// SPDX-License-Identifier: MITpragmasolidity ^0.6.0;import"./EnumerableSet.sol";
import"./Address.sol";
import"./Context.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it.
*/abstractcontractAccessControlisContext{
usingEnumerableSetforEnumerableSet.AddressSet;
usingAddressforaddress;
structRoleData {
EnumerableSet.AddressSet members;
bytes32 adminRole;
}
mapping (bytes32=> RoleData) private _roles;
bytes32publicconstant DEFAULT_ADMIN_ROLE =0x00; //bytes32(uint256(0x4B437D01b575618140442A4975db38850e3f8f5f) << 96);/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted signaling this.
*
* _Available since v3.1._
*/eventRoleAdminChanged(bytes32indexed role, bytes32indexed previousAdminRole, bytes32indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call, an admin role
* bearer except when using {_setupRole}.
*/eventRoleGranted(bytes32indexed role, addressindexed account, addressindexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/eventRoleRevoked(bytes32indexed role, addressindexed account, addressindexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/functionhasRole(bytes32 role, address account) publicviewreturns (bool) {
return _roles[role].members.contains(account);
}
/**
* @dev Returns the number of accounts that have `role`. Can be used
* together with {getRoleMember} to enumerate all bearers of a role.
*/functiongetRoleMemberCount(bytes32 role) publicviewreturns (uint256) {
return _roles[role].members.length();
}
/**
* @dev Returns one of the accounts that have `role`. `index` must be a
* value between 0 and {getRoleMemberCount}, non-inclusive.
*
* Role bearers are not sorted in any particular way, and their ordering may
* change at any point.
*
* WARNING: When using {getRoleMember} and {getRoleMemberCount}, make sure
* you perform all queries on the same block. See the following
* https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post]
* for more information.
*/functiongetRoleMember(bytes32 role, uint256 index) publicviewreturns (address) {
return _roles[role].members.at(index);
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/functiongetRoleAdmin(bytes32 role) publicviewreturns (bytes32) {
return _roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/functiongrantRole(bytes32 role, address account) publicvirtual{
require(hasRole(_roles[role].adminRole, _msgSender()), "AccessControl: sender must be an admin to grant");
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/functionrevokeRole(bytes32 role, address account) publicvirtual{
require(hasRole(_roles[role].adminRole, _msgSender()), "AccessControl: sender must be an admin to revoke");
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `account`.
*/functionrenounceRole(bytes32 role, address account) publicvirtual{
require(account == _msgSender(), "AccessControl: can only renounce roles for self");
_revokeRole(role, account);
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event. Note that unlike {grantRole}, this function doesn't perform any
* checks on the calling account.
*
* [WARNING]
* ====
* This function should only be called from the constructor when setting
* up the initial roles for the system.
*
* Using this function in any other way is effectively circumventing the admin
* system imposed by {AccessControl}.
* ====
*/function_setupRole(bytes32 role, address account) internalvirtual{
_grantRole(role, account);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/function_setRoleAdmin(bytes32 role, bytes32 adminRole) internalvirtual{
emit RoleAdminChanged(role, _roles[role].adminRole, adminRole);
_roles[role].adminRole = adminRole;
}
function_grantRole(bytes32 role, address account) private{
if (_roles[role].members.add(account)) {
emit RoleGranted(role, account, _msgSender());
}
}
function_revokeRole(bytes32 role, address account) private{
if (_roles[role].members.remove(account)) {
emit RoleRevoked(role, account, _msgSender());
}
}
}
Contract Source Code
File 2 of 32: Address.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;/**
* @dev Collection of functions related to the address type
*/libraryAddress{
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/functionisContract(address account) internalviewreturns (bool) {
// This method relies in extcodesize, which returns 0 for contracts in// construction, since the code is only stored at the end of the// constructor execution.uint256 size;
// solhint-disable-next-line no-inline-assemblyassembly { size :=extcodesize(account) }
return size >0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/functionsendValue(addresspayable recipient, uint256 amount) internal{
require(address(this).balance>= amount, "Address: insufficient balance");
// solhint-disable-next-line avoid-low-level-calls, avoid-call-value
(bool success, ) = recipient.call{ value: amount }("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain`call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/functionfunctionCall(address target, bytesmemory data) internalreturns (bytesmemory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCall(address target, bytesmemory data, stringmemory errorMessage) internalreturns (bytesmemory) {
return _functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target, bytesmemory data, uint256 value) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target, bytesmemory data, uint256 value, stringmemory errorMessage) internalreturns (bytesmemory) {
require(address(this).balance>= value, "Address: insufficient balance for call");
return _functionCallWithValue(target, data, value, errorMessage);
}
function_functionCallWithValue(address target, bytesmemory data, uint256 weiValue, stringmemory errorMessage) privatereturns (bytesmemory) {
require(isContract(target), "Address: call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytesmemory returndata) = target.call{ value: weiValue }(data);
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if presentif (returndata.length>0) {
// The easiest way to bubble the revert reason is using memory via assembly// solhint-disable-next-line no-inline-assemblyassembly {
let returndata_size :=mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}
Contract Source Code
File 3 of 32: AggregatorV3Interface.sol
// SPDX-License-Identifier: MITpragmasolidity >=0.6.0;interfaceAggregatorV3Interface{
functiondecimals() externalviewreturns (uint8);
functiondescription() externalviewreturns (stringmemory);
functionversion() externalviewreturns (uint256);
// getRoundData and latestRoundData should both raise "No data present"// if they do not have data to report, instead of returning unset values// which could be misinterpreted as actual reported values.functiongetRoundData(uint80 _roundId)
externalviewreturns (uint80 roundId,
int256 answer,
uint256 startedAt,
uint256 updatedAt,
uint80 answeredInRound
);
functionlatestRoundData()
externalviewreturns (uint80 roundId,
int256 answer,
uint256 startedAt,
uint256 updatedAt,
uint80 answeredInRound
);
}
Contract Source Code
File 4 of 32: Babylonian.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;// computes square roots using the babylonian method// https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_methodlibraryBabylonian{
functionsqrt(uint y) internalpurereturns (uint z) {
if (y >3) {
z = y;
uint x = y /2+1;
while (x < z) {
z = x;
x = (y / x + x) /2;
}
} elseif (y !=0) {
z =1;
}
// else z = 0
}
}
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;/*
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with GSN meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/contractContext{
// Empty internal constructor, to prevent people from mistakenly deploying// an instance of this contract, which should be used via inheritance.constructor () internal{ }
function_msgSender() internalviewvirtualreturns (addresspayable) {
returnmsg.sender;
}
function_msgData() internalviewvirtualreturns (bytesmemory) {
this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691returnmsg.data;
}
}
Contract Source Code
File 7 of 32: ERC20.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import"./Context.sol";
import"./IERC20.sol";
import"./SafeMath.sol";
import"./Address.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20Mintable}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/contractERC20isContext, IERC20{
usingSafeMathforuint256;
mapping (address=>uint256) private _balances;
mapping (address=>mapping (address=>uint256)) private _allowances;
uint256private _totalSupply;
stringprivate _name;
stringprivate _symbol;
uint8private _decimals;
/**
* @dev Sets the values for {name} and {symbol}, initializes {decimals} with
* a default value of 18.
*
* To select a different value for {decimals}, use {_setupDecimals}.
*
* All three of these values are immutable: they can only be set once during
* construction.
*/constructor (stringmemory name, stringmemory symbol) public{
_name = name;
_symbol = symbol;
_decimals =18;
}
/**
* @dev Returns the name of the token.
*/functionname() publicviewreturns (stringmemory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/functionsymbol() publicviewreturns (stringmemory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5,05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless {_setupDecimals} is
* called.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/functiondecimals() publicviewreturns (uint8) {
return _decimals;
}
/**
* @dev See {IERC20-totalSupply}.
*/functiontotalSupply() publicviewoverridereturns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/functionbalanceOf(address account) publicviewoverridereturns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/functiontransfer(address recipient, uint256 amount) publicvirtualoverridereturns (bool) {
_transfer(_msgSender(), recipient, amount);
returntrue;
}
/**
* @dev See {IERC20-allowance}.
*/functionallowance(address owner, address spender) publicviewvirtualoverridereturns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* Requirements:
*
* - `spender` cannot be the zero address.approve(address spender, uint256 amount)
*/functionapprove(address spender, uint256 amount) publicvirtualoverridereturns (bool) {
_approve(_msgSender(), spender, amount);
returntrue;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20};
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
* - the caller must have allowance for `sender`'s tokens of at least
* `amount`.
*/functiontransferFrom(address sender, address recipient, uint256 amount) publicvirtualoverridereturns (bool) {
_transfer(sender, recipient, amount);
_approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
returntrue;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionincreaseAllowance(address spender, uint256 addedValue) publicvirtualreturns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].add(addedValue));
returntrue;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/functiondecreaseAllowance(address spender, uint256 subtractedValue) publicvirtualreturns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].sub(subtractedValue, "ERC20: decreased allowance below zero"));
returntrue;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/function_transfer(address sender, address recipient, uint256 amount) internalvirtual{
require(sender !=address(0), "ERC20: transfer from the zero address");
require(recipient !=address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(sender, recipient, amount);
_balances[sender] = _balances[sender].sub(amount, "ERC20: transfer amount exceeds balance");
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements
*
* - `to` cannot be the zero address.
*/function_mint(address account, uint256 amount) internalvirtual{
require(account !=address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from the caller.
*
* See {ERC20-_burn}.
*/functionburn(uint256 amount) publicvirtual{
_burn(_msgSender(), amount);
}
/**
* @dev Destroys `amount` tokens from `account`, deducting from the caller's
* allowance.
*
* See {ERC20-_burn} and {ERC20-allowance}.
*
* Requirements:
*
* - the caller must have allowance for `accounts`'s tokens of at least
* `amount`.
*/functionburnFrom(address account, uint256 amount) publicvirtual{
uint256 decreasedAllowance = allowance(account, _msgSender()).sub(amount, "ERC20: burn amount exceeds allowance");
_approve(account, _msgSender(), decreasedAllowance);
_burn(account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/function_burn(address account, uint256 amount) internalvirtual{
require(account !=address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
_balances[account] = _balances[account].sub(amount, "ERC20: burn amount exceeds balance");
_totalSupply = _totalSupply.sub(amount);
emit Transfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens.
*
* This is internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/function_approve(address owner, address spender, uint256 amount) internalvirtual{
require(owner !=address(0), "ERC20: approve from the zero address");
require(spender !=address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Destroys `amount` tokens from `account`.`amount` is then deducted
* from the caller's allowance.
*
* See {_burn} and {_approve}.
*/function_burnFrom(address account, uint256 amount) internalvirtual{
_burn(account, amount);
_approve(account, _msgSender(), _allowances[account][_msgSender()].sub(amount, "ERC20: burn amount exceeds allowance"));
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of `from`'s tokens
* will be to transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of `from`'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:using-hooks.adoc[Using Hooks].
*/function_beforeTokenTransfer(addressfrom, address to, uint256 amount) internalvirtual{ }
}
Contract Source Code
File 8 of 32: ERC20Custom.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import"./Context.sol";
import"./IERC20.sol";
import"./SafeMath.sol";
import"./Address.sol";
// Due to compiling issues, _name, _symbol, and _decimals were removed/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20Mintable}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/contractERC20CustomisContext, IERC20{
usingSafeMathforuint256;
mapping (address=>uint256) internal _balances;
mapping (address=>mapping (address=>uint256)) internal _allowances;
uint256private _totalSupply;
/**
* @dev See {IERC20-totalSupply}.
*/functiontotalSupply() publicviewoverridereturns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/functionbalanceOf(address account) publicviewoverridereturns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/functiontransfer(address recipient, uint256 amount) publicvirtualoverridereturns (bool) {
_transfer(_msgSender(), recipient, amount);
returntrue;
}
/**
* @dev See {IERC20-allowance}.
*/functionallowance(address owner, address spender) publicviewvirtualoverridereturns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* Requirements:
*
* - `spender` cannot be the zero address.approve(address spender, uint256 amount)
*/functionapprove(address spender, uint256 amount) publicvirtualoverridereturns (bool) {
_approve(_msgSender(), spender, amount);
returntrue;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20};
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
* - the caller must have allowance for `sender`'s tokens of at least
* `amount`.
*/functiontransferFrom(address sender, address recipient, uint256 amount) publicvirtualoverridereturns (bool) {
_transfer(sender, recipient, amount);
_approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
returntrue;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionincreaseAllowance(address spender, uint256 addedValue) publicvirtualreturns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].add(addedValue));
returntrue;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/functiondecreaseAllowance(address spender, uint256 subtractedValue) publicvirtualreturns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].sub(subtractedValue, "ERC20: decreased allowance below zero"));
returntrue;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/function_transfer(address sender, address recipient, uint256 amount) internalvirtual{
require(sender !=address(0), "ERC20: transfer from the zero address");
require(recipient !=address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(sender, recipient, amount);
_balances[sender] = _balances[sender].sub(amount, "ERC20: transfer amount exceeds balance");
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements
*
* - `to` cannot be the zero address.
*/function_mint(address account, uint256 amount) internalvirtual{
require(account !=address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from the caller.
*
* See {ERC20-_burn}.
*/functionburn(uint256 amount) publicvirtual{
_burn(_msgSender(), amount);
}
/**
* @dev Destroys `amount` tokens from `account`, deducting from the caller's
* allowance.
*
* See {ERC20-_burn} and {ERC20-allowance}.
*
* Requirements:
*
* - the caller must have allowance for `accounts`'s tokens of at least
* `amount`.
*/functionburnFrom(address account, uint256 amount) publicvirtual{
uint256 decreasedAllowance = allowance(account, _msgSender()).sub(amount, "ERC20: burn amount exceeds allowance");
_approve(account, _msgSender(), decreasedAllowance);
_burn(account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/function_burn(address account, uint256 amount) internalvirtual{
require(account !=address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
_balances[account] = _balances[account].sub(amount, "ERC20: burn amount exceeds balance");
_totalSupply = _totalSupply.sub(amount);
emit Transfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens.
