Overview
ETH Balance
0 ETH
Eth Value
$0.00More Info
Private Name Tags
ContractCreator
Latest 1 from a total of 1 transactions
Transaction Hash |
Method
|
Block
|
From
|
To
|
|||||
---|---|---|---|---|---|---|---|---|---|
0x611d4461 | 18191504 | 359 days ago | IN | 0 ETH | 0.02576817 |
View more zero value Internal Transactions in Advanced View mode
Advanced mode:
Loading...
Loading
Contract Name:
ArchetypeLogic
Compiler Version
v0.8.19+commit.7dd6d404
Optimization Enabled:
Yes with 100 runs
Other Settings:
default evmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: MIT // ArchetypeLogic v0.6.0 // // d8888 888 888 // d88888 888 888 // d88P888 888 888 // d88P 888 888d888 .d8888b 88888b. .d88b. 888888 888 888 88888b. .d88b. // d88P 888 888P" d88P" 888 "88b d8P Y8b 888 888 888 888 "88b d8P Y8b // d88P 888 888 888 888 888 88888888 888 888 888 888 888 88888888 // d8888888888 888 Y88b. 888 888 Y8b. Y88b. Y88b 888 888 d88P Y8b. // d88P 888 888 "Y8888P 888 888 "Y8888 "Y888 "Y88888 88888P" "Y8888 // 888 888 // Y8b d88P 888 // "Y88P" 888 pragma solidity ^0.8.4; import "erc721a-upgradeable/contracts/ERC721AUpgradeable.sol"; import "@openzeppelin/contracts-upgradeable/token/ERC20/IERC20Upgradeable.sol"; import "solady/src/utils/MerkleProofLib.sol"; import "solady/src/utils/ECDSA.sol"; error InvalidConfig(); error MintNotYetStarted(); error MintEnded(); error WalletUnauthorizedToMint(); error InsufficientEthSent(); error ExcessiveEthSent(); error Erc20BalanceTooLow(); error MaxSupplyExceeded(); error ListMaxSupplyExceeded(); error NumberOfMintsExceeded(); error MintingPaused(); error InvalidReferral(); error InvalidSignature(); error BalanceEmpty(); error TransferFailed(); error MaxBatchSizeExceeded(); error BurnToMintDisabled(); error NotTokenOwner(); error NotPlatform(); error NotOwner(); error NotApprovedToTransfer(); error InvalidAmountOfTokens(); error WrongPassword(); error LockedForever(); // // STRUCTS // struct Auth { bytes32 key; bytes32[] proof; } struct MintTier { uint16 numMints; uint16 mintDiscount; //BPS } struct Discount { uint16 affiliateDiscount; //BPS MintTier[] mintTiers; } struct Config { string baseUri; address affiliateSigner; address ownerAltPayout; // optional alternative address for owner withdrawals. address superAffiliatePayout; // optional super affiliate address, will receive half of platform fee if set. uint32 maxSupply; uint32 maxBatchSize; uint16 affiliateFee; //BPS uint16 platformFee; //BPS uint16 defaultRoyalty; //BPS Discount discounts; } struct Options { bool uriLocked; bool maxSupplyLocked; bool affiliateFeeLocked; bool discountsLocked; bool ownerAltPayoutLocked; bool royaltyEnforcementEnabled; bool royaltyEnforcementLocked; } struct DutchInvite { uint128 price; uint128 reservePrice; uint128 delta; uint32 start; uint32 end; uint32 limit; uint32 maxSupply; uint32 interval; uint32 unitSize; // mint 1 get x address tokenAddress; } struct Invite { uint128 price; uint32 start; uint32 end; uint32 limit; uint32 maxSupply; uint32 unitSize; // mint 1 get x address tokenAddress; } struct OwnerBalance { uint128 owner; uint128 platform; } struct BurnConfig { IERC721AUpgradeable archetype; address burnAddress; bool enabled; bool reversed; // side of the ratio (false=burn {ratio} get 1, true=burn 1 get {ratio}) uint16 ratio; uint64 start; uint64 limit; } address constant PLATFORM = 0x86B82972282Dd22348374bC63fd21620F7ED847B; address constant BATCH = 0x6Bc558A6DC48dEfa0e7022713c23D65Ab26e4Fa7; uint16 constant MAXBPS = 5000; // max fee or discount is 50% library ArchetypeLogic { // // EVENTS // event Invited(bytes32 indexed key, bytes32 indexed cid); event Referral(address indexed affiliate, address token, uint128 wad, uint256 numMints); event Withdrawal(address indexed src, address token, uint128 wad); // calculate price based on affiliate usage and mint discounts function computePrice( DutchInvite storage invite, Discount storage discounts, uint256 numTokens, uint256 listSupply, bool affiliateUsed ) public view returns (uint256) { uint256 price = invite.price; if (invite.interval != 0) { uint256 diff = (((block.timestamp - invite.start) / invite.interval) * invite.delta); if (price > invite.reservePrice) { if (diff > price - invite.reservePrice) { price = invite.reservePrice; } else { price = price - diff; } } else if (price < invite.reservePrice) { if (diff > invite.reservePrice - price) { price = invite.reservePrice; } else { price = price + diff; } } } uint256 cost = price * numTokens; if (invite.interval == 0) { //Apply the linear curve uint256 lastPrice = price + invite.delta * listSupply; cost = lastPrice * numTokens + (invite.delta * numTokens * (numTokens - 1)) / 2; } if (affiliateUsed) { cost = cost - ((cost * discounts.affiliateDiscount) / 10000); } uint256 numMints = discounts.mintTiers.length; for (uint256 i; i < numMints; ) { uint256 tierNumMints = discounts.mintTiers[i].numMints; if (numTokens >= tierNumMints) { return cost - ((cost * discounts.mintTiers[i].mintDiscount) / 10000); } unchecked { ++i; } } return cost; } function validateMint( DutchInvite storage i, Config storage config, Auth calldata auth, uint256 quantity, address owner, address affiliate, uint256 curSupply, mapping(address => mapping(bytes32 => uint256)) storage minted, mapping(bytes32 => uint256) storage listSupply, bytes calldata signature ) public view { address msgSender = _msgSender(); if (affiliate != address(0)) { if (affiliate == PLATFORM || affiliate == owner || affiliate == msgSender) { revert InvalidReferral(); } validateAffiliate(affiliate, signature, config.affiliateSigner); } if (i.limit == 0) { revert MintingPaused(); } if (!verify(auth, i.tokenAddress, msgSender)) { revert WalletUnauthorizedToMint(); } if (block.timestamp < i.start) { revert MintNotYetStarted(); } if (i.end > i.start && block.timestamp > i.end) { revert MintEnded(); } if (i.limit < i.maxSupply) { uint256 totalAfterMint = minted[msgSender][auth.key] + quantity; if (totalAfterMint > i.limit) { revert NumberOfMintsExceeded(); } } if (i.maxSupply < config.maxSupply) { uint256 totalAfterMint = listSupply[auth.key] + quantity; if (totalAfterMint > i.maxSupply) { revert ListMaxSupplyExceeded(); } } if (quantity > config.maxBatchSize) { revert MaxBatchSizeExceeded(); } if ((curSupply + quantity) > config.maxSupply) { revert MaxSupplyExceeded(); } uint256 inviteListSupply = listSupply[auth.key]; uint256 cost = computePrice( i, config.discounts, quantity, inviteListSupply, affiliate != address(0) ); if (i.tokenAddress != address(0)) { IERC20Upgradeable erc20Token = IERC20Upgradeable(i.tokenAddress); if (erc20Token.allowance(msgSender, address(this)) < cost) { revert NotApprovedToTransfer(); } if (erc20Token.balanceOf(msgSender) < cost) { revert Erc20BalanceTooLow(); } if (msg.value != 0) { revert ExcessiveEthSent(); } } else { if (msg.value < cost) { revert InsufficientEthSent(); } if (msg.value > cost) { revert ExcessiveEthSent(); } } } function validateBurnToMint( Config storage config, BurnConfig storage burnConfig, uint256[] calldata tokenIds, uint256 curSupply, mapping(address => mapping(bytes32 => uint256)) storage minted ) public view { if (!burnConfig.enabled) { revert BurnToMintDisabled(); } if (block.timestamp < burnConfig.start) { revert MintNotYetStarted(); } // check if msgSender owns tokens and has correct approvals address msgSender = _msgSender(); for (uint256 i; i < tokenIds.length; ) { if (burnConfig.archetype.ownerOf(tokenIds[i]) != msgSender) { revert NotTokenOwner(); } unchecked { ++i; } } if (!burnConfig.archetype.isApprovedForAll(msgSender, address(this))) { revert NotApprovedToTransfer(); } uint256 quantity; if (burnConfig.reversed) { quantity = tokenIds.length * burnConfig.ratio; } else { if (tokenIds.length % burnConfig.ratio != 0) { revert InvalidAmountOfTokens(); } quantity = tokenIds.length / burnConfig.ratio; } if (quantity > config.maxBatchSize) { revert MaxBatchSizeExceeded(); } if (burnConfig.limit < config.maxSupply) { uint256 totalAfterMint = minted[msgSender][bytes32("burn")] + quantity; if (totalAfterMint > burnConfig.limit) { revert NumberOfMintsExceeded(); } } if ((curSupply + quantity) > config.maxSupply) { revert MaxSupplyExceeded(); } } function updateBalances( DutchInvite storage i, Config storage config, mapping(address => OwnerBalance) storage _ownerBalance, mapping(address => mapping(address => uint128)) storage _affiliateBalance, address affiliate, uint256 quantity, uint256 listSupply ) public { address tokenAddress = i.tokenAddress; uint128 value = uint128(msg.value); if (tokenAddress != address(0)) { value = uint128( computePrice(i, config.discounts, quantity, listSupply, affiliate != address(0)) ); } uint128 affiliateWad; if (affiliate != address(0)) { affiliateWad = (value * config.affiliateFee) / 10000; _affiliateBalance[affiliate][tokenAddress] += affiliateWad; emit Referral(affiliate, tokenAddress, affiliateWad, quantity); } uint128 superAffiliateWad; if (config.superAffiliatePayout != address(0)) { superAffiliateWad = ((value * config.platformFee) / 2) / 10000; _affiliateBalance[config.superAffiliatePayout][tokenAddress] += superAffiliateWad; } OwnerBalance memory balance = _ownerBalance[tokenAddress]; uint128 platformWad = ((value * config.platformFee) / 10000) - superAffiliateWad; uint128 ownerWad = value - affiliateWad - platformWad - superAffiliateWad; _ownerBalance[tokenAddress] = OwnerBalance({ owner: balance.owner + ownerWad, platform: balance.platform + platformWad }); if (tokenAddress != address(0)) { IERC20Upgradeable erc20Token = IERC20Upgradeable(tokenAddress); erc20Token.transferFrom(_msgSender(), address(this), value); } } function withdrawTokens( Config storage config, mapping(address => OwnerBalance) storage _ownerBalance, mapping(address => mapping(address => uint128)) storage _affiliateBalance, address owner, address[] calldata tokens ) public { address msgSender = _msgSender(); for (uint256 i; i < tokens.length; ) { address tokenAddress = tokens[i]; uint128 wad; if (msgSender == owner || msgSender == config.ownerAltPayout || msgSender == PLATFORM) { OwnerBalance storage balance = _ownerBalance[tokenAddress]; if (msgSender == owner || msgSender == config.ownerAltPayout) { wad = balance.owner; balance.owner = 0; } else { wad = balance.platform; balance.platform = 0; } } else { wad = _affiliateBalance[msgSender][tokenAddress]; _affiliateBalance[msgSender][tokenAddress] = 0; } if (wad == 0) { revert BalanceEmpty(); } if (tokenAddress == address(0)) { bool success = false; // send to ownerAltPayout if set and owner is withdrawing if (msgSender == owner && config.ownerAltPayout != address(0)) { (success, ) = payable(config.ownerAltPayout).call{value: wad}(""); } else { (success, ) = msgSender.call{value: wad}(""); } if (!success) { revert TransferFailed(); } } else { IERC20Upgradeable erc20Token = IERC20Upgradeable(tokenAddress); if (msgSender == owner && config.ownerAltPayout != address(0)) { erc20Token.transfer(config.ownerAltPayout, wad); } else { erc20Token.transfer(msgSender, wad); } } emit Withdrawal(msgSender, tokenAddress, wad); unchecked { ++i; } } } function validateAffiliate( address affiliate, bytes calldata signature, address affiliateSigner ) public view { bytes32 signedMessagehash = ECDSA.toEthSignedMessageHash( keccak256(abi.encodePacked(affiliate)) ); address signer = ECDSA.recover(signedMessagehash, signature); if (signer != affiliateSigner) { revert InvalidSignature(); } } function verify( Auth calldata auth, address tokenAddress, address account ) public pure returns (bool) { // keys 0-255 and tokenAddress are public if (uint256(auth.key) <= 0xff || auth.key == keccak256(abi.encodePacked(tokenAddress))) { return true; } return MerkleProofLib.verify(auth.proof, auth.key, keccak256(abi.encodePacked(account))); } function _msgSender() internal view returns (address) { return msg.sender == BATCH ? tx.origin : msg.sender; } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol) pragma solidity ^0.8.0; /** * @dev Interface of the ERC20 standard as defined in the EIP. */ interface IERC20Upgradeable { /** * @dev Emitted when `value` tokens are moved from one account (`from`) to * another (`to`). * * Note that `value` may be zero. */ event Transfer(address indexed from, address indexed to, uint256 value); /** * @dev Emitted when the allowance of a `spender` for an `owner` is set by * a call to {approve}. `value` is the new allowance. */ event Approval(address indexed owner, address indexed spender, uint256 value); /** * @dev Returns the amount of tokens in existence. */ function totalSupply() external view returns (uint256); /** * @dev Returns the amount of tokens owned by `account`. */ function balanceOf(address account) external view returns (uint256); /** * @dev Moves `amount` tokens from the caller's account to `to`. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transfer(address to, uint256 amount) external returns (bool); /** * @dev Returns the remaining number of tokens that `spender` will be * allowed to spend on behalf of `owner` through {transferFrom}. This is * zero by default. * * This value changes when {approve} or {transferFrom} are called. */ function allowance(address owner, address spender) external view returns (uint256); /** * @dev Sets `amount` as the allowance of `spender` over the caller's tokens. * * Returns a boolean value indicating whether the operation succeeded. * * IMPORTANT: Beware that changing an allowance with this method brings the risk * that someone may use both the old and the new allowance by unfortunate * transaction ordering. One possible solution to mitigate this race * condition is to first reduce the spender's allowance to 0 and set the * desired value afterwards: * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 * * Emits an {Approval} event. */ function approve(address spender, uint256 amount) external returns (bool); /** * @dev Moves `amount` tokens from `from` to `to` using the * allowance mechanism. `amount` is then deducted from the caller's * allowance. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transferFrom(address from, address to, uint256 amount) external returns (bool); }
