Contract Source Code:
// SPDX-License-Identifier: Apache-2.0
pragma solidity ^0.8.18;
import "../interface/IVault.sol";
import "../interface/IVaultCrossChainManager.sol";
import "../library/Utils.sol";
import "openzeppelin-contracts/contracts/token/ERC20/IERC20.sol";
import "openzeppelin-contracts-upgradeable/contracts/security/PausableUpgradeable.sol";
import "openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
import "openzeppelin-contracts/contracts/utils/structs/EnumerableSet.sol";
import "openzeppelin-contracts/contracts/token/ERC20/utils/SafeERC20.sol";
import "../interface/cctp/ITokenMessenger.sol";
import "../interface/cctp/IMessageTransmitter.sol";
/// @title Vault contract
/// @author Orderly_Rubick, Orderly_Zion
/// @notice Vault is responsible for saving user's erc20 token.
/// EACH CHAIN SHOULD HAVE ONE Vault CONTRACT.
/// User can deposit erc20 (USDC) from Vault.
/// Only crossChainManager can approve withdraw request.
contract Vault is IVault, PausableUpgradeable, OwnableUpgradeable {
using EnumerableSet for EnumerableSet.Bytes32Set;
using SafeERC20 for IERC20;
// The cross-chain manager address on Vault side
address public crossChainManagerAddress;
// An incrasing deposit id / nonce on Vault side
uint64 public depositId;
// A set to record the hash value of all allowed brokerIds // brokerHash = keccak256(abi.encodePacked(brokerId))
EnumerableSet.Bytes32Set private allowedBrokerSet;
// A set to record the hash value of all allowed tokens // tokenHash = keccak256(abi.encodePacked(tokenSymbol))
EnumerableSet.Bytes32Set private allowedTokenSet;
// A mapping from tokenHash to token contract address
mapping(bytes32 => address) public allowedToken;
// A flag to indicate if deposit fee is enabled
bool public depositFeeEnabled;
// https://developers.circle.com/stablecoin/docs/cctp-protocol-contract#tokenmessenger-mainnet
// TokenMessager for CCTP
address public tokenMessengerContract;
// MessageTransmitterContract for CCTP
address public messageTransmitterContract;
// A set to record deposit limit for each token. 0 means unlimited
mapping(address => uint256) public tokenAddress2DepositLimit;
/// @notice Require only cross-chain manager can call
modifier onlyCrossChainManager() {
if (msg.sender != crossChainManagerAddress) revert OnlyCrossChainManagerCanCall();
_;
}
/// @notice check non-zero address
modifier nonZeroAddress(address _address) {
if (_address == address(0)) revert AddressZero();
_;
}
constructor() {
_disableInitializers();
}
function initialize() external override initializer {
__Ownable_init();
__Pausable_init();
}
/// @notice Change crossChainManager address
function setCrossChainManager(address _crossChainManagerAddress)
public
override
onlyOwner
nonZeroAddress(_crossChainManagerAddress)
{
emit ChangeCrossChainManager(crossChainManagerAddress, _crossChainManagerAddress);
crossChainManagerAddress = _crossChainManagerAddress;
}
/// @notice Set deposit limit for a token
function setDepositLimit(address _tokenAddress, uint256 _limit) public override onlyOwner {
tokenAddress2DepositLimit[_tokenAddress] = _limit;
emit ChangeDepositLimit(_tokenAddress, _limit);
}
/// @notice Add contract address for an allowed token given the tokenHash
/// @dev This function is only called when changing allow status for a token, not for initializing
function setAllowedToken(bytes32 _tokenHash, bool _allowed) public override onlyOwner {
bool succ = false;
if (_allowed) {
// require tokenAddress exist
if (allowedToken[_tokenHash] == address(0)) revert AddressZero();
succ = allowedTokenSet.add(_tokenHash);
} else {
succ = allowedTokenSet.remove(_tokenHash);
}
if (!succ) revert EnumerableSetError();
emit SetAllowedToken(_tokenHash, _allowed);
}
/// @notice Add the hash value for an allowed brokerId
function setAllowedBroker(bytes32 _brokerHash, bool _allowed) public override onlyOwner {
bool succ = false;
if (_allowed) {
succ = allowedBrokerSet.add(_brokerHash);
} else {
succ = allowedBrokerSet.remove(_brokerHash);
}
if (!succ) revert EnumerableSetError();
emit SetAllowedBroker(_brokerHash, _allowed);
}
/// @notice Change the token address for an allowed token, used when a new token is added
/// @dev maybe should called `addTokenAddressAndAllow`, because it's for initializing
function changeTokenAddressAndAllow(bytes32 _tokenHash, address _tokenAddress)
public
override
onlyOwner
nonZeroAddress(_tokenAddress)
{
allowedToken[_tokenHash] = _tokenAddress;
allowedTokenSet.add(_tokenHash); // ignore returns here
emit ChangeTokenAddressAndAllow(_tokenHash, _tokenAddress);
