// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { Errors } from "src/utils/Errors.sol";
import { LibAdapter } from "src/libs/LibAdapter.sol";
import { IDestinationVault } from "src/interfaces/vault/IDestinationVault.sol";
import { Math } from "openzeppelin-contracts/utils/math/Math.sol";
import { EnumerableSet } from "openzeppelin-contracts/utils/structs/EnumerableSet.sol";
import { IStrategy } from "src/interfaces/strategy/IStrategy.sol";
import { SafeERC20 } from "openzeppelin-contracts/token/ERC20/utils/SafeERC20.sol";
import { IERC20Metadata as IERC20 } from "openzeppelin-contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { IERC3156FlashBorrower } from "openzeppelin-contracts/interfaces/IERC3156FlashBorrower.sol";
import { IAutopoolStrategy } from "src/interfaces/strategy/IAutopoolStrategy.sol";
import { StructuredLinkedList } from "src/strategy/StructuredLinkedList.sol";
import { WithdrawalQueue } from "src/strategy/WithdrawalQueue.sol";
import { IAutopool } from "src/interfaces/vault/IAutopool.sol";
import { IMainRewarder } from "src/interfaces/rewarders/IMainRewarder.sol";
import { AutopoolToken } from "src/vault/libs/AutopoolToken.sol";
import { IRootPriceOracle } from "src/interfaces/oracles/IRootPriceOracle.sol";
import { ISystemRegistry } from "src/interfaces/ISystemRegistry.sol";
library AutopoolDebt {
using Math for uint256;
using SafeERC20 for IERC20;
using WithdrawalQueue for StructuredLinkedList.List;
using EnumerableSet for EnumerableSet.AddressSet;
using AutopoolToken for AutopoolToken.TokenData;
/// @notice Max time a cached debt report can be used
uint256 public constant MAX_DEBT_REPORT_AGE_SECONDS = 1 days;
error VaultShutdown();
error WithdrawShareCalcInvalid(uint256 currentShares, uint256 cachedShares);
error RebalanceDestinationsMatch(address destinationVault);
error RebalanceFailed(string message);
error InvalidPrices();
error InvalidTotalAssetPurpose();
error InvalidDestination(address destination);
error TooFewAssets(uint256 requested, uint256 actual);
error SharesAndAssetsReceived(uint256 assets, uint256 shares);
error AmountExceedsAllowance(uint256 shares, uint256 allowed);
error PositivePriceRecoupNotCovered(uint256 remaining);
event DestinationDebtReporting(
address destination, AutopoolDebt.IdleDebtUpdates debtInfo, uint256 claimed, uint256 claimGasUsed
);
event NewNavShareFeeMark(uint256 navPerShare, uint256 timestamp);
event Nav(uint256 idle, uint256 debt, uint256 totalSupply);
event Withdraw(
address indexed sender, address indexed receiver, address indexed owner, uint256 assets, uint256 shares
);
struct DestinationInfo {
/// @notice Current underlying value at the destination vault
/// @dev Used for calculating totalDebt, mid point of min and max
uint256 cachedDebtValue;
/// @notice Current minimum underlying value at the destination vault
/// @dev Used for calculating totalDebt during withdrawal
uint256 cachedMinDebtValue;
/// @notice Current maximum underlying value at the destination vault
/// @dev Used for calculating totalDebt of the deposit
uint256 cachedMaxDebtValue;
/// @notice Last block timestamp this info was updated
uint256 lastReport;
/// @notice How many shares of the destination vault we owned at last report
uint256 ownedShares;
}
struct IdleDebtUpdates {
bool pricesWereSafe;
uint256 totalIdleDecrease;
uint256 totalIdleIncrease;
uint256 totalDebtIncrease;
uint256 totalDebtDecrease;
uint256 totalMinDebtIncrease;
uint256 totalMinDebtDecrease;
uint256 totalMaxDebtIncrease;
uint256 totalMaxDebtDecrease;
}
struct RebalanceOutParams {
/// Address that will received the withdrawn underlyer
address receiver;
/// The "out" destination vault
address destinationOut;
/// The amount of tokenOut that will be withdrawn
uint256 amountOut;
/// The underlyer for destinationOut
address tokenOut;
IERC20 _baseAsset;
bool _shutdown;
}
/// @dev In memory struct only for managing vars in _withdraw
struct WithdrawInfo {
uint256 currentIdle;
uint256 assetsFromIdle;
uint256 totalAssetsToPull;
uint256 assetsToPull;
uint256 assetsPulled;
uint256 idleIncrease;
uint256 debtDecrease;
uint256 debtMinDecrease;
uint256 debtMaxDecrease;
uint256 totalMinDebt;
uint256 destinationRound;
uint256 lastRoundSlippage;
uint256 expectedAssets;
uint256 remainingRecoup;
}
struct FlashRebalanceParams {
uint256 totalIdle;
uint256 totalDebt;
IERC20 baseAsset;
bool shutdown;
}
struct FlashResultInfo {
uint256 tokenInBalanceBefore;
uint256 tokenInBalanceAfter;
bytes32 flashResult;
}
function flashRebalance(
DestinationInfo storage destInfoOut,
DestinationInfo storage destInfoIn,
IERC3156FlashBorrower receiver,
IStrategy.RebalanceParams memory params,
IStrategy.SummaryStats memory destSummaryOut,
IAutopoolStrategy autoPoolStrategy,
FlashRebalanceParams memory flashParams,
bytes calldata data
) external returns (IdleDebtUpdates memory result) {
// Handle decrease (shares going "Out", cashing in shares and sending underlying back to swapper)
// If the tokenOut is _asset we assume they are taking idle
// which is already in the contract
result = _handleRebalanceOut(
AutopoolDebt.RebalanceOutParams({
receiver: address(receiver),
destinationOut: params.destinationOut,
amountOut: params.amountOut,
tokenOut: params.tokenOut,
_baseAsset: flashParams.baseAsset,
_shutdown: flashParams.shutdown
}),
destInfoOut
);
if (!result.pricesWereSafe) {
revert InvalidPrices();
}
// Handle increase (shares coming "In", getting underlying from the swapper and trading for new shares)
if (params.amountIn > 0) {
FlashResultInfo memory flashResultInfo;
// get "before" counts
flashResultInfo.tokenInBalanceBefore = IERC20(params.tokenIn).balanceOf(address(this));
// Give control back to the solver so they can make use of the "out" assets
// and get our "in" asset
flashResultInfo.flashResult = receiver.onFlashLoan(msg.sender, params.tokenIn, params.amountIn, 0, data);
// We assume the solver will send us the assets
flashResultInfo.tokenInBalanceAfter = IERC20(params.tokenIn).balanceOf(address(this));
// Make sure the call was successful and verify we have at least the assets we think
// we were getting
if (
flashResultInfo.flashResult != keccak256("ERC3156FlashBorrower.onFlashLoan")
|| flashResultInfo.tokenInBalanceAfter < flashResultInfo.tokenInBalanceBefore + params.amountIn
) {
revert Errors.FlashLoanFailed(params.tokenIn, params.amountIn);
}
{
// make sure we have a valid path
(bool success, string memory message) = autoPoolStrategy.verifyRebalance(params, destSummaryOut);
if (!success) {
revert RebalanceFailed(message);
}
}
if (params.tokenIn != address(flashParams.baseAsset)) {
IdleDebtUpdates memory inDebtResult = _handleRebalanceIn(
destInfoIn,
IDestinationVault(params.destinationIn),
params.tokenIn,
flashResultInfo.tokenInBalanceAfter
);
if (!inDebtResult.pricesWereSafe) {
revert InvalidPrices();
}
result.totalDebtDecrease += inDebtResult.totalDebtDecrease;
result.totalDebtIncrease += inDebtResult.totalDebtIncrease;
result.totalMinDebtDecrease += inDebtResult.totalMinDebtDecrease;
result.totalMinDebtIncrease += inDebtResult.totalMinDebtIncrease;
result.totalMaxDebtDecrease += inDebtResult.totalMaxDebtDecrease;
result.totalMaxDebtIncrease += inDebtResult.totalMaxDebtIncrease;
} else {
result.totalIdleIncrease += flashResultInfo.tokenInBalanceAfter - flashResultInfo.tokenInBalanceBefore;
}
}
}
/// @notice Perform deposit and debt info update for the "in" destination during a rebalance
/// @dev This "in" function performs less validations than its "out" version
/// @param dvIn The "in" destination vault
/// @param tokenIn The underlyer for dvIn
/// @param depositAmount The amount of tokenIn that will be deposited
/// @return result Changes in debt values
function _handleRebalanceIn(
DestinationInfo storage destInfo,
IDestinationVault dvIn,
address tokenIn,
uint256 depositAmount
) private returns (IdleDebtUpdates memory result) {
LibAdapter._approve(IERC20(tokenIn), address(dvIn), depositAmount);
// Snapshot our current shares so we know how much to back out
uint256 originalShareBal = dvIn.balanceOf(address(this));
// deposit to dv
uint256 newShares = dvIn.depositUnderlying(depositAmount);
// Update the debt info snapshot
result = _recalculateDestInfo(destInfo, dvIn, originalShareBal, originalShareBal + newShares);
}
/**
* @notice Perform withdraw and debt info update for the "out" destination during a rebalance
* @dev This "out" function performs more validations and handles idle as opposed to "in" which does not
* debtDecrease The previous amount of debt destinationOut accounted for in totalDebt
* debtIncrease The current amount of debt destinationOut should account for in totalDebt
* idleDecrease Amount of baseAsset that was sent from the vault. > 0 only when tokenOut == baseAsset
* idleIncrease Amount of baseAsset that was claimed from Destination Vault
* @param params Rebalance out params
* @param destOutInfo The "out" destination vault info
* @return assetChange debt and idle change data
*/
function _handleRebalanceOut(
RebalanceOutParams memory params,
DestinationInfo storage destOutInfo
) private returns (IdleDebtUpdates memory assetChange) {
// Handle decrease (shares going "Out", cashing in shares and sending underlying back to swapper)
// If the tokenOut is _asset we assume they are taking idle
// which is already in the contract
if (params.amountOut > 0) {
if (params.tokenOut != address(params._baseAsset)) {
IDestinationVault dvOut = IDestinationVault(params.destinationOut);
// Snapshot our current shares so we know how much to back out
uint256 originalShareBal = dvOut.balanceOf(address(this));
// Burning our shares will claim any pending baseAsset
// rewards and send them to us.
// Get our starting balance
uint256 beforeBaseAssetBal = params._baseAsset.balanceOf(address(this));
// Withdraw underlying from the destination vault
// Shares are sent directly to the flashRebalance receiver
// slither-disable-next-line unused-return
dvOut.withdrawUnderlying(params.amountOut, params.receiver);
// Update the debt info snapshot
assetChange =
_recalculateDestInfo(destOutInfo, dvOut, originalShareBal, originalShareBal - params.amountOut);
// Capture any rewards we may have claimed as part of withdrawing
assetChange.totalIdleIncrease = params._baseAsset.balanceOf(address(this)) - beforeBaseAssetBal;
} else {
// If we are shutdown then the only operations we should be performing are those that get
// the base asset back to the vault. We shouldn't be sending out more
if (params._shutdown) {
revert VaultShutdown();
}
// Working with idle baseAsset which should be in the vault already
// Just send it out
IERC20(params.tokenOut).safeTransfer(params.receiver, params.amountOut);
assetChange.totalIdleDecrease = params.amountOut;
// We weren't dealing with any debt or pricing, just idle, so we can just mark
// it as safe
assetChange.pricesWereSafe = true;
}
}
}
function recalculateDestInfo(
DestinationInfo storage destInfo,
IDestinationVault destVault,
uint256 originalShares,
uint256 currentShares
) external returns (IdleDebtUpdates memory result) {
result = _recalculateDestInfo(destInfo, destVault, originalShares, currentShares);
}
/// @dev Will not revert on unsafe prices. Up to the caller.
function _recalculateDestInfo(
DestinationInfo storage destInfo,
IDestinationVault destVault,
uint256 originalShares,
uint256 currentShares
) private returns (IdleDebtUpdates memory result) {
// Figure out what to back out of our totalDebt number.
// We could have had withdraws since the last snapshot which means our
// cached currentDebt number should be decreased based on the remaining shares
// totalDebt is decreased using the same proportion of shares method during withdrawals
// so this should represent whatever is remaining.
// Prices are per LP token and whether or not the prices are safe to use
// If they aren't safe then just continue and we'll get it on the next go around
(uint256 spotPrice, uint256 safePrice, bool isSpotSafe) = destVault.getRangePricesLP();
// Calculate what we're backing out based on the original shares
uint256 minPrice = spotPrice > safePrice ? safePrice : spotPrice;
uint256 maxPrice = spotPrice > safePrice ? spotPrice : safePrice;
// If we previously had shares, calculate how much of our cached numbers
// still remain as this will be deducted from the overall debt numbers
// over time
uint256 prevOwnedShares = destInfo.ownedShares;
if (prevOwnedShares > 0) {
result.totalDebtDecrease = (destInfo.cachedDebtValue * originalShares) / prevOwnedShares;
result.totalMinDebtDecrease = (destInfo.cachedMinDebtValue * originalShares) / prevOwnedShares;
result.totalMaxDebtDecrease = (destInfo.cachedMaxDebtValue * originalShares) / prevOwnedShares;
}
// The overall debt value is the mid point of min and max
uint256 div = 10 ** destVault.decimals();
uint256 newDebtValue = (minPrice * currentShares + maxPrice * currentShares) / (div * 2);
result.pricesWereSafe = isSpotSafe;
result.totalDebtIncrease = newDebtValue;
result.totalMinDebtIncrease = minPrice * currentShares / div;
result.totalMaxDebtIncrease = maxPrice * currentShares / div;
// Save our current new values
destInfo.cachedDebtValue = newDebtValue;
destInfo.cachedMinDebtValue = result.totalMinDebtIncrease;
destInfo.cachedMaxDebtValue = result.totalMaxDebtIncrease;
destInfo.lastReport = block.timestamp;
destInfo.ownedShares = currentShares;
}
function totalAssetsTimeChecked(
StructuredLinkedList.List storage debtReportQueue,
mapping(address => AutopoolDebt.DestinationInfo) storage destinationInfo,
IAutopool.TotalAssetPurpose purpose
) external returns (uint256) {
IDestinationVault destVault = IDestinationVault(debtReportQueue.peekHead());
uint256 recalculatedTotalAssets = IAutopool(address(this)).totalAssets(purpose);
while (address(destVault) != address(0)) {
uint256 lastReport = destinationInfo[address(destVault)].lastReport;
if (lastReport + MAX_DEBT_REPORT_AGE_SECONDS > block.timestamp) {
// Its not stale
// This report is OK, we don't need to recalculate anything
break;
} else {
// It is stale, recalculate
//slither-disable-next-line unused-return
uint256 currentShares = destVault.balanceOf(address(this));
uint256 staleDebt;
uint256 extremePrice;
// Figure out exactly which price to use based on its purpose
if (purpose == IAutopool.TotalAssetPurpose.Deposit) {
// We use max value so that anything deposited is worth less
extremePrice = destVault.getUnderlyerCeilingPrice();
// Round down. We are subtracting this value out of the total so some left
// behind just increases the value which is what we want
staleDebt = destinationInfo[address(destVault)].cachedMaxDebtValue.mulDiv(
currentShares, destinationInfo[address(destVault)].ownedShares, Math.Rounding.Down
);
} else if (purpose == IAutopool.TotalAssetPurpose.Withdraw) {
// We use min value so that we value the shares as worth less
extremePrice = destVault.getUnderlyerFloorPrice();
// Round up. We are subtracting this value out of the total so if we take a little
// extra it just decreases the value which is what we want
staleDebt = destinationInfo[address(destVault)].cachedMinDebtValue.mulDiv(
currentShares, destinationInfo[address(destVault)].ownedShares, Math.Rounding.Up
);
} else {
revert InvalidTotalAssetPurpose();
}
// Back out our stale debt, add in its new value
// Our goal is to find the most conservative value in each situation. If the current
// value we have represents that, then use it. Otherwise, use the new one.
uint256 newValue = (currentShares * extremePrice) / destVault.ONE();
if (purpose == IAutopool.TotalAssetPurpose.Deposit && staleDebt > newValue) {
newValue = staleDebt;
} else if (purpose == IAutopool.TotalAssetPurpose.Withdraw && staleDebt < newValue) {
newValue = staleDebt;
}
recalculatedTotalAssets = recalculatedTotalAssets + newValue - staleDebt;
}
destVault = IDestinationVault(debtReportQueue.getAdjacent(address(destVault), true));
}
return recalculatedTotalAssets;
}
function _updateDebtReporting(
StructuredLinkedList.List storage debtReportQueue,
mapping(address => AutopoolDebt.DestinationInfo) storage destinationInfo,
uint256 numToProcess
) external returns (IdleDebtUpdates memory result) {
numToProcess = Math.min(numToProcess, debtReportQueue.sizeOf());
for (uint256 i = 0; i < numToProcess; ++i) {
IDestinationVault destVault = IDestinationVault(debtReportQueue.popHead());
// Get the reward value we've earned. DV rewards are always in terms of base asset
// We track the gas used purely for off-chain stats purposes
// Main rewarder on DV's store the earned and liquidated rewards
// Extra rewarders are disabled at the DV level
uint256 claimGasUsed = gasleft();
uint256 beforeBaseAsset = IERC20(IAutopool(address(this)).asset()).balanceOf(address(this));
IMainRewarder(destVault.rewarder()).getReward(address(this), address(this), false);
uint256 claimedRewardValue =
IERC20(IAutopool(address(this)).asset()).balanceOf(address(this)) - beforeBaseAsset;
result.totalIdleIncrease += claimedRewardValue;
// Recalculate the debt info figuring out the change in
// total debt value we can roll up later
uint256 currentShareBalance = destVault.balanceOf(address(this));
AutopoolDebt.IdleDebtUpdates memory debtResult = _recalculateDestInfo(
destinationInfo[address(destVault)], destVault, currentShareBalance, currentShareBalance
);
result.totalDebtDecrease += debtResult.totalDebtDecrease;
result.totalDebtIncrease += debtResult.totalDebtIncrease;
result.totalMinDebtDecrease += debtResult.totalMinDebtDecrease;
result.totalMinDebtIncrease += debtResult.totalMinDebtIncrease;
result.totalMaxDebtDecrease += debtResult.totalMaxDebtDecrease;
result.totalMaxDebtIncrease += debtResult.totalMaxDebtIncrease;
// If we no longer have shares, then there's no reason to continue reporting on the destination.
// The strategy will only call for the info if its moving "out" of the destination
// and that will only happen if we have shares.
// A rebalance where we move "in" to the position will refresh the data at that time
if (currentShareBalance > 0) {
debtReportQueue.addToTail(address(destVault));
}
claimGasUsed -= gasleft();
emit DestinationDebtReporting(address(destVault), debtResult, claimedRewardValue, claimGasUsed);
}
}
function _initiateWithdrawInfo(
uint256 assets,
IAutopool.AssetBreakdown storage assetBreakdown
) private view returns (WithdrawInfo memory) {
uint256 idle = assetBreakdown.totalIdle;
WithdrawInfo memory info = WithdrawInfo({
currentIdle: idle,
// If idle can cover the full amount, then we want to pull all assets from there
// Otherwise, we want to pull from the market and only get idle if we exhaust the market
assetsFromIdle: assets > idle ? 0 : assets,
totalAssetsToPull: 0,
assetsToPull: 0,
assetsPulled: 0,
idleIncrease: 0,
debtDecrease: 0,
debtMinDecrease: 0,
debtMaxDecrease: 0,
totalMinDebt: assetBreakdown.totalDebtMin,
destinationRound: 0,
lastRoundSlippage: 0,
expectedAssets: 0,
remainingRecoup: 0
});
info.totalAssetsToPull = assets - info.assetsFromIdle;
// This var we use to track our progress later
info.assetsToPull = assets - info.assetsFromIdle;
// Idle + minDebt is the maximum amount of assets/debt we could burn during a withdraw.
// If the user is request more than that (like during a withdraw) we can just revert
// early without trying
if (info.totalAssetsToPull > info.currentIdle + info.totalMinDebt) {
revert TooFewAssets(assets, info.currentIdle + info.totalMinDebt);
}
return info;
}
function withdraw(
uint256 assets,
uint256 applicableTotalAssets,
IAutopool.AssetBreakdown storage assetBreakdown,
StructuredLinkedList.List storage withdrawalQueue,
mapping(address => AutopoolDebt.DestinationInfo) storage destinationInfo
) public returns (uint256 actualAssets, uint256 actualShares, uint256 debtBurned) {
WithdrawInfo memory info = _initiateWithdrawInfo(assets, assetBreakdown);
// Pull the market if there aren't enough funds in idle to cover the entire amount
// This flow is not bounded by a set number of shares. The user has requested X assets
// and a variable number of shares to burn so we don't have easy break out points like we do
// during redeem (like using debt burned). When we get slippage here and don't meet the requested assets
// we need to keep going if we can. This is tricky if we consider that (most of) our destinations are
// LP positions and we'll be swapping assets, so we can expect some slippage. Even
// if our minDebtValue numbers are up to date and perfectly accurate slippage could ensure we
// are always receiving less than we expect/calculate and we never hit the requested assets
// even though the owner would have shares to cover it. Under normal/expected conditions, our
// minDebtValue is lower than actual and we expect overall value to be going up, so we burn a tad
// more than we should and receive a tad more than we expect. This should cover us. However,
// in other conditions we have to be sure we aren't endlessly trying to approach 0 so we are tracking
// the slippage we received on the last pull, repricing, and applying an increasing multiplier until we either
// pull enough to cover or pull them all and/or move to the next destination.
uint256 dvSharesToBurn;
while (info.assetsToPull > 0) {
IDestinationVault destVault = IDestinationVault(withdrawalQueue.peekHead());
// We've run out of destinations
if (address(destVault) == address(0)) {
break;
}
uint256 dvShares = destVault.balanceOf(address(this));
{
uint256 dvSharesValue;
if (info.destinationRound == 0) {
// First time pulling
// We use the min debt value here because its a withdrawal and we're trying to cover an amount
// of assets. Undervaluing the shares may mean we pull more but given that we expect slippage
// that is desirable.
dvSharesValue = destinationInfo[address(destVault)].cachedMinDebtValue * dvShares
/ destinationInfo[address(destVault)].ownedShares;
} else {
// When we've pulled from this destination before, i.e. destinationRound > 0, then we
// know a more accurate exchange rate and its worse than we were expecting.
// We even will pad it a bit as we want to account for any additional slippage we
// may receive by say being farther down an AMM curve.