// SPDX-License-Identifier: MIT pragma solidity ^0.8.0; /** * @dev This is a base contract to aid in writing upgradeable diamond facet contracts, or any kind of contract that will be deployed * behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an * external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer * function so it can only be called once. The {initializer} modifier provided by this contract will have this effect. * * TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as * possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}. * * CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure * that all initializers are idempotent. This is not verified automatically as constructors are by Solidity. */ import {ERC721A__InitializableStorage} from './ERC721A__InitializableStorage.sol'; abstract contract ERC721A__Initializable { using ERC721A__InitializableStorage for ERC721A__InitializableStorage.Layout; /** * @dev Modifier to protect an initializer function from being invoked twice. */ modifier initializerERC721A() { // If the contract is initializing we ignore whether _initialized is set in order to support multiple // inheritance patterns, but we only do this in the context of a constructor, because in other contexts the // contract may have been reentered. require( ERC721A__InitializableStorage.layout()._initializing ? _isConstructor() : !ERC721A__InitializableStorage.layout()._initialized, 'ERC721A__Initializable: contract is already initialized' ); bool isTopLevelCall = !ERC721A__InitializableStorage.layout()._initializing; if (isTopLevelCall) { ERC721A__InitializableStorage.layout()._initializing = true; ERC721A__InitializableStorage.layout()._initialized = true; } _; if (isTopLevelCall) { ERC721A__InitializableStorage.layout()._initializing = false; } } /** * @dev Modifier to protect an initialization function so that it can only be invoked by functions with the * {initializer} modifier, directly or indirectly. */ modifier onlyInitializingERC721A() { require( ERC721A__InitializableStorage.layout()._initializing, 'ERC721A__Initializable: contract is not initializing' ); _; } /// @dev Returns true if and only if the function is running in the constructor function _isConstructor() private view returns (bool) { // extcodesize checks the size of the code stored in an address, and // address returns the current address. Since the code is still not // deployed when running a constructor, any checks on its code size will // yield zero, making it an effective way to detect if a contract is // under construction or not. address self = address(this); uint256 cs; assembly { cs := extcodesize(self) } return cs == 0; } }
// SPDX-License-Identifier: MIT pragma solidity ^0.8.0; /** * @dev This is a base storage for the initialization function for upgradeable diamond facet contracts **/ library ERC721A__InitializableStorage { struct Layout { /* * Indicates that the contract has been initialized. */ bool _initialized; /* * Indicates that the contract is in the process of being initialized. */ bool _initializing; } bytes32 internal constant STORAGE_SLOT = keccak256('ERC721A.contracts.storage.initializable.facet'); function layout() internal pure returns (Layout storage l) { bytes32 slot = STORAGE_SLOT; assembly { l.slot := slot } } }
// SPDX-License-Identifier: MIT pragma solidity ^0.8.0; library ERC721AStorage { // Bypass for a `--via-ir` bug (https://github.com/chiru-labs/ERC721A/pull/364). struct TokenApprovalRef { address value; } struct Layout { // ============================================================= // STORAGE // ============================================================= // The next token ID to be minted. uint256 _currentIndex; // The number of tokens burned. uint256 _burnCounter; // Token name string _name; // Token symbol string _symbol; // Mapping from token ID to ownership details // An empty struct value does not necessarily mean the token is unowned. // See {_packedOwnershipOf} implementation for details. // // Bits Layout: // - [0..159] `addr` // - [160..223] `startTimestamp` // - [224] `burned` // - [225] `nextInitialized` // - [232..255] `extraData` mapping(uint256 => uint256) _packedOwnerships; // Mapping owner address to address data. // // Bits Layout: // - [0..63] `balance` // - [64..127] `numberMinted` // - [128..191] `numberBurned` // - [192..255] `aux` mapping(address => uint256) _packedAddressData; // Mapping from token ID to approved address. mapping(uint256 => ERC721AStorage.TokenApprovalRef) _tokenApprovals; // Mapping from owner to operator approvals mapping(address => mapping(address => bool)) _operatorApprovals; } bytes32 internal constant STORAGE_SLOT = keccak256('ERC721A.contracts.storage.ERC721A'); function layout() internal pure returns (Layout storage l) { bytes32 slot = STORAGE_SLOT; assembly { l.slot := slot } } }
// SPDX-License-Identifier: MIT // ERC721A Contracts v4.2.3 // Creator: Chiru Labs pragma solidity ^0.8.4; import './IERC721AUpgradeable.sol'; import {ERC721AStorage} from './ERC721AStorage.sol'; import './ERC721A__Initializable.sol'; /** * @dev Interface of ERC721 token receiver. */ interface ERC721A__IERC721ReceiverUpgradeable { function onERC721Received( address operator, address from, uint256 tokenId, bytes calldata data ) external returns (bytes4); } /** * @title ERC721A * * @dev Implementation of the [ERC721](https://eips.ethereum.org/EIPS/eip-721) * Non-Fungible Token Standard, including the Metadata extension. * Optimized for lower gas during batch mints. * * Token IDs are minted in sequential order (e.g. 0, 1, 2, 3, ...) * starting from `_startTokenId()`. * * Assumptions: * * - An owner cannot have more than 2**64 - 1 (max value of uint64) of supply. * - The maximum token ID cannot exceed 2**256 - 1 (max value of uint256). */ contract ERC721AUpgradeable is ERC721A__Initializable, IERC721AUpgradeable { using ERC721AStorage for ERC721AStorage.Layout; // ============================================================= // CONSTANTS // ============================================================= // Mask of an entry in packed address data. uint256 private constant _BITMASK_ADDRESS_DATA_ENTRY = (1 << 64) - 1; // The bit position of `numberMinted` in packed address data. uint256 private constant _BITPOS_NUMBER_MINTED = 64; // The bit position of `numberBurned` in packed address data. uint256 private constant _BITPOS_NUMBER_BURNED = 128; // The bit position of `aux` in packed address data. uint256 private constant _BITPOS_AUX = 192; // Mask of all 256 bits in packed address data except the 64 bits for `aux`. uint256 private constant _BITMASK_AUX_COMPLEMENT = (1 << 192) - 1; // The bit position of `startTimestamp` in packed ownership. uint256 private constant _BITPOS_START_TIMESTAMP = 160; // The bit mask of the `burned` bit in packed ownership. uint256 private constant _BITMASK_BURNED = 1 << 224; // The bit position of the `nextInitialized` bit in packed ownership. uint256 private constant _BITPOS_NEXT_INITIALIZED = 225; // The bit mask of the `nextInitialized` bit in packed ownership. uint256 private constant _BITMASK_NEXT_INITIALIZED = 1 << 225; // The bit position of `extraData` in packed ownership. uint256 private constant _BITPOS_EXTRA_DATA = 232; // Mask of all 256 bits in a packed ownership except the 24 bits for `extraData`. uint256 private constant _BITMASK_EXTRA_DATA_COMPLEMENT = (1 << 232) - 1; // The mask of the lower 160 bits for addresses. uint256 private constant _BITMASK_ADDRESS = (1 << 160) - 1; // The maximum `quantity` that can be minted with {_mintERC2309}. // This limit is to prevent overflows on the address data entries. // For a limit of 5000, a total of 3.689e15 calls to {_mintERC2309} // is required to cause an overflow, which is unrealistic. uint256 private constant _MAX_MINT_ERC2309_QUANTITY_LIMIT = 5000; // The `Transfer` event signature is given by: // `keccak256(bytes("Transfer(address,address,uint256)"))`. bytes32 private constant _TRANSFER_EVENT_SIGNATURE = 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef; // ============================================================= // CONSTRUCTOR // ============================================================= function __ERC721A_init(string memory name_, string memory symbol_) internal onlyInitializingERC721A { __ERC721A_init_unchained(name_, symbol_); } function __ERC721A_init_unchained(string memory name_, string memory symbol_) internal onlyInitializingERC721A { ERC721AStorage.layout()._name = name_; ERC721AStorage.layout()._symbol = symbol_; ERC721AStorage.layout()._currentIndex = _startTokenId(); } // ============================================================= // TOKEN COUNTING OPERATIONS // ============================================================= /** * @dev Returns the starting token ID. * To change the starting token ID, please override this function. */ function _startTokenId() internal view virtual returns (uint256) { return 0; } /** * @dev Returns the next token ID to be minted. */ function _nextTokenId() internal view virtual returns (uint256) { return ERC721AStorage.layout()._currentIndex; } /** * @dev Returns the total number of tokens in existence. * Burned tokens will reduce the count. * To get the total number of tokens minted, please see {_totalMinted}. */ function totalSupply() public view virtual override returns (uint256) { // Counter underflow is impossible as _burnCounter cannot be incremented // more than `_currentIndex - _startTokenId()` times. unchecked { return ERC721AStorage.layout()._currentIndex - ERC721AStorage.layout()._burnCounter - _startTokenId(); } } /** * @dev Returns the total amount of tokens minted in the contract. */ function _totalMinted() internal view virtual returns (uint256) { // Counter underflow is impossible as `_currentIndex` does not decrement, // and it is initialized to `_startTokenId()`. unchecked { return ERC721AStorage.layout()._currentIndex - _startTokenId(); } } /** * @dev Returns the total number of tokens burned. */ function _totalBurned() internal view virtual returns (uint256) { return ERC721AStorage.layout()._burnCounter; } // ============================================================= // ADDRESS DATA OPERATIONS // ============================================================= /** * @dev Returns the number of tokens in `owner`'s account. */ function balanceOf(address owner) public view virtual override returns (uint256) { if (owner == address(0)) revert BalanceQueryForZeroAddress(); return ERC721AStorage.layout()._packedAddressData[owner] & _BITMASK_ADDRESS_DATA_ENTRY; } /** * Returns the number of tokens minted by `owner`. */ function _numberMinted(address owner) internal view returns (uint256) { return (ERC721AStorage.layout()._packedAddressData[owner] >> _BITPOS_NUMBER_MINTED) & _BITMASK_ADDRESS_DATA_ENTRY; } /** * Returns the number of tokens burned by or on behalf of `owner`. */ function _numberBurned(address owner) internal view returns (uint256) { return (ERC721AStorage.layout()._packedAddressData[owner] >> _BITPOS_NUMBER_BURNED) & _BITMASK_ADDRESS_DATA_ENTRY; } /** * Returns the auxiliary data for `owner`. (e.g. number of whitelist mint slots used). */ function _getAux(address owner) internal view returns (uint64) { return uint64(ERC721AStorage.layout()._packedAddressData[owner] >> _BITPOS_AUX); } /** * Sets the auxiliary data for `owner`. (e.g. number of whitelist mint slots used). * If there are multiple variables, please pack them into a uint64. */ function _setAux(address owner, uint64 aux) internal virtual { uint256 packed = ERC721AStorage.layout()._packedAddressData[owner]; uint256 auxCasted; // Cast `aux` with assembly to avoid redundant masking. assembly { auxCasted := aux } packed = (packed & _BITMASK_AUX_COMPLEMENT) | (auxCasted << _BITPOS_AUX); ERC721AStorage.layout()._packedAddressData[owner] = packed; } // ============================================================= // IERC165 // ============================================================= /** * @dev Returns true if this contract implements the interface defined by * `interfaceId`. See the corresponding * [EIP section](https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified) * to learn more about how these ids are created. * * This function call must use less than 30000 gas. */ function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) { // The interface IDs are constants representing the first 4 bytes // of the XOR of all function selectors in the interface. // See: [ERC165](https://eips.ethereum.org/EIPS/eip-165) // (e.g. `bytes4(i.functionA.selector ^ i.functionB.selector ^ ...)`) return interfaceId == 0x01ffc9a7 || // ERC165 interface ID for ERC165. interfaceId == 0x80ac58cd || // ERC165 interface ID for ERC721. interfaceId == 0x5b5e139f; // ERC165 interface ID for ERC721Metadata. } // ============================================================= // IERC721Metadata // ============================================================= /** * @dev Returns the token collection name. */ function name() public view virtual override returns (string memory) { return ERC721AStorage.layout()._name; } /** * @dev Returns the token collection symbol. */ function symbol() public view virtual override returns (string memory) { return ERC721AStorage.layout()._symbol; } /** * @dev Returns the Uniform Resource Identifier (URI) for `tokenId` token. */ function tokenURI(uint256 tokenId) public view virtual override returns (string memory) { if (!