}
/// @notice Check if the given tokenHash is allowed on this Vault
function getAllowedToken(bytes32 _tokenHash) public view override returns (address) {
if (allowedTokenSet.contains(_tokenHash)) {
return allowedToken[_tokenHash];
} else {
return address(0);
}
}
/// @notice Check if the brokerHash is allowed on this Vault
function getAllowedBroker(bytes32 _brokerHash) public view override returns (bool) {
return allowedBrokerSet.contains(_brokerHash);
}
/// @notice Get all allowed tokenHash from this Vault
function getAllAllowedToken() public view override returns (bytes32[] memory) {
return allowedTokenSet.values();
}
/// @notice Get all allowed brokerIds hash from this Vault
function getAllAllowedBroker() public view override returns (bytes32[] memory) {
return allowedBrokerSet.values();
}
/// @notice The function to receive user deposit, VaultDepositFE type is defined in VaultTypes.sol
function deposit(VaultTypes.VaultDepositFE calldata data) public payable override whenNotPaused {
_deposit(msg.sender, data);
}
/// @notice The function to allow users to deposit on behalf of another user, the receiver is the user who will receive the deposit
function depositTo(address receiver, VaultTypes.VaultDepositFE calldata data)
public
payable
override
whenNotPaused
{
_deposit(receiver, data);
}
/// @notice The function to query layerzero fee from CrossChainManager contract
function getDepositFee(address receiver, VaultTypes.VaultDepositFE calldata data)
public
view
override
whenNotPaused
returns (uint256)
{
_validateDeposit(receiver, data);
VaultTypes.VaultDeposit memory depositData = VaultTypes.VaultDeposit(
data.accountId, receiver, data.brokerHash, data.tokenHash, data.tokenAmount, depositId + 1
);
return (IVaultCrossChainManager(crossChainManagerAddress).getDepositFee(depositData));
}
/// @notice The function to enable/disable deposit fee
function enableDepositFee(bool _enabled) public override onlyOwner whenNotPaused {
depositFeeEnabled = _enabled;
}
/// @notice The function to call deposit of CCManager contract
function _deposit(address receiver, VaultTypes.VaultDepositFE calldata data) internal whenNotPaused {
_validateDeposit(receiver, data);
// avoid reentrancy, so `transferFrom` token at the beginning
IERC20 tokenAddress = IERC20(allowedToken[data.tokenHash]);
// check deposit limit
if (
tokenAddress2DepositLimit[address(tokenAddress)] != 0
&& data.tokenAmount + tokenAddress.balanceOf(address(this))
> tokenAddress2DepositLimit[address(tokenAddress)]
) {
revert DepositExceedLimit();
}
// avoid non-standard ERC20 tranferFrom bug
tokenAddress.safeTransferFrom(msg.sender, address(this), data.tokenAmount);
// cross-chain tx to ledger
VaultTypes.VaultDeposit memory depositData = VaultTypes.VaultDeposit(
data.accountId, receiver, data.brokerHash, data.tokenHash, data.tokenAmount, _newDepositId()
);
// if deposit fee is enabled, user should pay fee in native token and the msg.value will be forwarded to CrossChainManager to pay for the layerzero cross-chain fee
if (depositFeeEnabled) {
if (msg.value == 0) revert ZeroDepositFee();
IVaultCrossChainManager(crossChainManagerAddress).depositWithFeeRefund{value: msg.value}(
msg.sender, depositData
);
} else {
IVaultCrossChainManager(crossChainManagerAddress).deposit(depositData);
}
emit AccountDepositTo(data.accountId, receiver, depositId, data.tokenHash, data.tokenAmount);
}
/// @notice The function to validate deposit data
function _validateDeposit(address receiver, VaultTypes.VaultDepositFE calldata data) internal view {
// check if tokenHash and brokerHash are allowed
if (!allowedTokenSet.contains(data.tokenHash)) revert TokenNotAllowed();
if (!allowedBrokerSet.contains(data.brokerHash)) revert BrokerNotAllowed();
// check if accountId = keccak256(abi.encodePacked(brokerHash, receiver))
if (!Utils.validateAccountId(data.accountId, data.brokerHash, receiver)) revert AccountIdInvalid();
// check if tokenAmount > 0
if (data.tokenAmount == 0) revert ZeroDeposit();
}
/// @notice user withdraw
function withdraw(VaultTypes.VaultWithdraw calldata data) public override onlyCrossChainManager whenNotPaused {
// send cross-chain tx to ledger
IVaultCrossChainManager(crossChainManagerAddress).withdraw(data);
// avoid reentrancy, so `transfer` token at the end
IERC20 tokenAddress = IERC20(allowedToken[data.tokenHash]);
uint128 amount = data.tokenAmount - data.fee;
require(tokenAddress.balanceOf(address(this)) >= amount, "Vault: insufficient balance");
// avoid revert if transfer to zero address or blacklist.