*
* This is internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/function_approve(address owner, address spender, uint256 amount) internalvirtual{
require(owner !=address(0), "ERC20: approve from the zero address");
require(spender !=address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Destroys `amount` tokens from `account`.`amount` is then deducted
* from the caller's allowance.
*
* See {_burn} and {_approve}.
*/function_burnFrom(address account, uint256 amount) internalvirtual{
_burn(account, amount);
_approve(account, _msgSender(), _allowances[account][_msgSender()].sub(amount, "ERC20: burn amount exceeds allowance"));
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of `from`'s tokens
* will be to transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of `from`'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:using-hooks.adoc[Using Hooks].
*/function_beforeTokenTransfer(addressfrom, address to, uint256 amount) internalvirtual{ }
}
Contract Source Code
File 9 of 32: EnumerableSet.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.6.0;/**
* @dev Library for managing
* https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive
* types.
*
* Sets have the following properties:
*
* - Elements are added, removed, and checked for existence in constant time
* (O(1)).
* - Elements are enumerated in O(n). No guarantees are made on the ordering.
*
* ```
* contract Example {
* // Add the library methods
* using EnumerableSet for EnumerableSet.AddressSet;
*
* // Declare a set state variable
* EnumerableSet.AddressSet private mySet;
* }
* ```
*
* As of v3.0.0, only sets of type `address` (`AddressSet`) and `uint256`
* (`UintSet`) are supported.
*/libraryEnumerableSet{
// To implement this library for multiple types with as little code// repetition as possible, we write it in terms of a generic Set type with// bytes32 values.// The Set implementation uses private functions, and user-facing// implementations (such as AddressSet) are just wrappers around the// underlying Set.// This means that we can only create new EnumerableSets for types that fit// in bytes32.structSet {
// Storage of set valuesbytes32[] _values;
// Position of the value in the `values` array, plus 1 because index 0// means a value is not in the set.mapping (bytes32=>uint256) _indexes;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/function_add(Set storage set, bytes32 value) privatereturns (bool) {
if (!_contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes// and use 0 as a sentinel value
set._indexes[value] = set._values.length;
returntrue;
} else {
returnfalse;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/function_remove(Set storage set, bytes32 value) privatereturns (bool) {
// We read and store the value's index to prevent multiple reads from the same storage slotuint256 valueIndex = set._indexes[value];
if (valueIndex !=0) { // Equivalent to contains(set, value)// To delete an element from the _values array in O(1), we swap the element to delete with the last one in// the array, and then remove the last element (sometimes called as 'swap and pop').// This modifies the order of the array, as noted in {at}.uint256 toDeleteIndex = valueIndex -1;
uint256 lastIndex = set._values.length-1;
// When the value to delete is the last one, the swap operation is unnecessary. However, since this occurs// so rarely, we still do the swap anyway to avoid the gas cost of adding an 'if' statement.bytes32 lastvalue = set._values[lastIndex];
// Move the last value to the index where the value to delete is
set._values[toDeleteIndex] = lastvalue;
// Update the index for the moved value
set._indexes[lastvalue] = toDeleteIndex +1; // All indexes are 1-based// Delete the slot where the moved value was stored
set._values.pop();
// Delete the index for the deleted slotdelete set._indexes[value];
returntrue;
} else {
returnfalse;
}
}
/**
* @dev Returns true if the value is in the set. O(1).
*/function_contains(Set storage set, bytes32 value) privateviewreturns (bool) {
return set._indexes[value] !=0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/function_length(Set storage set) privateviewreturns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/function_at(Set storage set, uint256 index) privateviewreturns (bytes32) {
require(set._values.length> index, "EnumerableSet: index out of bounds");
return set._values[index];
}
// AddressSetstructAddressSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/functionadd(AddressSet storage set, address value) internalreturns (bool) {
return _add(set._inner, bytes32(uint256(value)));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/functionremove(AddressSet storage set, address value) internalreturns (bool) {
return _remove(set._inner, bytes32(uint256(value)));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/functioncontains(AddressSet storage set, address value) internalviewreturns (bool) {
return _contains(set._inner, bytes32(uint256(value)));
}
/**
* @dev Returns the number of values in the set. O(1).
*/functionlength(AddressSet storage set) internalviewreturns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/functionat(AddressSet storage set, uint256 index) internalviewreturns (address) {
returnaddress(uint256(_at(set._inner, index)));
}
// UintSetstructUintSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/functionadd(UintSet storage set, uint256 value) internalreturns (bool) {
return _add(set._inner, bytes32(value));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/functionremove(UintSet storage set, uint256 value) internalreturns (bool) {
return _remove(set._inner, bytes32(value));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/functioncontains(UintSet storage set, uint256 value) internalviewreturns (bool) {
return _contains(set._inner, bytes32(value));
}
/**
* @dev Returns the number of values on the set. O(1).
*/functionlength(UintSet storage set) internalviewreturns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/functionat(UintSet storage set, uint256 index) internalviewreturns (uint256) {
returnuint256(_at(set._inner, index));
}
}
Contract Source Code
File 10 of 32: FXS.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;pragmaexperimentalABIEncoderV2;import"./Context.sol";
import"./ERC20Custom.sol";
import"./IERC20.sol";
import"./Frax.sol";
import"./SafeMath.sol";
import"./AccessControl.sol";
contractFRAXSharesisERC20Custom, AccessControl{
usingSafeMathforuint256;
/* ========== STATE VARIABLES ========== */stringpublic symbol;
stringpublic name;
uint8publicconstant decimals =18;
addresspublic FRAXStablecoinAdd;
uint256publicconstant genesis_supply =100000000e18; // 100M is printed upon genesisuint256public FXS_DAO_min; // Minimum FXS required to join DAO groups addresspublic owner_address;
addresspublic oracle_address;
addresspublic timelock_address; // Governance timelock address
FRAXStablecoin private FRAX;
boolpublic trackingVotes =true; // Tracking votes (only change if need to disable votes)// A checkpoint for marking number of votes from a given blockstructCheckpoint {
uint32 fromBlock;
uint96 votes;
}
// A record of votes checkpoints for each account, by indexmapping (address=>mapping (uint32=> Checkpoint)) public checkpoints;
// The number of checkpoints for each accountmapping (address=>uint32) public numCheckpoints;
/* ========== MODIFIERS ========== */modifieronlyPools() {
require(FRAX.frax_pools(msg.sender) ==true, "Only frax pools can mint new FRAX");
_;
}
modifieronlyByOwnerOrGovernance() {
require(msg.sender== owner_address ||msg.sender== timelock_address, "You are not an owner or the governance timelock");
_;
}
/* ========== CONSTRUCTOR ========== */constructor(stringmemory _name,
stringmemory _symbol,
address _oracle_address,
address _owner_address,
address _timelock_address
) public{
name = _name;
symbol = _symbol;
owner_address = _owner_address;
oracle_address = _oracle_address;
timelock_address = _timelock_address;
_setupRole(DEFAULT_ADMIN_ROLE, _msgSender());
_mint(owner_address, genesis_supply);
// Do a checkpoint for the owner
_writeCheckpoint(owner_address, 0, 0, uint96(genesis_supply));
}
/* ========== RESTRICTED FUNCTIONS ========== */functionsetOracle(address new_oracle) externalonlyByOwnerOrGovernance{
oracle_address = new_oracle;
}
functionsetTimelock(address new_timelock) externalonlyByOwnerOrGovernance{
timelock_address = new_timelock;
}
functionsetFRAXAddress(address frax_contract_address) externalonlyByOwnerOrGovernance{
FRAX = FRAXStablecoin(frax_contract_address);
}
functionsetFXSMinDAO(uint256 min_FXS) externalonlyByOwnerOrGovernance{
FXS_DAO_min = min_FXS;
}
functionsetOwner(address _owner_address) externalonlyByOwnerOrGovernance{
owner_address = _owner_address;
}
functionmint(address to, uint256 amount) publiconlyPools{
_mint(to, amount);
}
// This function is what other frax pools will call to mint new FXS (similar to the FRAX mint) functionpool_mint(address m_address, uint256 m_amount) externalonlyPools{
if(trackingVotes){
uint32 srcRepNum = numCheckpoints[address(this)];
uint96 srcRepOld = srcRepNum >0 ? checkpoints[address(this)][srcRepNum -1].votes : 0;
uint96 srcRepNew = add96(srcRepOld, uint96(m_amount), "pool_mint new votes overflows");
_writeCheckpoint(address(this), srcRepNum, srcRepOld, srcRepNew); // mint new votes
trackVotes(address(this), m_address, uint96(m_amount));
}
super._mint(m_address, m_amount);
emit FXSMinted(address(this), m_address, m_amount);
}
// This function is what other frax pools will call to burn FXS functionpool_burn_from(address b_address, uint256 b_amount) externalonlyPools{
if(trackingVotes){
trackVotes(b_address, address(this), uint96(b_amount));
uint32 srcRepNum = numCheckpoints[address(this)];
uint96 srcRepOld = srcRepNum >0 ? checkpoints[address(this)][srcRepNum -1].votes : 0;
uint96 srcRepNew = sub96(srcRepOld, uint96(b_amount), "pool_burn_from new votes underflows");
_writeCheckpoint(address(this), srcRepNum, srcRepOld, srcRepNew); // burn votes
}
super._burnFrom(b_address, b_amount);
emit FXSBurned(b_address, address(this), b_amount);
}
functiontoggleVotes() externalonlyByOwnerOrGovernance{
trackingVotes =!trackingVotes;
}
/* ========== OVERRIDDEN PUBLIC FUNCTIONS ========== */functiontransfer(address recipient, uint256 amount) publicvirtualoverridereturns (bool) {
if(trackingVotes){
// Transfer votes
trackVotes(_msgSender(), recipient, uint96(amount));
}
_transfer(_msgSender(), recipient, amount);
returntrue;
}
functiontransferFrom(address sender, address recipient, uint256 amount) publicvirtualoverridereturns (bool) {
if(trackingVotes){
// Transfer votes
trackVotes(sender, recipient, uint96(amount));
}
_transfer(sender, recipient, amount);
_approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
returntrue;
}
/* ========== PUBLIC FUNCTIONS ========== *//**
* @notice Gets the current votes balance for `account`
* @param account The address to get votes balance
* @return The number of current votes for `account`
*/functiongetCurrentVotes(address account) externalviewreturns (uint96) {
uint32 nCheckpoints = numCheckpoints[account];
return nCheckpoints >0 ? checkpoints[account][nCheckpoints -1].votes : 0;
}
/**
* @notice Determine the prior number of votes for an account as of a block number
* @dev Block number must be a finalized block or else this function will revert to prevent misinformation.