_exists(tokenId)) revert URIQueryForNonexistentToken(); string memory baseURI = _baseURI(); return bytes(baseURI).length != 0 ? string(abi.encodePacked(baseURI, _toString(tokenId))) : ''; } /** * @dev Base URI for computing {tokenURI}. If set, the resulting URI for each * token will be the concatenation of the `baseURI` and the `tokenId`. Empty * by default, it can be overridden in child contracts. */ function _baseURI() internal view virtual returns (string memory) { return ''; } // ============================================================= // OWNERSHIPS OPERATIONS // ============================================================= /** * @dev Returns the owner of the `tokenId` token. * * Requirements: * * - `tokenId` must exist. */ function ownerOf(uint256 tokenId) public view virtual override returns (address) { return address(uint160(_packedOwnershipOf(tokenId))); } /** * @dev Gas spent here starts off proportional to the maximum mint batch size. * It gradually moves to O(1) as tokens get transferred around over time. */ function _ownershipOf(uint256 tokenId) internal view virtual returns (TokenOwnership memory) { return _unpackedOwnership(_packedOwnershipOf(tokenId)); } /** * @dev Returns the unpacked `TokenOwnership` struct at `index`. */ function _ownershipAt(uint256 index) internal view virtual returns (TokenOwnership memory) { return _unpackedOwnership(ERC721AStorage.layout()._packedOwnerships[index]); } /** * @dev Initializes the ownership slot minted at `index` for efficiency purposes. */ function _initializeOwnershipAt(uint256 index) internal virtual { if (ERC721AStorage.layout()._packedOwnerships[index] == 0) { ERC721AStorage.layout()._packedOwnerships[index] = _packedOwnershipOf(index); } } /** * Returns the packed ownership data of `tokenId`. */ function _packedOwnershipOf(uint256 tokenId) private view returns (uint256 packed) { if (_startTokenId() <= tokenId) { packed = ERC721AStorage.layout()._packedOwnerships[tokenId]; // If not burned. if (packed & _BITMASK_BURNED == 0) { // If the data at the starting slot does not exist, start the scan. if (packed == 0) { if (tokenId >= ERC721AStorage.layout()._currentIndex) revert OwnerQueryForNonexistentToken(); // Invariant: // There will always be an initialized ownership slot // (i.e. `ownership.addr != address(0) && ownership.burned == false`) // before an unintialized ownership slot // (i.e. `ownership.addr == address(0) && ownership.burned == false`) // Hence, `tokenId` will not underflow. // // We can directly compare the packed value. // If the address is zero, packed will be zero. for (;;) { unchecked { packed = ERC721AStorage.layout()._packedOwnerships[--tokenId]; } if (packed == 0) continue; return packed; } } // Otherwise, the data exists and is not burned. We can skip the scan. // This is possible because we have already achieved the target condition. // This saves 2143 gas on transfers of initialized tokens. return packed; } } revert OwnerQueryForNonexistentToken(); } /** * @dev Returns the unpacked `TokenOwnership` struct from `packed`. */ function _unpackedOwnership(uint256 packed) private pure returns (TokenOwnership memory ownership) { ownership.addr = address(uint160(packed)); ownership.startTimestamp = uint64(packed >> _BITPOS_START_TIMESTAMP); ownership.burned = packed & _BITMASK_BURNED != 0; ownership.extraData = uint24(packed >> _BITPOS_EXTRA_DATA); } /** * @dev Packs ownership data into a single uint256. */ function _packOwnershipData(address owner, uint256 flags) private view returns (uint256 result) { assembly { // Mask `owner` to the lower 160 bits, in case the upper bits somehow aren't clean. owner := and(owner, _BITMASK_ADDRESS) // `owner | (block.timestamp << _BITPOS_START_TIMESTAMP) | flags`. result := or(owner, or(shl(_BITPOS_START_TIMESTAMP, timestamp()), flags)) } } /** * @dev Returns the `nextInitialized` flag set if `quantity` equals 1. */ function _nextInitializedFlag(uint256 quantity) private pure returns (uint256 result) { // For branchless setting of the `nextInitialized` flag. assembly { // `(quantity == 1) << _BITPOS_NEXT_INITIALIZED`. result := shl(_BITPOS_NEXT_INITIALIZED, eq(quantity, 1)) } } // ============================================================= // APPROVAL OPERATIONS // ============================================================= /** * @dev Gives permission to `to` to transfer `tokenId` token to another account. See {ERC721A-_approve}. * * Requirements: * * - The caller must own the token or be an approved operator. */ function approve(address to, uint256 tokenId) public payable virtual override { _approve(to, tokenId, true); } /** * @dev Returns the account approved for `tokenId` token. * * Requirements: * * - `tokenId` must exist. */ function getApproved(uint256 tokenId) public view virtual override returns (address) { if (!_exists(tokenId)) revert ApprovalQueryForNonexistentToken(); return ERC721AStorage.layout()._tokenApprovals[tokenId].value; } /** * @dev Approve or remove `operator` as an operator for the caller. * Operators can call {transferFrom} or {safeTransferFrom} * for any token owned by the caller. * * Requirements: * * - The `operator` cannot be the caller. * * Emits an {ApprovalForAll} event. */ function setApprovalForAll(address operator, bool approved) public virtual override { ERC721AStorage.layout()._operatorApprovals[_msgSenderERC721A()][operator] = approved; emit ApprovalForAll(_msgSenderERC721A(), operator, approved); } /** * @dev Returns if the `operator` is allowed to manage all of the assets of `owner`. * * See {setApprovalForAll}. */ function isApprovedForAll(address owner, address operator) public view virtual override returns (bool) { return ERC721AStorage.layout()._operatorApprovals[owner][operator]; } /** * @dev Returns whether `tokenId` exists. * * Tokens can be managed by their owner or approved accounts via {approve} or {setApprovalForAll}. * * Tokens start existing when they are minted. See {_mint}. */ function _exists(uint256 tokenId) internal view virtual returns (bool) { return _startTokenId() <= tokenId && tokenId < ERC721AStorage.layout()._currentIndex && // If within bounds, ERC721AStorage.layout()._packedOwnerships[tokenId] & _BITMASK_BURNED == 0; // and not burned. } /** * @dev Returns whether `msgSender` is equal to `approvedAddress` or `owner`. */ function _isSenderApprovedOrOwner( address approvedAddress, address owner, address msgSender ) private pure returns (bool result) { assembly { // Mask `owner` to the lower 160 bits, in case the upper bits somehow aren't clean. owner := and(owner, _BITMASK_ADDRESS) // Mask `msgSender` to the lower 160 bits, in case the upper bits somehow aren't clean. msgSender := and(msgSender, _BITMASK_ADDRESS) // `msgSender == owner || msgSender == approvedAddress`. result := or(eq(msgSender, owner), eq(msgSender, approvedAddress)) } } /** * @dev Returns the storage slot and value for the approved address of `tokenId`. */ function _getApprovedSlotAndAddress(uint256 tokenId) private view returns (uint256 approvedAddressSlot, address approvedAddress) { ERC721AStorage.TokenApprovalRef storage tokenApproval = ERC721AStorage.layout()._tokenApprovals[tokenId]; // The following is equivalent to `approvedAddress = _tokenApprovals[tokenId].value`. assembly { approvedAddressSlot := tokenApproval.slot approvedAddress := sload(approvedAddressSlot) } } // ============================================================= // TRANSFER OPERATIONS // ============================================================= /** * @dev Transfers `tokenId` from `from` to `to`. * * Requirements: * * - `from` cannot be the zero address. * - `to` cannot be the zero address. * - `tokenId` token must be owned by `from`. * - If the caller is not `from`, it must be approved to move this token * by either {approve} or {setApprovalForAll}. * * Emits a {Transfer} event. */ function transferFrom( address from, address to, uint256 tokenId ) public payable virtual override { uint256 prevOwnershipPacked = _packedOwnershipOf(tokenId); if (address(uint160(prevOwnershipPacked)) != from) revert TransferFromIncorrectOwner(); (uint256 approvedAddressSlot, address approvedAddress) = _getApprovedSlotAndAddress(tokenId); // The nested ifs save around 20+ gas over a compound boolean condition. if (!_isSenderApprovedOrOwner(approvedAddress, from, _msgSenderERC721A())) if (!isApprovedForAll(from, _msgSenderERC721A())) revert TransferCallerNotOwnerNorApproved(); if (to == address(0)) revert TransferToZeroAddress(); _beforeTokenTransfers(from, to, tokenId, 1); // Clear approvals from the previous owner. assembly { if approvedAddress { // This is equivalent to `delete _tokenApprovals[tokenId]`. sstore(approvedAddressSlot, 0) } } // Underflow of the sender's balance is impossible because we check for // ownership above and the recipient's balance can't realistically overflow. // Counter overflow is incredibly unrealistic as `tokenId` would have to be 2**256. unchecked { // We can directly increment and decrement the balances. --ERC721AStorage.layout()._packedAddressData[from]; // Updates: `balance -= 1`. ++ERC721AStorage.layout()._packedAddressData[to]; // Updates: `balance += 1`. // Updates: // - `address` to the next owner. // - `startTimestamp` to the timestamp of transfering. // - `burned` to `false`. // - `nextInitialized` to `true`. ERC721AStorage.layout()._packedOwnerships[tokenId] = _packOwnershipData( to, _BITMASK_NEXT_INITIALIZED | _nextExtraData(from, to, prevOwnershipPacked) ); // If the next slot may not have been initialized (i.e. `nextInitialized == false`) . if (prevOwnershipPacked & _BITMASK_NEXT_INITIALIZED == 0) { uint256 nextTokenId = tokenId + 1; // If the next slot's address is zero and not burned (i.e. packed value is zero). if (ERC721AStorage.layout()._packedOwnerships[nextTokenId] == 0) { // If the next slot is within bounds. if (nextTokenId != ERC721AStorage.layout()._currentIndex) { // Initialize the next slot to maintain correctness for `ownerOf(tokenId + 1)`. ERC721AStorage.layout()._packedOwnerships[nextTokenId] = prevOwnershipPacked; } } } } emit Transfer(from, to, tokenId); _afterTokenTransfers(from, to, tokenId, 1); } /** * @dev Equivalent to `safeTransferFrom(from, to, tokenId, '')`. */ function safeTransferFrom( address from, address to, uint256 tokenId ) public payable virtual override { safeTransferFrom(from, to, tokenId, ''); } /** * @dev Safely transfers `tokenId` token from `from` to `to`. * * Requirements: * * - `from` cannot be the zero address. * - `to` cannot be the zero address. * - `tokenId` token must exist and be owned by `from`. * - If the caller is not `from`, it must be approved to move this token * by either {approve} or {setApprovalForAll}. * - If `to` refers to a smart contract, it must implement * {IERC721Receiver-onERC721Received}, which is called upon a safe transfer. * * Emits a {Transfer} event. */ function safeTransferFrom( address from, address to, uint256 tokenId, bytes memory _data ) public payable virtual override { transferFrom(from, to, tokenId); if (to.code.length != 0) if (!_checkContractOnERC721Received(from, to, tokenId, _data)) { revert TransferToNonERC721ReceiverImplementer(); } } /** * @dev Hook that is called before a set of serially-ordered token IDs * are about to be transferred. This includes minting. * And also called before burning one token. * * `startTokenId` - the first token ID to be transferred. * `quantity` - the amount to be transferred. * * Calling conditions: * * - When `from` and `to` are both non-zero, `from`'s `tokenId` will be * transferred to `to`. * - When `from` is zero, `tokenId` will be minted for `to`. * - When `to` is zero, `tokenId` will be burned by `from`. * - `from` and `to` are never both zero. */ function _beforeTokenTransfers( address from, address to, uint256 startTokenId, uint256 quantity ) internal virtual {} /** * @dev Hook that is called after a set of serially-ordered token IDs * have been transferred. This includes minting. * And also called after one token has been burned. * * `startTokenId` - the first token ID to be transferred. * `quantity` - the amount to be transferred. * * Calling conditions: * * - When `from` and `to` are both non-zero, `from`'s `tokenId` has been * transferred to `to`. * - When `from` is zero, `tokenId` has been minted for `to`. * - When `to` is zero, `tokenId` has been burned by `from`. * - `from` and `to` are never both zero. */ function _afterTokenTransfers( address from, address to, uint256 startTokenId, uint256 quantity ) internal virtual {} /** * @dev Private function to invoke {IERC721Receiver-onERC721Received} on a target contract. * * `from` - Previous owner of the given token ID. * `to` - Target address that will receive the token. * `tokenId` - Token ID to be transferred. * `_data` - Optional data to send along with the call. * * Returns whether the call correctly returned the expected magic value. */ function _checkContractOnERC721Received( address from, address to, uint256 tokenId, bytes memory _data ) private returns (bool) { try ERC721A__IERC721ReceiverUpgradeable(to).onERC721Received(_msgSenderERC721A(), from, tokenId, _data) returns (bytes4 retval) { return retval == ERC721A__IERC721ReceiverUpgradeable(to).onERC721Received.selector; } catch (bytes memory reason) { if (reason.length == 0) { revert TransferToNonERC721ReceiverImplementer(); } else { assembly { revert(add(32, reason), mload(reason)) } } } } // ============================================================= // MINT OPERATIONS // ============================================================= /** * @dev Mints `quantity` tokens and transfers them to `to`. * * Requirements: * * - `to` cannot be the zero address. * - `quantity` must be greater than 0. * * Emits a {Transfer} event for each mint. */ function _mint(address to, uint256 quantity) internal virtual { uint256 startTokenId = ERC721AStorage.layout()._currentIndex; if (quantity == 0) revert MintZeroQuantity(); _beforeTokenTransfers(address(0), to, startTokenId, quantity); // Overflows are incredibly unrealistic. // `balance` and `numberMinted` have a maximum limit of 2**64. // `tokenId` has a maximum limit of 2**256. unchecked { // Updates: // - `balance += quantity`. // - `numberMinted += quantity`. // // We can directly add to the `balance` and `numberMinted`. ERC721AStorage.layout()._packedAddressData[to] += quantity * ((1 << _BITPOS_NUMBER_MINTED) | 1); // Updates: // - `address` to the owner. // - `startTimestamp` to the timestamp of minting. // - `burned` to `false`. // - `nextInitialized` to `quantity == 1`. ERC721AStorage.layout()._packedOwnerships[startTokenId] = _packOwnershipData( to, _nextInitializedFlag(quantity) | _nextExtraData(address(0), to, 0) ); uint256 toMasked; uint256 end = startTokenId + quantity; // Use assembly to loop and emit the `Transfer` event for gas savings. // The duplicated `log4` removes an extra check and reduces stack juggling. // The assembly, together with the surrounding Solidity code, have been // delicately arranged to nudge the compiler into producing optimized opcodes. assembly { // Mask `to` to the lower 160 bits, in case the upper bits somehow aren't clean. toMasked := and(to, _BITMASK_ADDRESS) // Emit the `Transfer` event. log4( 0, // Start of data (0, since no data). 0, // End of data (0, since no data). _TRANSFER_EVENT_SIGNATURE, // Signature. 