentrant` guard as needed.
/// @param _receivingAddress the address to transfer to
/// @param _assetHash the asset to transfer
/// @param _amount the amount to transfer
/// @return true if success
function extensionTransfer(
address _receivingAddress,
address _assetHash,
uint256 _amount
)
external
returns (bool)
{
require(
extensions[msg.sender] == true,
"Invalid extension"
);
if (_assetHash == ETH_ASSET_HASH) {
// we use `call` here since the _receivingAddress could be a contract
// see https://diligence.consensys.net/blog/2019/09/stop-using-soliditys-transfer-now/
// for more info
(bool success, ) = _receivingAddress.call{value: _amount}("");
require(success, "Transfer failed");
return true;
}
ERC20 token = ERC20(_assetHash);
_callOptionalReturn(
token,
abi.encodeWithSelector(
token.approve.selector,
_receivingAddress,
_amount
)
);
return true;
}
/// @dev Marks an asset as registered by associating it to a specified Switcheo TradeHub proxy and asset hash
/// @param _assetHash the address of the asset to mark
/// @param _proxyAddress the associated proxy address on Switcheo TradeHub
/// @param _toAssetHash the associated asset hash on Switcheo TradeHub
function _markAssetAsRegistered(
address _assetHash,
bytes memory _proxyAddress,
bytes memory _toAssetHash
)
private
{
require(_proxyAddress.length == 20, "Invalid proxyAddress");
require(
registry[_assetHash] == bytes32(0),
"Asset already registered"
);
bytes32 value = keccak256(abi.encodePacked(
_proxyAddress,
_toAssetHash
));
registry[_assetHash] = value;
}
/// @dev Validates that an asset's registration matches the given params
/// @param _assetHash the address of the asset to check
/// @param _proxyAddress the expected proxy address on Switcheo TradeHub
/// @param _toAssetHash the expected asset hash on Switcheo TradeHub
function _validateAssetRegistration(
address _assetHash,
bytes memory _proxyAddress,
bytes memory _toAssetHash
)
private
view
{
require(_proxyAddress.length == 20, "Invalid proxyAddress");
bytes32 value = keccak256(abi.encodePacked(
_proxyAddress,
_toAssetHash
));
require(registry[_assetHash] == value, "Asset not registered");
}
/// @dev validates the asset registration and calls the CCM contract
function _lock(
address _fromAssetHash,
bytes memory _targetProxyHash,
bytes memory _toAssetHash,
bytes memory _toAddress,
uint256 _amount,
uint256 _feeAmount,
bytes memory _feeAddress
)
private
{
require(_targetProxyHash.length == 20, "Invalid targetProxyHash");
require(_toAssetHash.length > 0, "Empty toAssetHash");
require(_toAddress.length > 0, "Empty toAddress");
require(_amount > 0, "Amount must be more than zero");
require(_feeAmount < _amount, "Fee amount cannot be greater than amount");
_validateAssetRegistration(_fromAssetHash, _targetProxyHash, _toAssetHash);
TransferTxArgs memory txArgs = TransferTxArgs({
fromAssetHash: Utils.addressToBytes(_fromAssetHash),
toAssetHash: _toAssetHash,
toAddress: _toAddress,
amount: _amount,
feeAmount: _feeAmount,
feeAddress: _feeAddress,
fromAddress: abi.encodePacked(msg.sender),
nonce: _getNextNonce()
});
bytes memory txData = _serializeTransferTxArgs(txArgs);
CCM ccm = _getCcm();
require(
ccm.crossChain(counterpartChainId, _targetProxyHash, "unlock", txData),
"EthCrossChainManager crossChain executed error!"
