Sponsored
MoonPay
Buy crypto with our non-custodial and fully decentralised platform. Buy Now!
15M+ users trust MoonPay. Checkout with your preferred payment method.
MetaMask
Manage your web3 everything with MetaMask Portfolio. Try Now!
Ready to onboard to Ethereum? With MetaMask Portfolio, you're in control.
Nexo
Buy crypto and start earning up to 16% interest automatically. Buy Crypto
Get up to 0.5% cashback per purchase and receive daily interest.
Sponsored
MetaMask
Meet MetaMask Portfolio - your key to getting more out of web3. Try Now
Ready to simplify your web3 experience? Try the all-in-one web3 app trusted by millions worldwide.
CEX.IO
Claim Your Mystery Box For A Guaranteed Crypto Prize CLAIM NOW
Opt-in, make your first trade on Exchange Plus & receive random crypto rewards from 10,000 SHIB, to 0.01 BTC.
Sponsored
Сoins.game
100 free spins for registration. Spin now!
Everyday giveaways up to 100 ETH, Lucky Spins. Deposit BONUS 300% and Cashbacks!
Celsius Casino
- $400 Freespins - Instant Withdraw - No KYC - 200% Bonus. Spin Now!
9 years old Licensed Crypto Casino, Instant Withdraw 24/7, 6000+ Slots available, Paypal Deposit, Instant Live Support 24/7, 30% Rakeback.
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
Sponsored
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
CryptoWins
200% Welcome Bonus – Supercharge Your Crypto Up to 4 BTC! Claim Now!
Play 100s of games anonymously with all major cryptos. Join CryptoWins & start winning!
CryptoSlots
Play & Get 25 Free Spins at CryptoSlots Play Now
Anonymous play on awesome games - sign up now for 25 free jackpot spins - worth $100s!
Overview
ETH Balance
0 ETH
Eth Value
$0.00More Info
Private Name Tags
ContractCreator
Latest 1 from a total of 1 transactions
| Transaction Hash |
Method
|
Block
|
From
|
To
|
|||||
|---|---|---|---|---|---|---|---|---|---|
| 0x61010034 | 19265924 | 152 days ago | IN | Contract Creation | 0 ETH | 0.13561777 |
View more zero value Internal Transactions in Advanced View mode
Advanced mode:
Loading...
Loading
This contract may be a proxy contract. Click on More Options and select Is this a proxy? to confirm and enable the "Read as Proxy" & "Write as Proxy" tabs.
Similar Match Source Code This contract matches the deployed Bytecode of the Source Code for Contract 0xB7741843...8CE4ecB8c The constructor portion of the code might be different and could alter the actual behaviour of the contract
Contract Name:
Ethereum_SpokePool
Compiler Version
v0.8.23+commit.f704f362
Optimization Enabled:
Yes with 1000 runs
Other Settings:
default evmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./SpokePool.sol";
import "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
/**
* @notice Ethereum L1 specific SpokePool. Used on Ethereum L1 to facilitate L2->L1 transfers.
*/
contract Ethereum_SpokePool is SpokePool, OwnableUpgradeable {
using SafeERC20Upgradeable for IERC20Upgradeable;
/// @custom:oz-upgrades-unsafe-allow constructor
constructor(
address _wrappedNativeTokenAddress,
uint32 _depositQuoteTimeBuffer,
uint32 _fillDeadlineBuffer
) SpokePool(_wrappedNativeTokenAddress, _depositQuoteTimeBuffer, _fillDeadlineBuffer) {} // solhint-disable-line no-empty-blocks
/**
* @notice Construct the Ethereum SpokePool.
* @dev crossDomainAdmin is unused on this contract.
* @param _initialDepositId Starting deposit ID. Set to 0 unless this is a re-deployment in order to mitigate
* relay hash collisions.
* @param _hubPool Hub pool address to set. Can be changed by admin.
*/
function initialize(uint32 _initialDepositId, address _hubPool) public initializer {
__Ownable_init();
__SpokePool_init(_initialDepositId, _hubPool, _hubPool);
}
/**************************************
* INTERNAL FUNCTIONS *
**************************************/
function _bridgeTokensToHubPool(uint256 amountToReturn, address l2TokenAddress) internal override {
IERC20Upgradeable(l2TokenAddress).safeTransfer(hubPool, amountToReturn);
}
// The SpokePool deployed to the same network as the HubPool must be owned by the HubPool.
