Sponsored
MoonPay
Buy, sell and swap Ethereum with MoonPay.Buy Now!
Spend less on fees, more on crypto. Buy crypto easily with MoonPay Balance. 20M+ users trust MoonPay worldwide.
MetaMask
Manage your web3 everything with MetaMask Portfolio. Try Now!
Ready to onboard to Ethereum? With MetaMask Portfolio, you're in control.
eToro
One-stop crypto shop: trusted, simple & safe.
Don’t invest unless you’re prepared to lose all the money you invest.
Sponsored
MetaMask
Meet MetaMask Portfolio - your key to getting more out of web3. Try Now
Ready to simplify your web3 experience? Try the all-in-one web3 app trusted by millions worldwide.
MetaMask
No gas? No problem, with MetaMask Gas Station Try Now
No gas? No problem. MetaMask Gas Station includes gas fees directly in your quote.
Sponsored
Сoins.game
100 free spins for registration. Spin now!
Everyday giveaways up to 100 ETH, Lucky Spins. Deposit BONUS 300% and Cashbacks!
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
Stake
200% Bonus, 100K Daily Giveaways, Instant Withdrawals Play Now!
Slots, Roulette, Poker & more - Proud sponsors of UFC, Everton & StakeF1 team!
Sponsored
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
CryptoSlots
Play & Get 25 Free Spins at CryptoSlots Play Now
Anonymous play on awesome games - sign up now for 25 free jackpot spins - worth $100s!
CryptoWins
200% More Funds to Play on Us up to 4 BTC! Claim Now!
100s of games, generous bonuses, 20+ years of trusted gaming. Join CryptoWins & start winning today!
Overview
ETH Balance
0 ETH
Eth Value
$0.00More Info
Private Name Tags
ContractCreator
Latest 25 from a total of 77,423 transactions
| Transaction Hash |
Method
|
Block
|
From
|
To
|
|||||
|---|---|---|---|---|---|---|---|---|---|
| Claim And Stake | 21290659 | 29 days ago | IN | 0 ETH | 0.0002381 | ||||
| Claim And Stake | 21290651 | 29 days ago | IN | 0 ETH | 0.00022374 | ||||
| Claim And Stake | 21290650 | 29 days ago | IN | 0 ETH | 0.00024648 | ||||
| Claim And Stake | 21003473 | 69 days ago | IN | 0 ETH | 0.00020459 | ||||
| Claim And Stake | 21003473 | 69 days ago | IN | 0 ETH | 0.000204 | ||||
| Claim | 20736396 | 107 days ago | IN | 0 ETH | 0.00049278 | ||||
| Emergency Withdr... | 20675715 | 115 days ago | IN | 0 ETH | 0.00002977 | ||||
| Accept Ownership | 20675685 | 115 days ago | IN | 0 ETH | 0.00003053 | ||||
| Claim | 20667790 | 116 days ago | IN | 0 ETH | 0.00005489 | ||||
| Claim And Stake | 20666969 | 116 days ago | IN | 0 ETH | 0.00003544 | ||||
| Claim And Stake | 20665845 | 116 days ago | IN | 0 ETH | 0.00006817 | ||||
| Claim And Stake | 20665801 | 116 days ago | IN | 0 ETH | 0.00060071 | ||||
| Claim And Stake | 20665769 | 116 days ago | IN | 0 ETH | 0.00020296 | ||||
| Claim And Stake | 20665733 | 116 days ago | IN | 0 ETH | 0.00021342 | ||||
| Claim And Stake | 20665733 | 116 days ago | IN | 0 ETH | 0.0003098 | ||||
| Claim And Stake | 20665733 | 116 days ago | IN | 0 ETH | 0.00021342 | ||||
| Claim | 20649035 | 119 days ago | IN | 0 ETH | 0.00005002 | ||||
| Claim | 20648994 | 119 days ago | IN | 0 ETH | 0.000041 | ||||
| Claim | 20648340 | 119 days ago | IN | 0 ETH | 0.00006886 | ||||
| Claim | 20637079 | 120 days ago | IN | 0 ETH | 0.00004522 | ||||
| Claim And Stake | 20637079 | 120 days ago | IN | 0 ETH | 0.00004537 | ||||
| Claim And Stake | 20637079 | 120 days ago | IN | 0 ETH | 0.00004542 | ||||
| Claim | 20620974 | 123 days ago | IN | 0 ETH | 0.0023954 | ||||
| Claim | 20596488 | 126 days ago | IN | 0 ETH | 0.0000812 | ||||
| Claim And Stake | 20596488 | 126 days ago | IN | 0 ETH | 0.00005553 |
Advanced mode: Intended for advanced users or developers and will display all Internal Transactions including zero value transfers. Name tag integration is not available in advanced view.
Latest 25 internal transactions (View All)
Advanced mode:
| Parent Transaction Hash | Block |
From
|
To
|
||||
|---|---|---|---|---|---|---|---|
| 20736396 | 107 days ago | 0 ETH | |||||
| 20736396 | 107 days ago | 0 ETH | |||||
| 20706105 | 111 days ago | 0 ETH | |||||
| 20706105 | 111 days ago | 0 ETH | |||||
| 20706105 | 111 days ago | 0 ETH | |||||
| 20665801 | 116 days ago | 0 ETH | |||||
| 20665801 | 116 days ago | 0 ETH | |||||
| 20665801 | 116 days ago | 0 ETH | |||||
| 20665769 | 116 days ago | 0 ETH | |||||
| 20665733 | 116 days ago | 0 ETH | |||||
| 20665733 | 116 days ago | 0 ETH | |||||
| 20665733 | 116 days ago | 0 ETH | |||||
| 20577323 | 129 days ago | 0 ETH | |||||
| 20577323 | 129 days ago | 0 ETH | |||||
| 20577313 | 129 days ago | 0 ETH | |||||
| 20577313 | 129 days ago | 0 ETH | |||||
| 20577269 | 129 days ago | 0 ETH | |||||
| 20577269 | 129 days ago | 0 ETH | |||||
| 20577269 | 129 days ago | 0 ETH | |||||
| 20577227 | 129 days ago | 0 ETH | |||||
| 20577227 | 129 days ago | 0 ETH | |||||
| 20577200 | 129 days ago | 0 ETH | |||||
| 20577200 | 129 days ago | 0 ETH | |||||
| 20577200 | 129 days ago | 0 ETH | |||||
| 20577200 | 129 days ago | 0 ETH |
Loading...
Loading
Contract Source Code Verified (Exact Match)
Contract Name:
Distributor
Compiler Version
v0.8.23+commit.f704f362
Optimization Enabled:
Yes with 10000 runs
Other Settings:
paris EvmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: MIT
pragma solidity 0.8.23;
/*
.____ ________
| | _____ ___.__. __________\_____ \
| | \__ \< | |/ __ \_ __ \_(__ <
| |___ / __ \\___ \ ___/| | \/ \
|_______ (____ / ____|\___ >__| /______ /
\/ \/\/ \/ \/
https://layer3.xyz
Made with ♥ by Wonderland (https://defi.sucks)
*/
import {IDistributor} from 'interfaces/IDistributor.sol';
import {IStaking} from 'interfaces/IStaking.sol';
import {Ownable, Ownable2Step} from 'openzeppelin/access/Ownable2Step.sol';
import {IERC20, SafeERC20} from 'openzeppelin/token/ERC20/utils/SafeERC20.sol';
import {ECDSA} from 'openzeppelin/utils/cryptography/ECDSA.sol';
import {MerkleProof} from 'openzeppelin/utils/cryptography/MerkleProof.sol';
import {MessageHashUtils} from 'openzeppelin/utils/cryptography/MessageHashUtils.sol';
contract Distributor is IDistributor, Ownable2Step {
using ECDSA for bytes32;
using MessageHashUtils for bytes32;
using SafeERC20 for IERC20;
/// @inheritdoc IDistributor
bytes32 public immutable MERKLE_ROOT;
/// @inheritdoc IDistributor
IERC20 public immutable TOKEN;
/// @inheritdoc IDistributor
IStaking public immutable STAKING;
/// @inheritdoc IDistributor
address public signer;
/// @inheritdoc IDistributor
mapping(address => bool) public hasClaimed;
// solhint-disable-next-line no-unused-vars
constructor(bytes32 _merkleRoot, address _signer, IERC20 _token, address _staking, address _owner) Ownable(_owner) {
MERKLE_ROOT = _merkleRoot;
TOKEN = _token;
STAKING = IStaking(_staking);
_updateSigner(_signer);
}
/// @inheritdoc IDistributor
function claim(uint256 amount, bytes32[] calldata merkleProof, bytes calldata signature) external {
_claim(amount, merkleProof, signature);
// Transfer the tokens to the user
TOKEN.safeTransfer(msg.sender, amount);
emit Claimed(msg.sender, amount);
}
/// @inheritdoc IDistributor
function claimAndStake(
uint256 amount,
bytes32[] calldata merkleProof,
bytes calldata signature,
uint32 lockupPeriod
) external {
_claim(amount, merkleProof, signature);
// Stake the tokens
STAKING.stake(amount, lockupPeriod, msg.sender);
// Transfer the tokens
TOKEN.safeTransfer(address(STAKING), amount);
emit ClaimedAndStaked(msg.sender, amount, lockupPeriod, block.timestamp);
}
/// @inheritdoc IDistributor
function emergencyWithdraw(uint256 amount) external onlyOwner {
if (amount == 0) revert ZeroAmount();
// Withdraw either the requested amount or the remaining balance
uint256 _remainingBalance = TOKEN.balanceOf(address(this));
uint256 _withdrawalAmount = amount > _remainingBalance ? _remainingBalance : amount;
address _owner = owner();
TOKEN.safeTransfer(_owner, _withdrawalAmount);
emit EmergencyWithdrawn(_owner, _withdrawalAmount);
}
/// @inheritdoc IDistributor
function updateSigner(address newSigner) external onlyOwner {
_updateSigner(newSigner);
}
/// @inheritdoc IDistributor
function collectDust(IERC20 token, uint256 amount) external onlyOwner {
if (token == TOKEN || address(token) == address(0)) revert InvalidToken();
if (amount == 0) revert ZeroAmount();
address _owner = owner();
token.safeTransfer(_owner, amount);
emit DustCollected(_owner, token, amount);
}
/**
* @notice Verifies the signature and merkle proof, and marks that the user has claimed
* @param amount The amount to claim
* @param merkleProof The merkle proof
* @param signature The claim signature provided by the UI
*/
function _claim(uint256 amount, bytes32[] calldata merkleProof, bytes calldata signature) internal virtual {
if (hasClaimed[msg.sender]) revert AlreadyClaimed();
// Verify the signature
bytes32 _messageHash = keccak256(bytes.concat(keccak256(abi.encode(msg.sender, amount))));
bytes32 _ethSignedMessageHash = _messageHash.toEthSignedMessageHash();
address _recoveredSigner = _ethSignedMessageHash.recover(signature);
if (_recoveredSigner != signer) revert InvalidSigner();
// Verify the merkle proof
if (!MerkleProof.verify(merkleProof, MERKLE_ROOT, _messageHash)) revert InvalidProof();
// Mark as claimed
hasClaimed[msg.sender] = true;
}
/**
* @notice Updates the signer address
* @param newSigner The new signer address
*/
function _updateSigner(address newSigner) internal {
if (newSigner == address(0)) revert InvalidNewSigner();
address _oldSigner = signer;
signer = newSigner;
emit SignerUpdated(_oldSigner, newSigner);
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.23;
import {IStaking} from 'interfaces/IStaking.sol';
import {IERC20} from 'openzeppelin/token/ERC20/IERC20.sol';
/**
* @title Distributor Contract
* @author Wonderland (https://defi.sucks)
* @notice Distributes tokens to users based on a merkle root and a signature
*/
interface IDistributor {
/*///////////////////////////////////////////////////////////////
EVENTS
///////////////////////////////////////////////////////////////*/
/**
* @notice Emitted when a user claims their tokens
* @param _account The account that claimed the tokens
* @param _amount The amount of tokens claimed
*/
event Claimed(address indexed _account, uint256 _amount);
/**
* @notice Emitted when a user claims and stakes their tokens
* @param _account The account that claimed and staked the tokens
* @param _amount The amount of tokens claimed and staked
* @param _lockupPeriod The lockup period for the deposit
* @param _timestamp The timestamp at which the tokens were claimed and staked
*/
event ClaimedAndStaked(address indexed _account, uint256 _amount, uint256 _lockupPeriod, uint256 _timestamp);
/**
* @notice Emitted when the owner withdraws tokens from the contract
* @param _owner The owner that withdrew the tokens