/// @notice This check condition should always be true because cc promise that
if (!_validReceiver(data.receiver, address(tokenAddress))) {
emit WithdrawFailed(address(tokenAddress), data.receiver, amount);
} else {
tokenAddress.safeTransfer(data.receiver, amount);
}
// emit withdraw event
emit AccountWithdraw(
data.accountId,
data.withdrawNonce,
data.brokerHash,
data.sender,
data.receiver,
data.tokenHash,
data.tokenAmount,
data.fee
);
}
/// @notice validate if the receiver address is zero or in the blacklist
function _validReceiver(address _receiver, address _token) internal view returns (bool) {
if (_receiver == address(0)) {
return false;
} else if (_isBlacklisted(_receiver, _token)) {
return false;
} else {
return true;
}
}
/// @notice check if the receiver is in the blacklist in case the token contract has the blacklist function
function _isBlacklisted(address _receiver, address _token) internal view returns (bool) {
bytes memory data = abi.encodeWithSignature("isBlacklisted(address)", _receiver);
(bool success, bytes memory result) = _token.staticcall(data);
if (success) {
return abi.decode(result, (bool));
} else {
return false;
}
}
function delegateSigner(VaultTypes.VaultDelegate calldata data) public override {
if ((msg.sender).code.length == 0) revert ZeroCodeLength();
if ((data.delegateSigner).code.length != 0) revert NotZeroCodeLength();
if (!allowedBrokerSet.contains(data.brokerHash)) revert BrokerNotAllowed();
// emit delegate event
emit AccountDelegate(msg.sender, data.brokerHash, data.delegateSigner, block.chainid, block.number);
}
/// @notice Update the depositId
function _newDepositId() internal returns (uint64) {
return ++depositId;
}
function emergencyPause() public whenNotPaused onlyOwner {
_pause();
}
function emergencyUnpause() public whenPaused onlyOwner {
_unpause();
}
function setTokenMessengerContract(address _tokenMessengerContract)
public
override
onlyOwner
nonZeroAddress(_tokenMessengerContract)
{
tokenMessengerContract = _tokenMessengerContract;
}
function setRebalanceMessengerContract(address _rebalanceMessengerContract)
public
override
onlyOwner
nonZeroAddress(_rebalanceMessengerContract)
{
messageTransmitterContract = _rebalanceMessengerContract;
}
function rebalanceBurn(RebalanceTypes.RebalanceBurnCCData calldata data) external override onlyCrossChainManager {
address burnToken = allowedToken[data.tokenHash];
if (burnToken == address(0)) revert AddressZero();
IERC20(burnToken).approve(tokenMessengerContract, data.amount);
try ITokenMessenger(tokenMessengerContract).depositForBurn(
data.amount, data.dstDomain, Utils.toBytes32(data.dstVaultAddress), burnToken
) {
// send succ cross-chain tx to ledger
// rebalanceId, amount, tokenHash, burnChainId, mintChainId | true
IVaultCrossChainManager(crossChainManagerAddress).burnFinish(
RebalanceTypes.RebalanceBurnCCFinishData({
rebalanceId: data.rebalanceId,
amount: data.amount,
tokenHash: data.tokenHash,
burnChainId: data.burnChainId,
mintChainId: data.mintChainId,
success: true
})
);
} catch {
// send fail cross-chain tx to ledger
// rebalanceId, amount, tokenHash, burnChainId, mintChainId | false
IVaultCrossChainManager(crossChainManagerAddress).burnFinish(
RebalanceTypes.RebalanceBurnCCFinishData({
rebalanceId: data.rebalanceId,
amount: data.amount,
tokenHash: data.tokenHash,
burnChainId: data.burnChainId,
mintChainId: data.mintChainId,
success: false
})
);
}
}
function rebalanceMint(RebalanceTypes.RebalanceMintCCData calldata data) external override onlyCrossChainManager {
try IMessageTransmitter(messageTransmitterContract).receiveMessage(data.messageBytes, data.messageSignature) {
// send succ cross-chain tx to ledger
// rebalanceId, amount, tokenHash, burnChainId, mintChainId | true
IVaultCrossChainManager(crossChainManagerAddress).mintFinish(
RebalanceTypes.RebalanceMintCCFinishData({
rebalanceId: data.rebalanceId,
amount: data.amount,
tokenHash: data.tokenHash,
burnChainId: data.burnChainId,
mintChainId: data.mintChainId,
success: true
})
);
} catch {
// send fail cross-chain tx to ledger