// A core assumption of this contract system is that the HubPool is deployed on Ethereum.
function _requireAdminSender() internal override onlyOwner {}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/ContextUpgradeable.sol";
import "../proxy/utils/Initializable.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract OwnableUpgradeable is Initializable, ContextUpgradeable {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
function __Ownable_init() internal onlyInitializing {
__Ownable_init_unchained();
}
function __Ownable_init_unchained() internal onlyInitializing {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[49] private __gap;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (interfaces/draft-IERC1822.sol)
pragma solidity ^0.8.0;
/**
* @dev ERC1822: Universal Upgradeable Proxy Standard (UUPS) documents a method for upgradeability through a simplified
* proxy whose upgrades are fully controlled by the current implementation.
*/
interface IERC1822ProxiableUpgradeable {
/**
* @dev Returns the storage slot that the proxiable contract assumes is being used to store the implementation
* address.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy.
*/
function proxiableUUID() external view returns (bytes32);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (interfaces/IERC1967.sol)
pragma solidity ^0.8.0;
/**
* @dev ERC-1967: Proxy Storage Slots. This interface contains the events defined in the ERC.
*
* _Available since v4.8.3._
*/
interface IERC1967Upgradeable {
/**
* @dev Emitted when the implementation is upgraded.
*/
event Upgraded(address indexed implementation);
/**
* @dev Emitted when the admin account has changed.
*/
event AdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Emitted when the beacon is changed.
*/
event BeaconUpgraded(address indexed beacon);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/beacon/IBeacon.sol)
pragma solidity ^0.8.0;
/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/
interface IBeaconUpgradeable {
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {BeaconProxy} will check that this address is a contract.
*/
function implementation() external view returns (address);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (proxy/ERC1967/ERC1967Upgrade.sol)
pragma solidity ^0.8.2;
import "../beacon/IBeaconUpgradeable.sol";
import "../../interfaces/IERC1967Upgradeable.sol";
import "../../interfaces/draft-IERC1822Upgradeable.sol";
import "../../utils/AddressUpgradeable.sol";
import "../../utils/StorageSlotUpgradeable.sol";
import "../utils/Initializable.sol";
/**
* @dev This abstract contract provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots.
*
* _Available since v4.1._
*/
abstract contract ERC1967UpgradeUpgradeable is Initializable, IERC1967Upgradeable {
function __ERC1967Upgrade_init() internal onlyInitializing {
}
function __ERC1967Upgrade_init_unchained() internal onlyInitializing {
}
// This is the keccak-256 hash of "eip1967.proxy.rollback" subtracted by 1
bytes32 private constant _ROLLBACK_SLOT = 0x4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd9143;
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Returns the current implementation address.
*/
function _getImplementation() internal view returns (address) {
return StorageSlotUpgradeable.getAddressSlot(_IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/
function _setImplementation(address newImplementation) private {
require(AddressUpgradeable.isContract(newImplementation), "ERC1967: new implementation is not a contract");
StorageSlotUpgradeable.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
}
/**
* @dev Perform implementation upgrade
*
* Emits an {Upgraded} event.
*/
function _upgradeTo(address newImplementation) internal {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Perform implementation upgrade with additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCall(address newImplementation, bytes memory data, bool forceCall) internal {
_upgradeTo(newImplementation);
if (data.length > 0 || forceCall) {
AddressUpgradeable.functionDelegateCall(newImplementation, data);
}
}
/**
* @dev Perform implementation upgrade with security checks for UUPS proxies, and additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCallUUPS(address newImplementation, bytes memory data, bool forceCall) internal {
// Upgrades from old implementations will perform a rollback test. This test requires the new
// implementation to upgrade back to the old, non-ERC1822 compliant, implementation. Removing
// this special case will break upgrade paths from old UUPS implementation to new ones.
if (StorageSlotUpgradeable.getBooleanSlot(_ROLLBACK_SLOT).value) {
_setImplementation(newImplementation);
} else {
try IERC1822ProxiableUpgradeable(newImplementation).proxiableUUID() returns (bytes32 slot) {
require(slot == _IMPLEMENTATION_SLOT, "ERC1967Upgrade: unsupported proxiableUUID");
} catch {
revert("ERC1967Upgrade: new implementation is not UUPS");
}
_upgradeToAndCall(newImplementation, data, forceCall);
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Returns the current admin.
