Network
All
Ethereum
Arbitrum One
Base
Zora
Celo
Gnosis
Scroll
Scroll Sepolia
Xai
Rari
Forma
World Chain
Mode
Palm Testnet
Palm
Solana
coming soon
Celestia
coming soon
Eclipse
coming soon
Metal L2
coming soon
Xai Testnet
coming soon
Astria Devnet
coming soon
LUKSO
coming soon
Arbitrum Nova
coming soon
Astria
coming soon
Polygon ZKEVM
coming soon
Optimism
coming soon
zkSync Era
coming soon
Binance Smart Chain
coming soon
Polygon
coming soon
Scroll Goerli
coming soon
Movement
coming soon
Mantle
coming soon
账户
0x60...d577
0x60...D577
$500
此合同的源代码已经过验证!
合同元数据
编译器
0.8.17+commit.8df45f5f
语言
Solidity
合同源代码
文件 1 的 38:AccessControl.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (access/AccessControl.sol)
pragma solidity ^0.8.0;
import "./IAccessControl.sol";
import "../utils/Context.sol";
import "../utils/Strings.sol";
import "../utils/introspection/ERC165.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms. This is a lightweight version that doesn't allow enumerating role
* members except through off-chain means by accessing the contract event logs. Some
* applications may benefit from on-chain enumerability, for those cases see
* {AccessControlEnumerable}.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it.
*/
abstract contract AccessControl is Context, IAccessControl, ERC165 {
struct RoleData {
mapping(address => bool) members;
bytes32 adminRole;
}
mapping(bytes32 => RoleData) private _roles;
bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;
/**
* @dev Modifier that checks that an account has a specific role. Reverts
* with a standardized message including the required role.
*
* The format of the revert reason is given by the following regular expression:
*
* /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/
*
* _Available since v4.1._
*/
modifier onlyRole(bytes32 role) {
_checkRole(role);
_;
}
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId);
}
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) public view virtual override returns (bool) {
return _roles[role].members[account];
}
/**
* @dev Revert with a standard message if `_msgSender()` is missing `role`.
* Overriding this function changes the behavior of the {onlyRole} modifier.
*
* Format of the revert message is described in {_checkRole}.
*
* _Available since v4.6._
*/
function _checkRole(bytes32 role) internal view virtual {
_checkRole(role, _msgSender());
}
/**
* @dev Revert with a standard message if `account` is missing `role`.
*
* The format of the revert reason is given by the following regular expression:
*
* /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/
*/
function _checkRole(bytes32 role, address account) internal view virtual {
if (!hasRole(role, account)) {
revert(
string(
abi.encodePacked(
"AccessControl: account ",
Strings.toHexString(account),
" is missing role ",
Strings.toHexString(uint256(role), 32)
)
)
);
}
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) public view virtual override returns (bytes32) {
return _roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleGranted} event.
*/
function grantRole(bytes32 role, address account) public virtual override onlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleRevoked} event.
*/
function revokeRole(bytes32 role, address account) public virtual override onlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been revoked `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `account`.
*
* May emit a {RoleRevoked} event.
*/
function renounceRole(bytes32 role, address account) public virtual override {
require(account == _msgSender(), "AccessControl: can only renounce roles for self");
_revokeRole(role, account);
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event. Note that unlike {grantRole}, this function doesn't perform any
* checks on the calling account.
*
* May emit a {RoleGranted} event.
*
* [WARNING]
* ====
* This function should only be called from the constructor when setting
* up the initial roles for the system.
*
* Using this function in any other way is effectively circumventing the admin
* system imposed by {AccessControl}.
* ====
*
* NOTE: This function is deprecated in favor of {_grantRole}.
*/
function _setupRole(bytes32 role, address account) internal virtual {
_grantRole(role, account);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
bytes32 previousAdminRole = getRoleAdmin(role);
_roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
/**
* @dev Grants `role` to `account`.
*
* Internal function without access restriction.
*
* May emit a {RoleGranted} event.
*/
function _grantRole(bytes32 role, address account) internal virtual {
if (!hasRole(role, account)) {
_roles[role].members[account] = true;
emit RoleGranted(role, account, _msgSender());
}
}
/**
* @dev Revokes `role` from `account`.
*
* Internal function without access restriction.
*
* May emit a {RoleRevoked} event.
*/
function _revokeRole(bytes32 role, address account) internal virtual {
if (hasRole(role, account)) {
_roles[role].members[account] = false;
emit RoleRevoked(role, account, _msgSender());
}
}
}
合同源代码
文件 2 的 38:Address.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
合同源代码
文件 3 的 38:Arrays.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Arrays.sol)
pragma solidity ^0.8.0;
import "./StorageSlot.sol";
import "./math/Math.sol";
/**
* @dev Collection of functions related to array types.
*/
library Arrays {
using StorageSlot for bytes32;
/**
* @dev Searches a sorted `array` and returns the first index that contains
* a value greater or equal to `element`. If no such index exists (i.e. all
* values in the array are strictly less than `element`), the array length is
* returned. Time complexity O(log n).
*
* `array` is expected to be sorted in ascending order, and to contain no
* repeated elements.
*/
function findUpperBound(uint256[] storage array, uint256 element) internal view returns (uint256) {
if (array.length == 0) {
return 0;
}
uint256 low = 0;
uint256 high = array.length;
while (low < high) {
uint256 mid = Math.average(low, high);
// Note that mid will always be strictly less than high (i.e. it will be a valid array index)
// because Math.average rounds down (it does integer division with truncation).
if (unsafeAccess(array, mid).value > element) {
high = mid;
} else {
low = mid + 1;
}
}
// At this point `low` is the exclusive upper bound. We will return the inclusive upper bound.
if (low > 0 && unsafeAccess(array, low - 1).value == element) {
return low - 1;
} else {
return low;
}
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeAccess(address[] storage arr, uint256 pos) internal pure returns (StorageSlot.AddressSlot storage) {
bytes32 slot;
// We use assembly to calculate the storage slot of the element at index `pos` of the dynamic array `arr`
// following https://docs.soliditylang.org/en/v0.8.17/internals/layout_in_storage.html#mappings-and-dynamic-arrays.
/// @solidity memory-safe-assembly
assembly {
mstore(0, arr.slot)
slot := add(keccak256(0, 0x20), pos)
}
return slot.getAddressSlot();
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeAccess(bytes32[] storage arr, uint256 pos) internal pure returns (StorageSlot.Bytes32Slot storage) {
bytes32 slot;
// We use assembly to calculate the storage slot of the element at index `pos` of the dynamic array `arr`
// following https://docs.soliditylang.org/en/v0.8.17/internals/layout_in_storage.html#mappings-and-dynamic-arrays.
/// @solidity memory-safe-assembly
assembly {
mstore(0, arr.slot)
slot := add(keccak256(0, 0x20), pos)
}
return slot.getBytes32Slot();
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeAccess(uint256[] storage arr, uint256 pos) internal pure returns (StorageSlot.Uint256Slot storage) {
bytes32 slot;
// We use assembly to calculate the storage slot of the element at index `pos` of the dynamic array `arr`
// following https://docs.soliditylang.org/en/v0.8.17/internals/layout_in_storage.html#mappings-and-dynamic-arrays.
/// @solidity memory-safe-assembly
assembly {
mstore(0, arr.slot)
slot := add(keccak256(0, 0x20), pos)
}
return slot.getUint256Slot();
}
}
合同源代码
文件 4 的 38:Bytes32AddressLib.sol
// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity >=0.8.0;
/// @notice Library for converting between addresses and bytes32 values.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/Bytes32AddressLib.sol)
library Bytes32AddressLib {
function fromLast20Bytes(bytes32 bytesValue) internal pure returns (address) {
return address(uint160(uint256(bytesValue)));
}
function fillLast12Bytes(address addressValue) internal pure returns (bytes32) {
return bytes32(bytes20(addressValue));
}
}
合同源代码
文件 5 的 38:Context.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}
合同源代码
文件 6 的 38:Counters.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Counters.sol)
pragma solidity ^0.8.0;
/**
* @title Counters
* @author Matt Condon (@shrugs)
* @dev Provides counters that can only be incremented, decremented or reset. This can be used e.g. to track the number
* of elements in a mapping, issuing ERC721 ids, or counting request ids.
*
* Include with `using Counters for Counters.Counter;`
*/
library Counters {
struct Counter {
// This variable should never be directly accessed by users of the library: interactions must be restricted to
// the library's function. As of Solidity v0.5.2, this cannot be enforced, though there is a proposal to add
// this feature: see https://github.com/ethereum/solidity/issues/4637
uint256 _value; // default: 0
}
function current(Counter storage counter) internal view returns (uint256) {
return counter._value;
}
function increment(Counter storage counter) internal {
unchecked {
counter._value += 1;
}
}
function decrement(Counter storage counter) internal {
uint256 value = counter._value;
require(value > 0, "Counter: decrement overflow");
unchecked {
counter._value = value - 1;
}
}
function reset(Counter storage counter) internal {
counter._value = 0;
}
}
合同源代码
文件 7 的 38:ECDSA.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (utils/cryptography/ECDSA.sol)
pragma solidity ^0.8.0;
import "../Strings.sol";
/**
* @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
*
* These functions can be used to verify that a message was signed by the holder
* of the private keys of a given address.
*/
library ECDSA {
enum RecoverError {
NoError,
InvalidSignature,
InvalidSignatureLength,
InvalidSignatureS,
InvalidSignatureV // Deprecated in v4.8
}
function _throwError(RecoverError error) private pure {
if (error == RecoverError.NoError) {
return; // no error: do nothing
} else if (error == RecoverError.InvalidSignature) {
revert("ECDSA: invalid signature");
} else if (error == RecoverError.InvalidSignatureLength) {
revert("ECDSA: invalid signature length");
} else if (error == RecoverError.InvalidSignatureS) {
revert("ECDSA: invalid signature 's' value");
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature` or error string. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*
* Documentation for signature generation:
* - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
* - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError) {
if (signature.length == 65) {
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them
// currently is to use assembly.
/// @solidity memory-safe-assembly
assembly {
r := mload(add(signature, 0x20))
s := mload(add(signature, 0x40))
v := byte(0, mload(add(signature, 0x60)))
}
return tryRecover(hash, v, r, s);
} else {
return (address(0), RecoverError.InvalidSignatureLength);
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature`. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*/
function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, signature);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
*
* See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
*
* _Available since v4.3._
*/
function tryRecover(
bytes32 hash,
bytes32 r,
bytes32 vs
) internal pure returns (address, RecoverError) {
bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
uint8 v = uint8((uint256(vs) >> 255) + 27);
return tryRecover(hash, v, r, s);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
*
* _Available since v4.2._
*/
function recover(
bytes32 hash,
bytes32 r,
bytes32 vs
) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, r, vs);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `v`,
* `r` and `s` signature fields separately.
*
* _Available since v4.3._
*/
function tryRecover(
bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internal pure returns (address, RecoverError) {
// EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
// unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
// the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most
// signatures from current libraries generate a unique signature with an s-value in the lower half order.
//
// If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
// with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
// vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
// these malleable signatures as well.
if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
return (address(0), RecoverError.InvalidSignatureS);
}
// If the signature is valid (and not malleable), return the signer address
address signer = ecrecover(hash, v, r, s);
if (signer == address(0)) {
return (address(0), RecoverError.InvalidSignature);
}
return (signer, RecoverError.NoError);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `v`,
* `r` and `s` signature fields separately.
*/
function recover(
bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, v, r, s);
_throwError(error);
return recovered;
}
/**
* @dev Returns an Ethereum Signed Message, created from a `hash`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32) {
// 32 is the length in bytes of hash,
// enforced by the type signature above
return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", hash));
}
/**
* @dev Returns an Ethereum Signed Message, created from `s`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n", Strings.toString(s.length), s));
}
/**
* @dev Returns an Ethereum Signed Typed Data, created from a
* `domainSeparator` and a `structHash`. This produces hash corresponding
* to the one signed with the
* https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]
* JSON-RPC method as part of EIP-712.
*
* See {recover}.
*/
function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19\x01", domainSeparator, structHash));
}
}
合同源代码
文件 8 的 38:ERC1155.sol
// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity >=0.8.0;
/// @notice Minimalist and gas efficient standard ERC1155 implementation.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/tokens/ERC1155.sol)
abstract contract ERC1155 {
/*//////////////////////////////////////////////////////////////
EVENTS
//////////////////////////////////////////////////////////////*/
event TransferSingle(
address indexed operator,
address indexed from,
address indexed to,
uint256 id,
uint256 amount
);
event TransferBatch(
address indexed operator,
address indexed from,
address indexed to,
uint256[] ids,
uint256[] amounts
);
event ApprovalForAll(address indexed owner, address indexed operator, bool approved);
event URI(string value, uint256 indexed id);
/*//////////////////////////////////////////////////////////////
ERC1155 STORAGE
//////////////////////////////////////////////////////////////*/
mapping(address => mapping(uint256 => uint256)) public balanceOf;
mapping(address => mapping(address => bool)) public isApprovedForAll;
/*//////////////////////////////////////////////////////////////
METADATA LOGIC
//////////////////////////////////////////////////////////////*/
function uri(uint256 id) public view virtual returns (string memory);
/*//////////////////////////////////////////////////////////////
ERC1155 LOGIC
//////////////////////////////////////////////////////////////*/
function setApprovalForAll(address operator, bool approved) public virtual {
isApprovedForAll[msg.sender][operator] = approved;
emit ApprovalForAll(msg.sender, operator, approved);
}
function safeTransferFrom(
address from,
address to,
uint256 id,
uint256 amount,
bytes calldata data
) public virtual {
require(msg.sender == from || isApprovedForAll[from][msg.sender], "NOT_AUTHORIZED");
balanceOf[from][id] -= amount;
balanceOf[to][id] += amount;
emit TransferSingle(msg.sender, from, to, id, amount);
require(
to.code.length == 0
? to != address(0)
: ERC1155TokenReceiver(to).onERC1155Received(msg.sender, from, id, amount, data) ==
ERC1155TokenReceiver.onERC1155Received.selector,
"UNSAFE_RECIPIENT"
);
}
function safeBatchTransferFrom(
address from,
address to,
uint256[] calldata ids,
uint256[] calldata amounts,
bytes calldata data
) public virtual {
require(ids.length == amounts.length, "LENGTH_MISMATCH");
require(msg.sender == from || isApprovedForAll[from][msg.sender], "NOT_AUTHORIZED");
// Storing these outside the loop saves ~15 gas per iteration.
uint256 id;
uint256 amount;
for (uint256 i = 0; i < ids.length; ) {
id = ids[i];
amount = amounts[i];
balanceOf[from][id] -= amount;
balanceOf[to][id] += amount;
// An array can't have a total length
// larger than the max uint256 value.
unchecked {
++i;
}
}
emit TransferBatch(msg.sender, from, to, ids, amounts);
require(
to.code.length == 0
? to != address(0)
: ERC1155TokenReceiver(to).onERC1155BatchReceived(msg.sender, from, ids, amounts, data) ==
ERC1155TokenReceiver.onERC1155BatchReceived.selector,
"UNSAFE_RECIPIENT"
);
}
function balanceOfBatch(address[] calldata owners, uint256[] calldata ids)
public
view
virtual
returns (uint256[] memory balances)
{
require(owners.length == ids.length, "LENGTH_MISMATCH");
balances = new uint256[](owners.length);
// Unchecked because the only math done is incrementing
// the array index counter which cannot possibly overflow.
unchecked {
for (uint256 i = 0; i < owners.length; ++i) {
balances[i] = balanceOf[owners[i]][ids[i]];
}
}
}
/*//////////////////////////////////////////////////////////////
ERC165 LOGIC
//////////////////////////////////////////////////////////////*/
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return
interfaceId == 0x01ffc9a7 || // ERC165 Interface ID for ERC165
interfaceId == 0xd9b67a26 || // ERC165 Interface ID for ERC1155
interfaceId == 0x0e89341c; // ERC165 Interface ID for ERC1155MetadataURI
}
/*//////////////////////////////////////////////////////////////
INTERNAL MINT/BURN LOGIC
//////////////////////////////////////////////////////////////*/
function _mint(
address to,
uint256 id,
uint256 amount,
bytes memory data
) internal virtual {
balanceOf[to][id] += amount;
emit TransferSingle(msg.sender, address(0), to, id, amount);
require(
to.code.length == 0
? to != address(0)
: ERC1155TokenReceiver(to).onERC1155Received(msg.sender, address(0), id, amount, data) ==
ERC1155TokenReceiver.onERC1155Received.selector,
"UNSAFE_RECIPIENT"
);
}
function _batchMint(
address to,
uint256[] memory ids,
uint256[] memory amounts,
bytes memory data
) internal virtual {
uint256 idsLength = ids.length; // Saves MLOADs.
require(idsLength == amounts.length, "LENGTH_MISMATCH");
for (uint256 i = 0; i < idsLength; ) {
balanceOf[to][ids[i]] += amounts[i];
// An array can't have a total length
// larger than the max uint256 value.
unchecked {
++i;
}
}
emit TransferBatch(msg.sender, address(0), to, ids, amounts);
require(
to.code.length == 0
? to != address(0)
: ERC1155TokenReceiver(to).onERC1155BatchReceived(msg.sender, address(0), ids, amounts, data) ==
ERC1155TokenReceiver.onERC1155BatchReceived.selector,
"UNSAFE_RECIPIENT"
);
}
function _batchBurn(
address from,
uint256[] memory ids,
uint256[] memory amounts
) internal virtual {
uint256 idsLength = ids.length; // Saves MLOADs.
require(idsLength == amounts.length, "LENGTH_MISMATCH");
for (uint256 i = 0; i < idsLength; ) {
balanceOf[from][ids[i]] -= amounts[i];
// An array can't have a total length
// larger than the max uint256 value.
unchecked {
++i;
}
}
emit TransferBatch(msg.sender, from, address(0), ids, amounts);
}
function _burn(
address from,
uint256 id,
uint256 amount
) internal virtual {
balanceOf[from][id] -= amount;
emit TransferSingle(msg.sender, from, address(0), id, amount);
}
}
/// @notice A generic interface for a contract which properly accepts ERC1155 tokens.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/tokens/ERC1155.sol)
abstract contract ERC1155TokenReceiver {
function onERC1155Received(
address,
address,
uint256,
uint256,
bytes calldata
) external virtual returns (bytes4) {
return ERC1155TokenReceiver.onERC1155Received.selector;
}
function onERC1155BatchReceived(
address,
address,
uint256[] calldata,
uint256[] calldata,
bytes calldata
) external virtual returns (bytes4) {
return ERC1155TokenReceiver.onERC1155BatchReceived.selector;
}
}
合同源代码
文件 9 的 38:ERC1155Burnable.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (token/ERC1155/extensions/ERC1155Burnable.sol)
pragma solidity ^0.8.0;
import "../ERC1155.sol";
/**
* @dev Extension of {ERC1155} that allows token holders to destroy both their
* own tokens and those that they have been approved to use.