* @param _amount The amount of tokens withdrawn
*/
event EmergencyWithdrawn(address indexed _owner, uint256 _amount);
/**
* @notice Emitted when the signer is updated by the owner
* @param _oldSigner The old signer address
* @param _newSigner The new signer address
*/
event SignerUpdated(address indexed _oldSigner, address indexed _newSigner);
/**
* @notice Emitted when the owner collects dust tokens from the contract
* @param _owner The owner that collected the dust tokens
* @param _token The token address
* @param _amount The amount of tokens collected
*/
event DustCollected(address indexed _owner, IERC20 indexed _token, uint256 _amount);
/*///////////////////////////////////////////////////////////////
ERRORS
///////////////////////////////////////////////////////////////*/
/**
* @notice Throws if the input amount is zero
*/
error ZeroAmount();
/**
* @notice Throws if the user has already claimed their tokens
*/
error AlreadyClaimed();
/**
* @notice Throws if the recovered signer is different from the expected signer
*/
error InvalidSigner();
/**
* @notice Throws if the merkle verification fails
*/
error InvalidProof();
/**
* @notice Throws if the new signer address is invalid
*/
error InvalidNewSigner();
/**
* @notice Throws if the input token is invalid
*/
error InvalidToken();
/*///////////////////////////////////////////////////////////////
LOGIC
///////////////////////////////////////////////////////////////*/
/**
* @notice Verifies eligibility and transfers the tokens to the caller
* @param _amount The amount of tokens to claim
* @param _merkleProof The merkle proof of the claim
* @param _signature The signature provided by the UI
*/
function claim(uint256 _amount, bytes32[] calldata _merkleProof, bytes calldata _signature) external;
/**
* @notice Verifies eligibility and stakes the claimed tokens in the contract
* @param _amount The amount of tokens to claim
* @param _merkleProof The merkle proof for the claim
* @param _signature The signature for verification of the claim data
* @param _lockupPeriod The period of time to lock the tokens for
*/
function claimAndStake(
uint256 _amount,
bytes32[] calldata _merkleProof,
bytes calldata _signature,
uint32 _lockupPeriod
) external;
/**
* @notice Sends any remaining tokens to the owner
* @dev Only callable by the owner
* @dev If the specified amount exceeds the available balance, the entire balance is withdrawn
* @param _amount The amount of tokens to withdraw
*/
function emergencyWithdraw(uint256 _amount) external;
/**
* @notice Updates the signer address
* @dev Only callable by the owner
* @param _newSigner The new signer address
*/
function updateSigner(address _newSigner) external;
/**
* @notice Collects dust tokens from the contract
* @dev Only the owner can call this function
* @param _token The token to collect
* @param _amount The amount of tokens to collect
*/
function collectDust(IERC20 _token, uint256 _amount) external;
/*///////////////////////////////////////////////////////////////
VARIABLES
///////////////////////////////////////////////////////////////*/
/**
* @notice The root of the merkle tree
* @return _merkleRoot The root of the merkle tree
*/
// solhint-disable-next-line func-name-mixedcase
function MERKLE_ROOT() external view returns (bytes32 _merkleRoot);
/**
* @notice The token being distributed
* @return _token The address of the token
*/
// solhint-disable-next-line func-name-mixedcase
function TOKEN() external view returns (IERC20 _token);
/**
* @notice The address of the staking contract
* @return _staking The staking contract
*/
// solhint-disable-next-line func-name-mixedcase
function STAKING() external view returns (IStaking _staking);
/**
* @notice The address of the signer
* @return _signer The address of the signer
*/
function signer() external view returns (address _signer);
/**
* @notice Returns whether the user has claimed their tokens
* @param _user The address of the user
* @return _claimed Whether the user has claimed their tokens
*/
function hasClaimed(address _user) external view returns (bool _claimed);
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.23;
import {IDistributor} from './IDistributor.sol';
import {IERC20} from 'openzeppelin/token/ERC20/utils/SafeERC20.sol';
interface IStaking {
/*///////////////////////////////////////////////////////////////
STRUCTS
///////////////////////////////////////////////////////////////*/
/**
* @notice Deposit struct
* @param amount The amount of tokens deposited
* @param unlockAt The timestamp when the tokens can be unlocked
* @param lockupPeriod The period the tokens are locked for to get the bonus
* @param index The index of the deposit
* @param withdrawAt The timestamp when the tokens can be withdrawn (after withdrawal period is over)
*/
struct Deposit {
uint128 amount;
uint40 unlockAt;
uint32 lockupPeriod;
uint16 index;
uint40 withdrawAt;
}
/**
* @notice Staker struct
* @param weight The combined weight of the staker's deposits
* @param depositCount The number of deposits the staker has
* @param rewardPerShareSnapshot The amount of rewards per share as seen at the last update
* @param pendingRewards The amount of rewards available to be claimed by the staker
*/
struct Staker {
uint128 weight;
uint128 depositCount;
uint128 rewardPerShareSnapshot;
uint128 pendingRewards;
}
/*///////////////////////////////////////////////////////////////
EVENTS
///////////////////////////////////////////////////////////////*/
/**
* @notice Emitted when the user stakes tokens
* @param _user The user that staked the tokens
* @param _index The index of the deposit
* @param _amount The amount of tokens staked
* @param _lockupPeriod The lockup period
* @param _unlockAt The timestamp when the tokens can be withdrawn
*/
event Staked(
address indexed _user, uint256 indexed _index, uint256 _amount, uint256 _lockupPeriod, uint256 _unlockAt
);
/**
* @notice Emitted when the user adds tokens to an existing stake
* @param _user The user that staked the tokens
* @param _index The index of the deposit
* @param _amount The amount of tokens added
*/
event StakeIncreased(address indexed _user, uint256 indexed _index, uint256 _amount);
/**
* @notice Emitted when the user claims pending rewards and creates a new deposit
* @param _user The user that staked the rewards
* @param _index The index of the created stake
* @param _amount The amount of tokens staked
* @param _lockupPeriod The lockup period
*/
event ClaimRewardAndStake(address indexed _user, uint256 indexed _index, uint256 _amount, uint256 _lockupPeriod);
/**
* @notice Emitted when the user claims pending rewards and adds the tokens to an existing stake
* @param _user The user that staked the tokens
* @param _index The index of the deposit
* @param _amount The amount of tokens added
*/
event ClaimRewardAndIncreaseStake(address indexed _user, uint256 indexed _index, uint256 _amount);
/**
* @notice Emitted when the user initiates a withdrawal
* @param _user The user that initiated the withdrawal
* @param _index The index of the deposit
* @param _withdrawAt The end of the withdrawal period
*/
event WithdrawalInitiated(address indexed _user, uint256 indexed _index, uint256 _withdrawAt);
/**
* @notice Emitted when the user cancels the withdrawal
* @param _user The user that cancelled the withdrawal
* @param _index The index of the deposit
*/
event WithdrawalCancelled(address indexed _user, uint256 indexed _index);
/**
* @notice Emitted when the user withdraws tokens
* @param _user The user that withdrew the tokens
* @param _index The index of the deposit
* @param _amount The amount of tokens withdrawn
*/
event Withdrawn(address indexed _user, uint256 indexed _index, uint256 _amount);
/**
* @notice Emitted when the user claims their rewards
* @param _user The user that claimed the rewards
* @param _amount The amount of rewards claimed
*/
event RewardPaid(address indexed _user, uint256 _amount);
/**
* @notice Emitted when the reward amount is added
* @param _reward The new reward amount
*/
event RewardAdded(uint256 _reward);
/**
* @notice Emitted when the rewards duration is updated
* @param _oldRewardsDuration The previous rewards duration
* @param _rewardsDuration The new rewards duration
*/
event RewardsDurationUpdated(uint256 _oldRewardsDuration, uint256 _rewardsDuration);
/**
* @notice Emitted when the dust tokens are collected
* @param _owner The owner that collected the dust tokens
* @param _token The token address
* @param _amount The amount of tokens collected
*/
event DustCollected(address indexed _owner, IERC20 _token, uint256 _amount);
/**
* @notice Emitted when the staked deposits and the rewards are retracted by the owner
* @param _owner The owner that withdrew the tokens
* @param _amount The amount of tokens retracted
*/
event EmergencyWithdrawn(address indexed _owner, uint256 _amount);
/**
* @notice Emitted when the withdrawal period is updated
* @param _oldWithdrawalPeriod The previous withdrawal period
* @param _withdrawalPeriod The new withdrawal period
*/
event WithdrawalPeriodUpdated(uint256 _oldWithdrawalPeriod, uint256 _withdrawalPeriod);
/**
* @notice Emitted when the distributor address is updated
* @param _oldDistributor The previous distributor
* @param _distributor The new distributor
*/
event DistributorUpdated(IDistributor _oldDistributor, IDistributor _distributor);
/*///////////////////////////////////////////////////////////////
ERRORS
///////////////////////////////////////////////////////////////*/
/**
* @notice Throws if the provided amount is zero
*/
error ZeroAmount();
/**
* @notice Throws if the deposit with the given index does not exist
*/
error InvalidDepositIndex();
/**
* @notice Throws if trying to withdraw a locked deposit
*/
error DepositLocked();
/**
* @notice Throws if the lockup period is invalid
*/
error InvalidLockupPeriod();
/**
* @notice Throws if the staking contract has insufficient balance to pay the rewards at the given rate
*/
error InsufficientBalance();
/**
* @notice Throws if the period is not finished
*/
error PeriodNotFinished();
/**
* @notice Throws if the token is invalid
*/
error InvalidToken();
/**
* @notice Throws if the caller is not the distributor
*/
error OnlyDistributor();
/**
* @notice Throws if the caller is trying to add tokens to a locked deposit
*/
error CannotIncreaseLockedStake();
/**
* @notice Throws if the withdrawal is not initiated while trying to withdraw
*/
error WithdrawalNotInitiated();
/**
* @notice Throws if the caller is trying to initiate a withdrawal of a deposit that's already in the withdrawal process
*/
error WithdrawalAlreadyInitiated();
/**
* @notice Throws if the withdrawal period is not over while trying to withdraw
*/
error DepositNotWithdrawable();