// rebalanceId, amount, tokenHash, burnChainId, mintChainId | false
IVaultCrossChainManager(crossChainManagerAddress).mintFinish(
RebalanceTypes.RebalanceMintCCFinishData({
rebalanceId: data.rebalanceId,
amount: data.amount,
tokenHash: data.tokenHash,
burnChainId: data.burnChainId,
mintChainId: data.mintChainId,
success: false
})
);
}
}
}
// SPDX-License-Identifier: Apache-2.0
pragma solidity ^0.8.18;
import "./../library/types/VaultTypes.sol";
import "./../library/types/RebalanceTypes.sol";
interface IVault {
error OnlyCrossChainManagerCanCall();
error AccountIdInvalid();
error TokenNotAllowed();
error BrokerNotAllowed();
error BalanceNotEnough(uint256 balance, uint128 amount);
error AddressZero();
error EnumerableSetError();
error ZeroDepositFee();
error ZeroDeposit();
error ZeroCodeLength();
error NotZeroCodeLength();
error DepositExceedLimit();
// @deprecated
event AccountDeposit(
bytes32 indexed accountId,
address indexed userAddress,
uint64 indexed depositNonce,
bytes32 tokenHash,
uint128 tokenAmount
);
event AccountDepositTo(
bytes32 indexed accountId,
address indexed userAddress,
uint64 indexed depositNonce,
bytes32 tokenHash,
uint128 tokenAmount
);
event AccountWithdraw(
bytes32 indexed accountId,
uint64 indexed withdrawNonce,
bytes32 brokerHash,
address sender,
address receiver,
bytes32 tokenHash,
uint128 tokenAmount,
uint128 fee
);
event AccountDelegate(
address indexed delegateContract,
bytes32 indexed brokerHash,
address indexed delegateSigner,
uint256 chainId,
uint256 blockNumber
);
event SetAllowedToken(bytes32 indexed _tokenHash, bool _allowed);
event SetAllowedBroker(bytes32 indexed _brokerHash, bool _allowed);
event ChangeTokenAddressAndAllow(bytes32 indexed _tokenHash, address _tokenAddress);
event ChangeCrossChainManager(address oldAddress, address newAddress);
event ChangeDepositLimit(address indexed _tokenAddress, uint256 _limit);
event WithdrawFailed(address indexed token, address indexed receiver, uint256 amount);
function initialize() external;
function deposit(VaultTypes.VaultDepositFE calldata data) external payable;
function depositTo(address receiver, VaultTypes.VaultDepositFE calldata data) external payable;
function getDepositFee(address recevier, VaultTypes.VaultDepositFE calldata data) external view returns (uint256);
function enableDepositFee(bool _enabled) external;
function withdraw(VaultTypes.VaultWithdraw calldata data) external;
function delegateSigner(VaultTypes.VaultDelegate calldata data) external;
// CCTP: functions for receive rebalance msg
function rebalanceMint(RebalanceTypes.RebalanceMintCCData calldata data) external;
function rebalanceBurn(RebalanceTypes.RebalanceBurnCCData calldata data) external;
function setTokenMessengerContract(address _tokenMessengerContract) external;
function setRebalanceMessengerContract(address _rebalanceMessengerContract) external;
// admin call
function setCrossChainManager(address _crossChainManagerAddress) external;
function setDepositLimit(address _tokenAddress, uint256 _limit) external;
function emergencyPause() external;
function emergencyUnpause() external;
// whitelist
function setAllowedToken(bytes32 _tokenHash, bool _allowed) external;
function setAllowedBroker(bytes32 _brokerHash, bool _allowed) external;
function changeTokenAddressAndAllow(bytes32 _tokenHash, address _tokenAddress) external;
function getAllowedToken(bytes32 _tokenHash) external view returns (address);
function getAllowedBroker(bytes32 _brokerHash) external view returns (bool);
function getAllAllowedToken() external view returns (bytes32[] memory);
function getAllAllowedBroker() external view returns (bytes32[] memory);
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.18;
// Importing necessary utility libraries and types
import "../library/types/AccountTypes.sol";
import "../library/types/VaultTypes.sol";
import "../library/types/RebalanceTypes.sol";
/// @title IVaultCrossChainManager Interface
/// @notice Interface for managing cross-chain activities related to the vault.
interface IVaultCrossChainManager {
/// @notice Triggers a withdrawal from the ledger.