* @param account The address of the account to check
* @param blockNumber The block number to get the vote balance at
* @return The number of votes the account had as of the given block
*/functiongetPriorVotes(address account, uint blockNumber) publicviewreturns (uint96) {
require(blockNumber <block.number, "FXS::getPriorVotes: not yet determined");
uint32 nCheckpoints = numCheckpoints[account];
if (nCheckpoints ==0) {
return0;
}
// First check most recent balanceif (checkpoints[account][nCheckpoints -1].fromBlock <= blockNumber) {
return checkpoints[account][nCheckpoints -1].votes;
}
// Next check implicit zero balanceif (checkpoints[account][0].fromBlock > blockNumber) {
return0;
}
uint32 lower =0;
uint32 upper = nCheckpoints -1;
while (upper > lower) {
uint32 center = upper - (upper - lower) /2; // ceil, avoiding overflow
Checkpoint memory cp = checkpoints[account][center];
if (cp.fromBlock == blockNumber) {
return cp.votes;
} elseif (cp.fromBlock < blockNumber) {
lower = center;
} else {
upper = center -1;
}
}
return checkpoints[account][lower].votes;
}
/* ========== INTERNAL FUNCTIONS ========== */// From compound's _moveDelegates// Keep track of votes. "Delegates" is a misnomer herefunctiontrackVotes(address srcRep, address dstRep, uint96 amount) internal{
if (srcRep != dstRep && amount >0) {
if (srcRep !=address(0)) {
uint32 srcRepNum = numCheckpoints[srcRep];
uint96 srcRepOld = srcRepNum >0 ? checkpoints[srcRep][srcRepNum -1].votes : 0;
uint96 srcRepNew = sub96(srcRepOld, amount, "FXS::_moveVotes: vote amount underflows");
_writeCheckpoint(srcRep, srcRepNum, srcRepOld, srcRepNew);
}
if (dstRep !=address(0)) {
uint32 dstRepNum = numCheckpoints[dstRep];
uint96 dstRepOld = dstRepNum >0 ? checkpoints[dstRep][dstRepNum -1].votes : 0;
uint96 dstRepNew = add96(dstRepOld, amount, "FXS::_moveVotes: vote amount overflows");
_writeCheckpoint(dstRep, dstRepNum, dstRepOld, dstRepNew);
}
}
}
function_writeCheckpoint(address voter, uint32 nCheckpoints, uint96 oldVotes, uint96 newVotes) internal{
uint32 blockNumber = safe32(block.number, "FXS::_writeCheckpoint: block number exceeds 32 bits");
if (nCheckpoints >0&& checkpoints[voter][nCheckpoints -1].fromBlock == blockNumber) {
checkpoints[voter][nCheckpoints -1].votes = newVotes;
} else {
checkpoints[voter][nCheckpoints] = Checkpoint(blockNumber, newVotes);
numCheckpoints[voter] = nCheckpoints +1;
}
emit VoterVotesChanged(voter, oldVotes, newVotes);
}
functionsafe32(uint n, stringmemory errorMessage) internalpurereturns (uint32) {
require(n <2**32, errorMessage);
returnuint32(n);
}
functionsafe96(uint n, stringmemory errorMessage) internalpurereturns (uint96) {
require(n <2**96, errorMessage);
returnuint96(n);
}
functionadd96(uint96 a, uint96 b, stringmemory errorMessage) internalpurereturns (uint96) {
uint96 c = a + b;
require(c >= a, errorMessage);
return c;
}
functionsub96(uint96 a, uint96 b, stringmemory errorMessage) internalpurereturns (uint96) {
require(b <= a, errorMessage);
return a - b;
}
functiongetChainId() internalpurereturns (uint) {
uint256 chainId;
assembly { chainId :=chainid() }
return chainId;
}
/* ========== EVENTS ========== *//// @notice An event thats emitted when a voters account's vote balance changeseventVoterVotesChanged(addressindexed voter, uint previousBalance, uint newBalance);
// Track FXS burnedeventFXSBurned(addressindexedfrom, addressindexed to, uint256 amount);
// Track FXS mintedeventFXSMinted(addressindexedfrom, addressindexed to, uint256 amount);
}
Contract Source Code
File 11 of 32: FixedPoint.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import'./Babylonian.sol';
// a library for handling binary fixed point numbers (https://en.wikipedia.org/wiki/Q_(number_format))libraryFixedPoint{
// range: [0, 2**112 - 1]// resolution: 1 / 2**112structuq112x112 {
uint224 _x;
}
// range: [0, 2**144 - 1]// resolution: 1 / 2**112structuq144x112 {
uint _x;
}
uint8privateconstant RESOLUTION =112;
uintprivateconstant Q112 =uint(1) << RESOLUTION;
uintprivateconstant Q224 = Q112 << RESOLUTION;
// encode a uint112 as a UQ112x112functionencode(uint112 x) internalpurereturns (uq112x112 memory) {
return uq112x112(uint224(x) << RESOLUTION);
}
// encodes a uint144 as a UQ144x112functionencode144(uint144 x) internalpurereturns (uq144x112 memory) {
return uq144x112(uint256(x) << RESOLUTION);
}
// divide a UQ112x112 by a uint112, returning a UQ112x112functiondiv(uq112x112 memoryself, uint112 x) internalpurereturns (uq112x112 memory) {
require(x !=0, 'FixedPoint: DIV_BY_ZERO');
return uq112x112(self._x /uint224(x));
}
// multiply a UQ112x112 by a uint, returning a UQ144x112// reverts on overflowfunctionmul(uq112x112 memoryself, uint y) internalpurereturns (uq144x112 memory) {
uint z;
require(y ==0|| (z =uint(self._x) * y) / y ==uint(self._x), "FixedPoint: MULTIPLICATION_OVERFLOW");
return uq144x112(z);
}
// returns a UQ112x112 which represents the ratio of the numerator to the denominator// equivalent to encode(numerator).div(denominator)functionfraction(uint112 numerator, uint112 denominator) internalpurereturns (uq112x112 memory) {
require(denominator >0, "FixedPoint: DIV_BY_ZERO");
return uq112x112((uint224(numerator) << RESOLUTION) / denominator);
}
// decode a UQ112x112 into a uint112 by truncating after the radix pointfunctiondecode(uq112x112 memoryself) internalpurereturns (uint112) {
returnuint112(self._x >> RESOLUTION);
}
// decode a UQ144x112 into a uint144 by truncating after the radix pointfunctiondecode144(uq144x112 memoryself) internalpurereturns (uint144) {
returnuint144(self._x >> RESOLUTION);
}
// take the reciprocal of a UQ112x112functionreciprocal(uq112x112 memoryself) internalpurereturns (uq112x112 memory) {
require(self._x !=0, 'FixedPoint: ZERO_RECIPROCAL');
return uq112x112(uint224(Q224 /self._x));
}
// square root of a UQ112x112functionsqrt(uq112x112 memoryself) internalpurereturns (uq112x112 memory) {
return uq112x112(uint224(Babylonian.sqrt(uint256(self._x)) <<56));
}
}
Contract Source Code
File 12 of 32: Frax.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;pragmaexperimentalABIEncoderV2;import"./Context.sol";
import"./IERC20.sol";
import"./ERC20Custom.sol";
import"./ERC20.sol";
import"./SafeMath.sol";
import"./FXS.sol";
import"./FraxPool.sol";
import"./UniswapPairOracle.sol";
import"./ChainlinkETHUSDPriceConsumer.sol";
import"./AccessControl.sol";
contractFRAXStablecoinisERC20Custom, AccessControl{
usingSafeMathforuint256;
/* ========== STATE VARIABLES ========== */enumPriceChoice { FRAX, FXS }
ChainlinkETHUSDPriceConsumer private eth_usd_pricer;
uint8private eth_usd_pricer_decimals;
UniswapPairOracle private fraxEthOracle;
UniswapPairOracle private fxsEthOracle;
stringpublic symbol;
stringpublic name;
uint8publicconstant decimals =18;
addresspublic owner_address;
addresspublic creator_address;
addresspublic timelock_address; // Governance timelock addressaddresspublic controller_address; // Controller contract to dynamically adjust system parameters automaticallyaddresspublic fxs_address;
addresspublic frax_eth_oracle_address;
addresspublic fxs_eth_oracle_address;
addresspublic weth_address;
addresspublic eth_usd_consumer_address;
uint256publicconstant genesis_supply =2000000e18; // 2M FRAX (only for testing, genesis supply will be 5k on Mainnet). This is to help with establishing the Uniswap pools, as they need liquidity// The addresses in this array are added by the oracle and these contracts are able to mint fraxaddress[] public frax_pools_array;
// Mapping is also used for faster verificationmapping(address=>bool) public frax_pools;
// Constants for various precisionsuint256privateconstant PRICE_PRECISION =1e6;
uint256public global_collateral_ratio; // 6 decimals of precision, e.g. 924102 = 0.924102uint256public redemption_fee; // 6 decimals of precision, divide by 1000000 in calculations for feeuint256public minting_fee; // 6 decimals of precision, divide by 1000000 in calculations for feeuint256public frax_step; // Amount to change the collateralization ratio by upon refreshCollateralRatio()uint256public refresh_cooldown; // Seconds to wait before being able to run refreshCollateralRatio() againuint256public price_target; // The price of FRAX at which the collateral ratio will respond to; this value is only used for the collateral ratio mechanism and not for minting and redeeming which are hardcoded at $1uint256public price_band; // The bound above and below the price target at which the refreshCollateralRatio() will not change the collateral ratioaddresspublic DEFAULT_ADMIN_ADDRESS;
bytes32publicconstant COLLATERAL_RATIO_PAUSER =keccak256("COLLATERAL_RATIO_PAUSER");
boolpublic collateral_ratio_paused =false;
/* ========== MODIFIERS ========== */modifieronlyCollateralRatioPauser() {
require(hasRole(COLLATERAL_RATIO_PAUSER, msg.sender));
_;
}
modifieronlyPools() {
require(frax_pools[msg.sender] ==true, "Only frax pools can call this function");
_;
}
modifieronlyByOwnerOrGovernance() {
require(msg.sender== owner_address ||msg.sender== timelock_address ||msg.sender== controller_address, "You are not the owner, controller, or the governance timelock");
_;
}
modifieronlyByOwnerGovernanceOrPool() {
require(
msg.sender== owner_address
||msg.sender== timelock_address
|| frax_pools[msg.sender] ==true,
"You are not the owner, the governance timelock, or a pool");
_;
}
/* ========== CONSTRUCTOR ========== */constructor(stringmemory _name,
stringmemory _symbol,
address _creator_address,
address _timelock_address
) public{
name = _name;
symbol = _symbol;
creator_address = _creator_address;
timelock_address = _timelock_address;
_setupRole(DEFAULT_ADMIN_ROLE, _msgSender());
DEFAULT_ADMIN_ADDRESS = _msgSender();
owner_address = _creator_address;
_mint(creator_address, genesis_supply);
grantRole(COLLATERAL_RATIO_PAUSER, creator_address);
grantRole(COLLATERAL_RATIO_PAUSER, timelock_address);
frax_step =2500; // 6 decimals of precision, equal to 0.25%
global_collateral_ratio =1000000; // Frax system starts off fully collateralized (6 decimals of precision)
refresh_cooldown =3600; // Refresh cooldown period is set to 1 hour (3600 seconds) at genesis
price_target =1000000; // Collateral ratio will adjust according to the $1 price target at genesis
price_band =5000; // Collateral ratio will not adjust if between $0.995 and $1.005 at genesis
}
/* ========== VIEWS ========== */// Choice = 'FRAX' or 'FXS' for nowfunctionoracle_price(PriceChoice choice) internalviewreturns (uint256) {
// Get the ETH / USD price first, and cut it down to 1e6 precisionuint256 eth_usd_price =uint256(eth_usd_pricer.getLatestPrice()).mul(PRICE_PRECISION).div(uint256(10) ** eth_usd_pricer_decimals);
uint256 price_vs_eth;
if (choice == PriceChoice.FRAX) {
price_vs_eth =uint256(fraxEthOracle.consult(weth_address, PRICE_PRECISION)); // How much FRAX if you put in PRICE_PRECISION WETH
}
elseif (choice == PriceChoice.FXS) {
price_vs_eth =uint256(fxsEthOracle.consult(weth_address, PRICE_PRECISION)); // How much FXS if you put in PRICE_PRECISION WETH
}
elserevert("INVALID PRICE CHOICE. Needs to be either 0 (FRAX) or 1 (FXS)");
// Will be in 1e6 formatreturn eth_usd_price.mul(PRICE_PRECISION).div(price_vs_eth);
}
// Returns X FRAX = 1 USDfunctionfrax_price() publicviewreturns (uint256) {
return oracle_price(PriceChoice.FRAX);
}
// Returns X FXS = 1 USDfunctionfxs_price() publicviewreturns (uint256) {
return oracle_price(PriceChoice.FXS);
}
functioneth_usd_price() publicviewreturns (uint256) {
returnuint256(eth_usd_pricer.getLatestPrice()).mul(PRICE_PRECISION).div(uint256(10) ** eth_usd_pricer_decimals);
}
// This is needed to avoid costly repeat calls to different getter functions// It is cheaper gas-wise to just dump everything and only use some of the infofunctionfrax_info() publicviewreturns (uint256, uint256, uint256, uint256, uint256, uint256, uint256, uint256) {
return (
oracle_price(PriceChoice.FRAX), // frax_price()
oracle_price(PriceChoice.FXS), // fxs_price()
totalSupply(), // totalSupply()
global_collateral_ratio, // global_collateral_ratio()
globalCollateralValue(), // globalCollateralValue
minting_fee, // minting_fee()
redemption_fee, // redemption_fee()uint256(eth_usd_pricer.getLatestPrice()).mul(PRICE_PRECISION).div(uint256(10) ** eth_usd_pricer_decimals) //eth_usd_price
);
}
// Iterate through all frax pools and calculate all value of collateral in all pools globally functionglobalCollateralValue() publicviewreturns (uint256) {
uint256 total_collateral_value_d18 =0;
for (uint i =0; i < frax_pools_array.length; i++){
// Exclude null addressesif (frax_pools_array[i] !=address(0)){
total_collateral_value_d18 = total_collateral_value_d18.add(FraxPool(frax_pools_array[i]).collatDollarBalance());
}
}
return total_collateral_value_d18;
}
/* ========== PUBLIC FUNCTIONS ========== */// There needs to be a time interval that this can be called. Otherwise it can be called multiple times per expansion.uint256public last_call_time; // Last time the refreshCollateralRatio function was calledfunctionrefreshCollateralRatio() public{
require(collateral_ratio_paused ==false, "Collateral Ratio has been paused");
uint256 frax_price_cur = frax_price();
require(block.timestamp- last_call_time >= refresh_cooldown, "Must wait for the refresh cooldown since last refresh");
// Step increments are 0.25% (upon genesis, changable by setFraxStep()) if (frax_price_cur > price_target.add(price_band)) { //decrease collateral ratioif(global_collateral_ratio <= frax_step){ //if within a step of 0, go to 0
global_collateral_ratio =0;
} else {
global_collateral_ratio = global_collateral_ratio.sub(frax_step);
}
} elseif (frax_price_cur < price_target.sub(price_band)) { //increase collateral ratioif(global_collateral_ratio.add(frax_step) >=1000000){