// dvSharesToBurn is the last value we used when pulling from this destination
// info.expectedAssets is how much we expected to get on that last pull
// info.expectedAssets - info.lastRoundSlippage is how much we actually received
uint256 paddedSlippage = info.lastRoundSlippage * (info.destinationRound + 10_000) / 10_000;
if (paddedSlippage < info.expectedAssets) {
dvSharesValue = (info.expectedAssets - paddedSlippage) * dvShares / dvSharesToBurn;
} else {
// This will just mean we pull all shares
dvSharesValue = 0;
}
}
if (dvSharesValue > info.assetsToPull) {
dvSharesToBurn = (dvShares * info.assetsToPull) / dvSharesValue;
// On withdraw, we are trying to meet a specific number of assets without a limit
// on the debt we can burn. Burning 0 due to the valuations here would be an automatic failure
// as we still have assets to satisfy and debt to burn. We at least have to burn 1 even if it
// results in a larger over pull
if (dvSharesToBurn == 0) {
dvSharesToBurn = 1;
}
// Only need to set it here because the only time we'll use it is if
// we don't exhaust all shares and have to try the destination again
info.expectedAssets = info.assetsToPull;
} else {
dvSharesToBurn = dvShares;
}
}
uint256 pulledAssets;
uint256 debtValueBurned;
// Get the base asset back from the Destination. Also performs a check that we aren't receiving
// poor execution on our swaps based on safe prices
(info, pulledAssets, debtValueBurned) = _withdrawAssets(info, destinationInfo, destVault, dvSharesToBurn);
info.assetsPulled += pulledAssets;
if (info.remainingRecoup > 0) {
// If the destination is so severely undervalued that it can't cover its own recoup then we have no
// recourse but to burn the entire destination and the user would to have to cover the full overage
// from the next destinations can get nothing from this one. Should not be allowed.
revert PositivePriceRecoupNotCovered(info.remainingRecoup);
}
// If we've exhausted all shares we can remove the withdrawal from the queue
// We need to leave it in the debt report queue though so that our destination specific
// debt tracking values can be updated
if (dvShares == dvSharesToBurn) {
withdrawalQueue.popAddress(address(destVault));
info.destinationRound = 0;
info.lastRoundSlippage = 0;
} else {
// If we didn't burn all the shares and we received enough to cover our
// expected that means we'll break out below as we've hit our target
unchecked {
if (pulledAssets < info.expectedAssets) {
info.lastRoundSlippage = info.expectedAssets - pulledAssets;
if (info.destinationRound == 0) {
info.destinationRound = 100;
} else {
info.destinationRound *= 2;
}
}
}
}
// It's possible we'll get back more assets than we anticipate from a swap
// so if we do, throw it in idle and stop processing. You don't get more than we've calculated
if (info.assetsPulled >= info.totalAssetsToPull) {
info.idleIncrease += info.assetsPulled - info.totalAssetsToPull;
info.assetsPulled = info.totalAssetsToPull;
info.assetsToPull = 0;
break;
}
info.assetsToPull -= pulledAssets;
}
// We didn't get enough assets from the debt pull
// See if we can get the rest from idle
if (info.assetsPulled < assets && info.currentIdle > 0) {
uint256 remaining = assets - info.assetsPulled;
if (remaining <= info.currentIdle) {
info.assetsFromIdle = remaining;
}
// We don't worry about the else case because if currentIdle can't
// cover remaining then we'll fail the `actualAssets < assets`
// check below and revert
}
debtBurned = info.assetsFromIdle + info.debtMinDecrease;
actualAssets = info.assetsFromIdle + info.assetsPulled;
if (actualAssets < assets) {
revert TooFewAssets(assets, actualAssets);
}
actualShares = IAutopool(address(this)).convertToShares(
Math.max(actualAssets, debtBurned),
applicableTotalAssets,
IAutopool(address(this)).totalSupply(),
Math.Rounding.Up
);
// Subtract what's taken out of idle from totalIdle
// We may also have some increase to account for it we over pulled
// or received better execution than we were anticipating
// slither-disable-next-line events-maths
assetBreakdown.totalIdle = info.currentIdle + info.idleIncrease - info.assetsFromIdle;
// Save off our various debt numbers
if (info.debtDecrease > assetBreakdown.totalDebt) {
assetBreakdown.totalDebt = 0;
} else {
assetBreakdown.totalDebt -= info.debtDecrease;
}
if (info.debtMinDecrease > info.totalMinDebt) {
assetBreakdown.totalDebtMin = 0;
} else {
assetBreakdown.totalDebtMin -= info.debtMinDecrease;
}
if (info.debtMaxDecrease > assetBreakdown.totalDebtMax) {
assetBreakdown.totalDebtMax = 0;
} else {
assetBreakdown.totalDebtMax -= info.debtMaxDecrease;
}
}
function _withdrawAssets(
WithdrawInfo memory info,
mapping(address => AutopoolDebt.DestinationInfo) storage destinationInfo,
IDestinationVault destVault,
uint256 dvSharesToBurn
) internal returns (WithdrawInfo memory, uint256 pulledAssets, uint256 debtValueBurned) {
if (dvSharesToBurn > 0) {
address[] memory tokensBurned;
uint256[] memory amountsBurned;
// Destination Vaults always burn the exact amount we instruct them to
(pulledAssets, tokensBurned, amountsBurned) = destVault.withdrawBaseAsset(dvSharesToBurn, address(this));
// Calculate the totalDebt we'll need to remove based on the shares we're burning
// We're rounding up here so take care when actually applying to totalDebt
debtValueBurned = destinationInfo[address(destVault)].cachedMinDebtValue.mulDiv(
dvSharesToBurn, destinationInfo[address(destVault)].ownedShares, Math.Rounding.Up
);
info.debtMinDecrease += debtValueBurned;
info.debtDecrease += destinationInfo[address(destVault)].cachedDebtValue.mulDiv(
dvSharesToBurn, destinationInfo[address(destVault)].ownedShares, Math.Rounding.Up
);
uint256 maxDebtBurned = destinationInfo[address(destVault)].cachedMaxDebtValue.mulDiv(
dvSharesToBurn, destinationInfo[address(destVault)].ownedShares, Math.Rounding.Up
);
info.debtMaxDecrease += maxDebtBurned;
// See if we received a reasonable amount of the base asset back based on the value
// of the tokens that were burned.
uint256 totalValueBurned;
{
uint256 tokenLen = tokensBurned.length;
IRootPriceOracle rootPriceOracle = ISystemRegistry(destVault.getSystemRegistry()).rootPriceOracle();
for (uint256 i = 0; i < tokenLen;) {
totalValueBurned += amountsBurned[i] * rootPriceOracle.getPriceInEth(tokensBurned[i])
/ (10 ** IERC20(tokensBurned[i]).decimals());
unchecked {
++i;
}
}
}
// How much, if any, should be dropping into idle?
// Anything pulled over debtValueBurned goes to idle, user can't get more than we think its worth.
// However, if we pulled less than the current value of the tokens we burned, so long as
// that value is greater than debt min, we need to recoup that as well and put it into idle
uint256 amountToRecoup;
if (totalValueBurned > debtValueBurned) {
// The shares we burned are worth more than we'll be recouping from the debt burn
// the difference we still need to get
amountToRecoup = totalValueBurned - debtValueBurned;
uint256 maxCreditBps = destVault.recoupMaxCredit();
uint256 gapCredit = maxDebtBurned - debtValueBurned;
uint256 credit = Math.min(gapCredit, debtValueBurned * maxCreditBps / 10_000);
if (credit > amountToRecoup) {
amountToRecoup = 0;
} else {
amountToRecoup -= credit;
}
}
// This is done regardless of whether we were under valued. User can still only
// get what we've valued it at.
if (pulledAssets > debtValueBurned) {
uint256 overDebtValue = pulledAssets - debtValueBurned;
info.idleIncrease += overDebtValue;
pulledAssets -= overDebtValue;
// Since this is going to idle it goes to satisfy the recoup as well
if (amountToRecoup > 0) {
if (amountToRecoup > overDebtValue) {
amountToRecoup -= overDebtValue;
} else {
amountToRecoup = 0;
}
}
}
// If we still have a value we need to recoup it means that the debt range credit
// as well as what was pulled over the min debt value wasn't enough to cover
// the under valued burn. Now we have to try and take it from what is going back
// to the user
if (amountToRecoup > 0) {
if (amountToRecoup > pulledAssets) {
// Recoup is more than we pulled so we'll have some recoup left over
amountToRecoup -= pulledAssets;
// Everything that was pulled goes to idle
info.idleIncrease += pulledAssets;
pulledAssets = 0;
// We'll have to try and get the remaining amount from another destination
info.remainingRecoup += amountToRecoup;
} else {
// We pulled enough assets to cover the recoup
pulledAssets -= amountToRecoup;
// Ensure the recoup goes to idle
info.idleIncrease += amountToRecoup;
}
}
}
return (info, pulledAssets, debtValueBurned);
}
/// @notice Perform a removal of assets via the redeem path where the shares are the limiting factor.
/// This means we break out whenever we reach either `assets` retrieved or debt value equivalent to `assets` burned
function redeem(
uint256 assets,
uint256 applicableTotalAssets,
IAutopool.AssetBreakdown storage assetBreakdown,
StructuredLinkedList.List storage withdrawalQueue,
mapping(address => AutopoolDebt.DestinationInfo) storage destinationInfo
) public returns (uint256 actualAssets, uint256 actualShares, uint256 debtBurned) {
WithdrawInfo memory info = _initiateWithdrawInfo(assets, assetBreakdown);
// If not enough funds in idle, then pull what we need from destinations
bool exhaustedDestinations = false;
while (info.assetsToPull > 0) {
IDestinationVault destVault = IDestinationVault(withdrawalQueue.peekHead());
if (address(destVault) == address(0)) {
exhaustedDestinations = true;
break;
}
uint256 dvShares = destVault.balanceOf(address(this));
uint256 dvSharesToBurn = dvShares;
{
// Valuing these shares higher, rounding up, will result in us burning less of them
// in the event we don't burn all of them. Good thing.
uint256 dvSharesValue = destinationInfo[address(destVault)].cachedMinDebtValue.mulDiv(
dvSharesToBurn, destinationInfo[address(destVault)].ownedShares, Math.Rounding.Up
);
// If the dv shares we own are worth more than we need, limit the shares to burn
// Any extra we get will be dropped into idle
if (dvSharesValue > info.assetsToPull) {
uint256 limitedShares = (dvSharesToBurn * info.assetsToPull) / dvSharesValue;
// Final set for the actual shares we'll burn later
dvSharesToBurn = limitedShares;
}
}
uint256 pulledAssets;
uint256 debtValueBurned;
// Get the base asset back from the Destination. Also performs a check that we aren't receiving
// poor execution on our swaps based on safe prices
// slither-disable-next-line unused-return
(info, pulledAssets, debtValueBurned) = _withdrawAssets(info, destinationInfo, destVault, dvSharesToBurn);
// If we've exhausted all shares we can remove the destination from the withdrawal queue
// We need to leave it in the debt report queue though so that our destination specific
// debt tracking values can be updated
if (dvShares == dvSharesToBurn) {
withdrawalQueue.popAddress(address(destVault));
}
info.assetsPulled += pulledAssets;
// Any deficiency in the amount we received is slippage.
// There is a round up on debtValueBurned so just making sure it never under flows here
// _withdrawAssets ensures that pulledAssets is always lte debtValueBurned and we always
// want to debit the max so we just use debtValueBurned
if (debtValueBurned > info.assetsToPull) {
info.assetsToPull = 0;
} else {
info.assetsToPull -= debtValueBurned;
}
// We either have enough assets, or we've burned the max debt we're allowed
if (info.assetsToPull == 0) {
break;
}
// If we didn't exhaust all of the shares from the destination it means we
// assume we will get everything we need from there and everything else is slippage
if (dvShares != dvSharesToBurn) {
info.assetsToPull = 0;
break;
}
}
// See if we can pull the remaining recoup from other destinations we may have pulled from
if (info.remainingRecoup > 0) {
if (info.remainingRecoup > info.assetsPulled) {
info.remainingRecoup -= info.assetsPulled;
info.idleIncrease += info.assetsPulled;
info.assetsPulled = 0;
} else {
info.assetsPulled -= info.remainingRecoup;
info.idleIncrease += info.remainingRecoup;
info.remainingRecoup = 0;
}
}
// We didn't get enough assets from the debt pull
// See if we can get the rest from idle
if (info.assetsToPull > 0 && info.currentIdle > 0 && exhaustedDestinations) {
if (info.assetsToPull < info.currentIdle) {
info.assetsFromIdle = info.assetsToPull;
} else {
info.assetsFromIdle = info.currentIdle;
}
}
debtBurned = info.assetsFromIdle + info.debtMinDecrease;
actualAssets = info.assetsFromIdle + info.assetsPulled;
// If we took from idle, and we have remaining assets to recoup
// we need to put some back in idle
if (info.remainingRecoup > 0 && info.assetsFromIdle > 0) {
// We only need to do this if the idle assets can cover the remaining recoup fully because
// we'll be reverting otherwise
if (info.assetsFromIdle >= info.remainingRecoup) {
// We still need to charge for the recoup so we're going to leave it in debtBurned
// but we'll take it back out of actualAssets so it stays in idle. We need to lower
// assetsFromIdle as well so that the final numbers get updated too
actualAssets -= info.remainingRecoup;
info.assetsFromIdle -= info.remainingRecoup;
info.remainingRecoup = 0;
} else {
// Just updating this number so we get an accurate value in the revert below
info.remainingRecoup -= info.assetsFromIdle;
}
}
// We took everything we could and still can't cover, time to revert
if (info.remainingRecoup > 0) {
revert PositivePriceRecoupNotCovered(info.remainingRecoup);
}
actualShares = IAutopool(address(this)).convertToShares(
debtBurned, applicableTotalAssets, IAutopool(address(this)).totalSupply(), Math.Rounding.Up
);
// Subtract what's taken out of idle from totalIdle
// We may also have some increase to account for it we over pulled
// or received better execution than we were anticipating
// slither-disable-next-line events-maths
assetBreakdown.totalIdle = info.currentIdle + info.idleIncrease - info.assetsFromIdle;
// Save off our various debt numbers
if (info.debtDecrease > assetBreakdown.totalDebt) {
assetBreakdown.totalDebt = 0;
} else {
assetBreakdown.totalDebt -= info.debtDecrease;
}
if (info.debtMinDecrease > info.totalMinDebt) {
assetBreakdown.totalDebtMin = 0;
} else {
assetBreakdown.totalDebtMin -= info.debtMinDecrease;
}
if (info.debtMaxDecrease > assetBreakdown.totalDebtMax) {
assetBreakdown.totalDebtMax = 0;
} else {
assetBreakdown.totalDebtMax -= info.debtMaxDecrease;
}
}
/**
* @notice Function to complete a withdrawal or redeem. This runs after shares to be burned and assets to be
* transferred are calculated.
* @param assets Amount of assets to be transferred to receiver.
* @param shares Amount of shares to be burned from owner.
* @param owner Owner of shares, user to burn shares from.
* @param receiver The receiver of the baseAsset.
* @param baseAsset Base asset of the Autopool.
* @param assetBreakdown Asset breakdown for the Autopool.
* @param tokenData Token data for the Autopool.
*/
function completeWithdrawal(
uint256 assets,
uint256 shares,
address owner,
address receiver,
IERC20 baseAsset,
IAutopool.AssetBreakdown storage assetBreakdown,
AutopoolToken.TokenData storage tokenData
) external {
if (msg.sender != owner) {
uint256 allowed = IAutopool(address(this)).allowance(owner, msg.sender);
if (allowed != type(uint256).max) {
if (shares > allowed) revert AmountExceedsAllowance(shares, allowed);
unchecked {
tokenData.approve(owner, msg.sender, allowed - shares);
}
}
}
tokenData.burn(owner, shares);
uint256 ts = IAutopool(address(this)).totalSupply();
emit Withdraw(msg.sender, receiver, owner, assets, shares);
emit Nav(assetBreakdown.totalIdle, assetBreakdown.totalDebt, ts);
baseAsset.safeTransfer(receiver, assets);
}
/**
* @notice A helper function to get estimates of what would happen on a withdraw or redeem.
* @dev Reverts all changing state.
* @param previewWithdraw Bool denoting whether to preview a redeem or withdrawal.
* @param assets Assets to be withdrawn or redeemed.
* @param applicableTotalAssets Operation dependent assets in the Autopool.
* @param functionCallEncoded Abi encoded function signature for recursive call.
* @param assetBreakdown Breakdown of vault assets from Autopool storage.
* @param withdrawalQueue Destination vault withdrawal queue from Autopool storage.
* @param destinationInfo Mapping of information for destinations.
* @return assetsAmount Preview of amount of assets to send to receiver.
* @return sharesAmount Preview of amount of assets to burn from owner.
*/
function preview(
bool previewWithdraw,
uint256 assets,
uint256 applicableTotalAssets,
bytes memory functionCallEncoded,
IAutopool.AssetBreakdown storage assetBreakdown,
StructuredLinkedList.List storage withdrawalQueue,
mapping(address => AutopoolDebt.DestinationInfo) storage destinationInfo
) external returns (uint256 assetsAmount, uint256 sharesAmount) {
if (msg.sender != address(this)) {
// Perform a recursive call the function in `funcCallEncoded`. This will result in a call back to
// the Autopool, and then this function. The intention is to reach the "else" block in this function.
// solhint-disable avoid-low-level-calls
// slither-disable-next-line missing-zero-check,low-level-calls
(bool success, bytes memory returnData) = address(this).call(functionCallEncoded);
// solhint-enable avoid-low-level-calls
// If the recursive call is successful, it means an unintended code path was taken.
if (success) {
revert Errors.UnreachableError();
}
bytes4 sharesAmountSig = bytes4(keccak256("SharesAndAssetsReceived(uint256,uint256)"));
// Extract the error signature (first 4 bytes) from the revert reason.
bytes4 errorSignature;
// solhint-disable no-inline-assembly
assembly {
errorSignature := mload(add(returnData, 0x20))
}
// If the error matches the expected signature, extract the amount from the revert reason and return.
if (errorSignature == sharesAmountSig) {
// Extract subsequent bytes for uint256.
assembly {
assetsAmount := mload(add(returnData, 0x24))
sharesAmount := mload(add(returnData, 0x44))
}
} else {
// If the error is not the expected one, forward the original revert reason.
assembly {
revert(add(32, returnData), mload(returnData))
}
}
// solhint-enable no-inline-assembly
}
// This branch is taken during the recursive call.
else {
// Perform the actual withdrawal or redeem logic to compute the amount. This will be reverted to
// simulate the action.
uint256 previewAssets;
uint256 previewShares;
if (previewWithdraw) {
(previewAssets, previewShares,) =
withdraw(assets, applicableTotalAssets, assetBreakdown, withdrawalQueue, destinationInfo);
} else {
(previewAssets, previewShares,) =
redeem(assets, applicableTotalAssets, assetBreakdown, withdrawalQueue, destinationInfo);
}
// Revert with the computed amount as an error.
revert SharesAndAssetsReceived(previewAssets, previewShares);
}
}
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { ECDSA } from "openzeppelin-contracts/utils/cryptography/ECDSA.sol";
import { IERC20Permit } from "openzeppelin-contracts/token/ERC20/extensions/draft-IERC20Permit.sol";
/// @notice ERC20 token functionality converted into a library. Based on OZ's v5
/// https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v5.0.1/contracts/token/ERC20/ERC20.sol
library AutopoolToken {
struct TokenData {
/// @notice Token balances
/// @dev account => balance
mapping(address => uint256) balances;
/// @notice Account spender allowances
/// @dev account => spender => allowance
mapping(address => mapping(address => uint256)) allowances;
/// @notice Total supply of the pool. Be careful when using this directly from the struct. The pool itself
/// modifies this number based on unlocked profited shares
uint256 totalSupply;
/// @notice ERC20 Permit nonces
/// @dev account -> nonce. Exposed via `nonces(owner)`
mapping(address => uint256) nonces;
}
/// @notice EIP2612 permit type hash
bytes32 public constant PERMIT_TYPEHASH =
keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");
/// @notice EIP712 domain type hash
bytes32 public constant TYPE_HASH =
keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)");
/// @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
/// @param sender Address whose tokens are being transferred.
/// @param balance Current balance for the interacting account.
/// @param needed Minimum amount required to perform a transfer.
error ERC20InsufficientBalance(address sender, uint256 balance, uint256 needed);
/// @dev Indicates a failure with the token `sender`. Used in transfers.
/// @param sender Address whose tokens are being transferred.
error ERC20InvalidSender(address sender);
/// @dev Indicates a failure with the token `receiver`. Used in transfers.
/// @param receiver Address to which tokens are being transferred.
error ERC20InvalidReceiver(address receiver);
/// @dev Indicates a failure with the `spender`’s `allowance`. Used in transfers.
///@param spender Address that may be allowed to operate on tokens without being their owner.
/// @param allowance Amount of tokens a `spender` is allowed to operate with.
///@param needed Minimum amount required to perform a transfer.
error ERC20InsufficientAllowance(address spender, uint256 allowance, uint256 needed);
/// @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
/// @param approver Address initiating an approval operation.
error ERC20InvalidApprover(address approver);
/// @dev Indicates a failure with the `spender` to be approved. Used in approvals.
/// @param spender Address that may be allowed to operate on tokens without being their owner.
error ERC20InvalidSpender(address spender);
/// @dev Permit deadline has expired.
error ERC2612ExpiredSignature(uint256 deadline);
/// @dev Mismatched signature.
error ERC2612InvalidSigner(address signer, address owner);
/// @dev The nonce used for an `account` is not the expected current nonce.
error InvalidAccountNonce(address account, uint256 currentNonce);
/// @dev Emitted when `value` tokens are moved from one account `from` to another `to`.
event Transfer(address indexed from, address indexed to, uint256 value);
/// @dev Emitted when the allowance of a `spender` for an `owner` is set by a call to {approve}.
/// `value` is the new allowance.
event Approval(address indexed owner, address indexed spender, uint256 value);
/// @dev Sets a `value` amount of tokens as the allowance of `spender` over the caller's tokens.
function approve(TokenData storage data, address spender, uint256 value) external returns (bool) {
address owner = msg.sender;
approve(data, owner, spender, value);
return true;
}
/// @dev Sets `value` as the allowance of `spender` over the `owner` s tokens.
function approve(TokenData storage data, address owner, address spender, uint256 value) public {
_approve(data, owner, spender, value, true);
}
function transfer(TokenData storage data, address to, uint256 value) external returns (bool) {
address owner = msg.sender;
_transfer(data, owner, to, value);
return true;
}
/// @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism.
/// value` is then deducted from the caller's allowance.
function transferFrom(TokenData storage data, address from, address to, uint256 value) external returns (bool) {
address spender = msg.sender;
_spendAllowance(data, from, spender, value);
_transfer(data, from, to, value);
return true;
}
/// @dev Creates a `value` amount of tokens and assigns them to `account`, by transferring it from address(0).
function mint(TokenData storage data, address account, uint256 value) external {
if (account == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(data, address(0), account, value);
}
/// @dev Destroys a `value` amount of tokens from `account`, lowering the total supply.
function burn(TokenData storage data, address account, uint256 value) external {
if (account == address(0)) {
revert ERC20InvalidSender(address(0));
}
_update(data, account, address(0), value);
}
function permit(
TokenData storage data,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external {
if (block.timestamp > deadline) {
revert ERC2612ExpiredSignature(deadline);
}
uint256 nonce;
// For each account, the nonce has an initial value of 0, can only be incremented by one, and cannot be
// decremented or reset. This guarantees that the nonce never overflows.
unchecked {
// It is important to do x++ and not ++x here. Nonces starts at 0
nonce = data.nonces[owner]++;
}
bytes32 structHash = keccak256(abi.encode(PERMIT_TYPEHASH, owner, spender, value, nonce, deadline));
bytes32 hash = ECDSA.toTypedDataHash(IERC20Permit(address(this)).DOMAIN_SEPARATOR(), structHash);
address signer = ECDSA.recover(hash, v, r, s);
if (signer != owner) {
revert ERC2612InvalidSigner(signer, owner);
}
approve(data, owner, spender, value);
}
/// @dev Moves a `value` amount of tokens from `from` to `to`.
function _transfer(TokenData storage data, address from, address to, uint256 value) private {
if (from == address(0)) {
revert ERC20InvalidSender(address(0));
}
if (to == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(data, from, to, value);
}
/// @dev Updates `owner` s allowance for `spender` based on spent `value`.
function _spendAllowance(TokenData storage data, address owner, address spender, uint256 value) private {
uint256 currentAllowance = data.allowances[owner][spender];
if (currentAllowance != type(uint256).max) {
if (currentAllowance < value) {
revert ERC20InsufficientAllowance(spender, currentAllowance, value);
}
unchecked {
_approve(data, owner, spender, currentAllowance - value, false);
}
}
}
/// @dev Transfers a `value` amount of tokens from `from` to `to`, or alternatively mints (or burns) if `from`
/// (or `to`) is the zero address.
function _update(TokenData storage data, address from, address to, uint256 value) private {
if (from == address(0)) {
// Overflow check required: The rest of the code assumes that totalSupply never overflows
data.totalSupply += value;
} else {
uint256 fromBalance = data.balances[from];
if (fromBalance < value) {
revert ERC20InsufficientBalance(from, fromBalance, value);
}
unchecked {
// Overflow not possible: value <= fromBalance <= totalSupply.
data.balances[from] = fromBalance - value;
}
}
if (to == address(0)) {
unchecked {
// Overflow not possible: value <= totalSupply or value <= fromBalance <= totalSupply.
data.totalSupply -= value;
}
} else {
unchecked {
// Overflow not possible: balance + value is at most totalSupply, which we know fits into a uint256.
data.balances[to] += value;
}
}
emit Transfer(from, to, value);
}
/// @dev Variant of `_approve` with an optional flag to enable or disable the Approval event.
function _approve(TokenData storage data, address owner, address spender, uint256 value, bool emitEvent) private {
if (owner == address(0)) {
revert ERC20InvalidApprover(address(0));
}
if (spender == address(0)) {
revert ERC20InvalidSpender(address(0));
}
data.allowances[owner][spender] = value;
if (emitEvent) {
emit Approval(owner, spender, value);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/ECDSA.sol)
pragma solidity ^0.8.0;
import "../Strings.sol";
/**
* @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
*
* These functions can be used to verify that a message was signed by the holder
* of the private keys of a given address.