/// @param withdraw Struct containing withdrawal data.
function withdraw(VaultTypes.VaultWithdraw memory withdraw) external;
/// @notice Triggers a finish msg from vault to ledger to inform the status of burn
/// @param data Struct containing burn data.
function burnFinish(RebalanceTypes.RebalanceBurnCCFinishData memory data) external;
/// @notice Triggers a finish msg from vault to ledger to inform the status of mint
/// @param data Struct containing mint data.
function mintFinish(RebalanceTypes.RebalanceMintCCFinishData memory data) external;
/// @notice Initiates a deposit to the vault.
/// @param data Struct containing deposit data.
function deposit(VaultTypes.VaultDeposit memory data) external;
/// @notice Initiates a deposit to the vault along with native fees.
/// @param data Struct containing deposit data.
function depositWithFee(VaultTypes.VaultDeposit memory data) external payable;
/// @notice Initiates a deposit to the vault along with native fees.
/// @param refundReceiver Address of the receiver for the deposit fee refund.
/// @param data Struct containing deposit data.
function depositWithFeeRefund(address refundReceiver, VaultTypes.VaultDeposit memory data) external payable;
/// @notice Fetches the deposit fee based on deposit data.
/// @param data Struct containing deposit data.
/// @return fee The calculated deposit fee.
function getDepositFee(VaultTypes.VaultDeposit memory data) external view returns (uint256);
/// @notice Sets the vault address.
/// @param vault Address of the new vault.
function setVault(address vault) external;
/// @notice Sets the cross-chain relay address.
/// @param crossChainRelay Address of the new cross-chain relay.
function setCrossChainRelay(address crossChainRelay) external;
}
// SPDX-License-Identifier: Apache-2.0
pragma solidity ^0.8.18;
/// @title Utils library
/// @author Orderly_Rubick Orderly_Zion
library Utils {
function getAccountId(address _userAddr, string memory _brokerId) internal pure returns (bytes32) {
return keccak256(abi.encode(_userAddr, calculateStringHash(_brokerId)));
}
function calculateAccountId(address _userAddr, bytes32 _brokerHash) internal pure returns (bytes32) {
return keccak256(abi.encode(_userAddr, _brokerHash));
}
function calculateStringHash(string memory _str) internal pure returns (bytes32) {
return keccak256(abi.encodePacked(_str));
}
function validateAccountId(bytes32 _accountId, bytes32 _brokerHash, address _userAddress)
internal
pure
returns (bool)
{
return keccak256(abi.encode(_userAddress, _brokerHash)) == _accountId;
}
function validateAccountId(bytes32 _accountId, bytes32 _brokerHash, bytes32 _userAddress)
internal
pure
returns (bool)
{
return keccak256(abi.encode(_userAddress, _brokerHash)) == _accountId;
}
function toBytes32(address addr) internal pure returns (bytes32) {
return bytes32(abi.encode(addr));
}
function bytes32ToBytes(bytes32 _bytes32) internal pure returns (bytes memory) {
return abi.encodePacked(_bytes32);
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(
address from,
address to,
uint256 amount
) external returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (security/Pausable.sol)
pragma solidity ^0.8.0;
import "../utils/ContextUpgradeable.sol";
import "../proxy/utils/Initializable.sol";
/**
* @dev Contract module which allows children to implement an emergency stop
* mechanism that can be triggered by an authorized account.
*
* This module is used through inheritance. It will make available the
* modifiers `whenNotPaused` and `whenPaused`, which can be applied to
* the functions of your contract. Note that they will not be pausable by
* simply including this module, only once the modifiers are put in place.
*/
abstract contract PausableUpgradeable is Initializable, ContextUpgradeable {
/**
* @dev Emitted when the pause is triggered by `account`.
*/
event Paused(address account);
/**
* @dev Emitted when the pause is lifted by `account`.
*/
event Unpaused(address account);
bool private _paused;
/**
* @dev Initializes the contract in unpaused state.
*/
function __Pausable_init() internal onlyInitializing {
__Pausable_init_unchained();
}
function __Pausable_init_unchained() internal onlyInitializing {
_paused = false;
}
/**
* @dev Modifier to make a function callable only when the contract is not paused.
*
* Requirements:
*
* - The contract must not be paused.
*/
modifier whenNotPaused() {
_requireNotPaused();
_;
}
/**
* @dev Modifier to make a function callable only when the contract is paused.
*
* Requirements:
*
* - The contract must be paused.
*/
modifier whenPaused() {
_requirePaused();
_;
}
/**
* @dev Returns true if the contract is paused, and false otherwise.
*/
function paused() public view virtual returns (bool) {
return _paused;
}
/**
* @dev Throws if the contract is paused.
*/
function _requireNotPaused() internal view virtual {
require(!paused(), "Pausable: paused");
}
/**
* @dev Throws if the contract is not paused.
*/
function _requirePaused() internal view virtual {
require(paused(), "Pausable: not paused");
}
/**
* @dev Triggers stopped state.