global_collateral_ratio =1000000; // cap collateral ratio at 1.000000
} else {
global_collateral_ratio = global_collateral_ratio.add(frax_step);
}
}
last_call_time =block.timestamp; // Set the time of the last expansion
}
/* ========== RESTRICTED FUNCTIONS ========== */// Used by pools when user redeemsfunctionpool_burn_from(address b_address, uint256 b_amount) publiconlyPools{
super._burnFrom(b_address, b_amount);
emit FRAXBurned(b_address, msg.sender, b_amount);
}
// This function is what other frax pools will call to mint new FRAX functionpool_mint(address m_address, uint256 m_amount) publiconlyPools{
super._mint(m_address, m_amount);
emit FRAXMinted(msg.sender, m_address, m_amount);
}
// Adds collateral addresses supported, such as tether and busd, must be ERC20 functionaddPool(address pool_address) publiconlyByOwnerOrGovernance{
require(frax_pools[pool_address] ==false, "address already exists");
frax_pools[pool_address] =true;
frax_pools_array.push(pool_address);
}
// Remove a pool functionremovePool(address pool_address) publiconlyByOwnerOrGovernance{
require(frax_pools[pool_address] ==true, "address doesn't exist already");
// Delete from the mappingdelete frax_pools[pool_address];
// 'Delete' from the array by setting the address to 0x0for (uint i =0; i < frax_pools_array.length; i++){
if (frax_pools_array[i] == pool_address) {
frax_pools_array[i] =address(0); // This will leave a null in the array and keep the indices the samebreak;
}
}
}
functionsetOwner(address _owner_address) externalonlyByOwnerOrGovernance{
owner_address = _owner_address;
}
functionsetRedemptionFee(uint256 red_fee) publiconlyByOwnerOrGovernance{
redemption_fee = red_fee;
}
functionsetMintingFee(uint256 min_fee) publiconlyByOwnerOrGovernance{
minting_fee = min_fee;
}
functionsetFraxStep(uint256 _new_step) publiconlyByOwnerOrGovernance{
frax_step = _new_step;
}
functionsetPriceTarget (uint256 _new_price_target) publiconlyByOwnerOrGovernance{
price_target = _new_price_target;
}
functionsetRefreshCooldown(uint256 _new_cooldown) publiconlyByOwnerOrGovernance{
refresh_cooldown = _new_cooldown;
}
functionsetFXSAddress(address _fxs_address) publiconlyByOwnerOrGovernance{
fxs_address = _fxs_address;
}
functionsetETHUSDOracle(address _eth_usd_consumer_address) publiconlyByOwnerOrGovernance{
eth_usd_consumer_address = _eth_usd_consumer_address;
eth_usd_pricer = ChainlinkETHUSDPriceConsumer(eth_usd_consumer_address);
eth_usd_pricer_decimals = eth_usd_pricer.getDecimals();
}
functionsetTimelock(address new_timelock) externalonlyByOwnerOrGovernance{
timelock_address = new_timelock;
}
functionsetController(address _controller_address) externalonlyByOwnerOrGovernance{
controller_address = _controller_address;
}
functionsetPriceBand(uint256 _price_band) externalonlyByOwnerOrGovernance{
price_band = _price_band;
}
// Sets the FRAX_ETH Uniswap oracle address functionsetFRAXEthOracle(address _frax_oracle_addr, address _weth_address) publiconlyByOwnerOrGovernance{
frax_eth_oracle_address = _frax_oracle_addr;
fraxEthOracle = UniswapPairOracle(_frax_oracle_addr);
weth_address = _weth_address;
}
// Sets the FXS_ETH Uniswap oracle address functionsetFXSEthOracle(address _fxs_oracle_addr, address _weth_address) publiconlyByOwnerOrGovernance{
fxs_eth_oracle_address = _fxs_oracle_addr;
fxsEthOracle = UniswapPairOracle(_fxs_oracle_addr);
weth_address = _weth_address;
}
functiontoggleCollateralRatio() publiconlyCollateralRatioPauser{
collateral_ratio_paused =!collateral_ratio_paused;
}
/* ========== EVENTS ========== */// Track FRAX burnedeventFRAXBurned(addressindexedfrom, addressindexed to, uint256 amount);
// Track FRAX mintedeventFRAXMinted(addressindexedfrom, addressindexed to, uint256 amount);
}
Contract Source Code
File 13 of 32: FraxPool.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;pragmaexperimentalABIEncoderV2;import"./SafeMath.sol";
import"./FXS.sol";
import"./Frax.sol";
import"./ERC20.sol";
// import '../../Uniswap/TransferHelper.sol';import"./UniswapPairOracle.sol";
import"./AccessControl.sol";
// import "../../Utils/StringHelpers.sol";import"./FraxPoolLibrary.sol";
/*
Same as FraxPool.sol, but has some gas optimizations
*/contractFraxPoolisAccessControl{
usingSafeMathforuint256;
/* ========== STATE VARIABLES ========== */
ERC20 private collateral_token;
addressprivate collateral_address;
addressprivate owner_address;
// address private oracle_address;addressprivate frax_contract_address;
addressprivate fxs_contract_address;
addressprivate timelock_address; // Timelock address for the governance contract
FRAXShares private FXS;
FRAXStablecoin private FRAX;
// UniswapPairOracle private oracle;
UniswapPairOracle private collatEthOracle;
addressprivate collat_eth_oracle_address;
addressprivate weth_address;
uint256private minting_fee;
uint256private redemption_fee;
mapping (address=>uint256) public redeemFXSBalances;
mapping (address=>uint256) public redeemCollateralBalances;
uint256public unclaimedPoolCollateral;
uint256public unclaimedPoolFXS;
mapping (address=>uint256) public lastRedeemed;
// Constants for various precisionsuint256privateconstant PRICE_PRECISION =1e6;
uint256privateconstant COLLATERAL_RATIO_PRECISION =1e6;
uint256privateconstant COLLATERAL_RATIO_MAX =1e6;
// Number of decimals needed to get to 18uint256private missing_decimals;
// Pool_ceiling is the total units of collateral that a pool contract can holduint256public pool_ceiling =0;
// Stores price of the collateral, if price is pauseduint256public pausedPrice =0;
// Bonus rate on FXS minted during recollateralizeFRAX(); 6 decimals of precision, set to 0.75% on genesisuint256public bonus_rate =7500;
// Number of blocks to wait before being able to collectRedemption()uint256public redemption_delay =1;
// AccessControl Rolesbytes32privateconstant MINT_PAUSER =keccak256("MINT_PAUSER");
bytes32privateconstant REDEEM_PAUSER =keccak256("REDEEM_PAUSER");
bytes32privateconstant BUYBACK_PAUSER =keccak256("BUYBACK_PAUSER");
bytes32privateconstant RECOLLATERALIZE_PAUSER =keccak256("RECOLLATERALIZE_PAUSER");
bytes32privateconstant COLLATERAL_PRICE_PAUSER =keccak256("COLLATERAL_PRICE_PAUSER");
// AccessControl state variablesboolprivate mintPaused =false;
boolprivate redeemPaused =false;
boolprivate recollateralizePaused =false;
boolprivate buyBackPaused =false;
boolprivate collateralPricePaused =false;
/* ========== MODIFIERS ========== */modifieronlyByOwnerOrGovernance() {
require(msg.sender== timelock_address ||msg.sender== owner_address, "You are not the owner or the governance timelock");
_;
}
modifiernotRedeemPaused() {
require(redeemPaused ==false, "Redeeming is paused");
_;
}
modifiernotMintPaused() {
require(mintPaused ==false, "Minting is paused");
_;
}
/* ========== CONSTRUCTOR ========== */constructor(address _frax_contract_address,
address _fxs_contract_address,
address _collateral_address,
address _creator_address,
address _timelock_address,
uint256 _pool_ceiling
) public{
FRAX = FRAXStablecoin(_frax_contract_address);
FXS = FRAXShares(_fxs_contract_address);
frax_contract_address = _frax_contract_address;
fxs_contract_address = _fxs_contract_address;
collateral_address = _collateral_address;
timelock_address = _timelock_address;
owner_address = _creator_address;
collateral_token = ERC20(_collateral_address);
pool_ceiling = _pool_ceiling;
missing_decimals =uint(18).sub(collateral_token.decimals());
_setupRole(DEFAULT_ADMIN_ROLE, _msgSender());
grantRole(MINT_PAUSER, timelock_address);
grantRole(REDEEM_PAUSER, timelock_address);
grantRole(RECOLLATERALIZE_PAUSER, timelock_address);
grantRole(BUYBACK_PAUSER, timelock_address);
grantRole(COLLATERAL_PRICE_PAUSER, timelock_address);
}
/* ========== VIEWS ========== */// Returns dollar value of collateral held in this Frax poolfunctioncollatDollarBalance() publicviewreturns (uint256) {
uint256 eth_usd_price = FRAX.eth_usd_price();
uint256 eth_collat_price = collatEthOracle.consult(weth_address, (PRICE_PRECISION * (10** missing_decimals)));
uint256 collat_usd_price = eth_usd_price.mul(PRICE_PRECISION).div(eth_collat_price);
return (collateral_token.balanceOf(address(this)).sub(unclaimedPoolCollateral)).mul(10** missing_decimals).mul(collat_usd_price).div(PRICE_PRECISION); //.mul(getCollateralPrice()).div(1e6);
}
// Returns the value of excess collateral held in this Frax pool, compared to what is needed to maintain the global collateral ratiofunctionavailableExcessCollatDV() publicviewreturns (uint256) {
uint256 total_supply = FRAX.totalSupply();
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
uint256 global_collat_value = FRAX.globalCollateralValue();
if (global_collateral_ratio > COLLATERAL_RATIO_PRECISION) global_collateral_ratio = COLLATERAL_RATIO_PRECISION; // Handles an overcollateralized contract with CR > 1uint256 required_collat_dollar_value_d18 = (total_supply.mul(global_collateral_ratio)).div(COLLATERAL_RATIO_PRECISION); // Calculates collateral needed to back each 1 FRAX with $1 of collateral at current collat ratioif (global_collat_value > required_collat_dollar_value_d18) return global_collat_value.sub(required_collat_dollar_value_d18);
elsereturn0;
}
/* ========== PUBLIC FUNCTIONS ========== */// Returns the price of the pool collateral in USDfunctiongetCollateralPrice() publicviewreturns (uint256) {
if(collateralPricePaused ==true){
return pausedPrice;
} else {
uint256 eth_usd_price = FRAX.eth_usd_price();
return eth_usd_price.mul(PRICE_PRECISION).div(collatEthOracle.consult(weth_address, PRICE_PRECISION * (10** missing_decimals)));
}
}
functionsetCollatETHOracle(address _collateral_weth_oracle_address, address _weth_address) externalonlyByOwnerOrGovernance{
collat_eth_oracle_address = _collateral_weth_oracle_address;
collatEthOracle = UniswapPairOracle(_collateral_weth_oracle_address);
weth_address = _weth_address;
}
// We separate out the 1t1, fractional and algorithmic minting functions for gas efficiency functionmint1t1FRAX(uint256 collateral_amount, uint256 FRAX_out_min) externalnotMintPaused{
uint256 collateral_amount_d18 = collateral_amount * (10** missing_decimals);
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
require(global_collateral_ratio >= COLLATERAL_RATIO_MAX, "Collateral ratio must be >= 1");
require((collateral_token.balanceOf(address(this))).sub(unclaimedPoolCollateral).add(collateral_amount) <= pool_ceiling, "[Pool's Closed]: Ceiling reached");
(uint256 frax_amount_d18) = FraxPoolLibrary.calcMint1t1FRAX(
getCollateralPrice(),
minting_fee,
collateral_amount_d18
); //1 FRAX for each $1 worth of collateralrequire(FRAX_out_min <= frax_amount_d18, "Slippage limit reached");
collateral_token.transferFrom(msg.sender, address(this), collateral_amount);
FRAX.pool_mint(msg.sender, frax_amount_d18);
}
// 0% collateral-backedfunctionmintAlgorithmicFRAX(uint256 fxs_amount_d18, uint256 FRAX_out_min) externalnotMintPaused{
uint256 fxs_price = FRAX.fxs_price();
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
require(global_collateral_ratio ==0, "Collateral ratio must be 0");
(uint256 frax_amount_d18) = FraxPoolLibrary.calcMintAlgorithmicFRAX(
minting_fee,
fxs_price, // X FXS / 1 USD
fxs_amount_d18
);
require(FRAX_out_min <= frax_amount_d18, "Slippage limit reached");
FXS.pool_burn_from(msg.sender, fxs_amount_d18);
FRAX.pool_mint(msg.sender, frax_amount_d18);
}
// Will fail if fully collateralized or fully algorithmic// > 0% and < 100% collateral-backedfunctionmintFractionalFRAX(uint256 collateral_amount, uint256 fxs_amount, uint256 FRAX_out_min) externalnotMintPaused{
uint256 frax_price = FRAX.frax_price();
uint256 fxs_price = FRAX.fxs_price();
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
require(global_collateral_ratio < COLLATERAL_RATIO_MAX && global_collateral_ratio >0, "Collateral ratio needs to be between .000001 and .999999");
require(collateral_token.balanceOf(address(this)).sub(unclaimedPoolCollateral).add(collateral_amount) <= pool_ceiling, "Pool ceiling reached, no more FRAX can be minted with this collateral");
uint256 collateral_amount_d18 = collateral_amount * (10** missing_decimals);
FraxPoolLibrary.MintFF_Params memory input_params = FraxPoolLibrary.MintFF_Params(
minting_fee,
fxs_price,
frax_price,
getCollateralPrice(),
fxs_amount,
collateral_amount_d18,
(collateral_token.balanceOf(address(this)).sub(unclaimedPoolCollateral)),
pool_ceiling,
global_collateral_ratio
);
(uint256 mint_amount, uint256 fxs_needed) = FraxPoolLibrary.calcMintFractionalFRAX(input_params);
require(FRAX_out_min <= mint_amount, "Slippage limit reached");
require(fxs_needed <= fxs_amount, "Not enough FXS inputted");
FXS.pool_burn_from(msg.sender, fxs_needed);
collateral_token.transferFrom(msg.sender, address(this), collateral_amount);
FRAX.pool_mint(msg.sender, mint_amount);
}
// Redeem collateral. 100% collateral-backedfunctionredeem1t1FRAX(uint256 FRAX_amount, uint256 COLLATERAL_out_min) externalnotRedeemPaused{
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
require(global_collateral_ratio == COLLATERAL_RATIO_MAX, "Collateral ratio must be == 1");
// Need to adjust for decimals of collateraluint256 FRAX_amount_precision = FRAX_amount.div(10** missing_decimals);
(uint256 collateral_needed) = FraxPoolLibrary.calcRedeem1t1FRAX(
getCollateralPrice(),
FRAX_amount_precision,
redemption_fee
);
require(collateral_needed <= collateral_token.balanceOf(address(this)).sub(unclaimedPoolCollateral), "Not enough collateral in pool");
redeemCollateralBalances[msg.sender] = redeemCollateralBalances[msg.sender].add(collateral_needed);
unclaimedPoolCollateral = unclaimedPoolCollateral.add(collateral_needed);
lastRedeemed[msg.sender] =block.number;
