More Info
Private Name Tags
ContractCreator
Latest 25 from a total of 5,304 transactions
Transaction Hash |
Method
|
Block
|
From
|
To
|
|||||
---|---|---|---|---|---|---|---|---|---|
Claim Tokens | 21462888 | 2 hrs ago | IN | 0 ETH | 0.00096542 | ||||
Claim Tokens | 21462582 | 3 hrs ago | IN | 0 ETH | 0.0021361 | ||||
Claim Tokens | 21461902 | 5 hrs ago | IN | 0 ETH | 0.00263948 | ||||
Claim Tokens | 21461767 | 6 hrs ago | IN | 0 ETH | 0.00331265 | ||||
Claim Tokens | 21461145 | 8 hrs ago | IN | 0 ETH | 0.00319972 | ||||
Claim Tokens | 21460483 | 10 hrs ago | IN | 0 ETH | 0.00411922 | ||||
Claim Tokens | 21460334 | 11 hrs ago | IN | 0 ETH | 0.00311938 | ||||
Claim Tokens | 21460114 | 11 hrs ago | IN | 0 ETH | 0.00244716 | ||||
Claim Tokens | 21459703 | 13 hrs ago | IN | 0 ETH | 0.00189095 | ||||
Claim Tokens | 21459194 | 14 hrs ago | IN | 0 ETH | 0.00185155 | ||||
Claim Tokens | 21459064 | 15 hrs ago | IN | 0 ETH | 0.00330682 | ||||
Claim Tokens | 21458894 | 15 hrs ago | IN | 0 ETH | 0.00180664 | ||||
Claim Tokens | 21458487 | 17 hrs ago | IN | 0 ETH | 0.00186683 | ||||
Claim Tokens | 21457696 | 20 hrs ago | IN | 0 ETH | 0.00292838 | ||||
Claim Tokens | 21457531 | 20 hrs ago | IN | 0 ETH | 0.00150563 | ||||
Claim Tokens | 21457045 | 22 hrs ago | IN | 0 ETH | 0.0034363 | ||||
Claim Tokens | 21457022 | 22 hrs ago | IN | 0 ETH | 0.00263339 | ||||
Claim Tokens | 21456946 | 22 hrs ago | IN | 0 ETH | 0.00215975 | ||||
Claim Tokens | 21456671 | 23 hrs ago | IN | 0 ETH | 0.00179634 | ||||
Claim Tokens | 21456351 | 24 hrs ago | IN | 0 ETH | 0.00190538 | ||||
Claim Tokens | 21456025 | 25 hrs ago | IN | 0 ETH | 0.00298421 | ||||
Claim Tokens | 21455037 | 28 hrs ago | IN | 0 ETH | 0.0014038 | ||||
Claim Tokens | 21454828 | 29 hrs ago | IN | 0 ETH | 0.00439481 | ||||
Claim Tokens | 21454161 | 31 hrs ago | IN | 0 ETH | 0.00402082 | ||||
Claim Tokens | 21453785 | 33 hrs ago | IN | 0 ETH | 0.00084599 |
Latest 1 internal transaction
Advanced mode:
Parent Transaction Hash | Block |
From
|
To
|
|||
---|---|---|---|---|---|---|
20068049 | 194 days ago | Contract Creation | 0 ETH |
Loading...
Loading
Minimal Proxy Contract for 0xb68c1a821d4b2c4dea32264dec0543c04d0fee5d
Contract Name:
RewardDistributor
Compiler Version
v0.7.6+commit.7338295f
Optimization Enabled:
Yes with 200 runs
Other Settings:
default evmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import {IVotingEscrow} from "./interfaces/IVotingEscrow.sol"; import {IRewardDistributor} from "./interfaces/IRewardDistributor.sol"; import {IRewardFaucet} from "./interfaces/IRewardFaucet.sol"; import "@balancer-labs/v2-solidity-utils/contracts/openzeppelin/ReentrancyGuard.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/OptionalOnlyCaller.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/InputHelpers.sol"; import "@balancer-labs/v2-solidity-utils/contracts/openzeppelin/SafeERC20.sol"; import "@balancer-labs/v2-solidity-utils/contracts/openzeppelin/SafeMath.sol"; import "@balancer-labs/v2-solidity-utils/contracts/math/Math.sol"; // solhint-disable not-rely-on-time /** * @title Reward Distributor * @notice Distributes any tokens transferred to the contract among veBPT holders * proportionally based on a snapshot of the week at which the tokens are sent to the RewardDistributor contract. * @dev Supports distributing arbitrarily many different tokens. In order to start distributing a new token to veBPT * holders simply transfer the tokens to the `RewardDistributor` contract and then call `checkpointToken`. */ contract RewardDistributor is IRewardDistributor, OptionalOnlyCaller, ReentrancyGuard { using SafeMath for uint256; using SafeERC20 for IERC20; bool public isInitialized; IVotingEscrow private _votingEscrow; IRewardFaucet public rewardFaucet; uint256 private _startTime; // Global State uint256 private _timeCursor; mapping(uint256 => uint256) private _veSupplyCache; address public admin; address[] private _rewardTokens; mapping(address => bool) public allowedRewardTokens; // Token State // `startTime` and `timeCursor` are both timestamps so comfortably fit in a uint64. // `cachedBalance` will comfortably fit the total supply of any meaningful token. // Should more than 2^128 tokens be sent to this contract then checkpointing this token will fail until enough // tokens have been claimed to bring the total balance back below 2^128. struct TokenState { uint64 startTime; uint64 timeCursor; uint128 cachedBalance; } mapping(IERC20 => TokenState) private _tokenState; mapping(IERC20 => mapping(uint256 => uint256)) private _tokensPerWeek; // User State // `startTime` and `timeCursor` are timestamps so will comfortably fit in a uint64. // For `lastEpochCheckpointed` to overflow would need over 2^128 transactions to the VotingEscrow contract. struct UserState { uint64 startTime; uint64 timeCursor; uint128 lastEpochCheckpointed; } mapping(address => UserState) internal _userState; mapping(address => mapping(uint256 => uint256)) private _userBalanceAtTimestamp; mapping(address => mapping(IERC20 => uint256)) private _userTokenTimeCursor; constructor() EIP712("RewardDistributor", "1") {} modifier onlyAdmin() { require(admin == msg.sender, "not admin"); _; } function initialize( IVotingEscrow votingEscrow, IRewardFaucet rewardFaucet_, uint256 startTime, address admin_ ) external { require(!isInitialized, "!twice"); isInitialized = true; require(admin_ != address(0) && address(rewardFaucet_) != address(0), "!zero"); admin = admin_; rewardFaucet = rewardFaucet_; _votingEscrow = votingEscrow; startTime = _roundDownTimestamp(startTime); uint256 currentWeek = _roundDownTimestamp(block.timestamp); require(startTime >= currentWeek, "Cannot start before current week"); require(startTime <= currentWeek + 10 weeks, "10 weeks delay max"); if (startTime == currentWeek) { // We assume that `votingEscrow` has been deployed in a week previous to this one. // If `votingEscrow` did not have a non-zero supply at the beginning of the current week // then any tokens which are distributed this week will be lost permanently. require( votingEscrow.totalSupply(currentWeek) > 0, "Zero total supply results in lost tokens" ); } _startTime = startTime; _timeCursor = startTime; } /** * @notice Returns the VotingEscrow (veBPT) token contract */ function getVotingEscrow() external view override returns (IVotingEscrow) { return _votingEscrow; } /** * @notice Returns the global time cursor representing the most earliest uncheckpointed week. */ function getTimeCursor() external view override returns (uint256) { return _timeCursor; } /** * @notice Returns the user-level time cursor representing the most earliest uncheckpointed week. * @param user - The address of the user to query. */ function getUserTimeCursor( address user ) external view override returns (uint256) { return _userState[user].timeCursor; } /** * @notice Returns the token-level time cursor storing the timestamp at up to which tokens have been distributed. * @param token - The ERC20 token address to query. */ function getTokenTimeCursor( IERC20 token ) external view override returns (uint256) { return _tokenState[token].timeCursor; } /** * @notice Returns the user-level time cursor storing the timestamp of the latest token distribution claimed. * @param user - The address of the user to query. * @param token - The ERC20 token address to query. */ function getUserTokenTimeCursor( address user, IERC20 token ) external view override returns (uint256) { return _getUserTokenTimeCursor(user, token); } /** * @notice Returns the user's cached balance of veBPT as of the provided timestamp. * @dev Only timestamps which fall on Thursdays 00:00:00 UTC will return correct values. * This function requires `user` to have been checkpointed past `timestamp` so that their balance is cached. * @param user - The address of the user of which to read the cached balance of. * @param timestamp - The timestamp at which to read the `user`'s cached balance at. */ function getUserBalanceAtTimestamp( address user, uint256 timestamp ) external view override returns (uint256) { return _userBalanceAtTimestamp[user][timestamp]; } /** * @notice Returns the cached total supply of veBPT as of the provided timestamp. * @dev Only timestamps which fall on Thursdays 00:00:00 UTC will return correct values. * This function requires the contract to have been checkpointed past `timestamp` so that the supply is cached. * @param timestamp - The timestamp at which to read the cached total supply at. */ function getTotalSupplyAtTimestamp( uint256 timestamp ) external view override returns (uint256) { return _veSupplyCache[timestamp]; } /** * @notice Returns the RewardDistributor's cached balance of `token`. */ function getTokenLastBalance( IERC20 token ) external view override returns (uint256) { return _tokenState[token].cachedBalance; } /** * @notice Returns the amount of `token` which the RewardDistributor received in the week beginning at `timestamp`. * @param token - The ERC20 token address to query. * @param timestamp - The timestamp corresponding to the beginning of the week of interest. */ function getTokensDistributedInWeek( IERC20 token, uint256 timestamp ) external view override returns (uint256) { return _tokensPerWeek[token][timestamp]; } // Depositing /** * @notice Deposits tokens to be distributed in the current week. * @dev Sending tokens directly to the RewardDistributor instead of using `depositToken` may result in tokens being * retroactively distributed to past weeks, or for the distribution to carry over to future weeks. * * If for some reason `depositToken` cannot be called, in order to ensure that all tokens are correctly distributed * manually call `checkpointToken` before and after the token transfer. * @param token - The ERC20 token address to distribute. * @param amount - The amount of tokens to deposit. */ function depositToken( IERC20 token, uint256 amount ) external override nonReentrant { require(allowedRewardTokens[address(token)], "!allowed"); _checkpointToken(token, false); token.safeTransferFrom(msg.sender, address(this), amount); _checkpointToken(token, true); emit RewardDeposit(token, amount); } /** * @notice Deposits tokens by faucet to be distributed in the current week. * @dev Sending tokens directly to the RewardDistributor instead of using `depositToken` may result in tokens being * retroactively distributed to past weeks, or for the distribution to carry over to future weeks. * * If for some reason `depositToken` cannot be called, in order to ensure that all tokens are correctly distributed * manually call `checkpointToken` before and after the token transfer. * @param token - The ERC20 token address to distribute. * @param amount - The amount of tokens to deposit. */ function faucetDepositToken( IERC20 token, uint256 amount ) external { require(allowedRewardTokens[address(token)], "!allowed"); require(msg.sender == address(rewardFaucet), "only faucet"); _checkpointToken(token, false); token.safeTransferFrom(msg.sender, address(this), amount); _checkpointToken(token, true); } /** * @notice Deposits tokens to be distributed in the current week. * @dev A version of `depositToken` which supports depositing multiple `tokens` at once. * See `depositToken` for more details. * @param tokens - An array of ERC20 token addresses to distribute. * @param amounts - An array of token amounts to deposit. */ function depositTokens( IERC20[] calldata tokens, uint256[] calldata amounts ) external override nonReentrant { InputHelpers.ensureInputLengthMatch(tokens.length, amounts.length); uint256 length = tokens.length; for (uint256 i = 0; i < length; ++i) { require(allowedRewardTokens[address(tokens[i])], "!allowed"); _checkpointToken(tokens[i], false); tokens[i].safeTransferFrom(msg.sender, address(this), amounts[i]); _checkpointToken(tokens[i], true); emit RewardDeposit(tokens[i], amounts[i]); } } // Checkpointing /** * @notice Caches the total supply of veBPT at the beginning of each week. * This function will be called automatically before claiming tokens to ensure the contract is properly updated. */ function checkpoint() external override nonReentrant { _checkpointTotalSupply(); } /** * @notice Caches the user's balance of veBPT at the beginning of each week. * This function will be called automatically before claiming tokens to ensure the contract is properly updated. * @param user - The address of the user to be checkpointed. */ function checkpointUser(address user) external override nonReentrant { _checkpointUserBalance(user); } /** * @notice Assigns any newly-received tokens held by the RewardDistributor to weekly distributions. * @dev Any `token` balance held by the RewardDistributor above that which is returned by `getTokenLastBalance` * will be distributed evenly across the time period since `token` was last checkpointed. * * This function will be called automatically before claiming tokens to ensure the contract is properly updated. * @param token - The ERC20 token address to be checkpointed. */ function checkpointToken(IERC20 token) external override nonReentrant { require(allowedRewardTokens[address(token)], "!allowed"); _checkpointToken(token, true); } /** * @notice Assigns any newly-received tokens held by the RewardDistributor to weekly distributions. * @dev A version of `checkpointToken` which supports checkpointing multiple tokens. * See `checkpointToken` for more details. * @param tokens - An array of ERC20 token addresses to be checkpointed. */ function checkpointTokens( IERC20[] calldata tokens ) external override nonReentrant { uint256 tokensLength = tokens.length; for (uint256 i = 0; i < tokensLength; ++i) { require(allowedRewardTokens[address(tokens[i])], "!allowed"); _checkpointToken(tokens[i], true); } } // Claiming /** * @notice Claims all pending distributions of the provided token for a user. * @dev It's not necessary to explicitly checkpoint before calling this function, it will ensure the RewardDistributor * is up to date before calculating the amount of tokens to be claimed. * @param user - The user on behalf of which to claim. * @param token - The ERC20 token address to be claimed. * @return The amount of `token` sent to `user` as a result of claiming. */ function claimToken( address user, IERC20 token ) external override nonReentrant optionalOnlyCaller(user) returns (uint256) { require(allowedRewardTokens[address(token)], "!allowed"); _checkpointTotalSupply(); _checkpointUserBalance(user); _checkpointToken(token, false); uint256 amount = _claimToken(user, token); rewardFaucet.distributePastRewards(address(token)); return amount; } /** * @notice Claims a number of tokens on behalf of a user. * @dev A version of `claimToken` which supports claiming multiple `tokens` on behalf of `user`. * See `claimToken` for more details. * @param user - The user on behalf of which to claim. * @param tokens - An array of ERC20 token addresses to be claimed. * @return An array of the amounts of each token in `tokens` sent to `user` as a result of claiming. */ function claimTokens( address user, IERC20[] calldata tokens ) external override nonReentrant optionalOnlyCaller(user) returns (uint256[] memory) { _checkpointTotalSupply(); _checkpointUserBalance(user); uint256 tokensLength = tokens.length; uint256[] memory amounts = new uint256[](tokensLength); for (uint256 i = 0; i < tokensLength; ++i) { require(allowedRewardTokens[address(tokens[i])], "!allowed"); _checkpointToken(tokens[i], false); amounts[i] = _claimToken(user, tokens[i]); rewardFaucet.distributePastRewards(address(tokens[i])); } return amounts; } // Internal functions /** * @dev It is required that both the global, token and user state have been properly checkpointed * before calling this function. */ function _claimToken( address user, IERC20 token ) internal returns (uint256) { TokenState storage tokenState = _tokenState[token]; uint256 nextUserTokenWeekToClaim = _getUserTokenTimeCursor(user, token); // The first week which cannot be correctly claimed is the earliest of: // - A) The global or user time cursor (whichever is earliest), rounded up to the end of the week. // - B) The token time cursor, rounded down to the beginning of the week. // // This prevents the two failure modes: // - A) A user may claim a week for which we have not processed their balance, resulting in tokens being locked. // - B) A user may claim a week which then receives more tokens to be distributed. However the user has // already claimed for that week so their share of these new tokens are lost. uint256 firstUnclaimableWeek = Math.min( _roundUpTimestamp( Math.min(_timeCursor, _userState[user].timeCursor) ), _roundDownTimestamp(tokenState.timeCursor) ); mapping(uint256 => uint256) storage tokensPerWeek = _tokensPerWeek[ token ]; mapping(uint256 => uint256) storage userBalanceAtTimestamp = _userBalanceAtTimestamp[user]; uint256 amount; for (uint256 i = 0; i < 20; ++i) { // We clearly cannot claim for `firstUnclaimableWeek` and so we break here. if (nextUserTokenWeekToClaim >= firstUnclaimableWeek) break; if (_veSupplyCache[nextUserTokenWeekToClaim] == 0) break; amount += (tokensPerWeek[nextUserTokenWeekToClaim] * userBalanceAtTimestamp[nextUserTokenWeekToClaim]) / _veSupplyCache[nextUserTokenWeekToClaim]; nextUserTokenWeekToClaim += 1 weeks; } // Update the stored user-token time cursor to prevent this user claiming this week again. _userTokenTimeCursor[user][token] = nextUserTokenWeekToClaim; if (amount > 0) { // For a token to be claimable it must have been added to the cached balance so this is safe. tokenState.cachedBalance = uint128( tokenState.cachedBalance - amount ); token.safeTransfer(user, amount); emit TokensClaimed(user, token, amount, nextUserTokenWeekToClaim); } return amount; } /** * @dev Calculate the amount of `token` to be distributed to `_votingEscrow` holders since the last checkpoint. */ function _checkpointToken(IERC20 token, bool force) internal { TokenState storage tokenState = _tokenState[token]; uint256 lastTokenTime = tokenState.timeCursor; uint256 timeSinceLastCheckpoint; if (lastTokenTime == 0) { // If it's the first time we're checkpointing this token then start distributing from now. // Also mark at which timestamp users should start attempts to claim this token from. lastTokenTime = block.timestamp; tokenState.startTime = uint64(_roundDownTimestamp(block.timestamp)); // Prevent someone from assigning tokens to an inaccessible week. require( block.timestamp > _startTime, "Reward distribution has not started yet" ); } else { timeSinceLastCheckpoint = block.timestamp - lastTokenTime; if (!force) { // Checkpointing N times within a single week is completely equivalent to checkpointing once at the end. // We then want to get as close as possible to a single checkpoint every Wed 23:59 UTC to save gas. // We then skip checkpointing if we're in the same week as the previous checkpoint. bool alreadyCheckpointedThisWeek = _roundDownTimestamp( block.timestamp ) == _roundDownTimestamp(lastTokenTime); // However we want to ensure that all of this week's rewards are assigned to the current week without // overspilling into the next week. To mitigate this, we checkpoint if we're near the end of the week. bool nearingEndOfWeek = _roundUpTimestamp(block.timestamp) - block.timestamp < 1 days; // This ensures that we checkpoint once at the beginning of the week and again for each user interaction // towards the end of the week to give an accurate final reading of the balance. if (alreadyCheckpointedThisWeek && !nearingEndOfWeek) { return; } } } tokenState.timeCursor = uint64(block.timestamp); uint256 tokenBalance = token.balanceOf(address(this)); uint256 newTokensToDistribute = tokenBalance.sub( tokenState.cachedBalance ); if (newTokensToDistribute == 0) return; require( tokenBalance <= type(uint128).max, "Maximum token balance exceeded" ); uint256 firstIncompleteWeek = _roundDownTimestamp(lastTokenTime); uint256 nextWeek = 0; // Distribute `newTokensToDistribute` evenly across the time period from `lastTokenTime` to now. // These tokens are assigned to weeks proportionally to how much of this period falls into each week. mapping(uint256 => uint256) storage tokensPerWeek = _tokensPerWeek[ token ]; uint256 amountToAdd; for (uint256 i = 0; i < 20; ++i) { // This is safe as we're incrementing a timestamp. nextWeek = firstIncompleteWeek + 1 weeks; if (block.timestamp < nextWeek) { // `firstIncompleteWeek` is now the beginning of the current week, i.e. this is the final iteration. if ( timeSinceLastCheckpoint == 0 && block.timestamp == lastTokenTime ) { amountToAdd = newTokensToDistribute; } else { // block.timestamp >= lastTokenTime by definition. amountToAdd = (newTokensToDistribute * (block.timestamp - lastTokenTime)) / timeSinceLastCheckpoint; } if (tokensPerWeek[firstIncompleteWeek].add(amountToAdd) <= type(uint128).max) { tokensPerWeek[firstIncompleteWeek] += amountToAdd; tokenState.cachedBalance += uint128(amountToAdd); } // As we've caught up to the present then we should now break. break; } else { // We've gone a full week or more without checkpointing so need to distribute tokens to previous weeks. if (timeSinceLastCheckpoint == 0 && nextWeek == lastTokenTime) { // It shouldn't be possible to enter this block amountToAdd = newTokensToDistribute; } else { // nextWeek > lastTokenTime by definition. amountToAdd = (newTokensToDistribute * (nextWeek - lastTokenTime)) / timeSinceLastCheckpoint; } } if (tokensPerWeek[firstIncompleteWeek].add(amountToAdd) <= type(uint128).max) { tokensPerWeek[firstIncompleteWeek] += amountToAdd; tokenState.cachedBalance += uint128(amountToAdd); } // We've now "checkpointed" up to the beginning of next week so must