/*///////////////////////////////////////////////////////////////
VARIABLES
///////////////////////////////////////////////////////////////*/
/**
* @notice The address of the token contract
* @return _token The token contract
*/
function token() external view returns (IERC20 _token);
/**
* @notice The address of the distributor contract
* @return _distributor The distributor contract
*/
function distributor() external view returns (IDistributor _distributor);
/**
* @notice The time period in seconds over which rewards are distributed
* @return _rewardsDuration The rewards duration
*/
function rewardsDuration() external view returns (uint256 _rewardsDuration);
/**
* @notice Returns the timestamp of the last block at which the rewards will be distributed
* @return _periodFinish The end of the rewards period
*/
function periodFinish() external view returns (uint256 _periodFinish);
/**
* @notice The amount of rewards given to the stakers every second
* @return _rewardPerSecond The amount of reward per second
*/
function rewardPerSecond() external view returns (uint256 _rewardPerSecond);
/**
* @notice The time the reward per second was updated
* @return _lastUpdateTime The last time the reward per second was updated
*/
function lastUpdateTime() external view returns (uint256 _lastUpdateTime);
/**
* @notice The total weight of the deposits in the contract
* @return _totalWeights The total weight of the deposits
*/
function totalWeights() external view returns (uint256 _totalWeights);
/**
* @notice The total amount of tokens staked in the contract
* @return _totalDeposits The amount of tokens staked in the contract
*/
function totalDeposits() external view returns (uint256 _totalDeposits);
/**
* @notice The amount of tokens intended to be distributed as rewards
* @return _totalRewards The total reward amount
*/
function totalRewards() external view returns (uint256 _totalRewards);
/**
* @notice The reward generated per staker's share of the pool
* @return _rewardPerShare The reward per share
*/
function rewardPerShare() external view returns (uint256 _rewardPerShare);
/**
* @notice The time period in seconds after which the staker can withdraw their tokens
* @dev This is only needed for non-lockup deposits
* @return _withdrawalPeriod The withdrawal period
*/
function withdrawalPeriod() external view returns (uint256 _withdrawalPeriod);
/**
* @notice Provides information about a given staker
* @param _user The staker's address
* @return _weight The total weight of the staker's deposits
* @return _depositCount The number of deposits the staker has
* @return _rewardPerShareSnapshot The amount of rewards per share as seen at the last update
* @return _pendingRewards The amount of rewards pending to be claimed by the staker
*/
function stakers(address _user)
external
view
returns (uint128 _weight, uint128 _depositCount, uint128 _rewardPerShareSnapshot, uint128 _pendingRewards);
/**
* @notice Returns a user's deposit with the given index
* @param _user The address of the user
* @param _depositIndex The index of the deposit
* @return _amount The amount of tokens deposited
* @return _unlockAt The timestamp when the tokens can be withdrawn
* @return _lockupPeriod The period the tokens are locked to get the bonus
* @return _index The index of the deposit
*/
function deposits(
address _user,
uint256 _depositIndex
) external view returns (uint128 _amount, uint40 _unlockAt, uint32 _lockupPeriod, uint16 _index, uint40 _withdrawAt);
/*///////////////////////////////////////////////////////////////
EXTERNAL FUNCTIONS
///////////////////////////////////////////////////////////////*/
/**
* @notice The list of deposits of the user
* @param _user The address of the user
* @param _startFrom The index to start from
* @param _batchSize The size of the batch
* @return _list The list of deposits
*/
function listDeposits(
address _user,
uint256 _startFrom,
uint256 _batchSize
) external view returns (Deposit[] memory _list);
/**
* @notice Calculates APY based on the given amount and the lockup period
* @param _amount The amount of tokens to stake
* @param _lockupPeriod The lockup period
* @return _apy The APY the staker would get
*/
function calculateAPY(uint256 _amount, uint256 _lockupPeriod) external view returns (uint256 _apy);
/**
* @notice Returns the APY of an existing deposit
* @param _user The staker address
* @param _index The index of the deposit
* @return _apy The APY the deposit is generating
*/
function calculateAPY(address _user, uint256 _index) external view returns (uint256 _apy);
/**
* @notice The amount of pending rewards the staker has
* @param _user The address of the user
* @return _pendingRewards The amount of the rewards ready to be claimed
*/
function pendingRewards(address _user) external view returns (uint256 _pendingRewards);
/**
* @notice The stake function
* @param _amount The amount of tokens
* @param _lockupPeriod The lockup period, must be either 0 or one of the allowed lockup periods
*/
function stake(uint256 _amount, uint256 _lockupPeriod) external;
/**
* @notice The stake function for the distributor, allowing to stake on behalf of another address
* @param _amount The amount of tokens
* @param _lockupPeriod The lockup period, must be either 0 or one of the allowed lockup periods
* @param _user The address of the user to stake for
*/
function stake(uint256 _amount, uint256 _lockupPeriod, address _user) external;
/**
* @notice Add the provided amount of tokens to an existing stake
* @param _amount The amount of tokens to add
* @param _index The index of the deposit to increase
*/
function increaseStake(uint256 _index, uint256 _amount) external;
/**
* @notice Claims pending rewards and adds them to an existing stake
* @param _index The index of the deposit to increase
*/
function getRewardAndIncreaseStake(uint256 _index) external;
/**
* @notice Initiates a withdrawal of the deposit
* @dev The tokens will be locked for the withdrawal period
* @dev Only needed for non-lockup deposits
* @param _index The index of the deposit to withdraw
*/
function initiateWithdrawal(uint256 _index) external;
/**
* @notice Cancels the withdrawal of the deposit
* @param _index The index of the deposit to cancel the withdrawal
*/
function cancelWithdrawal(uint256 _index) external;
/**
* @notice The withdraw function
* @param _index The index of the deposit to withdraw
*/
function withdraw(uint256 _index) external;
/**
* @notice Transfers pending rewards to the caller
*/
function getReward() external;
/**
* @notice Claims the pending rewards and creates an unlocked deposit from them
* @param _lockupPeriod The lockup period, must be either 0 or one of the allowed lockup periods
*/
function getRewardAndStake(uint256 _lockupPeriod) external;
/**
* @notice Updates the total amount of rewards for the stakers
* @param _reward The new reward amount
*/
function setRewardAmount(uint256 _reward) external;
/**
* @notice Updates the rewards duration
* @param _rewardsDuration The new rewards duration
*/
function setRewardsDuration(uint256 _rewardsDuration) external;
/**
* @notice Updates the distributor address
* @param _distributor The new distributor
*/
function setDistributorAddress(IDistributor _distributor) external;
/**
* @notice Sends any dust tokens to the owner
* @param _token The token address
* @param _amount The amount of tokens to withdraw
*/
function collectDust(IERC20 _token, uint256 _amount) external;
/**
* @notice An emergency function which sends the specified number of tokens to the owner
* @param _amount The amount of tokens to withdraw
*/
function emergencyWithdraw(uint256 _amount) external;
/**
* @notice Updates the withdrawal period
* @param _withdrawalPeriod The new withdrawal period
*/
function setWithdrawalPeriod(uint256 _withdrawalPeriod) external;
/**
* @notice Pauses the staking and withdrawals
*/
function pause() external;
/**
* @notice Unpauses the staking and withdrawals
*/
function unpause() external;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable2Step.sol)
pragma solidity ^0.8.20;
import {Ownable} from "./Ownable.sol";
/**
* @dev Contract module which provides access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* The initial owner is specified at deployment time in the constructor for `Ownable`. This
* can later be changed with {transferOwnership} and {acceptOwnership}.
*
* This module is used through inheritance. It will make available all functions
* from parent (Ownable).
*/
abstract contract Ownable2Step is Ownable {
address private _pendingOwner;
event OwnershipTransferStarted(address indexed previousOwner, address indexed newOwner);
/**
* @dev Returns the address of the pending owner.
*/
function pendingOwner() public view virtual returns (address) {
return _pendingOwner;
}
/**
* @dev Starts the ownership transfer of the contract to a new account. Replaces the pending transfer if there is one.
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual override onlyOwner {
_pendingOwner = newOwner;
emit OwnershipTransferStarted(owner(), newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`) and deletes any pending owner.
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual override {
delete _pendingOwner;
super._transferOwnership(newOwner);
}
/**
* @dev The new owner accepts the ownership transfer.
*/
function acceptOwnership() public virtual {
address sender = _msgSender();
if (pendingOwner() != sender) {
revert OwnableUnauthorizedAccount(sender);
}
_transferOwnership(sender);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
import {IERC20Permit} from "../extensions/IERC20Permit.sol";
import {Address} from "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
/**
* @dev An operation with an ERC20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value));
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeCall(token.approve, (spender, 0)));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data);
if (returndata.length != 0 && !abi.decode(returndata, (bool))) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false
// and not revert is the subcall reverts.
(bool success, bytes memory returndata) = address(token).call(data);
return success && (returndata.length == 0 || abi.decode(returndata, (bool))) && address(token).code.length > 0;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/cryptography/ECDSA.sol)
pragma solidity ^0.8.20;
/**
* @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
*
* These functions can be used to verify that a message was signed by the holder
* of the private keys of a given address.
*/
library ECDSA {
enum RecoverError {
NoError,
InvalidSignature,
InvalidSignatureLength,
InvalidSignatureS
}
/**
* @dev The signature derives the `address(0)`.