*/
function _getAdmin() internal view returns (address) {
return StorageSlotUpgradeable.getAddressSlot(_ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 admin slot.
*/
function _setAdmin(address newAdmin) private {
require(newAdmin != address(0), "ERC1967: new admin is the zero address");
StorageSlotUpgradeable.getAddressSlot(_ADMIN_SLOT).value = newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*/
function _changeAdmin(address newAdmin) internal {
emit AdminChanged(_getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is bytes32(uint256(keccak256('eip1967.proxy.beacon')) - 1)) and is validated in the constructor.
*/
bytes32 internal constant _BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Returns the current beacon.
*/
function _getBeacon() internal view returns (address) {
return StorageSlotUpgradeable.getAddressSlot(_BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the EIP1967 beacon slot.
*/
function _setBeacon(address newBeacon) private {
require(AddressUpgradeable.isContract(newBeacon), "ERC1967: new beacon is not a contract");
require(
AddressUpgradeable.isContract(IBeaconUpgradeable(newBeacon).implementation()),
"ERC1967: beacon implementation is not a contract"
);
StorageSlotUpgradeable.getAddressSlot(_BEACON_SLOT).value = newBeacon;
}
/**
* @dev Perform beacon upgrade with additional setup call. Note: This upgrades the address of the beacon, it does
* not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that).
*
* Emits a {BeaconUpgraded} event.
*/
function _upgradeBeaconToAndCall(address newBeacon, bytes memory data, bool forceCall) internal {
_setBeacon(newBeacon);
emit BeaconUpgraded(newBeacon);
if (data.length > 0 || forceCall) {
AddressUpgradeable.functionDelegateCall(IBeaconUpgradeable(newBeacon).implementation(), data);
}
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.2;
import "../../utils/AddressUpgradeable.sol";
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Indicates that the contract has been initialized.
* @custom:oz-retyped-from bool
*/
uint8 private _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool private _initializing;
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint8 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that functions marked with `initializer` can be nested in the context of a
* constructor.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
bool isTopLevelCall = !_initializing;
require(
(isTopLevelCall && _initialized < 1) || (!AddressUpgradeable.isContract(address(this)) && _initialized == 1),
"Initializable: contract is already initialized"
);
_initialized = 1;
if (isTopLevelCall) {
_initializing = true;
}
_;
if (isTopLevelCall) {
_initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: setting the version to 255 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint8 version) {
require(!_initializing && _initialized < version, "Initializable: contract is already initialized");
_initialized = version;
_initializing = true;
_;
_initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
require(_initializing, "Initializable: contract is not initializing");
_;
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
require(!_initializing, "Initializable: contract is initializing");
if (_initialized != type(uint8).max) {
_initialized = type(uint8).max;
emit Initialized(type(uint8).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint8) {
return _initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _initializing;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (proxy/utils/UUPSUpgradeable.sol)
pragma solidity ^0.8.0;
import "../../interfaces/draft-IERC1822Upgradeable.sol";
import "../ERC1967/ERC1967UpgradeUpgradeable.sol";
import "./Initializable.sol";
/**
* @dev An upgradeability mechanism designed for UUPS proxies. The functions included here can perform an upgrade of an
* {ERC1967Proxy}, when this contract is set as the implementation behind such a proxy.
*
* A security mechanism ensures that an upgrade does not turn off upgradeability accidentally, although this risk is
* reinstated if the upgrade retains upgradeability but removes the security mechanism, e.g. by replacing
* `UUPSUpgradeable` with a custom implementation of upgrades.
*
* The {_authorizeUpgrade} function must be overridden to include access restriction to the upgrade mechanism.