update timestamps appropriately. lastTokenTime = nextWeek; firstIncompleteWeek = nextWeek; } emit TokenCheckpointed(token, newTokensToDistribute, lastTokenTime); } /** * @dev Cache the `user`'s balance of `_votingEscrow` at the beginning of each new week */ function _checkpointUserBalance(address user) internal { uint256 maxUserEpoch = _votingEscrow.user_point_epoch(user); // If user has no epochs then they have never locked veBPT. // They clearly will not then receive rewards. if (maxUserEpoch == 0) return; UserState storage userState = _userState[user]; // `nextWeekToCheckpoint` represents the timestamp of the beginning of the first week // which we haven't checkpointed the user's VotingEscrow balance yet. uint256 nextWeekToCheckpoint = userState.timeCursor; uint256 userEpoch; if (nextWeekToCheckpoint == 0) { // First checkpoint for user so need to do the initial binary search userEpoch = _findTimestampUserEpoch( user, _startTime, 0, maxUserEpoch ); } else { if (nextWeekToCheckpoint >= block.timestamp) { // User has checkpointed the current week already so perform early return. // This prevents a user from processing epochs created later in this week, however this is not an issue // as if a significant number of these builds up then the user will skip past them with a binary search. return; } // Otherwise use the value saved from last time userEpoch = userState.lastEpochCheckpointed; // This optimizes a scenario common for power users, which have frequent `VotingEscrow` interactions in // the same week. We assume that any such user is also claiming rewards every week, and so we only perform // a binary search here rather than integrating it into the main search algorithm, effectively skipping // most of the week's irrelevant checkpoints. // The slight tradeoff is that users who have multiple infrequent `VotingEscrow` interactions and also don't // claim frequently will also perform the binary search, despite it not leading to gas savings. if (maxUserEpoch - userEpoch > 20) { userEpoch = _findTimestampUserEpoch( user, nextWeekToCheckpoint, userEpoch, maxUserEpoch ); } } // Epoch 0 is always empty so bump onto the next one so that we start on a valid epoch. if (userEpoch == 0) { userEpoch = 1; } IVotingEscrow.Point memory nextUserPoint = _votingEscrow .user_point_history(user, userEpoch); // If this is the first checkpoint for the user, calculate the first week they're eligible for. // i.e. the timestamp of the first Thursday after they locked. // If this is earlier then the first distribution then fast forward to then. if (nextWeekToCheckpoint == 0) { // Disallow checkpointing before `startTime`. require( block.timestamp > _startTime, "Reward distribution has not started yet" ); nextWeekToCheckpoint = Math.max( _startTime, _roundUpTimestamp(nextUserPoint.ts) ); userState.startTime = uint64(nextWeekToCheckpoint); } // It's safe to increment `userEpoch` and `nextWeekToCheckpoint` in this loop as epochs and timestamps // are always much smaller than 2^256 and are being incremented by small values. IVotingEscrow.Point memory currentUserPoint; for (uint256 i = 0; i < 50; ++i) { if ( nextWeekToCheckpoint >= nextUserPoint.ts && userEpoch <= maxUserEpoch ) { // The week being considered is contained in a user epoch after that described by `currentUserPoint`. // We then shift `nextUserPoint` into `currentUserPoint` and query the Point for the next user epoch. // We do this in order to step though epochs until we find the first epoch starting after // `nextWeekToCheckpoint`, making the previous epoch the one that contains `nextWeekToCheckpoint`. userEpoch += 1; currentUserPoint = nextUserPoint; if (userEpoch > maxUserEpoch) { nextUserPoint = IVotingEscrow.Point(0, 0, 0, 0); } else { nextUserPoint = _votingEscrow.user_point_history( user, userEpoch ); } } else { // The week being considered lies inside the user epoch described by `oldUserPoint` // we can then use it to calculate the user's balance at the beginning of the week. if (nextWeekToCheckpoint >= block.timestamp) { // Break if we're trying to cache the user's balance at a timestamp in the future. // We only perform this check here to ensure that we can still process checkpoints created // in the current week. break; } int128 dt = int128(nextWeekToCheckpoint - currentUserPoint.ts); uint256 userBalance = currentUserPoint.bias > currentUserPoint.slope * dt ? uint256( currentUserPoint.bias - currentUserPoint.slope * dt ) : 0; // User's lock has expired and they haven't relocked yet. if (userBalance == 0 && userEpoch > maxUserEpoch) { nextWeekToCheckpoint = _roundUpTimestamp(block.timestamp); break; } // User had a nonzero lock and so is eligible to collect rewards. _userBalanceAtTimestamp[user][ nextWeekToCheckpoint ] = userBalance; nextWeekToCheckpoint += 1 weeks; } } // We subtract off 1 from the userEpoch to step back once so that on the next attempt to checkpoint // the current `currentUserPoint` will be loaded as `nextUserPoint`. This ensures that we can't skip over the // user epoch containing `nextWeekToCheckpoint`. // userEpoch > 0 so this is safe. userState.lastEpochCheckpointed = uint64(userEpoch - 1); userState.timeCursor = uint64(nextWeekToCheckpoint); } /** * @dev Cache the totalSupply of VotingEscrow token at the beginning of each new week */ function _checkpointTotalSupply() internal { uint256 nextWeekToCheckpoint = _timeCursor; uint256 weekStart = _roundDownTimestamp(block.timestamp); // We expect `timeCursor == weekStart + 1 weeks` when fully up to date. if (nextWeekToCheckpoint > weekStart || weekStart == block.timestamp) { // We've already checkpointed up to this week so perform early return return; } _votingEscrow.checkpoint(); // Step through the each week and cache the total supply at beginning of week on this contract for (uint256 i = 0; i < 20; ++i) { if (nextWeekToCheckpoint > weekStart) break; _veSupplyCache[nextWeekToCheckpoint] = _votingEscrow.totalSupply( nextWeekToCheckpoint ); // This is safe as we're incrementing a timestamp nextWeekToCheckpoint += 1 weeks; } // Update state to the end of the current week (`weekStart` + 1 weeks) _timeCursor = nextWeekToCheckpoint; } // Helper functions /** * @dev Wrapper around `_userTokenTimeCursor` which returns the start timestamp for `token` * if `user` has not attempted to interact with it previously. */ function _getUserTokenTimeCursor( address user, IERC20 token ) internal view returns (uint256) { uint256 userTimeCursor = _userTokenTimeCursor[user][token]; if (userTimeCursor > 0) return userTimeCursor; // This is the first time that the user has interacted with this token. // We then start from the latest out of either when `user` first locked veBPT or `token` was first checkpointed. return Math.max(_userState[user].startTime, _tokenState[token].startTime); } /** * @dev Return the user epoch number for `user` corresponding to the provided `timestamp` */ function _findTimestampUserEpoch( address user, uint256 timestamp, uint256 minUserEpoch, uint256 maxUserEpoch ) internal view returns (uint256) { uint256 min = minUserEpoch; uint256 max = maxUserEpoch; // Perform binary search through epochs to find epoch containing `timestamp` for (uint256 i = 0; i < 128; ++i) { if (min >= max) break; // Algorithm assumes that inputs are less than 2^128 so this operation is safe. // +2 avoids getting stuck in min == mid < max uint256 mid = (min + max + 2) / 2; IVotingEscrow.Point memory pt = _votingEscrow .user_point_history(user, mid); if (pt.ts <= timestamp) { min = mid; } else { // max > min so this is safe. max = mid - 1; } } return min; } /** * @dev Rounds the provided timestamp down to the beginning of the previous week (Thurs 00:00 UTC) */ function _roundDownTimestamp( uint256 timestamp ) private pure returns (uint256) { // Division by zero or overflows are impossible here. return (timestamp / 1 weeks) * 1 weeks; } /** * @dev Rounds the provided timestamp up to the beginning of the next week (Thurs 00:00 UTC) */ function _roundUpTimestamp( uint256 timestamp ) private pure returns (uint256) { // Overflows are impossible here for all realistic inputs. return _roundDownTimestamp(timestamp + 1 weeks - 1); } /** * @notice Adds allowed tokens for the distribution. * @param tokens - An array of ERC20 token addresses to be added for the further reward distribution. */ function addAllowedRewardTokens(address[] calldata tokens) external onlyAdmin { for (uint256 i = 0; i < tokens.length; i++) { require(!allowedRewardTokens[tokens[i]], "already exist"); allowedRewardTokens[tokens[i]] = true; _rewardTokens.push(tokens[i]); emit TokenAdded(tokens[i]); } } /** * @notice Returns allowed for reward distribution tokens list. * @return An array of ERC20 token addresses which can be used as rewards. */ function getAllowedRewardTokens() external view returns (address[] memory) { return _rewardTokens; } /** * @notice Transfers admin rights to new address. * @param newAdmin - The new admin address to set. */ function transferAdmin(address newAdmin) external onlyAdmin { require (newAdmin != address(0), "zero address"); admin = newAdmin; emit NewAdmin(newAdmin); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity >=0.7.0 <0.9.0; // solhint-disable /** * @dev Reverts if `condition` is false, with a revert reason containing `errorCode`. Only codes up to 999 are * supported. * Uses the default 'BAL' prefix for the error code */ function _require(bool condition, uint256 errorCode) pure { if (!condition) _revert(errorCode); } /** * @dev Reverts if `condition` is false, with a revert reason containing `errorCode`. Only codes up to 999 are * supported. */ function _require( bool condition, uint256 errorCode, bytes3 prefix ) pure { if (!condition) _revert(errorCode, prefix); } /** * @dev Reverts with a revert reason containing `errorCode`. Only codes up to 999 are supported. * Uses the default 'BAL' prefix for the error code */ function _revert(uint256 errorCode) pure { _revert(errorCode, 0x42414c); // This is the raw byte representation of "BAL" } /** * @dev Reverts with a revert reason containing `errorCode`. Only codes up to 999 are supported. */ function _revert(uint256 errorCode, bytes3 prefix) pure { uint256 prefixUint = uint256(uint24(prefix)); // We're going to dynamically create a revert string based on the error code, with the following format: // 'BAL#{errorCode}' // where the code is left-padded with zeroes to three digits (so they range from 000 to 999). // // We don't have revert strings embedded in the contract to save bytecode size: it takes much less space to store a // number (8 to 16 bits) than the individual string characters. // // The dynamic string creation algorithm that follows could be implemented in Solidity, but assembly allows for a // much denser implementation, again saving bytecode size. Given this function unconditionally