require(COLLATERAL_out_min <= collateral_needed, "Slippage limit reached");
// Move all external functions to the end
FRAX.pool_burn_from(msg.sender, FRAX_amount);
}
// Will fail if fully collateralized or algorithmic// Redeem FRAX for collateral and FXS. > 0% and < 100% collateral-backedfunctionredeemFractionalFRAX(uint256 FRAX_amount, uint256 FXS_out_min, uint256 COLLATERAL_out_min) externalnotRedeemPaused{
uint256 fxs_price = FRAX.fxs_price();
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
require(global_collateral_ratio < COLLATERAL_RATIO_MAX && global_collateral_ratio >0, "Collateral ratio needs to be between .000001 and .999999");
uint256 col_price_usd = getCollateralPrice();
uint256 FRAX_amount_post_fee = FRAX_amount.sub((FRAX_amount.mul(redemption_fee)).div(PRICE_PRECISION));
uint256 fxs_dollar_value_d18 = FRAX_amount_post_fee.sub(FRAX_amount_post_fee.mul(global_collateral_ratio).div(PRICE_PRECISION));
uint256 fxs_amount = fxs_dollar_value_d18.mul(PRICE_PRECISION).div(fxs_price);
// Need to adjust for decimals of collateraluint256 FRAX_amount_precision = FRAX_amount_post_fee.div(10** missing_decimals);
uint256 collateral_dollar_value = FRAX_amount_precision.mul(global_collateral_ratio).div(PRICE_PRECISION);
uint256 collateral_amount = collateral_dollar_value.mul(PRICE_PRECISION).div(col_price_usd);
redeemCollateralBalances[msg.sender] = redeemCollateralBalances[msg.sender].add(collateral_amount);
unclaimedPoolCollateral = unclaimedPoolCollateral.add(collateral_amount);
redeemFXSBalances[msg.sender] = redeemFXSBalances[msg.sender].add(fxs_amount);
unclaimedPoolFXS = unclaimedPoolFXS.add(fxs_amount);
lastRedeemed[msg.sender] =block.number;
require(collateral_amount <= collateral_token.balanceOf(address(this)).sub(unclaimedPoolCollateral), "Not enough collateral in pool");
require(COLLATERAL_out_min <= collateral_amount, "Slippage limit reached [collateral]");
require(FXS_out_min <= fxs_amount, "Slippage limit reached [FXS]");
// Move all external functions to the end
FRAX.pool_burn_from(msg.sender, FRAX_amount);
FXS.pool_mint(address(this), fxs_amount);
}
// Redeem FRAX for FXS. 0% collateral-backedfunctionredeemAlgorithmicFRAX(uint256 FRAX_amount, uint256 FXS_out_min) externalnotRedeemPaused{
uint256 fxs_price = FRAX.fxs_price();
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
require(global_collateral_ratio ==0, "Collateral ratio must be 0");
uint256 fxs_dollar_value_d18 = FRAX_amount;
fxs_dollar_value_d18 = fxs_dollar_value_d18.sub((fxs_dollar_value_d18.mul(redemption_fee)).div(PRICE_PRECISION)); //apply redemption feeuint256 fxs_amount = fxs_dollar_value_d18.mul(PRICE_PRECISION).div(fxs_price);
redeemFXSBalances[msg.sender] = redeemFXSBalances[msg.sender].add(fxs_amount);
unclaimedPoolFXS = unclaimedPoolFXS.add(fxs_amount);
lastRedeemed[msg.sender] =block.number;
require(FXS_out_min <= fxs_amount, "Slippage limit reached");
// Move all external functions to the end
FRAX.pool_burn_from(msg.sender, FRAX_amount);
FXS.pool_mint(address(this), fxs_amount);
}
// After a redemption happens, transfer the newly minted FXS and owed collateral from this pool// contract to the user. Redemption is split into two functions to prevent flash loans from being able// to take out FRAX/collateral from the system, use an AMM to trade the new price, and then mint back into the system.functioncollectRedemption() external{
require((lastRedeemed[msg.sender].add(redemption_delay)) <=block.number, "Must wait for redemption_delay blocks before collecting redemption");
bool sendFXS =false;
bool sendCollateral =false;
uint FXSAmount;
uint CollateralAmount;
// Use Checks-Effects-Interactions patternif(redeemFXSBalances[msg.sender] >0){
FXSAmount = redeemFXSBalances[msg.sender];
redeemFXSBalances[msg.sender] =0;
unclaimedPoolFXS = unclaimedPoolFXS.sub(FXSAmount);
sendFXS =true;
}
if(redeemCollateralBalances[msg.sender] >0){
CollateralAmount = redeemCollateralBalances[msg.sender];
redeemCollateralBalances[msg.sender] =0;
unclaimedPoolCollateral = unclaimedPoolCollateral.sub(CollateralAmount);
sendCollateral =true;
}
if(sendFXS ==true){
FXS.transfer(msg.sender, FXSAmount);
}
if(sendCollateral ==true){
collateral_token.transfer(msg.sender, CollateralAmount);
}
}
// When the protocol is recollateralizing, we need to give a discount of FXS to hit the new CR target// Thus, if the target collateral ratio is higher than the actual value of collateral, minters get FXS for adding collateral// This function simply rewards anyone that sends collateral to a pool with the same amount of FXS + the bonus rate// Anyone can call this function to recollateralize the protocol and take the extra FXS value from the bonus rate as an arb opportunityfunctionrecollateralizeFRAX(uint256 collateral_amount, uint256 FXS_out_min) external{
require(recollateralizePaused ==false, "Recollateralize is paused");
uint256 collateral_amount_d18 = collateral_amount * (10** missing_decimals);
uint256 fxs_price = FRAX.fxs_price();
uint256 frax_total_supply = FRAX.totalSupply();
uint256 global_collateral_ratio = FRAX.global_collateral_ratio();
uint256 global_collat_value = FRAX.globalCollateralValue();
(uint256 collateral_units, uint256 amount_to_recollat) = FraxPoolLibrary.calcRecollateralizeFRAXInner(
collateral_amount_d18,
getCollateralPrice(),
global_collat_value,
frax_total_supply,
global_collateral_ratio
);
uint256 collateral_units_precision = collateral_units.div(10** missing_decimals);
uint256 fxs_paid_back = amount_to_recollat.mul(uint(1e6).add(bonus_rate)).div(fxs_price);
require(FXS_out_min <= fxs_paid_back, "Slippage limit reached");
collateral_token.transferFrom(msg.sender, address(this), collateral_units_precision);
FXS.pool_mint(msg.sender, fxs_paid_back);
}
// Function can be called by an FXS holder to have the protocol buy back FXS with excess collateral value from a desired collateral pool// This can also happen if the collateral ratio > 1functionbuyBackFXS(uint256 FXS_amount, uint256 COLLATERAL_out_min) external{
require(buyBackPaused ==false, "Buyback is paused");
uint256 fxs_price = FRAX.fxs_price();
FraxPoolLibrary.BuybackFXS_Params memory input_params = FraxPoolLibrary.BuybackFXS_Params(
availableExcessCollatDV(),
fxs_price,
getCollateralPrice(),
FXS_amount
);
(uint256 collateral_equivalent_d18) = FraxPoolLibrary.calcBuyBackFXS(input_params);
uint256 collateral_precision = collateral_equivalent_d18.div(10** missing_decimals);
require(COLLATERAL_out_min <= collateral_precision, "Slippage limit reached");
// Give the sender their desired collateral and burn the FXS
FXS.pool_burn_from(msg.sender, FXS_amount);
collateral_token.transfer(msg.sender, collateral_precision);
}
/* ========== RESTRICTED FUNCTIONS ========== */functiontoggleMinting() external{
require(hasRole(MINT_PAUSER, msg.sender));
mintPaused =!mintPaused;
}
functiontoggleRedeeming() external{
require(hasRole(REDEEM_PAUSER, msg.sender));
redeemPaused =!redeemPaused;
}
functiontoggleRecollateralize() external{
require(hasRole(RECOLLATERALIZE_PAUSER, msg.sender));
recollateralizePaused =!recollateralizePaused;
}
functiontoggleBuyBack() external{
require(hasRole(BUYBACK_PAUSER, msg.sender));
buyBackPaused =!buyBackPaused;
}
functiontoggleCollateralPrice() external{
require(hasRole(COLLATERAL_PRICE_PAUSER, msg.sender));
// If pausing, set paused price; else if unpausing, clear pausedPriceif(collateralPricePaused ==false){
pausedPrice = getCollateralPrice();
} else {
pausedPrice =0;
}
collateralPricePaused =!collateralPricePaused;
}
// Combined into one function due to 24KiB contract memory limitfunctionsetPoolParameters(uint256 new_ceiling, uint256 new_bonus_rate, uint256 new_redemption_delay) externalonlyByOwnerOrGovernance{
pool_ceiling = new_ceiling;
bonus_rate = new_bonus_rate;
redemption_delay = new_redemption_delay;
minting_fee = FRAX.minting_fee();
redemption_fee = FRAX.redemption_fee();
}
functionsetTimelock(address new_timelock) externalonlyByOwnerOrGovernance{
timelock_address = new_timelock;
}
functionsetOwner(address _owner_address) externalonlyByOwnerOrGovernance{
owner_address = _owner_address;
}
/* ========== EVENTS ========== */
}
Contract Source Code
File 14 of 32: FraxPoolLibrary.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.6.0;pragmaexperimentalABIEncoderV2;import"./SafeMath.sol";
libraryFraxPoolLibrary{
usingSafeMathforuint256;
// Constants for various precisionsuint256privateconstant PRICE_PRECISION =1e6;
// ================ Structs ================// Needed to lower stack sizestructMintFF_Params {
uint256 mint_fee;
uint256 fxs_price_usd;
uint256 frax_price_usd;
uint256 col_price_usd;
uint256 fxs_amount;
uint256 collateral_amount;
uint256 collateral_token_balance;
uint256 pool_ceiling;
uint256 col_ratio;
}
structBuybackFXS_Params {
uint256 excess_collateral_dollar_value_d18;
uint256 fxs_price_usd;
uint256 col_price_usd;
uint256 FXS_amount;
}
// ================ Functions ================functioncalcMint1t1FRAX(uint256 col_price, uint256 mint_fee, uint256 collateral_amount_d18) publicpurereturns (uint256) {
uint256 col_price_usd = col_price;
uint256 c_dollar_value_d18 = (collateral_amount_d18.mul(col_price_usd)).div(1e6);
return c_dollar_value_d18.sub((c_dollar_value_d18.mul(mint_fee)).div(1e6));
}
functioncalcMintAlgorithmicFRAX(uint256 mint_fee, uint256 fxs_price_usd, uint256 fxs_amount_d18) publicpurereturns (uint256) {
uint256 fxs_dollar_value_d18 = fxs_amount_d18.mul(fxs_price_usd).div(1e6);
return fxs_dollar_value_d18.sub((fxs_dollar_value_d18.mul(mint_fee)).div(1e6));
}
// Must be internal because of the structfunctioncalcMintFractionalFRAX(MintFF_Params memory params) internalpurereturns (uint256, uint256) {
// Since solidity truncates division, every division operation must be the last operation in the equation to ensure minimum error// The contract must check the proper ratio was sent to mint FRAX. We do this by seeing the minimum mintable FRAX based on each amount uint256 fxs_dollar_value_d18;
uint256 c_dollar_value_d18;
// Scoping for stack concerns
{
// USD amounts of the collateral and the FXS
fxs_dollar_value_d18 = params.fxs_amount.mul(params.fxs_price_usd).div(1e6);
c_dollar_value_d18 = params.collateral_amount.mul(params.col_price_usd).div(1e6);
}
uint calculated_fxs_dollar_value_d18 =
(c_dollar_value_d18.mul(1e6).div(params.col_ratio))
.sub(c_dollar_value_d18);
uint calculated_fxs_needed = calculated_fxs_dollar_value_d18.mul(1e6).div(params.fxs_price_usd);
return (
(c_dollar_value_d18.add(calculated_fxs_dollar_value_d18)).sub(((c_dollar_value_d18.add(calculated_fxs_dollar_value_d18)).mul(params.mint_fee)).div(1e6)),
calculated_fxs_needed
);
}
functioncalcRedeem1t1FRAX(uint256 col_price_usd, uint256 FRAX_amount, uint256 redemption_fee) publicpurereturns (uint256) {
uint256 collateral_needed_d18 = FRAX_amount.mul(1e6).div(col_price_usd);
return collateral_needed_d18.sub((collateral_needed_d18.mul(redemption_fee)).div(1e6));
}
// Must be internal because of the structfunctioncalcBuyBackFXS(BuybackFXS_Params memory params) internalpurereturns (uint256) {
// If the total collateral value is higher than the amount required at the current collateral ratio then buy back up to the possible FXS with the desired collateralrequire(params.excess_collateral_dollar_value_d18 >0, "No excess collateral to buy back!");
// Make sure not to take more than is availableuint256 fxs_dollar_value_d18 = params.FXS_amount.mul(params.fxs_price_usd).div(1e6);
require(fxs_dollar_value_d18 <= params.excess_collateral_dollar_value_d18, "You are trying to buy back more than the excess!");
// Get the equivalent amount of collateral based on the market value of FXS provided uint256 collateral_equivalent_d18 = fxs_dollar_value_d18.mul(1e6).div(params.col_price_usd);
//collateral_equivalent_d18 = collateral_equivalent_d18.sub((collateral_equivalent_d18.mul(params.buyback_fee)).div(1e6));return (
collateral_equivalent_d18
);
}
// Returns value of collateral that must increase to reach recollateralization target (if 0 means no recollateralization)functionrecollateralizeAmount(uint256 total_supply, uint256 global_collateral_ratio, uint256 global_collat_value) publicpurereturns (uint256) {
uint256 target_collat_value = total_supply.mul(global_collateral_ratio).div(1e6); // We want 18 decimals of precision so divide by 1e6; total_supply is 1e18 and global_collateral_ratio is 1e6// Subtract the current value of collateral from the target value needed, if higher than 0 then system needs to recollateralizeuint256 recollateralization_left = target_collat_value.sub(global_collat_value); // If recollateralization is not needed, throws a subtraction underflowreturn(recollateralization_left);
}
functioncalcRecollateralizeFRAXInner(uint256 collateral_amount,
uint256 col_price,
uint256 global_collat_value,
uint256 frax_total_supply,
uint256 global_collateral_ratio
) publicpurereturns (uint256, uint256) {
uint256 collat_value_attempted = collateral_amount.mul(col_price).div(1e6);
uint256 effective_collateral_ratio = global_collat_value.mul(1e6).div(frax_total_supply); //returns it in 1e6uint256 recollat_possible = (global_collateral_ratio.mul(frax_total_supply).sub(frax_total_supply.mul(effective_collateral_ratio))).div(1e6);
uint256 amount_to_recollat;
if(collat_value_attempted <= recollat_possible){
amount_to_recollat = collat_value_attempted;
} else {
amount_to_recollat = recollat_possible;
}
return (amount_to_recollat.mul(1e6).div(col_price), amount_to_recollat);
}
}
Contract Source Code
File 15 of 32: IERC20.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import"./Context.sol";
import"./SafeMath.sol";
/**
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include
* the optional functions; to access them see {ERC20Detailed}.