*/
library ECDSA {
enum RecoverError {
NoError,
InvalidSignature,
InvalidSignatureLength,
InvalidSignatureS,
InvalidSignatureV // Deprecated in v4.8
}
function _throwError(RecoverError error) private pure {
if (error == RecoverError.NoError) {
return; // no error: do nothing
} else if (error == RecoverError.InvalidSignature) {
revert("ECDSA: invalid signature");
} else if (error == RecoverError.InvalidSignatureLength) {
revert("ECDSA: invalid signature length");
} else if (error == RecoverError.InvalidSignatureS) {
revert("ECDSA: invalid signature 's' value");
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature` or error string. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*
* Documentation for signature generation:
* - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
* - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError) {
if (signature.length == 65) {
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them
// currently is to use assembly.
/// @solidity memory-safe-assembly
assembly {
r := mload(add(signature, 0x20))
s := mload(add(signature, 0x40))
v := byte(0, mload(add(signature, 0x60)))
}
return tryRecover(hash, v, r, s);
} else {
return (address(0), RecoverError.InvalidSignatureLength);
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature`. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*/
function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, signature);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
*
* See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
*
* _Available since v4.3._
*/
function tryRecover(
bytes32 hash,
bytes32 r,
bytes32 vs
) internal pure returns (address, RecoverError) {
bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
uint8 v = uint8((uint256(vs) >> 255) + 27);
return tryRecover(hash, v, r, s);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
*
* _Available since v4.2._
*/
function recover(
bytes32 hash,
bytes32 r,
bytes32 vs
) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, r, vs);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `v`,
* `r` and `s` signature fields separately.
*
* _Available since v4.3._
*/
function tryRecover(
bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internal pure returns (address, RecoverError) {
// EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
// unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
// the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most
// signatures from current libraries generate a unique signature with an s-value in the lower half order.
//
// If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
// with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
// vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
// these malleable signatures as well.
if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
return (address(0), RecoverError.InvalidSignatureS);
}
// If the signature is valid (and not malleable), return the signer address
address signer = ecrecover(hash, v, r, s);
if (signer == address(0)) {
return (address(0), RecoverError.InvalidSignature);
}
return (signer, RecoverError.NoError);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `v`,
* `r` and `s` signature fields separately.
*/
function recover(
bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, v, r, s);
_throwError(error);
return recovered;
}
/**
* @dev Returns an Ethereum Signed Message, created from a `hash`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32) {
// 32 is the length in bytes of hash,
// enforced by the type signature above
return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", hash));
}
/**
* @dev Returns an Ethereum Signed Message, created from `s`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n", Strings.toString(s.length), s));
}
/**
* @dev Returns an Ethereum Signed Typed Data, created from a
* `domainSeparator` and a `structHash`. This produces hash corresponding
* to the one signed with the
* https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]
* JSON-RPC method as part of EIP-712.
*
* See {recover}.
*/
function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19\x01", domainSeparator, structHash));
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/structs/EnumerableSet.sol)
// This file was procedurally generated from scripts/generate/templates/EnumerableSet.js.
pragma solidity ^0.8.0;
/**
* @dev Library for managing
* https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive
* types.
*
* Sets have the following properties:
*
* - Elements are added, removed, and checked for existence in constant time
* (O(1)).
* - Elements are enumerated in O(n). No guarantees are made on the ordering.
*
* ```
* contract Example {
* // Add the library methods
* using EnumerableSet for EnumerableSet.AddressSet;
*
* // Declare a set state variable
* EnumerableSet.AddressSet private mySet;
* }
* ```
*
* As of v3.3.0, sets of type `bytes32` (`Bytes32Set`), `address` (`AddressSet`)
* and `uint256` (`UintSet`) are supported.
*
* [WARNING]
* ====
* Trying to delete such a structure from storage will likely result in data corruption, rendering the structure
* unusable.
* See https://github.com/ethereum/solidity/pull/11843[ethereum/solidity#11843] for more info.
*
* In order to clean an EnumerableSet, you can either remove all elements one by one or create a fresh instance using an
* array of EnumerableSet.
* ====
*/
library EnumerableSet {
// To implement this library for multiple types with as little code
// repetition as possible, we write it in terms of a generic Set type with
// bytes32 values.
// The Set implementation uses private functions, and user-facing
// implementations (such as AddressSet) are just wrappers around the
// underlying Set.
// This means that we can only create new EnumerableSets for types that fit
// in bytes32.
struct Set {
// Storage of set values
bytes32[] _values;
// Position of the value in the `values` array, plus 1 because index 0
// means a value is not in the set.
mapping(bytes32 => uint256) _indexes;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function _add(Set storage set, bytes32 value) private returns (bool) {
if (!_contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes
// and use 0 as a sentinel value
set._indexes[value] = set._values.length;
return true;
} else {
return false;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function _remove(Set storage set, bytes32 value) private returns (bool) {
// We read and store the value's index to prevent multiple reads from the same storage slot
uint256 valueIndex = set._indexes[value];
if (valueIndex != 0) {
// Equivalent to contains(set, value)
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in
// the array, and then remove the last element (sometimes called as 'swap and pop').
// This modifies the order of the array, as noted in {at}.
uint256 toDeleteIndex = valueIndex - 1;
uint256 lastIndex = set._values.length - 1;
if (lastIndex != toDeleteIndex) {
bytes32 lastValue = set._values[lastIndex];
// Move the last value to the index where the value to delete is
set._values[toDeleteIndex] = lastValue;
// Update the index for the moved value
set._indexes[lastValue] = valueIndex; // Replace lastValue's index to valueIndex
}
// Delete the slot where the moved value was stored
set._values.pop();
// Delete the index for the deleted slot
delete set._indexes[value];
return true;
} else {
return false;
}
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function _contains(Set storage set, bytes32 value) private view returns (bool) {
return set._indexes[value] != 0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/
function _length(Set storage set) private view returns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function _at(Set storage set, uint256 index) private view returns (bytes32) {
return set._values[index];
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function _values(Set storage set) private view returns (bytes32[] memory) {
return set._values;
}
// Bytes32Set
struct Bytes32Set {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(Bytes32Set storage set, bytes32 value) internal returns (bool) {
return _add(set._inner, value);
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(Bytes32Set storage set, bytes32 value) internal returns (bool) {
return _remove(set._inner, value);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(Bytes32Set storage set, bytes32 value) internal view returns (bool) {
return _contains(set._inner, value);
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(Bytes32Set storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(Bytes32Set storage set, uint256 index) internal view returns (bytes32) {
return _at(set._inner, index);
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(Bytes32Set storage set) internal view returns (bytes32[] memory) {
bytes32[] memory store = _values(set._inner);
bytes32[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// AddressSet
struct AddressSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(AddressSet storage set, address value) internal returns (bool) {
return _add(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(AddressSet storage set, address value) internal returns (bool) {
return _remove(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(AddressSet storage set, address value) internal view returns (bool) {
return _contains(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(AddressSet storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(AddressSet storage set, uint256 index) internal view returns (address) {
return address(uint160(uint256(_at(set._inner, index))));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(AddressSet storage set) internal view returns (address[] memory) {
bytes32[] memory store = _values(set._inner);
address[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// UintSet
struct UintSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(UintSet storage set, uint256 value) internal returns (bool) {
return _add(set._inner, bytes32(value));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(UintSet storage set, uint256 value) internal returns (bool) {
return _remove(set._inner, bytes32(value));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(UintSet storage set, uint256 value) internal view returns (bool) {
return _contains(set._inner, bytes32(value));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(UintSet storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(UintSet storage set, uint256 index) internal view returns (uint256) {
return uint256(_at(set._inner, index));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(UintSet storage set) internal view returns (uint256[] memory) {
bytes32[] memory store = _values(set._inner);
uint256[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { Address } from "openzeppelin-contracts/utils/Address.sol";
import { ISystemComponent } from "src/interfaces/ISystemComponent.sol";
// solhint-disable max-line-length
library Errors {
using Address for address;
///////////////////////////////////////////////////////////////////
// Set errors
///////////////////////////////////////////////////////////////////
error AccessDenied();
error ZeroAddress(string paramName);
error ZeroAmount();
error InsufficientBalance(address token);
error AssetNotAllowed(address token);
error NotImplemented();
error InvalidAddress(address addr);
error InvalidParam(string paramName);
error InvalidParams();
error UnsafePrice(address token, uint256 spotPrice, uint256 safePrice);
error AlreadySet(string param);
error AlreadyRegistered(address param);
error SlippageExceeded(uint256 expected, uint256 actual);
error ArrayLengthMismatch(uint256 length1, uint256 length2, string details);
error ItemNotFound();
error ItemExists();
error MissingRole(bytes32 role, address user);
error RegistryItemMissing(string item);
error NotRegistered();
// Used to check storage slot is empty before setting.
error MustBeZero();
// Used to check storage slot set before deleting.
error MustBeSet();
error ApprovalFailed(address token);
error FlashLoanFailed(address token, uint256 amount);
error SystemMismatch(address source1, address source2);
error InvalidToken(address token);
error UnreachableError();
error InvalidSigner(address signer);
error InvalidChainId(uint256 chainId);
error SenderMismatch(address recipient, address sender);
error UnsupportedMessage(bytes32 messageType, bytes message);
error NotSupported();
error InvalidConfiguration();
error InvalidDataReturned();
function verifyNotZero(address addr, string memory paramName) internal pure {
if (addr == address(0)) {
revert ZeroAddress(paramName);
}
}
function verifyNotZero(bytes32 key, string memory paramName) internal pure {
if (key == bytes32(0)) {
revert InvalidParam(paramName);
}
}
function verifyNotEmpty(string memory val, string memory paramName) internal pure {
if (bytes(val).length == 0) {
revert InvalidParam(paramName);
}
}
function verifyNotZero(uint256 num, string memory paramName) internal pure {
if (num == 0) {
revert InvalidParam(paramName);
}
}
function verifySystemsMatch(address component1, address component2) internal view {
address registry1 =
abi.decode(component1.functionStaticCall(abi.encodeCall(ISystemComponent.getSystemRegistry, ())), (address));
address registry2 =
abi.decode(component2.functionStaticCall(abi.encodeCall(ISystemComponent.getSystemRegistry, ())), (address));
if (registry1 != registry2) {
revert SystemMismatch(component1, component2);
}
}
function verifyArrayLengths(uint256 length1, uint256 length2, string memory details) internal pure {
if (length1 != length2) {
revert ArrayLengthMismatch(length1, length2, details);
}
}
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IERC20Metadata } from "openzeppelin-contracts/token/ERC20/extensions/IERC20Metadata.sol";
interface IAccToke {
///////////////////////////////////////////////////////////////////
// Variables
///////////////////////////////////////////////////////////////////
function startEpoch() external view returns (uint256);
function minStakeDuration() external view returns (uint256);
struct Lockup {
uint128 amount;
uint128 end;
uint256 points;
}
function getLockups(address user) external view returns (Lockup[] memory);
function toke() external view returns (IERC20Metadata);
///////////////////////////////////////////////////////////////////
// Errors
///////////////////////////////////////////////////////////////////
error ZeroAddress();
error StakingDurationTooShort();
error StakingDurationTooLong();
error StakingPointsExceeded();
error IncorrectStakingAmount();
error InsufficientFunds();
error LockupDoesNotExist();
error NotUnlockableYet();
error AlreadyUnlocked();
error ExtendDurationTooShort();
error TransfersDisabled();
error TransferFailed();
error NoRewardsToClaim();
error InsufficientAmount();
error InvalidLockupIds();
error InvalidDurationLength();
error InvalidMinStakeDuration();
///////////////////////////////////////////////////////////////////
// Events
///////////////////////////////////////////////////////////////////
event SetMaxStakeDuration(uint256 oldDuration, uint256 newDuration);
event Stake(address indexed user, uint256 lockupId, uint256 amount, uint256 end, uint256 points);
event Unstake(address indexed user, uint256 lockupId, uint256 amount, uint256 end, uint256 points);
event Extend(
address indexed user,
uint256 lockupId,
uint256 amount,
uint256 oldEnd,
uint256 newEnd,
uint256 oldPoints,
uint256 newPoints
);
event RewardsAdded(uint256 amount, uint256 accRewardPerShare);
event RewardsCollected(address indexed user, uint256 amount);
event RewardsClaimed(address indexed user, uint256 amount);
///////////////////////////////////////////////////////////////////
//
// Staking Methods
//
///////////////////////////////////////////////////////////////////
/**
* @notice Stake TOKE to an address that may not be the same as the sender of the funds. This can be used to give
* staked funds to someone else.
*
* If staking before the start of staking (epoch), then the lockup start and end dates are shifted forward so that
* the lockup starts at the epoch.
*
* @param amount TOKE to lockup in the stake
* @param duration in seconds for the stake
* @param to address to receive ownership of the stake
*/
function stake(uint256 amount, uint256 duration, address to) external;
/**
* @notice Stake TOKE
*
* If staking before the start of staking (epoch), then the lockup start and end dates are shifted forward so that
* the lockup starts at the epoch.
*
* @notice Stake TOKE for myself.
* @param amount TOKE to lockup in the stake
* @param duration in seconds for the stake
*/
function stake(uint256 amount, uint256 duration) external;
/**
* @notice Collect staked TOKE for a lockup and any earned rewards.
* @param lockupIds the id of the lockup to unstake
*/
function unstake(uint256[] memory lockupIds) external;
/**
* @notice Extend a stake lockup for additional points.
*
* The stake end time is computed from the current time + duration, just like it is for new stakes. So a new stake
* for seven days duration and an old stake extended with a seven days duration would have the same end.
*
* If an extend is made before the start of staking, the start time for the new stake is shifted forwards to the
* start of staking, which also shifts forward the end date.
*
* @param lockupIds the id of the old lockup to extend
* @param durations number of seconds from now to stake for
*/
function extend(uint256[] memory lockupIds, uint256[] memory durations) external;
///////////////////////////////////////////////////////////////////
//
// Rewards
//
///////////////////////////////////////////////////////////////////
/// @notice The total amount of rewards earned for all stakes
function totalRewardsEarned() external returns (uint256);
/// @notice Total rewards claimed by all stakers
function totalRewardsClaimed() external returns (uint256);
/// @notice Rewards claimed by a specific wallet
/// @param user Address of the wallet to check
function rewardsClaimed(address user) external returns (uint256);
/**
* @notice Preview the number of points that would be returned for the
* given amount and duration.
*
* @param amount TOKE to be staked
* @param duration number of seconds to stake for
* @return points staking points that would be returned
* @return end staking period end date
*/
function previewPoints(uint256 amount, uint256 duration) external view returns (uint256, uint256);
/// @notice Preview the reward amount a caller can claim
function previewRewards() external view returns (uint256);
/// @notice Preview the reward amount a specified wallet can claim
function previewRewards(address user) external view returns (uint256);
/// @notice Claim rewards for the caller
function collectRewards() external returns (uint256);
/// @notice Check if amount can be staked
function isStakeableAmount(uint256 amount) external pure returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (access/IAccessControl.sol)
pragma solidity ^0.8.0;
/**
* @dev External interface of AccessControl declared to support ERC165 detection.
*/
interface IAccessControl {
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted signaling this.
*
* _Available since v3.1._
*/
event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call, an admin role
* bearer except when using {AccessControl-_setupRole}.
*/
event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/
event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) external view returns (bool);
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {AccessControl-_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) external view returns (bytes32);
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function grantRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function revokeRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `account`.
*/
function renounceRole(bytes32 role, address account) external;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (access/IAccessControlEnumerable.sol)
pragma solidity ^0.8.0;
import "./IAccessControl.sol";
/**
* @dev External interface of AccessControlEnumerable declared to support ERC165 detection.
*/
interface IAccessControlEnumerable is IAccessControl {
/**
* @dev Returns one of the accounts that have `role`. `index` must be a
* value between 0 and {getRoleMemberCount}, non-inclusive.
*
* Role bearers are not sorted in any particular way, and their ordering may
* change at any point.
*
* WARNING: When using {getRoleMember} and {getRoleMemberCount}, make sure
* you perform all queries on the same block. See the following
* https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post]
* for more information.
*/
function getRoleMember(bytes32 role, uint256 index) external view returns (address);
/**
* @dev Returns the number of accounts that have `role`. Can be used
* together with {getRoleMember} to enumerate all bearers of a role.
*/
function getRoleMemberCount(bytes32 role) external view returns (uint256);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IAccessControlEnumerable } from "openzeppelin-contracts/access/IAccessControlEnumerable.sol";
interface IAccessController is IAccessControlEnumerable {
error AccessDenied();
/**
* @notice Setup a role for an account
* @param role The role to setup
* @param account The account to setup the role for
*/
function setupRole(bytes32 role, address account) external;
/**
* @notice Verify if an account is an owner. Reverts if not
* @param account The account to verify
*/
function verifyOwner(address account) external view;
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
struct SwapParams {
/// @dev The address of the token to be sold.
address sellTokenAddress;
/// @dev The amount of tokens to be sold.
uint256 sellAmount;
/// @dev The address of the token to be bought.
address buyTokenAddress;
/// @dev The expected minimum amount of tokens to be bought.
uint256 buyAmount;
/// @dev Data payload to be used for complex swap operations.
bytes data;
/// @dev Extra data payload reserved for future development. This field allows for additional information
/// or functionality to be added without changing the struct and interface.
bytes extraData;
/// @dev Execution deadline in timestamp format
uint256 deadline;
}
interface IAsyncSwapper {
error TokenAddressZero();
error SwapFailed();
error InsufficientBuyAmountReceived(uint256 buyTokenAmountReceived, uint256 buyAmount);
error InsufficientSellAmount();
error InsufficientBuyAmount();
error InsufficientBalance(uint256 balanceNeeded, uint256 balanceAvailable);
event Swapped(
address indexed sellTokenAddress,
address indexed buyTokenAddress,
uint256 sellAmount,
uint256 buyAmount,
uint256 buyTokenAmountReceived
);
/**
* @notice Swaps sellToken for buyToken
* @param swapParams Encoded swap data
* @return buyTokenAmountReceived The amount of buyToken received from the swap
*/
function swap(SwapParams memory swapParams) external returns (uint256 buyTokenAmountReceived);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
interface IAsyncSwapperRegistry {
event SwapperAdded(address indexed item);
event SwapperRemoved(address indexed item);
/// @notice Registers an item
/// @param item Item address to be added
function register(address item) external;
/// @notice Removes item registration
/// @param item Item address to be removed
function unregister(address item) external;
/// @notice Returns a list of all registered items
function list() external view returns (address[] memory);
/// @notice Checks if an address is a valid item
/// @param item Item address to be checked
function isRegistered(address item) external view returns (bool);
/// @notice Checks if an address is a valid swapper and reverts if not
/// @param item Swapper address to be checked
function verifyIsRegistered(address item) external view;
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IAutopool } from "src/interfaces/vault/IAutopool.sol";
import { IAutopilotRouterBase } from "src/interfaces/vault/IAutopilotRouterBase.sol";
import { IRewards } from "src/interfaces/rewarders/IRewards.sol";
import { SwapParams } from "src/interfaces/liquidation/IAsyncSwapper.sol";
/**
* @title IAutopilotRouter Interface
* @notice Extends the IAutopilotRouterBase with specific flows to save gas
*/
interface IAutopilotRouter is IAutopilotRouterBase {
/**
* *************************** Deposit ********************************
*/
/**
* @notice deposit available asset balance to a AutopoolETH.
* @param vault The AutopoolETH to deposit assets to.
* @param to The destination of ownership shares.
* @param minSharesOut The min amount of `vault` shares received by `to`.
* @return sharesOut the amount of shares received by `to`.
* @dev throws MinSharesError
*/
function depositBalance(
IAutopool vault,
address to,
uint256 minSharesOut
) external payable returns (uint256 sharesOut);
/**
* @notice deposit max assets to a AutopoolETH.
* @param vault The AutopoolETH to deposit assets to.
* @param to The destination of ownership shares.
* @param minSharesOut The min amount of `vault` shares received by `to`.
* @return sharesOut the amount of shares received by `to`.
* @dev throws MinSharesError
*/
function depositMax(
IAutopool vault,
address to,
uint256 minSharesOut
) external payable returns (uint256 sharesOut);
/**
* ************************* Withdraw **********************************
*/
/**
* @notice withdraw `amount` to a AutopoolETH.
* @param fromVault The AutopoolETH to withdraw assets from.
* @param toVault The AutopoolETH to deposit assets to.
* @param to The destination of ownership shares.
* @param amount The amount of assets to withdraw from fromVault.
* @param maxSharesIn The max amount of fromVault shares withdrawn by caller.
* @param minSharesOut The min amount of toVault shares received by `to`.
* @return sharesOut the amount of shares received by `to`.
* @dev throws MaxSharesError, MinSharesError
*/
function withdrawToDeposit(
IAutopool fromVault,
IAutopool toVault,
address to,
uint256 amount,
uint256 maxSharesIn,
uint256 minSharesOut
) external payable returns (uint256 sharesOut);
/**
* ************************* Redeem ********************************
*/
/**
* @notice redeem `shares` to a AutopoolETH.
* @param fromVault The AutopoolETH to redeem shares from.
* @param toVault The AutopoolETH to deposit assets to.
* @param to The destination of ownership shares.
* @param shares The amount of shares to redeem from fromVault.
* @param minSharesOut The min amount of toVault shares received by `to`.
* @return sharesOut the amount of shares received by `to`.
* @dev throws MinAmountError, MinSharesError
*/
function redeemToDeposit(
IAutopool fromVault,
IAutopool toVault,
address to,
uint256 shares,
uint256 minSharesOut
) external payable returns (uint256 sharesOut);
/**
* @notice redeem max shares to a AutopoolETH.
* @param vault The AutopoolETH to redeem shares from.
* @param to The destination of assets.
* @param minAmountOut The min amount of assets received by `to`.
* @return amountOut the amount of assets received by `to`.
* @dev throws MinAmountError
*/
function redeemMax(
IAutopool vault,
address to,
uint256 minAmountOut
) external payable returns (uint256 amountOut);
/**
* @notice swaps token
* @param swapper Address of the swapper to use
* @param swapParams Parameters for the swap
* @return amountReceived Swap output amount
*/
function swapToken(
address swapper,
SwapParams memory swapParams
) external payable returns (uint256 amountReceived);
/**
* @notice claims vault token rewards
* @param rewarder Address of the rewarder to claim from
* @param recipient Struct containing recipient details
* @return amountReceived Swap output amount
*/
function claimRewards(
IRewards rewarder,
IRewards.Recipient calldata recipient,
uint8 v,
bytes32 r,
bytes32 s
) external payable returns (uint256);
/**
* @notice swaps Exact token balance in the contract
* @param swapper Address of the swapper to use
* @param swapParams Parameters for the swap
* @return amountReceived Swap output amount
* @dev sets the sellAmount to the balance of the contract
*/
function swapTokenBalance(
address swapper,
SwapParams memory swapParams
) external payable returns (uint256 amountReceived);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity >=0.8.7;
import { IAutopool } from "src/interfaces/vault/IAutopool.sol";
import { IMainRewarder } from "src/interfaces/rewarders/IMainRewarder.sol";
import { IERC20 } from "openzeppelin-contracts/token/ERC20/IERC20.sol";
/**
* @title AutopoolETH Router Base Interface
* @notice A canonical router between AutopoolETHs
*
* The base router is a multicall style router inspired by Uniswap v3 with built-in features for permit,
* WETH9 wrap/unwrap, and ERC20 token pulling/sweeping/approving. It includes methods for the four mutable
* ERC4626 functions deposit/mint/withdraw/redeem as well.