0, // `address(0)`. toMasked, // `to`. startTokenId // `tokenId`. ) // The `iszero(eq(,))` check ensures that large values of `quantity` // that overflows uint256 will make the loop run out of gas. // The compiler will optimize the `iszero` away for performance. for { let tokenId := add(startTokenId, 1) } iszero(eq(tokenId, end)) { tokenId := add(tokenId, 1) } { // Emit the `Transfer` event. Similar to above. log4(0, 0, _TRANSFER_EVENT_SIGNATURE, 0, toMasked, tokenId) } } if (toMasked == 0) revert MintToZeroAddress(); ERC721AStorage.layout()._currentIndex = end; } _afterTokenTransfers(address(0), to, startTokenId, quantity); } /** * @dev Mints `quantity` tokens and transfers them to `to`. * * This function is intended for efficient minting only during contract creation. * * It emits only one {ConsecutiveTransfer} as defined in * [ERC2309](https://eips.ethereum.org/EIPS/eip-2309), * instead of a sequence of {Transfer} event(s). * * Calling this function outside of contract creation WILL make your contract * non-compliant with the ERC721 standard. * For full ERC721 compliance, substituting ERC721 {Transfer} event(s) with the ERC2309 * {ConsecutiveTransfer} event is only permissible during contract creation. * * Requirements: * * - `to` cannot be the zero address. * - `quantity` must be greater than 0. * * Emits a {ConsecutiveTransfer} event. */ function _mintERC2309(address to, uint256 quantity) internal virtual { uint256 startTokenId = ERC721AStorage.layout()._currentIndex; if (to == address(0)) revert MintToZeroAddress(); if (quantity == 0) revert MintZeroQuantity(); if (quantity > _MAX_MINT_ERC2309_QUANTITY_LIMIT) revert MintERC2309QuantityExceedsLimit(); _beforeTokenTransfers(address(0), to, startTokenId, quantity); // Overflows are unrealistic due to the above check for `quantity` to be below the limit. unchecked { // Updates: // - `balance += quantity`. // - `numberMinted += quantity`. // // We can directly add to the `balance` and `numberMinted`. ERC721AStorage.layout()._packedAddressData[to] += quantity * ((1 << _BITPOS_NUMBER_MINTED) | 1); // Updates: // - `address` to the owner. // - `startTimestamp` to the timestamp of minting. // - `burned` to `false`. // - `nextInitialized` to `quantity == 1`. ERC721AStorage.layout()._packedOwnerships[startTokenId] = _packOwnershipData( to, _nextInitializedFlag(quantity) | _nextExtraData(address(0), to, 0) ); emit ConsecutiveTransfer(startTokenId, startTokenId + quantity - 1, address(0), to); ERC721AStorage.layout()._currentIndex = startTokenId + quantity; } _afterTokenTransfers(address(0), to, startTokenId, quantity); } /** * @dev Safely mints `quantity` tokens and transfers them to `to`. * * Requirements: * * - If `to` refers to a smart contract, it must implement * {IERC721Receiver-onERC721Received}, which is called for each safe transfer. * - `quantity` must be greater than 0. * * See {_mint}. * * Emits a {Transfer} event for each mint. */ function _safeMint( address to, uint256 quantity, bytes memory _data ) internal virtual { _mint(to, quantity); unchecked { if (to.code.length != 0) { uint256 end = ERC721AStorage.layout()._currentIndex; uint256 index = end - quantity; do { if (!_checkContractOnERC721Received(address(0), to, index++, _data)) { revert TransferToNonERC721ReceiverImplementer(); } } while (index < end); // Reentrancy protection. if (ERC721AStorage.layout()._currentIndex != end) revert(); } } } /** * @dev Equivalent to `_safeMint(to, quantity, '')`. */ function _safeMint(address to, uint256 quantity) internal virtual { _safeMint(to, quantity, ''); } // ============================================================= // APPROVAL OPERATIONS // ============================================================= /** * @dev Equivalent to `_approve(to, tokenId, false)`. */ function _approve(address to, uint256 tokenId) internal virtual { _approve(to, tokenId, false); } /** * @dev Gives permission to `to` to transfer `tokenId` token to another account. * The approval is cleared when the token is transferred. * * Only a single account can be approved at a time, so approving the * zero address clears previous approvals. * * Requirements: * * - `tokenId` must exist. * * Emits an {Approval} event. */ function _approve( address to, uint256 tokenId, bool approvalCheck ) internal virtual { address owner = ownerOf(tokenId); if (approvalCheck) if (_msgSenderERC721A() != owner) if (!isApprovedForAll(owner, _msgSenderERC721A())) { revert ApprovalCallerNotOwnerNorApproved(); } ERC721AStorage.layout()._tokenApprovals[tokenId].value = to; emit Approval(owner, to, tokenId); } // ============================================================= // BURN OPERATIONS // ============================================================= /** * @dev Equivalent to `_burn(tokenId, false)`. */ function _burn(uint256 tokenId) internal virtual { _burn(tokenId, false); } /** * @dev Destroys `tokenId`. * The approval is cleared when the token is burned. * * Requirements: * * - `tokenId` must exist. * * Emits a {Transfer} event. */ function _burn(uint256 tokenId, bool approvalCheck) internal virtual { uint256 prevOwnershipPacked = _packedOwnershipOf(tokenId); address from = address(uint160(prevOwnershipPacked)); (uint256 approvedAddressSlot, address approvedAddress) = _getApprovedSlotAndAddress(tokenId); if (approvalCheck) { // The nested ifs save around 20+ gas over a compound boolean condition. if (!_isSenderApprovedOrOwner(approvedAddress, from, _msgSenderERC721A())) if (!isApprovedForAll(from, _msgSenderERC721A())) revert TransferCallerNotOwnerNorApproved(); } _beforeTokenTransfers(from, address(0), tokenId, 1); // Clear approvals from the previous owner. assembly { if approvedAddress { // This is equivalent to `delete _tokenApprovals[tokenId]`. sstore(approvedAddressSlot, 0) } } // Underflow of the sender's balance is impossible because we check for // ownership above and the recipient's balance can't realistically overflow. // Counter overflow is incredibly unrealistic as `tokenId` would have to be 2**256. unchecked { // Updates: // - `balance -= 1`. // - `numberBurned += 1`. // // We can directly decrement the balance, and increment the number burned. // This is equivalent to `packed -= 1; packed += 1 << _BITPOS_NUMBER_BURNED;`. ERC721AStorage.layout()._packedAddressData[from] += (1 << _BITPOS_NUMBER_BURNED) - 1; // Updates: // - `address` to the last owner. // - `startTimestamp` to the timestamp of burning. // - `burned` to `true`. // - `nextInitialized` to `true`. ERC721AStorage.layout()._packedOwnerships[tokenId] = _packOwnershipData( from, (_BITMASK_BURNED | _BITMASK_NEXT_INITIALIZED) | _nextExtraData(from, address(0), prevOwnershipPacked) ); // If the next slot may not have been initialized (i.e. `nextInitialized == false`) . if (prevOwnershipPacked & _BITMASK_NEXT_INITIALIZED == 0) { uint256 nextTokenId = tokenId + 1; // If the next slot's address is zero and not burned (i.e. packed value is zero). if (ERC721AStorage.layout()._packedOwnerships[nextTokenId] == 0) { // If the next slot is within bounds. if (nextTokenId != ERC721AStorage.layout()._currentIndex) { // Initialize the next slot to maintain correctness for `ownerOf(tokenId + 1)`. ERC721AStorage.layout()._packedOwnerships[nextTokenId] = prevOwnershipPacked; } } } } emit Transfer(from, address(0), tokenId); _afterTokenTransfers(from, address(0), tokenId, 1); // Overflow not possible, as _burnCounter cannot be exceed _currentIndex times. unchecked { ERC721AStorage.layout()._burnCounter++; } } // ============================================================= // EXTRA DATA OPERATIONS // ============================================================= /** * @dev Directly sets the extra data for the ownership data `index`. */ function _setExtraDataAt(uint256 index, uint24 extraData) internal virtual { uint256 packed = ERC721AStorage.layout()._packedOwnerships[index]; if (packed == 0) revert OwnershipNotInitializedForExtraData(); uint256 extraDataCasted; // Cast `extraData` with assembly to avoid redundant masking. assembly { extraDataCasted := extraData } packed = (packed & _BITMASK_EXTRA_DATA_COMPLEMENT) | (extraDataCasted << _BITPOS_EXTRA_DATA); ERC721AStorage.layout()._packedOwnerships[index] = packed; } /** * @dev Called during each token transfer to set the 24bit `extraData` field. * Intended to be overridden by the cosumer contract. * * `previousExtraData` - the value of `extraData` before transfer. * * Calling conditions: * * - When `from` and `to` are both non-zero, `from`'s `tokenId` will be * transferred to `to`. * - When `from` is zero, `tokenId` will be minted for `to`. * - When `to` is zero, `tokenId` will be burned by `from`. * - `from` and `to` are never both zero. */ function _extraData( address from, address to, uint24 previousExtraData ) internal view virtual returns (uint24) {} /** * @dev Returns the next extra data for the packed ownership data. * The returned result is shifted into position. */ function _nextExtraData( address from, address to, uint256 prevOwnershipPacked ) private view returns (uint256) { uint24 extraData = uint24(prevOwnershipPacked >> _BITPOS_EXTRA_DATA); return uint256(_extraData(from, to, extraData)) << _BITPOS_EXTRA_DATA; } // ============================================================= // OTHER OPERATIONS // ============================================================= /** * @dev Returns the message sender (defaults to `msg.sender`). * * If you are writing GSN compatible contracts, you need to override this function. */ function _msgSenderERC721A() internal view virtual returns (address) { return msg.sender; } /** * @dev Converts a uint256 to its ASCII string decimal representation. */ function _toString(uint256 value) internal pure virtual returns (string memory str) { assembly { // The maximum value of a uint256 contains 78 digits (1 byte per digit), but // we allocate 0xa0 bytes to keep the free memory pointer 32-byte word aligned. // We will need 1 word for the trailing zeros padding, 1 word for the length, // and 3 words for a maximum of 78 digits. Total: 5 * 0x20 = 0xa0. let m := add(mload(0x40), 0xa0) // Update the free memory pointer to allocate. mstore(0x40, m) // Assign the `str` to the end. str := sub(m, 0x20) // Zeroize the slot after the string. mstore(str, 0) // Cache the end of the memory to calculate the length later. let end := str // We write the string from rightmost digit to leftmost digit. // The following is essentially a do-while loop that also handles the zero case. // prettier-ignore for { let temp := value } 1 {} { str := sub(str, 1) // Write the character to the pointer. // The ASCII index of the '0' character is 48. mstore8(str, add(48, mod(temp, 10))) // Keep dividing `temp` until zero. temp := div(temp, 10) // prettier-ignore if iszero(temp) { break } } let length := sub(end, str) // Move the pointer 32 bytes leftwards to make room for the length. str := sub(str, 0x20) // Store the length. mstore(str, length) } } }
// SPDX-License-Identifier: MIT // ERC721A Contracts v4.2.3 // Creator: Chiru Labs pragma solidity ^0.8.4; /** * @dev Interface of ERC721A. */ interface IERC721AUpgradeable { /** * The caller must own the token or be an approved operator. */ error ApprovalCallerNotOwnerNorApproved(); /** * The token does not exist. */ error ApprovalQueryForNonexistentToken(); /** * Cannot query the balance for the zero address. */ error BalanceQueryForZeroAddress(); /** * Cannot mint to the zero address. */ error MintToZeroAddress(); /** * The quantity of tokens minted must be more than zero. */ error MintZeroQuantity(); /** * The token does not exist. */ error OwnerQueryForNonexistentToken(); /** * The caller must own the token or be an approved operator. */ error TransferCallerNotOwnerNorApproved(); /** * The token must be owned by `from`. */ error TransferFromIncorrectOwner(); /** * Cannot safely transfer to a contract that does not implement the * ERC721Receiver interface. */ error TransferToNonERC721ReceiverImplementer(); /** * Cannot transfer to the zero address. */ error TransferToZeroAddress(); /** * The token does not exist. */ error URIQueryForNonexistentToken(); /** * The `quantity` minted with ERC2309 exceeds the safety limit. */ error MintERC2309QuantityExceedsLimit(); /** * The `extraData` cannot be set on an unintialized ownership slot. */ error OwnershipNotInitializedForExtraData(); // ============================================================= // STRUCTS // ============================================================= struct TokenOwnership { // The address of the owner. address addr; // Stores the start time of ownership with minimal overhead for tokenomics. uint64 startTimestamp; // Whether the token has been burned. bool burned; // Arbitrary data similar to `startTimestamp` that can be set via {_extraData}. uint24 extraData; } // ============================================================= // TOKEN COUNTERS // ============================================================= /** * @dev Returns the total number of tokens in existence. * Burned tokens will reduce the count. * To get the total number of tokens minted, please see {_totalMinted}. */ function totalSupply() external view returns (uint256); // ============================================================= // IERC165 // ============================================================= /** * @dev Returns true if this contract implements the interface defined by * `interfaceId`. See the corresponding * [EIP section](https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified) * to learn more about how these ids are created. * * This function call must use less than 30000 gas. */ function supportsInterface(bytes4 interfaceId) external view returns (bool); // ============================================================= // IERC721 // ============================================================= /** * @dev Emitted when `tokenId` token is transferred from `from` to `to`. */ event Transfer(address indexed from, address indexed to, uint256 indexed tokenId); /** * @dev Emitted when `owner` enables `approved` to manage the `tokenId` token. */ event Approval(address indexed owner, address indexed approved, uint256 indexed tokenId); /** * @dev Emitted when `owner` enables or disables * (`approved`) `operator` to manage all of its assets. */ event ApprovalForAll(address indexed owner, address indexed operator, bool approved); /** * @dev Returns the number of tokens in `owner`'s account. */ function balanceOf(address owner) external view returns (uint256 balance); /** * @dev Returns the owner of the `tokenId` token. * * Requirements: * * - `tokenId` must exist. */ function ownerOf(uint256 tokenId) external view returns (address owner); /** * @dev Safely transfers `tokenId` token from `from` to `to`, * checking first that contract recipients are aware of the ERC721 protocol * to prevent tokens from being forever locked. * * Requirements: * * - `from` cannot be the zero address. * - `to` cannot be the zero address. * - `tokenId` token must exist and be owned by `from`. * - If the caller is not `from`, it must be have been allowed to move * this token by either {approve} or {setApprovalForAll}. * - If `to` refers to a smart contract, it must implement * {IERC721Receiver-onERC721Received}, which is called upon a safe transfer. * * Emits a {Transfer} event. */ function