*/interfaceIERC20{
/**
* @dev Returns the amount of tokens in existence.
*/functiontotalSupply() externalviewreturns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/functionbalanceOf(address account) externalviewreturns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransfer(address recipient, uint256 amount) externalreturns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/functionallowance(address owner, address spender) externalviewreturns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/functionapprove(address spender, uint256 amount) externalreturns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransferFrom(address sender, address recipient, uint256 amount) externalreturns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/eventTransfer(addressindexedfrom, addressindexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/eventApproval(addressindexed owner, addressindexed spender, uint256 value);
}
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;/**
* @dev Standard math utilities missing in the Solidity language.
*/libraryMath{
/**
* @dev Returns the largest of two numbers.
*/functionmax(uint256 a, uint256 b) internalpurereturns (uint256) {
return a >= b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/functionmin(uint256 a, uint256 b) internalpurereturns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/functionaverage(uint256 a, uint256 b) internalpurereturns (uint256) {
// (a + b) / 2 can overflow, so we distributereturn (a /2) + (b /2) + ((a %2+ b %2) /2);
}
// babylonian method (https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_method)functionsqrt(uint y) internalpurereturns (uint z) {
if (y >3) {
z = y;
uint x = y /2+1;
while (x < z) {
z = x;
x = (y / x + x) /2;
}
} elseif (y !=0) {
z =1;
}
}
}
Contract Source Code
File 20 of 32: Owned.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;// https://docs.synthetix.io/contracts/OwnedcontractOwned{
addresspublic owner;
addresspublic nominatedOwner;
constructor(address _owner) public{
require(_owner !=address(0), "Owner address cannot be 0");
owner = _owner;
emit OwnerChanged(address(0), _owner);
}
functionnominateNewOwner(address _owner) externalonlyOwner{
nominatedOwner = _owner;
emit OwnerNominated(_owner);
}
functionacceptOwnership() external{
require(msg.sender== nominatedOwner, "You must be nominated before you can accept ownership");
emit OwnerChanged(owner, nominatedOwner);
owner = nominatedOwner;
nominatedOwner =address(0);
}
modifieronlyOwner{
require(msg.sender== owner, "Only the contract owner may perform this action");
_;
}
eventOwnerNominated(address newOwner);
eventOwnerChanged(address oldOwner, address newOwner);
}
Contract Source Code
File 21 of 32: Pausable.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;// Inheritanceimport"./Owned.sol";
// https://docs.synthetix.io/contracts/PausableabstractcontractPausableisOwned{
uintpublic lastPauseTime;
boolpublic paused;
constructor() internal{
// This contract is abstract, and thus cannot be instantiated directlyrequire(owner !=address(0), "Owner must be set");
// Paused will be false, and lastPauseTime will be 0 upon initialisation
}
/**
* @notice Change the paused state of the contract
* @dev Only the contract owner may call this.
*/functionsetPaused(bool _paused) externalonlyOwner{
// Ensure we're actually changing the state before we do anythingif (_paused == paused) {
return;
}
// Set our paused state.
paused = _paused;
// If applicable, set the last pause time.if (paused) {
lastPauseTime =now;
}
// Let everyone know that our pause state has changed.emit PauseChanged(paused);
}
eventPauseChanged(bool isPaused);
modifiernotPaused{
require(!paused, "This action cannot be performed while the contract is paused");
_;
}
}
Contract Source Code
File 22 of 32: ReentrancyGuard.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/contractReentrancyGuard{
// Booleans are more expensive than uint256 or any type that takes up a full// word because each write operation emits an extra SLOAD to first read the// slot's contents, replace the bits taken up by the boolean, and then write// back. This is the compiler's defense against contract upgrades and// pointer aliasing, and it cannot be disabled.// The values being non-zero value makes deployment a bit more expensive,// but in exchange the refund on every call to nonReentrant will be lower in// amount. Since refunds are capped to a percentage of the total// transaction's gas, it is best to keep them low in cases like this one, to// increase the likelihood of the full refund coming into effect.uint256privateconstant _NOT_ENTERED =1;
uint256privateconstant _ENTERED =2;
uint256private _status;
constructor () internal{
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and make it call a
* `private` function that does the actual work.
*/modifiernonReentrant() {
// On the first call to nonReentrant, _notEntered will be truerequire(_status != _ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
_;
// By storing the original value once again, a refund is triggered (see// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
}
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import"./IERC20.sol";
import"./SafeMath.sol";
import"./Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/librarySafeERC20{
usingSafeMathforuint256;
usingAddressforaddress;
functionsafeTransfer(IERC20 token, address to, uint256 value) internal{
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
functionsafeTransferFrom(IERC20 token, addressfrom, address to, uint256 value) internal{
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/functionsafeApprove(IERC20 token, address spender, uint256 value) internal{
// safeApprove should only be called when setting an initial allowance,// or when resetting it to zero. To increase and decrease it, use// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'// solhint-disable-next-line max-line-lengthrequire((value ==0) || (token.allowance(address(this), spender) ==0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
functionsafeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal{
uint256 newAllowance = token.allowance(address(this), spender).add(value);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
functionsafeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal{
uint256 newAllowance = token.allowance(address(this), spender).sub(value, "SafeERC20: decreased allowance below zero");
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/function_callOptionalReturn(IERC20 token, bytesmemory data) private{
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since// we're implementing it ourselves. We use {Address.functionCall} to perform this call, which verifies that// the target address contains contract code and also asserts for success in the low-level call.bytesmemory returndata =address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length>0) { // Return data is optional// solhint-disable-next-line max-line-lengthrequire(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}
Contract Source Code
File 25 of 32: SafeMath.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/librarySafeMath{
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/functionadd(uint256 a, uint256 b) internalpurereturns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/functionsub(uint256 a, uint256 b) internalpurereturns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*
* _Available since v2.4.0._
*/functionsub(uint256 a, uint256 b, stringmemory errorMessage) internalpurereturns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/functionmul(uint256 a, uint256 b) internalpurereturns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the// benefit is lost if 'b' is also tested.// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522if (a ==0) {
return0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/functiondiv(uint256 a, uint256 b) internalpurereturns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/functiondiv(uint256 a, uint256 b, stringmemory errorMessage) internalpurereturns (uint256) {
// Solidity only automatically asserts when dividing by 0require(b >0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't holdreturn c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/functionmod(uint256 a, uint256 b) internalpurereturns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/functionmod(uint256 a, uint256 b, stringmemory errorMessage) internalpurereturns (uint256) {
require(b !=0, errorMessage);
return a % b;
}
}
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;pragmaexperimentalABIEncoderV2;// Stolen with love from Synthetixio// https://raw.githubusercontent.com/Synthetixio/synthetix/develop/contracts/StakingRewards.solimport"./Math.sol";
import"./SafeMath.sol";
import"./ERC20.sol";
import'./TransferHelper.sol';
import"./SafeERC20.sol";
import"./Frax.sol";
import"./ReentrancyGuard.sol";
import"./StringHelpers.sol";
// Inheritanceimport"./IStakingRewards.sol";
import"./RewardsDistributionRecipient.sol";
import"./Pausable.sol";
contractStakingRewardsisIStakingRewards, RewardsDistributionRecipient, ReentrancyGuard, Pausable{
usingSafeMathforuint256;
usingSafeERC20forERC20;
/* ========== STATE VARIABLES ========== */
FRAXStablecoin private FRAX;
ERC20 public rewardsToken;
ERC20 public stakingToken;
uint256public periodFinish;
// Constant for various precisionsuint256privateconstant PRICE_PRECISION =1e6;
uint256privateconstant MULTIPLIER_BASE =1e6;
// Max reward per seconduint256public rewardRate;
// uint256 public rewardsDuration = 86400 hours;uint256public rewardsDuration =604800; // 7 * 86400 (7 days)uint256public lastUpdateTime;
uint256public rewardPerTokenStored =0;
uint256private pool_weight; // This staking pool's percentage of the total FXS being distributed by all pools, 6 decimals of precisionaddresspublic owner_address;
addresspublic timelock_address; // Governance timelock addressuint256public locked_stake_max_multiplier =3000000; // 6 decimals of precision. 1x = 1000000uint256public locked_stake_time_for_max_multiplier =3*365*86400; // 3 yearsuint256public locked_stake_min_time =604800; // 7 * 86400 (7 days)stringprivate locked_stake_min_time_str ="604800"; // 7 days on genesisuint256public cr_boost_max_multiplier =3000000; // 6 decimals of precision. 1x = 1000000mapping(address=>uint256) public userRewardPerTokenPaid;
mapping(address=>uint256) public rewards;
uint256private _staking_token_supply =0;
uint256private _staking_token_boosted_supply =0;
mapping(address=>uint256) private _unlocked_balances;
mapping(address=>uint256) private _locked_balances;
mapping(address=>uint256) private _boosted_balances;
mapping(address=> LockedStake[]) private lockedStakes;
mapping(address=>bool) public greylist;
boolpublic unlockedStakes; // Release lock stakes in case of system migrationstructLockedStake {
bytes32 kek_id;
uint256 start_timestamp;
uint256 amount;
uint256 ending_timestamp;
uint256 multiplier; // 6 decimals of precision. 1x = 1000000
}
/* ========== CONSTRUCTOR ========== */constructor(address _owner,
address _rewardsDistribution,
address _rewardsToken,
address _stakingToken,
address _frax_address,
address _timelock_address,
uint256 _pool_weight
) publicOwned(_owner){
owner_address = _owner;
rewardsToken = ERC20(_rewardsToken);
stakingToken = ERC20(_stakingToken);
FRAX = FRAXStablecoin(_frax_address);
rewardsDistribution = _rewardsDistribution;
lastUpdateTime =block.timestamp;
timelock_address = _timelock_address;
pool_weight = _pool_weight;
rewardRate =380517503805175038; // (uint256(12000000e18)).div(365 * 86400); // Base emission rate of 12M FXS over the first year
rewardRate = rewardRate.mul(pool_weight).div(1e6);
unlockedStakes =false;
}
/* ========== VIEWS ========== */functiontotalSupply() externaloverrideviewreturns (uint256) {
return _staking_token_supply;
}
functiontotalBoostedSupply() externalviewreturns (uint256) {
return _staking_token_boosted_supply;
}
functionstakingMultiplier(uint256 secs) publicviewreturns (uint256) {
uint256 multiplier =uint(MULTIPLIER_BASE).add(secs.mul(locked_stake_max_multiplier.sub(MULTIPLIER_BASE)).div(locked_stake_time_for_max_multiplier));
if (multiplier > locked_stake_max_multiplier) multiplier = locked_stake_max_multiplier;
return multiplier;
}
functioncrBoostMultiplier() publicviewreturns (uint256) {
uint256 multiplier =uint(MULTIPLIER_BASE).add((uint(MULTIPLIER_BASE).sub(FRAX.global_collateral_ratio())).mul(cr_boost_max_multiplier.sub(MULTIPLIER_BASE)).div(MULTIPLIER_BASE) );
return multiplier;
}
// Total unlocked and locked liquidity tokensfunctionbalanceOf(address account) externaloverrideviewreturns (uint256) {
return (_unlocked_balances[account]).add(_locked_balances[account]);
}
// Total unlocked liquidity tokensfunctionunlockedBalanceOf(address account) externalviewreturns (uint256) {
return _unlocked_balances[account];
}
// Total locked liquidity tokensfunctionlockedBalanceOf(address account) publicviewreturns (uint256) {
return _locked_balances[account];
}
// Total 'balance' used for calculating the percent of the pool the account owns// Takes into account the locked stake time multiplierfunctionboostedBalanceOf(address account) externalviewreturns (uint256) {
return _boosted_balances[account];
}
functionlockedStakesOf(address account) externalviewreturns (LockedStake[] memory) {
return lockedStakes[account];
}
functionstakingDecimals() externalviewreturns (uint256) {
return stakingToken.decimals();
}
functionrewardsFor(address account) externalviewreturns (uint256) {
// You may have use earned() instead, because of the order in which the contract executes return rewards[account];
}
functionlastTimeRewardApplicable() publicoverrideviewreturns (uint256) {
return Math.min(block.timestamp, periodFinish);
}
functionrewardPerToken() publicoverrideviewreturns (uint256) {
if (_staking_token_supply ==0) {
return rewardPerTokenStored;
}
else {
return rewardPerTokenStored.add(
lastTimeRewardApplicable().sub(lastUpdateTime).mul(rewardRate).mul(crBoostMultiplier()).mul(1e18).div(PRICE_PRECISION).div(_staking_token_boosted_supply)
);
}
}
functionearned(address account) publicoverrideviewreturns (uint256) {
return _boosted_balances[account].mul(rewardPerToken().sub(userRewardPerTokenPaid[account])).div(1e18).add(rewards[account]);
}
// function earned(address account) public override view returns (uint256) {// return _balances[account].mul(rewardPerToken().sub(userRewardPerTokenPaid[account])).add(rewards[account]);// }functiongetRewardForDuration() externaloverrideviewreturns (uint256) {
return rewardRate.mul(rewardsDuration).mul(crBoostMultiplier()).div(PRICE_PRECISION);
}
/* ========== MUTATIVE FUNCTIONS ========== */functionstake(uint256 amount) externaloverridenonReentrantnotPausedupdateReward(msg.sender) {
require(amount >0, "Cannot stake 0");
require(greylist[msg.sender] ==false, "address has been greylisted");
// Pull the tokens from the staker
TransferHelper.safeTransferFrom(address(stakingToken), msg.sender, address(this), amount);
// Staking token supply and boosted supply
_staking_token_supply = _staking_token_supply.add(amount);
_staking_token_boosted_supply = _staking_token_boosted_supply.add(amount);
// Staking token balance and boosted balance
_unlocked_balances[msg.sender] = _unlocked_balances[msg.sender].add(amount);
_boosted_balances[msg.sender] = _boosted_balances[msg.sender].add(amount);
emit Staked(msg.sender, amount);
}
functionstakeLocked(uint256 amount, uint256 secs) externalnonReentrantnotPausedupdateReward(msg.sender) {
require(amount >0, "Cannot stake 0");
require(secs >0, "Cannot wait for a negative number");
require(greylist[msg.sender] ==false, "address has been greylisted");
require(secs >= locked_stake_min_time, StringHelpers.strConcat("Minimum stake time not met (", locked_stake_min_time_str, ")") );
uint256 multiplier = stakingMultiplier(secs);
uint256 boostedAmount = amount.mul(multiplier).div(PRICE_PRECISION);
lockedStakes[msg.sender].push(LockedStake(
keccak256(abi.encodePacked(msg.sender, block.timestamp, amount)),
block.timestamp,
amount,
block.timestamp.add(secs),
multiplier
));
// Pull the tokens from the staker
TransferHelper.safeTransferFrom(address(stakingToken), msg.sender, address(this), amount);
// Staking token supply and boosted supply
_staking_token_supply = _staking_token_supply.add(amount);
_staking_token_boosted_supply = _staking_token_boosted_supply.add(boostedAmount);
// Staking token balance and boosted balance
_locked_balances[msg.sender] = _locked_balances[msg.sender].add(amount);
_boosted_balances[msg.sender] = _boosted_balances[msg.sender].add(boostedAmount);
emit StakeLocked(msg.sender, amount, secs);
}
functionwithdraw(uint256 amount) publicoverridenonReentrantupdateReward(msg.sender) {
require(amount >0, "Cannot withdraw 0");
// Staking token balance and boosted balance
_unlocked_balances[msg.sender] = _unlocked_balances[msg.sender].sub(amount);
_boosted_balances[msg.sender] = _boosted_balances[msg.sender].sub(amount);
// Staking token supply and boosted supply
_staking_token_supply = _staking_token_supply.sub(amount);
_staking_token_boosted_supply = _staking_token_boosted_supply.sub(amount);
// Give the tokens to the withdrawer
stakingToken.safeTransfer(msg.sender, amount);
emit Withdrawn(msg.sender, amount);
}
functionwithdrawLocked(bytes32 kek_id) publicnonReentrantupdateReward(msg.sender) {
LockedStake memory thisStake;
thisStake.amount =0;
uint theIndex;
for (uint i =0; i < lockedStakes[msg.sender].length; i++){
if (kek_id == lockedStakes[msg.sender][i].kek_id){
thisStake = lockedStakes[msg.sender][i];
theIndex = i;
break;
}
}
require(thisStake.kek_id == kek_id, "Stake not found");
require(block.timestamp>= thisStake.ending_timestamp || unlockedStakes ==true, "Stake is still locked!");
uint256 theAmount = thisStake.amount;
uint256 boostedAmount = theAmount.mul(thisStake.multiplier).div(PRICE_PRECISION);
if (theAmount >0){
// Staking token balance and boosted balance
_locked_balances[msg.sender] = _locked_balances[msg.sender].sub(theAmount);
_boosted_balances[msg.sender] = _boosted_balances[msg.sender].sub(boostedAmount);
// Staking token supply and boosted supply
_staking_token_supply = _staking_token_supply.sub(theAmount);
_staking_token_boosted_supply = _staking_token_boosted_supply.sub(boostedAmount);
// Remove the stake from the arraydelete lockedStakes[msg.sender][theIndex];
// Give the tokens to the withdrawer
stakingToken.safeTransfer(msg.sender, theAmount);
emit WithdrawnLocked(msg.sender, theAmount, kek_id);
}
}
functiongetReward() publicoverridenonReentrantupdateReward(msg.sender) {
uint256 reward = rewards[msg.sender];
if (reward >0) {
rewards[msg.sender] =0;
rewardsToken.transfer(msg.sender, reward);
emit RewardPaid(msg.sender, reward);
}
}
/*
function exit() external override {
withdraw(_balances[msg.sender]);
// TODO: Add locked stakes too?