*
* Requirements:
*
* - The contract must not be paused.
*/
function _pause() internal virtual whenNotPaused {
_paused = true;
emit Paused(_msgSender());
}
/**
* @dev Returns to normal state.
*
* Requirements:
*
* - The contract must be paused.
*/
function _unpause() internal virtual whenPaused {
_paused = false;
emit Unpaused(_msgSender());
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[49] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/ContextUpgradeable.sol";
import "../proxy/utils/Initializable.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract OwnableUpgradeable is Initializable, ContextUpgradeable {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
function __Ownable_init() internal onlyInitializing {
__Ownable_init_unchained();
}
function __Ownable_init_unchained() internal onlyInitializing {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[49] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/structs/EnumerableSet.sol)
// This file was procedurally generated from scripts/generate/templates/EnumerableSet.js.
pragma solidity ^0.8.0;
/**
* @dev Library for managing
* https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive
* types.
*
* Sets have the following properties:
*
* - Elements are added, removed, and checked for existence in constant time
* (O(1)).
* - Elements are enumerated in O(n). No guarantees are made on the ordering.
*
* ```
* contract Example {
* // Add the library methods
* using EnumerableSet for EnumerableSet.AddressSet;
*
* // Declare a set state variable
* EnumerableSet.AddressSet private mySet;
* }
* ```
*
* As of v3.3.0, sets of type `bytes32` (`Bytes32Set`), `address` (`AddressSet`)
* and `uint256` (`UintSet`) are supported.
*
* [WARNING]
* ====
* Trying to delete such a structure from storage will likely result in data corruption, rendering the structure
* unusable.
* See https://github.com/ethereum/solidity/pull/11843[ethereum/solidity#11843] for more info.
*
* In order to clean an EnumerableSet, you can either remove all elements one by one or create a fresh instance using an
* array of EnumerableSet.
* ====
*/
library EnumerableSet {
// To implement this library for multiple types with as little code
// repetition as possible, we write it in terms of a generic Set type with
// bytes32 values.
// The Set implementation uses private functions, and user-facing
// implementations (such as AddressSet) are just wrappers around the
// underlying Set.
// This means that we can only create new EnumerableSets for types that fit
// in bytes32.
struct Set {
// Storage of set values
bytes32[] _values;
// Position of the value in the `values` array, plus 1 because index 0
// means a value is not in the set.
mapping(bytes32 => uint256) _indexes;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function _add(Set storage set, bytes32 value) private returns (bool) {
if (!_contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes
// and use 0 as a sentinel value
set._indexes[value] = set._values.length;
return true;
} else {
return false;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function _remove(Set storage set, bytes32 value) private returns (bool) {
// We read and store the value's index to prevent multiple reads from the same storage slot
uint256 valueIndex = set._indexes[value];
if (valueIndex != 0) {
// Equivalent to contains(set, value)
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in
// the array, and then remove the last element (sometimes called as 'swap and pop').
// This modifies the order of the array, as noted in {at}.
uint256 toDeleteIndex = valueIndex - 1;
uint256 lastIndex = set._values.length - 1;
if (lastIndex != toDeleteIndex) {
bytes32 lastValue = set._values[lastIndex];
// Move the last value to the index where the value to delete is
set._values[toDeleteIndex] = lastValue;
// Update the index for the moved value
set._indexes[lastValue] = valueIndex; // Replace lastValue's index to valueIndex
}
// Delete the slot where the moved value was stored
set._values.pop();
// Delete the index for the deleted slot
delete set._indexes[value];
return true;
} else {
return false;
}
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function _contains(Set storage set, bytes32 value) private view returns (bool) {
return set._indexes[value] != 0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/
function _length(Set storage set) private view returns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function _at(Set storage set, uint256 index) private view returns (bytes32) {
return set._values[index];
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function _values(Set storage set) private view returns (bytes32[] memory) {
return set._values;
}
// Bytes32Set
struct Bytes32Set {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(Bytes32Set storage set, bytes32 value) internal returns (bool) {
return _add(set._inner, value);
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(Bytes32Set storage set, bytes32 value) internal returns (bool) {
return _remove(set._inner, value);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(Bytes32Set storage set, bytes32 value) internal view returns (bool) {
return _contains(set._inner, value);
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(Bytes32Set storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(Bytes32Set storage set, uint256 index) internal view returns (bytes32) {