safeTransferFrom( address from, address to, uint256 tokenId, bytes calldata data ) external payable; /** * @dev Equivalent to `safeTransferFrom(from, to, tokenId, '')`. */ function safeTransferFrom( address from, address to, uint256 tokenId ) external payable; /** * @dev Transfers `tokenId` from `from` to `to`. * * WARNING: Usage of this method is discouraged, use {safeTransferFrom} * whenever possible. * * Requirements: * * - `from` cannot be the zero address. * - `to` cannot be the zero address. * - `tokenId` token must be owned by `from`. * - If the caller is not `from`, it must be approved to move this token * by either {approve} or {setApprovalForAll}. * * Emits a {Transfer} event. */ function transferFrom( address from, address to, uint256 tokenId ) external payable; /** * @dev Gives permission to `to` to transfer `tokenId` token to another account. * The approval is cleared when the token is transferred. * * Only a single account can be approved at a time, so approving the * zero address clears previous approvals. * * Requirements: * * - The caller must own the token or be an approved operator. * - `tokenId` must exist. * * Emits an {Approval} event. */ function approve(address to, uint256 tokenId) external payable; /** * @dev Approve or remove `operator` as an operator for the caller. * Operators can call {transferFrom} or {safeTransferFrom} * for any token owned by the caller. * * Requirements: * * - The `operator` cannot be the caller. * * Emits an {ApprovalForAll} event. */ function setApprovalForAll(address operator, bool _approved) external; /** * @dev Returns the account approved for `tokenId` token. * * Requirements: * * - `tokenId` must exist. */ function getApproved(uint256 tokenId) external view returns (address operator); /** * @dev Returns if the `operator` is allowed to manage all of the assets of `owner`. * * See {setApprovalForAll}. */ function isApprovedForAll(address owner, address operator) external view returns (bool); // ============================================================= // IERC721Metadata // ============================================================= /** * @dev Returns the token collection name. */ function name() external view returns (string memory); /** * @dev Returns the token collection symbol. */ function symbol() external view returns (string memory); /** * @dev Returns the Uniform Resource Identifier (URI) for `tokenId` token. */ function tokenURI(uint256 tokenId) external view returns (string memory); // ============================================================= // IERC2309 // ============================================================= /** * @dev Emitted when tokens in `fromTokenId` to `toTokenId` * (inclusive) is transferred from `from` to `to`, as defined in the * [ERC2309](https://eips.ethereum.org/EIPS/eip-2309) standard. * * See {_mintERC2309} for more details. */ event ConsecutiveTransfer(uint256 indexed fromTokenId, uint256 toTokenId, address indexed from, address indexed to); }
// SPDX-License-Identifier: MIT pragma solidity ^0.8.4; /// @notice Gas optimized ECDSA wrapper. /// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/ECDSA.sol) /// @author Modified from Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/ECDSA.sol) /// @author Modified from OpenZeppelin (https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/ECDSA.sol) /// /// @dev Note: /// - The recovery functions use the ecrecover precompile (0x1). /// /// WARNING! Do NOT use signatures as unique identifiers. /// Please use EIP712 with a nonce included in the digest to prevent replay attacks. /// This implementation does NOT check if a signature is non-malleable. library ECDSA { /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ /* CUSTOM ERRORS */ /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ /// @dev The signature is invalid. error InvalidSignature(); /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ /* RECOVERY OPERATIONS */ /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ // Note: as of Solady version 0.0.68, these functions will // revert upon recovery failure for more safety by default. /// @dev Recovers the signer's address from a message digest `hash`, /// and the `signature`. /// /// This function does NOT accept EIP-2098 short form signatures. /// Use `recover(bytes32 hash, bytes32 r, bytes32 vs)` for EIP-2098 /// short form signatures instead. function recover(bytes32 hash, bytes memory signature) internal view returns (address result) { /// @solidity memory-safe-assembly assembly { let m := mload(0x40) // Cache the free memory pointer. let signatureLength := mload(signature) mstore(0x00, hash) mstore(0x20, byte(0, mload(add(signature, 0x60)))) // `v`. mstore(0x40, mload(add(signature, 0x20))) // `r`. mstore(0x60, mload(add(signature, 0x40))) // `s`. result := mload( staticcall( gas(), // Amount of gas left for the transaction. eq(signatureLength, 65), // Address of `ecrecover`. 0x00, // Start of input. 0x80, // Size of input. 0x01, // Start of output. 0x20 // Size of output. ) ) // `returndatasize()` will be `0x20` upon success, and `0x00` otherwise. if iszero(returndatasize()) { mstore(0x00, 0x8baa579f) // `InvalidSignature()`. revert(0x1c, 0x04) } mstore(0x60, 0) // Restore the zero slot. mstore(0x40, m) // Restore the free memory pointer. } } /// @dev Recovers the signer's address from a message digest `hash`, /// and the `signature`. /// /// This function does NOT accept EIP-2098 short form signatures. /// Use `recover(bytes32 hash, bytes32 r, bytes32 vs)` for EIP-2098 /// short form signatures instead. function recoverCalldata(bytes32 hash, bytes calldata signature) internal view returns (address result) { /// @solidity memory-safe-assembly assembly { let m := mload(0x40) // Cache the free memory pointer. mstore(0x00, hash) mstore(0x20, byte(0, calldataload(add(signature.offset, 0x40)))) // `v`. calldatacopy(0x40, signature.offset, 0x40) // Copy `r` and `s`. result := mload( staticcall( gas(), // Amount of gas left for the transaction. eq(signature.length, 65), // Address of `ecrecover`. 0x00, // Start of input. 0x80, // Size of input. 0x01, // Start of output. 0x20 // Size of output. ) ) // `returndatasize()` will be `0x20` upon success, and `0x00` otherwise. if iszero(returndatasize()) { mstore(0x00, 0x8baa579f) // `InvalidSignature()`. revert(0x1c, 0x04) } mstore(0x60, 0) // Restore the zero slot. mstore(0x40, m) // Restore the free memory pointer. } } /// @dev Recovers the signer's address from a message digest `hash`, /// and the EIP-2098 short form signature defined by `r` and `vs`. /// /// This function only accepts EIP-2098 short form signatures. /// See: https://eips.ethereum.org/EIPS/eip-2098 function recover(bytes32 hash, bytes32 r, bytes32 vs) internal view returns (address result) { /// @solidity memory-safe-assembly assembly { let m := mload(0x40) // Cache the free memory pointer. mstore(0x00, hash) mstore(0x20, add(shr(255, vs), 27)) // `v`. mstore(0x40, r) mstore(0x60, shr(1, shl(1, vs))) // `s`. result := mload( staticcall( gas(), // Amount of gas left for the transaction. 1, // Address of `ecrecover`. 0x00, // Start of input. 0x80, // Size of input. 0x01, // Start of output. 0x20 // Size of output. ) ) // `returndatasize()` will be `0x20` upon success, and `0x00` otherwise. if iszero(returndatasize()) { mstore(0x00, 0x8baa579f) // `InvalidSignature()`. revert(0x1c, 0x04) } mstore(0x60, 0) // Restore the zero slot. mstore(0x40, m) // Restore the free memory pointer. } } /// @dev Recovers the signer's address from a message digest `hash`, /// and the signature defined by `v`, `r`, `s`. function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal view returns (address result) { /// @solidity memory-safe-assembly assembly { let m := mload(0x40) // Cache the free memory pointer. mstore(0x00, hash) mstore(0x20, and(v, 0xff)) mstore(0x40, r) mstore(0x60, s) result := mload( staticcall( gas(), // Amount of gas left for the transaction. 1, // Address of `ecrecover`. 0x00, // Start of input. 0x80, // Size of input. 0x01, // Start of output. 0x20 // Size of output. ) ) // `returndatasize()` will be `0x20` upon success, and `0x00` otherwise. if iszero(returndatasize()) { mstore(0x00, 0x8baa579f) // `InvalidSignature()`. revert(0x1c, 0x04) } mstore(0x60, 0) // Restore the zero slot. mstore(0x40, m) // Restore the free memory pointer. } } /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ /* TRY-RECOVER OPERATIONS */ /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ // WARNING! // These functions will NOT revert upon recovery failure. // Instead, they will return the zero address upon recovery failure. // It is critical that the returned address is NEVER compared against // a zero address (e.g. an uninitialized address variable). /// @dev Recovers the signer's address from a message digest `hash`, /// and the `signature`. /// /// This function does NOT accept EIP-2098 short form signatures. /// Use `recover(bytes32 hash, bytes32 r, bytes32 vs)` for EIP-2098 /// short form signatures instead. function tryRecover(bytes32 hash, bytes memory signature) internal view returns (address result) { /// @solidity memory-safe-assembly assembly { let m := mload(0x40) // Cache the free memory pointer. let signatureLength := mload(signature) mstore(0x00, hash) mstore(0x20, byte(0, mload(add(signature, 0x60)))) // `v`. mstore(0x40, mload(add(signature, 0x20))) // `r`. mstore(0x60, mload(add(signature, 0x40))) // `s`. pop( staticcall( gas(), // Amount of gas left for the transaction. eq(signatureLength, 65), // Address of `ecrecover`. 0x00, // Start of input. 0x80, // Size of input. 0x40, // Start of output. 0x20 // Size of output. ) ) mstore(0x60, 0) // Restore the zero slot. // `returndatasize()` will be `0x20` upon success, and `0x00` otherwise. result := mload(xor(0x60, returndatasize())) mstore(0x40, m) // Restore the free memory pointer. } } /// @dev Recovers the signer's address from a message digest `hash`, /// and the `signature`. /// /// This function does NOT accept EIP-2098 short form signatures. /// Use `recover(bytes32 hash, bytes32 r, bytes32 vs)` for EIP-2098 /// short form signatures instead. function tryRecoverCalldata(bytes32 hash, bytes calldata signature) internal view returns (address result) { /// @solidity memory-safe-assembly assembly { let m := mload(0x40) // Cache the free memory pointer. mstore(0x00, hash) mstore(0x20, byte(0, calldataload(add(signature.offset, 0x40)))) // `v`. calldatacopy(0x40, signature.offset, 0x40) // Copy `r` and `s`. pop( staticcall( gas(), // Amount of gas left for the transaction. eq(signature.length, 65), // Address of `ecrecover`. 0x00, // Start of input. 0x80, // Size of input. 0x40, // Start of output. 0x20 // Size of output. ) ) mstore(0x60, 0) // Restore the zero slot. // `returndatasize()` will be `0x20` upon success, and `0x00` otherwise. result := mload(xor(0x60, returndatasize())) mstore(0x40, m) // Restore the free memory pointer. } } /// @dev Recovers the signer's address from a message digest `hash`, /// and the EIP-2098 short form signature defined by `r` and `vs`. /// /// This function only accepts EIP-2098 short form signatures. /// See: https://eips.ethereum.org/EIPS/eip-2098 function tryRecover(bytes32 hash, bytes32 r, bytes32 vs) internal view returns (address result) { /// @solidity memory-safe-assembly assembly { let m := mload(0x40) // Cache the free memory pointer. mstore(0x00, hash) mstore(0x20, add(shr(255, vs), 27)) // `v`. mstore(0x40, r) mstore(0x60, shr(1, shl(1, vs))) // `s`. pop( staticcall( gas(), // Amount of gas left for the transaction. 1, // Address of `ecrecover`. 0x00, // Start of input. 0x80, // Size of input. 0x40, // Start of output. 0x20 // Size of output. ) ) mstore(0x60, 0) // Restore the zero slot. // `returndatasize()` will be `0x20` upon success, and `0x00` otherwise. result := mload(xor(0x60, returndatasize())) mstore(0x40, m) // Restore the free memory pointer. } } /// @dev Recovers the signer's address from a message digest `hash`, /// and the signature defined by `v`, `r`, `s`. function tryRecover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal view returns (address result) { /// @solidity memory-safe-assembly assembly { let m := mload(0x40) // Cache the free memory pointer. mstore(0x00, hash) mstore(0x20, and(v, 0xff)) mstore(0x40, r) mstore(0x60, s) pop( staticcall( gas(), // Amount of gas left for the transaction. 1, // Address of `ecrecover`. 0x00, // Start of input. 0x80, // Size of input. 0x40, // Start of output. 0x20 // Size of output. ) ) mstore(0x60, 0) // Restore the zero slot. // `returndatasize()` will be `0x20` upon success, and `0x00` otherwise. result := mload(xor(0x60, returndatasize())) mstore(0x40, m) // Restore the free memory pointer. } } /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ /* HASHING OPERATIONS */ /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ /// @dev Returns an Ethereum Signed Message, created from a `hash`. /// This produces a hash corresponding to the one signed with the /// [`eth_sign`](https://eth.wiki/json-rpc/API#eth_sign) /// JSON-RPC method as part of EIP-191. function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32 result) { /// @solidity memory-safe-assembly assembly { mstore(0x20, hash) // Store into scratch space for keccak256. mstore(0x00, "\x00\x00\x00\x00\x19Ethereum Signed Message:\n32") // 28 bytes. result := keccak256(0x04, 0x3c) // `32 * 2 - (32 - 28) = 60 = 0x3c`. } } /// @dev Returns an Ethereum Signed Message, created from `s`. /// This produces a hash corresponding to the one signed with the /// [`eth_sign`](https://eth.wiki/json-rpc/API#eth_sign) /// JSON-RPC method as part of EIP-191. /// Note: Supports lengths of `s` up to 999999 bytes. function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32 result) { /// @solidity memory-safe-assembly assembly { let sLength := mload(s) let o := 0x20 mstore(o, "\x19Ethereum Signed Message:\n") // 26 bytes, zero-right-padded. mstore(0x00, 0x00) // Convert the `s.length` to ASCII decimal representation: `base10(s.length)`. for { let temp := sLength } 1 {} { o := sub(o, 1) mstore8(o, add(48, mod(temp, 10))) temp := div(temp, 10) if iszero(temp) { break } } let n := sub(0x3a, o) // Header length: `26 + 32 - o`. // Throw an out-of-offset error (consumes all gas) if the header exceeds 32 bytes. returndatacopy(returndatasize(), returndatasize(), gt(n, 0x20)) mstore(s, or(mload(0x00), mload(n))) // Temporarily store the header. result := keccak256(add(s, sub(0x20, n)), add(n, sLength)) mstore(s, sLength) // Restore the length. } } /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ /* EMPTY CALLDATA HELPERS */ /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ /// @dev Returns an empty calldata bytes. function emptySignature() internal pure returns (bytes calldata signature) { /// @solidity memory-safe-assembly assembly { signature.length := 0 } } }