*
* These can all be arbitrarily composed using the multicall functionality of the router.
*
* NOTE the router is capable of pulling any approved token from your wallet. This is only possible when
* your address is msg.sender, but regardless be careful when interacting with the router or ERC4626 Vaults.
* The router makes no special considerations for unique ERC20 implementations such as fee on transfer.
* There are no built in protections for unexpected behavior beyond enforcing the minSharesOut is received.
*/
interface IAutopilotRouterBase {
/// @notice thrown when amount of assets received is below the min set by caller
error MinAmountError();
/// @notice thrown when amount of shares received is below the min set by caller
error MinSharesError();
/// @notice thrown when amount of assets received is above the max set by caller
error MaxAmountError();
/// @notice thrown when amount of shares received is above the max set by caller
error MaxSharesError();
/// @notice thrown when timestamp is too old
error TimestampTooOld();
/**
* @notice mint `shares` from an ERC4626 vault.
* @param vault The AutopoolETH to mint shares from.
* @param to The destination of ownership shares.
* @param shares The amount of shares to mint from `vault`.
* @param maxAmountIn The max amount of assets used to mint.
* @return amountIn the amount of assets used to mint by `to`.
* @dev throws MaxAmountError
*/
function mint(
IAutopool vault,
address to,
uint256 shares,
uint256 maxAmountIn
) external payable returns (uint256 amountIn);
/**
* @notice deposit `amount` to an ERC4626 vault.
* @param vault The AutopoolETH to deposit assets to.
* @param to The destination of ownership shares.
* @param amount The amount of assets to deposit to `vault`.
* @param minSharesOut The min amount of `vault` shares received by `to`.
* @return sharesOut the amount of shares received by `to`.
* @dev throws MinSharesError
*/
function deposit(
IAutopool vault,
address to,
uint256 amount,
uint256 minSharesOut
) external payable returns (uint256 sharesOut);
/**
* @notice withdraw `amount` from an ERC4626 vault.
* @param vault The AutopoolETH to withdraw assets from.
* @param to The destination of assets.
* @param amount The amount of assets to withdraw from vault.
* @param maxSharesOut The max amount of shares burned for assets requested.
* @return sharesOut the amount of shares received by `to`.
* @dev throws MaxSharesError
*/
function withdraw(
IAutopool vault,
address to,
uint256 amount,
uint256 maxSharesOut
) external payable returns (uint256 sharesOut);
/**
* @notice redeem `shares` shares from a AutopoolETH
* @param vault The AutopoolETH to redeem shares from.
* @param to The destination of assets.
* @param shares The amount of shares to redeem from vault.
* @param minAmountOut The min amount of assets received by `to`.
* @return amountOut the amount of assets received by `to`.
* @dev throws MinAmountError
*/
function redeem(
IAutopool vault,
address to,
uint256 shares,
uint256 minAmountOut
) external payable returns (uint256 amountOut);
/// @notice Stakes vault token to corresponding rewarder.
/// @param vault IERC20 instance of an Autopool to stake to.
/// @param maxAmount Maximum amount for user to stake. Amount > balanceOf(user) will stake all present tokens.
/// @return staked Returns total amount staked.
function stakeVaultToken(IERC20 vault, uint256 maxAmount) external payable returns (uint256 staked);
/// @notice Unstakes vault token from corresponding rewarder.
/// @param vault IAutopool instance of the vault token to withdraw.
/// @param rewarder Rewarder to withdraw from.
/// @param maxAmount Amount of vault token to withdraw Amount > balanceOf(user) will withdraw all owned tokens.
/// @param claim Claiming rewards or not on unstaking.
/// @return withdrawn Amount of vault token withdrawn.
function withdrawVaultToken(
IAutopool vault,
IMainRewarder rewarder,
uint256 maxAmount,
bool claim
) external payable returns (uint256 withdrawn);
/// @notice Claims rewards on user stake of vault token.
/// @param vault IAutopool instance of vault token to claim rewards for.
/// @param rewarder Rewarder to claim rewards from.
/// @param recipient Address to claim rewards for.
function claimAutopoolRewards(IAutopool vault, IMainRewarder rewarder, address recipient) external payable;
/// @notice Checks if timestamp is expired. Purpose is to check the execution deadline with the multicall.
/// @param timestamp Timestamp to check.
/// @dev throws TimestampTooOld. Payable to allow for multicall.
function expiration(uint256 timestamp) external payable;
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { AutopoolDebt } from "src/vault/libs/AutopoolDebt.sol";
import { IERC4626 } from "src/interfaces/vault/IERC4626.sol";
import { Math } from "openzeppelin-contracts/utils/math/Math.sol";
import { IAutopoolStrategy } from "src/interfaces/strategy/IAutopoolStrategy.sol";
import { IMainRewarder } from "src/interfaces/rewarders/IMainRewarder.sol";
import { IERC20Permit } from "openzeppelin-contracts/token/ERC20/extensions/draft-IERC20Permit.sol";
interface IAutopool is IERC4626, IERC20Permit {
enum VaultShutdownStatus {
Active,
Deprecated,
Exploit
}
/// @param unlockPeriodInSeconds Time it takes for profit to unlock in seconds
/// @param fullProfitUnlockTime Time at which all profit will have been unlocked
/// @param lastProfitUnlockTime Last time profits were unlocked
/// @param profitUnlockRate Per second rate at which profit shares unlocks. Rate when calculated is denominated in
/// MAX_BPS_PROFIT. TODO: Get into uint112
struct ProfitUnlockSettings {
uint48 unlockPeriodInSeconds;
uint48 fullProfitUnlockTime;
uint48 lastProfitUnlockTime;
uint256 profitUnlockRate;
}
/// @param feeSink Where claimed fees are sent
/// @param totalAssetsHighMark The last totalAssets amount we took fees at
/// @param totalAssetsHighMarkTimestamp The last timestamp we updated the high water mark
/// @param lastPeriodicFeeTake Timestamp of when the last periodic fee was taken.
/// @param periodicFeeSink Address that receives periodic fee.
/// @param periodicFeeBps Current periodic fee. 100% == 10000.
/// @param streamingFeeBps Current streaming fee taken on profit. 100% == 10000
/// @param navPerShareLastFeeMark The last nav/share height we took fees at
/// @param navPerShareLastFeeMarkTimestamp The last timestamp we took fees at
/// @param rebalanceFeeHighWaterMarkEnabled Returns whether the nav/share high water mark is enabled for the
/// rebalance fee
struct AutopoolFeeSettings {
address feeSink;
uint256 totalAssetsHighMark;
uint256 totalAssetsHighMarkTimestamp;
uint256 lastPeriodicFeeTake;
address periodicFeeSink;
uint256 periodicFeeBps;
uint256 streamingFeeBps;
uint256 navPerShareLastFeeMark;
uint256 navPerShareLastFeeMarkTimestamp;
bool rebalanceFeeHighWaterMarkEnabled;
}
/// @param totalIdle The amount of baseAsset deposited into the contract pending deployment
/// @param totalDebt The current (though cached) value of assets we've deployed
/// @param totalDebtMin The current (though cached) value of assets we use for valuing during deposits
/// @param totalDebtMax The current (though cached) value of assets we use for valuing during withdrawals
struct AssetBreakdown {
uint256 totalIdle;
uint256 totalDebt;
uint256 totalDebtMin;
uint256 totalDebtMax;
}
enum TotalAssetPurpose {
Global,
Deposit,
Withdraw
}
/* ******************************** */
/* Events */
/* ******************************** */
event TokensPulled(address[] tokens, uint256[] amounts, address[] destinations);
event TokensRecovered(address[] tokens, uint256[] amounts, address[] destinations);
event Nav(uint256 idle, uint256 debt, uint256 totalSupply);
event RewarderSet(address newRewarder, address oldRewarder);
event DestinationDebtReporting(address destination, uint256 debtValue, uint256 claimed, uint256 claimGasUsed);
event FeeCollected(uint256 fees, address feeSink, uint256 mintedShares, uint256 profit, uint256 idle, uint256 debt);
event PeriodicFeeCollected(uint256 fees, address feeSink, uint256 mintedShares);
event Shutdown(VaultShutdownStatus reason);
/* ******************************** */
/* Errors */
/* ******************************** */
error ERC4626MintExceedsMax(uint256 shares, uint256 maxMint);
error ERC4626DepositExceedsMax(uint256 assets, uint256 maxDeposit);
error ERC4626ExceededMaxWithdraw(address owner, uint256 assets, uint256 max);
error ERC4626ExceededMaxRedeem(address owner, uint256 shares, uint256 max);
error InvalidShutdownStatus(VaultShutdownStatus status);
error WithdrawalFailed();
error DepositFailed();
error InsufficientFundsInDestinations(uint256 deficit);
error WithdrawalIncomplete();
error ValueSharesMismatch(uint256 value, uint256 shares);
/// @notice A full unit of this pool
// solhint-disable-next-line func-name-mixedcase
function ONE() external view returns (uint256);
/// @notice Query the type of vault
function vaultType() external view returns (bytes32);
/// @notice Strategy governing the pools rebalances
function autoPoolStrategy() external view returns (IAutopoolStrategy);
/// @notice Allow token recoverer to collect dust / unintended transfers (non-tracked assets only)
function recover(address[] calldata tokens, uint256[] calldata amounts, address[] calldata destinations) external;
/// @notice Set the order of destination vaults used for withdrawals
// NOTE: will be done going directly to strategy (IStrategy) vault points to.
// How it'll delegate is still being decided
// function setWithdrawalQueue(address[] calldata destinations) external;
/// @notice Get a list of destination vaults with pending assets to clear out
function getRemovalQueue() external view returns (address[] memory);
function getFeeSettings() external view returns (AutopoolFeeSettings memory);
/// @notice Initiate the shutdown procedures for this vault
function shutdown(VaultShutdownStatus reason) external;
/// @notice True if the vault has been shutdown
function isShutdown() external view returns (bool);
/// @notice Returns the reason for shutdown (or `Active` if not shutdown)
function shutdownStatus() external view returns (VaultShutdownStatus);
/// @notice gets the list of supported destination vaults for the Autopool/Strategy
/// @return _destinations List of supported destination vaults
function getDestinations() external view returns (address[] memory _destinations);
function convertToShares(
uint256 assets,
uint256 totalAssetsForPurpose,
uint256 supply,
Math.Rounding rounding
) external view returns (uint256 shares);
function convertToAssets(
uint256 shares,
uint256 totalAssetsForPurpose,
uint256 supply,
Math.Rounding rounding
) external view returns (uint256 assets);
function totalAssets(TotalAssetPurpose purpose) external view returns (uint256);
function getAssetBreakdown() external view returns (AssetBreakdown memory);
/// @notice get a destinations last reported debt value
/// @param destVault the address of the target destination
/// @return destinations last reported debt value
function getDestinationInfo(address destVault) external view returns (AutopoolDebt.DestinationInfo memory);
/// @notice check if a destination is registered with the vault
function isDestinationRegistered(address destination) external view returns (bool);
/// @notice get if a destinationVault is queued for removal by the AutopoolETH
function isDestinationQueuedForRemoval(address destination) external view returns (bool);
/// @notice Returns instance of vault rewarder.
function rewarder() external view returns (IMainRewarder);
/// @notice Returns all past rewarders.
function getPastRewarders() external view returns (address[] memory _pastRewarders);
/// @notice Returns boolean telling whether address passed in is past rewarder.
function isPastRewarder(address _pastRewarder) external view returns (bool);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
interface IAutopoolFactory {
///////////////////////////////////////////////////////////////////
// Vault Creation
///////////////////////////////////////////////////////////////////
/**
* @notice Spin up a new AutopoolETH
* @param strategy Strategy template address
* @param symbolSuffix Symbol suffix of the new token
* @param descPrefix Description prefix of the new token
* @param salt Vault creation salt
* @param extraParams Any extra data needed for the vault
*/
function createVault(
address strategy,
string memory symbolSuffix,
string memory descPrefix,
bytes32 salt,
bytes calldata extraParams
) external payable returns (address newVaultAddress);
function addStrategyTemplate(address strategyTemplate) external;
function removeStrategyTemplate(address strategyTemplate) external;
/// @notice Returns the template used to create Autopools
function template() external returns (address);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
/// @title Keep track of Vaults created through the Vault Factory
interface IAutopoolRegistry {
///////////////////////////////////////////////////////////////////
// Errors
///////////////////////////////////////////////////////////////////
error VaultNotFound(address vaultAddress);
error VaultAlreadyExists(address vaultAddress);
///////////////////////////////////////////////////////////////////
// Events
///////////////////////////////////////////////////////////////////
event VaultAdded(address indexed asset, address indexed vault);
event VaultRemoved(address indexed asset, address indexed vault);
///////////////////////////////////////////////////////////////////
// Functions
///////////////////////////////////////////////////////////////////
/// @notice Checks if an address is a valid vault
/// @param vaultAddress Vault address to be added
function isVault(address vaultAddress) external view returns (bool);
/// @notice Registers a vault
/// @param vaultAddress Vault address to be added
function addVault(address vaultAddress) external;
/// @notice Removes vault registration
/// @param vaultAddress Vault address to be removed
function removeVault(address vaultAddress) external;
/// @notice Returns a list of all registered vaults
function listVaults() external view returns (address[] memory);
/// @notice Returns a list of all registered vaults for a given asset
/// @param asset Asset address
function listVaultsForAsset(address asset) external view returns (address[] memory);
/// @notice Returns a list of all registered vaults for a given type
/// @param _vaultType Vault type
function listVaultsForType(bytes32 _vaultType) external view returns (address[] memory);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IStrategy } from "src/interfaces/strategy/IStrategy.sol";
interface IAutopoolStrategy {
enum RebalanceDirection {
In,
Out
}
/// @notice verify that a rebalance (swap between destinations) meets all the strategy constraints
/// @dev Signature identical to IStrategy.verifyRebalance
function verifyRebalance(
IStrategy.RebalanceParams memory,
IStrategy.SummaryStats memory
) external returns (bool, string memory message);
/// @notice called by the Autopool when NAV is updated
/// @dev can only be called by the strategy's registered Autopool
/// @param navPerShare The navPerShare to record
function navUpdate(uint256 navPerShare) external;
/// @notice called by the Autopool when a rebalance is completed
/// @dev can only be called by the strategy's registered Autopool
/// @param rebalanceParams The parameters for the rebalance that was executed
function rebalanceSuccessfullyExecuted(IStrategy.RebalanceParams memory rebalanceParams) external;
/// @notice called by the Autopool during rebalance process
/// @param rebalanceParams The parameters for the rebalance that was executed
function getRebalanceOutSummaryStats(IStrategy.RebalanceParams memory rebalanceParams)
external
returns (IStrategy.SummaryStats memory outSummary);
/// @notice Returns all hooks registered on strategy
/// @dev Will return zero addresses for unregistered hooks
/// @return hooks Array of hook addresses
function getHooks() external view returns (address[] memory hooks);
/// @notice the number of days to pause rebalancing due to NAV decay
function pauseRebalancePeriodInDays() external view returns (uint16);
/// @notice the number of seconds gap between consecutive rebalances
function rebalanceTimeGapInSeconds() external view returns (uint256);
/// @notice destinations trading a premium above maxPremium will be blocked from new capital deployments
function maxPremium() external view returns (int256); // 100% = 1e18
/// @notice destinations trading a discount above maxDiscount will be blocked from new capital deployments
function maxDiscount() external view returns (int256); // 100% = 1e18
/// @notice the allowed staleness of stats data before a revert occurs
function staleDataToleranceInSeconds() external view returns (uint40);
/// @notice the swap cost offset period to initialize the strategy with
function swapCostOffsetInitInDays() external view returns (uint16);
/// @notice the number of violations required to trigger a tightening of the swap cost offset period (1 to 10)
function swapCostOffsetTightenThresholdInViolations() external view returns (uint16);
/// @notice the number of days to decrease the swap offset period for each tightening step
function swapCostOffsetTightenStepInDays() external view returns (uint16);
/// @notice the number of days since a rebalance required to trigger a relaxing of the swap cost offset period
function swapCostOffsetRelaxThresholdInDays() external view returns (uint16);
/// @notice the number of days to increase the swap offset period for each relaxing step
function swapCostOffsetRelaxStepInDays() external view returns (uint16);
// slither-disable-start similar-names
/// @notice the maximum the swap cost offset period can reach. This is the loosest the strategy will be
function swapCostOffsetMaxInDays() external view returns (uint16);
/// @notice the minimum the swap cost offset period can reach. This is the most conservative the strategy will be
function swapCostOffsetMinInDays() external view returns (uint16);
/// @notice the number of days for the first NAV decay comparison (e.g., 30 days)
function navLookback1InDays() external view returns (uint8);
/// @notice the number of days for the second NAV decay comparison (e.g., 60 days)
function navLookback2InDays() external view returns (uint8);
/// @notice the number of days for the third NAV decay comparison (e.g., 90 days)
function navLookback3InDays() external view returns (uint8);
// slither-disable-end similar-names
/// @notice the maximum slippage that is allowed for a normal rebalance
function maxNormalOperationSlippage() external view returns (uint256); // 100% = 1e18
/// @notice the maximum amount of slippage to allow when a destination is trimmed due to constraint violations
/// recommend setting this higher than maxNormalOperationSlippage
function maxTrimOperationSlippage() external view returns (uint256); // 100% = 1e18
/// @notice the maximum amount of slippage to allow when a destinationVault has been shutdown
/// shutdown for a vault is abnormal and means there is an issue at that destination
/// recommend setting this higher than maxNormalOperationSlippage
function maxEmergencyOperationSlippage() external view returns (uint256); // 100% = 1e18
/// @notice the maximum amount of slippage to allow when the Autopool has been shutdown
function maxShutdownOperationSlippage() external view returns (uint256); // 100% = 1e18
/// @notice the maximum discount used for price return
function maxAllowedDiscount() external view returns (int256); // 18 precision
/// @notice model weight used for LSTs base yield, 1e6 is the highest
function weightBase() external view returns (uint256);
/// @notice model weight used for DEX fee yield, 1e6 is the highest
function weightFee() external view returns (uint256);
/// @notice model weight used for incentive yield
function weightIncentive() external view returns (uint256);
/// @notice model weight applied to an LST discount when exiting the position
function weightPriceDiscountExit() external view returns (int256);
/// @notice model weight applied to an LST discount when entering the position
function weightPriceDiscountEnter() external view returns (int256);
/// @notice model weight applied to an LST premium when entering or exiting the position
function weightPricePremium() external view returns (int256);
/// @notice initial value of the swap cost offset to use
function swapCostOffsetInit() external view returns (uint16);
/// @notice initial lst price gap tolerance
function defaultLstPriceGapTolerance() external view returns (uint256);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
interface IBaseAssetVault {
/// @notice Asset that this Vault primarily manages
/// @dev Vault decimals should be the same as the baseAsset
function baseAsset() external view returns (address);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
interface IBaseRewarder {
error RecoverDurationPending();
event RewardAdded(
uint256 reward,
uint256 rewardRate,
uint256 lastUpdateBlock,
uint256 periodInBlockFinish,
uint256 historicalRewards
);
event UserRewardUpdated(
address indexed user, uint256 amount, uint256 rewardPerTokenStored, uint256 lastUpdateBlock
);
event Staked(address indexed user, uint256 amount);
event Withdrawn(address indexed user, uint256 amount);
event RewardPaid(address indexed user, address indexed recipient, uint256 reward);
event QueuedRewardsUpdated(uint256 startingQueuedRewards, uint256 startingNewRewards, uint256 queuedRewards);
event AddedToWhitelist(address indexed wallet);
event RemovedFromWhitelist(address indexed wallet);
event TokeLockDurationUpdated(uint256 newDuration);
event Recovered(address token, address recipient, uint256 amount);
/**
* @notice Claims and transfers all rewards for the specified account
*/
function getReward() external;
/**
* @notice Stakes the specified amount of tokens for the specified account.
* @param account The address of the account to stake tokens for.
* @param amount The amount of tokens to stake.
*/
function stake(address account, uint256 amount) external;
/**
* @notice Calculate the earned rewards for an account.
* @param account Address of the account.
* @return The earned rewards for the given account.
*/
function earned(address account) external view returns (uint256);
/**
* @notice Calculates the rewards per token for the current block.
* @dev The total amount of rewards available in the system is fixed, and it needs to be distributed among the users
* based on their token balances and staking duration.
* Rewards per token represent the amount of rewards that each token is entitled to receive at the current block.
* The calculation takes into account the reward rate, the time duration since the last update,
* and the total supply of tokens in the staking pool.
* @return The updated rewards per token value for the current block.
*/
function rewardPerToken() external view returns (uint256);
/**
* @notice Get the current reward rate per block.
* @return The current reward rate per block.
*/
function rewardRate() external view returns (uint256);
/**
* @notice Get the current TOKE lock duration.
* @return The current TOKE lock duration.
*/
function tokeLockDuration() external view returns (uint256);
/**
* @notice Get the last block where rewards are applicable.
* @return The last block number where rewards are applicable.
*/
function lastBlockRewardApplicable() external view returns (uint256);
/**
* @notice The total amount of tokens staked
*/
function totalSupply() external view returns (uint256);
/**
* @notice The amount of tokens staked for the specified account
* @param account The address of the account to get the balance of
*/
function balanceOf(address account) external view returns (uint256);
/**
* @notice Queue new rewards to be distributed.
* @param newRewards The amount of new rewards to be queued.
*/
function queueNewRewards(uint256 newRewards) external;
/**
* @notice Token distributed as rewards
* @return reward token address
*/
function rewardToken() external view returns (address);
/**
* @notice Add an address to the whitelist.
* @param wallet The address to be added to the whitelist.
*/
function addToWhitelist(address wallet) external;
/**
* @notice Remove an address from the whitelist.
* @param wallet The address to be removed from the whitelist.
*/
function removeFromWhitelist(address wallet) external;
/**
* @notice Recovers tokens from the rewarder. However, a recovery duration of 1 year is applicable for reward token
* @param token Address of token
* @param recipient recipient Address of recipient
*/
function recover(address token, address recipient) external;
/**
* @notice Check if an address is whitelisted.
* @param wallet The address to be checked.
* @return bool indicating if the address is whitelisted.
*/
function isWhitelisted(address wallet) external view returns (bool);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
interface ICurveResolver {
/// @notice Resolve details of a Curve pool regardless of type or version
/// @dev This resolves tokens without unwrapping to underlying in the case of meta pools.
/// @param poolAddress pool address to lookup
/// @return tokens tokens that make up the pool
/// @return numTokens the number of tokens. tokens are not unwrapped.
/// @return isStableSwap is this a StableSwap pool. false = CryptoSwap
function resolve(address poolAddress)
external
view
returns (address[8] memory tokens, uint256 numTokens, bool isStableSwap);
/// @notice Resolve details of a Curve pool regardless of type or version
/// @dev This resolves tokens without unwrapping to underlying in the case of meta pools.
/// @dev Use the isStableSwap value to differentiate between StableSwap (V1) and CryptoSwap (V2) pools.
/// @param poolAddress pool address to lookup
/// @return tokens tokens that make up the pool
/// @return numTokens the number of tokens. tokens are not unwrapped
/// @return lpToken lp token of the pool
/// @return isStableSwap is this a StableSwap pool. false = CryptoSwap
function resolveWithLpToken(address poolAddress)
external
view
returns (address[8] memory tokens, uint256 numTokens, address lpToken, bool isStableSwap);
/// @notice Get the lp token of a Curve pool
/// @param poolAddress pool address to lookup
function getLpToken(address poolAddress) external view returns (address);
/// @notice Get the reserves of a Curve pools' tokens
/// @dev Actual balances length might differ from 8 and should be verified by the caller
/// @param poolAddress pool address to lookup
/// @return balances reserves of the pool tokens
function getReservesInfo(address poolAddress) external view returns (uint256[8] memory balances);
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
/**
* @title IDestinationAdapter
* @dev This is a super-interface to unify different types of adapters to be registered in Destination Registry.