*
* _Available since v4.1._
*/
abstract contract UUPSUpgradeable is Initializable, IERC1822ProxiableUpgradeable, ERC1967UpgradeUpgradeable {
function __UUPSUpgradeable_init() internal onlyInitializing {
}
function __UUPSUpgradeable_init_unchained() internal onlyInitializing {
}
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable state-variable-assignment
address private immutable __self = address(this);
/**
* @dev Check that the execution is being performed through a delegatecall call and that the execution context is
* a proxy contract with an implementation (as defined in ERC1967) pointing to self. This should only be the case
* for UUPS and transparent proxies that are using the current contract as their implementation. Execution of a
* function through ERC1167 minimal proxies (clones) would not normally pass this test, but is not guaranteed to
* fail.
*/
modifier onlyProxy() {
require(address(this) != __self, "Function must be called through delegatecall");
require(_getImplementation() == __self, "Function must be called through active proxy");
_;
}
/**
* @dev Check that the execution is not being performed through a delegate call. This allows a function to be
* callable on the implementing contract but not through proxies.
*/
modifier notDelegated() {
require(address(this) == __self, "UUPSUpgradeable: must not be called through delegatecall");
_;
}
/**
* @dev Implementation of the ERC1822 {proxiableUUID} function. This returns the storage slot used by the
* implementation. It is used to validate the implementation's compatibility when performing an upgrade.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy. This is guaranteed by the `notDelegated` modifier.
*/
function proxiableUUID() external view virtual override notDelegated returns (bytes32) {
return _IMPLEMENTATION_SLOT;
}
/**
* @dev Upgrade the implementation of the proxy to `newImplementation`.
*
* Calls {_authorizeUpgrade}.
*
* Emits an {Upgraded} event.
*
* @custom:oz-upgrades-unsafe-allow-reachable delegatecall
*/
function upgradeTo(address newImplementation) public virtual onlyProxy {
_authorizeUpgrade(newImplementation);
_upgradeToAndCallUUPS(newImplementation, new bytes(0), false);
}
/**
* @dev Upgrade the implementation of the proxy to `newImplementation`, and subsequently execute the function call
* encoded in `data`.
*
* Calls {_authorizeUpgrade}.
*
* Emits an {Upgraded} event.
*
* @custom:oz-upgrades-unsafe-allow-reachable delegatecall
*/
function upgradeToAndCall(address newImplementation, bytes memory data) public payable virtual onlyProxy {
_authorizeUpgrade(newImplementation);
_upgradeToAndCallUUPS(newImplementation, data, true);
}
/**
* @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract. Called by
* {upgradeTo} and {upgradeToAndCall}.
*
* Normally, this function will use an xref:access.adoc[access control] modifier such as {Ownable-onlyOwner}.
*
* ```solidity
* function _authorizeUpgrade(address) internal override onlyOwner {}
* ```
*/
function _authorizeUpgrade(address newImplementation) internal virtual;
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (security/ReentrancyGuard.sol)
pragma solidity ^0.8.0;
import "../proxy/utils/Initializable.sol";
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuardUpgradeable is Initializable {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant _NOT_ENTERED = 1;
uint256 private constant _ENTERED = 2;
uint256 private _status;
function __ReentrancyGuard_init() internal onlyInitializing {
__ReentrancyGuard_init_unchained();
}
function __ReentrancyGuard_init_unchained() internal onlyInitializing {
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be _NOT_ENTERED
require(_status != _ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
/**
* @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
* `nonReentrant` function in the call stack.
*/
function _reentrancyGuardEntered() internal view returns (bool) {
return _status == _ENTERED;
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[49] private __gap;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/extensions/IERC20Permit.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/
interface IERC20PermitUpgradeable {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20Upgradeable {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 amount) external returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.3) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.0;
import "../IERC20Upgradeable.sol";
import "../extensions/IERC20PermitUpgradeable.sol";
import "../../../utils/AddressUpgradeable.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20Upgradeable {
using AddressUpgradeable for address;
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20Upgradeable token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20Upgradeable token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(IERC20Upgradeable token, address spender, uint256 value) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
require(
(value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeIncreaseAllowance(IERC20Upgradeable token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, oldAllowance + value));
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeDecreaseAllowance(IERC20Upgradeable token, address spender, uint256 value) internal {
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, oldAllowance - value));
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*/
function forceApprove(IERC20Upgradeable token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeWithSelector(token.approve.selector, spender, value);
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, 0));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Use a ERC-2612 signature to set the `owner` approval toward `spender` on `token`.