*/
error ECDSAInvalidSignature();
/**
* @dev The signature has an invalid length.
*/
error ECDSAInvalidSignatureLength(uint256 length);
/**
* @dev The signature has an S value that is in the upper half order.
*/
error ECDSAInvalidSignatureS(bytes32 s);
/**
* @dev Returns the address that signed a hashed message (`hash`) with `signature` or an error. This will not
* return address(0) without also returning an error description. Errors are documented using an enum (error type)
* and a bytes32 providing additional information about the error.
*
* If no error is returned, then the address can be used for verification purposes.
*
* The `ecrecover` EVM precompile allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {MessageHashUtils-toEthSignedMessageHash} on it.
*
* Documentation for signature generation:
* - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
* - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
*/
function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError, bytes32) {
if (signature.length == 65) {
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them
// currently is to use assembly.
/// @solidity memory-safe-assembly
assembly {
r := mload(add(signature, 0x20))
s := mload(add(signature, 0x40))
v := byte(0, mload(add(signature, 0x60)))
}
return tryRecover(hash, v, r, s);
} else {
return (address(0), RecoverError.InvalidSignatureLength, bytes32(signature.length));
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature`. This address can then be used for verification purposes.
*
* The `ecrecover` EVM precompile allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {MessageHashUtils-toEthSignedMessageHash} on it.
*/
function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
(address recovered, RecoverError error, bytes32 errorArg) = tryRecover(hash, signature);
_throwError(error, errorArg);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
*
* See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
*/
function tryRecover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address, RecoverError, bytes32) {
unchecked {
bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
// We do not check for an overflow here since the shift operation results in 0 or 1.
uint8 v = uint8((uint256(vs) >> 255) + 27);
return tryRecover(hash, v, r, s);
}
}
/**
* @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
*/
function recover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address) {
(address recovered, RecoverError error, bytes32 errorArg) = tryRecover(hash, r, vs);
_throwError(error, errorArg);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `v`,
* `r` and `s` signature fields separately.
*/
function tryRecover(
bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internal pure returns (address, RecoverError, bytes32) {
// EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
// unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
// the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most
// signatures from current libraries generate a unique signature with an s-value in the lower half order.
//
// If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
// with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
// vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
// these malleable signatures as well.
if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
return (address(0), RecoverError.InvalidSignatureS, s);
}
// If the signature is valid (and not malleable), return the signer address
address signer = ecrecover(hash, v, r, s);
if (signer == address(0)) {
return (address(0), RecoverError.InvalidSignature, bytes32(0));
}
return (signer, RecoverError.NoError, bytes32(0));
}
/**
* @dev Overload of {ECDSA-recover} that receives the `v`,
* `r` and `s` signature fields separately.
*/
function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal pure returns (address) {
(address recovered, RecoverError error, bytes32 errorArg) = tryRecover(hash, v, r, s);
_throwError(error, errorArg);
return recovered;
}
/**
* @dev Optionally reverts with the corresponding custom error according to the `error` argument provided.
*/
function _throwError(RecoverError error, bytes32 errorArg) private pure {
if (error == RecoverError.NoError) {
return; // no error: do nothing
} else if (error == RecoverError.InvalidSignature) {
revert ECDSAInvalidSignature();
} else if (error == RecoverError.InvalidSignatureLength) {
revert ECDSAInvalidSignatureLength(uint256(errorArg));
} else if (error == RecoverError.InvalidSignatureS) {
revert ECDSAInvalidSignatureS(errorArg);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/cryptography/MerkleProof.sol)
pragma solidity ^0.8.20;
/**
* @dev These functions deal with verification of Merkle Tree proofs.
*
* The tree and the proofs can be generated using our
* https://github.com/OpenZeppelin/merkle-tree[JavaScript library].
* You will find a quickstart guide in the readme.
*
* WARNING: You should avoid using leaf values that are 64 bytes long prior to
* hashing, or use a hash function other than keccak256 for hashing leaves.
* This is because the concatenation of a sorted pair of internal nodes in
* the Merkle tree could be reinterpreted as a leaf value.
* OpenZeppelin's JavaScript library generates Merkle trees that are safe
* against this attack out of the box.
*/
library MerkleProof {
/**
*@dev The multiproof provided is not valid.
*/
error MerkleProofInvalidMultiproof();
/**
* @dev Returns true if a `leaf` can be proved to be a part of a Merkle tree
* defined by `root`. For this, a `proof` must be provided, containing
* sibling hashes on the branch from the leaf to the root of the tree. Each
* pair of leaves and each pair of pre-images are assumed to be sorted.
*/
function verify(bytes32[] memory proof, bytes32 root, bytes32 leaf) internal pure returns (bool) {
return processProof(proof, leaf) == root;
}
/**
* @dev Calldata version of {verify}
*/
function verifyCalldata(bytes32[] calldata proof, bytes32 root, bytes32 leaf) internal pure returns (bool) {
return processProofCalldata(proof, leaf) == root;
}
/**
* @dev Returns the rebuilt hash obtained by traversing a Merkle tree up
* from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt
* hash matches the root of the tree. When processing the proof, the pairs
* of leafs & pre-images are assumed to be sorted.
*/
function processProof(bytes32[] memory proof, bytes32 leaf) internal pure returns (bytes32) {
bytes32 computedHash = leaf;
for (uint256 i = 0; i < proof.length; i++) {
computedHash = _hashPair(computedHash, proof[i]);
}
return computedHash;
}
/**
* @dev Calldata version of {processProof}
*/
function processProofCalldata(bytes32[] calldata proof, bytes32 leaf) internal pure returns (bytes32) {
bytes32 computedHash = leaf;
for (uint256 i = 0; i < proof.length; i++) {
computedHash = _hashPair(computedHash, proof[i]);
}
return computedHash;
}
/**
* @dev Returns true if the `leaves` can be simultaneously proven to be a part of a Merkle tree defined by
* `root`, according to `proof` and `proofFlags` as described in {processMultiProof}.
*
* CAUTION: Not all Merkle trees admit multiproofs. See {processMultiProof} for details.
*/
function multiProofVerify(
bytes32[] memory proof,
bool[] memory proofFlags,
bytes32 root,
bytes32[] memory leaves
) internal pure returns (bool) {
return processMultiProof(proof, proofFlags, leaves) == root;
}
/**
* @dev Calldata version of {multiProofVerify}
*
* CAUTION: Not all Merkle trees admit multiproofs. See {processMultiProof} for details.
*/
function multiProofVerifyCalldata(
bytes32[] calldata proof,
bool[] calldata proofFlags,
bytes32 root,
bytes32[] memory leaves
) internal pure returns (bool) {
return processMultiProofCalldata(proof, proofFlags, leaves) == root;
}
/**
* @dev Returns the root of a tree reconstructed from `leaves` and sibling nodes in `proof`. The reconstruction
* proceeds by incrementally reconstructing all inner nodes by combining a leaf/inner node with either another
* leaf/inner node or a proof sibling node, depending on whether each `proofFlags` item is true or false
* respectively.
*
* CAUTION: Not all Merkle trees admit multiproofs. To use multiproofs, it is sufficient to ensure that: 1) the tree
* is complete (but not necessarily perfect), 2) the leaves to be proven are in the opposite order they are in the
* tree (i.e., as seen from right to left starting at the deepest layer and continuing at the next layer).
*/
function processMultiProof(
bytes32[] memory proof,
bool[] memory proofFlags,
bytes32[] memory leaves
) internal pure returns (bytes32 merkleRoot) {
// This function rebuilds the root hash by traversing the tree up from the leaves. The root is rebuilt by
// consuming and producing values on a queue. The queue starts with the `leaves` array, then goes onto the
// `hashes` array. At the end of the process, the last hash in the `hashes` array should contain the root of
// the Merkle tree.
uint256 leavesLen = leaves.length;
uint256 proofLen = proof.length;
uint256 totalHashes = proofFlags.length;
// Check proof validity.
if (leavesLen + proofLen != totalHashes + 1) {
revert MerkleProofInvalidMultiproof();
}
// The xxxPos values are "pointers" to the next value to consume in each array. All accesses are done using
// `xxx[xxxPos++]`, which return the current value and increment the pointer, thus mimicking a queue's "pop".
bytes32[] memory hashes = new bytes32[](totalHashes);
uint256 leafPos = 0;
uint256 hashPos = 0;
uint256 proofPos = 0;
// At each step, we compute the next hash using two values:
// - a value from the "main queue". If not all leaves have been consumed, we get the next leaf, otherwise we
// get the next hash.
// - depending on the flag, either another value from the "main queue" (merging branches) or an element from the
// `proof` array.
for (uint256 i = 0; i < totalHashes; i++) {
bytes32 a = leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++];
bytes32 b = proofFlags[i]
? (leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++])
: proof[proofPos++];
hashes[i] = _hashPair(a, b);
}
if (totalHashes > 0) {
if (proofPos != proofLen) {
revert MerkleProofInvalidMultiproof();
}
unchecked {
return hashes[totalHashes - 1];
}
} else if (leavesLen > 0) {
return leaves[0];
} else {
return proof[0];
}
}
/**
* @dev Calldata version of {processMultiProof}.
*
* CAUTION: Not all Merkle trees admit multiproofs. See {processMultiProof} for details.
*/
function processMultiProofCalldata(
bytes32[] calldata proof,
bool[] calldata proofFlags,
bytes32[] memory leaves
) internal pure returns (bytes32 merkleRoot) {
// This function rebuilds the root hash by traversing the tree up from the leaves. The root is rebuilt by
// consuming and producing values on a queue. The queue starts with the `leaves` array, then goes onto the
// `hashes` array. At the end of the process, the last hash in the `hashes` array should contain the root of
// the Merkle tree.
uint256 leavesLen = leaves.length;
uint256 proofLen = proof.length;
uint256 totalHashes = proofFlags.length;
// Check proof validity.
if (leavesLen + proofLen != totalHashes + 1) {
revert MerkleProofInvalidMultiproof();
}
// The xxxPos values are "pointers" to the next value to consume in each array. All accesses are done using
// `xxx[xxxPos++]`, which return the current value and increment the pointer, thus mimicking a queue's "pop".
bytes32[] memory hashes = new bytes32[](totalHashes);
uint256 leafPos = 0;
uint256 hashPos = 0;
uint256 proofPos = 0;
// At each step, we compute the next hash using two values:
// - a value from the "main queue". If not all leaves have been consumed, we get the next leaf, otherwise we
// get the next hash.