* Specific interface type is defined by extending from this interface.
*/
interface IDestinationAdapter {
error MustBeMoreThanZero();
error ArraysLengthMismatch();
error BalanceMustIncrease();
error MinLpAmountNotReached();
error LpTokenAmountMismatch();
error NoNonZeroAmountProvided();
error InvalidBalanceChange();
error InvalidAddress(address);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IDestinationAdapter } from "src/interfaces/destinations/IDestinationAdapter.sol";
interface IDestinationRegistry {
event Register(bytes32[] indexed destinationTypes, address[] indexed targets);
event Replace(bytes32[] indexed destinationTypes, address[] indexed targets);
event Unregister(bytes32[] indexed destinationTypes);
event Whitelist(bytes32[] indexed destinationTypes);
event RemoveFromWhitelist(bytes32[] indexed destinationTypes);
error InvalidAddress(address addr);
error NotAllowedDestination();
error DestinationAlreadySet();
/**
* @notice Adds a new addresses of the given destination types
* @dev Fails if trying to overwrite previous value of the same destination type
* @param destinationTypes Ones from the destination type whitelist
* @param targets addresses of the deployed DestinationAdapters, cannot be 0
*/
function register(bytes32[] calldata destinationTypes, address[] calldata targets) external;
/**
* @notice Replaces an addresses of the given destination types
* @dev Fails if given destination type was not set previously
* @param destinationTypes Ones from the destination type whitelist
* @param targets addresses of the deployed DestinationAdapters, cannot be 0
*/
function replace(bytes32[] calldata destinationTypes, address[] calldata targets) external;
/**
* @notice Removes an addresses of the given pre-registered destination types
* @param destinationTypes Ones from the destination types whitelist
*/
function unregister(bytes32[] calldata destinationTypes) external;
/**
* @notice Gives an address of the given destination type
* @dev Should revert on missing destination
* @param destination One from the destination type whitelist
*/
function getAdapter(bytes32 destination) external returns (IDestinationAdapter);
/**
* @notice Adds given destination types to the whitelist
* @param destinationTypes Types to whitelist
*/
function addToWhitelist(bytes32[] calldata destinationTypes) external;
/**
* @notice Removes given pre-whitelisted destination types
* @param destinationTypes Ones from the destination type whitelist
*/
function removeFromWhitelist(bytes32[] calldata destinationTypes) external;
/**
* @notice Checks if the given destination type is whitelisted
* @param destinationType Type to verify
*/
function isWhitelistedDestination(bytes32 destinationType) external view returns (bool);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IERC20Metadata as IERC20 } from "openzeppelin-contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { IBaseAssetVault } from "src/interfaces/vault/IBaseAssetVault.sol";
import { IMainRewarder } from "src/interfaces/rewarders/IMainRewarder.sol";
import { IDexLSTStats } from "src/interfaces/stats/IDexLSTStats.sol";
import { ISystemComponent } from "src/interfaces/ISystemComponent.sol";
interface IDestinationVault is ISystemComponent, IBaseAssetVault, IERC20 {
enum VaultShutdownStatus {
Active,
Deprecated,
Exploit
}
error LogicDefect();
error BaseAmountReceived(uint256 amount);
/* ******************************** */
/* View */
/* ******************************** */
/// @notice A full unit of this vault
// solhint-disable-next-line func-name-mixedcase
function ONE() external view returns (uint256);
/// @notice The asset that is deposited into the vault
function underlying() external view returns (address);
/// @notice The asset that rewards and withdrawals to the Autopool are denominated in
/// @inheritdoc IBaseAssetVault
function baseAsset() external view override returns (address);
/// @notice Debt balance of underlying asset that is in contract. This
/// value includes only assets that are known as debt by the rest of the
/// system (i.e. transferred in on rebalance), and does not include
/// extraneous amounts of underlyer that may have ended up in this contract.
function internalDebtBalance() external view returns (uint256);
/// @notice Debt balance of underlying asset staked externally. This value only
/// includes assets known as debt to the rest of the system, and does not include
/// any assets staked on behalf of the DV in external contracts.
function externalDebtBalance() external view returns (uint256);
/// @notice Returns true value of _underlyer in DV. Debt + tokens that may have
/// been transferred into the contract outside of rebalance.
function internalQueriedBalance() external view returns (uint256);
/// @notice Returns true value of staked _underlyer in external contract. This
/// will include any _underlyer that has been staked on behalf of the DV.
function externalQueriedBalance() external view returns (uint256);
/// @notice Balance of underlying debt, sum of `externalDebtBalance()` and `internalDebtBalance()`.
function balanceOfUnderlyingDebt() external view returns (uint256);
/// @notice Rewarder for this vault
function rewarder() external view returns (address);
/// @notice Exchange this destination vault points to
function exchangeName() external view returns (string memory);
/// @notice The type of pool associated with this vault
function poolType() external view returns (string memory);
/// @notice If the pool only deals in ETH when adding or removing liquidity
function poolDealInEth() external view returns (bool);
/// @notice Tokens that base asset can be swapped into
function underlyingTokens() external view returns (address[] memory);
/* ******************************** */
/* Events */
/* ******************************** */
event Donated(address sender, uint256 amount);
event Withdraw(
uint256 target, uint256 actual, uint256 debtLoss, uint256 claimLoss, uint256 fromIdle, uint256 fromDebt
);
event UpdateSignedMessage(bytes32 hash, bool flag);
/* ******************************** */
/* Errors */
/* ******************************** */
error ZeroAddress(string paramName);
error InvalidShutdownStatus(VaultShutdownStatus status);
/* ******************************** */
/* Functions */
/* ******************************** */
/// @notice Setup the contract. These will be cloned so no constructor
/// @param baseAsset_ Base asset of the system. WETH/USDC/etc
/// @param underlyer_ Underlying asset the vault will wrap
/// @param rewarder_ Reward tracker for this vault
/// @param incentiveCalculator_ Incentive calculator for this vault
/// @param additionalTrackedTokens_ Additional tokens that should be considered 'tracked'
/// @param params_ Any extra parameters needed to setup the contract
function initialize(
IERC20 baseAsset_,
IERC20 underlyer_,
IMainRewarder rewarder_,
address incentiveCalculator_,
address[] memory additionalTrackedTokens_,
bytes memory params_
) external;
function getRangePricesLP() external returns (uint256 spotPrice, uint256 safePrice, bool isSpotSafe);
/// @notice Calculates the current value of a portion of the debt based on shares
/// @dev Queries the current value of all tokens we have deployed, whether its a single place, multiple, staked, etc
/// @param shares The number of shares to value
/// @return value The current value of our debt in terms of the baseAsset
function debtValue(uint256 shares) external returns (uint256 value);
/// @notice Collects any earned rewards from staking, incentives, etc. Transfers to sender
/// @dev Should be limited to LIQUIDATOR_MANAGER. Rewards must be collected before claimed
/// @return amounts amount of rewards claimed for each token
/// @return tokens tokens claimed
function collectRewards() external returns (uint256[] memory amounts, address[] memory tokens);
/// @notice Pull any non-tracked token to the specified destination
/// @dev Should be limited to TOKEN_RECOVERY_MANAGER
function recover(address[] calldata tokens, uint256[] calldata amounts, address[] calldata destinations) external;
/// @notice Recovers any extra underlying both in DV and staked externally not tracked as debt.
/// @dev Should be limited to TOKEN_SAVER_ROLE.
/// @param destination The address to send excess underlyer to.
function recoverUnderlying(address destination) external;
/// @notice Deposit underlying to receive destination vault shares
/// @param amount amount of base lp asset to deposit
function depositUnderlying(uint256 amount) external returns (uint256 shares);
/// @notice Withdraw underlying by burning destination vault shares
/// @param shares amount of destination vault shares to burn
/// @param to destination of the underlying asset
/// @return amount underlyer amount 'to' received
function withdrawUnderlying(uint256 shares, address to) external returns (uint256 amount);
/// @notice Burn specified shares for underlyer swapped to base asset
/// @param shares amount of vault shares to burn
/// @param to destination of the base asset
/// @return amount base asset amount 'to' received
/// @return tokens the tokens burned to get the base asset
/// @return tokenAmounts the amount of the tokens burned to get the base asset
function withdrawBaseAsset(
uint256 shares,
address to
) external returns (uint256 amount, address[] memory tokens, uint256[] memory tokenAmounts);
/// @notice Mark this vault as shutdown so that autoPools can react
function shutdown(VaultShutdownStatus reason) external;
/// @notice True if the vault has been shutdown
function isShutdown() external view returns (bool);
/// @notice Returns the reason for shutdown (or `Active` if not shutdown)
function shutdownStatus() external view returns (VaultShutdownStatus);
/// @notice Stats contract for this vault
function getStats() external view returns (IDexLSTStats);
/// @notice get the marketplace rewards
/// @return rewardTokens list of reward token addresses
/// @return rewardRates list of reward rates
function getMarketplaceRewards() external returns (uint256[] memory rewardTokens, uint256[] memory rewardRates);
/// @notice Get the address of the underlying pool the vault points to
/// @return poolAddress address of the underlying pool
function getPool() external view returns (address poolAddress);
/// @notice Gets the spot price of the underlying LP token
/// @dev Price validated to be inside our tolerance against safe price. Will revert if outside.
/// @return price Value of 1 unit of the underlying LP token in terms of the base asset
function getValidatedSpotPrice() external returns (uint256 price);
/// @notice Gets the safe price of the underlying LP token
/// @dev Price validated to be inside our tolerance against spot price. Will revert if outside.
/// @return price Value of 1 unit of the underlying LP token in terms of the base asset
function getValidatedSafePrice() external returns (uint256 price);
/// @notice Get the lowest price we can get for the LP token
/// @dev This price can be attacked is not validate to be in any range
/// @return price Value of 1 unit of the underlying LP token in terms of the base asset
function getUnderlyerFloorPrice() external returns (uint256 price);
/// @notice Get the highest price we can get for the LP token
/// @dev This price can be attacked is not validate to be in any range
/// @return price Value of 1 unit of the underlying LP token in terms of the base asset
function getUnderlyerCeilingPrice() external returns (uint256 price);
/// @notice Set or unset a hash as a signed message
/// @dev Should be limited to DESTINATION_VAULTS_UPDATER. The set hash is used to validate a signature.
/// This signature can be potentially used to claim offchain rewards earned by Destination Vaults.
/// @param hash bytes32 hash of a payload
/// @param flag boolean flag to indicate a validity of hash
function setMessage(bytes32 hash, bool flag) external;
/// @notice Allows to change the incentive calculator of destination vault
/// @dev Only works when vault is shutdown, also validates the calculator before updating
/// @param incentiveCalculator address of the new incentive calculator
function setIncentiveCalculator(address incentiveCalculator) external;
/// @notice Allows to change the extension contract
/// @dev Should be limited to DESTINATION_VAULT_MANAGER
/// @param extension contract address
function setExtension(address extension) external;
/// @notice Calls the execute function of the extension contract
/// @dev Should be limited to DESTINATION_VAULT_MANAGER
/// @dev Special care should be taken to ensure that balances hasn't been manipulated
/// @param data any data that the extension contract needs
function executeExtension(bytes calldata data) external;
/// @notice Returns the max recoup credit given during the withdraw of an undervalued destination
function recoupMaxCredit() external view returns (uint256);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { ISystemComponent } from "src/interfaces/ISystemComponent.sol";
/// @notice Creates and registers Destination Vaults for the system
interface IDestinationVaultFactory is ISystemComponent {
/// @notice Creates a vault of the specified type
/// @dev vaultType will be bytes32 encoded and checked that a template is registered
/// @param vaultType human readable key of the vault template
/// @param baseAsset Base asset of the system. WETH/USDC/etc
/// @param underlyer Underlying asset the vault will wrap
/// @param incentiveCalculator Incentive calculator of the vault
/// @param additionalTrackedTokens Any tokens in addition to base and underlyer that should be tracked
/// @param salt Contracts are created via CREATE2 with this value
/// @param params params to be passed to vaults initialize function
/// @return vault address of the newly created destination vault
function create(
string memory vaultType,
address baseAsset,
address underlyer,
address incentiveCalculator,
address[] memory additionalTrackedTokens,
bytes32 salt,
bytes memory params
) external returns (address vault);
/// @notice Sets the default reward ratio
/// @param rewardRatio new default reward ratio
function setDefaultRewardRatio(uint256 rewardRatio) external;
/// @notice Sets the default reward block duration
/// @param blockDuration new default reward block duration
function setDefaultRewardBlockDuration(uint256 blockDuration) external;
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IDestinationVaultFactory } from "src/interfaces/vault/IDestinationVaultFactory.sol";
/// @notice Tracks valid Destination Vaults for the system
interface IDestinationVaultRegistry {
/// @notice Determines if a given address is a valid Destination Vault in the system
/// @param destinationVault address to check
/// @return True if vault is registered
function isRegistered(address destinationVault) external view returns (bool);
/// @notice Registers a new Destination Vault
/// @dev Should be locked down to only a factory
/// @param newDestinationVault Address of the new vault
function register(address newDestinationVault) external;
/// @notice Checks if an address is a valid Destination Vault and reverts if not
/// @param destinationVault Destination Vault address to checked
function verifyIsRegistered(address destinationVault) external view;
/// @notice Returns a list of all registered vaults
function listVaults() external view returns (address[] memory);
/// @notice Factory that is allowed to create and registry Destination Vaults
function factory() external view returns (IDestinationVaultFactory);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { ILSTStats } from "src/interfaces/stats/ILSTStats.sol";
/// @title Return stats DEXs with LSTs
interface IDexLSTStats {
event DexSnapshotTaken(uint256 snapshotTimestamp, uint256 priorFeeApr, uint256 newFeeApr, uint256 unfilteredFeeApr);
struct StakingIncentiveStats {
// time-weighted average total supply to prevent spikes/attacks from impacting rebalancing
uint256 safeTotalSupply;
// rewardTokens, annualizedRewardAmounts, and periodFinishForRewards will match indexes
// they are split to workaround an issue with forge having nested structs
// address of the reward tokens
address[] rewardTokens;
// the annualized reward rate for the reward token
uint256[] annualizedRewardAmounts;
// the timestamp for when the rewards are set to terminate
uint40[] periodFinishForRewards;
// incentive rewards score. max 48, min 0
uint8 incentiveCredits;
}
struct DexLSTStatsData {
uint256 lastSnapshotTimestamp;
uint256 feeApr;
uint256[] reservesInEth;
StakingIncentiveStats stakingIncentiveStats;
ILSTStats.LSTStatsData[] lstStatsData;
}
/// @notice Get the current stats for the DEX with underlying LST tokens
/// @dev Returned data is a combination of current data and filtered snapshots
/// @return dexLSTStatsData current data on the DEX
function current() external returns (DexLSTStatsData memory dexLSTStatsData);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(
address from,
address to,
uint256 amount
) external returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*
* _Available since v4.1._
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (interfaces/IERC3156FlashBorrower.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC3156 FlashBorrower, as defined in
* https://eips.ethereum.org/EIPS/eip-3156[ERC-3156].
*
* _Available since v4.1._
*/
interface IERC3156FlashBorrower {
/**
* @dev Receive a flash loan.
* @param initiator The initiator of the loan.
* @param token The loan currency.
* @param amount The amount of tokens lent.
* @param fee The additional amount of tokens to repay.
* @param data Arbitrary data structure, intended to contain user-defined parameters.
* @return The keccak256 hash of "IERC3156FlashBorrower.onFlashLoan"
*/
function onFlashLoan(
address initiator,
address token,
uint256 amount,
uint256 fee,
bytes calldata data
) external returns (bytes32);
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import { IERC20Metadata } from "openzeppelin-contracts/token/ERC20/extensions/IERC20Metadata.sol";
/// @dev Interface of the ERC4626 "Tokenized Vault Standard", as defined in https://eips.ethereum.org/EIPS/eip-4626
/// @dev Due to the nature of obtaining estimates for previewing withdraws and redeems, a few functions are not
/// view and therefore do not conform to eip 4626. These functions use state changing operations
/// to get accurate estimates, reverting after the preview amounts have been obtained.
interface IERC4626 is IERC20Metadata {
event Deposit(address indexed sender, address indexed owner, uint256 assets, uint256 shares);
event Withdraw(
address indexed sender, address indexed receiver, address indexed owner, uint256 assets, uint256 shares
);
/// @notice Returns the address of the underlying token used for the Vault for accounting, depositing, and
/// withdrawing.
/// @dev
/// - MUST be an ERC-20 token contract.
/// - MUST NOT revert.
function asset() external view returns (address assetTokenAddress);
/// @notice Returns the total amount of the underlying asset that is “managed” by Vault.
/// @dev
/// - SHOULD include any compounding that occurs from yield.
/// - MUST be inclusive of any fees that are charged against assets in the Vault.
/// - MUST NOT revert.
function totalAssets() external view returns (uint256 totalManagedAssets);
/// @notice Returns the amount of shares that the Vault would exchange for the amount of assets provided, in an
/// ideal
/// scenario where all the conditions are met.
/// @dev
/// - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
/// - MUST NOT show any variations depending on the caller.
/// - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
/// - MUST NOT revert.
///
/// NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
/// “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
/// from.
function convertToShares(uint256 assets) external view returns (uint256 shares);
/// @notice Returns the amount of assets that the Vault would exchange for the amount of shares provided, in an
/// ideal
/// scenario where all the conditions are met.
/// @dev
/// - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
/// - MUST NOT show any variations depending on the caller.
/// - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
/// - MUST NOT revert.
///
/// NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
/// “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
/// from.
function convertToAssets(uint256 shares) external view returns (uint256 assets);
/// @notice Returns the maximum amount of the underlying asset that can be deposited into the Vault for the
/// receiver,
/// through a deposit call.
/// @dev
/// - MUST return a limited value if receiver is subject to some deposit limit.
/// - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of assets that may be deposited.
/// - MUST NOT revert.
function maxDeposit(address receiver) external returns (uint256 maxAssets);
/// @notice Allows an on-chain or off-chain user to simulate the effects of their deposit at the current block,
/// given
/// current on-chain conditions.
/// @dev
/// - MUST return as close to and no more than the exact amount of Vault shares that would be minted in a deposit
/// call in the same transaction. I.e. deposit should return the same or more shares as previewDeposit if called
/// in the same transaction.
/// - MUST NOT account for deposit limits like those returned from maxDeposit and should always act as though the
/// deposit would be accepted, regardless if the user has enough tokens approved, etc.
/// - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
/// - MUST NOT revert.
///
/// NOTE: any unfavorable discrepancy between convertToShares and previewDeposit SHOULD be considered slippage in
/// share price or some other type of condition, meaning the depositor will lose assets by depositing.
function previewDeposit(uint256 assets) external returns (uint256 shares);
/// @notice Mints shares Vault shares to receiver by depositing exactly amount of underlying tokens.
/// @dev
/// - MUST emit the Deposit event.
/// - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
/// deposit execution, and are accounted for during deposit.
/// - MUST revert if all of assets cannot be deposited (due to deposit limit being reached, slippage, the user not
/// approving enough underlying tokens to the Vault contract, etc).
///
/// NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
function deposit(uint256 assets, address receiver) external returns (uint256 shares);
/// @notice Returns the maximum amount of the Vault shares that can be minted for the receiver, through a mint call.
/// @dev
/// - MUST return a limited value if receiver is subject to some mint limit.
/// - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of shares that may be minted.
/// - MUST NOT revert.
function maxMint(address receiver) external returns (uint256 maxShares);
/// @notice Allows an on-chain or off-chain user to simulate the effects of their mint at the current block, given
/// current on-chain conditions.
/// @dev
/// - MUST return as close to and no fewer than the exact amount of assets that would be deposited in a mint call
/// in the same transaction. I.e. mint should return the same or fewer assets as previewMint if called in the
/// same transaction.
/// - MUST NOT account for mint limits like those returned from maxMint and should always act as though the mint
/// would be accepted, regardless if the user has enough tokens approved, etc.
/// - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
/// - MUST NOT revert.
///
/// NOTE: any unfavorable discrepancy between convertToAssets and previewMint SHOULD be considered slippage in
/// share price or some other type of condition, meaning the depositor will lose assets by minting.
function previewMint(uint256 shares) external returns (uint256 assets);
/// @notice Mints exactly shares Vault shares to receiver by depositing amount of underlying tokens.
/// @dev
/// - MUST emit the Deposit event.
/// - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the mint
/// execution, and are accounted for during mint.
/// - MUST revert if all of shares cannot be minted (due to deposit limit being reached, slippage, the user not
/// approving enough underlying tokens to the Vault contract, etc).
///
/// NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
function mint(uint256 shares, address receiver) external returns (uint256 assets);
/// @notice Returns the maximum amount of the underlying asset that can be withdrawn from the owner balance in the
/// Vault, through a withdraw call.
/// @dev
/// - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
/// - MUST NOT revert.
function maxWithdraw(address owner) external returns (uint256 maxAssets);
/// @notice Allows an on-chain or off-chain user to simulate the effects of their withdrawal at the current block,
/// given current on-chain conditions.
/// @dev
/// - MUST return as close to and no fewer than the exact amount of Vault shares that would be burned in a withdraw
/// call in the same transaction. I.e. withdraw should return the same or fewer shares as previewWithdraw if
/// called
/// in the same transaction.
/// - MUST NOT account for withdrawal limits like those returned from maxWithdraw and should always act as though
/// the withdrawal would be accepted, regardless if the user has enough shares, etc.
/// - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
/// - MUST NOT revert.
///
/// NOTE: any unfavorable discrepancy between convertToShares and previewWithdraw SHOULD be considered slippage in
/// share price or some other type of condition, meaning the depositor will lose assets by depositing.
function previewWithdraw(uint256 assets) external returns (uint256 shares);
/// @notice Burns shares from owner and sends exactly assets of underlying tokens to receiver.
/// @dev
/// - MUST emit the Withdraw event.
/// - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
/// withdraw execution, and are accounted for during withdraw.
/// - MUST revert if all of assets cannot be withdrawn (due to withdrawal limit being reached, slippage, the owner
/// not having enough shares, etc).
///
/// Note that some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
/// Those methods should be performed separately.
function withdraw(uint256 assets, address receiver, address owner) external returns (uint256 shares);
/// @notice Returns the maximum amount of Vault shares that can be redeemed from the owner balance in the Vault,
/// through a redeem call.
/// @dev
/// - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
/// - MUST return balanceOf(owner) if owner is not subject to any withdrawal limit or timelock.
/// - MUST NOT revert.
function maxRedeem(address owner) external returns (uint256 maxShares);
/// @notice Allows an on-chain or off-chain user to simulate the effects of their redeemption at the current block,
/// given current on-chain conditions.
/// @dev
/// - MUST return as close to and no more than the exact amount of assets that would be withdrawn in a redeem call
/// in the same transaction. I.e. redeem should return the same or more assets as previewRedeem if called in the
/// same transaction.
/// - MUST NOT account for redemption limits like those returned from maxRedeem and should always act as though the
/// redemption would be accepted, regardless if the user has enough shares, etc.
/// - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
/// - MUST NOT revert.
///
/// NOTE: any unfavorable discrepancy between convertToAssets and previewRedeem SHOULD be considered slippage in
/// share price or some other type of condition, meaning the depositor will lose assets by redeeming.
function previewRedeem(uint256 shares) external returns (uint256 assets);
/// @notice Burns exactly shares from owner and sends assets of underlying tokens to receiver.
/// @dev
/// - MUST emit the Withdraw event.
/// - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
/// redeem execution, and are accounted for during redeem.
/// - MUST revert if all of shares cannot be redeemed (due to withdrawal limit being reached, slippage, the owner
/// not having enough shares, etc).
///
/// NOTE: some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
/// Those methods should be performed separately.
function redeem(uint256 shares, address receiver, address owner) external returns (uint256 assets);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IBaseRewarder } from "src/interfaces/rewarders/IBaseRewarder.sol";
interface IExtraRewarder is IBaseRewarder {
/**
* @notice Withdraws the specified amount of tokens from the vault for the specified account.
* @param account The address of the account to withdraw tokens for.
* @param amount The amount of tokens to withdraw.