return _at(set._inner, index);
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(Bytes32Set storage set) internal view returns (bytes32[] memory) {
bytes32[] memory store = _values(set._inner);
bytes32[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// AddressSet
struct AddressSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(AddressSet storage set, address value) internal returns (bool) {
return _add(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(AddressSet storage set, address value) internal returns (bool) {
return _remove(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(AddressSet storage set, address value) internal view returns (bool) {
return _contains(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(AddressSet storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(AddressSet storage set, uint256 index) internal view returns (address) {
return address(uint160(uint256(_at(set._inner, index))));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(AddressSet storage set) internal view returns (address[] memory) {
bytes32[] memory store = _values(set._inner);
address[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// UintSet
struct UintSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(UintSet storage set, uint256 value) internal returns (bool) {
return _add(set._inner, bytes32(value));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(UintSet storage set, uint256 value) internal returns (bool) {
return _remove(set._inner, bytes32(value));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(UintSet storage set, uint256 value) internal view returns (bool) {
return _contains(set._inner, bytes32(value));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(UintSet storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(UintSet storage set, uint256 index) internal view returns (uint256) {
return uint256(_at(set._inner, index));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(UintSet storage set) internal view returns (uint256[] memory) {
bytes32[] memory store = _values(set._inner);
uint256[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
import "../extensions/draft-IERC20Permit.sol";
import "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
function safeTransfer(
IERC20 token,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(
IERC20 token,
address from,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(
IERC20 token,
address spender,
uint256 value
) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
require(
(value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
function safeIncreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
uint256 newAllowance = token.allowance(address(this), spender) + value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function safeDecreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
uint256 newAllowance = oldAllowance - value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
}
function safePermit(
IERC20Permit token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal {
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length > 0) {
// Return data is optional
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}
// SPDX-License-Identifier: Apache-2.0
pragma solidity ^0.8.18;
interface ITokenMessenger {
function depositForBurn(uint256 amount, uint32 destinationDomain, bytes32 mintRecipient, address burnToken)
external
returns (uint64 _nonce);
}
// SPDX-License-Identifier: Apache-2.0
pragma solidity ^0.8.18;
interface IMessageTransmitter {
function receiveMessage(bytes calldata message, bytes calldata attestation) external returns (bool success);
}
// SPDX-License-Identifier: Apache-2.0
pragma solidity ^0.8.18;
/// @title VaultTypes library
/// @author Orderly_Rubick
library VaultTypes {
struct VaultDepositFE {
bytes32 accountId;
bytes32 brokerHash;
bytes32 tokenHash;
uint128 tokenAmount;
}
struct VaultDeposit {
bytes32 accountId;
address userAddress;
bytes32 brokerHash;
bytes32 tokenHash;
uint128 tokenAmount;
uint64 depositNonce; // deposit nonce
}
struct VaultWithdraw {
bytes32 accountId;
bytes32 brokerHash;
bytes32 tokenHash;
uint128 tokenAmount;
uint128 fee;
address sender;
address receiver;
uint64 withdrawNonce; // withdraw nonce
}
struct VaultDelegate {
bytes32 brokerHash;
address delegateSigner;
}
}
// SPDX-License-Identifier: Apache-2.0
pragma solidity ^0.8.18;
/// @title RebalanceTypes library
/// @author Orderly_Rubick
library RebalanceTypes {
enum RebalanceStatusEnum {
None,
Pending,
Succ,
Fail
}
// RebalanceStatus
struct RebalanceStatus {
uint64 rebalanceId; // Because the mapping key rebalanceId is mod, so we need to record the real rebalanceId
RebalanceStatusEnum burnStatus;
RebalanceStatusEnum mintStatus;
}
// RebalanceBurnUploadData
struct RebalanceBurnUploadData {
bytes32 r;
bytes32 s;
uint8 v;
uint64 rebalanceId;
uint128 amount;
bytes32 tokenHash;
uint256 burnChainId;
uint256 mintChainId;
}
struct RebalanceBurnCCData {
uint32 dstDomain;
uint64 rebalanceId;
uint128 amount;
bytes32 tokenHash;
uint256 burnChainId;
uint256 mintChainId;
address dstVaultAddress;
}
struct RebalanceBurnCCFinishData {
bool success;
uint64 rebalanceId;
uint128 amount;
bytes32 tokenHash;
uint256 burnChainId;
uint256 mintChainId;
}
// RebalanceMintUploadData
struct RebalanceMintUploadData {
bytes32 r;
bytes32 s;
uint8 v;