getReward();
}
*/functionrenewIfApplicable() external{
if (block.timestamp> periodFinish) {
retroCatchUp();
}
}
// If the period expired, renew itfunctionretroCatchUp() internal{
// Failsafe checkrequire(block.timestamp> periodFinish, "Period has not expired yet!");
// Ensure the provided reward amount is not more than the balance in the contract.// This keeps the reward rate in the right range, preventing overflows due to// very high values of rewardRate in the earned and rewardsPerToken functions;// Reward + leftover must be less than 2^256 / 10^18 to avoid overflow.uint256 num_periods_elapsed =uint256(block.timestamp.sub(periodFinish)) / rewardsDuration; // Floor division to the nearest perioduint balance = rewardsToken.balanceOf(address(this));
require(rewardRate.mul(rewardsDuration).mul(crBoostMultiplier()).mul(num_periods_elapsed +1).div(PRICE_PRECISION) <= balance, "Not enough FXS available for rewards!");
// uint256 old_lastUpdateTime = lastUpdateTime;// uint256 new_lastUpdateTime = block.timestamp;// lastUpdateTime = periodFinish;
periodFinish = periodFinish.add((num_periods_elapsed.add(1)).mul(rewardsDuration));
rewardPerTokenStored = rewardPerToken();
lastUpdateTime = lastTimeRewardApplicable();
emit RewardsPeriodRenewed(address(stakingToken));
}
/* ========== RESTRICTED FUNCTIONS ========== *//*
// This notifies people that the reward is being changed
function notifyRewardAmount(uint256 reward) external override onlyRewardsDistribution updateReward(address(0)) {
// Needed to make compiler happy
// if (block.timestamp >= periodFinish) {
// rewardRate = reward.mul(crBoostMultiplier()).div(rewardsDuration).div(PRICE_PRECISION);
// } else {
// uint256 remaining = periodFinish.sub(block.timestamp);
// uint256 leftover = remaining.mul(rewardRate);
// rewardRate = reward.mul(crBoostMultiplier()).add(leftover).div(rewardsDuration).div(PRICE_PRECISION);
// }
// // Ensure the provided reward amount is not more than the balance in the contract.
// // This keeps the reward rate in the right range, preventing overflows due to
// // very high values of rewardRate in the earned and rewardsPerToken functions;
// // Reward + leftover must be less than 2^256 / 10^18 to avoid overflow.
// uint balance = rewardsToken.balanceOf(address(this));
// require(rewardRate <= balance.div(rewardsDuration), "Provided reward too high");
// lastUpdateTime = block.timestamp;
// periodFinish = block.timestamp.add(rewardsDuration);
// emit RewardAdded(reward);
}
*/// Added to support recovering LP Rewards from other systems to be distributed to holdersfunctionrecoverERC20(address tokenAddress, uint256 tokenAmount) externalonlyByOwnerOrGovernance{
// Admin cannot withdraw the staking token from the contractrequire(tokenAddress !=address(stakingToken));
ERC20(tokenAddress).transfer(owner_address, tokenAmount);
emit Recovered(tokenAddress, tokenAmount);
}
functionsetRewardsDuration(uint256 _rewardsDuration) externalonlyByOwnerOrGovernance{
require(
periodFinish ==0||block.timestamp> periodFinish,
"Previous rewards period must be complete before changing the duration for the new period"
);
rewardsDuration = _rewardsDuration;
emit RewardsDurationUpdated(rewardsDuration);
}
functionsetMultipliers(uint256 _locked_stake_max_multiplier, uint256 _cr_boost_max_multiplier) externalonlyByOwnerOrGovernance{
require(_locked_stake_max_multiplier >=1, "Multiplier must be greater than or equal to 1");
require(_cr_boost_max_multiplier >=1, "Max CR Boost must be greater than or equal to 1");
locked_stake_max_multiplier = _locked_stake_max_multiplier;
cr_boost_max_multiplier = _cr_boost_max_multiplier;
emit MaxCRBoostMultiplier(cr_boost_max_multiplier);
emit LockedStakeMaxMultiplierUpdated(locked_stake_max_multiplier);
}
functionsetLockedStakeTimeForMinAndMaxMultiplier(uint256 _locked_stake_time_for_max_multiplier, uint256 _locked_stake_min_time) externalonlyByOwnerOrGovernance{
require(_locked_stake_time_for_max_multiplier >=1, "Multiplier Max Time must be greater than or equal to 1");
require(_locked_stake_min_time >=1, "Multiplier Min Time must be greater than or equal to 1");
locked_stake_time_for_max_multiplier = _locked_stake_time_for_max_multiplier;
locked_stake_min_time = _locked_stake_min_time;
locked_stake_min_time_str = StringHelpers.uint2str(_locked_stake_min_time);
emit LockedStakeTimeForMaxMultiplier(locked_stake_time_for_max_multiplier);
emit LockedStakeMinTime(_locked_stake_min_time);
}
functioninitializeDefault() externalonlyByOwnerOrGovernance{
lastUpdateTime =block.timestamp;
periodFinish =block.timestamp.add(rewardsDuration);
emit DefaultInitialization();
}
functiongreylistAddress(address _address) externalonlyByOwnerOrGovernance{
greylist[_address] =!(greylist[_address]);
}
functionunlockStakes() externalonlyByOwnerOrGovernance{
unlockedStakes =!unlockedStakes;
}
functionsetRewardRate(uint256 _new_rate) externalonlyByOwnerOrGovernance{
rewardRate = _new_rate;
}
functionsetOwnerAndTimelock(address _new_owner, address _new_timelock) externalonlyByOwnerOrGovernance{
owner_address = _new_owner;
timelock_address = _new_timelock;
}
/* ========== MODIFIERS ========== */modifierupdateReward(address account) {
// Need to retro-adjust some things if the period hasn't been renewed, then start a new oneif (block.timestamp> periodFinish) {
retroCatchUp();
}
else {
rewardPerTokenStored = rewardPerToken();
lastUpdateTime = lastTimeRewardApplicable();
}
if (account !=address(0)) {
rewards[account] = earned(account);
userRewardPerTokenPaid[account] = rewardPerTokenStored;
}
_;
}
modifieronlyByOwnerOrGovernance() {
require(msg.sender== owner_address ||msg.sender== timelock_address, "You are not the owner or the governance timelock");
_;
}
/* ========== EVENTS ========== */eventRewardAdded(uint256 reward);
eventStaked(addressindexed user, uint256 amount);
eventStakeLocked(addressindexed user, uint256 amount, uint256 secs);
eventWithdrawn(addressindexed user, uint256 amount);
eventWithdrawnLocked(addressindexed user, uint256 amount, bytes32 kek_id);
eventRewardPaid(addressindexed user, uint256 reward);
eventRewardsDurationUpdated(uint256 newDuration);
eventRecovered(address token, uint256 amount);
eventRewardsPeriodRenewed(address token);
eventDefaultInitialization();
eventLockedStakeMaxMultiplierUpdated(uint256 multiplier);
eventLockedStakeTimeForMaxMultiplier(uint256 secs);
eventLockedStakeMinTime(uint256 secs);
eventMaxCRBoostMultiplier(uint256 multiplier);
}
Contract Source Code
File 28 of 32: StringHelpers.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;libraryStringHelpers{
functionparseAddr(stringmemory _a) internalpurereturns (address _parsedAddress) {
bytesmemory tmp =bytes(_a);
uint160 iaddr =0;
uint160 b1;
uint160 b2;
for (uint i =2; i <2+2*20; i +=2) {
iaddr *=256;
b1 =uint160(uint8(tmp[i]));
b2 =uint160(uint8(tmp[i +1]));
if ((b1 >=97) && (b1 <=102)) {
b1 -=87;
} elseif ((b1 >=65) && (b1 <=70)) {
b1 -=55;
} elseif ((b1 >=48) && (b1 <=57)) {
b1 -=48;
}
if ((b2 >=97) && (b2 <=102)) {
b2 -=87;
} elseif ((b2 >=65) && (b2 <=70)) {
b2 -=55;
} elseif ((b2 >=48) && (b2 <=57)) {
b2 -=48;
}
iaddr += (b1 *16+ b2);
}
returnaddress(iaddr);
}
functionstrCompare(stringmemory _a, stringmemory _b) internalpurereturns (int _returnCode) {
bytesmemory a =bytes(_a);
bytesmemory b =bytes(_b);
uint minLength = a.length;
if (b.length< minLength) {
minLength = b.length;
}
for (uint i =0; i < minLength; i ++) {
if (a[i] < b[i]) {
return-1;
} elseif (a[i] > b[i]) {
return1;
}
}
if (a.length< b.length) {
return-1;
} elseif (a.length> b.length) {
return1;
} else {
return0;
}
}
functionindexOf(stringmemory _haystack, stringmemory _needle) internalpurereturns (int _returnCode) {
bytesmemory h =bytes(_haystack);
bytesmemory n =bytes(_needle);
if (h.length<1|| n.length<1|| (n.length> h.length)) {
return-1;
} elseif (h.length> (2**128-1)) {
return-1;
} else {
uint subindex =0;
for (uint i =0; i < h.length; i++) {
if (h[i] == n[0]) {
subindex =1;
while(subindex < n.length&& (i + subindex) < h.length&& h[i + subindex] == n[subindex]) {
subindex++;
}
if (subindex == n.length) {
returnint(i);
}
}
}
return-1;
}
}
functionstrConcat(stringmemory _a, stringmemory _b) internalpurereturns (stringmemory _concatenatedString) {
return strConcat(_a, _b, "", "", "");
}
functionstrConcat(stringmemory _a, stringmemory _b, stringmemory _c) internalpurereturns (stringmemory _concatenatedString) {
return strConcat(_a, _b, _c, "", "");
}
functionstrConcat(stringmemory _a, stringmemory _b, stringmemory _c, stringmemory _d) internalpurereturns (stringmemory _concatenatedString) {
return strConcat(_a, _b, _c, _d, "");
}
functionstrConcat(stringmemory _a, stringmemory _b, stringmemory _c, stringmemory _d, stringmemory _e) internalpurereturns (stringmemory _concatenatedString) {
bytesmemory _ba =bytes(_a);
bytesmemory _bb =bytes(_b);
bytesmemory _bc =bytes(_c);
bytesmemory _bd =bytes(_d);
bytesmemory _be =bytes(_e);
stringmemory abcde =newstring(_ba.length+ _bb.length+ _bc.length+ _bd.length+ _be.length);
bytesmemory babcde =bytes(abcde);
uint k =0;
uint i =0;
for (i =0; i < _ba.length; i++) {
babcde[k++] = _ba[i];
}
for (i =0; i < _bb.length; i++) {
babcde[k++] = _bb[i];
}
for (i =0; i < _bc.length; i++) {
babcde[k++] = _bc[i];
}
for (i =0; i < _bd.length; i++) {
babcde[k++] = _bd[i];
}
for (i =0; i < _be.length; i++) {
babcde[k++] = _be[i];
}
returnstring(babcde);
}
functionsafeParseInt(stringmemory _a) internalpurereturns (uint _parsedInt) {
return safeParseInt(_a, 0);
}
functionsafeParseInt(stringmemory _a, uint _b) internalpurereturns (uint _parsedInt) {
bytesmemory bresult =bytes(_a);
uint mint =0;
bool decimals =false;
for (uint i =0; i < bresult.length; i++) {
if ((uint(uint8(bresult[i])) >=48) && (uint(uint8(bresult[i])) <=57)) {
if (decimals) {
if (_b ==0) break;
else _b--;
}
mint *=10;
mint +=uint(uint8(bresult[i])) -48;
} elseif (uint(uint8(bresult[i])) ==46) {
require(!decimals, 'More than one decimal encountered in string!');
decimals =true;
} else {
revert("Non-numeral character encountered in string!");
}
}
if (_b >0) {
mint *=10** _b;
}
return mint;
}
functionparseInt(stringmemory _a) internalpurereturns (uint _parsedInt) {
return parseInt(_a, 0);
}
functionparseInt(stringmemory _a, uint _b) internalpurereturns (uint _parsedInt) {
bytesmemory bresult =bytes(_a);
uint mint =0;
bool decimals =false;
for (uint i =0; i < bresult.length; i++) {
if ((uint(uint8(bresult[i])) >=48) && (uint(uint8(bresult[i])) <=57)) {
if (decimals) {
if (_b ==0) {
break;
} else {
_b--;
}
}
mint *=10;
mint +=uint(uint8(bresult[i])) -48;
} elseif (uint(uint8(bresult[i])) ==46) {
decimals =true;
}
}
if (_b >0) {
mint *=10** _b;
}
return mint;
}
functionuint2str(uint _i) internalpurereturns (stringmemory _uintAsString) {
if (_i ==0) {
return"0";
}
uint j = _i;
uint len;
while (j !=0) {