// - depending on the flag, either another value from the "main queue" (merging branches) or an element from the
// `proof` array.
for (uint256 i = 0; i < totalHashes; i++) {
bytes32 a = leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++];
bytes32 b = proofFlags[i]
? (leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++])
: proof[proofPos++];
hashes[i] = _hashPair(a, b);
}
if (totalHashes > 0) {
if (proofPos != proofLen) {
revert MerkleProofInvalidMultiproof();
}
unchecked {
return hashes[totalHashes - 1];
}
} else if (leavesLen > 0) {
return leaves[0];
} else {
return proof[0];
}
}
/**
* @dev Sorts the pair (a, b) and hashes the result.
*/
function _hashPair(bytes32 a, bytes32 b) private pure returns (bytes32) {
return a < b ? _efficientHash(a, b) : _efficientHash(b, a);
}
/**
* @dev Implementation of keccak256(abi.encode(a, b)) that doesn't allocate or expand memory.
*/
function _efficientHash(bytes32 a, bytes32 b) private pure returns (bytes32 value) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, a)
mstore(0x20, b)
value := keccak256(0x00, 0x40)
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/cryptography/MessageHashUtils.sol)
pragma solidity ^0.8.20;
import {Strings} from "../Strings.sol";
/**
* @dev Signature message hash utilities for producing digests to be consumed by {ECDSA} recovery or signing.
*
* The library provides methods for generating a hash of a message that conforms to the
* https://eips.ethereum.org/EIPS/eip-191[EIP 191] and https://eips.ethereum.org/EIPS/eip-712[EIP 712]
* specifications.
*/
library MessageHashUtils {
/**
* @dev Returns the keccak256 digest of an EIP-191 signed data with version
* `0x45` (`personal_sign` messages).
*
* The digest is calculated by prefixing a bytes32 `messageHash` with
* `"\x19Ethereum Signed Message:\n32"` and hashing the result. It corresponds with the
* hash signed when using the https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`] JSON-RPC method.
*
* NOTE: The `messageHash` parameter is intended to be the result of hashing a raw message with
* keccak256, although any bytes32 value can be safely used because the final digest will
* be re-hashed.
*
* See {ECDSA-recover}.
*/
function toEthSignedMessageHash(bytes32 messageHash) internal pure returns (bytes32 digest) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, "\x19Ethereum Signed Message:\n32") // 32 is the bytes-length of messageHash
mstore(0x1c, messageHash) // 0x1c (28) is the length of the prefix
digest := keccak256(0x00, 0x3c) // 0x3c is the length of the prefix (0x1c) + messageHash (0x20)
}
}
/**
* @dev Returns the keccak256 digest of an EIP-191 signed data with version
* `0x45` (`personal_sign` messages).
*
* The digest is calculated by prefixing an arbitrary `message` with
* `"\x19Ethereum Signed Message:\n" + len(message)` and hashing the result. It corresponds with the
* hash signed when using the https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`] JSON-RPC method.
*
* See {ECDSA-recover}.
*/
function toEthSignedMessageHash(bytes memory message) internal pure returns (bytes32) {
return
keccak256(bytes.concat("\x19Ethereum Signed Message:\n", bytes(Strings.toString(message.length)), message));
}
/**
* @dev Returns the keccak256 digest of an EIP-191 signed data with version
* `0x00` (data with intended validator).
*
* The digest is calculated by prefixing an arbitrary `data` with `"\x19\x00"` and the intended
* `validator` address. Then hashing the result.
*
* See {ECDSA-recover}.
*/
function toDataWithIntendedValidatorHash(address validator, bytes memory data) internal pure returns (bytes32) {
return keccak256(abi.encodePacked(hex"19_00", validator, data));
}
/**
* @dev Returns the keccak256 digest of an EIP-712 typed data (EIP-191 version `0x01`).
*
* The digest is calculated from a `domainSeparator` and a `structHash`, by prefixing them with
* `\x19\x01` and hashing the result. It corresponds to the hash signed by the
* https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`] JSON-RPC method as part of EIP-712.
*
* See {ECDSA-recover}.
*/
function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32 digest) {
/// @solidity memory-safe-assembly
assembly {
let ptr := mload(0x40)
mstore(ptr, hex"19_01")
mstore(add(ptr, 0x02), domainSeparator)
mstore(add(ptr, 0x22), structHash)
digest := keccak256(ptr, 0x42)
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)
pragma solidity ^0.8.20;
import {Context} from "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* The initial owner is set to the address provided by the deployer. This can
* later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
/**
* @dev The caller account is not authorized to perform an operation.
*/
error OwnableUnauthorizedAccount(address account);
/**
* @dev The owner is not a valid owner account. (eg. `address(0)`)
*/
error OwnableInvalidOwner(address owner);
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the address provided by the deployer as the initial owner.
*/
constructor(address initialOwner) {
if (initialOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(initialOwner);
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
if (owner() != _msgSender()) {
revert OwnableUnauthorizedAccount(_msgSender());
}
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
if (newOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/IERC20Permit.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*
* ==== Security Considerations
*
* There are two important considerations concerning the use of `permit`. The first is that a valid permit signature
* expresses an allowance, and it should not be assumed to convey additional meaning. In particular, it should not be
* considered as an intention to spend the allowance in any specific way. The second is that because permits have
* built-in replay protection and can be submitted by anyone, they can be frontrun. A protocol that uses permits should
* take this into consideration and allow a `permit` call to fail. Combining these two aspects, a pattern that may be
* generally recommended is:
*
* ```solidity
* function doThingWithPermit(..., uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s) public {
* try token.permit(msg.sender, address(this), value, deadline, v, r, s) {} catch {}
* doThing(..., value);
* }
*
* function doThing(..., uint256 value) public {
* token.safeTransferFrom(msg.sender, address(this), value);
* ...
* }
* ```
*
* Observe that: 1) `msg.sender` is used as the owner, leaving no ambiguity as to the signer intent, and 2) the use of
* `try/catch` allows the permit to fail and makes the code tolerant to frontrunning. (See also
* {SafeERC20-safeTransferFrom}).
*
* Additionally, note that smart contract wallets (such as Argent or Safe) are not able to produce permit signatures, so
* contracts should have entry points that don't rely on permit.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*
* CAUTION: See Security Considerations above.
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/Address.sol)
pragma solidity ^0.8.20;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev The ETH balance of the account is not enough to perform the operation.
*/
error AddressInsufficientBalance(address account);
/**
* @dev There's no code at `target` (it is not a contract).
*/
error AddressEmptyCode(address target);
/**
* @dev A call to an address target failed. The target may have reverted.
*/
error FailedInnerCall();
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
if (address(this).balance < amount) {
revert AddressInsufficientBalance(address(this));
}
(bool success, ) = recipient.call{value: amount}("");
if (!success) {
revert FailedInnerCall();
}
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason or custom error, it is bubbled
* up by this function (like regular Solidity function calls). However, if
* the call reverted with no returned reason, this function reverts with a
* {FailedInnerCall} error.
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
if (address(this).balance < value) {
revert AddressInsufficientBalance(address(this));
}
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target
* was not a contract or bubbling up the revert reason (falling back to {FailedInnerCall}) in case of an
* unsuccessful call.
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata
) internal view returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
// only check if target is a contract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
if (returndata.length == 0 && target.code.length == 0) {
revert AddressEmptyCode(target);
}
return returndata;
}
}
/**
* @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the
* revert reason or with a default {FailedInnerCall} error.
*/
function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
return returndata;
}
}
/**
* @dev Reverts with returndata if present. Otherwise reverts with {FailedInnerCall}.
*/
function _revert(bytes memory returndata) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert FailedInnerCall();
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/Strings.sol)
pragma solidity ^0.8.20;
import {Math} from "./math/Math.sol";
import {SignedMath} from "./math/SignedMath.sol";
/**
* @dev String operations.
*/
library Strings {
bytes16 private constant HEX_DIGITS = "0123456789abcdef";
uint8 private constant ADDRESS_LENGTH = 20;
/**
* @dev The `value` string doesn't fit in the specified `length`.
*/
error StringsInsufficientHexLength(uint256 value, uint256 length);
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/
function toString(uint256 value) internal pure returns (string memory) {
unchecked {
uint256 length = Math.log10(value) + 1;
string memory buffer = new string(length);
uint256 ptr;
/// @solidity memory-safe-assembly
assembly {
ptr := add(buffer, add(32, length))
}
while (true) {
ptr--;
/// @solidity memory-safe-assembly
assembly {
mstore8(ptr, byte(mod(value, 10), HEX_DIGITS))
}
value /= 10;
if (value == 0) break;
}
return buffer;
}
}
/**
* @dev Converts a `int256` to its ASCII `string` decimal representation.
*/
function toStringSigned(int256 value) internal pure returns (string memory) {
return string.concat(value < 0 ? "-" : "", toString(SignedMath.abs(value)));
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/
function toHexString(uint256 value) internal pure returns (string memory) {
unchecked {
return toHexString(value, Math.log256(value) + 1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
uint256 localValue = value;
bytes memory buffer = new bytes(2 * length + 2);
buffer[0] = "0";
buffer[1] = "x";
for (uint256 i = 2 * length + 1; i > 1; --i) {
buffer[i] = HEX_DIGITS[localValue & 0xf];
localValue >>= 4;
}
if (localValue != 0) {
revert StringsInsufficientHexLength(value, length);
}
return string(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal
* representation.
*/
function toHexString(address addr) internal pure returns (string memory) {
return toHexString(uint256(uint160(addr)), ADDRESS_LENGTH);
}
/**
* @dev Returns true if the two strings are equal.
*/
function equal(string memory a, string memory b) internal pure returns (bool) {
return bytes(a).length == bytes(b).length && keccak256(bytes(a)) == keccak256(bytes(b));
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/math/Math.sol)
pragma solidity ^0.8.20;
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
/**
* @dev Muldiv operation overflow.
*/
error MathOverflowedMulDiv();
enum Rounding {
Floor, // Toward negative infinity
Ceil, // Toward positive infinity
Trunc, // Toward zero
Expand // Away from zero
}
/**
* @dev Returns the addition of two unsigned integers, with an overflow flag.
*/
function tryAdd(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
uint256 c = a + b;
if (c < a) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with an overflow flag.
*/
function trySub(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b > a) return (false, 0);
return (true, a - b);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with an overflow flag.
*/
function tryMul(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) return (true, 0);
uint256 c = a * b;
if (c / a != b) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the division of two unsigned integers, with a division by zero flag.
*/
function tryDiv(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b == 0) return (false, 0);
return (true, a / b);
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a division by zero flag.
*/
function tryMod(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b == 0) return (false, 0);
return (true, a % b);
}
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds towards infinity instead
* of rounding towards zero.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
if (b == 0) {
// Guarantee the same behavior as in a regular Solidity division.
return a / b;
}
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
* denominator == 0.
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
* Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0 = x * y; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
if (denominator <= prod1) {
revert MathOverflowedMulDiv();
}
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator.