reverts, this is a // safe place to rely on it without worrying about how its usage might affect e.g. memory contents. assembly { // First, we need to compute the ASCII representation of the error code. We assume that it is in the 0-999 // range, so we only need to convert three digits. To convert the digits to ASCII, we add 0x30, the value for // the '0' character. let units := add(mod(errorCode, 10), 0x30) errorCode := div(errorCode, 10) let tenths := add(mod(errorCode, 10), 0x30) errorCode := div(errorCode, 10) let hundreds := add(mod(errorCode, 10), 0x30) // With the individual characters, we can now construct the full string. // We first append the '#' character (0x23) to the prefix. In the case of 'BAL', it results in 0x42414c23 ('BAL#') // Then, we shift this by 24 (to provide space for the 3 bytes of the error code), and add the // characters to it, each shifted by a multiple of 8. // The revert reason is then shifted left by 200 bits (256 minus the length of the string, 7 characters * 8 bits // per character = 56) to locate it in the most significant part of the 256 slot (the beginning of a byte // array). let formattedPrefix := shl(24, add(0x23, shl(8, prefixUint))) let revertReason := shl(200, add(formattedPrefix, add(add(units, shl(8, tenths)), shl(16, hundreds)))) // We can now encode the reason in memory, which can be safely overwritten as we're about to revert. The encoded // message will have the following layout: // [ revert reason identifier ] [ string location offset ] [ string length ] [ string contents ] // The Solidity revert reason identifier is 0x08c739a0, the function selector of the Error(string) function. We // also write zeroes to the next 28 bytes of memory, but those are about to be overwritten. mstore(0x0, 0x08c379a000000000000000000000000000000000000000000000000000000000) // Next is the offset to the location of the string, which will be placed immediately after (20 bytes away). mstore(0x04, 0x0000000000000000000000000000000000000000000000000000000000000020) // The string length is fixed: 7 characters. mstore(0x24, 7) // Finally, the string itself is stored. mstore(0x44, revertReason) // Even if the string is only 7 bytes long, we need to return a full 32 byte slot containing it. The length of // the encoded message is therefore 4 + 32 + 32 + 32 = 100. revert(0, 100) } } library Errors { // Math uint256 internal constant ADD_OVERFLOW = 0; uint256 internal constant SUB_OVERFLOW = 1; uint256 internal constant SUB_UNDERFLOW = 2; uint256 internal constant MUL_OVERFLOW = 3; uint256 internal constant ZERO_DIVISION = 4; uint256 internal constant DIV_INTERNAL = 5; uint256 internal constant X_OUT_OF_BOUNDS = 6; uint256 internal constant Y_OUT_OF_BOUNDS = 7; uint256 internal constant PRODUCT_OUT_OF_BOUNDS = 8; uint256 internal constant INVALID_EXPONENT = 9; // Input uint256 internal constant OUT_OF_BOUNDS = 100; uint256 internal constant UNSORTED_ARRAY = 101; uint256 internal constant UNSORTED_TOKENS = 102; uint256 internal constant INPUT_LENGTH_MISMATCH = 103; uint256 internal constant ZERO_TOKEN = 104; uint256 internal constant INSUFFICIENT_DATA = 105; // Shared pools uint256 internal constant MIN_TOKENS = 200; uint256 internal constant MAX_TOKENS = 201; uint256 internal constant MAX_SWAP_FEE_PERCENTAGE = 202; uint256 internal constant MIN_SWAP_FEE_PERCENTAGE = 203; uint256 internal constant MINIMUM_BPT = 204; uint256 internal constant CALLER_NOT_VAULT = 205; uint256 internal constant UNINITIALIZED = 206; uint256 internal constant BPT_IN_MAX_AMOUNT = 207; uint256 internal constant BPT_OUT_MIN_AMOUNT = 208; uint256 internal constant EXPIRED_PERMIT = 209; uint256 internal constant NOT_TWO_TOKENS = 210; uint256 internal constant DISABLED = 211; // Pools uint256 internal constant MIN_AMP = 300; uint256 internal constant MAX_AMP = 301; uint256 internal constant MIN_WEIGHT = 302; uint256 internal constant MAX_STABLE_TOKENS = 303; uint256 internal constant MAX_IN_RATIO = 304; uint256 internal constant MAX_OUT_RATIO = 305; uint256 internal constant MIN_BPT_IN_FOR_TOKEN_OUT = 306; uint256 internal constant MAX_OUT_BPT_FOR_TOKEN_IN = 307; uint256 internal constant NORMALIZED_WEIGHT_INVARIANT = 308; uint256 internal constant INVALID_TOKEN = 309; uint256 internal constant UNHANDLED_JOIN_KIND = 310; uint256 internal constant ZERO_INVARIANT = 311; uint256 internal constant ORACLE_INVALID_SECONDS_QUERY = 312; uint256 internal constant ORACLE_NOT_INITIALIZED = 313; uint256 internal constant ORACLE_QUERY_TOO_OLD = 314; uint256 internal constant ORACLE_INVALID_INDEX = 315; uint256 internal constant ORACLE_BAD_SECS = 316; uint256 internal constant AMP_END_TIME_TOO_CLOSE = 317; uint256 internal constant AMP_ONGOING_UPDATE = 318; uint256 internal constant AMP_RATE_TOO_HIGH = 319; uint256 internal constant AMP_NO_ONGOING_UPDATE = 320; uint256 internal constant STABLE_INVARIANT_DIDNT_CONVERGE = 321; uint256 internal constant STABLE_GET_BALANCE_DIDNT_CONVERGE = 322; uint256 internal constant RELAYER_NOT_CONTRACT = 323; uint256 internal constant BASE_POOL_RELAYER_NOT_CALLED = 324; uint256 internal constant REBALANCING_RELAYER_REENTERED = 325; uint256 internal constant GRADUAL_UPDATE_TIME_TRAVEL = 326; uint256 internal constant SWAPS_DISABLED = 327; uint256 internal constant CALLER_IS_NOT_LBP_OWNER = 328; uint256 internal constant PRICE_RATE_OVERFLOW = 329; uint256 internal constant INVALID_JOIN_EXIT_KIND_WHILE_SWAPS_DISABLED = 330; uint256 internal constant WEIGHT_CHANGE_TOO_FAST = 331; uint256 internal constant LOWER_GREATER_THAN_UPPER_TARGET = 332; uint256 internal constant UPPER_TARGET_TOO_HIGH = 333; uint256 internal constant UNHANDLED_BY_LINEAR_POOL = 334; uint256 internal constant OUT_OF_TARGET_RANGE = 335; uint256 internal constant UNHANDLED_EXIT_KIND = 336; uint256 internal constant UNAUTHORIZED_EXIT = 337; uint256 internal constant MAX_MANAGEMENT_SWAP_FEE_PERCENTAGE = 338; uint256 internal constant UNHANDLED_BY_MANAGED_POOL = 339; uint256 internal constant UNHANDLED_BY_PHANTOM_POOL = 340; uint256 internal constant TOKEN_DOES_NOT_HAVE_RATE_PROVIDER = 341; uint256 internal constant INVALID_INITIALIZATION = 342; uint256 internal constant OUT_OF_NEW_TARGET_RANGE = 343; uint256 internal constant FEATURE_DISABLED = 344; uint256 internal constant UNINITIALIZED_POOL_CONTROLLER = 345; uint256 internal constant SET_SWAP_FEE_DURING_FEE_CHANGE = 346; uint256 internal constant SET_SWAP_FEE_PENDING_FEE_CHANGE = 347; uint256 internal constant CHANGE_TOKENS_DURING_WEIGHT_CHANGE = 348; uint256 internal constant CHANGE_TOKENS_PENDING_WEIGHT_CHANGE = 349; uint256 internal constant MAX_WEIGHT = 350; uint256 internal constant UNAUTHORIZED_JOIN = 351; uint256 internal constant MAX_MANAGEMENT_AUM_FEE_PERCENTAGE = 352; uint256 internal constant FRACTIONAL_TARGET = 353; uint256 internal constant ADD_OR_REMOVE_BPT = 354; uint256 internal constant INVALID_CIRCUIT_BREAKER_BOUNDS = 355; uint256 internal constant CIRCUIT_BREAKER_TRIPPED = 356; uint256 internal constant MALICIOUS_QUERY_REVERT = 357; uint256 internal constant JOINS_EXITS_DISABLED = 358; // Lib uint256 internal constant REENTRANCY = 400; uint256 internal constant SENDER_NOT_ALLOWED = 401; uint256 internal constant PAUSED = 402; uint256 internal constant PAUSE_WINDOW_EXPIRED = 403; uint256 internal constant MAX_PAUSE_WINDOW_DURATION = 404; uint256 internal constant MAX_BUFFER_PERIOD_DURATION = 405; uint256 internal constant INSUFFICIENT_BALANCE = 406; uint256 internal constant INSUFFICIENT_ALLOWANCE = 407; uint256 internal constant ERC20_TRANSFER_FROM_ZERO_ADDRESS = 408; uint256 internal constant ERC20_TRANSFER_TO_ZERO_ADDRESS = 409; uint256 internal constant ERC20_MINT_TO_ZERO_ADDRESS = 410; uint256 internal constant ERC20_BURN_FROM_ZERO_ADDRESS = 411; uint256 internal constant ERC20_APPROVE_FROM_ZERO_ADDRESS = 412; uint256 internal constant ERC20_APPROVE_TO_ZERO_ADDRESS = 413; uint256 internal constant ERC20_TRANSFER_EXCEEDS_ALLOWANCE = 414; uint256 internal constant ERC20_DECREASED_ALLOWANCE_BELOW_ZERO = 415; uint256 internal constant ERC20_TRANSFER_EXCEEDS_BALANCE = 416; uint256 internal constant ERC20_BURN_EXCEEDS_ALLOWANCE = 417; uint256 internal constant SAFE_ERC20_CALL_FAILED = 418; uint256 internal constant ADDRESS_INSUFFICIENT_BALANCE = 419; uint256 internal constant ADDRESS_CANNOT_SEND_VALUE = 420; uint256 internal constant SAFE_CAST_VALUE_CANT_FIT_INT256 = 421; uint256 internal constant GRANT_SENDER_NOT_ADMIN = 422; uint256 internal constant REVOKE_SENDER_NOT_ADMIN = 423; uint256 internal constant RENOUNCE_SENDER_NOT_ALLOWED = 424; uint256 internal constant BUFFER_PERIOD_EXPIRED = 425; uint256 internal constant CALLER_IS_NOT_OWNER = 426; uint256 internal constant NEW_OWNER_IS_ZERO = 427; uint256 internal constant CODE_DEPLOYMENT_FAILED = 428; uint256 internal constant CALL_TO_NON_CONTRACT = 429; uint256 internal constant LOW_LEVEL_CALL_FAILED = 430; uint256 internal constant NOT_PAUSED = 431; uint256 internal constant ADDRESS_ALREADY_ALLOWLISTED = 432; uint256 internal constant ADDRESS_NOT_ALLOWLISTED = 433; uint256 internal constant ERC20_BURN_EXCEEDS_BALANCE = 434; uint256 internal constant INVALID_OPERATION = 435; uint256 internal constant CODEC_OVERFLOW = 436; uint256 internal constant IN_RECOVERY_MODE = 437; uint256 internal constant NOT_IN_RECOVERY_MODE = 438; uint256 internal constant INDUCED_FAILURE = 439; uint256 internal constant EXPIRED_SIGNATURE = 440; uint256 internal constant MALFORMED_SIGNATURE = 441; uint256 internal constant SAFE_CAST_VALUE_CANT_FIT_UINT64 = 442; uint256 internal constant UNHANDLED_FEE_TYPE = 443; uint256 internal constant BURN_FROM_ZERO = 444; // Vault uint256 internal constant INVALID_POOL_ID = 500; uint256 internal constant CALLER_NOT_POOL = 501; uint256 internal constant SENDER_NOT_ASSET_MANAGER = 502; uint256 internal constant USER_DOESNT_ALLOW_RELAYER = 503; uint256 internal constant INVALID_SIGNATURE = 504; uint256 internal constant EXIT_BELOW_MIN = 505; uint256 internal constant JOIN_ABOVE_MAX = 506; uint256 internal constant SWAP_LIMIT = 507; uint256 internal constant SWAP_DEADLINE = 508; uint256 internal constant CANNOT_SWAP_SAME_TOKEN = 509; uint256 internal constant UNKNOWN_AMOUNT_IN_FIRST_SWAP = 510; uint256 internal constant MALCONSTRUCTED_MULTIHOP_SWAP = 511; uint256 internal constant INTERNAL_BALANCE_OVERFLOW = 512; uint256 internal constant INSUFFICIENT_INTERNAL_BALANCE = 513; uint256 internal constant INVALID_ETH_INTERNAL_BALANCE = 514; uint256 internal constant INVALID_POST_LOAN_BALANCE = 515; uint256 internal constant INSUFFICIENT_ETH = 516; uint256 internal constant UNALLOCATED_ETH = 517; uint256 internal constant ETH_TRANSFER = 518; uint256 internal constant CANNOT_USE_ETH_SENTINEL = 519; uint256 internal constant TOKENS_MISMATCH = 520; uint256 internal constant TOKEN_NOT_REGISTERED = 521; uint256 internal constant