*/
function withdraw(address account, uint256 amount) external;
/**
* @notice Claims and transfers all rewards for the specified account from this contract.
* @param account The address of the account to claim rewards for.
* @param recipient The address to send the rewards to.
*/
function getReward(address account, address recipient) external;
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
/// @title EWMA pricing for incentive tokens
interface IIncentivesPricingStats {
event TokenAdded(address indexed token);
event TokenRemoved(address indexed token);
event TokenSnapshot(
address indexed token,
uint40 lastSnapshot,
uint256 fastFilterPrice,
uint256 slowFilterPrice,
uint256 initCount,
bool initComplete
);
error TokenAlreadyRegistered(address token);
error TokenNotFound(address token);
error IncentiveTokenPriceStale(address token);
error TokenSnapshotNotReady(address token);
struct TokenSnapshotInfo {
uint40 lastSnapshot;
bool _initComplete;
uint8 _initCount;
uint256 _initAcc;
uint256 fastFilterPrice;
uint256 slowFilterPrice;
}
/// @notice add a token to snapshot
/// @dev the token must be configured in the RootPriceOracle before adding here
/// @param token the address of the token to add
function setRegisteredToken(address token) external;
/// @notice remove a token from being snapshot
/// @param token the address of the token to remove
function removeRegisteredToken(address token) external;
/// @notice get the addresses for all currently registered tokens
/// @return tokens all of the registered token addresses
function getRegisteredTokens() external view returns (address[] memory tokens);
/// @notice get all of the registered tokens with the latest snapshot info
/// @return tokenAddresses token addresses in the same order as info
/// @return info a list of snapshot info for the tokens
function getTokenPricingInfo()
external
view
returns (address[] memory tokenAddresses, TokenSnapshotInfo[] memory info);
/// @notice update the snapshot for the specified tokens
/// @dev if a token is not ready to be snapshot the entire call will fail
function snapshot(address[] calldata tokensToSnapshot) external;
/// @notice get the latest prices for an incentive token. Reverts if token is not registered
/// @return fastPrice the price based on the faster filter (weighted toward current prices)
/// @return slowPrice the price based on the slower filter (weighted toward older prices, relative to fast)
function getPrice(address token, uint40 staleCheck) external view returns (uint256 fastPrice, uint256 slowPrice);
/// @notice get the latest prices for an incentive token or zero if the token is not registered
/// @return fastPrice the price based on the faster filter (weighted toward current prices)
/// @return slowPrice the price based on the slower filter (weighted toward older prices, relative to fast)
function getPriceOrZero(
address token,
uint40 staleCheck
) external view returns (uint256 fastPrice, uint256 slowPrice);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
/// @title Return stats on base LSTs
interface ILSTStats {
struct LSTStatsData {
uint256 lastSnapshotTimestamp;
uint256 baseApr;
int256 discount; // positive number is a discount, negative is a premium
uint24[10] discountHistory; // 7 decimal precision
uint40 discountTimestampByPercent; // timestamp that the token reached 1pct discount
}
/// @notice Get the current stats for the LST
/// @dev Returned data is a combination of current data and filtered snapshots
/// @return lstStatsData current data on the LST
function current() external returns (LSTStatsData memory lstStatsData);
/// @notice Get the EthPerToken (or Share) for the LST
/// @return ethPerShare the backing eth for the LST
function calculateEthPerToken() external view returns (uint256 ethPerShare);
/// @notice Get if the underlying LST token is rebasing
/// @return rebasing is true if the lst is a rebasing token
function isRebasing() external view returns (bool rebasing);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IBaseRewarder } from "src/interfaces/rewarders/IBaseRewarder.sol";
import { IExtraRewarder } from "src/interfaces/rewarders/IExtraRewarder.sol";
interface IMainRewarder is IBaseRewarder {
error ExtraRewardsNotAllowed();
error MaxExtraRewardsReached();
/// @notice Extra rewards can be added, but not removed, ref: https://github.com/Tokemak/v2-core/issues/659
event ExtraRewardAdded(address reward);
/**
* @notice Adds an ExtraRewarder contract address to the extraRewards array.
* @param reward The address of the ExtraRewarder contract.
*/
function addExtraReward(address reward) external;
/**
* @notice Withdraws the specified amount of tokens from the vault for the specified account, and transfers all
* rewards for the account from this contract and any linked extra reward contracts.
* @param account The address of the account to withdraw tokens and claim rewards for.
* @param amount The amount of tokens to withdraw.
* @param claim If true, claims all rewards for the account from this contract and any linked extra reward
* contracts.
*/
function withdraw(address account, uint256 amount, bool claim) external;
/**
* @notice Claims and transfers all rewards for the specified account from this contract and any linked extra reward
* contracts.
* @dev If claimExtras is true, also claims all rewards from linked extra reward contracts.
* @param account The address of the account to claim rewards for.
* @param recipient The address to send the rewards to.
* @param claimExtras If true, claims rewards from linked extra reward contracts.
*/
function getReward(address account, address recipient, bool claimExtras) external;
/**
* @notice Number of extra rewards currently registered
*/
function extraRewardsLength() external view returns (uint256);
/**
* @notice Get the extra rewards array values
*/
function extraRewards() external view returns (address[] memory);
/**
* @notice Get the rewarder at the specified index
*/
function getExtraRewarder(uint256 index) external view returns (IExtraRewarder);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
/// @title Send messages to our systems on other chains
interface IMessageProxy {
function sendMessage(bytes32 messageType, bytes memory message) external;
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
/// @notice An oracle that can provide prices for single or multiple classes of tokens
interface IPriceOracle {
/// @notice Returns a fair price for the provided token in ETH
/// @dev May require additional registration with the provider before being used for a token
/// @param token Token to get the price of
/// @return price The price of the token in ETH
function getPriceInEth(address token) external returns (uint256 price);
/// @notice Retrieve the description of the oracle
/// @return description
function getDescription() external view returns (string memory);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2024 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IERC20 } from "openzeppelin-contracts/token/ERC20/IERC20.sol";
/**
* @title Validates and distributes Vault token rewards based on the
* the signed and submitted payloads
*/
interface IRewards {
struct Recipient {
uint256 chainId;
uint256 cycle;
address wallet;
uint256 amount;
}
event SignerSet(address newSigner);
event Claimed(uint256 cycle, address recipient, uint256 amount);
/// @notice Get the underlying token rewards are paid in
/// @return Token address
function vaultToken() external view returns (IERC20);
/// @notice Get the current payload signer;
/// @return Signer address
function rewardsSigner() external view returns (address);
/// @notice Check the amount an account has already claimed
/// @param account Account to check
/// @return Amount already claimed
function claimedAmounts(address account) external view returns (uint256);
/// @notice Get the amount that is claimable based on the provided payload
/// @param recipient Published rewards payload
/// @return Amount claimable if the payload is signed
function getClaimableAmount(Recipient calldata recipient) external view returns (uint256);
/// @notice Change the signer used to validate payloads
/// @param newSigner The new address that will be signing rewards payloads
function setSigner(address newSigner) external;
/// @notice Claim your rewards
/// @param recipient Published rewards payload
/// @param v v component of the payload signature
/// @param r r component of the payload signature
/// @param s s component of the payload signature
function claim(Recipient calldata recipient, uint8 v, bytes32 r, bytes32 s) external returns (uint256);
/// @notice Claim rewards on behalf of another account , invoked primarily by the router
/// @param recipient Published rewards payload
/// @param v v component of the payload signature
/// @param r r component of the payload signature
/// @param s s component of the payload signature
function claimFor(Recipient calldata recipient, uint8 v, bytes32 r, bytes32 s) external returns (uint256);
/// @notice Generate the hash of the payload
/// @param recipient Published rewards payload
/// @return Hash of the payload
function genHash(Recipient memory recipient) external view returns (bytes32);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
/// @notice Retrieve a price for any token used in the system
interface IRootPriceOracle {
/// @notice Returns a fair price for the provided token in ETH
/// @param token token to get the price of
/// @return price the price of the token in ETH
function getPriceInEth(address token) external returns (uint256 price);
/// @notice Returns a spot price for the provided token in ETH, utilizing specified liquidity pool
/// @param token token to get the spot price of
/// @param pool liquidity pool to be used for price determination
/// @return price the spot price of the token in ETH based on the provided pool
function getSpotPriceInEth(address token, address pool) external returns (uint256);
/// @notice Returns a price for base token in quote token.
/// @dev Requires both tokens to be registered.
/// @param base Address of base token.
/// @param quote Address of quote token.
/// @return price Price of the base token in quote token.
function getPriceInQuote(address base, address quote) external returns (uint256 price);
/// @notice Retrieve the price of LP token based on the reserves
/// @param lpToken LP token to get the price of
/// @param pool liquidity pool to be used for price determination
/// @param quoteToken token to quote the price in
function getRangePricesLP(
address lpToken,
address pool,
address quoteToken
) external returns (uint256 spotPriceInQuote, uint256 safePriceInQuote, bool isSpotSafe);
/// @notice Returns floor or ceiling price of the supplied lp token in terms of requested quote.
/// @dev Floor price: the minimum price among all the spot prices and safe prices of the tokens in the pool.
/// Ceiling price: the maximum price among all the spot prices and safe prices of the tokens in the pool.
/// @param pool Address of pool to get spot pricing from.
/// @param lpToken Address of the lp token to price.
/// @param inQuote Address of desired quote token.
/// @param ceiling Bool indicating whether to get floor or ceiling price.
/// @return floorOrCeilingPerLpToken Floor or ceiling price of the lp token.
function getFloorCeilingPrice(
address pool,
address lpToken,
address inQuote,
bool ceiling
) external returns (uint256 floorOrCeilingPerLpToken);
function getFloorPrice(address, address, address) external returns (uint256 price);
function getCeilingPrice(address, address, address) external returns (uint256 price);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
/// @notice An oracle that can provide spot prices for tokens using specific liquidity pools
interface ISpotPriceOracle {
/**
* @notice Retrieve the spot price for a token in a specified quote currency utilizing a specific liquidity pool
* @dev The function will attempt to retrieve the price in the requested quote currency,
* but might return a price in an alternative quote currency if the requested one isn't available.
* It's the caller's responsibility to handle the potentially different returned quote currency.
* @param token The token to get the spot price of
* @param pool The liquidity pool to use for the price retrieval
* @param requestedQuoteToken The desired quote token (e.g. WETH) for the returned price
* @return price The spot price of the token
* @return actualQuoteToken The actual quote token used for the returned price
*/
function getSpotPrice(
address token,
address pool,
address requestedQuoteToken
) external returns (uint256 price, address actualQuoteToken);
/**
* @notice In memory struct for gathering all the info required for reserves for a safe spot price calculation
*
* @param token Pool token
* @param reserveAmount amount of the token in the pool
* @param rawSpotPrice Price of the token in the pool
* @param actualQuoteToken Actual quote token used for the rawSpotPrice
*/
struct ReserveItemInfo {
address token;
uint256 reserveAmount;
uint256 rawSpotPrice;
address actualQuoteToken;
}
/**
* @notice Retrieve the total supply of the LP token for the specified pool
*
* @param pool The liquidity pool to use for the check
* @param lpToken LP token of the specified pool
* @param quoteToken The desired quote token (e.g. WETH) for the returned price
* @return totalLPSupply Total supply of the LP token
* @return reserves `ReserveItemInfo` struct containing the reserves info
*/
function getSafeSpotPriceInfo(
address pool,
address lpToken,
address quoteToken
) external returns (uint256 totalLPSupply, ReserveItemInfo[] memory reserves);
/**
* @notice Retrieve the description of the oracle
* @return description
*/
function getDescription() external view returns (string memory);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
/// @title Capture information about a pool or destination
interface IStatsCalculator {
/// @notice thrown when no snapshot is taken
error NoSnapshotTaken();
/// @notice The id for this instance of a calculator
function getAprId() external view returns (bytes32);
/// @notice The id of the underlying asset/pool/destination this calculator represents
/// @dev This may be a generated address
function getAddressId() external view returns (address);
/// @notice Setup the calculator after it has been copied
/// @dev Should only be executed one time
/// @param dependentAprIds apr ids that cover the dependencies of this calculator
/// @param initData setup data specific to this type of calculator
function initialize(bytes32[] calldata dependentAprIds, bytes calldata initData) external;
/// @notice Capture stat data about this setup
function snapshot() external;
/// @notice Indicates if a snapshot should be taken
/// @return takeSnapshot if true then a snapshot should be taken. If false, calling snapshot will do nothing
function shouldSnapshot() external view returns (bool takeSnapshot);
/// @dev Enum representing the snapshot status for a given rewarder (Convex and Aura) or reward token (Maverick)
enum SnapshotStatus {
noSnapshot, // Indicates that no snapshot has been taken yet for the rewarder.
tooSoon, // Indicates that it's too soon to take another snapshot since the last one.
shouldFinalize, // Indicates that the conditions are met for finalizing a snapshot.
shouldRestart // Indicates that the conditions are met for restarting a snapshot.
}
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IStatsCalculator } from "src/interfaces/stats/IStatsCalculator.sol";
/// @notice Track stat calculators for this instance of the system
interface IStatsCalculatorRegistry {
/// @notice Get a registered calculator
/// @dev Should revert if missing
/// @param aprId key of the calculator to get
/// @return calculator instance of the calculator
function getCalculator(bytes32 aprId) external view returns (IStatsCalculator calculator);
/// @notice List all calculator addresses registered
function listCalculators() external view returns (bytes32[] memory, address[] memory);
/// @notice Register a new stats calculator
/// @param calculator address of the calculator
function register(address calculator) external;
/// @notice Remove a stats calculator
/// @param aprId key of the calculator to remove
function removeCalculator(bytes32 aprId) external;
/// @notice Set the factory that can register calculators
/// @param factory address of the factory
function setCalculatorFactory(address factory) external;
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IERC3156FlashBorrower } from "openzeppelin-contracts/interfaces/IERC3156FlashBorrower.sol";
interface IStrategy {
/* ******************************** */
/* Events */
/* ******************************** */
event DestinationVaultAdded(address destination);
event DestinationVaultRemoved(address destination);
event WithdrawalQueueSet(address[] destinations);
event AddedToRemovalQueue(address destination);
event RemovedFromRemovalQueue(address destination);
error InvalidDestinationVault();
error RebalanceFailed(string message);
/// @notice gets the list of supported destination vaults for the Autopool/Strategy
/// @return _destinations List of supported destination vaults
function getDestinations() external view returns (address[] memory _destinations);
/// @notice add supported destination vaults for the Autopool/Strategy
/// @param _destinations The list of destination vaults to add
function addDestinations(address[] calldata _destinations) external;
/// @notice remove supported destination vaults for the Autopool/Strategy
/// @param _destinations The list of destination vaults to remove
function removeDestinations(address[] calldata _destinations) external;
/// @param destinationIn The address / lp token of the destination vault that will increase
/// @param tokenIn The address of the underlyer token that will be provided by the swapper
/// @param amountIn The amount of the underlying LP tokens that will be received
/// @param destinationOut The address of the destination vault that will decrease
/// @param tokenOut The address of the underlyer token that will be received by the swapper
/// @param amountOut The amount of the tokenOut that will be received by the swapper
struct RebalanceParams {
address destinationIn;
address tokenIn;
uint256 amountIn;
address destinationOut;
address tokenOut;
uint256 amountOut;
}
/// @param destination The address / lp token of the destination vault
/// @param baseApr Base Apr is the yield generated by staking rewards
/// @param feeApr Yield for pool trading fees
/// @param incentiveApr Incentives for LP
/// @param safeTotalSupply Safe supply for LP tokens
/// @param priceReturn Return from price movement to & away from peg
/// @param maxDiscount Max discount to peg
/// @param maxPremium Max premium to peg
/// @param ownedShares Shares owned for this destination
/// @param compositeReturn Total return combined from the individual yield components
/// @param pricePerShare Price per share
struct SummaryStats {
address destination;
uint256 baseApr;
uint256 feeApr;
uint256 incentiveApr;
uint256 safeTotalSupply;
int256 priceReturn;
int256 maxDiscount;
int256 maxPremium;
uint256 ownedShares;
int256 compositeReturn;
uint256 pricePerShare;
}
/// @notice rebalance the Autopool from the tokenOut (decrease) to the tokenIn (increase)
/// This uses a flash loan to receive the tokenOut to reduce the working capital requirements of the swapper
/// @param receiver The contract receiving the tokens, needs to implement the
/// `onFlashLoan(address user, address token, uint256 amount, uint256 fee, bytes calldata)` interface
/// @param params Parameters by which to perform the rebalance
/// @param data A data parameter to be passed on to the `receiver` for any custom use
function flashRebalance(
IERC3156FlashBorrower receiver,
RebalanceParams calldata params,
bytes calldata data
) external;
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { ISyncSwapper } from "src/interfaces/swapper/ISyncSwapper.sol";
interface ISwapRouter {
struct SwapData {
address token;
address pool;
ISyncSwapper swapper;
bytes data;
}
error MaxSlippageExceeded();
error SwapRouteLookupFailed(address from, address to);
error SwapFailed();
event SwapRouteSet(address indexed token, SwapData[] routes);
event SwapForQuoteSuccessful(
address indexed assetToken,
uint256 sellAmount,
address indexed quoteToken,
uint256 minBuyAmount,
uint256 buyAmount
);
/**
* @notice Sets a new swap route for a given asset token.
* @param assetToken The asset token for which the swap route is being set.
* @param _swapRoute The new swap route as an array of SwapData. The last element represents the quoteToken.
* @dev Each 'hop' in the swap route is validated using the respective swapper's validate function. The validate
* function ensures that the encoded data contains the correct 'fromAddress' and 'toAddress' (swapData.token), and
* verifies that these tokens are in the pool.
*/
function setSwapRoute(address assetToken, SwapData[] calldata _swapRoute) external;
/**
* @notice Swaps the asset token for the quote token.
* @dev We're adopting an "exact in, variable out" model for all our swaps. This ensures that the entire sellAmount
* is used, eliminating the need for additional balance checks and refunds. This model is expected to be followed by
* all swapper implementations to maintain consistency and to optimize for gas efficiency.
* @param assetToken The address of the asset token to swap.
* @param sellAmount The exact amount of the asset token to swap.
* @param quoteToken The address of the quote token.
* @param minBuyAmount The minimum amount of the quote token expected to be received from the swap.
* @return The amount received from the swap.
*/
function swapForQuote(
address assetToken,
uint256 sellAmount,
address quoteToken,
uint256 minBuyAmount
) external returns (uint256);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { ISwapRouter } from "src/interfaces/swapper/ISwapRouter.sol";
interface ISyncSwapper {
error DataMismatch(string element);
error InvalidIndex();
/**
* @notice Returns address of swap router that can access SyncSwapper contract
*/
function router() external view returns (ISwapRouter);
/**
* @notice Swaps sellToken for buyToken
* @param pool The address of the pool for the swapper
* @param sellTokenAddress The address of the token to sell
* @param sellAmount The amount of sellToken to sell
* @param buyTokenAddress The address of the token to buy
* @param minBuyAmount The minimum amount of buyToken expected
* @param data Additional data used differently by the different swappers
* @return actualBuyAmount The actual amount received from the swap
*/
function swap(
address pool,
address sellTokenAddress,
uint256 sellAmount,
address buyTokenAddress,
uint256 minBuyAmount,
bytes memory data
) external returns (uint256 actualBuyAmount);
/**
* @notice Validates that the swapData contains the correct information, ensuring that the encoded data contains the
* correct 'fromAddress' and 'toAddress' (swapData.token), and verifies that these tokens are in the pool
* @dev This function should revert with a DataMismatch error if the swapData is invalid
* @param fromAddress The address from which the swap originates
* @param swapData The data associated with the swap that needs to be validated
*/
function validate(address fromAddress, ISwapRouter.SwapData memory swapData) external view;
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
/// @notice Stores a reference to the registry for this system
interface ISystemComponent {
/// @notice The system instance this contract is tied to
function getSystemRegistry() external view returns (address registry);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IWETH9 } from "src/interfaces/utils/IWETH9.sol";
import { IAccToke } from "src/interfaces/staking/IAccToke.sol";
import { IAutopoolRegistry } from "src/interfaces/vault/IAutopoolRegistry.sol";
import { IAccessController } from "src/interfaces/security/IAccessController.sol";
import { ISwapRouter } from "src/interfaces/swapper/ISwapRouter.sol";
import { ICurveResolver } from "src/interfaces/utils/ICurveResolver.sol";
import { IAutopilotRouter } from "src/interfaces/vault/IAutopilotRouter.sol";
import { IAutopoolFactory } from "src/interfaces/vault/IAutopoolFactory.sol";
import { ISystemSecurity } from "src/interfaces/security/ISystemSecurity.sol";
import { IDestinationRegistry } from "src/interfaces/destinations/IDestinationRegistry.sol";
import { IRootPriceOracle } from "src/interfaces/oracles/IRootPriceOracle.sol";
import { IDestinationVaultRegistry } from "src/interfaces/vault/IDestinationVaultRegistry.sol";
import { IAccessController } from "src/interfaces/security/IAccessController.sol";
import { IStatsCalculatorRegistry } from "src/interfaces/stats/IStatsCalculatorRegistry.sol";
import { IAsyncSwapperRegistry } from "src/interfaces/liquidation/IAsyncSwapperRegistry.sol";
import { IERC20Metadata } from "openzeppelin-contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { IIncentivesPricingStats } from "src/interfaces/stats/IIncentivesPricingStats.sol";
import { IMessageProxy } from "src/interfaces/messageProxy/IMessageProxy.sol";
/// @notice Root most registry contract for the system
interface ISystemRegistry {
/// @notice Get the TOKE contract for the system
/// @return toke instance of TOKE used in the system
function toke() external view returns (IERC20Metadata);
/// @notice Get the referenced WETH contract for the system
/// @return weth contract pointer
function weth() external view returns (IWETH9);
/// @notice Get the AccToke staking contract
/// @return accToke instance of the accToke contract for the system
function accToke() external view returns (IAccToke);
/// @notice Get the AutopoolRegistry for this system
/// @return registry instance of the registry for this system
function autoPoolRegistry() external view returns (IAutopoolRegistry registry);
/// @notice Get the destination Vault registry for this system
/// @return registry instance of the registry for this system
function destinationVaultRegistry() external view returns (IDestinationVaultRegistry registry);
/// @notice Get the access Controller for this system
/// @return controller instance of the access controller for this system
function accessController() external view returns (IAccessController controller);
/// @notice Get the destination template registry for this system
/// @return registry instance of the registry for this system
function destinationTemplateRegistry() external view returns (IDestinationRegistry registry);
/// @notice Auto Pilot Router
/// @return router instance of the system
function autoPoolRouter() external view returns (IAutopilotRouter router);
/// @notice Vault factory lookup by type
/// @return vaultFactory instance of the vault factory for this vault type
function getAutopoolFactoryByType(bytes32 vaultType) external view returns (IAutopoolFactory vaultFactory);
/// @notice Get the stats calculator registry for this system
/// @return registry instance of the registry for this system
function statsCalculatorRegistry() external view returns (IStatsCalculatorRegistry registry);
/// @notice Get the root price oracle for this system
/// @return oracle instance of the root price oracle for this system
function rootPriceOracle() external view returns (IRootPriceOracle oracle);
/// @notice Get the async swapper registry for this system
/// @return registry instance of the registry for this system
function asyncSwapperRegistry() external view returns (IAsyncSwapperRegistry registry);
/// @notice Get the swap router for this system
/// @return router instance of the swap router for this system
function swapRouter() external view returns (ISwapRouter router);
/// @notice Get the curve resolver for this system
/// @return resolver instance of the curve resolver for this system
function curveResolver() external view returns (ICurveResolver resolver);
/// @notice Verify if given address is registered as Reward Token
/// @param rewardToken token address to verify
/// @return bool that indicates true if token is registered and false if not
function isRewardToken(address rewardToken) external view returns (bool);
/// @notice Get the system security instance for this system
/// @return security instance of system security for this system
function systemSecurity() external view returns (ISystemSecurity security);
/// @notice Get the Incentive Pricing Stats
/// @return incentivePricing the incentive pricing contract
function incentivePricing() external view returns (IIncentivesPricingStats);
/// @notice Get the Message Proxy
/// @return Message proxy contract
function messageProxy() external view returns (IMessageProxy);
/// @notice Get the receiving router contract.