*
* _Available since v3.1._
*/
abstract contract ERC1155Burnable is ERC1155 {
function burn(
address account,
uint256 id,
uint256 value
) public virtual {
require(
account == _msgSender() || isApprovedForAll(account, _msgSender()),
"ERC1155: caller is not token owner or approved"
);
_burn(account, id, value);
}
function burnBatch(
address account,
uint256[] memory ids,
uint256[] memory values
) public virtual {
require(
account == _msgSender() || isApprovedForAll(account, _msgSender()),
"ERC1155: caller is not token owner or approved"
);
_burnBatch(account, ids, values);
}
}
合同源代码
文件 10 的 38:ERC1155PresetMinterSupply.sol
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import {ERC1155} from "openzeppelin-contracts/contracts/token/ERC1155/ERC1155.sol";
import {ERC1155Supply} from "openzeppelin-contracts/contracts/token/ERC1155/extensions/ERC1155Supply.sol";
import {ERC1155Burnable} from "openzeppelin-contracts/contracts/token/ERC1155/extensions/ERC1155Burnable.sol";
import {AccessControl} from "openzeppelin-contracts/contracts/access/AccessControl.sol";
import {Context} from "openzeppelin-contracts/contracts/utils/Context.sol";
/**
* @dev {ERC1155} token, including:
*
* - ability to check the total supply for a token id
* - ability for holders to burn (destroy) their tokens
* - a minter role that allows for token minting (creation)
*
* This contract uses {AccessControl} to lock permissioned functions using the
* different roles - head to its documentation for details.
*
* The account that deploys the contract will be granted the minter role as well
* as the default admin role, which will let it grant the minter role to other accounts.
*/
contract ERC1155PresetMinterSupply is
Context,
AccessControl,
ERC1155Supply,
ERC1155Burnable
{
bytes32 public constant MINTER_ROLE = keccak256("MINTER_ROLE");
/**
* @dev Grants `DEFAULT_ADMIN_ROLE` and `MINTER_ROLE` to the account that
* deploys the contract.
*/
constructor(string memory uri) ERC1155(uri) {
_setupRole(DEFAULT_ADMIN_ROLE, _msgSender());
_setupRole(MINTER_ROLE, _msgSender());
}
/**
* @dev Creates `amount` new tokens for `to`, of token type `id`.
*
* See {ERC1155-_mint}.
*
* Requirements:
*
* - the caller must have the `MINTER_ROLE`.
*/
function mint(
address to,
uint256 id,
uint256 amount,
bytes memory data
) public virtual {
require(
hasRole(MINTER_ROLE, _msgSender()),
"ERC1155PresetMinterPauser: must have minter role to mint"
);
_mint(to, id, amount, data);
}
/**
* @dev xref:ROOT:erc1155.adoc#batch-operations[Batched] variant of {mint}.
*/
function mintBatch(
address to,
uint256[] memory ids,
uint256[] memory amounts,
bytes memory data
) public virtual {
require(
hasRole(MINTER_ROLE, _msgSender()),
"ERC1155PresetMinterPauser: must have minter role to mint"
);
_mintBatch(to, ids, amounts, data);
}
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId)
public
view
virtual
override(AccessControl, ERC1155)
returns (bool)
{
return super.supportsInterface(interfaceId);
}
function _beforeTokenTransfer(
address operator,
address from,
address to,
uint256[] memory ids,
uint256[] memory amounts,
bytes memory data
) internal virtual override(ERC1155, ERC1155Supply) {
super._beforeTokenTransfer(operator, from, to, ids, amounts, data);
}
}
合同源代码
文件 11 的 38:ERC1155Solmate.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (token/ERC1155/presets/ERC1155PresetMinterPauser.sol)
pragma solidity 0.8.17;
import {ERC1155} from "solmate/tokens/ERC1155.sol";
import {AccessControl} from "openzeppelin-contracts/contracts/access/AccessControl.sol";
import {Context} from "openzeppelin-contracts/contracts/utils/Context.sol";
/**
* @dev {ERC1155} token, including:
*
* - ability to check the total supply for a token id
* - ability for holders to burn (destroy) their tokens
* - a minter role that allows for token minting (creation)
*
* This contract uses {AccessControl} to lock permissioned functions using the
* different roles - head to its documentation for details.
*
* The account that deploys the contract will be granted the minter and pauser
* roles, as well as the default admin role, which will let it grant both minter
* and pauser roles to other accounts.
*
* _Deprecated in favor of https://wizard.openzeppelin.com/[Contracts Wizard]._
*/
contract ERC1155Solmate is AccessControl, ERC1155 {
bytes32 public constant MINTER_ROLE = keccak256("MINTER_ROLE");
event GrantMinterRole(address minter);
event RevokeMinterRole(address minter);
error ZeroAddress();
error NotMinter();
constructor() {
_grantRole(DEFAULT_ADMIN_ROLE, msg.sender);
}
/**
@notice Grant the minter role to an address
@param minter address Address to grant the minter role
*/
function grantMinterRole(address minter)
external
onlyRole(DEFAULT_ADMIN_ROLE)
{
if (minter == address(0)) revert ZeroAddress();
_grantRole(MINTER_ROLE, minter);
emit GrantMinterRole(minter);
}
/**
@notice Revoke the minter role from an address
@param minter address Address to revoke the minter role
*/
function revokeMinterRole(address minter)
external
onlyRole(DEFAULT_ADMIN_ROLE)
{
if (hasRole(MINTER_ROLE, minter) == false) revert NotMinter();
_revokeRole(MINTER_ROLE, minter);
emit RevokeMinterRole(minter);
}
/**
* @dev Creates `amount` new tokens for `to`, of token type `id`.
*
* See {ERC1155-_mint}.
*
* Requirements:
*
* - the caller must have the `MINTER_ROLE`.
*/
function mint(
address to,
uint256 id,
uint256 amount,
bytes calldata data
) external onlyRole(MINTER_ROLE) {
_mint(to, id, amount, data);
}
function mintBatch(
address to,
uint256[] calldata ids,
uint256[] calldata amounts,
bytes calldata data
) external onlyRole(MINTER_ROLE) {
_batchMint(to, ids, amounts, data);
}
function burnBatch(
address from,
uint256[] calldata ids,
uint256[] calldata amounts
) external onlyRole(MINTER_ROLE) {
_batchBurn(from, ids, amounts);
}
function burn(
address from,
uint256 id,
uint256 amount
) external onlyRole(MINTER_ROLE) {
_burn(from, id, amount);
}
function uri(uint256 id) public view override returns (string memory) {}
// Necessary override due to AccessControl having the same method
function supportsInterface(bytes4 interfaceId)
public
pure
override(AccessControl, ERC1155)
returns (bool)
{
return
interfaceId == 0x01ffc9a7 || // ERC165 Interface ID for ERC165
interfaceId == 0xd9b67a26 || // ERC165 Interface ID for ERC1155
interfaceId == 0x0e89341c; // ERC165 Interface ID for ERC1155MetadataURI
}
}
合同源代码
文件 12 的 38:ERC1155Supply.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC1155/extensions/ERC1155Supply.sol)
pragma solidity ^0.8.0;
import "../ERC1155.sol";
/**
* @dev Extension of ERC1155 that adds tracking of total supply per id.
*
* Useful for scenarios where Fungible and Non-fungible tokens have to be
* clearly identified. Note: While a totalSupply of 1 might mean the
* corresponding is an NFT, there is no guarantees that no other token with the
* same id are not going to be minted.
*/
abstract contract ERC1155Supply is ERC1155 {
mapping(uint256 => uint256) private _totalSupply;
/**
* @dev Total amount of tokens in with a given id.
*/
function totalSupply(uint256 id) public view virtual returns (uint256) {
return _totalSupply[id];
}
/**
* @dev Indicates whether any token exist with a given id, or not.
*/
function exists(uint256 id) public view virtual returns (bool) {
return ERC1155Supply.totalSupply(id) > 0;
}
/**
* @dev See {ERC1155-_beforeTokenTransfer}.
*/
function _beforeTokenTransfer(
address operator,
address from,
address to,
uint256[] memory ids,
uint256[] memory amounts,
bytes memory data
) internal virtual override {
super._beforeTokenTransfer(operator, from, to, ids, amounts, data);
if (from == address(0)) {
for (uint256 i = 0; i < ids.length; ++i) {
_totalSupply[ids[i]] += amounts[i];
}
}
if (to == address(0)) {
for (uint256 i = 0; i < ids.length; ++i) {
uint256 id = ids[i];
uint256 amount = amounts[i];
uint256 supply = _totalSupply[id];
require(supply >= amount, "ERC1155: burn amount exceeds totalSupply");
unchecked {
_totalSupply[id] = supply - amount;
}
}
}
}
}
合同源代码
文件 13 的 38:ERC165.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/ERC165.sol)
pragma solidity ^0.8.0;
import "./IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*
* Alternatively, {ERC165Storage} provides an easier to use but more expensive implementation.
*/
abstract contract ERC165 is IERC165 {
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}
合同源代码
文件 14 的 38:ERC20.sol
// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity >=0.8.0;
/// @notice Modern and gas efficient ERC20 + EIP-2612 implementation.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/tokens/ERC20.sol)
/// @author Modified from Uniswap (https://github.com/Uniswap/uniswap-v2-core/blob/master/contracts/UniswapV2ERC20.sol)
/// @dev Do not manually set balances without updating totalSupply, as the sum of all user balances must not exceed it.
abstract contract ERC20 {
/*//////////////////////////////////////////////////////////////
EVENTS
//////////////////////////////////////////////////////////////*/
event Transfer(address indexed from, address indexed to, uint256 amount);
event Approval(address indexed owner, address indexed spender, uint256 amount);
/*//////////////////////////////////////////////////////////////
METADATA STORAGE
//////////////////////////////////////////////////////////////*/
string public name;
string public symbol;
uint8 public immutable decimals;
/*//////////////////////////////////////////////////////////////
ERC20 STORAGE
//////////////////////////////////////////////////////////////*/
uint256 public totalSupply;
mapping(address => uint256) public balanceOf;
mapping(address => mapping(address => uint256)) public allowance;
/*//////////////////////////////////////////////////////////////
EIP-2612 STORAGE
//////////////////////////////////////////////////////////////*/
uint256 internal immutable INITIAL_CHAIN_ID;
bytes32 internal immutable INITIAL_DOMAIN_SEPARATOR;
mapping(address => uint256) public nonces;
/*//////////////////////////////////////////////////////////////
CONSTRUCTOR
//////////////////////////////////////////////////////////////*/
constructor(
string memory _name,
string memory _symbol,
uint8 _decimals
) {
name = _name;
symbol = _symbol;
decimals = _decimals;
INITIAL_CHAIN_ID = block.chainid;
INITIAL_DOMAIN_SEPARATOR = computeDomainSeparator();
}
/*//////////////////////////////////////////////////////////////
ERC20 LOGIC
//////////////////////////////////////////////////////////////*/
function approve(address spender, uint256 amount) public virtual returns (bool) {
allowance[msg.sender][spender] = amount;
emit Approval(msg.sender, spender, amount);
return true;
}
function transfer(address to, uint256 amount) public virtual returns (bool) {
balanceOf[msg.sender] -= amount;
// Cannot overflow because the sum of all user
// balances can't exceed the max uint256 value.
unchecked {
balanceOf[to] += amount;
}
emit Transfer(msg.sender, to, amount);
return true;
}
function transferFrom(
address from,
address to,
uint256 amount
) public virtual returns (bool) {
uint256 allowed = allowance[from][msg.sender]; // Saves gas for limited approvals.
if (allowed != type(uint256).max) allowance[from][msg.sender] = allowed - amount;
balanceOf[from] -= amount;
// Cannot overflow because the sum of all user
// balances can't exceed the max uint256 value.
unchecked {
balanceOf[to] += amount;
}
emit Transfer(from, to, amount);
return true;
}
/*//////////////////////////////////////////////////////////////
EIP-2612 LOGIC
//////////////////////////////////////////////////////////////*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) public virtual {
require(deadline >= block.timestamp, "PERMIT_DEADLINE_EXPIRED");
// Unchecked because the only math done is incrementing
// the owner's nonce which cannot realistically overflow.
unchecked {
address recoveredAddress = ecrecover(
keccak256(
abi.encodePacked(
"\x19\x01",
DOMAIN_SEPARATOR(),
keccak256(
abi.encode(
keccak256(
"Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)"
),
owner,
spender,
value,
nonces[owner]++,
deadline
)
)
)
),
v,
r,
s
);
require(recoveredAddress != address(0) && recoveredAddress == owner, "INVALID_SIGNER");
allowance[recoveredAddress][spender] = value;
}
emit Approval(owner, spender, value);
}
function DOMAIN_SEPARATOR() public view virtual returns (bytes32) {
return block.chainid == INITIAL_CHAIN_ID ? INITIAL_DOMAIN_SEPARATOR : computeDomainSeparator();
}
function computeDomainSeparator() internal view virtual returns (bytes32) {
return
keccak256(
abi.encode(
keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"),
keccak256(bytes(name)),
keccak256("1"),
block.chainid,
address(this)
)
);
}
/*//////////////////////////////////////////////////////////////
INTERNAL MINT/BURN LOGIC
//////////////////////////////////////////////////////////////*/
function _mint(address to, uint256 amount) internal virtual {
totalSupply += amount;
// Cannot overflow because the sum of all user
// balances can't exceed the max uint256 value.
unchecked {
balanceOf[to] += amount;
}
emit Transfer(address(0), to, amount);
}
function _burn(address from, uint256 amount) internal virtual {
balanceOf[from] -= amount;
// Cannot underflow because a user's balance
// will never be larger than the total supply.
unchecked {
totalSupply -= amount;
}
emit Transfer(from, address(0), amount);
}
}
合同源代码
文件 15 的 38:ERC20SnapshotSolmate.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/ERC20Snapshot.sol)
pragma solidity ^0.8.0;
import {Arrays} from "openzeppelin-contracts/contracts/utils/Arrays.sol";
import {Counters} from "openzeppelin-contracts/contracts/utils/Counters.sol";
import {ECDSA} from "openzeppelin-contracts/contracts/utils/cryptography/ECDSA.sol";
/// @notice Modern and gas efficient ERC20 + EIP-2612 implementation.
/// @author Solmate (https://github.com/Rari-Capital/solmate/blob/main/src/tokens/ERC20.sol)
/// @author Modified from Uniswap (https://github.com/Uniswap/uniswap-v2-core/blob/master/contracts/UniswapV2ERC20.sol)
/// @dev Do not manually set balances without updating totalSupply, as the sum of all user balances must not exceed it.
abstract contract ERC20 {
/*///////////////////////////////////////////////////////////////
EVENTS
//////////////////////////////////////////////////////////////*/
event Transfer(address indexed from, address indexed to, uint256 amount);
event Approval(
address indexed owner,
address indexed spender,
uint256 amount
);
/*///////////////////////////////////////////////////////////////
METADATA STORAGE
//////////////////////////////////////////////////////////////*/
string public name;
string public symbol;
uint8 public immutable decimals;
/*///////////////////////////////////////////////////////////////
ERC20 STORAGE
//////////////////////////////////////////////////////////////*/
uint256 public totalSupply;
mapping(address => uint256) public balanceOf;
mapping(address => mapping(address => uint256)) public allowance;
/*///////////////////////////////////////////////////////////////
EIP-2612 STORAGE
//////////////////////////////////////////////////////////////*/
uint256 internal immutable INITIAL_CHAIN_ID;
bytes32 internal immutable INITIAL_DOMAIN_SEPARATOR;
mapping(address => uint256) public nonces;
/*///////////////////////////////////////////////////////////////
CONSTRUCTOR
//////////////////////////////////////////////////////////////*/
constructor(
string memory _name,
string memory _symbol,
uint8 _decimals
) {
name = _name;
symbol = _symbol;
decimals = _decimals;
INITIAL_CHAIN_ID = block.chainid;
INITIAL_DOMAIN_SEPARATOR = computeDomainSeparator();
}
/*///////////////////////////////////////////////////////////////
ERC20 LOGIC
//////////////////////////////////////////////////////////////*/
function approve(address spender, uint256 amount)
public
virtual
returns (bool)
{
allowance[msg.sender][spender] = amount;
emit Approval(msg.sender, spender, amount);
return true;
}
function _approve(
address owner,
address spender,
uint256 amount
) internal {
allowance[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
function transfer(address to, uint256 amount)
public
virtual
returns (bool)
{
_beforeTokenTransfer(msg.sender, to, amount);
balanceOf[msg.sender] -= amount;
// Cannot overflow because the sum of all user
// balances can't exceed the max uint256 value.
unchecked {
balanceOf[to] += amount;
}
emit Transfer(msg.sender, to, amount);
return true;
}
function transferFrom(
address from,
address to,
uint256 amount
) public virtual returns (bool) {
_beforeTokenTransfer(from, to, amount);
uint256 allowed = allowance[from][msg.sender]; // Saves gas for limited approvals.
if (allowed != type(uint256).max)
allowance[from][msg.sender] = allowed - amount;
balanceOf[from] -= amount;
// Cannot overflow because the sum of all user
// balances can't exceed the max uint256 value.
unchecked {
balanceOf[to] += amount;
}
emit Transfer(from, to, amount);
return true;
}
/*///////////////////////////////////////////////////////////////
EIP-2612 LOGIC
//////////////////////////////////////////////////////////////*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) public virtual {
require(deadline >= block.timestamp, "PERMIT_DEADLINE_EXPIRED");
// Unchecked because the only math done is incrementing
// the owner's nonce which cannot realistically overflow.
unchecked {
address recoveredAddress = ECDSA.recover(
keccak256(
abi.encodePacked(
"\x19\x01",
DOMAIN_SEPARATOR(),
keccak256(
abi.encode(
keccak256(
"Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)"
),
owner,
spender,
value,
nonces[owner]++,
deadline
)
)
)
),
v,
r,
s
);
require(
recoveredAddress != address(0) && recoveredAddress == owner,
"INVALID_SIGNER"
);
allowance[recoveredAddress][spender] = value;
}
emit Approval(owner, spender, value);
}
function DOMAIN_SEPARATOR() public view virtual returns (bytes32) {
return
block.chainid == INITIAL_CHAIN_ID
? INITIAL_DOMAIN_SEPARATOR
: computeDomainSeparator();
}
function computeDomainSeparator() internal view virtual returns (bytes32) {
return
keccak256(
abi.encode(
keccak256(
"EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"
),
keccak256(bytes(name)),
keccak256("1"),
block.chainid,
address(this)
)
);
}
/*///////////////////////////////////////////////////////////////
INTERNAL MINT/BURN LOGIC
//////////////////////////////////////////////////////////////*/
function _mint(address to, uint256 amount) internal virtual {
_beforeTokenTransfer(address(0), to, amount);
totalSupply += amount;
// Cannot overflow because the sum of all user
// balances can't exceed the max uint256 value.
unchecked {
balanceOf[to] += amount;
}
emit Transfer(address(0), to, amount);
}
function _burn(address from, uint256 amount) internal virtual {
_beforeTokenTransfer(from, address(0), amount);
balanceOf[from] -= amount;
// Cannot underflow because a user's balance
// will never be larger than the total supply.
unchecked {
totalSupply -= amount;
}
emit Transfer(from, address(0), amount);
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
}
/**
* @dev This contract extends an ERC20 token with a snapshot mechanism. When a snapshot is created, the balances and
* total supply at the time are recorded for later access.