// SPDX-License-Identifier: MIT pragma solidity ^0.8.4; /// @notice Gas optimized verification of proof of inclusion for a leaf in a Merkle tree. /// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/MerkleProofLib.sol) /// @author Modified from Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/MerkleProofLib.sol) /// @author Modified from OpenZeppelin (https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/MerkleProof.sol) library MerkleProofLib { /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ /* MERKLE PROOF VERIFICATION OPERATIONS */ /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ /// @dev Returns whether `leaf` exists in the Merkle tree with `root`, given `proof`. function verify(bytes32[] memory proof, bytes32 root, bytes32 leaf) internal pure returns (bool isValid) { /// @solidity memory-safe-assembly assembly { if mload(proof) { // Initialize `offset` to the offset of `proof` elements in memory. let offset := add(proof, 0x20) // Left shift by 5 is equivalent to multiplying by 0x20. let end := add(offset, shl(5, mload(proof))) // Iterate over proof elements to compute root hash. for {} 1 {} { // Slot of `leaf` in scratch space. // If the condition is true: 0x20, otherwise: 0x00. let scratch := shl(5, gt(leaf, mload(offset))) // Store elements to hash contiguously in scratch space. // Scratch space is 64 bytes (0x00 - 0x3f) and both elements are 32 bytes. mstore(scratch, leaf) mstore(xor(scratch, 0x20), mload(offset)) // Reuse `leaf` to store the hash to reduce stack operations. leaf := keccak256(0x00, 0x40) offset := add(offset, 0x20) if iszero(lt(offset, end)) { break } } } isValid := eq(leaf, root) } } /// @dev Returns whether `leaf` exists in the Merkle tree with `root`, given `proof`. function verifyCalldata(bytes32[] calldata proof, bytes32 root, bytes32 leaf) internal pure returns (bool isValid) { /// @solidity memory-safe-assembly assembly { if proof.length { // Left shift by 5 is equivalent to multiplying by 0x20. let end := add(proof.offset, shl(5, proof.length)) // Initialize `offset` to the offset of `proof` in the calldata. let offset := proof.offset // Iterate over proof elements to compute root hash. for {} 1 {} { // Slot of `leaf` in scratch space. // If the condition is true: 0x20, otherwise: 0x00. let scratch := shl(5, gt(leaf, calldataload(offset))) // Store elements to hash contiguously in scratch space. // Scratch space is 64 bytes (0x00 - 0x3f) and both elements are 32 bytes. mstore(scratch, leaf) mstore(xor(scratch, 0x20), calldataload(offset)) // Reuse `leaf` to store the hash to reduce stack operations. leaf := keccak256(0x00, 0x40) offset := add(offset, 0x20) if iszero(lt(offset, end)) { break } } } isValid := eq(leaf, root) } } /// @dev Returns whether all `leaves` exist in the Merkle tree with `root`, /// given `proof` and `flags`. /// /// Note: /// - Breaking the invariant `flags.length == (leaves.length - 1) + proof.length` /// will always return false. /// - The sum of the lengths of `proof` and `leaves` must never overflow. /// - Any non-zero word in the `flags` array is treated as true. /// - The memory offset of `proof` must be be non-zero /// (i.e. `proof` is not pointing to the scratch space). function verifyMultiProof( bytes32[] memory proof, bytes32 root, bytes32[] memory leaves, bool[] memory flags ) internal pure returns (bool isValid) { // Rebuilds the root by consuming and producing values on a queue. // The queue starts with the `leaves` array, and goes into a `hashes` array. // After the process, the last element on the queue is verified // to be equal to the `root`. // // The `flags` array denotes whether the sibling // should be popped from the queue (`flag == true`), or // should be popped from the `proof` (`flag == false`). /// @solidity memory-safe-assembly assembly { // Cache the lengths of the arrays. let leavesLength := mload(leaves) let proofLength := mload(proof) let flagsLength := mload(flags) // Advance the pointers of the arrays to point to the data. leaves := add(0x20, leaves) proof := add(0x20, proof) flags := add(0x20, flags) // If the number of flags is correct. for {} eq(add(leavesLength, proofLength), add(flagsLength, 1)) {} { // For the case where `proof.length + leaves.length == 1`. if iszero(flagsLength) { // `isValid = (proof.length == 1 ? proof[0] : leaves[0]) == root`. isValid := eq(mload(xor(leaves, mul(xor(proof, leaves), proofLength))), root) break } // The required final proof offset if `flagsLength` is not zero, otherwise zero. let proofEnd := add(proof, shl(5, proofLength)) // We can use the free memory space for the queue. // We don't need to allocate, since the queue is temporary. let hashesFront := mload(0x40) // Copy the leaves into the hashes. // Sometimes, a little memory expansion costs less than branching. // Should cost less, even with a high free memory offset of 0x7d00. leavesLength := shl(5, leavesLength) for { let i := 0 } iszero(eq(i, leavesLength)) { i := add(i, 0x20) } { mstore(add(hashesFront, i), mload(add(leaves, i))) } // Compute the back of the hashes. let hashesBack := add(hashesFront, leavesLength) // This is the end of the memory for the queue. // We recycle `flagsLength` to save on stack variables (sometimes save gas). flagsLength := add(hashesBack, shl(5, flagsLength)) for {} 1 {} { // Pop from `hashes`. let a := mload(hashesFront) // Pop from `hashes`. let b := mload(add(hashesFront, 0x20)) hashesFront := add(hashesFront, 0x40) // If the flag is false, load the next proof, // else, pops from the queue. if iszero(mload(flags)) { // Loads the next proof. b := mload(proof) proof := add(proof, 0x20) // Unpop from `hashes`. hashesFront := sub(hashesFront, 0x20) } // Advance to the next flag. flags := add(flags, 0x20) // Slot of `a` in scratch space. // If the condition is true: 0x20, otherwise: 0x00. let scratch := shl(5, gt(a, b)) // Hash the scratch space and push the result onto the queue. mstore(scratch, a) mstore(xor(scratch, 0x20), b) mstore(hashesBack, keccak256(0x00, 0x40)) hashesBack := add(hashesBack, 0x20) if iszero(lt(hashesBack, flagsLength)) { break } } isValid := and( // Checks if the last value in the queue is same as the root. eq(mload(sub(hashesBack, 0x20)), root), // And whether all the proofs are used, if required. eq(proofEnd, proof) ) break } } } /// @dev Returns whether all `leaves` exist in the Merkle tree with `root`, /// given `proof` and `flags`. /// /// Note: /// - Breaking the invariant `flags.length == (leaves.length - 1) + proof.length` /// will always return false. /// - Any non-zero word in the `flags` array is treated as true. /// - The calldata offset of `proof` must be non-zero /// (i.e. `proof` is from a regular Solidity function with a 4-byte selector). function verifyMultiProofCalldata( bytes32[] calldata proof, bytes32 root, bytes32[] calldata leaves, bool[] calldata flags ) internal pure returns (bool isValid) { // Rebuilds the root by consuming and producing values on a queue. // The queue starts with the `leaves` array, and goes into a `hashes` array. // After the process, the last element on the queue is verified // to be equal to the `root`. // // The `flags` array denotes whether the sibling // should be popped from the queue (`flag == true`), or // should be popped from the `proof` (`flag == false`). /// @solidity memory-safe-assembly assembly { // If the number of flags is correct. for {} eq(add(leaves.length, proof.length), add(flags.length, 1)) {} { // For the case where `proof.length + leaves.length == 1`. if iszero(flags.length) { // `isValid = (proof.length == 1 ? proof[0] : leaves[0]) == root`. // forgefmt: disable-next-item isValid := eq( calldataload( xor(leaves.offset, mul(xor(proof.offset, leaves.offset), proof.length)) ), root ) break } // The required final proof offset if `flagsLength` is not zero, otherwise zero. let proofEnd := add(proof.offset, shl(5, proof.length)) // We can use the free memory space for the queue. // We don't need to allocate, since the queue is temporary. let hashesFront := mload(0x40) // Copy the leaves into the hashes. // Sometimes, a little memory expansion costs less than branching. // Should cost less, even with a high free memory offset of 0x7d00. calldatacopy(hashesFront, leaves.offset, shl(5, leaves.length)) // Compute the back of the hashes. let hashesBack := add(hashesFront, shl(5, leaves.length)) // This is the end of the memory for the queue. // We recycle `flagsLength` to save on stack variables (sometimes save gas). flags.length := add(hashesBack, shl(5, flags.length)) // We don't need to make a copy of `proof.offset` or `flags.offset`, // as they are pass-by-value (this trick may not always save gas). for {} 1 {} { // Pop from `hashes`. let a := mload(hashesFront) // Pop from `hashes`. let b := mload(add(hashesFront, 0x20)) hashesFront := add(hashesFront, 0x40) // If the flag is false, load the next proof, // else, pops from the queue. if iszero(calldataload(flags.offset)) { // Loads the next proof. b := calldataload(proof.offset) proof.offset := add(proof.offset, 0x20) // Unpop from `hashes`. hashesFront := sub(hashesFront, 0x20) } // Advance to the next flag offset. flags.offset := add(flags.offset, 0x20) // Slot of `a` in scratch space. // If the condition is true: 0x20, otherwise: 0x00. let scratch := shl(5, gt(a, b)) // Hash the scratch space and push the result onto the queue. mstore(scratch, a) mstore(xor(scratch, 0x20), b) mstore(hashesBack, keccak256(0x00, 0x40)) hashesBack := add(hashesBack, 0x20) if iszero(lt(hashesBack, flags.length)) { break } } isValid := and( // Checks if the last value in the queue is same as the root. eq(mload(sub(hashesBack, 0x20)), root), // And whether all the proofs are used, if required. eq(proofEnd, proof.offset) ) break } } } /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ /* EMPTY CALLDATA HELPERS */ /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ /// @dev Returns an empty calldata bytes32 array. function emptyProof() internal pure returns (bytes32[] calldata proof) { /// @solidity memory-safe-assembly assembly { proof.length := 0 } } /// @dev Returns an empty calldata bytes32 array. function emptyLeaves() internal pure returns (bytes32[] calldata leaves) { /// @solidity memory-safe-assembly assembly { leaves.length := 0 } } /// @dev Returns an empty calldata bool array. function emptyFlags() internal pure returns (bool[] calldata flags) { /// @solidity memory-safe-assembly assembly { flags.length := 0 } } }
{ "optimizer": { "enabled": true, "runs": 100 }, "outputSelection": { "*": { "*": [ "evm.bytecode", "evm.deployedBytecode", "devdoc", "userdoc", "metadata", "abi" ] } }, "metadata": { "useLiteralContent": true }, "libraries": {} }
Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
[{"inputs":[],"name":"BalanceEmpty","type":"error"},{"inputs":[],"name":"BurnToMintDisabled","type":"error"},{"inputs":[],"name":"Erc20BalanceTooLow","type":"error"},{"inputs":[],"name":"ExcessiveEthSent","type":"error"},{"inputs":[],"name":"InsufficientEthSent","type":"error"},{"inputs":[],"name":"InvalidAmountOfTokens","type":"error"},{"inputs":[],"name":"InvalidReferral","type":"error"},{"inputs":[],"name":"InvalidSignature","type":"error"},{"inputs":[],"name":"ListMaxSupplyExceeded","type":"error"},{"inputs":[],"name":"MaxBatchSizeExceeded","type":"error"},{"inputs":[],"name":"MaxSupplyExceeded","type":"error"},{"inputs":[],"name":"MintEnded","type":"error"},{"inputs":[],"name":"MintNotYetStarted","type":"error"},{"inputs":[],"name":"MintingPaused","type":"error"},{"inputs":[],"name":"NotApprovedToTransfer","type":"error"},{"inputs":[],"name":"NotTokenOwner","type":"error"},{"inputs":[],"name":"NumberOfMintsExceeded","type":"error"},{"inputs":[],"name":"TransferFailed","type":"error"},{"inputs":[],"name":"WalletUnauthorizedToMint","type":"error"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"bytes32","name":"key","type":"bytes32"},{"indexed":true,"internalType":"bytes32","name":"cid","type":"bytes32"}],"name":"Invited","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"affiliate","type":"address"},{"indexed":false,"internalType":"address","name":"token","type":"address"},{"indexed":false,"internalType":"uint128","name":"wad","type":"uint128"},{"indexed":false,"internalType":"uint256","name":"numMints","type":"uint256"}],"name":"Referral","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"src","type":"address"},{"indexed":false,"internalType":"address","name":"token","type":"address"},{"indexed":false,"internalType":"uint128","name":"wad","type":"uint128"}],"name":"Withdrawal","type":"event"},{"inputs":[{"internalType":"address","name":"affiliate","type":"address"},{"internalType":"bytes","name":"signature","type":"bytes"},{"internalType":"address","name":"affiliateSigner","type":"address"}],"name":"validateAffiliate","outputs":[],"stateMutability":"view","type":"function"},{"inputs":[{"components":[{"internalType":"bytes32","name":"key","type":"bytes32"},{"internalType":"bytes32[]","name":"proof","type":"bytes32[]"}],"internalType":"struct Auth","name":"auth","type":"tuple"},{"internalType":"address","name":"tokenAddress","type":"address"},{"internalType":"address","name":"account","type":"address"}],"name":"verify","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"pure","type":"function"}]
Contract Creation Code