/// @return Receiving router contract
function receivingRouter() external view returns (address);
/// @notice Check if an additional contract of type is valid in the system
/// @return True if the contract is a valid for the given type
function isValidContract(bytes32 contractType, address contractAddress) external view returns (bool);
/// @notice Returns the additional contract of the given type
/// @dev Revert if not set
function getUniqueContract(bytes32 contractType) external view returns (address);
/// @notice Returns all unique contracts configured
function listUniqueContracts() external view returns (bytes32[] memory contractTypes, address[] memory addresses);
/// @notice Returns all additional contract types configured
function listAdditionalContractTypes() external view returns (bytes32[] memory);
/// @notice Returns configured additional contracts by type
/// @param contractType Type of contract to list
function listAdditionalContracts(bytes32 contractType) external view returns (address[] memory);
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
interface ISystemSecurity {
/// @notice Get the number of NAV/share operations currently in progress
/// @return Number of operations
function navOpsInProgress() external view returns (uint256);
/// @notice Called at the start of any NAV/share changing operation
function enterNavOperation() external;
/// @notice Called at the end of any NAV/share changing operation
function exitNavOperation() external;
/// @notice Whether or not the system as a whole is paused
function isSystemPaused() external returns (bool);
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.7;
import { IERC20 } from "openzeppelin-contracts/token/ERC20/IERC20.sol";
interface IWETH9 is IERC20 {
function symbol() external view returns (string memory);
function deposit() external payable;
function withdraw(uint256 amount) external;
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IERC20 } from "openzeppelin-contracts/token/ERC20/IERC20.sol";
import { SafeERC20 } from "openzeppelin-contracts/token/ERC20/utils/SafeERC20.sol";
library LibAdapter {
using SafeERC20 for IERC20;
address public constant CURVE_REGISTRY_ETH_ADDRESS_POINTER = 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;
error MinLpAmountNotReached();
error LpTokenAmountMismatch();
error NoNonZeroAmountProvided();
error InvalidBalanceChange();
// Utils
function _approve(IERC20 token, address spender, uint256 amount) internal {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance > 0) {
token.safeDecreaseAllowance(spender, currentAllowance);
}
token.safeIncreaseAllowance(spender, amount);
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/Math.sol)
pragma solidity ^0.8.0;
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
enum Rounding {
Down, // Toward negative infinity
Up, // Toward infinity
Zero // Toward zero
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds up instead
* of rounding down.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
* with further edits by Uniswap Labs also under MIT license.
*/
function mulDiv(
uint256 x,
uint256 y,
uint256 denominator
) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod0 := mul(x, y)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
require(denominator > prod1);
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.
// See https://cs.stackexchange.com/q/138556/92363.
// Does not overflow because the denominator cannot be zero at this stage in the function.
uint256 twos = denominator & (~denominator + 1);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works
// in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(
uint256 x,
uint256 y,
uint256 denominator,
Rounding rounding
) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10**64) {
value /= 10**64;
result += 64;
}
if (value >= 10**32) {
value /= 10**32;
result += 32;
}
if (value >= 10**16) {
value /= 10**16;
result += 16;
}
if (value >= 10**8) {
value /= 10**8;
result += 8;
}
if (value >= 10**4) {
value /= 10**4;
result += 4;
}
if (value >= 10**2) {
value /= 10**2;
result += 2;
}
if (value >= 10**1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (rounding == Rounding.Up && 10**result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256, rounded down, of a positive value.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (rounding == Rounding.Up && 1 << (result * 8) < value ? 1 : 0);
}
}
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
library Roles {
// Naming Conventions:
// - Use MANAGER, CREATOR, UPDATER, ..., for roles primarily managing on-chain activities.
// - Use EXECUTOR for roles that trigger off-chain initiated actions.
// - Group roles by functional area for clarity.
// Destination Vault Management
bytes32 public constant DESTINATION_VAULT_FACTORY_MANAGER = keccak256("CREATE_DESTINATION_VAULT_ROLE");
bytes32 public constant DESTINATION_VAULT_REGISTRY_MANAGER = keccak256("DESTINATION_VAULT_REGISTRY_MANAGER");
bytes32 public constant DESTINATION_VAULT_MANAGER = keccak256("DESTINATION_VAULT_MANAGER");
// Auto Pool Factory and Registry Management
bytes32 public constant AUTO_POOL_REGISTRY_UPDATER = keccak256("REGISTRY_UPDATER");
bytes32 public constant AUTO_POOL_FACTORY_MANAGER = keccak256("AUTO_POOL_FACTORY_MANAGER");
bytes32 public constant AUTO_POOL_FACTORY_VAULT_CREATOR = keccak256("CREATE_POOL_ROLE");
// Auto Pool Management
bytes32 public constant AUTO_POOL_DESTINATION_UPDATER = keccak256("DESTINATION_VAULTS_UPDATER");
bytes32 public constant AUTO_POOL_FEE_UPDATER = keccak256("AUTO_POOL_FEE_SETTER_ROLE");
bytes32 public constant AUTO_POOL_PERIODIC_FEE_UPDATER = keccak256("AUTO_POOL_PERIODIC_FEE_SETTER_ROLE");
bytes32 public constant AUTO_POOL_REWARD_MANAGER = keccak256("AUTO_POOL_REWARD_MANAGER_ROLE");
bytes32 public constant AUTO_POOL_MANAGER = keccak256("AUTO_POOL_ADMIN");
bytes32 public constant REBALANCER = keccak256("REBALANCER_ROLE");
bytes32 public constant STATS_HOOK_POINTS_ADMIN = keccak256("STATS_HOOK_POINTS_ADMIN");
// Reward Management
bytes32 public constant LIQUIDATOR_MANAGER = keccak256("LIQUIDATOR_ROLE");
bytes32 public constant DV_REWARD_MANAGER = keccak256("DV_REWARD_MANAGER_ROLE");
bytes32 public constant REWARD_LIQUIDATION_MANAGER = keccak256("REWARD_LIQUIDATION_MANAGER");
bytes32 public constant EXTRA_REWARD_MANAGER = keccak256("EXTRA_REWARD_MANAGER_ROLE");
bytes32 public constant REWARD_LIQUIDATION_EXECUTOR = keccak256("REWARD_LIQUIDATION_EXECUTOR");
// Statistics and Reporting
bytes32 public constant STATS_CALC_REGISTRY_MANAGER = keccak256("STATS_CALC_REGISTRY_MANAGER");
bytes32 public constant STATS_CALC_FACTORY_MANAGER = keccak256("CREATE_STATS_CALC_ROLE");
bytes32 public constant STATS_CALC_FACTORY_TEMPLATE_MANAGER = keccak256("STATS_CALC_TEMPLATE_MGMT_ROLE");
bytes32 public constant STATS_SNAPSHOT_EXECUTOR = keccak256("STATS_SNAPSHOT_ROLE");
bytes32 public constant STATS_INCENTIVE_TOKEN_UPDATER = keccak256("STATS_INCENTIVE_TOKEN_UPDATER");
bytes32 public constant STATS_GENERAL_MANAGER = keccak256("STATS_GENERAL_MANAGER");
bytes32 public constant STATS_LST_ETH_TOKEN_EXECUTOR = keccak256("STATS_LST_ETH_TOKEN_EXECUTOR");
// Emergency Management
bytes32 public constant EMERGENCY_PAUSER = keccak256("EMERGENCY_PAUSER");
bytes32 public constant SEQUENCER_OVERRIDE_MANAGER = keccak256("SEQUENCER_OVERRIDE_MANAGER");
// Miscellaneous Roles
bytes32 public constant SOLVER = keccak256("SOLVER_ROLE");
bytes32 public constant AUTO_POOL_REPORTING_EXECUTOR = keccak256("AUTO_POOL_UPDATE_DEBT_REPORTING_ROLE");
// Swapper Roles
bytes32 public constant SWAP_ROUTER_MANAGER = keccak256("SWAP_ROUTER_MANAGER");
// Price Oracles Roles
bytes32 public constant ORACLE_MANAGER = keccak256("ORACLE_MANAGER_ROLE");
bytes32 public constant CUSTOM_ORACLE_EXECUTOR = keccak256("CUSTOM_ORACLE_EXECUTOR");
bytes32 public constant MAVERICK_FEE_ORACLE_EXECUTOR = keccak256("MAVERICK_FEE_ORACLE_MANAGER");
// AccToke Roles
bytes32 public constant ACC_TOKE_MANAGER = keccak256("ACC_TOKE_MANAGER");
// Admin Roles
bytes32 public constant TOKEN_RECOVERY_MANAGER = keccak256("TOKEN_RECOVERY_ROLE");
bytes32 public constant INFRASTRUCTURE_MANAGER = keccak256("INFRASTRUCTURE_MANAGER");
// Cross chain communications roles
bytes32 public constant MESSAGE_PROXY_MANAGER = keccak256("MESSAGE_PROXY_MANAGER");
bytes32 public constant MESSAGE_PROXY_EXECUTOR = keccak256("MESSAGE_PROXY_EXECUTOR");
bytes32 public constant RECEIVING_ROUTER_MANAGER = keccak256("RECEIVING_ROUTER_MANAGER");
bytes32 public constant RECEIVING_ROUTER_EXECUTOR = keccak256("RECEIVING_ROUTER_EXECUTOR");
}
// SPDX-License-Identifier:UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { Math } from "openzeppelin-contracts/utils/math/Math.sol";
import { IERC20Metadata } from "openzeppelin-contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { Errors } from "src/utils/Errors.sol";
import { SecurityBase } from "src/security/SecurityBase.sol";
import { ISystemRegistry } from "src/interfaces/ISystemRegistry.sol";
import { IPriceOracle } from "src/interfaces/oracles/IPriceOracle.sol";
import { ISpotPriceOracle } from "src/interfaces/oracles/ISpotPriceOracle.sol";
import { IRootPriceOracle } from "src/interfaces/oracles/IRootPriceOracle.sol";
import { SystemComponent } from "src/SystemComponent.sol";
import { Roles } from "src/libs/Roles.sol";
contract RootPriceOracle is SystemComponent, SecurityBase, IRootPriceOracle {
address private immutable _weth;
mapping(address => IPriceOracle) public tokenMappings;
mapping(address => ISpotPriceOracle) public poolMappings;
mapping(address => uint256) public safeSpotPriceThresholds;
uint256 internal constant THRESHOLD_PRECISION = 10_000;
event TokenRemoved(address token);
event TokenRegistered(address token, address oracle);
event TokenRegistrationReplaced(address token, address oldOracle, address newOracle);
event SafeSpotPriceThresholdUpdated(address token, uint256 threshold);
// pool-handler specific events
event PoolRegistered(address indexed pool, address indexed oracle);
event PoolRegistrationReplaced(address indexed pool, address indexed oldOracle, address indexed newOracle);
event PoolRemoved(address indexed pool);
error AlreadyRegistered(address token);
error MissingTokenOracle(address token);
error MissingSpotPriceOracle(address token);
error MappingDoesNotExist(address token);
error ReplaceOldMismatch(address token, address oldExpected, address oldActual);
error ReplaceAlreadyMatches(address token, address newOracle);
error NoThresholdFound(address token);
constructor(ISystemRegistry _systemRegistry)
SystemComponent(_systemRegistry)
SecurityBase(address(_systemRegistry.accessController()))
{
_weth = address(_systemRegistry.weth());
}
/// @notice Register a new token to oracle mapping
/// @dev May require additional registration in the oracle itself
/// @param token address of the token to register
/// @param oracle address of the oracle to use to lookup price
function registerMapping(address token, IPriceOracle oracle) external hasRole(Roles.ORACLE_MANAGER) {
Errors.verifyNotZero(token, "token");
Errors.verifyNotZero(address(oracle), "oracle");
Errors.verifySystemsMatch(address(this), address(oracle));
// We want the operation of replacing a mapping to be an explicit
// call so we don't accidentally overwrite something
if (address(tokenMappings[token]) != address(0)) {
revert AlreadyRegistered(token);
}
tokenMappings[token] = oracle;
emit TokenRegistered(token, address(oracle));
}
/// @notice Replace an existing token -> oracle mapping
/// @dev Must exist, matching existing, and new != old value to successfully replace
/// @param token address of the token to register
/// @param oldOracle existing oracle address
/// @param newOracle new oracle address
function replaceMapping(
address token,
IPriceOracle oldOracle,
IPriceOracle newOracle
) external hasRole(Roles.ORACLE_MANAGER) {
Errors.verifyNotZero(token, "token");
Errors.verifyNotZero(address(oldOracle), "oldOracle");
Errors.verifyNotZero(address(newOracle), "newOracle");
Errors.verifySystemsMatch(address(this), address(newOracle));
// We want to ensure you know what you're replacing so ensure
// you provide a matching old value
if (tokenMappings[token] != oldOracle) {
revert ReplaceOldMismatch(token, address(oldOracle), address(tokenMappings[token]));
}
// If the old and new values match we can assume you're not doing
// what you think you're doing so we just fail
if (oldOracle == newOracle) {
revert ReplaceAlreadyMatches(token, address(newOracle));
}
tokenMappings[token] = newOracle;
emit TokenRegistrationReplaced(token, address(oldOracle), address(newOracle));
}
/// @notice Remove a token to oracle mapping
/// @dev Must exist. Does not remove any additional configuration from the oracle itself
/// @param token address of the token that is registered
function removeMapping(address token) external hasRole(Roles.ORACLE_MANAGER) {
Errors.verifyNotZero(token, "token");
// If you're trying to remove something that doesn't exist then
// some condition you're expecting isn't true. We revert so you can reevaluate
if (address(tokenMappings[token]) == address(0)) {
revert MappingDoesNotExist(token);
}
delete tokenMappings[token];
emit TokenRemoved(token);
}
/// @notice Register a new liquidity pool to its LP oracle
/// @dev May require additional registration in the oracle itself
/// @param pool address of the liquidity pool
/// @param oracle address of the LP oracle
function registerPoolMapping(address pool, ISpotPriceOracle oracle) external hasRole(Roles.ORACLE_MANAGER) {
Errors.verifyNotZero(pool, "pool");
Errors.verifyNotZero(address(oracle), "oracle");
Errors.verifySystemsMatch(address(this), address(oracle));
if (address(poolMappings[pool]) != address(0)) {
revert AlreadyRegistered(pool);
}
poolMappings[pool] = oracle;
emit PoolRegistered(pool, address(oracle));
}
/// @notice Replace an existing oracle for a specified liquidity pool
/// @dev Must exist, matching existing, and new != old value to successfully replace
/// @param pool address of the liquidity pool
/// @param oldOracle address of the current LP oracle
/// @param newOracle address of the new LP oracle
function replacePoolMapping(
address pool,
ISpotPriceOracle oldOracle,
ISpotPriceOracle newOracle
) external hasRole(Roles.ORACLE_MANAGER) {
Errors.verifyNotZero(pool, "pool");
Errors.verifyNotZero(address(oldOracle), "oldOracle");
Errors.verifyNotZero(address(newOracle), "newOracle");
Errors.verifySystemsMatch(address(this), address(newOracle));
ISpotPriceOracle currentOracle = poolMappings[pool];
if (currentOracle != oldOracle) revert ReplaceOldMismatch(pool, address(oldOracle), address(currentOracle));
if (oldOracle == newOracle) revert ReplaceAlreadyMatches(pool, address(newOracle));
poolMappings[pool] = newOracle;
emit PoolRegistrationReplaced(pool, address(oldOracle), address(newOracle));
}
/// @notice Remove an existing oracle for a specified liquidity pool
/// @dev Must exist. Does not remove any additional configuration from the oracle itself
/// @param pool address of the liquidity pool that needs oracle removal
function removePoolMapping(address pool) external hasRole(Roles.ORACLE_MANAGER) {
Errors.verifyNotZero(pool, "pool");
if (address(poolMappings[pool]) == address(0)) revert MappingDoesNotExist(pool);
delete poolMappings[pool];
emit PoolRemoved(pool);
}
/// @notice Set a threshold for a token spot price discrepancy to be considered safe
/// @param token address of the token to set the threshold for
/// @param threshold threshold to set (precision to 2 decimal places, i.e. 10000 = 100.00%)
function setSafeSpotPriceThreshold(address token, uint256 threshold) external hasRole(Roles.ORACLE_MANAGER) {
Errors.verifyNotZero(token, "token");
Errors.verifyNotZero(threshold, "threshold");
if (threshold > THRESHOLD_PRECISION) revert Errors.InvalidParam("threshold");
safeSpotPriceThresholds[token] = threshold;
emit SafeSpotPriceThresholdUpdated(token, threshold);
}
/// @dev This and all price oracles are not view fn's so that we can perform the Curve reentrancy check
/// @inheritdoc IRootPriceOracle
function getPriceInEth(address token) external returns (uint256 price) {
// Skip the token address(0) check and just rely on the oracle lookup
// Emit token so we can figure out what was actually 0 later
IPriceOracle oracle = _checkTokenOracleRegistration(token);
price = oracle.getPriceInEth(token);
}
/// @inheritdoc IRootPriceOracle
function getFloorCeilingPrice(
address pool,
address lpToken,
address inQuote,
bool ceiling
) public returns (uint256 floorOrCeilingPerLpToken) {
(uint256 totalReserves, uint256 floorOrCeilingPrice, uint256 totalLpSupply) =
_calculateReservesAndPrice(pool, lpToken, inQuote, ceiling);
floorOrCeilingPerLpToken = totalReserves * floorOrCeilingPrice / totalLpSupply;
}
/**
* @notice Calculates the total reserves, floor/ceiling price, and total LP supply for a given pool and token pair.
* @param pool The address of the liquidity pool.
* @param lpToken The address of the LP token.
* @param inQuote The address of the desired quote token.
* @param ceiling A boolean indicating whether to calculate the ceiling price (true) or floor price (false).
* @return totalReserves The total reserves in the pool, scaled to the desired quote token decimals.
* @return floorOrCeilingPrice The floor or ceiling price, depending on the `ceiling` parameter.
* @return totalLpSupply The total LP supply, scaled to the desired quote token decimals.
*/
function _calculateReservesAndPrice(
address pool,
address lpToken,
address inQuote,
bool ceiling
) internal returns (uint256 totalReserves, uint256 floorOrCeilingPrice, uint256 totalLpSupply) {
ISpotPriceOracle.ReserveItemInfo[] memory reserveInfoArray;
ISpotPriceOracle oracle = _checkSpotOracleRegistration(pool);
(totalLpSupply, reserveInfoArray) = oracle.getSafeSpotPriceInfo(pool, lpToken, inQuote);
uint256 inQuoteDecimals = IERC20Metadata(inQuote).decimals();
uint256 lpTokenDecimals = IERC20Metadata(lpToken).decimals();
totalLpSupply = _scaleValue(totalLpSupply, lpTokenDecimals, inQuoteDecimals);
uint256 nTokens = reserveInfoArray.length;
for (uint256 i = 0; i < nTokens; ++i) {
ISpotPriceOracle.ReserveItemInfo memory reserveInfo = reserveInfoArray[i];
uint256 safePrice = getPriceInQuote(reserveInfo.token, inQuote);
uint256 spotPrice = _enforceQuoteToken(inQuote, reserveInfo.actualQuoteToken, reserveInfo.rawSpotPrice);
uint256 tokenPricedDecimals = IERC20Metadata(reserveInfo.token).decimals();
// Scaling reserves, reserves are always returned in the decimals of the token priced.
totalReserves += _scaleValue(reserveInfo.reserveAmount, tokenPricedDecimals, inQuoteDecimals);
if (ceiling) {
floorOrCeilingPrice = Math.max(floorOrCeilingPrice, Math.max(spotPrice, safePrice));
} else {
floorOrCeilingPrice = i == 0
? Math.min(spotPrice, safePrice)
: Math.min(floorOrCeilingPrice, Math.min(spotPrice, safePrice));
}
}
}
/**
* @dev Scales a value based on the token decimals and desired quote token decimals.
* @param value The value to be scaled.
* @param tokenDecimals The decimals of the token.
* @param inQuoteDecimals The decimals of the desired quote token.
* @return The scaled value.
*/
function _scaleValue(
uint256 value,
uint256 tokenDecimals,
uint256 inQuoteDecimals
) internal pure returns (uint256) {
if (tokenDecimals > inQuoteDecimals) {
return value / 10 ** (tokenDecimals - inQuoteDecimals);
} else if (tokenDecimals < inQuoteDecimals) {
return value * 10 ** (inQuoteDecimals - tokenDecimals);
}
return value;
}
/// @inheritdoc IRootPriceOracle
function getSpotPriceInEth(address token, address pool) external returns (uint256 price) {
Errors.verifyNotZero(token, "token");
Errors.verifyNotZero(pool, "pool");
ISpotPriceOracle oracle = _checkSpotOracleRegistration(pool);
address weth = address(systemRegistry.weth());
return _getSpotPriceInQuote(oracle, token, pool, weth);
}
function _getSpotPriceInQuote(
ISpotPriceOracle oracle,
address token,
address pool,
address quoteToken
) internal returns (uint256 price) {
// Retrieve the spot price with weth as the requested quote token
(uint256 rawPrice, address actualQuoteToken) = oracle.getSpotPrice(token, pool, quoteToken);
return _enforceQuoteToken(quoteToken, actualQuoteToken, rawPrice);
}
/// @inheritdoc IRootPriceOracle
/// @dev Getting major "Stack too deep" errors, so if you see locals not abstracted that's why
function getRangePricesLP(
address lpToken,
address pool,
address quoteToken
) external returns (uint256 spotPriceInQuote, uint256 safePriceInQuote, bool isSpotSafe) {
ISpotPriceOracle spotPriceOracle = _checkSpotOracleRegistration(pool);
// Retrieve the reserves info for calculations
(uint256 totalLPSupply, ISpotPriceOracle.ReserveItemInfo[] memory reserves) =
spotPriceOracle.getSafeSpotPriceInfo(pool, lpToken, quoteToken);
// if lp supply is 0 (while we hold it) means compromised pool, so return 0 for worth (and false for safety)
uint256 nTokens = reserves.length;
if (nTokens == 0) {
revert Errors.InvalidParam("reserves");
}
if (totalLPSupply == 0) {
return (0, 0, false);
}
isSpotSafe = true; // default to true, and set to false if any threshold is breached in the loop below
// loop through reserves, and sum up aggregates
for (uint256 i = 0; i < nTokens; ++i) {
ISpotPriceOracle.ReserveItemInfo memory reserve = reserves[i];
uint256 threshold = safeSpotPriceThresholds[reserve.token];
if (threshold == 0) revert NoThresholdFound(reserve.token);
uint256 safePrice = getPriceInQuote(reserve.token, quoteToken);
uint256 spotPrice = _enforceQuoteToken(quoteToken, reserve.actualQuoteToken, reserve.rawSpotPrice);
//
// check thresholds to see if spot is safe
// NOTE: narrowing scope to avoid "stack too deep" errors
//
{
(uint256 largerPrice, uint256 smallerPrice) =
(safePrice > spotPrice) ? (safePrice, spotPrice) : (spotPrice, safePrice);
uint256 priceDiff = largerPrice - smallerPrice;
if (largerPrice == 0 || (priceDiff * THRESHOLD_PRECISION / largerPrice) > threshold) {
isSpotSafe = false; // validate that the spot price is safe
}
}
//
// add to totals (with padding to quoteToken decimals)
uint256 reserveTokenBaseDecimals = 10 ** IERC20Metadata(reserve.token).decimals();
safePriceInQuote += reserve.reserveAmount * safePrice / reserveTokenBaseDecimals;
spotPriceInQuote += reserve.reserveAmount * spotPrice / reserveTokenBaseDecimals;
}
//
// divide by total lp supply to get price per lp token
uint256 lpTokenDecimalsPad = 10 ** IERC20Metadata(lpToken).decimals();
safePriceInQuote = safePriceInQuote * lpTokenDecimalsPad / totalLPSupply;
spotPriceInQuote = spotPriceInQuote * lpTokenDecimalsPad / totalLPSupply;
}
/// @dev if quote token returned is not the requested one, do price conversion
function _enforceQuoteToken(
address quoteToken,
address actualQuoteToken,
uint256 rawPrice
) internal returns (uint256) {
// If quote token returned is the requested one we return price as is
if (actualQuoteToken == quoteToken) {
return rawPrice;
}
uint256 decimals = IERC20Metadata(actualQuoteToken).decimals();
// If not, get the conversion rate from the actualQuoteToken to quoteToken and then derive the spot price
return rawPrice * getPriceInQuote(actualQuoteToken, quoteToken) / 10 ** decimals;
}
///@inheritdoc IRootPriceOracle
function getPriceInQuote(address base, address quote) public returns (uint256) {
IPriceOracle baseOracle = _checkTokenOracleRegistration(base);
uint256 quoteDecimals = IERC20Metadata(quote).decimals();
if (base == quote) {
return 1 * 10 ** quoteDecimals;
}
// No need to go through the extra math if we're asking for it in terms we already have
uint256 baseInEth = baseOracle.getPriceInEth(base);
if (quote == _weth) {
return baseInEth;
}
IPriceOracle quoteOracle = _checkTokenOracleRegistration(quote);
return (baseInEth * (10 ** quoteDecimals)) / quoteOracle.getPriceInEth(quote);
}
function _checkTokenOracleRegistration(address token) private view returns (IPriceOracle oracle) {
oracle = tokenMappings[token];
if (address(oracle) == address(0)) {
revert MissingTokenOracle(token);
}
}
function _checkSpotOracleRegistration(address pool) private view returns (ISpotPriceOracle spotOracle) {
spotOracle = poolMappings[pool];
if (address(spotOracle) == address(0)) {
revert MissingSpotPriceOracle(pool);
}
}
/**
* @notice Get the floor price of a token in quote token denomination.