*
* This can be used to safely create mechanisms based on token balances such as trustless dividends or weighted voting.
* In naive implementations it's possible to perform a "double spend" attack by reusing the same balance from different
* accounts. By using snapshots to calculate dividends or voting power, those attacks no longer apply. It can also be
* used to create an efficient ERC20 forking mechanism.
*
* Snapshots are created by the internal {_snapshot} function, which will emit the {Snapshot} event and return a
* snapshot id. To get the total supply at the time of a snapshot, call the function {totalSupplyAt} with the snapshot
* id. To get the balance of an account at the time of a snapshot, call the {balanceOfAt} function with the snapshot id
* and the account address.
*
* NOTE: Snapshot policy can be customized by overriding the {_getCurrentSnapshotId} method. For example, having it
* return `block.number` will trigger the creation of snapshot at the begining of each new block. When overridding this
* function, be careful about the monotonicity of its result. Non-monotonic snapshot ids will break the contract.
*
* Implementing snapshots for every block using this method will incur significant gas costs. For a gas-efficient
* alternative consider {ERC20Votes}.
*
* ==== Gas Costs
*
* Snapshots are efficient. Snapshot creation is _O(1)_. Retrieval of balances or total supply from a snapshot is _O(log
* n)_ in the number of snapshots that have been created, although _n_ for a specific account will generally be much
* smaller since identical balances in subsequent snapshots are stored as a single entry.
*
* There is a constant overhead for normal ERC20 transfers due to the additional snapshot bookkeeping. This overhead is
* only significant for the first transfer that immediately follows a snapshot for a particular account. Subsequent
* transfers will have normal cost until the next snapshot, and so on.
*/
contract ERC20SnapshotSolmate is ERC20 {
// Inspired by Jordi Baylina's MiniMeToken to record historical balances:
// https://github.com/Giveth/minimd/blob/ea04d950eea153a04c51fa510b068b9dded390cb/contracts/MiniMeToken.sol
using Arrays for uint256[];
using Counters for Counters.Counter;
// Snapshotted values have arrays of ids and the value corresponding to that id. These could be an array of a
// Snapshot struct, but that would impede usage of functions that work on an array.
struct Snapshots {
uint256[] ids;
uint256[] values;
}
mapping(address => Snapshots) private _accountBalanceSnapshots;
Snapshots private _totalSupplySnapshots;
// Snapshot ids increase monotonically, with the first value being 1. An id of 0 is invalid.
Counters.Counter private _currentSnapshotId;
/**
* @dev Emitted by {_snapshot} when a snapshot identified by `id` is created.
*/
event Snapshot(uint256 id);
constructor(
string memory _name,
string memory _symbol,
uint8 _decimals
) ERC20(_name, _symbol, _decimals) {}
/**
* @dev Creates a new snapshot and returns its snapshot id.
*
* Emits a {Snapshot} event that contains the same id.
*
* {_snapshot} is `internal` and you have to decide how to expose it externally. Its usage may be restricted to a
* set of accounts, for example using {AccessControl}, or it may be open to the public.
*
* [WARNING]
* ====
* While an open way of calling {_snapshot} is required for certain trust minimization mechanisms such as forking,
* you must consider that it can potentially be used by attackers in two ways.
*
* First, it can be used to increase the cost of retrieval of values from snapshots, although it will grow
* logarithmically thus rendering this attack ineffective in the long term. Second, it can be used to target
* specific accounts and increase the cost of ERC20 transfers for them, in the ways specified in the Gas Costs
* section above.
*
* We haven't measured the actual numbers; if this is something you're interested in please reach out to us.
* ====
*/
function _snapshot() internal virtual returns (uint256) {
_currentSnapshotId.increment();
uint256 currentId = _getCurrentSnapshotId();
emit Snapshot(currentId);
return currentId;
}
/**
* @dev Get the current snapshotId
*/
function _getCurrentSnapshotId() internal view virtual returns (uint256) {
return _currentSnapshotId.current();
}
/**
* @dev Retrieves the balance of `account` at the time `snapshotId` was created.
*/
function balanceOfAt(address account, uint256 snapshotId)
public
view
virtual
returns (uint256)
{
(bool snapshotted, uint256 value) = _valueAt(
snapshotId,
_accountBalanceSnapshots[account]
);
return snapshotted ? value : balanceOf[account];
}
/**
* @dev Retrieves the total supply at the time `snapshotId` was created.
*/
function totalSupplyAt(uint256 snapshotId)
public
view
virtual
returns (uint256)
{
(bool snapshotted, uint256 value) = _valueAt(
snapshotId,
_totalSupplySnapshots
);
return snapshotted ? value : totalSupply;
}
// Update balance and/or total supply snapshots before the values are modified. This is implemented
// in the _beforeTokenTransfer hook, which is executed for _mint, _burn, and _transfer operations.
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual override {
super._beforeTokenTransfer(from, to, amount);
if (from == address(0)) {
// mint
_updateAccountSnapshot(to);
_updateTotalSupplySnapshot();
} else if (to == address(0)) {
// burn
_updateAccountSnapshot(from);
_updateTotalSupplySnapshot();
} else {
// transfer
_updateAccountSnapshot(from);
_updateAccountSnapshot(to);
}
}
function _valueAt(uint256 snapshotId, Snapshots storage snapshots)
private
view
returns (bool, uint256)
{
require(snapshotId > 0, "ERC20Snapshot: id is 0");
require(
snapshotId <= _getCurrentSnapshotId(),
"ERC20Snapshot: nonexistent id"
);
// When a valid snapshot is queried, there are three possibilities:
// a) The queried value was not modified after the snapshot was taken. Therefore, a snapshot entry was never
// created for this id, and all stored snapshot ids are smaller than the requested one. The value that corresponds
// to this id is the current one.
// b) The queried value was modified after the snapshot was taken. Therefore, there will be an entry with the
// requested id, and its value is the one to return.
// c) More snapshots were created after the requested one, and the queried value was later modified. There will be
// no entry for the requested id: the value that corresponds to it is that of the smallest snapshot id that is
// larger than the requested one.
//
// In summary, we need to find an element in an array, returning the index of the smallest value that is larger if
// it is not found, unless said value doesn't exist (e.g. when all values are smaller). Arrays.findUpperBound does
// exactly this.
uint256 index = snapshots.ids.findUpperBound(snapshotId);
if (index == snapshots.ids.length) {
return (false, 0);
} else {
return (true, snapshots.values[index]);
}
}
function _updateAccountSnapshot(address account) private {
_updateSnapshot(_accountBalanceSnapshots[account], balanceOf[account]);
}
function _updateTotalSupplySnapshot() private {
_updateSnapshot(_totalSupplySnapshots, totalSupply);
}
function _updateSnapshot(Snapshots storage snapshots, uint256 currentValue)
private
{
uint256 currentId = _getCurrentSnapshotId();
if (_lastSnapshotId(snapshots.ids) < currentId) {
snapshots.ids.push(currentId);
snapshots.values.push(currentValue);
}
}
function _lastSnapshotId(uint256[] storage ids)
private
view
returns (uint256)
{
uint256 idsLen = ids.length;
if (idsLen == 0) {
return 0;
} else {
return ids[idsLen - 1];
}
}
}
合同源代码
文件 16 的 38:ERC4626.sol
// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity >=0.8.0;
import {ERC20} from "../tokens/ERC20.sol";
import {SafeTransferLib} from "../utils/SafeTransferLib.sol";
import {FixedPointMathLib} from "../utils/FixedPointMathLib.sol";
/// @notice Minimal ERC4626 tokenized Vault implementation.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/mixins/ERC4626.sol)
abstract contract ERC4626 is ERC20 {
using SafeTransferLib for ERC20;
using FixedPointMathLib for uint256;
/*//////////////////////////////////////////////////////////////
EVENTS
//////////////////////////////////////////////////////////////*/
event Deposit(address indexed caller, address indexed owner, uint256 assets, uint256 shares);
event Withdraw(
address indexed caller,
address indexed receiver,
address indexed owner,
uint256 assets,
uint256 shares
);
/*//////////////////////////////////////////////////////////////
IMMUTABLES
//////////////////////////////////////////////////////////////*/
ERC20 public immutable asset;
constructor(
ERC20 _asset,
string memory _name,
string memory _symbol
) ERC20(_name, _symbol, _asset.decimals()) {
asset = _asset;
}
/*//////////////////////////////////////////////////////////////
DEPOSIT/WITHDRAWAL LOGIC
//////////////////////////////////////////////////////////////*/
function deposit(uint256 assets, address receiver) public virtual returns (uint256 shares) {
// Check for rounding error since we round down in previewDeposit.
require((shares = previewDeposit(assets)) != 0, "ZERO_SHARES");
// Need to transfer before minting or ERC777s could reenter.
asset.safeTransferFrom(msg.sender, address(this), assets);
_mint(receiver, shares);
emit Deposit(msg.sender, receiver, assets, shares);
afterDeposit(assets, shares);
}
function mint(uint256 shares, address receiver) public virtual returns (uint256 assets) {
assets = previewMint(shares); // No need to check for rounding error, previewMint rounds up.
// Need to transfer before minting or ERC777s could reenter.
asset.safeTransferFrom(msg.sender, address(this), assets);
_mint(receiver, shares);
emit Deposit(msg.sender, receiver, assets, shares);
afterDeposit(assets, shares);
}
function withdraw(
uint256 assets,
address receiver,
address owner
) public virtual returns (uint256 shares) {
shares = previewWithdraw(assets); // No need to check for rounding error, previewWithdraw rounds up.
if (msg.sender != owner) {
uint256 allowed = allowance[owner][msg.sender]; // Saves gas for limited approvals.
if (allowed != type(uint256).max) allowance[owner][msg.sender] = allowed - shares;
}
beforeWithdraw(assets, shares);
_burn(owner, shares);
emit Withdraw(msg.sender, receiver, owner, assets, shares);
asset.safeTransfer(receiver, assets);
}
function redeem(
uint256 shares,
address receiver,
address owner
) public virtual returns (uint256 assets) {
if (msg.sender != owner) {
uint256 allowed = allowance[owner][msg.sender]; // Saves gas for limited approvals.
if (allowed != type(uint256).max) allowance[owner][msg.sender] = allowed - shares;
}
// Check for rounding error since we round down in previewRedeem.
require((assets = previewRedeem(shares)) != 0, "ZERO_ASSETS");
beforeWithdraw(assets, shares);
_burn(owner, shares);
emit Withdraw(msg.sender, receiver, owner, assets, shares);
asset.safeTransfer(receiver, assets);
}
/*//////////////////////////////////////////////////////////////
ACCOUNTING LOGIC
//////////////////////////////////////////////////////////////*/
function totalAssets() public view virtual returns (uint256);
function convertToShares(uint256 assets) public view virtual returns (uint256) {
uint256 supply = totalSupply; // Saves an extra SLOAD if totalSupply is non-zero.
return supply == 0 ? assets : assets.mulDivDown(supply, totalAssets());
}
function convertToAssets(uint256 shares) public view virtual returns (uint256) {
uint256 supply = totalSupply; // Saves an extra SLOAD if totalSupply is non-zero.
return supply == 0 ? shares : shares.mulDivDown(totalAssets(), supply);
}
function previewDeposit(uint256 assets) public view virtual returns (uint256) {
return convertToShares(assets);
}
function previewMint(uint256 shares) public view virtual returns (uint256) {
uint256 supply = totalSupply; // Saves an extra SLOAD if totalSupply is non-zero.
return supply == 0 ? shares : shares.mulDivUp(totalAssets(), supply);
}
function previewWithdraw(uint256 assets) public view virtual returns (uint256) {
uint256 supply = totalSupply; // Saves an extra SLOAD if totalSupply is non-zero.
return supply == 0 ? assets : assets.mulDivUp(supply, totalAssets());
}
function previewRedeem(uint256 shares) public view virtual returns (uint256) {
return convertToAssets(shares);
}
/*//////////////////////////////////////////////////////////////
DEPOSIT/WITHDRAWAL LIMIT LOGIC
//////////////////////////////////////////////////////////////*/
function maxDeposit(address) public view virtual returns (uint256) {
return type(uint256).max;
}
function maxMint(address) public view virtual returns (uint256) {
return type(uint256).max;
}
function maxWithdraw(address owner) public view virtual returns (uint256) {
return convertToAssets(balanceOf[owner]);
}
function maxRedeem(address owner) public view virtual returns (uint256) {
return balanceOf[owner];
}
/*//////////////////////////////////////////////////////////////
INTERNAL HOOKS LOGIC
//////////////////////////////////////////////////////////////*/
function beforeWithdraw(uint256 assets, uint256 shares) internal virtual {}
function afterDeposit(uint256 assets, uint256 shares) internal virtual {}
}
合同源代码
文件 17 的 38:FixedPointMathLib.sol
// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity >=0.8.0;
/// @notice Arithmetic library with operations for fixed-point numbers.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/FixedPointMathLib.sol)
/// @author Inspired by USM (https://github.com/usmfum/USM/blob/master/contracts/WadMath.sol)
library FixedPointMathLib {
/*//////////////////////////////////////////////////////////////
SIMPLIFIED FIXED POINT OPERATIONS
//////////////////////////////////////////////////////////////*/
uint256 internal constant MAX_UINT256 = 2**256 - 1;
uint256 internal constant WAD = 1e18; // The scalar of ETH and most ERC20s.
function mulWadDown(uint256 x, uint256 y) internal pure returns (uint256) {
return mulDivDown(x, y, WAD); // Equivalent to (x * y) / WAD rounded down.
}
function mulWadUp(uint256 x, uint256 y) internal pure returns (uint256) {
return mulDivUp(x, y, WAD); // Equivalent to (x * y) / WAD rounded up.
}
function divWadDown(uint256 x, uint256 y) internal pure returns (uint256) {
return mulDivDown(x, WAD, y); // Equivalent to (x * WAD) / y rounded down.
}
function divWadUp(uint256 x, uint256 y) internal pure returns (uint256) {
return mulDivUp(x, WAD, y); // Equivalent to (x * WAD) / y rounded up.
}
/*//////////////////////////////////////////////////////////////
LOW LEVEL FIXED POINT OPERATIONS
//////////////////////////////////////////////////////////////*/
function mulDivDown(
uint256 x,
uint256 y,
uint256 denominator
) internal pure returns (uint256 z) {
assembly {
// Equivalent to require(denominator != 0 && (y == 0 || x <= type(uint256).max / y))
if iszero(mul(denominator, iszero(mul(y, gt(x, div(MAX_UINT256, y)))))) {
revert(0, 0)
}
// Divide x * y by the denominator.
z := div(mul(x, y), denominator)
}
}
function mulDivUp(
uint256 x,
uint256 y,
uint256 denominator
) internal pure returns (uint256 z) {
assembly {
// Equivalent to require(denominator != 0 && (y == 0 || x <= type(uint256).max / y))
if iszero(mul(denominator, iszero(mul(y, gt(x, div(MAX_UINT256, y)))))) {
revert(0, 0)
}
// If x * y modulo the denominator is strictly greater than 0,
// 1 is added to round up the division of x * y by the denominator.
z := add(gt(mod(mul(x, y), denominator), 0), div(mul(x, y), denominator))
}
}
function rpow(
uint256 x,
uint256 n,
uint256 scalar
) internal pure returns (uint256 z) {
assembly {
switch x
case 0 {
switch n
case 0 {
// 0 ** 0 = 1
z := scalar
}
default {
// 0 ** n = 0
z := 0
}
}
default {
switch mod(n, 2)
case 0 {
// If n is even, store scalar in z for now.
z := scalar
}
default {
// If n is odd, store x in z for now.
z := x
}
// Shifting right by 1 is like dividing by 2.
let half := shr(1, scalar)
for {
// Shift n right by 1 before looping to halve it.
n := shr(1, n)
} n {
// Shift n right by 1 each iteration to halve it.
n := shr(1, n)
} {
// Revert immediately if x ** 2 would overflow.