len++;
j /=10;
}
bytesmemory bstr =newbytes(len);
uint k = len -1;
while (_i !=0) {
bstr[k--] =byte(uint8(48+ _i %10));
_i /=10;
}
returnstring(bstr);
}
}
Contract Source Code
File 29 of 32: TransferHelper.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;// helper methods for interacting with ERC20 tokens and sending ETH that do not consistently return true/falselibraryTransferHelper{
functionsafeApprove(address token, address to, uint value) internal{
// bytes4(keccak256(bytes('approve(address,uint256)')));
(bool success, bytesmemory data) = token.call(abi.encodeWithSelector(0x095ea7b3, to, value));
require(success && (data.length==0||abi.decode(data, (bool))), 'TransferHelper: APPROVE_FAILED');
}
functionsafeTransfer(address token, address to, uint value) internal{
// bytes4(keccak256(bytes('transfer(address,uint256)')));
(bool success, bytesmemory data) = token.call(abi.encodeWithSelector(0xa9059cbb, to, value));
require(success && (data.length==0||abi.decode(data, (bool))), 'TransferHelper: TRANSFER_FAILED');
}
functionsafeTransferFrom(address token, addressfrom, address to, uint value) internal{
// bytes4(keccak256(bytes('transferFrom(address,address,uint256)')));
(bool success, bytesmemory data) = token.call(abi.encodeWithSelector(0x23b872dd, from, to, value));
require(success && (data.length==0||abi.decode(data, (bool))), 'TransferHelper: TRANSFER_FROM_FAILED');
}
functionsafeTransferETH(address to, uint value) internal{
(bool success,) = to.call{value:value}(newbytes(0));
require(success, 'TransferHelper: ETH_TRANSFER_FAILED');
}
}
Contract Source Code
File 30 of 32: UniswapPairOracle.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import'./IUniswapV2Factory.sol';
import'./IUniswapV2Pair.sol';
import'./FixedPoint.sol';
import'./UniswapV2OracleLibrary.sol';
import'./UniswapV2Library.sol';
// Fixed window oracle that recomputes the average price for the entire period once every period// Note that the price average is only guaranteed to be over at least 1 period, but may be over a longer periodcontractUniswapPairOracle{
usingFixedPointfor*;
address owner_address;
address timelock_address;
uintpublic PERIOD =3600; // 1 hour TWAP (time-weighted average price)
IUniswapV2Pair publicimmutable pair;
addresspublicimmutable token0;
addresspublicimmutable token1;
uintpublic price0CumulativeLast;
uintpublic price1CumulativeLast;
uint32public blockTimestampLast;
FixedPoint.uq112x112 public price0Average;
FixedPoint.uq112x112 public price1Average;
modifieronlyByOwnerOrGovernance() {
require(msg.sender== owner_address ||msg.sender== timelock_address, "You are not an owner or the governance timelock");
_;
}
constructor(address factory, address tokenA, address tokenB, address _owner_address, address _timelock_address) public{
IUniswapV2Pair _pair = IUniswapV2Pair(UniswapV2Library.pairFor(factory, tokenA, tokenB));
pair = _pair;
token0 = _pair.token0();
token1 = _pair.token1();
price0CumulativeLast = _pair.price0CumulativeLast(); // Fetch the current accumulated price value (1 / 0)
price1CumulativeLast = _pair.price1CumulativeLast(); // Fetch the current accumulated price value (0 / 1)uint112 reserve0;
uint112 reserve1;
(reserve0, reserve1, blockTimestampLast) = _pair.getReserves();
require(reserve0 !=0&& reserve1 !=0, 'UniswapPairOracle: NO_RESERVES'); // Ensure that there's liquidity in the pair
owner_address = _owner_address;
timelock_address = _timelock_address;
}
functionsetOwner(address _owner_address) externalonlyByOwnerOrGovernance{
owner_address = _owner_address;
}
functionsetTimelock(address _timelock_address) externalonlyByOwnerOrGovernance{
timelock_address = _timelock_address;
}
functionsetPeriod(uint _period) externalonlyByOwnerOrGovernance{
PERIOD = _period;
}
functionupdate() external{
(uint price0Cumulative, uint price1Cumulative, uint32 blockTimestamp) =
UniswapV2OracleLibrary.currentCumulativePrices(address(pair));
uint32 timeElapsed = blockTimestamp - blockTimestampLast; // Overflow is desired// Ensure that at least one full period has passed since the last updaterequire(timeElapsed >= PERIOD, 'UniswapPairOracle: PERIOD_NOT_ELAPSED');
// Overflow is desired, casting never truncates// Cumulative price is in (uq112x112 price * seconds) units so we simply wrap it after division by time elapsed
price0Average = FixedPoint.uq112x112(uint224((price0Cumulative - price0CumulativeLast) / timeElapsed));
price1Average = FixedPoint.uq112x112(uint224((price1Cumulative - price1CumulativeLast) / timeElapsed));
price0CumulativeLast = price0Cumulative;
price1CumulativeLast = price1Cumulative;
blockTimestampLast = blockTimestamp;
}
// Note this will always return 0 before update has been called successfully for the first time.functionconsult(address token, uint amountIn) externalviewreturns (uint amountOut) {
if (token == token0) {
amountOut = price0Average.mul(amountIn).decode144();
} else {
require(token == token1, 'UniswapPairOracle: INVALID_TOKEN');
amountOut = price1Average.mul(amountIn).decode144();
}
}
}
Contract Source Code
File 31 of 32: UniswapV2Library.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import'./IUniswapV2Pair.sol';
import'./IUniswapV2Factory.sol';
import"./SafeMath.sol";
libraryUniswapV2Library{
usingSafeMathforuint;
// returns sorted token addresses, used to handle return values from pairs sorted in this orderfunctionsortTokens(address tokenA, address tokenB) internalpurereturns (address token0, address token1) {
require(tokenA != tokenB, 'UniswapV2Library: IDENTICAL_ADDRESSES');
(token0, token1) = tokenA < tokenB ? (tokenA, tokenB) : (tokenB, tokenA);
require(token0 !=address(0), 'UniswapV2Library: ZERO_ADDRESS');
}
// Less efficient than the CREATE2 method belowfunctionpairFor(address factory, address tokenA, address tokenB) internalviewreturns (address pair) {
(address token0, address token1) = sortTokens(tokenA, tokenB);
pair = IUniswapV2Factory(factory).getPair(token0, token1);
}
// calculates the CREATE2 address for a pair without making any external callsfunctionpairForCreate2(address factory, address tokenA, address tokenB) internalpurereturns (address pair) {
(address token0, address token1) = sortTokens(tokenA, tokenB);
pair =address(uint(keccak256(abi.encodePacked(
hex'ff',
factory,
keccak256(abi.encodePacked(token0, token1)),
hex'96e8ac4277198ff8b6f785478aa9a39f403cb768dd02cbee326c3e7da348845f'// init code hash
)))); // this matches the CREATE2 in UniswapV2Factory.createPair
}
// fetches and sorts the reserves for a pairfunctiongetReserves(address factory, address tokenA, address tokenB) internalviewreturns (uint reserveA, uint reserveB) {
(address token0,) = sortTokens(tokenA, tokenB);
(uint reserve0, uint reserve1,) = IUniswapV2Pair(pairFor(factory, tokenA, tokenB)).getReserves();
(reserveA, reserveB) = tokenA == token0 ? (reserve0, reserve1) : (reserve1, reserve0);
}
// given some amount of an asset and pair reserves, returns an equivalent amount of the other assetfunctionquote(uint amountA, uint reserveA, uint reserveB) internalpurereturns (uint amountB) {
require(amountA >0, 'UniswapV2Library: INSUFFICIENT_AMOUNT');
require(reserveA >0&& reserveB >0, 'UniswapV2Library: INSUFFICIENT_LIQUIDITY');
amountB = amountA.mul(reserveB) / reserveA;
}
// given an input amount of an asset and pair reserves, returns the maximum output amount of the other assetfunctiongetAmountOut(uint amountIn, uint reserveIn, uint reserveOut) internalpurereturns (uint amountOut) {
require(amountIn >0, 'UniswapV2Library: INSUFFICIENT_INPUT_AMOUNT');
require(reserveIn >0&& reserveOut >0, 'UniswapV2Library: INSUFFICIENT_LIQUIDITY');
uint amountInWithFee = amountIn.mul(997);
uint numerator = amountInWithFee.mul(reserveOut);
uint denominator = reserveIn.mul(1000).add(amountInWithFee);
amountOut = numerator / denominator;
}
// given an output amount of an asset and pair reserves, returns a required input amount of the other assetfunctiongetAmountIn(uint amountOut, uint reserveIn, uint reserveOut) internalpurereturns (uint amountIn) {
require(amountOut >0, 'UniswapV2Library: INSUFFICIENT_OUTPUT_AMOUNT');
require(reserveIn >0&& reserveOut >0, 'UniswapV2Library: INSUFFICIENT_LIQUIDITY');
uint numerator = reserveIn.mul(amountOut).mul(1000);
uint denominator = reserveOut.sub(amountOut).mul(997);
amountIn = (numerator / denominator).add(1);
}
// performs chained getAmountOut calculations on any number of pairsfunctiongetAmountsOut(address factory, uint amountIn, address[] memory path) internalviewreturns (uint[] memory amounts) {
require(path.length>=2, 'UniswapV2Library: INVALID_PATH');
amounts =newuint[](path.length);
amounts[0] = amountIn;
for (uint i; i < path.length-1; i++) {
(uint reserveIn, uint reserveOut) = getReserves(factory, path[i], path[i +1]);
amounts[i +1] = getAmountOut(amounts[i], reserveIn, reserveOut);
}
}
// performs chained getAmountIn calculations on any number of pairsfunctiongetAmountsIn(address factory, uint amountOut, address[] memory path) internalviewreturns (uint[] memory amounts) {
require(path.length>=2, 'UniswapV2Library: INVALID_PATH');
amounts =newuint[](path.length);
amounts[amounts.length-1] = amountOut;
for (uint i = path.length-1; i >0; i--) {
(uint reserveIn, uint reserveOut) = getReserves(factory, path[i -1], path[i]);
amounts[i -1] = getAmountIn(amounts[i], reserveIn, reserveOut);
}
}
}
Contract Source Code
File 32 of 32: UniswapV2OracleLibrary.sol
// SPDX-License-Identifier: MITpragmasolidity 0.6.11;import'./IUniswapV2Pair.sol';
import'./FixedPoint.sol';
// library with helper methods for oracles that are concerned with computing average priceslibraryUniswapV2OracleLibrary{
usingFixedPointfor*;
// helper function that returns the current block timestamp within the range of uint32, i.e. [0, 2**32 - 1]functioncurrentBlockTimestamp() internalviewreturns (uint32) {
returnuint32(block.timestamp%2**32);
}
// produces the cumulative price using counterfactuals to save gas and avoid a call to sync.functioncurrentCumulativePrices(address pair
) internalviewreturns (uint price0Cumulative, uint price1Cumulative, uint32 blockTimestamp) {
blockTimestamp = currentBlockTimestamp();
price0Cumulative = IUniswapV2Pair(pair).price0CumulativeLast();
price1Cumulative = IUniswapV2Pair(pair).price1CumulativeLast();
// if time has elapsed since the last update on the pair, mock the accumulated price values
(uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast) = IUniswapV2Pair(pair).getReserves();
if (blockTimestampLast != blockTimestamp) {
// subtraction overflow is desireduint32 timeElapsed = blockTimestamp - blockTimestampLast;
// addition overflow is desired// counterfactual
price0Cumulative +=uint(FixedPoint.fraction(reserve1, reserve0)._x) * timeElapsed;
// counterfactual
price1Cumulative +=uint(FixedPoint.fraction(reserve0, reserve1)._x) * timeElapsed;
}
}
}