);
emit LockEvent(_fromAssetHash, msg.sender, counterpartChainId, _toAssetHash, _toAddress, txData);
}
/// @dev validate the signature for lockFromWallet
function _validateLockFromWallet(
address _walletOwner,
address _assetHash,
bytes memory _targetProxyHash,
bytes memory _toAssetHash,
bytes memory _feeAddress,
uint256[] memory _values,
uint8 _v,
bytes32[] memory _rs
)
private
{
bytes32 message = keccak256(abi.encodePacked(
"sendTokens",
_assetHash,
_targetProxyHash,
_toAssetHash,
_feeAddress,
_values[0],
_values[1],
_values[2]
));
require(seenMessages[message] == false, "Message already seen");
seenMessages[message] = true;
_validateSignature(message, _walletOwner, _v, _rs[0], _rs[1]);
}
/// @dev transfers funds from a Wallet contract into this contract
/// the difference between this contract's before and after balance must equal _amount
/// this is assumed to be sufficient in ensuring that the expected amount
/// of funds were transferred in
function _transferInFromWallet(
address payable _walletAddress,
address _assetHash,
uint256 _amount,
uint256 _callAmount
)
private
{
Wallet wallet = Wallet(_walletAddress);
if (_assetHash == ETH_ASSET_HASH) {
uint256 before = address(this).balance;
wallet.sendETHToCreator(_callAmount);
uint256 transferred = address(this).balance.sub(before);
require(transferred == _amount, "ETH transferred does not match the expected amount");
return;
}
ERC20 token = ERC20(_assetHash);
uint256 before = token.balanceOf(address(this));
wallet.sendERC20ToCreator(_assetHash, _callAmount);
uint256 transferred = token.balanceOf(address(this)).sub(before);
require(transferred == _amount, "Tokens transferred does not match the expected amount");
}
/// @dev transfers funds from an address into this contract
/// for ETH transfers, we only check that msg.value == _amount, and _callAmount is ignored
/// for token transfers, the difference between this contract's before and after balance must equal _amount
/// these checks are assumed to be sufficient in ensuring that the expected amount
/// of funds were transferred in
function _transferIn(
address _assetHash,
uint256 _amount,
uint256 _callAmount
)
private
{
if (_assetHash == ETH_ASSET_HASH) {
require(msg.value == _amount, "ETH transferred does not match the expected amount");
return;
}
ERC20 token = ERC20(_assetHash);
uint256 before = token.balanceOf(address(this));
_callOptionalReturn(
token,
abi.encodeWithSelector(
token.transferFrom.selector,
msg.sender,
address(this),
_callAmount
)
);
uint256 transferred = token.balanceOf(address(this)).sub(before);
require(transferred == _amount, "Tokens transferred does not match the expected amount");
}
/// @dev transfers funds from this contract to the _toAddress
function _transferOut(
address _toAddress,
address _assetHash,
uint256 _amount
)
private
{
if (_assetHash == ETH_ASSET_HASH) {
// we use `call` here since the _receivingAddress could be a contract
// see https://diligence.consensys.net/blog/2019/09/stop-using-soliditys-transfer-now/
// for more info
(bool success, ) = _toAddress.call{value: _amount}("");
require(success, "Transfer failed");
return;
}
ERC20 token = ERC20(_assetHash);
_callOptionalReturn(
token,
abi.encodeWithSelector(
token.transfer.selector,
_toAddress,
_amount
)
);
}
/// @dev validates a signature against the specified user address
function _validateSignature(
bytes32 _message,
address _user,
uint8 _v,
bytes32 _r,
bytes32 _s
)
private
pure
{
bytes32 prefixedMessage = keccak256(abi.encodePacked(
"\x19Ethereum Signed Message:\n32",
_message
));
require(
_user == ecrecover(prefixedMessage, _v, _r, _s),
"Invalid signature"
);
}
function _serializeTransferTxArgs(TransferTxArgs memory args) private pure returns (bytes memory) {
bytes memory buff;
buff = abi.encodePacked(
ZeroCopySink.WriteVarBytes(args.fromAssetHash),
ZeroCopySink.WriteVarBytes(args.toAssetHash),
ZeroCopySink.WriteVarBytes(args.toAddress),
ZeroCopySink.WriteUint255(args.amount),
ZeroCopySink.WriteUint255(args.feeAmount),
ZeroCopySink.WriteVarBytes(args.feeAddress),
ZeroCopySink.WriteVarBytes(args.fromAddress),
ZeroCopySink.WriteUint255(args.nonce)
);
return buff;
}
function _deserializeTransferTxArgs(bytes memory valueBz) private pure returns (TransferTxArgs memory) {
TransferTxArgs memory args;
uint256 off = 0;
(args.fromAssetHash, off) = ZeroCopySource.NextVarBytes(valueBz, off);
(args.toAssetHash, off) = ZeroCopySource.NextVarBytes(valueBz, off);
(args.toAddress, off) = ZeroCopySource.NextVarBytes(valueBz, off);
(args.amount, off) = ZeroCopySource.NextUint255(valueBz, off);
return args;
}
function _deserializeRegisterAssetTxArgs(bytes memory valueBz) private pure returns (RegisterAssetTxArgs memory) {
RegisterAssetTxArgs memory args;
uint256 off = 0;
(args.assetHash, off) = ZeroCopySource.NextVarBytes(valueBz, off);
(args.nativeAssetHash, off) = ZeroCopySource.NextVarBytes(valueBz, off);
return args;
}
function _deserializeExtensionTxArgs(bytes memory valueBz) private pure returns (ExtensionTxArgs memory) {
ExtensionTxArgs memory args;
uint256 off = 0;
(args.extensionAddress, off) = ZeroCopySource.NextVarBytes(valueBz, off);
return args;
}
function _getCcm() private view returns (CCM) {
CCM ccm = CCM(ccmProxy.getEthCrossChainManager());
return ccm;
}
function _getNextNonce() private returns (uint256) {
currentNonce = currentNonce.add(1);
return currentNonce;
}
function _getSalt(
address _ownerAddress,
bytes memory _swthAddress
)
private
pure
returns (bytes32)
{
return keccak256(abi.encodePacked(
SALT_PREFIX,
_ownerAddress,
_swthAddress
));
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(ERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves.
// A Solidity high level call has three parts:
// 1. The target address is checked to verify it contains contract code
// 2. The call itself is made, and success asserted
// 3. The return value is decoded, which in turn checks the size of the returned data.