// Equivalent to iszero(eq(div(xx, x), x)) here.
if shr(128, x) {
revert(0, 0)
}
// Store x squared.
let xx := mul(x, x)
// Round to the nearest number.
let xxRound := add(xx, half)
// Revert if xx + half overflowed.
if lt(xxRound, xx) {
revert(0, 0)
}
// Set x to scaled xxRound.
x := div(xxRound, scalar)
// If n is even:
if mod(n, 2) {
// Compute z * x.
let zx := mul(z, x)
// If z * x overflowed:
if iszero(eq(div(zx, x), z)) {
// Revert if x is non-zero.
if iszero(iszero(x)) {
revert(0, 0)
}
}
// Round to the nearest number.
let zxRound := add(zx, half)
// Revert if zx + half overflowed.
if lt(zxRound, zx) {
revert(0, 0)
}
// Return properly scaled zxRound.
z := div(zxRound, scalar)
}
}
}
}
}
/*//////////////////////////////////////////////////////////////
GENERAL NUMBER UTILITIES
//////////////////////////////////////////////////////////////*/
function sqrt(uint256 x) internal pure returns (uint256 z) {
assembly {
let y := x // We start y at x, which will help us make our initial estimate.
z := 181 // The "correct" value is 1, but this saves a multiplication later.
// This segment is to get a reasonable initial estimate for the Babylonian method. With a bad
// start, the correct # of bits increases ~linearly each iteration instead of ~quadratically.
// We check y >= 2^(k + 8) but shift right by k bits
// each branch to ensure that if x >= 256, then y >= 256.
if iszero(lt(y, 0x10000000000000000000000000000000000)) {
y := shr(128, y)
z := shl(64, z)
}
if iszero(lt(y, 0x1000000000000000000)) {
y := shr(64, y)
z := shl(32, z)
}
if iszero(lt(y, 0x10000000000)) {
y := shr(32, y)
z := shl(16, z)
}
if iszero(lt(y, 0x1000000)) {
y := shr(16, y)
z := shl(8, z)
}
// Goal was to get z*z*y within a small factor of x. More iterations could
// get y in a tighter range. Currently, we will have y in [256, 256*2^16).
// We ensured y >= 256 so that the relative difference between y and y+1 is small.
// That's not possible if x < 256 but we can just verify those cases exhaustively.
// Now, z*z*y <= x < z*z*(y+1), and y <= 2^(16+8), and either y >= 256, or x < 256.
// Correctness can be checked exhaustively for x < 256, so we assume y >= 256.
// Then z*sqrt(y) is within sqrt(257)/sqrt(256) of sqrt(x), or about 20bps.
// For s in the range [1/256, 256], the estimate f(s) = (181/1024) * (s+1) is in the range
// (1/2.84 * sqrt(s), 2.84 * sqrt(s)), with largest error when s = 1 and when s = 256 or 1/256.
// Since y is in [256, 256*2^16), let a = y/65536, so that a is in [1/256, 256). Then we can estimate
// sqrt(y) using sqrt(65536) * 181/1024 * (a + 1) = 181/4 * (y + 65536)/65536 = 181 * (y + 65536)/2^18.
// There is no overflow risk here since y < 2^136 after the first branch above.
z := shr(18, mul(z, add(y, 65536))) // A mul() is saved from starting z at 181.
// Given the worst case multiplicative error of 2.84 above, 7 iterations should be enough.
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
// If x+1 is a perfect square, the Babylonian method cycles between
// floor(sqrt(x)) and ceil(sqrt(x)). This statement ensures we return floor.
// See: https://en.wikipedia.org/wiki/Integer_square_root#Using_only_integer_division
// Since the ceil is rare, we save gas on the assignment and repeat division in the rare case.
// If you don't care whether the floor or ceil square root is returned, you can remove this statement.
z := sub(z, lt(div(x, z), z))
}
}
function unsafeMod(uint256 x, uint256 y) internal pure returns (uint256 z) {
assembly {
// Mod x by y. Note this will return
// 0 instead of reverting if y is zero.
z := mod(x, y)
}
}
function unsafeDiv(uint256 x, uint256 y) internal pure returns (uint256 r) {
assembly {
// Divide x by y. Note this will return
// 0 instead of reverting if y is zero.
r := div(x, y)
}
}
function unsafeDivUp(uint256 x, uint256 y) internal pure returns (uint256 z) {
assembly {
// Add 1 to x * y if x % y > 0. Note this will
// return 0 instead of reverting if y is zero.
z := add(gt(mod(x, y), 0), div(x, y))
}
}
}
合同源代码
文件 18 的 38:IAccessControl.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (access/IAccessControl.sol)
pragma solidity ^0.8.0;
/**
* @dev External interface of AccessControl declared to support ERC165 detection.
*/
interface IAccessControl {
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted signaling this.
*
* _Available since v3.1._
*/
event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call, an admin role
* bearer except when using {AccessControl-_setupRole}.
*/
event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/
event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) external view returns (bool);
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {AccessControl-_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) external view returns (bytes32);
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function grantRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function revokeRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `account`.
*/
function renounceRole(bytes32 role, address account) external;
}
合同源代码
文件 19 的 38:IERC1155.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (token/ERC1155/IERC1155.sol)
pragma solidity ^0.8.0;
import "../../utils/introspection/IERC165.sol";
/**
* @dev Required interface of an ERC1155 compliant contract, as defined in the
* https://eips.ethereum.org/EIPS/eip-1155[EIP].
*
* _Available since v3.1._
*/
interface IERC1155 is IERC165 {
/**
* @dev Emitted when `value` tokens of token type `id` are transferred from `from` to `to` by `operator`.
*/
event TransferSingle(address indexed operator, address indexed from, address indexed to, uint256 id, uint256 value);
/**
* @dev Equivalent to multiple {TransferSingle} events, where `operator`, `from` and `to` are the same for all
* transfers.
*/
event TransferBatch(
address indexed operator,
address indexed from,
address indexed to,
uint256[] ids,
uint256[] values
);
/**
* @dev Emitted when `account` grants or revokes permission to `operator` to transfer their tokens, according to
* `approved`.
*/
event ApprovalForAll(address indexed account, address indexed operator, bool approved);
/**
* @dev Emitted when the URI for token type `id` changes to `value`, if it is a non-programmatic URI.
*
* If an {URI} event was emitted for `id`, the standard
* https://eips.ethereum.org/EIPS/eip-1155#metadata-extensions[guarantees] that `value` will equal the value
* returned by {IERC1155MetadataURI-uri}.
*/
event URI(string value, uint256 indexed id);
/**
* @dev Returns the amount of tokens of token type `id` owned by `account`.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/
function balanceOf(address account, uint256 id) external view returns (uint256);
/**
* @dev xref:ROOT:erc1155.adoc#batch-operations[Batched] version of {balanceOf}.
*
* Requirements:
*
* - `accounts` and `ids` must have the same length.
*/
function balanceOfBatch(address[] calldata accounts, uint256[] calldata ids)
external
view
returns (uint256[] memory);
/**
* @dev Grants or revokes permission to `operator` to transfer the caller's tokens, according to `approved`,
*
* Emits an {ApprovalForAll} event.
*
* Requirements:
*
* - `operator` cannot be the caller.
*/
function setApprovalForAll(address operator, bool approved) external;
/**
* @dev Returns true if `operator` is approved to transfer ``account``'s tokens.
*
* See {setApprovalForAll}.
*/
function isApprovedForAll(address account, address operator) external view returns (bool);
/**
* @dev Transfers `amount` tokens of token type `id` from `from` to `to`.
*
* Emits a {TransferSingle} event.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - If the caller is not `from`, it must have been approved to spend ``from``'s tokens via {setApprovalForAll}.
* - `from` must have a balance of tokens of type `id` of at least `amount`.
* - If `to` refers to a smart contract, it must implement {IERC1155Receiver-onERC1155Received} and return the
* acceptance magic value.
*/
function safeTransferFrom(
address from,
address to,
uint256 id,
uint256 amount,
bytes calldata data
) external;
/**
* @dev xref:ROOT:erc1155.adoc#batch-operations[Batched] version of {safeTransferFrom}.
*
* Emits a {TransferBatch} event.
*
* Requirements:
*
* - `ids` and `amounts` must have the same length.
* - If `to` refers to a smart contract, it must implement {IERC1155Receiver-onERC1155BatchReceived} and return the
* acceptance magic value.
*/
function safeBatchTransferFrom(
address from,
address to,
uint256[] calldata ids,
uint256[] calldata amounts,
bytes calldata data
) external;
}
合同源代码
文件 20 的 38:IERC1155MetadataURI.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC1155/extensions/IERC1155MetadataURI.sol)
pragma solidity ^0.8.0;
import "../IERC1155.sol";
/**
* @dev Interface of the optional ERC1155MetadataExtension interface, as defined
* in the https://eips.ethereum.org/EIPS/eip-1155#metadata-extensions[EIP].
*
* _Available since v3.1._
*/
interface IERC1155MetadataURI is IERC1155 {
/**
* @dev Returns the URI for token type `id`.
*
* If the `\{id\}` substring is present in the URI, it must be replaced by
* clients with the actual token type ID.
*/
function uri(uint256 id) external view returns (string memory);
}
合同源代码
文件 21 的 38:IERC1155Receiver.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (token/ERC1155/IERC1155Receiver.sol)
pragma solidity ^0.8.0;
import "../../utils/introspection/IERC165.sol";
/**
* @dev _Available since v3.1._
*/
interface IERC1155Receiver is IERC165 {
/**
* @dev Handles the receipt of a single ERC1155 token type. This function is
* called at the end of a `safeTransferFrom` after the balance has been updated.
*
* NOTE: To accept the transfer, this must return
* `bytes4(keccak256("onERC1155Received(address,address,uint256,uint256,bytes)"))`
* (i.e. 0xf23a6e61, or its own function selector).
*
* @param operator The address which initiated the transfer (i.e. msg.sender)
* @param from The address which previously owned the token
* @param id The ID of the token being transferred
* @param value The amount of tokens being transferred
* @param data Additional data with no specified format
* @return `bytes4(keccak256("onERC1155Received(address,address,uint256,uint256,bytes)"))` if transfer is allowed
*/
function onERC1155Received(
address operator,
address from,
uint256 id,
uint256 value,
bytes calldata data
) external returns (bytes4);
/**
* @dev Handles the receipt of a multiple ERC1155 token types. This function
* is called at the end of a `safeBatchTransferFrom` after the balances have
* been updated.
*
* NOTE: To accept the transfer(s), this must return
* `bytes4(keccak256("onERC1155BatchReceived(address,address,uint256[],uint256[],bytes)"))`
* (i.e. 0xbc197c81, or its own function selector).
*
* @param operator The address which initiated the batch transfer (i.e. msg.sender)
* @param from The address which previously owned the token
* @param ids An array containing ids of each token being transferred (order and length must match values array)
* @param values An array containing amounts of each token being transferred (order and length must match ids array)
* @param data Additional data with no specified format
* @return `bytes4(keccak256("onERC1155BatchReceived(address,address,uint256[],uint256[],bytes)"))` if transfer is allowed
*/
function onERC1155BatchReceived(
address operator,
address from,
uint256[] calldata ids,
uint256[] calldata values,
bytes calldata data
) external returns (bytes4);
}
合同源代码
文件 22 的 38:IERC165.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/IERC165.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
合同源代码
文件 23 的 38:IRLBTRFLY.sol
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
interface IRLBTRFLY {
struct LockedBalance {
uint224 amount;
uint32 unlockTime;
}
function lock(address account, uint256 amount) external;
function lockedBalances(address account)
external
view
returns (
uint256 total,
uint256 unlockable,
uint256 locked,
LockedBalance[] memory lockData
);
function lockedBalanceOf(address account)
external
view
returns (uint256 amount);
function processExpiredLocks(bool relock) external;
function shutdown() external;
}
合同源代码
文件 24 的 38:IRewardDistributor.sol
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
interface IRewardDistributor {
struct Distribution {
address token;
bytes32 merkleRoot;
bytes32 proof;
}
struct Claim {
address token;
address account;
uint256 amount;
bytes32[] merkleProof;
}
function claim(Claim[] calldata claims) external;
function updateRewardsMetadata(Distribution[] calldata distributions)
external;
function claimed(address token, address account)
external
view
returns (uint256 amount);
}
合同源代码
文件 25 的 38:Math.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (utils/math/Math.sol)
pragma solidity ^0.8.0;
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
enum Rounding {
Down, // Toward negative infinity
Up, // Toward infinity
Zero // Toward zero
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds up instead
* of rounding down.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
* with further edits by Uniswap Labs also under MIT license.
*/
function mulDiv(
uint256 x,
uint256 y,
uint256 denominator
) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod0 := mul(x, y)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
require(denominator > prod1);
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.
// See https://cs.stackexchange.com/q/138556/92363.
// Does not overflow because the denominator cannot be zero at this stage in the function.
uint256 twos = denominator & (~denominator + 1);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works
// in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(
uint256 x,
uint256 y,
uint256 denominator,
Rounding rounding
) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10**64) {
value /= 10**64;
result += 64;
}
if (value >= 10**32) {
value /= 10**32;
result += 32;
}
if (value >= 10**16) {
value /= 10**16;
result += 16;
}
if (value >= 10**8) {
value /= 10**8;
result += 8;
}
if (value >= 10**4) {
value /= 10**4;
result += 4;
}
if (value >= 10**2) {
value /= 10**2;
result += 2;
}
if (value >= 10**1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (rounding == Rounding.Up && 10**result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256, rounded down, of a positive value.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (rounding == Rounding.Up && 1 << (result << 3) < value ? 1 : 0);
}
}
}
合同源代码
文件 26 的 38:Ownable.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
合同源代码
文件 27 的 38:Pausable.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (security/Pausable.sol)
pragma solidity ^0.8.0;
import "../utils/Context.sol";
/**
* @dev Contract module which allows children to implement an emergency stop
* mechanism that can be triggered by an authorized account.
*
* This module is used through inheritance. It will make available the
* modifiers `whenNotPaused` and `whenPaused`, which can be applied to
* the functions of your contract. Note that they will not be pausable by
* simply including this module, only once the modifiers are put in place.
*/
abstract contract Pausable is Context {
/**
* @dev Emitted when the pause is triggered by `account`.
*/
event Paused(address account);
/**
* @dev Emitted when the pause is lifted by `account`.
*/
event Unpaused(address account);
bool private _paused;
/**
* @dev Initializes the contract in unpaused state.
*/
constructor() {
_paused = false;
}
/**
* @dev Modifier to make a function callable only when the contract is not paused.
*
* Requirements:
*
* - The contract must not be paused.
*/
modifier whenNotPaused() {
_requireNotPaused();
_;
}
/**
* @dev Modifier to make a function callable only when the contract is paused.
*
* Requirements:
*
* - The contract must be paused.
*/
modifier whenPaused() {
_requirePaused();
_;
}
/**
* @dev Returns true if the contract is paused, and false otherwise.
*/
function paused() public view virtual returns (bool) {
return _paused;
}
/**
* @dev Throws if the contract is paused.
*/
function _requireNotPaused() internal view virtual {
require(!paused(), "Pausable: paused");
}
/**
* @dev Throws if the contract is not paused.
*/
function _requirePaused() internal view virtual {
require(paused(), "Pausable: not paused");
}
/**
* @dev Triggers stopped state.
*
* Requirements:
*
* - The contract must not be paused.
*/
function _pause() internal virtual whenNotPaused {
_paused = true;
emit Paused(_msgSender());
}
/**
* @dev Returns to normal state.
*
* Requirements:
*
* - The contract must be paused.