TOKEN_ALREADY_REGISTERED = 522; uint256 internal constant TOKENS_ALREADY_SET = 523; uint256 internal constant TOKENS_LENGTH_MUST_BE_2 = 524; uint256 internal constant NONZERO_TOKEN_BALANCE = 525; uint256 internal constant BALANCE_TOTAL_OVERFLOW = 526; uint256 internal constant POOL_NO_TOKENS = 527; uint256 internal constant INSUFFICIENT_FLASH_LOAN_BALANCE = 528; // Fees uint256 internal constant SWAP_FEE_PERCENTAGE_TOO_HIGH = 600; uint256 internal constant FLASH_LOAN_FEE_PERCENTAGE_TOO_HIGH = 601; uint256 internal constant INSUFFICIENT_FLASH_LOAN_FEE_AMOUNT = 602; uint256 internal constant AUM_FEE_PERCENTAGE_TOO_HIGH = 603; // FeeSplitter uint256 internal constant SPLITTER_FEE_PERCENTAGE_TOO_HIGH = 700; // Misc uint256 internal constant UNIMPLEMENTED = 998; uint256 internal constant SHOULD_NOT_HAPPEN = 999; }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity >=0.7.0 <0.9.0; /** * @dev Interface for the OptionalOnlyCaller helper, used to opt in to a caller * verification for a given address to methods that are otherwise callable by any address. */ interface IOptionalOnlyCaller { /** * @dev Emitted every time setOnlyCallerCheck is called. */ event OnlyCallerOptIn(address user, bool enabled); /** * @dev Enables / disables verification mechanism for caller. * @param enabled - True if caller verification shall be enabled, false otherwise. */ function setOnlyCallerCheck(bool enabled) external; function setOnlyCallerCheckWithSignature( address user, bool enabled, bytes memory signature ) external; /** * @dev Returns true if caller verification is enabled for the given user, false otherwise. */ function isOnlyCallerEnabled(address user) external view returns (bool); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity >=0.7.0 <0.9.0; /** * @dev Interface for the SignatureValidator helper, used to support meta-transactions. */ interface ISignaturesValidator { /** * @dev Returns the EIP712 domain separator. */ function getDomainSeparator() external view returns (bytes32); /** * @dev Returns the next nonce used by an address to sign messages. */ function getNextNonce(address user) external view returns (uint256); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (interfaces/IERC1271.sol) pragma solidity >=0.7.0 <0.9.0; /** * @dev Interface of the ERC1271 standard signature validation method for * contracts as defined in https://eips.ethereum.org/EIPS/eip-1271[ERC-1271]. * * _Available since v4.1._ */ interface IERC1271 { /** * @dev Should return whether the signature provided is valid for the provided data * @param hash Hash of the data to be signed * @param signature Signature byte array associated with _data */ function isValidSignature(bytes32 hash, bytes memory signature) external view returns (bytes4 magicValue); }
// SPDX-License-Identifier: MIT pragma solidity >=0.7.0 <0.9.0; /** * @dev Interface of the ERC20 standard as defined in the EIP. */ interface IERC20 { /** * @dev Returns the amount of tokens in existence. */ function totalSupply() external view returns (uint256); /** * @dev Returns the amount of tokens owned by `account`. */ function balanceOf(address account) external view returns (uint256); /** * @dev Moves `amount` tokens from the caller's account to `recipient`. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transfer(address recipient, uint256 amount) external returns (bool); /** * @dev Returns the remaining number of tokens that `spender` will be * allowed to spend on behalf of `owner` through {transferFrom}. This is * zero by default. * * This value changes when {approve} or {transferFrom} are called. */ function allowance(address owner, address spender) external view returns (uint256); /** * @dev Sets `amount` as the allowance of `spender` over the caller's tokens. * * Returns a boolean value indicating whether the operation succeeded. * * IMPORTANT: Beware that changing an allowance with this method brings the risk * that someone may use both the old and the new allowance by unfortunate * transaction ordering. One possible solution to mitigate this race * condition is to first reduce the spender's allowance to 0 and set the * desired value afterwards: * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 * * Emits an {Approval} event. */ function approve(address spender, uint256 amount) external returns (bool); /** * @dev Moves `amount` tokens from `sender` to `recipient` using the * allowance mechanism. `amount` is then deducted from the caller's * allowance. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transferFrom( address sender, address recipient, uint256 amount ) external returns (bool); /** * @dev Emitted when `value` tokens are moved from one account (`from`) to * another (`to`). * * Note that `value` may be zero. */ event Transfer(address indexed from, address indexed to, uint256 value); /** * @dev Emitted when the allowance of a `spender` for an `owner` is set by * a call to {approve}. `value` is the new allowance. */ event Approval(address indexed owner, address indexed spender, uint256 value); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/ISignaturesValidator.sol"; import "../openzeppelin/EIP712.sol"; /** * @dev Utility for signing Solidity function calls. */ abstract contract EOASignaturesValidator is ISignaturesValidator, EIP712 { // Replay attack prevention for each account. mapping(address => uint256) internal _nextNonce; function getDomainSeparator() public view override returns (bytes32) { return _domainSeparatorV4(); } function getNextNonce(address account) public view override returns (uint256) { return _nextNonce[account]; } function _ensureValidSignature( address account, bytes32 structHash, bytes memory signature, uint256 errorCode ) internal { return _ensureValidSignature(account, structHash, signature, type(uint256).max, errorCode); } function _ensureValidSignature( address account, bytes32 structHash, bytes memory signature, uint256 deadline, uint256 errorCode ) internal { bytes32 digest = _hashTypedDataV4(structHash); _require(_isValidSignature(account, digest, signature), errorCode); // We could check for the deadline before validating the signature, but this leads to saner error processing (as // we only care about expired deadlines if the signature is correct) and only affects the gas cost of the revert // scenario, which will only occur infrequently, if ever. // The deadline is timestamp-based: it should not be relied upon for sub-minute accuracy. // solhint-disable-next-line not-rely-on-time _require(deadline >= block.timestamp, Errors.EXPIRED_SIGNATURE); // We only advance the nonce after validating the signature. This is irrelevant for this module, but it can be // important in derived contracts that override _isValidSignature (e.g. SignaturesValidator), as we want for // the observable state to still have the current nonce as the next valid one. _nextNonce[account] += 1; } function _isValidSignature( address account, bytes32 digest, bytes memory signature ) internal view virtual returns (bool) { _require(signature.length == 65, Errors.MALFORMED_SIGNATURE); bytes32 r; bytes32 s; uint8 v; // ecrecover takes the r, s and v signature parameters, and the only way to get them is to use assembly. // solhint-disable-next-line no-inline-assembly assembly { r := mload(add(signature, 0x20)) s := mload(add(signature, 0x40)) v := byte(0, mload(add(signature, 0x60))) } address recoveredAddress = ecrecover(digest, v, r, s); // ecrecover returns the zero address on recover failure, so we need to handle that explicitly. return (recoveredAddress != address(0) && recoveredAddress == account); } function _toArraySignature( uint8 v, bytes32 r, bytes32 s ) internal pure returns (bytes memory) { bytes memory signature = new bytes(65); // solhint-disable-next-line no-inline-assembly assembly { mstore(add(signature, 32), r) mstore(add(signature, 64), s) mstore8(add(signature, 96), v) } return signature; } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC20.sol"; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; library InputHelpers { function ensureInputLengthMatch(uint256 a, uint256 b) internal pure { _require(a == b, Errors.INPUT_LENGTH_MISMATCH); } function ensureInputLengthMatch( uint256 a, uint256 b, uint256 c ) internal pure { _require(a == b && b == c, Errors.INPUT_LENGTH_MISMATCH); } function ensureArrayIsSorted(IERC20[] memory array) internal pure { address[] memory addressArray; // solhint-disable-next-line no-inline-assembly assembly { addressArray := array } ensureArrayIsSorted(addressArray); } function ensureArrayIsSorted(address[] memory array) internal pure { if (array.length < 2) { return; } address previous = array[0]; for (uint256 i = 1; i < array.length; ++i) { address current = array[i]; _require(previous < current, Errors.UNSORTED_ARRAY); previous = current; } } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/IOptionalOnlyCaller.sol"; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "./SignaturesValidator.sol"; abstract contract OptionalOnlyCaller is IOptionalOnlyCaller, SignaturesValidator { mapping(address => bool) private _isOnlyCallerEnabled; bytes32 private constant _SET_ONLY_CALLER_CHECK_TYPEHASH = keccak256( "SetOnlyCallerCheck(address user,bool enabled,uint256 nonce)" ); /** * @dev Reverts if the verification mechanism is enabled and the given address is not the caller. * @param user - Address to validate as the only allowed caller, if the verification is enabled. */ modifier optionalOnlyCaller(address user) { _verifyCaller(user); _; } function setOnlyCallerCheck(bool enabled) external override { _setOnlyCallerCheck(msg.sender, enabled); } function setOnlyCallerCheckWithSignature( address user, bool enabled, bytes memory signature ) external override { bytes32 structHash = keccak256(abi.encode(_SET_ONLY_CALLER_CHECK_TYPEHASH, user, enabled, getNextNonce(user))); _ensureValidSignature(user, structHash, signature, Errors.INVALID_SIGNATURE); _setOnlyCallerCheck(user, enabled); } function _setOnlyCallerCheck(address user, bool enabled) private { _isOnlyCallerEnabled[user] = enabled; emit OnlyCallerOptIn(user, enabled); } function isOnlyCallerEnabled(address user) external view override returns (bool) { return _isOnlyCallerEnabled[user]; } function _verifyCaller(address user) private view { if (_isOnlyCallerEnabled[user]) { _require(msg.sender == user, Errors.SENDER_NOT_ALLOWED); } } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC1271.sol"; import "./EOASignaturesValidator.sol"; import "../openzeppelin/Address.sol"; /** * @dev Utility for signing Solidity function calls. */ abstract contract SignaturesValidator is EOASignaturesValidator { using Address for address; function _isValidSignature( address account, bytes32 digest, bytes memory signature ) internal view virtual override returns (bool) { if (account.isContract()) { return IERC1271(account).isValidSignature(digest, signature) == IERC1271.isValidSignature.selector; } else { return super._isValidSignature(account, digest, signature); } } }