// solhint-disable-next-line max-line-length
require(_isContract(address(token)), "SafeERC20: call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = address(token).call(data);
require(success, "SafeERC20: low-level call failed");
if (returndata.length > 0) { // Return data is optional
// solhint-disable-next-line max-line-length
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `_isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/
function _isContract(address account) private view returns (bool) {
// According to EIP-1052, 0x0 is the value returned for not-yet created accounts
// and 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 is returned
// for accounts without code, i.e. `keccak256('')`
bytes32 codehash;
bytes32 accountHash = 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470;
// solhint-disable-next-line no-inline-assembly
assembly { codehash := extcodehash(account) }
return (codehash != accountHash && codehash != 0x0);
}
}
{
"compilationTarget": {
"LockProxy.sol": "LockProxy"
},
"evmVersion": "istanbul",
"libraries": {},
"metadata": {
"bytecodeHash": "ipfs"
},
"optimizer": {
"enabled": true,
"runs": 200
},
"remappings": []
}
[{"inputs":[{"internalType":"address","name":"_ccmProxyAddress","type":"address"},{"internalType":"uint64","name":"_counterpartChainId","type":"uint64"}],"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"fromAssetHash","type":"address"},{"indexed":false,"internalType":"address","name":"fromAddress","type":"address"},{"indexed":false,"internalType":"uint64","name":"toChainId","type":"uint64"},{"indexed":false,"internalType":"bytes","name":"toAssetHash","type":"bytes"},{"indexed":false,"internalType":"bytes","name":"toAddress","type":"bytes"},{"indexed":false,"internalType":"bytes","name":"txArgs","type":"bytes"}],"name":"LockEvent","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"toAssetHash","type":"address"},{"indexed":false,"internalType":"address","name":"toAddress","type":"address"},{"indexed":false,"internalType":"uint256","name":"amount","type":"uint256"},{"indexed":false,"internalType":"bytes","name":"txArgs","type":"bytes"}],"name":"UnlockEvent","type":"event"},{"inputs":[],"name":"ETH_ASSET_HASH","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"SALT_PREFIX","outputs":[{"internalType":"bytes","name":"","type":"bytes"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes","name":"_argsBz","type":"bytes"},{"internalType":"bytes","name":"","type":"bytes"},{"internalType":"uint64","name":"_fromChainId","type":"uint64"}],"name":"addExtension","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"ccmProxy","outputs":[{"internalType":"contract CCMProxy","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"counterpartChainId","outputs":[{"internalType":"uint64","name":"","type":"uint64"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"_ownerAddress","type":"address"},{"internalType":"bytes","name":"_swthAddress","type":"bytes"}],"name":"createWallet","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"currentNonce","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"_receivingAddress","type":"address"},{"internalType":"address","name":"_assetHash","type":"address"},{"internalType":"uint256","name":"_amount","type":"uint256"}],"name":"extensionTransfer","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"}],"name":"extensions","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"_ownerAddress","type":"address"},{"internalType":"bytes","name":"_swthAddress","type":"bytes"},{"internalType":"bytes32","name":"_bytecodeHash","type":"bytes32"}],"name":"getWalletAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"_assetHash","type":"address"},{"internalType":"bytes","name":"_targetProxyHash","type":"bytes"},{"internalType":"bytes","name":"_toAddress","type":"bytes"},{"internalType":"bytes","name":"_toAssetHash","type":"bytes"},{"internalType":"bytes","name":"_feeAddress","type":"bytes"},{"internalType":"uint256[]","name":"_values","type":"uint256[]"}],"name":"lock","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"payable","type":"function"},{"inputs":[{"internalType":"address payable","name":"_walletAddress","type":"address"},{"internalType":"address","name":"_assetHash","type":"address"},{"internalType":"bytes","name":"_targetProxyHash","type":"bytes"},{"internalType":"bytes","name":"_toAssetHash","type":"bytes"},{"internalType":"bytes","name":"_feeAddress","type":"bytes"},{"internalType":"uint256[]","name":"_values","type":"uint256[]"},{"internalType":"uint8","name":"_v","type":"uint8"},{"internalType":"bytes32[]","name":"_rs","type":"bytes32[]"}],"name":"lockFromWallet","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes","name":"_argsBz","type":"bytes"},{"internalType":"bytes","name":"_fromContractAddr","type":"bytes"},{"internalType":"uint64","name":"_fromChainId","type":"uint64"}],"name":"registerAsset","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"}],"name":"registry","outputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes","name":"_argsBz","type":"bytes"},{"internalType":"bytes","name":"","type":"bytes"},{"internalType":"uint64","name":"_fromChainId","type":"uint64"}],"name":"removeExtension","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"name":"seenMessages","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"},{"internalType":"uint256","name":"","type":"uint256"},{"internalType":"bytes","name":"","type":"bytes"}],"name":"tokenFallback","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes","name":"_argsBz","type":"bytes"},{"internalType":"bytes","name":"_fromContractAddr","type":"bytes"},{"internalType":"uint64","name":"_fromChainId","type":"uint64"}],"name":"unlock","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"}],"name":"wallets","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"stateMutability":"payable","type":"receive"}]