*/
function _unpause() internal virtual whenPaused {
_paused = false;
emit Unpaused(_msgSender());
}
}
合同源代码
文件 28 的 38:PirexBtrfly.sol
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import {ReentrancyGuard} from "solmate/utils/ReentrancyGuard.sol";
import {ERC20} from "solmate/tokens/ERC20.sol";
import {SafeTransferLib} from "solmate/utils/SafeTransferLib.sol";
import {Bytes32AddressLib} from "solmate/utils/Bytes32AddressLib.sol";
import {PirexBtrflyBase} from "src/PirexBtrflyBase.sol";
import {PxBtrfly} from "src/PxBtrfly.sol";
import {PirexFees} from "src/PirexFees.sol";
import {UnionPirexVault} from "src/vault/UnionPirexVault.sol";
import {ERC1155Solmate} from "src/tokens/ERC1155Solmate.sol";
import {ERC1155PresetMinterSupply} from "src/tokens/ERC1155PresetMinterSupply.sol";
import {IRewardDistributor} from "src/interfaces/IRewardDistributor.sol";
import {IRLBTRFLY} from "src/interfaces/IRLBTRFLY.sol";
/**
@notice
Based on PirexCvx, updated and optimized using the latest guidelines
Notable modifications:
- Adapt main internal dependencies to use BTRFLYV2's contract suite
- Remove vote delegation related functionalities
- Add internal mapping structure to allow reward forwarding for specific accounts (ie. LPs)
- Add methods to manage the reward forwarding above
- Update snapshot reward redemption method to take into account reward forwarding
*/
contract PirexBtrfly is ReentrancyGuard, PirexBtrflyBase {
using SafeTransferLib for ERC20;
using Bytes32AddressLib for address;
/**
@notice Data pertaining to an emergency migration
@param recipient address Recipient of the tokens (e.g. new PirexBtrfly contract)
@param tokens address[] Token addresses
*/
struct EmergencyMigration {
address recipient;
address[] tokens;
}
// Users can choose between the two futures tokens when staking or initiating a redemption
enum Futures {
Vote,
Reward
}
// Configurable contracts
enum Contract {
PxBtrfly,
PirexFees,
RewardDistributor,
UpxBtrfly,
SpxBtrfly,
VpxBtrfly,
RpxBtrfly,
UnionPirexVault
}
// Configurable fees
enum Fees {
Reward,
RedemptionMax,
RedemptionMin,
Developers
}
// Duration for each reward distribution (1,209,600 seconds)
uint32 public constant EPOCH_DURATION = 2 weeks;
// Fee denominator
uint32 public constant FEE_DENOMINATOR = 1_000_000;
// Fee maximum
uint32 public constant FEE_MAX = 100_000;
// Maximum wait time for a BTRFLYV2 redemption (10,281,600 seconds)
uint32 public constant MAX_REDEMPTION_TIME = 17 weeks;
// Unused ERC1155 `data` param value
bytes private constant UNUSED_1155_DATA = "";
PxBtrfly public pxBtrfly;
PirexFees public pirexFees;
IRewardDistributor public rewardDistributor;
ERC1155Solmate public upxBtrfly;
ERC1155Solmate public spxBtrfly;
ERC1155PresetMinterSupply public vpxBtrfly;
ERC1155PresetMinterSupply public rpxBtrfly;
UnionPirexVault public unionPirex;
// Fees (e.g. 5000 / 1000000 = 0.5%)
mapping(Fees => uint32) public fees;
// BTRFLYV2 unlock timestamps mapped to amount being redeemed
mapping(uint256 => uint256) public redemptions;
// Reward forwarding mapping for the LPs
mapping(address => address) public rewardForwarding;
// Developers who are eligible for incentives as part of the new initiative
// to enable builders to sustainably build apps for the Pirex ecosystem
mapping(address => bool) public developers;
// Emergency migration data
EmergencyMigration public emergencyMigration;
// Non-Pirex multisig which has authority to fulfill emergency procedures
address public emergencyExecutor;
// In the case of a mass unlock (ie. migration), the current upxBtrfly would be deprecated
// and should allow holders to immediately redeem their BTRFLYV2 by burning upxBtrfly
bool public upxBtrflyDeprecated;
event SetContract(Contract indexed c, address contractAddress);
event SetFee(Fees indexed f, uint32 fee);
event AddDeveloper(address developer);
event RemoveDeveloper(address developer);
event MintFutures(
uint256 rounds,
Futures indexed f,
uint256 assets,
address indexed receiver
);
event Deposit(
uint256 assets,
address indexed receiver,
bool indexed shouldCompound,
address indexed developer
);
event InitiateRedemptions(
uint256[] lockIndexes,
Futures indexed f,
uint256[] assets,
address indexed receiver
);
event Redeem(
uint256[] unlockTimes,
uint256[] assets,
address indexed receiver,
bool legacy
);
event Stake(
uint256 rounds,
Futures indexed f,
uint256 assets,
address indexed receiver
);
event Unstake(uint256 id, uint256 assets, address indexed receiver);
event ClaimReward(address indexed token, uint256 amount);
event RedeemSnapshotRewards(
uint256 indexed epoch,
uint256[] rewardIndexes,
address indexed receiver,
uint256 snapshotBalance,
uint256 snapshotSupply
);
event RedeemFuturesRewards(
uint256 indexed epoch,
address indexed receiver,
bytes32[] rewards
);
event ExchangeFutures(
uint256 indexed epoch,
uint256 amount,
address indexed receiver,
Futures f
);
event SetRewardForwarding(address account, address to);
event UnsetRewardForwarding(address account);
event InitializeEmergencyExecutor(address _emergencyExecutor);
event SetEmergencyMigration(EmergencyMigration _emergencyMigration);
event SetUpxBtrflyDeprecated(bool state);
event ExecuteEmergencyMigration(address recipient, address[] tokens);
error ZeroAmount();
error BeforeUnlock();
error InsufficientBalance();
error AlreadyRedeemed();
error InsufficientRedemptionAllowance();
error PastExchangePeriod();
error InvalidFee();
error BeforeStakingExpiry();
error InvalidEpoch();
error EmptyArray();
error MismatchedArrayLengths();
error NoRewards();
error RedeemClosed();
error AlreadyInitialized();
error NoEmergencyExecutor();
error InvalidEmergencyMigration();
error NotAuthorized();
error NotContract();
error ForwardingNotSet();
/**
@param _btrflyV2 address BTRFLYV2 address
@param _rlBtrfly address rlBTRFLY address
@param _pxBtrfly address PxBtrfly address
@param _upxBtrfly address UpxBtrfly address
@param _spxBtrfly address SpxBtrfly address
@param _vpxBtrfly address VpxBtrfly address
@param _rpxBtrfly address RpxBtrfly address
@param _pirexFees address PirexFees address
@param _rewardDistributor address RewardDistributor address
*/
constructor(
address _btrflyV2,
address _rlBtrfly,
address _pxBtrfly,
address _upxBtrfly,
address _spxBtrfly,
address _vpxBtrfly,
address _rpxBtrfly,
address _pirexFees,
address _rewardDistributor
) PirexBtrflyBase(_btrflyV2, _rlBtrfly) {
// Init with paused state, should only unpause after fully perform the full setup
_pause();
if (_pxBtrfly == address(0)) revert ZeroAddress();
if (_pirexFees == address(0)) revert ZeroAddress();
if (_upxBtrfly == address(0)) revert ZeroAddress();
if (_spxBtrfly == address(0)) revert ZeroAddress();
if (_vpxBtrfly == address(0)) revert ZeroAddress();
if (_rpxBtrfly == address(0)) revert ZeroAddress();
if (_rewardDistributor == address(0)) revert ZeroAddress();
pxBtrfly = PxBtrfly(_pxBtrfly);
pirexFees = PirexFees(_pirexFees);
upxBtrfly = ERC1155Solmate(_upxBtrfly);
spxBtrfly = ERC1155Solmate(_spxBtrfly);
vpxBtrfly = ERC1155PresetMinterSupply(_vpxBtrfly);
rpxBtrfly = ERC1155PresetMinterSupply(_rpxBtrfly);
rewardDistributor = IRewardDistributor(_rewardDistributor);
}
/**
@notice Set a contract address
@param c enum Contract
@param contractAddress address Contract address
*/
function setContract(Contract c, address contractAddress)
external
onlyOwner
{
if (contractAddress == address(0)) revert ZeroAddress();
emit SetContract(c, contractAddress);
if (c == Contract.PxBtrfly) {
pxBtrfly = PxBtrfly(contractAddress);
return;
}
if (c == Contract.PirexFees) {
pirexFees = PirexFees(contractAddress);
return;
}
if (c == Contract.RewardDistributor) {
rewardDistributor = IRewardDistributor(contractAddress);
return;
}
if (c == Contract.UpxBtrfly) {
upxBtrfly = ERC1155Solmate(contractAddress);
return;
}
if (c == Contract.SpxBtrfly) {
spxBtrfly = ERC1155Solmate(contractAddress);
return;
}
if (c == Contract.VpxBtrfly) {
vpxBtrfly = ERC1155PresetMinterSupply(contractAddress);
return;
}
if (c == Contract.RpxBtrfly) {
rpxBtrfly = ERC1155PresetMinterSupply(contractAddress);
return;
}
ERC20 pxBtrflyERC20 = ERC20(address(pxBtrfly));
address oldUnionPirex = address(unionPirex);
if (oldUnionPirex != address(0)) {
pxBtrflyERC20.safeApprove(oldUnionPirex, 0);
}
unionPirex = UnionPirexVault(contractAddress);
pxBtrflyERC20.safeApprove(address(unionPirex), type(uint256).max);
}
/**
@notice Set fee
@param f enum Fee
@param fee uint32 Fee amount
*/
function setFee(Fees f, uint32 fee) external onlyOwner {
if (fee > FEE_MAX) revert InvalidFee();
if (f == Fees.RedemptionMax && fee < fees[Fees.RedemptionMin])
revert InvalidFee();
if (f == Fees.RedemptionMin && fee > fees[Fees.RedemptionMax])
revert InvalidFee();
fees[f] = fee;
emit SetFee(f, fee);
}
/**
@notice Add developer to whitelist mapping
@param developer address Developer
*/
function addDeveloper(address developer) external onlyOwner {
if (developer == address(0)) revert ZeroAddress();
developers[developer] = true;
emit AddDeveloper(developer);
}
/**
@notice Remove developer from whitelist mapping
@param developer address Developer
*/
function removeDeveloper(address developer) external onlyOwner {
if (developer == address(0)) revert ZeroAddress();
developers[developer] = false;
emit RemoveDeveloper(developer);
}
/**
@notice Get current epoch
@return uint256 Current epoch
*/
function getCurrentEpoch() public view returns (uint256) {
return (block.timestamp / EPOCH_DURATION) * EPOCH_DURATION;
}
/**
@notice Mint futures tokens
@param rounds uint256 Rounds (i.e. Reward distribution rounds)
@param f enum Futures enum
@param assets uint256 Futures amount
@param receiver address Receives futures
*/
function _mintFutures(
uint256 rounds,
Futures f,
uint256 assets,
address receiver
) internal {
emit MintFutures(rounds, f, assets, receiver);
ERC1155PresetMinterSupply token = f == Futures.Vote
? vpxBtrfly
: rpxBtrfly;
uint256 startingEpoch = getCurrentEpoch() + EPOCH_DURATION;
uint256[] memory tokenIds = new uint256[](rounds);
uint256[] memory amounts = new uint256[](rounds);
for (uint256 i; i < rounds; ++i) {
tokenIds[i] = startingEpoch + i * EPOCH_DURATION;
amounts[i] = assets;
}
token.mintBatch(receiver, tokenIds, amounts, UNUSED_1155_DATA);
}
/**
@notice Redeem BTRFLYV2 for specified unlock times
@param unlockTimes uint256[] rlBTRFLY unlock timestamps
@param assets uint256[] upxBTRFLY amounts
@param receiver address Receives BTRFLYV2
@param legacy bool Whether current upxBtrfly contract has been deprecated
*/
function _redeem(
uint256[] calldata unlockTimes,
uint256[] calldata assets,
address receiver,
bool legacy
) internal {
uint256 unlockLen = unlockTimes.length;
if (unlockLen == 0) revert EmptyArray();
if (unlockLen != assets.length) revert MismatchedArrayLengths();
if (receiver == address(0)) revert ZeroAddress();
emit Redeem(unlockTimes, assets, receiver, legacy);
uint256 totalAssets;
for (uint256 i; i < unlockLen; ++i) {
uint256 asset = assets[i];
if (!legacy && unlockTimes[i] > block.timestamp)
revert BeforeUnlock();
if (asset == 0) revert ZeroAmount();
totalAssets += asset;
}
// Perform unlocking and locking procedure to ensure enough BTRFLYV2 is available
if (!legacy) {
_lock();
}
// Subtract redemption amount from outstanding BTRFLYV2 amount
outstandingRedemptions -= totalAssets;
// Reverts if sender has an insufficient upxBTRFLY balance for any `unlockTime` id
upxBtrfly.burnBatch(msg.sender, unlockTimes, assets);
// Validates `to`
btrflyV2.safeTransfer(receiver, totalAssets);
}
/**
@notice Redeem multiple snapshot rewards as a pxBTRFLY holder for an epoch
@param epoch uint256 Epoch
@param rewardIndexes uint256[] Reward token indexes
@param account address pxBTRFLY holder
@param receiver address Reward receiver
*/
function _redeemSnapshotRewards(
uint256 epoch,
uint256[] memory rewardIndexes,
address account,
address receiver
) internal {
uint256 rewardLen = rewardIndexes.length;
if (epoch == 0) revert InvalidEpoch();
if (rewardLen == 0) revert EmptyArray();
(
uint256 snapshotId,
bytes32[] memory rewards,
uint256[] memory snapshotRewards,
) = pxBtrfly.getEpoch(epoch);
// Used to update the redeemed flag locally before updating to the storage all at once for gas efficiency
uint256 redeemed = pxBtrfly.getEpochRedeemedSnapshotRewards(
account,
epoch
);
// Check whether the holder maintained a positive balance before the snapshot
uint256 snapshotBalance = pxBtrfly.balanceOfAt(account, snapshotId);
uint256 snapshotSupply = pxBtrfly.totalSupplyAt(snapshotId);
if (snapshotBalance == 0) revert InsufficientBalance();
emit RedeemSnapshotRewards(
epoch,
rewardIndexes,
receiver,
snapshotBalance,
snapshotSupply
);
for (uint256 i; i < rewardLen; ++i) {
uint256 index = rewardIndexes[i];
uint256 indexRedeemed = (1 << index);
address token = address(uint160(bytes20(rewards[index])));
uint256 rewardAmount = (snapshotRewards[index] * snapshotBalance) /
snapshotSupply;
if ((redeemed & indexRedeemed) != 0) revert AlreadyRedeemed();
if (rewardAmount != 0) {
redeemed |= indexRedeemed;
ERC20(token).safeTransfer(receiver, rewardAmount);
// Update pendingBaseRewards based on the claimed reward amount for BTRFLYV2
if (token == address(btrflyV2)) {
pendingBaseRewards -= rewardAmount;
}
}
}
// Update the redeemed rewards flag in storage to prevent double claimings
pxBtrfly.setEpochRedeemedSnapshotRewards(account, epoch, redeemed);
}
/**
@notice Redeem futures rewards for rpxBTRFLY holders for an epoch
@param epoch uint256 Epoch (ERC1155 token id)
@param receiver address Receives futures rewards
*/
function _redeemFuturesRewards(uint256 epoch, address receiver) internal {
if (epoch == 0) revert InvalidEpoch();
if (epoch > getCurrentEpoch()) revert InvalidEpoch();
if (receiver == address(0)) revert ZeroAddress();
// Prevent users from burning their futures notes before rewards are claimed
(
,
bytes32[] memory rewards,
,
uint256[] memory futuresRewards
) = pxBtrfly.getEpoch(epoch);
if (rewards.length == 0) revert NoRewards();
emit RedeemFuturesRewards(epoch, receiver, rewards);
// Check sender rpxBTRFLY balance
uint256 rpxBtrflyBalance = rpxBtrfly.balanceOf(msg.sender, epoch);
if (rpxBtrflyBalance == 0) revert InsufficientBalance();
// Store rpxBTRFLY total supply before burning
uint256 rpxBtrflyTotalSupply = rpxBtrfly.totalSupply(epoch);
// Burn rpxBTRFLY tokens
rpxBtrfly.burn(msg.sender, epoch, rpxBtrflyBalance);
uint256 rLen = rewards.length;
// Loop over rewards and transfer the amount entitled to the rpxBTRFLY token holder
for (uint256 i; i < rLen; ++i) {
address token = address(uint160(bytes20(rewards[i])));
uint256 rewardAmount = (futuresRewards[i] * rpxBtrflyBalance) /
rpxBtrflyTotalSupply;
// Update reward amount by deducting the amount transferred to the receiver
futuresRewards[i] -= rewardAmount;
// Proportionate to the % of rpxBTRFLY owned out of the rpxBTRFLY total supply
ERC20(token).safeTransfer(receiver, rewardAmount);
// Update pendingBaseRewards based on the claimed reward amount for BTRFLYV2 rewards
if (token == address(btrflyV2)) {
pendingBaseRewards -= rewardAmount;
}
}
// Update future rewards to reflect the amounts remaining post-redemption
pxBtrfly.updateEpochFuturesRewards(epoch, futuresRewards);
}
/**
@notice Get reward indexes for the specified epoch
@param epoch uint256 Epoch
@return rewardIndexes uint256[] Reward token indexes
*/
function _getRewardIndexes(uint256 epoch)
internal
view
returns (uint256[] memory rewardIndexes)
{
(, bytes32[] memory rewards, , ) = pxBtrfly.getEpoch(epoch);
uint256 tLen = rewards.length;
rewardIndexes = new uint256[](tLen);
for (uint256 i; i < tLen; ++i) {
rewardIndexes[i] = i;
}
}
/**
@notice Calculate rewards
@param feePercent uint32 Reward fee percent
@param snapshotSupply uint256 pxBTRFLY supply for the current snapshot id
@param rpxBtrflySupply uint256 rpxBTRFLY supply for the current epoch
@param received uint256 Received amount
@return rewardFee uint256 Fee for protocol
@return snapshotRewards uint256 Rewards for pxBTRFLY token holders
@return futuresRewards uint256 Rewards for futures token holders
*/
function _calculateRewards(
uint32 feePercent,
uint256 snapshotSupply,
uint256 rpxBtrflySupply,
uint256 received
)
internal
pure
returns (
uint256 rewardFee,
uint256 snapshotRewards,
uint256 futuresRewards
)
{
// Rewards paid to the protocol
rewardFee = (received * feePercent) / FEE_DENOMINATOR;
// Rewards distributed amongst snapshot and futures tokenholders
uint256 rewards = received - rewardFee;
// Rewards distributed to snapshotted tokenholders
snapshotRewards =
(rewards * snapshotSupply) /
(snapshotSupply + rpxBtrflySupply);