uint64 rebalanceId;
uint128 amount;
bytes32 tokenHash;
uint256 burnChainId;
uint256 mintChainId;
bytes messageBytes;
bytes messageSignature;
}
struct RebalanceMintCCData {
uint64 rebalanceId;
uint128 amount;
bytes32 tokenHash;
uint256 burnChainId;
uint256 mintChainId;
bytes messageBytes;
bytes messageSignature;
}
struct RebalanceMintCCFinishData {
bool success;
uint64 rebalanceId;
uint128 amount;
bytes32 tokenHash;
uint256 burnChainId;
uint256 mintChainId;
}
}
// SPDX-License-Identifier: Apache-2.0
pragma solidity ^0.8.18;
/// @title AccountTypes library
/// @author Orderly_Rubick
library AccountTypes {
struct PerpPosition {
int128 positionQty;
int128 costPosition;
int128 lastSumUnitaryFundings;
uint128 lastExecutedPrice;
uint128 lastSettledPrice;
uint128 averageEntryPrice;
int128 openingCost;
uint128 lastAdlPrice;
}
// account id, unique for each account, should be accountId -> {addr, brokerId}
// and keccak256(addr, brokerID) == accountId
struct Account {
// user's broker id
bytes32 brokerHash;
// primary address
address userAddress;
// mapping symbol => balance
mapping(bytes32 => uint128) balances;
// mapping symbol => totalFrozenBalance
mapping(bytes32 => uint128) totalFrozenBalances;
// mapping withdrawNonce => symbol => balance
mapping(uint64 => mapping(bytes32 => uint128)) frozenBalances;
// perp position
mapping(bytes32 => PerpPosition) perpPositions;
// lastwithdraw nonce
uint64 lastWithdrawNonce;
// last perp trade id
uint64 lastPerpTradeId;
// last engine event id
uint64 lastEngineEventId;
// @deprecated last deposit event id
uint64 lastDepositEventId;
// last deposit src chain id
uint64 lastDepositSrcChainId;
// last deposit src chain nonce
uint64 lastDepositSrcChainNonce;
// solana account public key
bytes32 solAccountPubKey;
}
struct AccountDeposit {
bytes32 accountId;
bytes32 brokerHash;
address userAddress;
bytes32 tokenHash;
uint256 srcChainId;
uint128 tokenAmount;
uint64 srcChainDepositNonce;
}
struct AccountDepositSol {
bytes32 accountId;
bytes32 brokerHash;
bytes32 pubkey;
bytes32 tokenHash;
uint256 srcChainId;
uint128 tokenAmount;
uint64 srcChainDepositNonce;
}
// for accountWithdrawFinish
struct AccountWithdraw {
bytes32 accountId;
address sender;
address receiver;
bytes32 brokerHash;
bytes32 tokenHash;
uint128 tokenAmount;
uint128 fee;
uint256 chainId;
uint64 withdrawNonce;
}
struct AccountTokenBalances {
// token hash
bytes32 tokenHash;
// balance & frozenBalance
uint128 balance;
uint128 frozenBalance;
}
struct AccountPerpPositions {
// symbol hash
bytes32 symbolHash;
// perp position
int128 positionQty;
int128 costPosition;
int128 lastSumUnitaryFundings;
uint128 lastExecutedPrice;
uint128 lastSettledPrice;
uint128 averageEntryPrice;
int128 openingCost;
uint128 lastAdlPrice;
}
// for batch get
struct AccountSnapshot {
bytes32 accountId;
bytes32 brokerHash;
address userAddress;
uint64 lastWithdrawNonce;
uint64 lastPerpTradeId;
uint64 lastEngineEventId;
uint64 lastDepositEventId;
AccountTokenBalances[] tokenBalances;
AccountPerpPositions[] perpPositions;
uint64 lastDepositSrcChainId;
uint64 lastDepositSrcChainNonce;
}
struct AccountDelegateSigner {
uint256 chainId;
address signer;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
import "../proxy/utils/Initializable.sol";
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract ContextUpgradeable is Initializable {
function __Context_init() internal onlyInitializing {
}
function __Context_init_unchained() internal onlyInitializing {
}
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.2;
import "../../utils/AddressUpgradeable.sol";
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Indicates that the contract has been initialized.
* @custom:oz-retyped-from bool
*/
uint8 private _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool private _initializing;
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint8 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that functions marked with `initializer` can be nested in the context of a
* constructor.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
bool isTopLevelCall = !_initializing;
require(
(isTopLevelCall && _initialized < 1) || (!AddressUpgradeable.isContract(address(this)) && _initialized == 1),
"Initializable: contract is already initialized"
);
_initialized = 1;
if (isTopLevelCall) {
_initializing = true;
}
_;
if (isTopLevelCall) {
_initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: setting the version to 255 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint8 version) {
require(!_initializing && _initialized < version, "Initializable: contract is already initialized");
_initialized = version;
_initializing = true;
_;
_initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
require(_initializing, "Initializable: contract is not initializing");
_;
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
require(!_initializing, "Initializable: contract is initializing");
if (_initialized != type(uint8).max) {
_initialized = type(uint8).max;
emit Initialized(type(uint8).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint8) {
return _initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _initializing;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/draft-IERC20Permit.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library AddressUpgradeable {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}