611d4461003a600b82828239805160001a60731461002d57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe73000000000000000000000000000000000000000030146080604052600436106100775760003560e01c806308497c321461007c5780630e6a2eda1461009e5780632a70e582146100c457806340fe1ac7146100e757806360f0e596146100fa5780638c42a1501461011a5780639b2e2ef31461012d575b600080fd5b81801561008857600080fd5b5061009c610097366004611706565b610140565b005b6100b16100ac366004611773565b610563565b6040519081526020015b60405180910390f35b6100d76100d23660046117d8565b610815565b60405190151581526020016100bb565b61009c6100f5366004611883565b6108d8565b81801561010657600080fd5b5061009c61011536600461192e565b6109af565b61009c6101283660046119a0565b610dd9565b61009c61013b366004611a6d565b6112ce565b6002870154600160401b90046001600160a01b031634811561017a576101778960058a0186866001600160a01b038a161515610563565b90505b60006001600160a01b03861615610285576003890154612710906101a990600160e01b900461ffff1684611ae7565b6101b39190611b28565b6001600160a01b03808816600090815260208a815260408083209388168352929052908120805492935083929091906101f69084906001600160801b0316611b4e565b92506101000a8154816001600160801b0302191690836001600160801b03160217905550856001600160a01b03167f8abfbe92bb62ff992ef6347c68d007f25a6e5aea2ad2f05e89f3486947cc0b2084838860405161027c939291906001600160a01b039390931683526001600160801b03919091166020830152604082015260600190565b60405180910390a25b60038901546000906001600160a01b03161561033d5760038a0154612710906002906102bc90600160f01b900461ffff1686611ae7565b6102c69190611b28565b6102d09190611b28565b60038b01546001600160a01b03908116600090815260208b815260408083209389168352929052908120805492935083929091906103189084906001600160801b0316611b4e565b92506101000a8154816001600160801b0302191690836001600160801b031602179055505b6001600160a01b038416600090815260208a815260408083208151808301909252546001600160801b038082168352600160801b909104169181019190915260038c015490919083906127109061039f90600160f01b900461ffff1688611ae7565b6103a99190611b28565b6103b39190611b75565b9050600083826103c38789611b75565b6103cd9190611b75565b6103d79190611b75565b905060405180604001604052808285600001516103f49190611b4e565b6001600160801b031681526020018385602001516104129190611b4e565b6001600160801b03168152508c6000896001600160a01b03166001600160a01b0316815260200190815260200160002060008201518160000160006101000a8154816001600160801b0302191690836001600160801b0316021790555060208201518160000160106101000a8154816001600160801b0302191690836001600160801b0316021790555090505060006001600160a01b0316876001600160a01b03161461055357866001600160a01b0381166323b872dd6104d161161c565b6040516001600160e01b031960e084901b1681526001600160a01b0390911660048201523060248201526001600160801b038a1660448201526064016020604051808303816000875af115801561052c573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906105509190611b95565b50505b5050505050505050505050505050565b845460028601546000916001600160801b03169063ffffffff161561069857600187015460028801546000916001600160801b0381169163ffffffff908116916105b691600160801b9091041642611bb2565b6105c09190611bcb565b6105ca9190611bdf565b8854909150600160801b90046001600160801b031682111561063357875461060290600160801b90046001600160801b031683611bb2565b811115610622578754600160801b90046001600160801b03169150610696565b61062c8183611bb2565b9150610696565b8754600160801b90046001600160801b0316821015610696578754610669908390600160801b90046001600160801b0316611bb2565b811115610689578754600160801b90046001600160801b03169150610696565b6106938183611bf6565b91505b505b60006106a48683611bdf565b600289015490915063ffffffff166000036107335760018801546000906106d59087906001600160801b0316611bdf565b6106df9084611bf6565b905060026106ee600189611bb2565b60018b0154610707908a906001600160801b0316611bdf565b6107119190611bdf565b61071b9190611bcb565b6107258883611bdf565b61072f9190611bf6565b9150505b83156107645786546127109061074d9061ffff1683611bdf565b6107579190611bcb565b6107619082611bb2565b90505b600187015460005b8181101561080557600089600101828154811061078b5761078b611c09565b60009182526020909120015461ffff1690508089106107fc576127108a60010183815481106107bc576107bc611c09565b6000918252602090912001546107dc9062010000900461ffff1686611bdf565b6107e69190611bcb565b6107f09085611bb2565b9550505050505061080c565b5060010161076c565b5090925050505b95945050505050565b600060ff84351115806108515750826040516020016108349190611c1f565b604051602081830303815290604052805190602001208460000135145b1561085e575060016108d1565b6108ce61086e6020860186611c3c565b8080602002602001604051908101604052809392919081815260200183836020028082843760009201919091525050604051883592506108b391508690602001611c1f565b60405160208183030381529060405280519060200120611643565b90505b9392505050565b600061092f856040516020016108ee9190611c1f565b604051602081830303815290604052805190602001206020527b19457468657265756d205369676e6564204d6573736167653a0a3332600052603c60042090565b905060006109738286868080601f01602080910402602001604051908101604052809392919081815260200183838082843760009201919091525061168592505050565b9050826001600160a01b0316816001600160a01b0316146109a757604051638baa579f60e01b815260040160405180910390fd5b505050505050565b60006109b961161c565b905060005b82811015610dcf5760008484838181106109da576109da611c09565b90506020020160208101906109ef9190611c85565b90506000866001600160a01b0316846001600160a01b03161480610a22575060028a01546001600160a01b038581169116145b80610a4957506001600160a01b0384167386b82972282dd22348374bc63fd21620f7ed847b145b15610ace576001600160a01b03808316600090815260208b905260409020908581169089161480610a89575060028b01546001600160a01b038681169116145b15610aad5780546001600160801b0319811682556001600160801b03169150610ac8565b80546001600160801b038082168355600160801b9091041691505b50610b0c565b506001600160a01b0383811660009081526020898152604080832093851683529290522080546001600160801b031981169091556001600160801b03165b806001600160801b0316600003610b36576040516321cd723f60e21b815260040160405180910390fd5b6001600160a01b038216610c61576000876001600160a01b0316856001600160a01b0316148015610b73575060028b01546001600160a01b031615155b15610be05760028b01546040516001600160a01b03909116906001600160801b03841690600081818185875af1925050503d8060008114610bd0576040519150601f19603f3d011682016040523d82523d6000602084013e610bd5565b606091505b505080915050610c3d565b6040516001600160a01b038616906001600160801b03841690600081818185875af1925050503d8060008114610c32576040519150601f19603f3d011682016040523d82523d6000602084013e610c37565b606091505b50909150505b80610c5b576040516312171d8360e31b815260040160405180910390fd5b50610d82565b816001600160a01b03858116908916148015610c89575060028b01546001600160a01b031615155b15610d0d5760028b015460405163a9059cbb60e01b81526001600160a01b038381169263a9059cbb92610cc492909116908690600401611ca2565b6020604051808303816000875af1158015610ce3573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610d079190611b95565b50610d80565b60405163a9059cbb60e01b81526001600160a01b0382169063a9059cbb90610d3b9088908690600401611ca2565b6020604051808303816000875af1158015610d5a573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610d7e9190611b95565b505b505b836001600160a01b03167f02128911bc7070fd6c100b116c2dd9a3bb6bf132d5259a65ca8d0c86ccd78f498383604051610dbd929190611ca2565b60405180910390a250506001016109be565b5050505050505050565b6000610de361161c565b90506001600160a01b03871615610e87576001600160a01b0387167386b82972282dd22348374bc63fd21620f7ed847b1480610e305750876001600160a01b0316876001600160a01b0316145b80610e4c5750806001600160a01b0316876001600160a01b0316145b15610e6a5760405163119833d760e11b815260040160405180910390fd5b60018b0154610e87908890859085906001600160a01b03166108d8565b60018c0154600160c01b900463ffffffff16600003610eb9576040516375ab03ab60e11b815260040160405180910390fd5b60028c0154610eda908b90600160401b90046001600160a01b031683610815565b610ef75760405163d838648f60e01b815260040160405180910390fd5b60018c0154600160801b900463ffffffff16421015610f2957604051630e91d3a160e11b815260040160405180910390fd5b60018c015463ffffffff600160801b82048116600160a01b90920416118015610f62575060018c0154600160a01b900463ffffffff1642115b15610f805760405163124212e560e21b815260040160405180910390fd5b60018c015463ffffffff600160e01b82048116600160c01b909204161015611007576001600160a01b0381166000908152602086815260408083208d358452909152812054610fd0908b90611bf6565b60018e0154909150600160c01b900463ffffffff16811115611005576040516315fcbc9d60e01b815260040160405180910390fd5b505b60038b015460018d0154600160a01b90910463ffffffff908116600160e01b90920416101561108357893560009081526020859052604081205461104c908b90611bf6565b60018e0154909150600160e01b900463ffffffff168111156110815760405163103f447360e31b815260040160405180910390fd5b505b60038b0154600160c01b900463ffffffff168911156110b557604051637a7e96df60e01b815260040160405180910390fd5b60038b0154600160a01b900463ffffffff166110d18a88611bf6565b11156110f057604051638a164f6360e01b815260040160405180910390fd5b89356000908152602085905260408120549061111d8e60058f018d856001600160a01b038e161515610563565b60028f0154909150600160401b90046001600160a01b03161561128c5760028e0154604051636eb1769f60e11b81526001600160a01b038581166004830152306024830152600160401b909204909116908290829063dd62ed3e90604401602060405180830381865afa158015611198573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906111bc9190611cc4565b10156111db576040516302df483560e21b815260040160405180910390fd5b6040516370a0823160e01b81526001600160a01b0385811660048301528391908316906370a0823190602401602060405180830381865afa158015611224573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906112489190611cc4565b10156112675760405163046abae760e31b815260040160405180910390fd5b3415611286576040516301b2422760e61b815260040160405180910390fd5b50610553565b803410156112ad5760405163f244866f60e01b815260040160405180910390fd5b80341115610553576040516301b2422760e61b815260040160405180910390fd5b6001850154600160a01b900460ff166112fa57604051631dc68aa160e11b815260040160405180910390fd5b6001850154600160c01b90046001600160401b031642101561132f57604051630e91d3a160e11b815260040160405180910390fd5b600061133961161c565b905060005b848110156114015786546001600160a01b038084169116636352211e88888581811061136c5761136c611c09565b905060200201356040518263ffffffff1660e01b815260040161139191815260200190565b602060405180830381865afa1580156113ae573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906113d29190611cdd565b6001600160a01b0316146113f9576040516359dc379f60e01b815260040160405180910390fd5b60010161133e565b50855460405163e985e9c560e01b81526001600160a01b0383811660048301523060248301529091169063e985e9c590604401602060405180830381865afa158015611451573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906114759190611b95565b611492576040516302df483560e21b815260040160405180910390fd5b6001860154600090600160a81b900460ff16156114ca5760018701546114c390600160b01b900461ffff1686611bdf565b905061151f565b60018701546114e490600160b01b900461ffff1686611cfa565b1561150257604051630421c69d60e31b815260040160405180910390fd5b600187015461151c90600160b01b900461ffff1686611bcb565b90505b6003880154600160c01b900463ffffffff1681111561155157604051637a7e96df60e01b815260040160405180910390fd5b60038801546002880154600160a01b90910463ffffffff166001600160401b0390911610156115e1576001600160a01b03821660009081526020848152604080832063313ab93760e11b84529091528120546115ae908390611bf6565b60028901549091506001600160401b03168111156115df576040516315fcbc9d60e01b815260040160405180910390fd5b505b6003880154600160a01b900463ffffffff166115fd8286611bf6565b1115610dcf57604051638a164f6360e01b815260040160405180910390fd5b600033736bc558a6dc48defa0e7022713c23d65ab26e4fa71461163e57503390565b503290565b600083511561167e5760208401845160051b81015b8151841160051b9384528151602094851852604060002093909101908082106116585750505b5014919050565b6000604051825184600052606084015160001a602052602084015160405260408401516060526020600160806000604185145afa519250503d6116d057638baa579f6000526004601cfd5b600060605260405292915050565b6001600160a01b03811681146116f357600080fd5b50565b8035611701816116de565b919050565b600080600080600080600060e0888a03121561172157600080fd5b873596506020880135955060408801359450606088013593506080880135611748816116de565b9699959850939692959460a0840135945060c09093013592915050565b80151581146116f357600080fd5b600080600080600060a0868803121561178b57600080fd5b8535945060208601359350604086013592506060860135915060808601356117b281611765565b809150509295509295909350565b6000604082840312156117d257600080fd5b50919050565b6000806000606084860312156117ed57600080fd5b83356001600160401b0381111561180357600080fd5b61180f868287016117c0565b9350506020840135611820816116de565b91506040840135611830816116de565b809150509250925092565b60008083601f84011261184d57600080fd5b5081356001600160401b0381111561186457600080fd5b60208301915083602082850101111561187c57600080fd5b9250929050565b6000806000806060858703121561189957600080fd5b84356118a4816116de565b935060208501356001600160401b038111156118bf57600080fd5b6118cb8782880161183b565b90945092505060408501356118df816116de565b939692955090935050565b60008083601f8401126118fc57600080fd5b5081356001600160401b0381111561191357600080fd5b6020830191508360208260051b850101111561187c57600080fd5b60008060008060008060a0878903121561194757600080fd5b8635955060208701359450604087013593506060870135611967816116de565b925060808701356001600160401b0381111561198257600080fd5b61198e89828a016118ea565b979a9699509497509295939492505050565b60008060008060008060008060008060006101408c8e0312156119c257600080fd5b8b359a5060208c013599506001600160401b038060408e013511156119e657600080fd5b6119f68e60408f01358f016117c0565b995060608d01359850611a0b60808e016116f6565b9750611a1960a08e016116f6565b965060c08d0135955060e08d013594506101008d01359350806101208e01351115611a4357600080fd5b50611a558d6101208e01358e0161183b565b81935080925050509295989b509295989b9093969950565b60008060008060008060a08789031215611a8657600080fd5b863595506020870135945060408701356001600160401b03811115611aaa57600080fd5b611ab689828a016118ea565b979a9699509760608101359660809091013595509350505050565b634e487b7160e01b600052601160045260246000fd5b6001600160801b03818116838216028082169190828114611b0a57611b0a611ad1565b505092915050565b634e487b7160e01b600052601260045260246000fd5b60006001600160801b0383811680611b4257611b42611b12565b92169190910492915050565b6001600160801b03818116838216019080821115611b6e57611b6e611ad1565b5092915050565b6001600160801b03828116828216039080821115611b6e57611b6e611ad1565b600060208284031215611ba757600080fd5b81516108d181611765565b81810381811115611bc557611bc5611ad1565b92915050565b600082611bda57611bda611b12565b500490565b8082028115828204841417611bc557611bc5611ad1565b80820180821115611bc557611bc5611ad1565b634e487b7160e01b600052603260045260246000fd5b60609190911b6bffffffffffffffffffffffff1916815260140190565b6000808335601e19843603018112611c5357600080fd5b8301803591506001600160401b03821115611c6d57600080fd5b6020019150600581901b360382131561187c57600080fd5b600060208284031215611c9757600080fd5b81356108d1816116de565b6001600160a01b039290921682526001600160801b0316602082015260400190565b600060208284031215611cd657600080fd5b5051919050565b600060208284031215611cef57600080fd5b81516108d1816116de565b600082611d0957611d09611b12565b50069056fea2646970667358221220d40e404af1369df6533655da7134b185811884a8d7117798705bd2ca9b2a30df64736f6c63430008130033
Deployed Bytecode