// Always >= 1. See https://cs.stackexchange.com/q/138556/92363.
uint256 twos = denominator & (0 - denominator);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
// works in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded
* towards zero.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (unsignedRoundsUp(rounding) && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (unsignedRoundsUp(rounding) && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (unsignedRoundsUp(rounding) && 10 ** result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256 of a positive value rounded towards zero.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (unsignedRoundsUp(rounding) && 1 << (result << 3) < value ? 1 : 0);
}
}
/**
* @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.
*/
function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) {
return uint8(rounding) % 2 == 1;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/math/SignedMath.sol)
pragma solidity ^0.8.20;
/**
* @dev Standard signed math utilities missing in the Solidity language.
*/
library SignedMath {
/**
* @dev Returns the largest of two signed numbers.
*/
function max(int256 a, int256 b) internal pure returns (int256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two signed numbers.
*/
function min(int256 a, int256 b) internal pure returns (int256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two signed numbers without overflow.
* The result is rounded towards zero.
*/
function average(int256 a, int256 b) internal pure returns (int256) {
// Formula from the book "Hacker's Delight"
int256 x = (a & b) + ((a ^ b) >> 1);
return x + (int256(uint256(x) >> 255) & (a ^ b));
}
/**
* @dev Returns the absolute unsigned value of a signed value.
*/
function abs(int256 n) internal pure returns (uint256) {
unchecked {
// must be unchecked in order to support `n = type(int256).min`
return uint256(n >= 0 ? n : -n);
}
}
}{
"remappings": [
"ds-test/=node_modules/ds-test/src/",
"forge-std/=node_modules/forge-std/src/",
"openzeppelin/=node_modules/@openzeppelin/contracts/",
"openzeppelin-upgradeable/=node_modules/@openzeppelin/contracts-upgradeable/",
"contracts/=src/contracts/",
"interfaces/=src/interfaces/",
"@openzeppelin/=node_modules/@openzeppelin/",
"openzeppelin-foundry-upgrades/=lib/openzeppelin-foundry-upgrades/src/",
"solhint/=node_modules/solhint/",
"solidity-stringutils/=lib/openzeppelin-foundry-upgrades/lib/solidity-stringutils/"
],
"optimizer": {
"enabled": true,
"runs": 10000
},
"metadata": {
"useLiteralContent": false,
"bytecodeHash": "ipfs",
"appendCBOR": true
},
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
},
"evmVersion": "paris",
"viaIR": false,
"libraries": {}
}Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
[{"inputs":[{"internalType":"bytes32","name":"_merkleRoot","type":"bytes32"},{"internalType":"address","name":"_signer","type":"address"},{"internalType":"contract IERC20","name":"_token","type":"address"},{"internalType":"address","name":"_staking","type":"address"},{"internalType":"address","name":"_owner","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"inputs":[{"internalType":"address","name":"target","type":"address"}],"name":"AddressEmptyCode","type":"error"},{"inputs":[{"internalType":"address","name":"account","type":"address"}],"name":"AddressInsufficientBalance","type":"error"},{"inputs":[],"name":"AlreadyClaimed","type":"error"},{"inputs":[],"name":"ECDSAInvalidSignature","type":"error"},{"inputs":[{"internalType":"uint256","name":"length","type":"uint256"}],"name":"ECDSAInvalidSignatureLength","type":"error"},{"inputs":[{"internalType":"bytes32","name":"s","type":"bytes32"}],"name":"ECDSAInvalidSignatureS","type":"error"},{"inputs":[],"name":"FailedInnerCall","type":"error"},{"inputs":[],"name":"InvalidNewSigner","type":"error"},{"inputs":[],"name":"InvalidProof","type":"error"},{"inputs":[],"name":"InvalidSigner","type":"error"},{"inputs":[],"name":"InvalidToken","type":"error"},{"inputs":[{"internalType":"address","name":"owner","type":"address"}],"name":"OwnableInvalidOwner","type":"error"},{"inputs":[{"internalType":"address","name":"account","type":"address"}],"name":"OwnableUnauthorizedAccount","type":"error"},{"inputs":[{"internalType":"address","name":"token","type":"address"}],"name":"SafeERC20FailedOperation","type":"error"},{"inputs":[],"name":"ZeroAmount","type":"error"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"_account","type":"address"},{"indexed":false,"internalType":"uint256","name":"_amount","type":"uint256"}],"name":"Claimed","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"_account","type":"address"},{"indexed":false,"internalType":"uint256","name":"_amount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"_lockupPeriod","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"_timestamp","type":"uint256"}],"name":"ClaimedAndStaked","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"_owner","type":"address"},{"indexed":true,"internalType":"contract IERC20","name":"_token","type":"address"},{"indexed":false,"internalType":"uint256","name":"_amount","type":"uint256"}],"name":"DustCollected","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"_owner","type":"address"},{"indexed":false,"internalType":"uint256","name":"_amount","type":"uint256"}],"name":"EmergencyWithdrawn","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"previousOwner","type":"address"},{"indexed":true,"internalType":"address","name":"newOwner","type":"address"}],"name":"OwnershipTransferStarted","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"previousOwner","type":"address"},{"indexed":true,"internalType":"address","name":"newOwner","type":"address"}],"name":"OwnershipTransferred","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"_oldSigner","type":"address"},{"indexed":true,"internalType":"address","name":"_newSigner","type":"address"}],"name":"SignerUpdated","type":"event"},{"inputs":[],"name":"MERKLE_ROOT","outputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"STAKING","outputs":[{"internalType":"contract IStaking","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"TOKEN","outputs":[{"internalType":"contract IERC20","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"acceptOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"amount","type":"uint256"},{"internalType":"bytes32[]","name":"merkleProof","type":"bytes32[]"},{"internalType":"bytes","name":"signature","type":"bytes"}],"name":"claim","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"amount","type":"uint256"},{"internalType":"bytes32[]","name":"merkleProof","type":"bytes32[]"},{"internalType":"bytes","name":"signature","type":"bytes"},{"internalType":"uint32","name":"lockupPeriod","type":"uint32"}],"name":"claimAndStake","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"contract IERC20","name":"token","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"}],"name":"collectDust","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"amount","type":"uint256"}],"name":"emergencyWithdraw","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"}],"name":"hasClaimed","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"owner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"pendingOwner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"renounceOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"signer","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"newOwner","type":"address"}],"name":"transferOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"newSigner","type":"address"}],"name":"updateSigner","outputs":[],"stateMutability":"nonpayable","type":"function"}]Contract Creation Code
60e06040523480156200001157600080fd5b50604051620018da380380620018da83398101604081905262000034916200019c565b806001600160a01b0381166200006457604051631e4fbdf760e01b81526000600482015260240160405180910390fd5b6200006f816200009e565b5060808590526001600160a01b0380841660a052821660c0526200009384620000bc565b505050505062000210565b600180546001600160a01b0319169055620000b98162000136565b50565b6001600160a01b038116620000e457604051633875382760e11b815260040160405180910390fd5b600280546001600160a01b038381166001600160a01b0319831681179093556040519116919082907f2d025324f0a785e8c12d0a0d91a9caa49df4ef20ff87e0df7213a1d4f3157beb90600090a35050565b600080546001600160a01b038381166001600160a01b0319831681178455604051919092169283917f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e09190a35050565b6001600160a01b0381168114620000b957600080fd5b600080600080600060a08688031215620001b557600080fd5b855194506020860151620001c98162000186565b6040870151909450620001dc8162000186565b6060870151909350620001ef8162000186565b6080870151909250620002028162000186565b809150509295509295909350565b60805160a05160c051611662620002786000396000818161022e0152818161030801526103b70152600081816101e9015281816103930152818161049e01528181610570015281816106a4015261072201526000818161015e0152610b1601526116626000f3fe608060405234801561001057600080fd5b50600436106100f55760003560e01c806382bfefc811610097578063a7ecd37e11610066578063a7ecd37e14610263578063b14b990f14610276578063e30c397814610289578063f2fde38b146102a757600080fd5b806382bfefc8146101e45780638da5cb5b1461020b57806397610f30146102295780639a15bf921461025057600080fd5b80635312ea8e116100d35780635312ea8e1461018e578063715018a6146101a157806373b2e80e146101a957806379ba5097146101dc57600080fd5b80630768132f146100fa578063238ac9331461010f57806351e75e8b14610159575b600080fd5b61010d6101083660046113d1565b6102ba565b005b60025461012f9073ffffffffffffffffffffffffffffffffffffffff1681565b60405173ffffffffffffffffffffffffffffffffffffffff90911681526020015b60405180910390f35b6101807f000000000000000000000000000000000000000000000000000000000000000081565b604051908152602001610150565b61010d61019c366004611466565b61042b565b61010d6105ed565b6101cc6101b73660046114a1565b60036020526000908152604090205460ff1681565b6040519015158152602001610150565b61010d610601565b61012f7f000000000000000000000000000000000000000000000000000000000000000081565b60005473ffffffffffffffffffffffffffffffffffffffff1661012f565b61012f7f000000000000000000000000000000000000000000000000000000000000000081565b61010d61025e3660046114be565b61067d565b61010d6102713660046114a1565b610707565b61010d610284366004611538565b610718565b60015473ffffffffffffffffffffffffffffffffffffffff1661012f565b61010d6102b53660046114a1565b6108a8565b6102c78686868686610958565b6040517f7628a37d0000000000000000000000000000000000000000000000000000000081526004810187905263ffffffff821660248201523360448201527f000000000000000000000000000000000000000000000000000000000000000073ffffffffffffffffffffffffffffffffffffffff1690637628a37d90606401600060405180830381600087803b15801561036157600080fd5b505af1158015610375573d6000803e3d6000fd5b506103dc92505073ffffffffffffffffffffffffffffffffffffffff7f00000000000000000000000000000000000000000000000000000000000000001690507f000000000000000000000000000000000000000