// SPDX-License-Identifier: MIT pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; /** * @dev Wrappers over Solidity's arithmetic operations with added overflow checks. * Adapted from OpenZeppelin's SafeMath library. */ library Math { // solhint-disable no-inline-assembly /** * @dev Returns the absolute value of a signed integer. */ function abs(int256 a) internal pure returns (uint256 result) { // Equivalent to: // result = a > 0 ? uint256(a) : uint256(-a) assembly { let s := sar(255, a) result := sub(xor(a, s), s) } } /** * @dev Returns the addition of two unsigned integers of 256 bits, reverting on overflow. */ function add(uint256 a, uint256 b) internal pure returns (uint256) { uint256 c = a + b; _require(c >= a, Errors.ADD_OVERFLOW); return c; } /** * @dev Returns the addition of two signed integers, reverting on overflow. */ function add(int256 a, int256 b) internal pure returns (int256) { int256 c = a + b; _require((b >= 0 && c >= a) || (b < 0 && c < a), Errors.ADD_OVERFLOW); return c; } /** * @dev Returns the subtraction of two unsigned integers of 256 bits, reverting on overflow. */ function sub(uint256 a, uint256 b) internal pure returns (uint256) { _require(b <= a, Errors.SUB_OVERFLOW); uint256 c = a - b; return c; } /** * @dev Returns the subtraction of two signed integers, reverting on overflow. */ function sub(int256 a, int256 b) internal pure returns (int256) { int256 c = a - b; _require((b >= 0 && c <= a) || (b < 0 && c > a), Errors.SUB_OVERFLOW); return c; } /** * @dev Returns the largest of two numbers of 256 bits. */ function max(uint256 a, uint256 b) internal pure returns (uint256 result) { // Equivalent to: // result = (a < b) ? b : a; assembly { result := sub(a, mul(sub(a, b), lt(a, b))) } } /** * @dev Returns the smallest of two numbers of 256 bits. */ function min(uint256 a, uint256 b) internal pure returns (uint256 result) { // Equivalent to `result = (a < b) ? a : b` assembly { result := sub(a, mul(sub(a, b), gt(a, b))) } } function mul(uint256 a, uint256 b) internal pure returns (uint256) { uint256 c = a * b; _require(a == 0 || c / a == b, Errors.MUL_OVERFLOW); return c; } function div( uint256 a, uint256 b, bool roundUp ) internal pure returns (uint256) { return roundUp ? divUp(a, b) : divDown(a, b); } function divDown(uint256 a, uint256 b) internal pure returns (uint256) { _require(b != 0, Errors.ZERO_DIVISION); return a / b; } function divUp(uint256 a, uint256 b) internal pure returns (uint256 result) { _require(b != 0, Errors.ZERO_DIVISION); // Equivalent to: // result = a == 0 ? 0 : 1 + (a - 1) / b; assembly { result := mul(iszero(iszero(a)), add(1, div(sub(a, 1), b))) } } }
// SPDX-License-Identifier: MIT // Based on the Address library from OpenZeppelin Contracts, altered by removing the `isContract` checks on // `functionCall` and `functionDelegateCall` in order to save gas, as the recipients are known to be contracts. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; /** * @dev Collection of functions related to the address type */ library Address { /** * @dev Returns true if `account` is a contract. * * [IMPORTANT] * ==== * It is unsafe to assume that an address for which this function returns * false is an externally-owned account (EOA) and not a contract. * * Among others, `isContract` will return false for the following * types of addresses: * * - an externally-owned account * - a contract in construction * - an address where a contract will be created * - an address where a contract lived, but was destroyed * ==== */ function isContract(address account) internal view returns (bool) { // This method relies on extcodesize, which returns 0 for contracts in // construction, since the code is only stored at the end of the // constructor execution. uint256 size; // solhint-disable-next-line no-inline-assembly assembly { size := extcodesize(account) } return size > 0; } // solhint-disable max-line-length /** * @dev Replacement for Solidity's `transfer`: sends `amount` wei to * `recipient`, forwarding all available gas and reverting on errors. * * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost * of certain opcodes, possibly making contracts go over the 2300 gas limit * imposed by `transfer`, making them unable to receive funds via * `transfer`. {sendValue} removes this limitation. * * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more]. * * IMPORTANT: because control is transferred to `recipient`, care must be * taken to not create reentrancy vulnerabilities. Consider using * {ReentrancyGuard} or the * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern]. */ function sendValue(address payable recipient, uint256 amount) internal { _require(address(this).balance >= amount, Errors.ADDRESS_INSUFFICIENT_BALANCE); // solhint-disable-next-line avoid-low-level-calls, avoid-call-value (bool success, ) = recipient.call{ value: amount }(""); _require(success, Errors.ADDRESS_CANNOT_SEND_VALUE); } /** * @dev Performs a Solidity function call using a low level `call`. A * plain `call` is an unsafe replacement for a function call: use this * function instead. * * If `target` reverts with a revert reason, it is bubbled up by this * function (like regular Solidity function calls). * * Returns the raw returned data. To convert to the expected return value, * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`]. * * Requirements: * * - calling `target` with `data` must not revert. * * _Available since v3.1._ */ function functionCall(address target, bytes memory data) internal returns (bytes memory) { // solhint-disable-next-line avoid-low-level-calls (bool success, bytes memory returndata) = target.call(data); return verifyCallResult(success, returndata); } // solhint-enable max-line-length /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but passing some native ETH as msg.value to the call. * * _Available since v3.4._ */ function functionCallWithValue( address target, bytes memory data, uint256 value ) internal returns (bytes memory) { // solhint-disable-next-line avoid-low-level-calls (bool success, bytes memory returndata) = target.call{ value: value }(data); return verifyCallResult(success, returndata); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but performing a delegate call. * * _Available since v3.4._ */ function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) { // solhint-disable-next-line avoid-low-level-calls (bool success, bytes memory returndata) = target.delegatecall(data); return verifyCallResult(success, returndata); } /** * @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling up the * revert reason or using the one provided. * * _Available since v4.3._ */ function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) { if (success) { return returndata; } else { // Look for revert reason and bubble it up if present if (returndata.length > 0) { // The easiest way to bubble the revert reason is using memory via assembly // solhint-disable-next-line no-inline-assembly assembly { let returndata_size := mload(returndata) revert(add(32, returndata), returndata_size) } } else { _revert(Errors.LOW_LEVEL_CALL_FAILED); } } } }
// SPDX-License-Identifier: MIT pragma solidity ^0.7.0; /** * @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data. * * The encoding specified in the EIP is very generic, and such a generic implementation in Solidity is not feasible, * thus this contract does not implement the encoding itself. Protocols need to implement the type-specific encoding * they need in their contracts using a combination of `abi.encode` and `keccak256`. * * This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding * scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA * ({_hashTypedDataV4}). * * The implementation of the domain separator was designed to be as efficient as possible while still properly updating * the chain id to protect against replay attacks on an eventual fork of the chain. * * NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method * https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask]. * * _Available since v3.4._ */ abstract contract EIP712 { /* solhint-disable var-name-mixedcase */ bytes32 private immutable _HASHED_NAME; bytes32 private immutable _HASHED_VERSION; bytes32 private immutable _TYPE_HASH; /* solhint-enable var-name-mixedcase */ /** * @dev Initializes the domain separator and parameter caches. * * The meaning of `name` and `version` is specified in * https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]: * * - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol. * - `version`: the current major version of the signing domain. * * NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart * contract upgrade]. */ constructor(string memory name, string memory version) { _HASHED_NAME = keccak256(bytes(name)); _HASHED_VERSION = keccak256(bytes(version)); _TYPE_HASH = keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"); } /** * @dev Returns the domain separator for the current chain. */ function _domainSeparatorV4() internal view virtual returns (bytes32) { return keccak256(abi.encode(_TYPE_HASH, _HASHED_NAME, _HASHED_VERSION, _getChainId(), address(this))); } /** * @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this * function returns the hash of the fully encoded EIP712 message for this domain. * * This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example: * * ```solidity * bytes32 digest = _hashTypedDataV4(keccak256(abi.encode( * keccak256("Mail(address to,string contents)"), * mailTo, * keccak256(bytes(mailContents)) * ))); * address signer = ECDSA.recover(digest, signature); * ``` */ function _hashTypedDataV4(bytes32 structHash) internal view virtual returns (bytes32) { return keccak256(abi.encodePacked("\x19\x01", _domainSeparatorV4(), structHash)); } // solc-ignore-next-line func-mutability function _getChainId() private view returns (uint256 chainId) { // solhint-disable-next-line no-inline-assembly assembly { chainId := chainid() } } }