// Rewards distributed to rpxBTRFLY token holders
futuresRewards = rewards - snapshotRewards;
}
/**
@notice Deposit BTRFLYV2
@param assets uint256 BTRFLYV2 amount
@param receiver address Receives pxBTRFLY
@param shouldCompound bool Whether to auto-compound
@param developer address Developer incentive receiver
*/
function deposit(
uint256 assets,
address receiver,
bool shouldCompound,
address developer
) external whenNotPaused nonReentrant {
if (assets == 0) revert ZeroAmount();
if (receiver == address(0)) revert ZeroAddress();
emit Deposit(assets, receiver, shouldCompound, developer);
// Track amount of BTRFLYV2 waiting to be locked before `assets` is modified
pendingLocks += assets;
// Calculate the dev incentive, which will come out of the minted pxBTRFLY
uint256 developerIncentive = developer != address(0) &&
developers[developer]
? (assets * fees[Fees.Developers]) / FEE_DENOMINATOR
: 0;
// Take snapshot if necessary
pxBtrfly.takeEpochSnapshot();
// Mint pxBTRFLY sans developer incentive - recipient depends on shouldCompound
pxBtrfly.mint(
shouldCompound ? address(this) : receiver,
assets - developerIncentive
);
// Transfer BTRFLYV2 to self in preparation for lock
btrflyV2.safeTransferFrom(msg.sender, address(this), assets);
if (developerIncentive != 0) {
// Mint pxBTRFLY for the developer
pxBtrfly.mint(developer, developerIncentive);
}
if (shouldCompound) {
// Update assets to ensure only the appropriate amount is deposited in vault
assets -= developerIncentive;
// Deposit pxBTRFLY into Union vault - user receives shares
unionPirex.deposit(assets, receiver);
}
}
/**
@notice Initiate BTRFLYV2 redemption
@param lockData IRLBTRFLY.LockedBalance Locked balance index
@param f enum Futures enum
@param assets uint256 pxBTRFLY amount
@param receiver address Receives upxBTRFLY
@param feeMin uint256 Initiate redemption fee min
@param feeMax uint256 Initiate redemption fee max
@return feeAmount uint256 Fee amount
*/
function _initiateRedemption(
IRLBTRFLY.LockedBalance memory lockData,
Futures f,
uint256 assets,
address receiver,
uint256 feeMin,
uint256 feeMax
) internal returns (uint256 feeAmount) {
if (assets == 0) revert ZeroAmount();
if (receiver == address(0)) revert ZeroAddress();
uint256 unlockTime = lockData.unlockTime;
// Used for calculating the fee and conditionally adding a round
uint256 waitTime = unlockTime - block.timestamp;
if (feeMax != 0) {
uint256 feePercent = feeMax -
(((feeMax - feeMin) * waitTime) / MAX_REDEMPTION_TIME);
feeAmount = (assets * feePercent) / FEE_DENOMINATOR;
}
uint256 postFeeAmount = assets - feeAmount;
// Increment redemptions for this unlockTime to prevent over-redeeming
redemptions[unlockTime] += postFeeAmount;
// Check if there is any sufficient allowance after factoring in redemptions by others
if (redemptions[unlockTime] > lockData.amount)
revert InsufficientRedemptionAllowance();
// Track assets that needs to remain unlocked for redemptions
outstandingRedemptions += postFeeAmount;
// Mint upxBTRFLY with unlockTime as the id - validates `to`
upxBtrfly.mint(receiver, unlockTime, postFeeAmount, UNUSED_1155_DATA);
// Determine how many futures notes rounds to mint
uint256 rounds = waitTime / EPOCH_DURATION;
// Check if the lock was in the first week/half of an epoch
// Handle case where remaining time is between 1 and 2 weeks
if (
rounds == 0 &&
unlockTime % EPOCH_DURATION != 0 &&
waitTime > (EPOCH_DURATION / 2)
) {
// Rounds is 0 if waitTime is between 1 and 2 weeks
// Increment by 1 since user should receive 1 round of rewards
unchecked {
++rounds;
}
}
// Mint vpxBTRFLY or rpxBTRFLY (using assets as we do not take a fee from this)
_mintFutures(rounds, f, assets, receiver);
return feeAmount;
}
/**
@notice Initiate BTRFLYV2 redemptions
@param lockIndexes uint256[] Locked balance index
@param f enum Futures enum
@param assets uint256[] pxBTRFLY amounts
@param receiver address Receives upxBTRFLY
*/
function initiateRedemptions(
uint256[] calldata lockIndexes,
Futures f,
uint256[] calldata assets,
address receiver
) external whenNotPaused nonReentrant {
uint256 lockLen = lockIndexes.length;
if (lockLen == 0) revert EmptyArray();
if (lockLen != assets.length) revert MismatchedArrayLengths();
emit InitiateRedemptions(lockIndexes, f, assets, receiver);
(, , , IRLBTRFLY.LockedBalance[] memory lockData) = rlBtrfly
.lockedBalances(address(this));
uint256 totalAssets;
uint256 feeAmount;
uint256 feeMin = fees[Fees.RedemptionMin];
uint256 feeMax = fees[Fees.RedemptionMax];
for (uint256 i; i < lockLen; ++i) {
totalAssets += assets[i];
feeAmount += _initiateRedemption(
lockData[lockIndexes[i]],
f,
assets[i],
receiver,
feeMin,
feeMax
);
}
// Burn pxBTRFLY - reverts if sender balance is insufficient
pxBtrfly.burn(msg.sender, totalAssets - feeAmount);
if (feeAmount != 0) {
// Allow PirexFees to distribute fees directly from sender
pxBtrfly.operatorApprove(msg.sender, address(pirexFees), feeAmount);
// Distribute fees
pirexFees.distributeFees(msg.sender, address(pxBtrfly), feeAmount);
}
}
/**
@notice Redeem BTRFLYV2 for specified unlock times
@param unlockTimes uint256[] BTRFLYV2 unlock timestamps
@param assets uint256[] upxBTRFLY amounts
@param receiver address Receives BTRFLYV2
*/
function redeem(
uint256[] calldata unlockTimes,
uint256[] calldata assets,
address receiver
) external whenNotPaused nonReentrant {
if (upxBtrflyDeprecated) revert RedeemClosed();
_redeem(unlockTimes, assets, receiver, false);
}
/**
@notice Redeem BTRFLYV2 for deprecated upxBTRFLY holders if enabled
@param unlockTimes uint256[] BTRFLYV2 unlock timestamps
@param assets uint256[] upxBTRFLY amounts
@param receiver address Receives BTRFLYV2
*/
function redeemLegacy(
uint256[] calldata unlockTimes,
uint256[] calldata assets,
address receiver
) external whenPaused nonReentrant {
if (!upxBtrflyDeprecated) revert RedeemClosed();
_redeem(unlockTimes, assets, receiver, true);
}
/**
@notice Stake pxBTRFLY
@param rounds uint256 Rounds (i.e. Reward distribution rounds)
@param f enum Futures enum
@param assets uint256 pxBTRFLY amount
@param receiver address Receives spxBTRFLY
*/
function stake(
uint256 rounds,
Futures f,
uint256 assets,
address receiver
) external whenNotPaused nonReentrant {
if (rounds == 0) revert ZeroAmount();
if (assets == 0) revert ZeroAmount();
if (receiver == address(0)) revert ZeroAddress();
// Burn pxBTRFLY
pxBtrfly.burn(msg.sender, assets);
emit Stake(rounds, f, assets, receiver);
// Mint spxBTRFLY with the stake expiry timestamp as the id
spxBtrfly.mint(
receiver,
getCurrentEpoch() + EPOCH_DURATION * rounds,
assets,
UNUSED_1155_DATA
);
_mintFutures(rounds, f, assets, receiver);
}
/**
@notice Unstake pxBTRFLY
@param id uint256 spxBTRFLY id (an epoch timestamp)
@param assets uint256 spxBTRFLY amount
@param receiver address Receives pxBTRFLY
*/
function unstake(
uint256 id,
uint256 assets,
address receiver
) external whenNotPaused nonReentrant {
if (id > block.timestamp) revert BeforeStakingExpiry();
if (assets == 0) revert ZeroAmount();
if (receiver == address(0)) revert ZeroAddress();
// Mint pxBTRFLY for receiver
pxBtrfly.mint(receiver, assets);
emit Unstake(id, assets, receiver);
// Burn spxBTRFLY from sender
spxBtrfly.burn(msg.sender, id, assets);
}
/**
@notice Claim multiple rewards from the RewardDistributor
@param claims Claim[] Rewards metadata
*/
function claimRewards(IRewardDistributor.Claim[] calldata claims)
external
whenNotPaused
nonReentrant
{
uint256 tLen = claims.length;
if (tLen == 0) revert EmptyArray();
// Take snapshot before claiming rewards, if necessary
pxBtrfly.takeEpochSnapshot();
uint256 epoch = getCurrentEpoch();
(uint256 snapshotId, , , ) = pxBtrfly.getEpoch(epoch);
uint256 rpxBtrflySupply = rpxBtrfly.totalSupply(epoch);
for (uint256 i; i < tLen; ++i) {
address token = claims[i].token;
uint256 amount = claims[i].amount;
bytes32[] memory merkleProof = claims[i].merkleProof;
ERC20 t = ERC20(token);
if (token == address(0)) revert ZeroAddress();
// Calculate actual claimable amount here
// as the `amount` param is a cumulative amount since the first reward
uint256 claimable = amount -
pxBtrfly.cumulativeRewardsByToken(token);
if (claimable == 0) revert ZeroAmount();
// Perform claim only when needed
if (rewardDistributor.claimed(token, address(this)) < amount) {
IRewardDistributor.Claim[]
memory params = new IRewardDistributor.Claim[](1);
params[0].token = token;
params[0].account = address(this);
params[0].amount = amount;
params[0].merkleProof = merkleProof;
// Validates `token`, `amount`, and `merkleProof`
rewardDistributor.claim(params);
}
// Keep track of the last claimed amount for each reward token
pxBtrfly.updateCumulativeRewardsByToken(token, amount);
emit ClaimReward(token, amount);
(
uint256 rewardFee,
uint256 snapshotRewards,
uint256 futuresRewards
) = _calculateRewards(
fees[Fees.Reward],
pxBtrfly.totalSupplyAt(snapshotId),
rpxBtrflySupply,
claimable
);
// Update pendingBaseReward to exclude claimed BTRFLYV2 from being locked
if (token == address(btrflyV2)) {
pendingBaseRewards += snapshotRewards + futuresRewards;
}
// Add reward token address and snapshot/futuresRewards amounts (same index for all)
pxBtrfly.addEpochRewardMetadata(
epoch,
token.fillLast12Bytes(),
snapshotRewards,
futuresRewards
);
// Distribute fees
t.safeApprove(address(pirexFees), rewardFee);
pirexFees.distributeFees(address(this), token, rewardFee);
}
}
/**
@notice Redeem multiple snapshot rewards as a pxBTRFLY holder for an epoch
@param epoch uint256 Epoch
@param rewardIndexes uint256[] Reward token indexes
@param receiver address Reward receiver
*/
function redeemSnapshotRewards(
uint256 epoch,
uint256[] calldata rewardIndexes,
address receiver
) external whenNotPaused nonReentrant {
if (receiver == address(0)) revert ZeroAddress();
_redeemSnapshotRewards(epoch, rewardIndexes, msg.sender, receiver);
}
/**
@notice Restricted method to redeem snapshot rewards on behalf of an LP contract for an epoch
@param epoch uint256 Epoch
@param rewardIndexes uint256[] Reward token indexes
@param lpContract address LP contract address
*/
function redeemSnapshotRewardsPrivileged(
uint256 epoch,
uint256[] calldata rewardIndexes,
address lpContract
) external whenNotPaused nonReentrant onlyOwner {
address receiver = rewardForwarding[lpContract];
if (receiver == address(0)) revert ForwardingNotSet();
_redeemSnapshotRewards(epoch, rewardIndexes, lpContract, receiver);
}
/**
@notice Bulk redeem snapshot rewards as a pxBTRFLY holder for multiple epochs
@param epochs uint256[] Epochs
@param receiver address Reward receiver
*/
function bulkRedeemSnapshotRewards(
uint256[] calldata epochs,
address receiver
) external whenNotPaused nonReentrant {
uint256 eLen = epochs.length;
if (eLen == 0) revert EmptyArray();
if (receiver == address(0)) revert ZeroAddress();
for (uint256 i; i < eLen; ++i) {
uint256 epoch = epochs[i];
_redeemSnapshotRewards(
epoch,
_getRewardIndexes(epoch),
msg.sender,
receiver
);
}
}
/**
@notice Restricted method to bulk redeem snapshot rewards on behalf of an LP contract for multiple epochs
@param epochs uint256[] Epochs
@param lpContract address LP contract address
*/
function bulkRedeemSnapshotRewardsPrivileged(
uint256[] calldata epochs,
address lpContract
) external whenNotPaused nonReentrant onlyOwner {
uint256 eLen = epochs.length;
address receiver = rewardForwarding[lpContract];
if (eLen == 0) revert EmptyArray();
if (receiver == address(0)) revert ForwardingNotSet();
for (uint256 i; i < eLen; ++i) {
uint256 epoch = epochs[i];
_redeemSnapshotRewards(
epoch,
_getRewardIndexes(epoch),
lpContract,
receiver
);
}
}
/**
@notice Redeem futures rewards for rpxBTRFLY holders for an epoch
@param epoch uint256 Epoch (ERC1155 token id)
@param receiver address Receives futures rewards
*/
function redeemFuturesRewards(uint256 epoch, address receiver)
external
whenNotPaused
nonReentrant
{
_redeemFuturesRewards(epoch, receiver);
}
/**
@notice Bulk redeem futures rewards for rpxBTRFLY holders for multiple epochs
@param epochs uint256[] Epochs (ERC1155 token ids)
@param receiver address Receives futures rewards
*/
function bulkRedeemFuturesRewards(
uint256[] calldata epochs,
address receiver
) external whenNotPaused nonReentrant {
uint256 eLen = epochs.length;
if (eLen == 0) revert EmptyArray();
for (uint256 i; i < eLen; ++i) {
_redeemFuturesRewards(epochs[i], receiver);
}
}
/**
@notice Exchange one futures token for another
@param epoch uint256 Epoch (ERC1155 token id)
@param amount uint256 Exchange amount
@param receiver address Receives futures token
@param f enum Futures enum
*/
function exchangeFutures(
uint256 epoch,
uint256 amount,
address receiver,
Futures f
) external whenNotPaused {
// Users can only exchange futures tokens for future epochs
if (epoch <= getCurrentEpoch()) revert PastExchangePeriod();
if (amount == 0) revert ZeroAmount();
if (receiver == address(0)) revert ZeroAddress();
ERC1155PresetMinterSupply futuresIn = f == Futures.Vote
? vpxBtrfly
: rpxBtrfly;
ERC1155PresetMinterSupply futuresOut = f == Futures.Vote
? rpxBtrfly
: vpxBtrfly;
emit ExchangeFutures(epoch, amount, receiver, f);
// Validates `amount` (balance)
futuresIn.burn(msg.sender, epoch, amount);
// Validates `to`
futuresOut.mint(receiver, epoch, amount, UNUSED_1155_DATA);
}
/**
@notice Restricted method to set reward forwarding for LPs
@param lpContract address LP contract address
@param to address Account that rewards will be sent to
*/
function setRewardForwarding(address lpContract, address to)
external
onlyOwner
{
if (lpContract.code.length == 0) revert NotContract();
if (to == address(0)) revert ZeroAddress();
rewardForwarding[lpContract] = to;
emit SetRewardForwarding(lpContract, to);
}
/**
@notice Restricted method to unset reward forwarding for LPs
@param lpContract address LP contract address
*/
function unsetRewardForwarding(address lpContract) external onlyOwner {
if (lpContract.code.length == 0) revert NotContract();
delete rewardForwarding[lpContract];
emit UnsetRewardForwarding(lpContract);
}
/*//////////////////////////////////////////////////////////////
EMERGENCY/MIGRATION LOGIC
//////////////////////////////////////////////////////////////*/
/**
@notice Initialize the emergency executor address
@param _emergencyExecutor address Non-Pirex multisig
*/
function initializeEmergencyExecutor(address _emergencyExecutor)
external
onlyOwner
whenPaused
{
if (_emergencyExecutor == address(0)) revert ZeroAddress();
if (emergencyExecutor != address(0)) revert AlreadyInitialized();
emergencyExecutor = _emergencyExecutor;
emit InitializeEmergencyExecutor(_emergencyExecutor);
}
/**
@notice Set the emergency migration data
@param _emergencyMigration EmergencyMigration Emergency migration data
*/
function setEmergencyMigration(
EmergencyMigration calldata _emergencyMigration
) external onlyOwner whenPaused {
if (emergencyExecutor == address(0)) revert NoEmergencyExecutor();
if (_emergencyMigration.recipient == address(0))
revert InvalidEmergencyMigration();
if (_emergencyMigration.tokens.length == 0)
revert InvalidEmergencyMigration();
emergencyMigration = _emergencyMigration;
emit SetEmergencyMigration(_emergencyMigration);
}
/**
@notice Execute the emergency migration
*/
function executeEmergencyMigration() external whenPaused {
if (msg.sender != emergencyExecutor) revert NotAuthorized();
address migrationRecipient = emergencyMigration.recipient;
if (migrationRecipient == address(0))
revert InvalidEmergencyMigration();
address[] memory migrationTokens = emergencyMigration.tokens;
uint256 tLen = migrationTokens.length;
if (tLen == 0) revert InvalidEmergencyMigration();
uint256 o = outstandingRedemptions;
for (uint256 i; i < tLen; ++i) {
ERC20 token = ERC20(migrationTokens[i]);
uint256 balance = token.balanceOf(address(this));
if (token == btrflyV2) {
// Transfer the diff between BTRFLYV2 balance and outstandingRedemptions
balance = balance > o ? balance - o : 0;
}
token.safeTransfer(migrationRecipient, balance);
}
emit ExecuteEmergencyMigration(migrationRecipient, migrationTokens);
}
/**
@notice Set whether the currently set upxBtrfly contract is deprecated or not
@param state bool Deprecation state
*/
function setUpxBtrflyDeprecated(bool state) external onlyOwner whenPaused {
upxBtrflyDeprecated = state;
emit SetUpxBtrflyDeprecated(state);
}
}
合同源代码
文件 29 的 38:PirexBtrflyBase.sol
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import {Ownable} from "openzeppelin-contracts/contracts/access/Ownable.sol";
import {Pausable} from "openzeppelin-contracts/contracts/security/Pausable.sol";
import {ERC20} from "solmate/tokens/ERC20.sol";
import {SafeTransferLib} from "solmate/utils/SafeTransferLib.sol";