* @param lpToken Address of the token.
* @param pool Address of the pool.
* @param quote Address of the quote token.
* @return price Price of token in quote token.
*/
function getFloorPrice(address lpToken, address pool, address quote) external returns (uint256 price) {
price = getFloorCeilingPrice(pool, lpToken, quote, false);
}
/**
* @notice Get the ceiling price of a token in quote token denomination.
* @param lpToken Address of the token.
* @param pool Address of the pool.
* @param quote Address of the quote token.
* @return price Price of token in quote token.
*/
function getCeilingPrice(address lpToken, address pool, address quote) external returns (uint256 price) {
price = getFloorCeilingPrice(pool, lpToken, quote, true);
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
import "../extensions/draft-IERC20Permit.sol";
import "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
function safeTransfer(
IERC20 token,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(
IERC20 token,
address from,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(
IERC20 token,
address spender,
uint256 value
) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
require(
(value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
function safeIncreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
uint256 newAllowance = token.allowance(address(this), spender) + value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function safeDecreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
uint256 newAllowance = oldAllowance - value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
}
function safePermit(
IERC20Permit token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal {
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length > 0) {
// Return data is optional
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { IAccessController } from "src/interfaces/security/IAccessController.sol";
import { Errors } from "src/utils/Errors.sol";
contract SecurityBase {
IAccessController public immutable accessController;
error UndefinedAddress();
constructor(address _accessController) {
if (_accessController == address(0)) revert UndefinedAddress();
accessController = IAccessController(_accessController);
}
modifier onlyOwner() {
accessController.verifyOwner(msg.sender);
_;
}
modifier hasRole(bytes32 role) {
if (!accessController.hasRole(role, msg.sender)) revert Errors.AccessDenied();
_;
}
///////////////////////////////////////////////////////////////////
//
// Forward all the regular methods to central security module
//
///////////////////////////////////////////////////////////////////
function _hasRole(bytes32 role, address account) internal view returns (bool) {
return accessController.hasRole(role, account);
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Strings.sol)
pragma solidity ^0.8.0;
import "./math/Math.sol";
/**
* @dev String operations.
*/
library Strings {
bytes16 private constant _SYMBOLS = "0123456789abcdef";
uint8 private constant _ADDRESS_LENGTH = 20;
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/
function toString(uint256 value) internal pure returns (string memory) {
unchecked {
uint256 length = Math.log10(value) + 1;
string memory buffer = new string(length);
uint256 ptr;
/// @solidity memory-safe-assembly
assembly {
ptr := add(buffer, add(32, length))
}
while (true) {
ptr--;
/// @solidity memory-safe-assembly
assembly {
mstore8(ptr, byte(mod(value, 10), _SYMBOLS))
}
value /= 10;
if (value == 0) break;
}
return buffer;
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/
function toHexString(uint256 value) internal pure returns (string memory) {
unchecked {
return toHexString(value, Math.log256(value) + 1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
bytes memory buffer = new bytes(2 * length + 2);
buffer[0] = "0";
buffer[1] = "x";
for (uint256 i = 2 * length + 1; i > 1; --i) {
buffer[i] = _SYMBOLS[value & 0xf];
value >>= 4;
}
require(value == 0, "Strings: hex length insufficient");
return string(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation.
*/
function toHexString(address addr) internal pure returns (string memory) {
return toHexString(uint256(uint160(addr)), _ADDRESS_LENGTH);
}
}
// SPDX-License-Identifier: MIT
pragma solidity =0.8.17;
/**
* @title StructuredLinkedList
* @author Vittorio Minacori (https://github.com/vittominacori)
* @dev An utility library for using sorted linked list data structures in your Solidity project.
* @notice Adapted from
* https://github.com/Layr-Labs/eigenlayer-contracts/blob/master/src/contracts/libraries/StructuredLinkedList.sol
*/
library StructuredLinkedList {
uint256 private constant _NULL = 0;
uint256 private constant _HEAD = 0;
bool private constant _PREV = false;
bool private constant _NEXT = true;
struct List {
uint256 size;
mapping(uint256 => mapping(bool => uint256)) list;
}
/**
* @dev Checks if the list exists
* @param self stored linked list from contract
* @return bool true if list exists, false otherwise
*/
function listExists(List storage self) public view returns (bool) {
// if the head nodes previous or next pointers both point to itself, then there are no items in the list
if (self.list[_HEAD][_PREV] != _HEAD || self.list[_HEAD][_NEXT] != _HEAD) {
return true;
} else {
return false;
}
}
/**
* @dev Checks if the node exists
* @param self stored linked list from contract
* @param _node a node to search for
* @return bool true if node exists, false otherwise
*/
function nodeExists(List storage self, uint256 _node) public view returns (bool) {
if (self.list[_node][_PREV] == _HEAD && self.list[_node][_NEXT] == _HEAD) {
if (self.list[_HEAD][_NEXT] == _node) {
return true;
} else {
return false;
}
} else {
return true;
}
}
/**
* @dev Returns the number of elements in the list
* @param self stored linked list from contract
* @return uint256
*/
// slither-disable-next-line dead-code
function sizeOf(List storage self) public view returns (uint256) {
return self.size;
}
/**
* @dev Gets the head of the list
* @param self stored linked list from contract
* @return uint256 the head of the list
*/
function getHead(List storage self) public view returns (uint256) {
return self.list[_HEAD][_NEXT];
}
/**
* @dev Gets the head of the list
* @param self stored linked list from contract
* @return uint256 the head of the list
*/
function getTail(List storage self) public view returns (uint256) {
return self.list[_HEAD][_PREV];
}
/**
* @dev Returns the links of a node as a tuple
* @param self stored linked list from contract
* @param _node id of the node to get
* @return bool, uint256, uint256 true if node exists or false otherwise, previous node, next node
*/
// slither-disable-next-line dead-code
function getNode(List storage self, uint256 _node) public view returns (bool, uint256, uint256) {
if (!nodeExists(self, _node)) {
return (false, 0, 0);
} else {
return (true, self.list[_node][_PREV], self.list[_node][_NEXT]);
}
}
/**
* @dev Returns the link of a node `_node` in direction `_direction`.
* @param self stored linked list from contract
* @param _node id of the node to step from
* @param _direction direction to step in
* @return bool, uint256 true if node exists or false otherwise, node in _direction
*/
// slither-disable-next-line dead-code
function getAdjacent(List storage self, uint256 _node, bool _direction) public view returns (bool, uint256) {
if (!nodeExists(self, _node)) {
return (false, 0);
} else {
uint256 adjacent = self.list[_node][_direction];
return (adjacent != _HEAD, adjacent);
}
}
/**
* @dev Returns the link of a node `_node` in direction `_NEXT`.
* @param self stored linked list from contract
* @param _node id of the node to step from
* @return bool, uint256 true if node exists or false otherwise, next node
*/
// slither-disable-next-line dead-code
function getNextNode(List storage self, uint256 _node) public view returns (bool, uint256) {
return getAdjacent(self, _node, _NEXT);
}
/**
* @dev Returns the link of a node `_node` in direction `_PREV`.
* @param self stored linked list from contract
* @param _node id of the node to step from
* @return bool, uint256 true if node exists or false otherwise, previous node
*/
// slither-disable-next-line dead-code
function getPreviousNode(List storage self, uint256 _node) public view returns (bool, uint256) {
return getAdjacent(self, _node, _PREV);
}
/**
* @dev Insert node `_new` beside existing node `_node` in direction `_NEXT`.
* @param self stored linked list from contract
* @param _node existing node
* @param _new new node to insert
* @return bool true if success, false otherwise
*/
// slither-disable-next-line dead-code
function insertAfter(List storage self, uint256 _node, uint256 _new) public returns (bool) {
return _insert(self, _node, _new, _NEXT);
}
/**
* @dev Insert node `_new` beside existing node `_node` in direction `_PREV`.
* @param self stored linked list from contract
* @param _node existing node
* @param _new new node to insert
* @return bool true if success, false otherwise
*/
// slither-disable-next-line dead-code
function insertBefore(List storage self, uint256 _node, uint256 _new) public returns (bool) {
return _insert(self, _node, _new, _PREV);
}
/**
* @dev Removes an entry from the linked list
* @param self stored linked list from contract
* @param _node node to remove from the list
* @return uint256 the removed node
*/
function remove(List storage self, uint256 _node) public returns (uint256) {
if ((_node == _NULL) || (!nodeExists(self, _node))) {
return 0;
}
_createLink(self, self.list[_node][_PREV], self.list[_node][_NEXT], _NEXT);
delete self.list[_node][_PREV];
delete self.list[_node][_NEXT];
self.size -= 1;
return _node;
}
/**
* @dev Pushes an entry to the head of the linked list
* @param self stored linked list from contract
* @param _node new entry to push to the head
* @return bool true if success, false otherwise
*/
function pushFront(List storage self, uint256 _node) public returns (bool) {
return _push(self, _node, _NEXT);
}
/**
* @dev Pushes an entry to the tail of the linked list
* @param self stored linked list from contract
* @param _node new entry to push to the tail
* @return bool true if success, false otherwise
*/
function pushBack(List storage self, uint256 _node) public returns (bool) {
return _push(self, _node, _PREV);
}
/**
* @dev Pops the first entry from the head of the linked list
* @param self stored linked list from contract
* @return uint256 the removed node
*/
// slither-disable-next-line dead-code
function popFront(List storage self) public returns (uint256) {
return _pop(self, _NEXT);
}
/**
* @dev Pops the first entry from the tail of the linked list
* @param self stored linked list from contract
* @return uint256 the removed node
*/
// slither-disable-next-line dead-code
function popBack(List storage self) public returns (uint256) {
return _pop(self, _PREV);
}
/**
* @dev Pushes an entry to the head of the linked list
* @param self stored linked list from contract
* @param _node new entry to push to the head
* @param _direction push to the head (_NEXT) or tail (_PREV)
* @return bool true if success, false otherwise
*/
function _push(List storage self, uint256 _node, bool _direction) private returns (bool) {
return _insert(self, _HEAD, _node, _direction);
}
/**
* @dev Pops the first entry from the linked list
* @param self stored linked list from contract
* @param _direction pop from the head (_NEXT) or the tail (_PREV)
* @return uint256 the removed node
*/
// slither-disable-next-line dead-code
function _pop(List storage self, bool _direction) private returns (uint256) {
uint256 adj;
(, adj) = getAdjacent(self, _HEAD, _direction);
return remove(self, adj);
}
/**
* @dev Insert node `_new` beside existing node `_node` in direction `_direction`.
* @param self stored linked list from contract
* @param _node existing node
* @param _new new node to insert
* @param _direction direction to insert node in
* @return bool true if success, false otherwise
*/
function _insert(List storage self, uint256 _node, uint256 _new, bool _direction) private returns (bool) {
if (!nodeExists(self, _new) && nodeExists(self, _node)) {
uint256 c = self.list[_node][_direction];
_createLink(self, _node, _new, _direction);
_createLink(self, _new, c, _direction);
self.size += 1;
return true;
}
return false;
}
/**
* @dev Creates a bidirectional link between two nodes on direction `_direction`
* @param self stored linked list from contract
* @param _node existing node
* @param _link node to link to in the _direction
* @param _direction direction to insert node in
*/
function _createLink(List storage self, uint256 _node, uint256 _link, bool _direction) private {
self.list[_link][!_direction] = _node;
self.list[_node][_direction] = _link;
}
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17;
import { ISystemComponent } from "src/interfaces/ISystemComponent.sol";
import { ISystemRegistry } from "src/interfaces/ISystemRegistry.sol";
import { Errors } from "src/utils/Errors.sol";
contract SystemComponent is ISystemComponent {
ISystemRegistry internal immutable systemRegistry;
constructor(ISystemRegistry _systemRegistry) {
Errors.verifyNotZero(address(_systemRegistry), "_systemRegistry");
systemRegistry = _systemRegistry;
}
/// @inheritdoc ISystemComponent
function getSystemRegistry() external view returns (address) {
return address(systemRegistry);
}
}
// SPDX-License-Identifier: UNLICENSED
// Copyright (c) 2023 Tokemak Foundation. All rights reserved.
pragma solidity 0.8.17; // their version was using 8.12?
import { StructuredLinkedList } from "src/strategy/StructuredLinkedList.sol";
// https://github.com/Layr-Labs/eigenlayer-contracts/blob/master/src/contracts/libraries/StructuredLinkedList.sol
library WithdrawalQueue {
using StructuredLinkedList for StructuredLinkedList.List;
error CannotInsertZeroAddress();
error UnexpectedNodeRemoved();
error AddToHeadFailed();
error AddToTailFailed();
error NodeDoesNotExist();
/// @notice Returns true if the address is in the queue.
function addressExists(StructuredLinkedList.List storage queue, address addr) public view returns (bool) {
return StructuredLinkedList.nodeExists(queue, _addressToUint(addr));
}
/// @notice Returns the current head.
function peekHead(StructuredLinkedList.List storage queue) public view returns (address) {
return _uintToAddress(StructuredLinkedList.getHead(queue));
}
/// @notice Returns the current tail.
function peekTail(StructuredLinkedList.List storage queue) public view returns (address) {
return _uintToAddress(StructuredLinkedList.getTail(queue));
}
/// @notice Returns the number of items in the queue
function sizeOf(StructuredLinkedList.List storage queue) public view returns (uint256) {
return StructuredLinkedList.sizeOf(queue);
}
/// @notice Return all items in the queue
/// @dev Enumerates from head to tail
function getList(StructuredLinkedList.List storage self) public view returns (address[] memory list) {
uint256 size = self.sizeOf();
list = new address[](size);
if (size > 0) {
uint256 lastNode = self.getHead();
list[0] = _uintToAddress(lastNode);
for (uint256 i = 1; i < size; ++i) {
(bool exists, uint256 node) = self.getAdjacent(lastNode, true);
if (!exists) {
revert NodeDoesNotExist();
}
list[i] = _uintToAddress(node);
lastNode = node;
}
}
}
/// @notice Returns the current tail.
function popHead(StructuredLinkedList.List storage queue) public returns (address) {
return _uintToAddress(StructuredLinkedList.popFront(queue));
}
/// @notice remove address toRemove from queue if it exists.
function popAddress(StructuredLinkedList.List storage queue, address toRemove) public {
uint256 addrAsUint = _addressToUint(toRemove);
uint256 _removedNode = StructuredLinkedList.remove(queue, addrAsUint);
if (!((_removedNode == addrAsUint) || (_removedNode == 0))) {
revert UnexpectedNodeRemoved();
}
}
/// @notice returns true if there are no addresses in queue.
function isEmpty(StructuredLinkedList.List storage queue) public view returns (bool) {
return !StructuredLinkedList.listExists(queue);
}
/// @notice if addr in queue, move it to the top
// if addr not in queue, add it to the top of the queue.
// if queue is empty, make a new queue with addr as the only node
function addToHead(StructuredLinkedList.List storage queue, address addr) public {
if (addr == address(0)) {
revert CannotInsertZeroAddress();
}
popAddress(queue, addr);
bool success = StructuredLinkedList.pushFront(queue, _addressToUint(addr));
if (!success) {
revert AddToHeadFailed();
}
}
function getAdjacent(
StructuredLinkedList.List storage queue,
address addr,
bool direction
) public view returns (address) {
(bool exists, uint256 addrNum) = queue.getAdjacent(_addressToUint(addr), direction);
if (!exists) {
return address(0);
}
return _uintToAddress(addrNum);
}
/// @notice if addr in queue, move it to the end
// if addr not in queue, add it to the end of the queue.
// if queue is empty, make a new queue with addr as the only node
function addToTail(StructuredLinkedList.List storage queue, address addr) public {
if (addr == address(0)) {
revert CannotInsertZeroAddress();
}
popAddress(queue, addr);
bool success = StructuredLinkedList.pushBack(queue, _addressToUint(addr));
if (!success) {
revert AddToTailFailed();
}
}
function _addressToUint(address addr) private pure returns (uint256) {
return uint256(uint160(addr));
}
function _uintToAddress(uint256 x) private pure returns (address) {
return address(uint160(x));
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/draft-IERC20Permit.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}
{
"compilationTarget": {
"src/oracles/RootPriceOracle.sol": "RootPriceOracle"
},
"evmVersion": "london",
"libraries": {},
"metadata": {
"bytecodeHash": "ipfs"
},
"optimizer": {
"enabled": true,
"runs": 200
},
"remappings": [
":ERC4626/=lib/properties/lib/ERC4626/contracts/",
":crytic/properties/=lib/properties/",
":ds-test/=lib/forge-std/lib/ds-test/src/",
":erc4626-tests/=lib/erc4626-tests/",
":forge-std/=lib/forge-std/src/",
":openzeppelin-contracts/=lib/openzeppelin-contracts/contracts/",
":prb-math/=lib/prb-math/",
":properties/=lib/properties/contracts/",
":solmate/=lib/properties/lib/solmate/src/",
":src/=src/",
":test/=test/",
":usingtellor/=lib/usingtellor/contracts/"
]
}
[{"inputs":[{"internalType":"contract ISystemRegistry","name":"_systemRegistry","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"inputs":[],"name":"AccessDenied","type":"error"},{"inputs":[{"internalType":"address","name":"token","type":"address"}],"name":"AlreadyRegistered","type":"error"},{"inputs":[{"internalType":"string","name":"paramName","type":"string"}],"name":"InvalidParam","type":"error"},{"inputs":[{"internalType":"address","name":"token","type":"address"}],"name":"MappingDoesNotExist","type":"error"},{"inputs":[{"internalType":"address","name":"token","type":"address"}],"name":"MissingSpotPriceOracle","type":"error"},{"inputs":[{"internalType":"address","name":"token","type":"address"}],"name":"MissingTokenOracle","type":"error"},{"inputs":[{"internalType":"address","name":"token","type":"address"}],"name":"NoThresholdFound","type":"error"},{"inputs":[{"internalType":"address","name":"token","type":"address"},{"internalType":"address","name":"newOracle","type":"address"}],"name":"ReplaceAlreadyMatches","type":"error"},{"inputs":[{"internalType":"address","name":"token","type":"address"},{"internalType":"address","name":"oldExpected","type":"address"},{"internalType":"address","name":"oldActual","type":"address"}],"name":"ReplaceOldMismatch","type":"error"},{"inputs":[{"internalType":"address","name":"source1","type":"address"},{"internalType":"address","name":"source2","type":"address"}],"name":"SystemMismatch","type":"error"},{"inputs":[],"name":"UndefinedAddress","type":"error"},{"inputs":[{"internalType":"string","name":"paramName","type":"string"}],"name":"ZeroAddress","type":"error"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"pool","type":"address"},{"indexed":true,"internalType":"address","name":"oracle","type":"address"}],"name":"PoolRegistered","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"pool","type":"address"},{"indexed":true,"internalType":"address","name":"oldOracle","type":"address"},{"indexed":true,"internalType":"address","name":"newOracle","type":"address"}],"name":"PoolRegistrationReplaced","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"pool","type":"address"}],"name":"PoolRemoved","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"token","type":"address"},{"indexed":false,"internalType":"uint256","name":"threshold","type":"uint256"}],"name":"SafeSpotPriceThresholdUpdated","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"token","type":"address"},{"indexed":false,"internalType":"address","name":"oracle","type":"address"}],"name":"TokenRegistered","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"token","type":"address"},{"indexed":false,"internalType":"address","name":"oldOracle","type":"address"},{"indexed":false,"internalType":"address","name":"newOracle","type":"address"}],"name":"TokenRegistrationReplaced","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"token","type":"address"}],"name":"TokenRemoved","type":"event"},{"inputs":[],"name":"accessController","outputs":[{"internalType":"contract IAccessController","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"lpToken","type":"address"},{"internalType":"address","name":"pool","type":"address"},{"internalType":"address","name":"quote","type":"address"}],"name":"getCeilingPrice","outputs":[{"internalType":"uint256","name":"price","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"pool","type":"address"},{"internalType":"address","name":"lpToken","type":"address"},{"internalType":"address","name":"inQuote","type":"address"},{"internalType":"bool","name":"ceiling","type":"bool"}],"name":"getFloorCeilingPrice","outputs":[{"internalType":"uint256","name":"floorOrCeilingPerLpToken","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"lpToken","type":"address"},{"internalType":"address","name":"pool","type":"address"},{"internalType":"address","name":"quote","type":"address"}],"name":"getFloorPrice","outputs":[{"internalType":"uint256","name":"price","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"token","type":"address"}],"name":"getPriceInEth","outputs":[{"internalType":"uint256","name":"price","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"base","type":"address"},{"internalType":"address","name":"quote","type":"address"}],"name":"getPriceInQuote","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"lpToken","type":"address"},{"internalType":"address","name":"pool","type":"address"},{"internalType":"address","name":"quoteToken","type":"address"}],"name":"getRangePricesLP","outputs":[{"internalType":"uint256","name":"spotPriceInQuote","type":"uint256"},{"internalType":"uint256","name":"safePriceInQuote","type":"uint256"},{"internalType":"bool","name":"isSpotSafe","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"token","type":"address"},{"internalType":"address","name":"pool","type":"address"}],"name":"getSpotPriceInEth","outputs":[{"internalType":"uint256","name":"price","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"getSystemRegistry","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"}],"name":"poolMappings","outputs":[{"internalType":"contract ISpotPriceOracle","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"token","type":"address"},{"internalType":"contract IPriceOracle","name":"oracle","type":"address"}],"name":"registerMapping","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"pool","type":"address"},{"internalType":"contract ISpotPriceOracle","name":"oracle","type":"address"}],"name":"registerPoolMapping","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"token","type":"address"}],"name":"removeMapping","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"pool","type":"address"}],"name":"removePoolMapping","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"token","type":"address"},{"internalType":"contract IPriceOracle","name":"oldOracle","type":"address"},{"internalType":"contract IPriceOracle","name":"newOracle","type":"address"}],"name":"replaceMapping","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"pool","type":"address"},{"internalType":"contract ISpotPriceOracle","name":"oldOracle","type":"address"},{"internalType":"contract ISpotPriceOracle","name":"newOracle","type":"address"}],"name":"replacePoolMapping","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"}],"name":"safeSpotPriceThresholds","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"token","type":"address"},{"internalType":"uint256","name":"threshold","type":"uint256"}],"name":"setSafeSpotPriceThreshold","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"}],"name":"tokenMappings","outputs":[{"internalType":"contract IPriceOracle","name":"","type":"address"}],"stateMutability":"view","type":"function"}]