// SPDX-License-Identifier: MIT // Based on the ReentrancyGuard library from OpenZeppelin Contracts, altered to reduce bytecode size. // Modifier code is inlined by the compiler, which causes its code to appear multiple times in the codebase. By using // private functions, we achieve the same end result with slightly higher runtime gas costs, but reduced bytecode size. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; /** * @dev Contract module that helps prevent reentrant calls to a function. * * Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier * available, which can be applied to functions to make sure there are no nested * (reentrant) calls to them. * * Note that because there is a single `nonReentrant` guard, functions marked as * `nonReentrant` may not call one another. This can be worked around by making * those functions `private`, and then adding `external` `nonReentrant` entry * points to them. * * TIP: If you would like to learn more about reentrancy and alternative ways * to protect against it, check out our blog post * https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul]. */ abstract contract ReentrancyGuard { // Booleans are more expensive than uint256 or any type that takes up a full // word because each write operation emits an extra SLOAD to first read the // slot's contents, replace the bits taken up by the boolean, and then write // back. This is the compiler's defense against contract upgrades and // pointer aliasing, and it cannot be disabled. // The values being non-zero value makes deployment a bit more expensive, // but in exchange the refund on every call to nonReentrant will be lower in // amount. Since refunds are capped to a percentage of the total // transaction's gas, it is best to keep them low in cases like this one, to // increase the likelihood of the full refund coming into effect. uint256 private constant _NOT_ENTERED = 1; uint256 private constant _ENTERED = 2; uint256 private _status; constructor() { _status = _NOT_ENTERED; } /** * @dev Prevents a contract from calling itself, directly or indirectly. * Calling a `nonReentrant` function from another `nonReentrant` * function is not supported. It is possible to prevent this from happening * by making the `nonReentrant` function external, and make it call a * `private` function that does the actual work. */ modifier nonReentrant() { _enterNonReentrant(); _; _exitNonReentrant(); } function _enterNonReentrant() private { // On the first call to nonReentrant, _status will be _NOT_ENTERED _require(_status != _ENTERED, Errors.REENTRANCY); // Any calls to nonReentrant after this point will fail _status = _ENTERED; } function _exitNonReentrant() private { // By storing the original value once again, a refund is triggered (see // https://eips.ethereum.org/EIPS/eip-2200) _status = _NOT_ENTERED; } }
// SPDX-License-Identifier: MIT // Based on the ReentrancyGuard library from OpenZeppelin Contracts, altered to reduce gas costs. // The `safeTransfer` and `safeTransferFrom` functions assume that `token` is a contract (an account with code), and // work differently from the OpenZeppelin version if it is not. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC20.sol"; /** * @title SafeERC20 * @dev Wrappers around ERC20 operations that throw on failure (when the token * contract returns false). Tokens that return no value (and instead revert or * throw on failure) are also supported, non-reverting calls are assumed to be * successful. * To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract, * which allows you to call the safe operations as `token.safeTransfer(...)`, etc. */ library SafeERC20 { function safeApprove( IERC20 token, address to, uint256 value ) internal { // Some contracts need their allowance reduced to 0 before setting it to an arbitrary amount. if (value != 0 && token.allowance(address(this), address(to)) != 0) { _callOptionalReturn(address(token), abi.encodeWithSelector(token.approve.selector, to, 0)); } _callOptionalReturn(address(token), abi.encodeWithSelector(token.approve.selector, to, value)); } function safeTransfer( IERC20 token, address to, uint256 value ) internal { _callOptionalReturn(address(token), abi.encodeWithSelector(token.transfer.selector, to, value)); } function safeTransferFrom( IERC20 token, address from, address to, uint256 value ) internal { _callOptionalReturn(address(token), abi.encodeWithSelector(token.transferFrom.selector, from, to, value)); } /** * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement * on the return value: the return value is optional (but if data is returned, it must not be false). * * WARNING: `token` is assumed to be a contract: calls to EOAs will *not* revert. */ function _callOptionalReturn(address token, bytes memory data) private { // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since // we're implementing it ourselves. // solhint-disable-next-line avoid-low-level-calls (bool success, bytes memory returndata) = token.call(data); // If the low-level call didn't succeed we return whatever was returned from it. // solhint-disable-next-line no-inline-assembly assembly { if eq(success, 0) { returndatacopy(0, 0, returndatasize()) revert(0, returndatasize()) } } // Finally we check the returndata size is either zero or true - note that this check will always pass for EOAs _require(returndata.length == 0 || abi.decode(returndata, (bool)), Errors.SAFE_ERC20_CALL_FAILED); } }
// SPDX-License-Identifier: MIT pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; /** * @dev Wrappers over Solidity's arithmetic operations with added overflow * checks. * * Arithmetic operations in Solidity wrap on overflow. This can easily result * in bugs, because programmers usually assume that an overflow raises an * error, which is the standard behavior in high level programming languages. * `SafeMath` restores this intuition by reverting the transaction when an * operation overflows. * * Using this library instead of the unchecked operations eliminates an entire * class of bugs, so it's recommended to use it always. */ library SafeMath { /** * @dev Returns the addition of two unsigned integers, reverting on * overflow. * * Counterpart to Solidity's `+` operator. * * Requirements: * * - Addition cannot overflow. */ function add(uint256 a, uint256 b) internal pure returns (uint256) { uint256 c = a + b; _require(c >= a, Errors.ADD_OVERFLOW); return c; } /** * @dev Returns the subtraction of two unsigned integers, reverting on * overflow (when the result is negative). * * Counterpart to Solidity's `-` operator. * * Requirements: * * - Subtraction cannot overflow. */ function sub(uint256 a, uint256 b) internal pure returns (uint256) { return sub(a, b, Errors.SUB_OVERFLOW); } /** * @dev Returns the subtraction of two unsigned integers, reverting with custom message on * overflow (when the result is negative). * * Counterpart to Solidity's `-` operator. * * Requirements: * * - Subtraction cannot overflow. */ function sub( uint256 a, uint256 b, uint256 errorCode ) internal pure returns (uint256) { _require(b <= a, errorCode); uint256 c = a - b; return c; } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity >=0.7.0 <0.9.0; pragma experimental ABIEncoderV2; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC20.sol"; import "./IVotingEscrow.sol"; /** * @title Reward Distributor * @notice Distributes any tokens transferred to the contract (e.g. Protocol rewards and any token emissions) among veBPT * holders proportionally based on a snapshot of the week at which the tokens are sent to the RewardDistributor contract. * @dev Supports distributing arbitrarily many different tokens. In order to start distributing a new token to veBPT * holders simply transfer the tokens to the `RewardDistributor` contract and then call `checkpointToken`. */ interface IRewardDistributor { event TokenCheckpointed( IERC20 token, uint256 amount, uint256 lastCheckpointTimestamp ); event TokensClaimed( address user, IERC20 token, uint256 amount, uint256 userTokenTimeCursor ); event TokenAdded(address indexed token); event RewardDeposit(IERC20 token, uint256 amount); event NewAdmin(address indexed newAdmin); /** * @notice Returns the VotingEscrow (veBPT) token contract */ function getVotingEscrow() external view returns (IVotingEscrow); /** * @notice Returns the global time cursor representing the most earliest uncheckpointed week. */ function getTimeCursor() external view returns (uint256); /** * @notice Returns the user-level time cursor representing the most earliest uncheckpointed week. * @param user - The address of the user to query. */ function getUserTimeCursor(address user) external view returns (uint256); /** * @notice Returns the token-level time cursor storing the timestamp at up to which tokens have been distributed. * @param token - The ERC20 token address to query. */ function getTokenTimeCursor(IERC20 token) external view returns (uint256); /** * @notice Returns the user-level time cursor storing the timestamp of the latest token distribution claimed. * @param user - The address of the user to query. * @param token - The ERC20 token address to query. */ function getUserTokenTimeCursor( address user, IERC20 token ) external view returns (uint256); /** * @notice Returns the user's cached balance of veBPT as of the provided timestamp. * @dev Only timestamps which fall on Thursdays 00:00:00 UTC will return correct values. * This function requires `user` to have been checkpointed past `timestamp` so that their balance is cached. * @param user - The address of the user of which to read the cached balance of. * @param timestamp - The timestamp at which to read the `user`'s cached balance at. */ function getUserBalanceAtTimestamp( address user, uint256 timestamp ) external view returns (uint256); /** * @notice Returns the cached total supply of veBPT as of the provided timestamp. * @dev Only timestamps which fall on Thursdays 00:00:00 UTC will return correct values. * This function requires the contract to have been checkpointed past `timestamp` so that the supply is cached. * @param timestamp - The timestamp at which to read the cached total supply at. */ function getTotalSupplyAtTimestamp( uint256 timestamp ) external view returns (uint256); /** * @notice Returns the RewardDistributor's cached balance of `token`. */ function getTokenLastBalance(IERC20 token) external view returns (uint256); /** * @notice Returns the amount of `token` which the RewardDistributor received in the week beginning at `timestamp`. * @param token - The ERC20 token address to query. * @param timestamp - The timestamp corresponding to the beginning of the week of interest. */ function getTokensDistributedInWeek( IERC20 token, uint256 timestamp ) external view returns (uint256); // Depositing /** * @notice Deposits tokens to be distributed in the current week. * @dev Sending tokens directly to the RewardDistributor instead of using `depositTokens` may result in tokens being * retroactively distributed to past weeks, or for the distribution to carry over to future weeks. * * If for some reason `depositTokens` cannot be called, in order to ensure that all tokens are correctly distributed * manually call `checkpointToken` before and after the token transfer. * @param token - The ERC20 token address to distribute. * @param amount - The amount of tokens to deposit. */ function depositToken(IERC20 token, uint256 amount) external; /** * @notice Deposits tokens to be distributed in the current week. * @dev