import {IRLBTRFLY} from "./interfaces/IRLBTRFLY.sol";
contract PirexBtrflyBase is Ownable, Pausable {
using SafeTransferLib for ERC20;
ERC20 public immutable btrflyV2;
// Address of the BTRFLYV2 locker (rlBTRFLY)
IRLBTRFLY public rlBtrfly;
// The amount of BTRFLYV2 that needs to remain unlocked for redemptions
uint256 public outstandingRedemptions;
// The amount of BTRFLYV2 (claimed as rewards) that should not be locked
uint256 public pendingBaseRewards;
// The amount of new BTRFLYV2 deposits that is awaiting lock
uint256 public pendingLocks;
event SetLocker(address _rlBtrfly);
error ZeroAddress();
error EmptyString();
/**
@param _btrflyV2 address BTRFLYV2 address
@param _rlBtrfly address rlBTRFLY address
*/
constructor(address _btrflyV2, address _rlBtrfly) {
if (_btrflyV2 == address(0)) revert ZeroAddress();
if (_rlBtrfly == address(0)) revert ZeroAddress();
btrflyV2 = ERC20(_btrflyV2);
rlBtrfly = IRLBTRFLY(_rlBtrfly);
// Max allowance for rlBTRFLY
btrflyV2.safeApprove(address(rlBtrfly), type(uint256).max);
}
/**
@notice Set the locker (rlBTRFLY) address
@param _rlBtrfly address rlBTRFLY address
*/
function setLocker(address _rlBtrfly) external onlyOwner {
if (_rlBtrfly == address(0)) revert ZeroAddress();
emit SetLocker(_rlBtrfly);
btrflyV2.safeApprove(address(rlBtrfly), 0);
rlBtrfly = IRLBTRFLY(_rlBtrfly);
btrflyV2.safeApprove(_rlBtrfly, type(uint256).max);
}
/**
@notice Unlock BTRFLYV2
*/
function _unlock() internal {
(, uint256 unlockable, , ) = rlBtrfly.lockedBalances(address(this));
if (unlockable != 0) rlBtrfly.processExpiredLocks(false);
}
/**
@notice Unlock BTRFLYV2 and relock excess
*/
function _lock() internal {
_unlock();
// Should not include pendingBaseRewards
uint256 balance = btrflyV2.balanceOf(address(this)) - pendingBaseRewards;
bool balanceGreaterThanRedemptions = balance > outstandingRedemptions;
// Lock BTRFLYV2 if the balance is greater than outstanding redemptions or if there are pending locks
if (balanceGreaterThanRedemptions || pendingLocks != 0) {
uint256 balanceRedemptionsDifference = balanceGreaterThanRedemptions
? balance - outstandingRedemptions
: 0;
// Lock amount is the greater of the two: balanceRedemptionsDifference or pendingLocks
// balanceRedemptionsDifference is greater if there is unlocked BTRFLYV2 that isn't reserved for redemptions + deposits
// pendingLocks is greater if there are more new deposits than unlocked BTRFLYV2 that is reserved for redemptions
rlBtrfly.lock(
address(this),
balanceRedemptionsDifference > pendingLocks
? balanceRedemptionsDifference
: pendingLocks
);
pendingLocks = 0;
}
}
/**
@notice Non-permissioned relock method
*/
function lock() external whenNotPaused {
_lock();
}
/*//////////////////////////////////////////////////////////////
EMERGENCY/MIGRATION LOGIC
//////////////////////////////////////////////////////////////*/
/**
@notice Set the contract's pause state
@param state bool Pause state
*/
function setPauseState(bool state) external onlyOwner {
if (state) {
_pause();
} else {
_unpause();
}
}
/**
@notice Manually unlock BTRFLYV2 in the case of a mass unlock
*/
function unlock() external whenPaused onlyOwner {
rlBtrfly.processExpiredLocks(false);
}
/**
@notice Manually relock BTRFLYV2 with a new rlBTRFLY contract
*/
function pausedRelock() external whenPaused onlyOwner {
_lock();
}
}
合同源代码
文件 30 的 38:PirexFees.sol
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import {Ownable} from "openzeppelin-contracts/contracts/access/Ownable.sol";
import {ERC20} from "solmate/tokens/ERC20.sol";
import {SafeTransferLib} from "solmate/utils/SafeTransferLib.sol";
contract PirexFees is Ownable {
using SafeTransferLib for ERC20;
// Types of fee recipients
enum FeeRecipient {
Treasury,
Contributors
}
uint8 public constant PERCENT_DENOMINATOR = 100;
uint8 public constant MAX_TREASURY_FEE_PERCENT = 75;
// Configurable fee recipient percent-share
uint8 public treasuryPercent = MAX_TREASURY_FEE_PERCENT;
// Configurable fee recipient addresses
address public treasury;
address public contributors;
event SetFeeRecipient(FeeRecipient f, address recipient);
event SetTreasuryPercent(uint8 _treasuryPercent);
event DistributeFees(address token, uint256 amount);
error ZeroAddress();
error InvalidFeePercent();
/**
@param _treasury address Redacted treasury
@param _contributors address Pirex contributor multisig
*/
constructor(address _treasury, address _contributors) {
if (_treasury == address(0)) revert ZeroAddress();
if (_contributors == address(0)) revert ZeroAddress();
treasury = _treasury;
contributors = _contributors;
}
/**
@notice Set a fee recipient address
@param f enum FeeRecipient enum
@param recipient address Fee recipient address
*/
function setFeeRecipient(FeeRecipient f, address recipient)
external
onlyOwner
{
if (recipient == address(0)) revert ZeroAddress();
emit SetFeeRecipient(f, recipient);
if (f == FeeRecipient.Treasury) {
treasury = recipient;
return;
}
contributors = recipient;
}
/**
@notice Set treasury fee percent
@param _treasuryPercent uint8 Treasury fee percent
*/
function setTreasuryPercent(uint8 _treasuryPercent) external onlyOwner {
// Treasury fee percent should never exceed the pre-configured max value
if (_treasuryPercent > MAX_TREASURY_FEE_PERCENT)
revert InvalidFeePercent();
treasuryPercent = _treasuryPercent;
emit SetTreasuryPercent(_treasuryPercent);
}
/**
@notice Distribute fees
@param from address Fee source
@param token address Fee token
@param amount uint256 Fee token amount
*/
function distributeFees(
address from,
address token,
uint256 amount
) external {
emit DistributeFees(token, amount);
ERC20 t = ERC20(token);
uint256 treasuryDistribution = (amount * treasuryPercent) /
PERCENT_DENOMINATOR;
// Favoring push over pull to reduce accounting complexity for different tokens
t.safeTransferFrom(from, treasury, treasuryDistribution);
t.safeTransferFrom(from, contributors, amount - treasuryDistribution);
}
}
合同源代码
文件 31 的 38:PxBtrfly.sol
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import {Ownable} from "openzeppelin-contracts/contracts/access/Ownable.sol";
import {Pausable} from "openzeppelin-contracts/contracts/security/Pausable.sol";
import {ERC20SnapshotSolmate} from "src/tokens/ERC20SnapshotSolmate.sol";
contract PxBtrfly is
ERC20SnapshotSolmate("Pirex BTRFLY", "pxBTRFLY", 18),
Ownable
{
/**
@notice Epoch details
Reward/snapshotRewards/futuresRewards indexes are associated with 1 reward
@param snapshotId uint256 Snapshot id
@param rewards bytes32[] Rewards
@param snapshotRewards uint256[] Snapshot reward amounts
@param futuresRewards uint256[] Futures reward amounts
@param redeemedSnapshotRewards mapping Redeemed snapshot rewards
*/
struct Epoch {
uint256 snapshotId;
bytes32[] rewards;
uint256[] snapshotRewards;
uint256[] futuresRewards;
mapping(address => uint256) redeemedSnapshotRewards;
}
// Address of currently assigned operator
address public operator;
// Epochs mapped to epoch details
mapping(uint256 => Epoch) private epochs;
// Tracks cumulative total amount of rewards per token
mapping(address => uint256) public cumulativeRewardsByToken;
event SetOperator(address operator);
event UpdateEpochFuturesRewards(
uint256 indexed epoch,
uint256[] futuresRewards
);
error NotAuthorized();
error NoOperator();
error Paused();
error ZeroAddress();
error ZeroAmount();
error InvalidEpoch();
error InvalidFuturesRewards();
error MismatchedFuturesRewards();
modifier onlyOperator() {
if (msg.sender != operator) revert NotAuthorized();
_;
}
modifier onlyOperatorOrNotPaused() {
address _operator = operator;
// Ensure an operator is set
if (_operator == address(0)) revert NoOperator();
// This contract shares the same pause state as the operator
if (msg.sender != _operator && Pausable(_operator).paused())
revert Paused();
_;
}
/**
@notice Set a new operator address
@param _operator address New operator address
*/
function setOperator(address _operator) external onlyOwner {
if (_operator == address(0)) revert ZeroAddress();
emit SetOperator(_operator);
// If it's the first operator, also set up 1st epoch with snapshot id 1
// and prevent reward claims until subsequent epochs
if (operator == address(0)) {
uint256 currentEpoch = getCurrentEpoch();
epochs[currentEpoch].snapshotId = _snapshot();
}
operator = _operator;
}
/**
@notice Return the current snapshotId
@return uint256 Current snapshot id
*/
function getCurrentSnapshotId() external view returns (uint256) {
return _getCurrentSnapshotId();
}
/**
@notice Get current epoch
@return uint256 Current epoch
*/
function getCurrentEpoch() public view returns (uint256) {
return (block.timestamp / 1209600) * 1209600;
}
/**
@notice Get epoch
@param epoch uint256 Epoch
@return snapshotId uint256 Snapshot id
@return rewards address[] Reward tokens
@return snapshotRewards uint256[] Snapshot reward amounts
@return futuresRewards uint256[] Futures reward amounts
*/
function getEpoch(uint256 epoch)
external
view
returns (
uint256 snapshotId,
bytes32[] memory rewards,
uint256[] memory snapshotRewards,
uint256[] memory futuresRewards
)
{
Epoch storage e = epochs[epoch];
return (e.snapshotId, e.rewards, e.snapshotRewards, e.futuresRewards);
}
/**
@notice Get redeemed snapshot rewards bitmap
@param account address Account
@param epoch uint256 Epoch
@return uint256 Redeemed snapshot bitmap
*/
function getEpochRedeemedSnapshotRewards(address account, uint256 epoch)
external
view
returns (uint256)
{
return epochs[epoch].redeemedSnapshotRewards[account];
}
/**
@notice Add new epoch reward metadata
@param epoch uint256 Epoch
@param token address Token address
@param snapshotReward uint256 Snapshot reward amount
@param futuresReward uint256 Futures reward amount
*/
function addEpochRewardMetadata(
uint256 epoch,
bytes32 token,
uint256 snapshotReward,
uint256 futuresReward
) external onlyOperator {
Epoch storage e = epochs[epoch];
e.rewards.push(token);
e.snapshotRewards.push(snapshotReward);
e.futuresRewards.push(futuresReward);
}
/**
@notice Set redeemed snapshot rewards bitmap
@param account address Account
@param epoch uint256 Epoch
@param redeemed uint256 Redeemed bitmap
*/
function setEpochRedeemedSnapshotRewards(
address account,
uint256 epoch,
uint256 redeemed
) external onlyOperator {
epochs[epoch].redeemedSnapshotRewards[account] = redeemed;
}
/**
@notice Update epoch futures rewards to reflect amounts remaining after redemptions
@param epoch uint256 Epoch
@param futuresRewards uint256[] Futures rewards
*/
function updateEpochFuturesRewards(
uint256 epoch,
uint256[] memory futuresRewards
) external onlyOperator {
if (epoch == 0) revert InvalidEpoch();
uint256 fLen = epochs[epoch].futuresRewards.length;
if (fLen == 0) revert InvalidEpoch();
if (futuresRewards.length == 0) revert InvalidFuturesRewards();
if (futuresRewards.length != fLen) revert MismatchedFuturesRewards();
epochs[epoch].futuresRewards = futuresRewards;
emit UpdateEpochFuturesRewards(epoch, futuresRewards);
}
/**
@notice Update amount of cumulative rewards for the specified reward token
@param token address Reward token address
@param amount uint256 Amount of reward
*/
function updateCumulativeRewardsByToken(address token, uint256 amount)
external
onlyOperator
{
cumulativeRewardsByToken[token] = amount;
}
/**
@notice Mint the specified amount of tokens to the specified account
@param account address Receiver of the tokens
@param amount uint256 Amount to be minted
*/
function mint(address account, uint256 amount) external onlyOperator {
if (account == address(0)) revert ZeroAddress();
if (amount == 0) revert ZeroAmount();
_mint(account, amount);
}
/**
@notice Burn the specified amount of tokens from the specified account
@param account address Owner of the tokens
@param amount uint256 Amount to be burned
*/
function burn(address account, uint256 amount) external onlyOperator {
if (account == address(0)) revert ZeroAddress();
if (amount == 0) revert ZeroAmount();
_burn(account, amount);
}
/**
@notice Approve allowances by operator with specified accounts and amount
@param from address Owner of the tokens
@param to address Account to be approved
@param amount uint256 Amount to be approved
*/
function operatorApprove(
address from,
address to,
uint256 amount
) external onlyOperator {
if (from == address(0)) revert ZeroAddress();
if (to == address(0)) revert ZeroAddress();
if (amount == 0) revert ZeroAmount();
_approve(from, to, amount);
}
/**
@notice Snapshot token balances for the current epoch
*/
function takeEpochSnapshot() external onlyOperatorOrNotPaused {
uint256 currentEpoch = getCurrentEpoch();
// If snapshot has not been set for current epoch, take snapshot
if (epochs[currentEpoch].snapshotId == 0) {
epochs[currentEpoch].snapshotId = _snapshot();
}
}
}
合同源代码
文件 32 的 38:ReentrancyGuard.sol
// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity >=0.8.0;
/// @notice Gas optimized reentrancy protection for smart contracts.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/ReentrancyGuard.sol)
/// @author Modified from OpenZeppelin (https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/security/ReentrancyGuard.sol)
abstract contract ReentrancyGuard {
uint256 private locked = 1;
modifier nonReentrant() virtual {
require(locked == 1, "REENTRANCY");
locked = 2;
_;
locked = 1;
}
}
合同源代码
文件 33 的 38:SafeTransferLib.sol
// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity >=0.8.0;
import {ERC20} from "../tokens/ERC20.sol";
/// @notice Safe ETH and ERC20 transfer library that gracefully handles missing return values.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/SafeTransferLib.sol)
/// @dev Use with caution! Some functions in this library knowingly create dirty bits at the destination of the free memory pointer.
/// @dev Note that none of the functions in this library check that a token has code at all! That responsibility is delegated to the caller.
library SafeTransferLib {
/*//////////////////////////////////////////////////////////////
ETH OPERATIONS
//////////////////////////////////////////////////////////////*/
function safeTransferETH(address to, uint256 amount) internal {
bool success;
assembly {
// Transfer the ETH and store if it succeeded or not.
success := call(gas(), to, amount, 0, 0, 0, 0)
}
require(success, "ETH_TRANSFER_FAILED");
}
/*//////////////////////////////////////////////////////////////
ERC20 OPERATIONS
//////////////////////////////////////////////////////////////*/
function safeTransferFrom(
ERC20 token,
address from,
address to,
uint256 amount
) internal {
bool success;
assembly {
// Get a pointer to some free memory.
let freeMemoryPointer := mload(0x40)
// Write the abi-encoded calldata into memory, beginning with the function selector.
mstore(freeMemoryPointer, 0x23b872dd00000000000000000000000000000000000000000000000000000000)
mstore(add(freeMemoryPointer, 4), from) // Append the "from" argument.
mstore(add(freeMemoryPointer, 36), to) // Append the "to" argument.
mstore(add(freeMemoryPointer, 68), amount) // Append the "amount" argument.
success := and(
// Set success to whether the call reverted, if not we check it either
// returned exactly 1 (can't just be non-zero data), or had no return data.
or(and(eq(mload(0), 1), gt(returndatasize(), 31)), iszero(returndatasize())),
// We use 100 because the length of our calldata totals up like so: 4 + 32 * 3.
// We use 0 and 32 to copy up to 32 bytes of return data into the scratch space.
// Counterintuitively, this call must be positioned second to the or() call in the
// surrounding and() call or else returndatasize() will be zero during the computation.
call(gas(), token, 0, freeMemoryPointer, 100, 0, 32)
)
}
require(success, "TRANSFER_FROM_FAILED");
}
function safeTransfer(
ERC20 token,
address to,
uint256 amount
) internal {
bool success;
assembly {
// Get a pointer to some free memory.
let freeMemoryPointer := mload(0x40)
// Write the abi-encoded calldata into memory, beginning with the function selector.
mstore(freeMemoryPointer, 0xa9059cbb00000000000000000000000000000000000000000000000000000000)
mstore(add(freeMemoryPointer, 4), to) // Append the "to" argument.
mstore(add(freeMemoryPointer, 36), amount) // Append the "amount" argument.
success := and(
// Set success to whether the call reverted, if not we check it either
// returned exactly 1 (can't just be non-zero data), or had no return data.
or(and(eq(mload(0), 1), gt(returndatasize(), 31)), iszero(returndatasize())),
// We use 68 because the length of our calldata totals up like so: 4 + 32 * 2.
// We use 0 and 32 to copy up to 32 bytes of return data into the scratch space.