0x7304901b9b1e4367aecfe46314758dbf8368c2d3be30146080604052600436106100775760003560e01c806308497c321461007c5780630e6a2eda1461009e5780632a70e582146100c457806340fe1ac7146100e757806360f0e596146100fa5780638c42a1501461011a5780639b2e2ef31461012d575b600080fd5b81801561008857600080fd5b5061009c610097366004611706565b610140565b005b6100b16100ac366004611773565b610563565b6040519081526020015b60405180910390f35b6100d76100d23660046117d8565b610815565b60405190151581526020016100bb565b61009c6100f5366004611883565b6108d8565b81801561010657600080fd5b5061009c61011536600461192e565b6109af565b61009c6101283660046119a0565b610dd9565b61009c61013b366004611a6d565b6112ce565b6002870154600160401b90046001600160a01b031634811561017a576101778960058a0186866001600160a01b038a161515610563565b90505b60006001600160a01b03861615610285576003890154612710906101a990600160e01b900461ffff1684611ae7565b6101b39190611b28565b6001600160a01b03808816600090815260208a815260408083209388168352929052908120805492935083929091906101f69084906001600160801b0316611b4e565b92506101000a8154816001600160801b0302191690836001600160801b03160217905550856001600160a01b03167f8abfbe92bb62ff992ef6347c68d007f25a6e5aea2ad2f05e89f3486947cc0b2084838860405161027c939291906001600160a01b039390931683526001600160801b03919091166020830152604082015260600190565b60405180910390a25b60038901546000906001600160a01b03161561033d5760038a0154612710906002906102bc90600160f01b900461ffff1686611ae7565b6102c69190611b28565b6102d09190611b28565b60038b01546001600160a01b03908116600090815260208b815260408083209389168352929052908120805492935083929091906103189084906001600160801b0316611b4e565b92506101000a8154816001600160801b0302191690836001600160801b031602179055505b6001600160a01b038416600090815260208a815260408083208151808301909252546001600160801b038082168352600160801b909104169181019190915260038c015490919083906127109061039f90600160f01b900461ffff1688611ae7565b6103a99190611b28565b6103b39190611b75565b9050600083826103c38789611b75565b6103cd9190611b75565b6103d79190611b75565b905060405180604001604052808285600001516103f49190611b4e565b6001600160801b031681526020018385602001516104129190611b4e565b6001600160801b03168152508c6000896001600160a01b03166001600160a01b0316815260200190815260200160002060008201518160000160006101000a8154816001600160801b0302191690836001600160801b0316021790555060208201518160000160106101000a8154816001600160801b0302191690836001600160801b0316021790555090505060006001600160a01b0316876001600160a01b03161461055357866001600160a01b0381166323b872dd6104d161161c565b6040516001600160e01b031960e084901b1681526001600160a01b0390911660048201523060248201526001600160801b038a1660448201526064016020604051808303816000875af115801561052c573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906105509190611b95565b50505b5050505050505050505050505050565b845460028601546000916001600160801b03169063ffffffff161561069857600187015460028801546000916001600160801b0381169163ffffffff908116916105b691600160801b9091041642611bb2565b6105c09190611bcb565b6105ca9190611bdf565b8854909150600160801b90046001600160801b031682111561063357875461060290600160801b90046001600160801b031683611bb2565b811115610622578754600160801b90046001600160801b03169150610696565b61062c8183611bb2565b9150610696565b8754600160801b90046001600160801b0316821015610696578754610669908390600160801b90046001600160801b0316611bb2565b811115610689578754600160801b90046001600160801b03169150610696565b6106938183611bf6565b91505b505b60006106a48683611bdf565b600289015490915063ffffffff166000036107335760018801546000906106d59087906001600160801b0316611bdf565b6106df9084611bf6565b905060026106ee600189611bb2565b60018b0154610707908a906001600160801b0316611bdf565b6107119190611bdf565b61071b9190611bcb565b6107258883611bdf565b61072f9190611bf6565b9150505b83156107645786546127109061074d9061ffff1683611bdf565b6107579190611bcb565b6107619082611bb2565b90505b600187015460005b8181101561080557600089600101828154811061078b5761078b611c09565b60009182526020909120015461ffff1690508089106107fc576127108a60010183815481106107bc576107bc611c09565b6000918252602090912001546107dc9062010000900461ffff1686611bdf565b6107e69190611bcb565b6107f09085611bb2565b9550505050505061080c565b5060010161076c565b5090925050505b95945050505050565b600060ff84351115806108515750826040516020016108349190611c1f565b604051602081830303815290604052805190602001208460000135145b1561085e575060016108d1565b6108ce61086e6020860186611c3c565b8080602002602001604051908101604052809392919081815260200183836020028082843760009201919091525050604051883592506108b391508690602001611c1f565b60405160208183030381529060405280519060200120611643565b90505b9392505050565b600061092f856040516020016108ee9190611c1f565b604051602081830303815290604052805190602001206020527b19457468657265756d205369676e6564204d6573736167653a0a3332600052603c60042090565b905060006109738286868080601f01602080910402602001604051908101604052809392919081815260200183838082843760009201919091525061168592505050565b9050826001600160a01b0316816001600160a01b0316146109a757604051638baa579f60e01b815260040160405180910390fd5b505050505050565b60006109b961161c565b905060005b82811015610dcf5760008484838181106109da576109da611c09565b90506020020160208101906109ef9190611c85565b90506000866001600160a01b0316846001600160a01b03161480610a22575060028a01546001600160a01b038581169116145b80610a4957506001600160a01b0384167386b82972282dd22348374bc63fd21620f7ed847b145b15610ace576001600160a01b03808316600090815260208b905260409020908581169089161480610a89575060028b01546001600160a01b038681169116145b15610aad5780546001600160801b0319811682556001600160801b03169150610ac8565b80546001600160801b038082168355600160801b9091041691505b50610b0c565b506001600160a01b0383811660009081526020898152604080832093851683529290522080546001600160801b031981169091556001600160801b03165b806001600160801b0316600003610b36576040516321cd723f60e21b815260040160405180910390fd5b6001600160a01b038216610c61576000876001600160a01b0316856001600160a01b0316148015610b73575060028b01546001600160a01b031615155b15610be05760028b01546040516001600160a01b03909116906001600160801b03841690600081818185875af1925050503d8060008114610bd0576040519150601f19603f3d011682016040523d82523d6000602084013e610bd5565b606091505b505080915050610c3d565b6040516001600160a01b038616906001600160801b03841690600081818185875af1925050503d8060008114610c32576040519150601f19603f3d011682016040523d82523d6000602084013e610c37565b606091505b50909150505b80610c5b576040516312171d8360e31b815260040160405180910390fd5b50610d82565b816001600160a01b03858116908916148015610c89575060028b01546001600160a01b031615155b15610d0d5760028b015460405163a9059cbb60e01b81526001600160a01b038381169263a9059cbb92610cc492909116908690600401611ca2565b6020604051808303816000875af1158015610ce3573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610d079190611b95565b50610d80565b60405163a9059cbb60e01b81526001600160a01b0382169063a9059cbb90610d3b9088908690600401611ca2565b6020604051808303816000875af1158015610d5a573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610d7e9190611b95565b505b505b836001600160a01b03167f02128911bc7070fd6c100b116c2dd9a3bb6bf132d5259a65ca8d0c86ccd78f498383604051610dbd929190611ca2565b60405180910390a250506001016109be565b5050505050505050565b6000610de361161c565b90506001600160a01b03871615610e87576001600160a01b0387167386b82972282dd22348374bc63fd21620f7ed847b1480610e305750876001600160a01b0316876001600160a01b0316145b80610e4c5750806001600160a01b0316876001600160a01b0316145b15610e6a5760405163119833d760e11b815260040160405180910390fd5b60018b0154610e87908890859085906001600160a01b03166108d8565b60018c0154600160c01b900463ffffffff16600003610eb9576040516375ab03ab60e11b815260040160405180910390fd5b60028c0154610eda908b90600160401b90046001600160a01b031683610815565b610ef75760405163d838648f60e01b815260040160405180910390fd5b60018c0154600160801b900463ffffffff16421015610f2957604051630e91d3a160e11b815260040160405180910390fd5b60018c015463ffffffff600160801b82048116600160a01b90920416118015610f62575060018c0154600160a01b900463ffffffff1642115b15610f805760405163124212e560e21b815260040160405180910390fd5b60018c015463ffffffff600160e01b82048116600160c01b909204161015611007576001600160a01b0381166000908152602086815260408083208d358452909152812054610fd0908b90611bf6565b60018e0154909150600160c01b900463ffffffff16811115611005576040516315fcbc9d60e01b815260040160405180910390fd5b505b60038b015460018d0154600160a01b90910463ffffffff908116600160e01b90920416101561108357893560009081526020859052604081205461104c908b90611bf6565b60018e0154909150600160e01b900463ffffffff168111156110815760405163103f447360e31b815260040160405180910390fd5b505b60038b0154600160c01b900463ffffffff168911156110b557604051637a7e96df60e01b815260040160405180910390fd5b60038b0154600160a01b900463ffffffff166110d18a88611bf6565b11156110f057604051638a164f6360e01b815260040160405180910390fd5b89356000908152602085905260408120549061111d8e60058f018d856001600160a01b038e161515610563565b60028f0154909150600160401b90046001600160a01b03161561128c5760028e0154604051636eb1769f60e11b81526001600160a01b038581166004830152306024830152600160401b909204909116908290829063dd62ed3e90604401602060405180830381865afa158015611198573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906111bc9190611cc4565b10156111db576040516302df483560e21b815260040160405180910390fd5b6040516370a0823160e01b81526001600160a01b0385811660048301528391908316906370a0823190602401602060405180830381865afa158015611224573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906112489190611cc4565b10156112675760405163046abae760e31b815260040160405180910390fd5b3415611286576040516301b2422760e61b815260040160405180910390fd5b50610553565b803410156112ad5760405163f244866f60e01b815260040160405180910390fd5b80341115610553576040516301b2422760e61b815260040160405180910390fd5b6001850154600160a01b900460ff166112fa57604051631dc68aa160e11b815260040160405180910390fd5b6001850154600160c01b90046001600160401b031642101561132f57604051630e91d3a160e11b815260040160405180910390fd5b600061133961161c565b905060005b848110156114015786546001600160a01b038084169116636352211e88888581811061136c5761136c611c09565b905060200201356040518263ffffffff1660e01b815260040161139191815260200190565b602060405180830381865afa1580156113ae573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906113d29190611cdd565b6001600160a01b0316146113f9576040516359dc379f60e01b815260040160405180910390fd5b60010161133e565b50855460405163e985e9c560e01b81526001600160a01b0383811660048301523060248301529091169063e985e9c590604401602060405180830381865afa158015611451573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906114759190611b95565b611492576040516302df483560e21b815260040160405180910390fd5b6001860154600090600160a81b900460ff16156114ca5760018701546114c390600160b01b900461ffff1686611bdf565b905061151f565b60018701546114e490600160b01b900461ffff1686611cfa565b1561150257604051630421c69d60e31b815260040160405180910390fd5b600187015461151c90600160b01b900461ffff1686611bcb565b90505b6003880154600160c01b900463ffffffff1681111561155157604051637a7e96df60e01b815260040160405180910390fd5b60038801546002880154600160a01b90910463ffffffff166001600160401b0390911610156115e1576001600160a01b03821660009081526020848152604080832063313ab93760e11b84529091528120546115ae908390611bf6565b60028901549091506001600160401b03168111156115df576040516315fcbc9d60e01b815260040160405180910390fd5b505b6003880154600160a01b900463ffffffff166115fd8286611bf6565b1115610dcf57604051638a164f6360e01b815260040160405180910390fd5b600033736bc558a6dc48defa0e7022713c23d65ab26e4fa71461163e57503390565b503290565b600083511561167e5760208401845160051b81015b8151841160051b9384528151602094851852604060002093909101908082106116585750505b5014919050565b6000604051825184600052606084015160001a602052602084015160405260408401516060526020600160806000604185145afa519250503d6116d057638baa579f6000526004601cfd5b600060605260405292915050565b6001600160a01b03811681146116f357600080fd5b50565b8035611701816116de565b919050565b600080600080600080600060e0888a03121561172157600080fd5b873596506020880135955060408801359450606088013593506080880135611748816116de565b9699959850939692959460a0840135945060c09093013592915050565b80151581146116f357600080fd5b600080600080600060a0868803121561178b57600080fd5b8535945060208601359350604086013592506060860135915060808601356117b281611765565b809150509295509295909350565b6000604082840312156117d257600080fd5b50919050565b6000806000606084860312156117ed57600080fd5b83356001600160401b0381111561180357600080fd5b61180f868287016117c0565b9350506020840135611820816116de565b91506040840135611830816116de565b809150509250925092565b60008083601f84011261184d57600080fd5b5081356001600160401b0381111561186457600080fd5b60208301915083602082850101111561187c57600080fd5b9250929050565b6000806000806060858703121561189957600080fd5b84356118a4816116de565b935060208501356001600160401b038111156118bf57600080fd5b6118cb8782880161183b565b90945092505060408501356118df816116de565b939692955090935050565b60008083601f8401126118fc57600080fd5b5081356001600160401b0381111561191357600080fd5b6020830191508360208260051b850101111561187c57600080fd5b60008060008060008060a0878903121561194757600080fd5b8635955060208701359450604087013593506060870135611967816116de565b925060808701356001600160401b0381111561198257600080fd5b61198e89828a016118ea565b979a9699509497509295939492505050565b60008060008060008060008060008060006101408c8e0312156119c257600080fd5b8b359a5060208c013599506001600160401b038060408e013511156119e657600080fd5b6119f68e60408f01358f016117c0565b995060608d01359850611a0b60808e016116f6565b9750611a1960a08e016116f6565b965060c08d0135955060e08d013594506101008d01359350806101208e01351115611a4357600080fd5b50611a558d6101208e01358e0161183b565b81935080925050509295989b509295989b9093969950565b60008060008060008060a08789031215611a8657600080fd5b863595506020870135945060408701356001600160401b03811115611aaa57600080fd5b611ab689828a016118ea565b979a9699509760608101359660809091013595509350505050565b634e487b7160e01b600052601160045260246000fd5b6001600160801b03818116838216028082169190828114611b0a57611b0a611ad1565b505092915050565b634e487b7160e01b600052601260045260246000fd5b60006001600160801b0383811680611b4257611b42611b12565b92169190910492915050565b6001600160801b03818116838216019080821115611b6e57611b6e611ad1565b5092915050565b6001600160801b03828116828216039080821115611b6e57611b6e611ad1565b600060208284031215611ba757600080fd5b81516108d181611765565b81810381811115611bc557611bc5611ad1565b92915050565b600082611bda57611bda611b12565b500490565b8082028115828204841417611bc557611bc5611ad1565b80820180821115611bc557611bc5611ad1565b634e487b7160e01b600052603260045260246000fd5b60609190911b6bffffffffffffffffffffffff1916815260140190565b6000808335601e19843603018112611c5357600080fd5b8301803591506001600160401b03821115611c6d57600080fd5b6020019150600581901b360382131561187c57600080fd5b600060208284031215611c9757600080fd5b81356108d1816116de565b6001600160a01b039290921682526001600160801b0316602082015260400190565b600060208284031215611cd657600080fd5b5051919050565b600060208284031215611cef57600080fd5b81516108d1816116de565b600082611d0957611d09611b12565b50069056fea2646970667358221220d40e404af1369df6533655da7134b185811884a8d7117798705bd2ca9b2a30df64736f6c63430008130033
Loading...
Loading
Loading...
Loading
Multichain Portfolio | 27 Chains
Chain | Token | Portfolio % | Price | Amount | Value |
---|
Loading...
Loading
[ Download: CSV Export ]
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.