000000000000000000000000088610bb9565b6040805187815263ffffffff831660208201524281830152905133917f18668c81b7daaeb8c43a64ad7afdbd74a3d775cf488ec5597cf8ab9f3bcf5385919081900360600190a2505050505050565b610433610c4b565b8060000361046d576040517f1f2a200500000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6040517f70a082310000000000000000000000000000000000000000000000000000000081523060048201526000907f000000000000000000000000000000000000000000000000000000000000000073ffffffffffffffffffffffffffffffffffffffff16906370a0823190602401602060405180830381865afa1580156104fa573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061051e9190611564565b9050600081831161052f5782610531565b815b9050600061055460005473ffffffffffffffffffffffffffffffffffffffff1690565b905061059773ffffffffffffffffffffffffffffffffffffffff7f0000000000000000000000000000000000000000000000000000000000000000168284610bb9565b8073ffffffffffffffffffffffffffffffffffffffff167f2e39961a70a10f4d46383948095ac2752b3ee642a7c76aa827410aaff08c2e51836040516105df91815260200190565b60405180910390a250505050565b6105f5610c4b565b6105ff6000610c9e565b565b600154339073ffffffffffffffffffffffffffffffffffffffff168114610671576040517f118cdaa700000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff821660048201526024015b60405180910390fd5b61067a81610c9e565b50565b61068a8585858585610958565b6106cb73ffffffffffffffffffffffffffffffffffffffff7f0000000000000000000000000000000000000000000000000000000000000000163387610bb9565b60405185815233907fd8138f8a3f377c5259ca548e70e4c2de94f129f5a11036a15b69513cba2b426a9060200160405180910390a25050505050565b61070f610c4b565b61067a81610ccf565b610720610c4b565b7f000000000000000000000000000000000000000000000000000000000000000073ffffffffffffffffffffffffffffffffffffffff168273ffffffffffffffffffffffffffffffffffffffff16148061078e575073ffffffffffffffffffffffffffffffffffffffff8216155b156107c5576040517fc1ab6dc100000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b806000036107ff576040517f1f2a200500000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6000805473ffffffffffffffffffffffffffffffffffffffff16905061083c73ffffffffffffffffffffffffffffffffffffffff84168284610bb9565b8273ffffffffffffffffffffffffffffffffffffffff168173ffffffffffffffffffffffffffffffffffffffff167f4b3832ed948bc80ab35e8cab3a5923e6e1a57696d02c846a8b6f54d39bf9acf08460405161089b91815260200190565b60405180910390a3505050565b6108b0610c4b565b6001805473ffffffffffffffffffffffffffffffffffffffff83167fffffffffffffffffffffffff0000000000000000000000000000000000000000909116811790915561091360005473ffffffffffffffffffffffffffffffffffffffff1690565b73ffffffffffffffffffffffffffffffffffffffff167f38d16b8cac22d99fc7c124b9cd0de2d3fa1faef420bfe791d8c362d765e2270060405160405180910390a350565b3360009081526003602052604090205460ff16156109a2576040517f646cf55800000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b60408051336020820152908101869052600090606001604080517fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0818403018152828252805160209182012090830152016040516020818303038152906040528051906020012090506000610a44827f19457468657265756d205369676e6564204d6573736167653a0a3332000000006000908152601c91909152603c902090565b90506000610a8a85858080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152508693925050610d939050565b60025490915073ffffffffffffffffffffffffffffffffffffffff808316911614610ae1576040517f815e1d6400000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b610b418787808060200260200160405190810160405280939291908181526020018383602002808284376000920191909152507f00000000000000000000000000000000000000000000000000000000000000009250879150610dbd9050565b610b77576040517f09bde33900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b505033600090815260036020526040902080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00166001179055505050505050565b6040805173ffffffffffffffffffffffffffffffffffffffff8416602482015260448082018490528251808303909101815260649091019091526020810180517bffffffffffffffffffffffffffffffffffffffffffffffffffffffff167fa9059cbb00000000000000000000000000000000000000000000000000000000179052610c46908490610dd5565b505050565b60005473ffffffffffffffffffffffffffffffffffffffff1633146105ff576040517f118cdaa7000000000000000000000000000000000000000000000000000000008152336004820152602401610668565b600180547fffffffffffffffffffffffff000000000000000000000000000000000000000016905561067a81610e6b565b73ffffffffffffffffffffffffffffffffffffffff8116610d1c576040517f70ea704e00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6002805473ffffffffffffffffffffffffffffffffffffffff8381167fffffffffffffffffffffffff0000000000000000000000000000000000000000831681179093556040519116919082907f2d025324f0a785e8c12d0a0d91a9caa49df4ef20ff87e0df7213a1d4f3157beb90600090a35050565b600080600080610da38686610ee0565b925092509250610db38282610f2d565b5090949350505050565b600082610dca8584611035565b1490505b9392505050565b6000610df773ffffffffffffffffffffffffffffffffffffffff841683611078565b90508051600014158015610e1c575080806020019051810190610e1a919061157d565b155b15610c46576040517f5274afe700000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff84166004820152602401610668565b6000805473ffffffffffffffffffffffffffffffffffffffff8381167fffffffffffffffffffffffff0000000000000000000000000000000000000000831681178455604051919092169283917f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e09190a35050565b60008060008351604103610f1a5760208401516040850151606086015160001a610f0c88828585611086565b955095509550505050610f26565b50508151600091506002905b9250925092565b6000826003811115610f4157610f4161159f565b03610f4a575050565b6001826003811115610f5e57610f5e61159f565b03610f95576040517ff645eedf00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6002826003811115610fa957610fa961159f565b03610fe3576040517ffce698f700000000000000000000000000000000000000000000000000000000815260048101829052602401610668565b6003826003811115610ff757610ff761159f565b03611031576040517fd78bce0c00000000000000000000000000000000000000000000000000000000815260048101829052602401610668565b5050565b600081815b84518110156110705761106682868381518110611059576110596115ce565b6020026020010151611180565b915060010161103a565b509392505050565b6060610dce838360006111af565b600080807f7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a08411156110c15750600091506003905082611176565b604080516000808252602082018084528a905260ff891692820192909252606081018790526080810186905260019060a0016020604051602081039080840390855afa158015611115573d6000803e3d6000fd5b50506040517fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0015191505073ffffffffffffffffffffffffffffffffffffffff811661116c57506000925060019150829050611176565b9250600091508190505b9450945094915050565b600081831061119c576000828152602084905260409020610dce565b6000838152602083905260409020610dce565b6060814710156111ed576040517fcd786059000000000000000000000000000000000000000000000000000000008152306004820152602401610668565b6000808573ffffffffffffffffffffffffffffffffffffffff16848660405161121691906115fd565b60006040518083038185875af1925050503d8060008114611253576040519150601f19603f3d011682016040523d82523d6000602084013e611258565b606091505b5091509150611268868383611272565b9695505050505050565b6060826112875761128282611301565b610dce565b81511580156112ab575073ffffffffffffffffffffffffffffffffffffffff84163b155b156112fa576040517f9996b31500000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff85166004820152602401610668565b5080610dce565b8051156113115780518082602001fd5b6040517f1425ea4200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b60008083601f84011261135557600080fd5b50813567ffffffffffffffff81111561136d57600080fd5b6020830191508360208260051b850101111561138857600080fd5b9250929050565b60008083601f8401126113a157600080fd5b50813567ffffffffffffffff8111156113b957600080fd5b60208301915083602082850101111561138857600080fd5b600080600080600080608087890312156113ea57600080fd5b86359550602087013567ffffffffffffffff8082111561140957600080fd5b6114158a838b01611343565b9097509550604089013591508082111561142e57600080fd5b5061143b89828a0161138f565b909450925050606087013563ffffffff8116811461145857600080fd5b809150509295509295509295565b60006020828403121561147857600080fd5b5035919050565b73ffffffffffffffffffffffffffffffffffffffff8116811461067a57600080fd5b6000602082840312156114b357600080fd5b8135610dce8161147f565b6000806000806000606086880312156114d657600080fd5b85359450602086013567ffffffffffffffff808211156114f557600080fd5b61150189838a01611343565b9096509450604088013591508082111561151a57600080fd5b506115278882890161138f565b969995985093965092949392505050565b6000806040838503121561154b57600080fd5b82356115568161147f565b946020939093013593505050565b60006020828403121561157657600080fd5b5051919050565b60006020828403121561158f57600080fd5b81518015158114610dce57600080fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052602160045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b6000825160005b8181101561161e5760208186018101518583015201611604565b50600092019182525091905056fea264697066735822122014083e58065b45bbadc1b5b0ae08ccf0e929ba462de6a0b3c11c617001292a0b64736f6c634300081700333aa51c5303c59261049dd0ef0ed2ddd2d114a93cb395b5ee5652c8b258c62e240000000000000000000000000842e2bd0ae0c39649055270194c2a76ff7c00ea00000000000000000000000088909d489678dd17aa6d9609f89b0419bf78fd9a0000000000000000000000008e02d37b6cad86039bdd11095b8c879b907f7d1000000000000000000000000049a941d7d7d40f340fabb17d25a9e2a76b72fac6
Deployed Bytecode