// Counterintuitively, this call must be positioned second to the or() call in the
// surrounding and() call or else returndatasize() will be zero during the computation.
call(gas(), token, 0, freeMemoryPointer, 68, 0, 32)
)
}
require(success, "TRANSFER_FAILED");
}
function safeApprove(
ERC20 token,
address to,
uint256 amount
) internal {
bool success;
assembly {
// Get a pointer to some free memory.
let freeMemoryPointer := mload(0x40)
// Write the abi-encoded calldata into memory, beginning with the function selector.
mstore(freeMemoryPointer, 0x095ea7b300000000000000000000000000000000000000000000000000000000)
mstore(add(freeMemoryPointer, 4), to) // Append the "to" argument.
mstore(add(freeMemoryPointer, 36), amount) // Append the "amount" argument.
success := and(
// Set success to whether the call reverted, if not we check it either
// returned exactly 1 (can't just be non-zero data), or had no return data.
or(and(eq(mload(0), 1), gt(returndatasize(), 31)), iszero(returndatasize())),
// We use 68 because the length of our calldata totals up like so: 4 + 32 * 2.
// We use 0 and 32 to copy up to 32 bytes of return data into the scratch space.
// Counterintuitively, this call must be positioned second to the or() call in the
// surrounding and() call or else returndatasize() will be zero during the computation.
call(gas(), token, 0, freeMemoryPointer, 68, 0, 32)
)
}
require(success, "APPROVE_FAILED");
}
}
合同源代码
文件 34 的 38:StorageSlot.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (utils/StorageSlot.sol)
pragma solidity ^0.8.0;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, and `uint256`._
*/
library StorageSlot {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
}
合同源代码
文件 35 的 38:Strings.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (utils/Strings.sol)
pragma solidity ^0.8.0;
import "./math/Math.sol";
/**
* @dev String operations.
*/
library Strings {
bytes16 private constant _SYMBOLS = "0123456789abcdef";
uint8 private constant _ADDRESS_LENGTH = 20;
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/
function toString(uint256 value) internal pure returns (string memory) {
unchecked {
uint256 length = Math.log10(value) + 1;
string memory buffer = new string(length);
uint256 ptr;
/// @solidity memory-safe-assembly
assembly {
ptr := add(buffer, add(32, length))
}
while (true) {
ptr--;
/// @solidity memory-safe-assembly
assembly {
mstore8(ptr, byte(mod(value, 10), _SYMBOLS))
}
value /= 10;
if (value == 0) break;
}
return buffer;
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/
function toHexString(uint256 value) internal pure returns (string memory) {
unchecked {
return toHexString(value, Math.log256(value) + 1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
bytes memory buffer = new bytes(2 * length + 2);
buffer[0] = "0";
buffer[1] = "x";
for (uint256 i = 2 * length + 1; i > 1; --i) {
buffer[i] = _SYMBOLS[value & 0xf];
value >>= 4;
}
require(value == 0, "Strings: hex length insufficient");
return string(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation.
*/
function toHexString(address addr) internal pure returns (string memory) {
return toHexString(uint256(uint160(addr)), _ADDRESS_LENGTH);
}
}
合同源代码
文件 36 的 38:UnionPirexStaking.sol
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import {ERC20} from "solmate/tokens/ERC20.sol";
import {SafeTransferLib} from "solmate/utils/SafeTransferLib.sol";
import "openzeppelin-contracts/contracts/access/Ownable.sol";
// https://docs.synthetix.io/contracts/source/contracts/StakingRewards/
// https://github.com/Synthetixio/synthetix/blob/v2.66.0/contracts/StakingRewards.sol
/**
Modifications
- Pin pragma to 0.8.17
- Remove IStakingRewards, RewardsDistributionRecipient, and Pausable
- Add and inherit from Ownable
- Add `RewardsDistributionRecipient` logic to contract
- Add `vault` state variable and `onlyVault` modifier
- Add `onlyVault` modifier to `stake` method
- Change `rewardsDuration` to 14 days
- Update contract to support only the vault as a user
- Remove SafeMath since pragma 0.8.0 has those checks built-in
- Replace OpenZeppelin ERC20, ReentrancyGuard, and SafeERC20 with Solmate v6 (audited)
- Consolidate `rewardsToken` and `stakingToken` since they're the same
- Remove ReentrancyGuard as it is no longer needed
- Add `totalSupplyWithRewards` method to save gas as _totalSupply + rewards are accessed by vault
- Updated `notifyRewardsAmount`
- Remove the method parameter and compute the reward amount inside the function
- Remove the conditional logic since we will always distribute the rewards balance
- Remove overflow check since the caller cannot pass in the reward amount
*/
contract UnionPirexStaking is Ownable {
using SafeTransferLib for ERC20;
/* ========== STATE VARIABLES ========== */
address public immutable vault;
ERC20 public immutable token;
uint256 public constant rewardsDuration = 14 days;
address public distributor;
uint256 public periodFinish;
uint256 public rewardRate;
uint256 public lastUpdateTime;
uint256 public rewardPerTokenStored;
uint256 public userRewardPerTokenPaid;
uint256 public rewards;
uint256 internal _totalSupply;
/* ========== CONSTRUCTOR ========== */
constructor(
address _token,
address _distributor,
address _vault
) {
token = ERC20(_token);
distributor = _distributor;
vault = _vault;
}
/* ========== VIEWS ========== */
function totalSupply() external view returns (uint256) {
return _totalSupply;
}
function totalSupplyWithRewards() external view returns (uint256, uint256) {
uint256 t = _totalSupply;
return (
t,
((t * (rewardPerToken() - userRewardPerTokenPaid)) / 1e18) + rewards
);
}
function lastTimeRewardApplicable() public view returns (uint256) {
return block.timestamp < periodFinish ? block.timestamp : periodFinish;
}
function rewardPerToken() public view returns (uint256) {
if (_totalSupply == 0) {
return rewardPerTokenStored;
}
return
rewardPerTokenStored +
((((lastTimeRewardApplicable() - lastUpdateTime) * rewardRate) *
1e18) / _totalSupply);
}
function earned() public view returns (uint256) {
return
((_totalSupply * (rewardPerToken() - userRewardPerTokenPaid)) /
1e18) + rewards;
}
function getRewardForDuration() external view returns (uint256) {
return rewardRate * rewardsDuration;
}
/* ========== MUTATIVE FUNCTIONS ========== */
function stake(uint256 amount) external onlyVault updateReward(vault) {
require(amount > 0, "Cannot stake 0");
_totalSupply += amount;
token.safeTransferFrom(vault, address(this), amount);
emit Staked(amount);
}
function withdraw(uint256 amount) external onlyVault updateReward(vault) {
require(amount > 0, "Cannot withdraw 0");
_totalSupply -= amount;
token.safeTransfer(vault, amount);
emit Withdrawn(amount);
}
function getReward() external onlyVault updateReward(vault) {
uint256 reward = rewards;
if (reward > 0) {
rewards = 0;
token.safeTransfer(vault, reward);
emit RewardPaid(reward);
}
}
/* ========== RESTRICTED FUNCTIONS ========== */
function notifyRewardAmount()
external
onlyDistributor
updateReward(address(0))
{
// Rewards transferred directly to this contract are not added to _totalSupply
// To get the rewards w/o relying on a potentially incorrect passed in arg,
// we can use the difference between the token balance and _totalSupply.
// Additionally, to avoid re-distributing rewards, deduct the output of `earned`
uint256 rewardBalance = token.balanceOf(address(this)) -
_totalSupply -
earned();
rewardRate = rewardBalance / rewardsDuration;
require(rewardRate != 0, "No rewards");
lastUpdateTime = block.timestamp;
periodFinish = block.timestamp + rewardsDuration;
emit RewardAdded(rewardBalance);
}
// Added to support recovering LP Rewards from other systems such as BAL to be distributed to holders
function recoverERC20(address tokenAddress, uint256 tokenAmount)
external
onlyOwner
{
require(
tokenAddress != address(token),
"Cannot withdraw the staking token"
);
ERC20(tokenAddress).safeTransfer(owner(), tokenAmount);
emit Recovered(tokenAddress, tokenAmount);
}
function setDistributor(address _distributor) external onlyOwner {
require(_distributor != address(0));
distributor = _distributor;
}
/* ========== MODIFIERS ========== */
modifier updateReward(address account) {
rewardPerTokenStored = rewardPerToken();
lastUpdateTime = lastTimeRewardApplicable();
if (account != address(0)) {
rewards = earned();
userRewardPerTokenPaid = rewardPerTokenStored;
}
_;
}
/* ========== EVENTS ========== */
event RewardAdded(uint256 reward);
event Staked(uint256 amount);
event Withdrawn(uint256 amount);
event RewardPaid(uint256 reward);
event Recovered(address token, uint256 amount);
modifier onlyDistributor() {
require((msg.sender == distributor), "Distributor only");
_;
}
modifier onlyVault() {
require((msg.sender == vault), "Vault only");
_;
}
}
合同源代码
文件 37 的 38:UnionPirexStrategy.sol
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import {PirexBtrfly} from "src/PirexBtrfly.sol";
import {UnionPirexStaking} from "src/vault/UnionPirexStaking.sol";
contract UnionPirexStrategy is UnionPirexStaking {
PirexBtrfly public immutable pirexBtrfly;
error ZeroAddress();
constructor(
address _pirexBtrfly,
address pxBTRFLY,
address _distributor,
address _vault
) UnionPirexStaking(pxBTRFLY, _distributor, _vault) {
if (_pirexBtrfly == address(0)) revert ZeroAddress();
pirexBtrfly = PirexBtrfly(_pirexBtrfly);
}
/**
@notice Redeem pxBTRFLY rewards and transfer them to the distributor
@param epoch uint256 Rewards epoch
@param rewardIndexes uint256[] Reward indexes
*/
function redeemRewards(uint256 epoch, uint256[] calldata rewardIndexes)
external
{
pirexBtrfly.redeemSnapshotRewards(epoch, rewardIndexes, distributor);
}
}
合同源代码
文件 38 的 38:UnionPirexVault.sol
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import {Ownable} from "openzeppelin-contracts/contracts/access/Ownable.sol";
import {ERC4626} from "solmate/mixins/ERC4626.sol";
import {ERC20} from "solmate/tokens/ERC20.sol";
import {FixedPointMathLib} from "solmate/utils/FixedPointMathLib.sol";
import {SafeTransferLib} from "solmate/utils/SafeTransferLib.sol";
import {UnionPirexStaking} from "src/vault/UnionPirexStaking.sol";
contract UnionPirexVault is Ownable, ERC4626 {
using SafeTransferLib for ERC20;
using FixedPointMathLib for uint256;
UnionPirexStaking public strategy;
uint256 public constant MAX_WITHDRAWAL_PENALTY = 500;
uint256 public constant MAX_PLATFORM_FEE = 2000;
uint256 public constant FEE_DENOMINATOR = 10000;
uint256 public withdrawalPenalty = 300;
uint256 public platformFee = 1000;
address public platform;
event Harvest(address indexed caller, uint256 value);
event WithdrawalPenaltyUpdated(uint256 penalty);
event PlatformFeeUpdated(uint256 fee);
event PlatformUpdated(address _platform);
event StrategySet(address _strategy);
error ZeroAddress();
error ExceedsMax();
error AlreadySet();
constructor(address pxBtrfly) ERC4626(ERC20(pxBtrfly), "Autocompounding pxBTRFLY", "apxBTRFLY") {}
/**
@notice Set the withdrawal penalty
@param penalty uint256 Withdrawal penalty
*/
function setWithdrawalPenalty(uint256 penalty) external onlyOwner {
if (penalty > MAX_WITHDRAWAL_PENALTY) revert ExceedsMax();
withdrawalPenalty = penalty;
emit WithdrawalPenaltyUpdated(penalty);
}
/**
@notice Set the platform fee
@param fee uint256 Platform fee
*/
function setPlatformFee(uint256 fee) external onlyOwner {
if (fee > MAX_PLATFORM_FEE) revert ExceedsMax();
platformFee = fee;
emit PlatformFeeUpdated(fee);
}
/**
@notice Set the platform
@param _platform address Platform
*/
function setPlatform(address _platform) external onlyOwner {
if (_platform == address(0)) revert ZeroAddress();
platform = _platform;
emit PlatformUpdated(_platform);
}
/**
@notice Set the strategy
@param _strategy address Strategy
*/
function setStrategy(address _strategy) external onlyOwner {
if (_strategy == address(0)) revert ZeroAddress();
if (address(strategy) != address(0)) revert AlreadySet();
// Set new strategy contract and approve max allowance
strategy = UnionPirexStaking(_strategy);
asset.safeApprove(_strategy, type(uint256).max);
emit StrategySet(_strategy);
}
/**
@notice Get the pxBTRFLY custodied by the UnionPirex contracts
@return uint256 Assets
*/
function totalAssets() public view override returns (uint256) {
// Vault assets + rewards should always be stored in strategy until withdrawal-time
(uint256 _totalSupply, uint256 rewards) = strategy
.totalSupplyWithRewards();
// Deduct the exact reward amount staked (after fees are deducted when calling `harvest`)
return
_totalSupply +
(
rewards == 0
? 0
: (rewards - ((rewards * platformFee) / FEE_DENOMINATOR))
);
}
/**
@notice Withdraw assets from the staking contract to prepare for transfer to user
@param assets uint256 Assets
*/
function beforeWithdraw(uint256 assets, uint256) internal override {
// Harvest rewards in the event where there is not enough staked assets to cover the withdrawal
if (assets > strategy.totalSupply()) harvest();
strategy.withdraw(assets);
}
/**
@notice Stake assets so that rewards can be properly distributed
@param assets uint256 Assets
*/
function afterDeposit(uint256 assets, uint256) internal override {
strategy.stake(assets);
}
/**
@notice Preview the amount of assets a user would receive from redeeming shares
@param shares uint256 Shares
@return uint256 Assets
*/
function previewRedeem(uint256 shares)
public
view
override
returns (uint256)
{
// Calculate assets based on a user's % ownership of vault shares
uint256 assets = convertToAssets(shares);
uint256 _totalSupply = totalSupply;
// Calculate a penalty - zero if user is the last to withdraw
uint256 penalty = (_totalSupply == 0 || _totalSupply - shares == 0)
? 0
: assets.mulDivDown(withdrawalPenalty, FEE_DENOMINATOR);
// Redeemable amount is the post-penalty amount
return assets - penalty;
}
/**
@notice Preview the amount of shares a user would need to redeem the specified asset amount
@notice This modified version takes into consideration the withdrawal fee
@param assets uint256 Assets
@return uint256 Shares
*/
function previewWithdraw(uint256 assets)
public
view
override
returns (uint256)
{
// Calculate shares based on the specified assets' proportion of the pool
uint256 shares = convertToShares(assets);
// Save 1 SLOAD
uint256 _totalSupply = totalSupply;
// Factor in additional shares to fulfill withdrawal if user is not the last to withdraw
return
(_totalSupply == 0 || _totalSupply - shares == 0)
? shares
: (shares * FEE_DENOMINATOR) /
(FEE_DENOMINATOR - withdrawalPenalty);
}
/**
@notice Harvest rewards
*/
function harvest() public {
// Claim rewards
strategy.getReward();
// Since we don't normally store pxBTRFLY within the vault, a non-zero balance equals rewards
uint256 rewards = asset.balanceOf(address(this));
emit Harvest(msg.sender, rewards);
if (rewards != 0) {
// Fee for platform
uint256 feeAmount = (rewards * platformFee) / FEE_DENOMINATOR;
// Deduct fee from reward balance
rewards -= feeAmount;
// Claimed rewards should be in pxBTRFLY
asset.safeTransfer(platform, feeAmount);
// Stake rewards sans fee
strategy.stake(rewards);
}
}
}
设置
{
"compilationTarget": {
"src/vault/UnionPirexStrategy.sol": "UnionPirexStrategy"
},
"evmVersion": "london",
"libraries": {},
"metadata": {
"bytecodeHash": "ipfs"
},
"optimizer": {
"enabled": true,
"runs": 200
},
"remappings": [
":ds-test/=lib/forge-std/lib/ds-test/src/",
":forge-std/=lib/forge-std/src/",
":openzeppelin-contracts/=lib/openzeppelin-contracts/",
":solmate/=lib/solmate/src/"
]
}ABI
[{"inputs":[{"internalType":"address","name":"_pirexBtrfly","type":"address"},{"internalType":"address","name":"pxBTRFLY","type":"address"},{"internalType":"address","name":"_distributor","type":"address"},{"internalType":"address","name":"_vault","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"inputs":[],"name":"ZeroAddress","type":"error"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"previousOwner","type":"address"},{"indexed":true,"internalType":"address","name":"newOwner","type":"address"}],"name":"OwnershipTransferred","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"token","type":"address"},{"indexed":false,"internalType":"uint256","name":"amount","type":"uint256"}],"name":"Recovered","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"reward","type":"uint256"}],"name":"RewardAdded","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"reward","type":"uint256"}],"name":"RewardPaid","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"amount","type":"uint256"}],"name":"Staked","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"amount","type":"uint256"}],"name":"Withdrawn","type":"event"},{"inputs":[],"name":"distributor","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"earned","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getReward","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"getRewardForDuration","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"lastTimeRewardApplicable","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"lastUpdateTime","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"notifyRewardAmount","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"owner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"periodFinish","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"pirexBtrfly","outputs":[{"internalType":"contract PirexBtrfly","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"tokenAddress","type":"address"},{"internalType":"uint256","name":"tokenAmount","type":"uint256"}],"name":"recoverERC20","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"epoch","type":"uint256"},{"internalType":"uint256[]","name":"rewardIndexes","type":"uint256[]"}],"name":"redeemRewards","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"renounceOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"rewardPerToken","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"rewardPerTokenStored","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"rewardRate","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"rewards","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"rewardsDuration","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"_distributor","type":"address"}],"name":"setDistributor","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"amount","type":"uint256"}],"name":"stake","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"token","outputs":[{"internalType":"contract ERC20","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"totalSupply","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"totalSupplyWithRewards","outputs":[{"internalType":"uint256","name":"","type":"uint256"},{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"newOwner","type":"address"}],"name":"transferOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"userRewardPerTokenPaid","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"vault","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"amount","type":"uint256"}],"name":"withdraw","outputs":[],"stateMutability":"nonpayable","type":"function"}]