A version of `depositToken` which supports depositing multiple `tokens` at once. * See `depositToken` for more details. * @param tokens - An array of ERC20 token addresses to distribute. * @param amounts - An array of token amounts to deposit. */ function depositTokens( IERC20[] calldata tokens, uint256[] calldata amounts ) external; // Checkpointing /** * @notice Caches the total supply of veBPT at the beginning of each week. * This function will be called automatically before claiming tokens to ensure the contract is properly updated. */ function checkpoint() external; /** * @notice Caches the user's balance of veBPT at the beginning of each week. * This function will be called automatically before claiming tokens to ensure the contract is properly updated. * @param user - The address of the user to be checkpointed. */ function checkpointUser(address user) external; /** * @notice Assigns any newly-received tokens held by the RewardDistributor to weekly distributions. * @dev Any `token` balance held by the RewardDistributor above that which is returned by `getTokenLastBalance` * will be distributed evenly across the time period since `token` was last checkpointed. * * This function will be called automatically before claiming tokens to ensure the contract is properly updated. * @param token - The ERC20 token address to be checkpointed. */ function checkpointToken(IERC20 token) external; /** * @notice Assigns any newly-received tokens held by the RewardDistributor to weekly distributions. * @dev A version of `checkpointToken` which supports checkpointing multiple tokens. * See `checkpointToken` for more details. * @param tokens - An array of ERC20 token addresses to be checkpointed. */ function checkpointTokens(IERC20[] calldata tokens) external; // Claiming /** * @notice Claims all pending distributions of the provided token for a user. * @dev It's not necessary to explicitly checkpoint before calling this function, it will ensure the RewardDistributor * is up to date before calculating the amount of tokens to be claimed. * @param user - The user on behalf of which to claim. * @param token - The ERC20 token address to be claimed. * @return The amount of `token` sent to `user` as a result of claiming. */ function claimToken(address user, IERC20 token) external returns (uint256); /** * @notice Claims a number of tokens on behalf of a user. * @dev A version of `claimToken` which supports claiming multiple `tokens` on behalf of `user`. * See `claimToken` for more details. * @param user - The user on behalf of which to claim. * @param tokens - An array of ERC20 token addresses to be claimed. * @return An array of the amounts of each token in `tokens` sent to `user` as a result of claiming. */ function claimTokens( address user, IERC20[] calldata tokens ) external returns (uint256[] memory); }
// SPDX-License-Identifier: MIT pragma solidity ^0.7.0; interface IRewardFaucet { function distributePastRewards(address rewardToken) external; }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity >=0.7.0 <0.9.0; pragma experimental ABIEncoderV2; // solhint-disable func-name-mixedcase interface IVotingEscrow { struct Point { int128 bias; int128 slope; // - dweight / dt uint256 ts; uint256 blk; // block } function epoch() external view returns (uint256); function admin() external view returns (address); function future_admin() external view returns (address); function apply_smart_wallet_checker() external; function apply_transfer_ownership() external; // function balanceOf(address addr, uint256 _t) external view returns (uint256); function balanceOf( address user, uint256 timestamp ) external view returns (uint256); function balanceOfAt( address addr, uint256 _block ) external view returns (uint256); function checkpoint() external; function commit_smart_wallet_checker(address addr) external; function commit_transfer_ownership(address addr) external; function create_lock(uint256 _value, uint256 _unlock_time) external; function decimals() external view returns (uint256); function deposit_for(address _addr, uint256 _value) external; function get_last_user_slope(address addr) external view returns (int128); function increase_amount(uint256 _value) external; function increase_unlock_time(uint256 _unlock_time) external; function locked__end(address _addr) external view returns (uint256); function name() external view returns (string memory); function point_history( uint256 timestamp ) external view returns (Point memory); function symbol() external view returns (string memory); function token() external view returns (address); function totalSupply(uint256 t) external view returns (uint256); function totalSupplyAt(uint256 _block) external view returns (uint256); function user_point_epoch(address user) external view returns (uint256); function user_point_history__ts( address _addr, uint256 _idx ) external view returns (uint256); function user_point_history( address user, uint256 timestamp ) external view returns (Point memory); function withdraw() external; }
{ "optimizer": { "enabled": true, "runs": 200 }, "outputSelection": { "*": { "*": [ "evm.bytecode", "evm.deployedBytecode", "devdoc", "userdoc", "metadata", "abi" ] } }, "libraries": {} }
[{"inputs":[],"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"newAdmin","type":"address"}],"name":"NewAdmin","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"user","type":"address"},{"indexed":false,"internalType":"bool","name":"enabled","type":"bool"}],"name":"OnlyCallerOptIn","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"contract IERC20","name":"token","type":"address"},{"indexed":false,"internalType":"uint256","name":"amount","type":"uint256"}],"name":"RewardDeposit","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"token","type":"address"}],"name":"TokenAdded","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"contract IERC20","name":"token","type":"address"},{"indexed":false,"internalType":"uint256","name":"amount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"lastCheckpointTimestamp","type":"uint256"}],"name":"TokenCheckpointed","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"user","type":"address"},{"indexed":false,"internalType":"contract IERC20","name":"token","type":"address"},{"indexed":false,"internalType":"uint256","name":"amount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"userTokenTimeCursor","type":"uint256"}],"name":"TokensClaimed","type":"event"},{"inputs":[{"internalType":"address[]","name":"tokens","type":"address[]"}],"name":"addAllowedRewardTokens","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"admin","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"}],"name":"allowedRewardTokens","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"checkpoint","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"contract IERC20","name":"token","type":"address"}],"name":"checkpointToken","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"contract IERC20[]","name":"tokens","type":"address[]"}],"name":"checkpointTokens","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"}],"name":"checkpointUser","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"},{"internalType":"contract IERC20","name":"token","type":"address"}],"name":"claimToken","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"},{"internalType":"contract IERC20[]","name":"tokens","type":"address[]"}],"name":"claimTokens","outputs":[{"internalType":"uint256[]","name":"","type":"uint256[]"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"contract IERC20","name":"token","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"}],"name":"depositToken","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"contract IERC20[]","name":"tokens","type":"address[]"},{"internalType":"uint256[]","name":"amounts","type":"uint256[]"}],"name":"depositTokens","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"contract IERC20","name":"token","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"}],"name":"faucetDepositToken","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"getAllowedRewardTokens","outputs":[{"internalType":"address[]","name":"","type":"address[]"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getDomainSeparator","outputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"account","type":"address"}],"name":"getNextNonce","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getTimeCursor","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"contract IERC20","name":"token","type":"address"}],"name":"getTokenLastBalance","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"contract IERC20","name":"token","type":"address"}],"name":"getTokenTimeCursor","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"contract IERC20","name":"token","type":"address"},{"internalType":"uint256","name":"timestamp","type":"uint256"}],"name":"getTokensDistributedInWeek","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"timestamp","type":"uint256"}],"name":"getTotalSupplyAtTimestamp","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"},{"internalType":"uint256","name":"timestamp","type":"uint256"}],"name":"getUserBalanceAtTimestamp","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"}],"name":"getUserTimeCursor","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"},{"internalType":"contract IERC20","name":"token","type":"address"}],"name":"getUserTokenTimeCursor","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getVotingEscrow","outputs":[{"internalType":"contract IVotingEscrow","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"contract IVotingEscrow","name":"votingEscrow","type":"address"},{"internalType":"contract IRewardFaucet","name":"rewardFaucet_","type":"address"},{"internalType":"uint256","name":"startTime","type":"uint256"},{"internalType":"address","name":"admin_","type":"address"}],"name":"initialize","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"isInitialized","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"}],"name":"isOnlyCallerEnabled","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"rewardFaucet","outputs":[{"internalType":"contract IRewardFaucet","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bool","name":"enabled","type":"bool"}],"name":"setOnlyCallerCheck","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"},{"internalType":"bool","name":"enabled","type":"bool"},{"internalType":"bytes","name":"signature","type":"bytes"}],"name":"setOnlyCallerCheckWithSignature","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"newAdmin","type":"address"}],"name":"transferAdmin","outputs":[],"stateMutability":"nonpayable","type":"function"}]
Loading...
Loading
Loading...
Loading
Loading...
Loading
[ Download: CSV Export ]
[ Download: CSV Export ]
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.