0x608060405234801561001057600080fd5b50600436106100f55760003560e01c806382bfefc811610097578063a7ecd37e11610066578063a7ecd37e14610263578063b14b990f14610276578063e30c397814610289578063f2fde38b146102a757600080fd5b806382bfefc8146101e45780638da5cb5b1461020b57806397610f30146102295780639a15bf921461025057600080fd5b80635312ea8e116100d35780635312ea8e1461018e578063715018a6146101a157806373b2e80e146101a957806379ba5097146101dc57600080fd5b80630768132f146100fa578063238ac9331461010f57806351e75e8b14610159575b600080fd5b61010d6101083660046113d1565b6102ba565b005b60025461012f9073ffffffffffffffffffffffffffffffffffffffff1681565b60405173ffffffffffffffffffffffffffffffffffffffff90911681526020015b60405180910390f35b6101807f3aa51c5303c59261049dd0ef0ed2ddd2d114a93cb395b5ee5652c8b258c62e2481565b604051908152602001610150565b61010d61019c366004611466565b61042b565b61010d6105ed565b6101cc6101b73660046114a1565b60036020526000908152604090205460ff1681565b6040519015158152602001610150565b61010d610601565b61012f7f00000000000000000000000088909d489678dd17aa6d9609f89b0419bf78fd9a81565b60005473ffffffffffffffffffffffffffffffffffffffff1661012f565b61012f7f0000000000000000000000008e02d37b6cad86039bdd11095b8c879b907f7d1081565b61010d61025e3660046114be565b61067d565b61010d6102713660046114a1565b610707565b61010d610284366004611538565b610718565b60015473ffffffffffffffffffffffffffffffffffffffff1661012f565b61010d6102b53660046114a1565b6108a8565b6102c78686868686610958565b6040517f7628a37d0000000000000000000000000000000000000000000000000000000081526004810187905263ffffffff821660248201523360448201527f0000000000000000000000008e02d37b6cad86039bdd11095b8c879b907f7d1073ffffffffffffffffffffffffffffffffffffffff1690637628a37d90606401600060405180830381600087803b15801561036157600080fd5b505af1158015610375573d6000803e3d6000fd5b506103dc92505073ffffffffffffffffffffffffffffffffffffffff7f00000000000000000000000088909d489678dd17aa6d9609f89b0419bf78fd9a1690507f0000000000000000000000008e02d37b6cad86039bdd11095b8c879b907f7d1088610bb9565b6040805187815263ffffffff831660208201524281830152905133917f18668c81b7daaeb8c43a64ad7afdbd74a3d775cf488ec5597cf8ab9f3bcf5385919081900360600190a2505050505050565b610433610c4b565b8060000361046d576040517f1f2a200500000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6040517f70a082310000000000000000000000000000000000000000000000000000000081523060048201526000907f00000000000000000000000088909d489678dd17aa6d9609f89b0419bf78fd9a73ffffffffffffffffffffffffffffffffffffffff16906370a0823190602401602060405180830381865afa1580156104fa573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061051e9190611564565b9050600081831161052f5782610531565b815b9050600061055460005473ffffffffffffffffffffffffffffffffffffffff1690565b905061059773ffffffffffffffffffffffffffffffffffffffff7f00000000000000000000000088909d489678dd17aa6d9609f89b0419bf78fd9a168284610bb9565b8073ffffffffffffffffffffffffffffffffffffffff167f2e39961a70a10f4d46383948095ac2752b3ee642a7c76aa827410aaff08c2e51836040516105df91815260200190565b60405180910390a250505050565b6105f5610c4b565b6105ff6000610c9e565b565b600154339073ffffffffffffffffffffffffffffffffffffffff168114610671576040517f118cdaa700000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff821660048201526024015b60405180910390fd5b61067a81610c9e565b50565b61068a8585858585610958565b6106cb73ffffffffffffffffffffffffffffffffffffffff7f00000000000000000000000088909d489678dd17aa6d9609f89b0419bf78fd9a163387610bb9565b60405185815233907fd8138f8a3f377c5259ca548e70e4c2de94f129f5a11036a15b69513cba2b426a9060200160405180910390a25050505050565b61070f610c4b565b61067a81610ccf565b610720610c4b565b7f00000000000000000000000088909d489678dd17aa6d9609f89b0419bf78fd9a73ffffffffffffffffffffffffffffffffffffffff168273ffffffffffffffffffffffffffffffffffffffff16148061078e575073ffffffffffffffffffffffffffffffffffffffff8216155b156107c5576040517fc1ab6dc100000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b806000036107ff576040517f1f2a200500000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6000805473ffffffffffffffffffffffffffffffffffffffff16905061083c73ffffffffffffffffffffffffffffffffffffffff84168284610bb9565b8273ffffffffffffffffffffffffffffffffffffffff168173ffffffffffffffffffffffffffffffffffffffff167f4b3832ed948bc80ab35e8cab3a5923e6e1a57696d02c846a8b6f54d39bf9acf08460405161089b91815260200190565b60405180910390a3505050565b6108b0610c4b565b6001805473ffffffffffffffffffffffffffffffffffffffff83167fffffffffffffffffffffffff0000000000000000000000000000000000000000909116811790915561091360005473ffffffffffffffffffffffffffffffffffffffff1690565b73ffffffffffffffffffffffffffffffffffffffff167f38d16b8cac22d99fc7c124b9cd0de2d3fa1faef420bfe791d8c362d765e2270060405160405180910390a350565b3360009081526003602052604090205460ff16156109a2576040517f646cf55800000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b60408051336020820152908101869052600090606001604080517fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0818403018152828252805160209182012090830152016040516020818303038152906040528051906020012090506000610a44827f19457468657265756d205369676e6564204d6573736167653a0a3332000000006000908152601c91909152603c902090565b90506000610a8a85858080601f0160208091040260200160405190810160405280939291908181526020018383808284376000920191909152508693925050610d939050565b60025490915073ffffffffffffffffffffffffffffffffffffffff808316911614610ae1576040517f815e1d6400000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b610b418787808060200260200160405190810160405280939291908181526020018383602002808284376000920191909152507f3aa51c5303c59261049dd0ef0ed2ddd2d114a93cb395b5ee5652c8b258c62e249250879150610dbd9050565b610b77576040517f09bde33900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b505033600090815260036020526040902080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00166001179055505050505050565b6040805173ffffffffffffffffffffffffffffffffffffffff8416602482015260448082018490528251808303909101815260649091019091526020810180517bffffffffffffffffffffffffffffffffffffffffffffffffffffffff167fa9059cbb00000000000000000000000000000000000000000000000000000000179052610c46908490610dd5565b505050565b60005473ffffffffffffffffffffffffffffffffffffffff1633146105ff576040517f118cdaa7000000000000000000000000000000000000000000000000000000008152336004820152602401610668565b600180547fffffffffffffffffffffffff000000000000000000000000000000000000000016905561067a81610e6b565b73ffffffffffffffffffffffffffffffffffffffff8116610d1c576040517f70ea704e00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6002805473ffffffffffffffffffffffffffffffffffffffff8381167fffffffffffffffffffffffff0000000000000000000000000000000000000000831681179093556040519116919082907f2d025324f0a785e8c12d0a0d91a9caa49df4ef20ff87e0df7213a1d4f3157beb90600090a35050565b600080600080610da38686610ee0565b925092509250610db38282610f2d565b5090949350505050565b600082610dca8584611035565b1490505b9392505050565b6000610df773ffffffffffffffffffffffffffffffffffffffff841683611078565b90508051600014158015610e1c575080806020019051810190610e1a919061157d565b155b15610c46576040517f5274afe700000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff84166004820152602401610668565b6000805473ffffffffffffffffffffffffffffffffffffffff8381167fffffffffffffffffffffffff0000000000000000000000000000000000000000831681178455604051919092169283917f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e09190a35050565b60008060008351604103610f1a5760208401516040850151606086015160001a610f0c88828585611086565b955095509550505050610f26565b50508151600091506002905b9250925092565b6000826003811115610f4157610f4161159f565b03610f4a575050565b6001826003811115610f5e57610f5e61159f565b03610f95576040517ff645eedf00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b6002826003811115610fa957610fa961159f565b03610fe3576040517ffce698f700000000000000000000000000000000000000000000000000000000815260048101829052602401610668565b6003826003811115610ff757610ff761159f565b03611031576040517fd78bce0c00000000000000000000000000000000000000000000000000000000815260048101829052602401610668565b5050565b600081815b84518110156110705761106682868381518110611059576110596115ce565b6020026020010151611180565b915060010161103a565b509392505050565b6060610dce838360006111af565b600080807f7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a08411156110c15750600091506003905082611176565b604080516000808252602082018084528a905260ff891692820192909252606081018790526080810186905260019060a0016020604051602081039080840390855afa158015611115573d6000803e3d6000fd5b50506040517fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0015191505073ffffffffffffffffffffffffffffffffffffffff811661116c57506000925060019150829050611176565b9250600091508190505b9450945094915050565b600081831061119c576000828152602084905260409020610dce565b6000838152602083905260409020610dce565b6060814710156111ed576040517fcd786059000000000000000000000000000000000000000000000000000000008152306004820152602401610668565b6000808573ffffffffffffffffffffffffffffffffffffffff16848660405161121691906115fd565b60006040518083038185875af1925050503d8060008114611253576040519150601f19603f3d011682016040523d82523d6000602084013e611258565b606091505b5091509150611268868383611272565b9695505050505050565b6060826112875761128282611301565b610dce565b81511580156112ab575073ffffffffffffffffffffffffffffffffffffffff84163b155b156112fa576040517f9996b31500000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff85166004820152602401610668565b5080610dce565b8051156113115780518082602001fd5b6040517f1425ea4200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b60008083601f84011261135557600080fd5b50813567ffffffffffffffff81111561136d57600080fd5b6020830191508360208260051b850101111561138857600080fd5b9250929050565b60008083601f8401126113a157600080fd5b50813567ffffffffffffffff8111156113b957600080fd5b60208301915083602082850101111561138857600080fd5b600080600080600080608087890312156113ea57600080fd5b86359550602087013567ffffffffffffffff8082111561140957600080fd5b6114158a838b01611343565b9097509550604089013591508082111561142e57600080fd5b5061143b89828a0161138f565b909450925050606087013563ffffffff8116811461145857600080fd5b809150509295509295509295565b60006020828403121561147857600080fd5b5035919050565b73ffffffffffffffffffffffffffffffffffffffff8116811461067a57600080fd5b6000602082840312156114b357600080fd5b8135610dce8161147f565b6000806000806000606086880312156114d657600080fd5b85359450602086013567ffffffffffffffff808211156114f557600080fd5b61150189838a01611343565b9096509450604088013591508082111561151a57600080fd5b506115278882890161138f565b969995985093965092949392505050565b6000806040838503121561154b57600080fd5b82356115568161147f565b946020939093013593505050565b60006020828403121561157657600080fd5b5051919050565b60006020828403121561158f57600080fd5b81518015158114610dce57600080fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052602160045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b6000825160005b8181101561161e5760208186018101518583015201611604565b50600092019182525091905056fea264697066735822122014083e58065b45bbadc1b5b0ae08ccf0e929ba462de6a0b3c11c617001292a0b64736f6c63430008170033
Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)
3aa51c5303c59261049dd0ef0ed2ddd2d114a93cb395b5ee5652c8b258c62e240000000000000000000000000842e2bd0ae0c39649055270194c2a76ff7c00ea00000000000000000000000088909d489678dd17aa6d9609f89b0419bf78fd9a0000000000000000000000008e02d37b6cad86039bdd11095b8c879b907f7d1000000000000000000000000049a941d7d7d40f340fabb17d25a9e2a76b72fac6
-----Decoded View---------------
Arg [0] : _merkleRoot (bytes32): 0x3aa51c5303c59261049dd0ef0ed2ddd2d114a93cb395b5ee5652c8b258c62e24
Arg [1] : _signer (address): 0x0842e2bD0ae0c39649055270194C2a76Ff7C00ea
Arg [2] : _token (address): 0x88909D489678dD17aA6D9609F89B0419Bf78FD9a
Arg [3] : _staking (address): 0x8E02d37b6Cad86039BDd11095b8c879B907F7D10
Arg [4] : _owner (address): 0x49a941d7D7D40f340FAbb17d25a9E2A76B72fAC6
-----Encoded View---------------
5 Constructor Arguments found :
Arg [0] : 3aa51c5303c59261049dd0ef0ed2ddd2d114a93cb395b5ee5652c8b258c62e24
Arg [1] : 0000000000000000000000000842e2bd0ae0c39649055270194c2a76ff7c00ea
Arg [2] : 00000000000000000000000088909d489678dd17aa6d9609f89b0419bf78fd9a
Arg [3] : 0000000000000000000000008e02d37b6cad86039bdd11095b8c879b907f7d10
Arg [4] : 00000000000000000000000049a941d7d7d40f340fabb17d25a9e2a76b72fac6
Loading...
Loading
Loading...
Loading
Multichain Portfolio | 30 Chains
| Chain | Token | Portfolio % | Price | Amount | Value |
|---|
Loading...
Loading
[ Download: CSV Export ]
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.