* Revert on invalid signature.
*/
function safePermit(
IERC20PermitUpgradeable token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal {
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20Upgradeable token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
require(returndata.length == 0 || abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20Upgradeable token, bytes memory data) private returns (bool) {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false
// and not revert is the subcall reverts.
(bool success, bytes memory returndata) = address(token).call(data);
return
success && (returndata.length == 0 || abi.decode(returndata, (bool))) && AddressUpgradeable.isContract(address(token));
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library AddressUpgradeable {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
import "../proxy/utils/Initializable.sol";
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract ContextUpgradeable is Initializable {
function __Context_init() internal onlyInitializing {
}
function __Context_init_unchained() internal onlyInitializing {
}
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/cryptography/ECDSA.sol)
pragma solidity ^0.8.0;
import "../StringsUpgradeable.sol";
/**
* @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
*
* These functions can be used to verify that a message was signed by the holder
* of the private keys of a given address.
*/
library ECDSAUpgradeable {
enum RecoverError {
NoError,
InvalidSignature,
InvalidSignatureLength,
InvalidSignatureS,
InvalidSignatureV // Deprecated in v4.8
}
function _throwError(RecoverError error) private pure {
if (error == RecoverError.NoError) {
return; // no error: do nothing
} else if (error == RecoverError.InvalidSignature) {
revert("ECDSA: invalid signature");
} else if (error == RecoverError.InvalidSignatureLength) {
revert("ECDSA: invalid signature length");
} else if (error == RecoverError.InvalidSignatureS) {
revert("ECDSA: invalid signature 's' value");
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature` or error string. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*
* Documentation for signature generation:
* - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
* - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError) {
if (signature.length == 65) {
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them
// currently is to use assembly.
/// @solidity memory-safe-assembly
assembly {
r := mload(add(signature, 0x20))
s := mload(add(signature, 0x40))
v := byte(0, mload(add(signature, 0x60)))
}
return tryRecover(hash, v, r, s);
} else {
return (address(0), RecoverError.InvalidSignatureLength);
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature`. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*/
function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, signature);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
*
* See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address, RecoverError) {
bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
uint8 v = uint8((uint256(vs) >> 255) + 27);
return tryRecover(hash, v, r, s);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
*
* _Available since v4.2._
*/
function recover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, r, vs);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `v`,
* `r` and `s` signature fields separately.
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal pure returns (address, RecoverError) {
// EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
// unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
// the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most
// signatures from current libraries generate a unique signature with an s-value in the lower half order.
//
// If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
// with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
// vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
// these malleable signatures as well.
if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
return (address(0), RecoverError.InvalidSignatureS);
}
// If the signature is valid (and not malleable), return the signer address
address signer = ecrecover(hash, v, r, s);
if (signer == address(0)) {
return (address(0), RecoverError.InvalidSignature);
}
return (signer, RecoverError.NoError);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `v`,
* `r` and `s` signature fields separately.
*/
function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, v, r, s);
_throwError(error);
return recovered;
}
/**
* @dev Returns an Ethereum Signed Message, created from a `hash`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32 message) {
// 32 is the length in bytes of hash,
// enforced by the type signature above
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, "\x19Ethereum Signed Message:\n32")
mstore(0x1c, hash)
message := keccak256(0x00, 0x3c)
}
}
/**
* @dev Returns an Ethereum Signed Message, created from `s`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n", StringsUpgradeable.toString(s.length), s));
}
/**
* @dev Returns an Ethereum Signed Typed Data, created from a
* `domainSeparator` and a `structHash`. This produces hash corresponding
* to the one signed with the
* https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]
* JSON-RPC method as part of EIP-712.
*
* See {recover}.
*/
function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32 data) {
/// @solidity memory-safe-assembly
assembly {
let ptr := mload(0x40)
mstore(ptr, "\x19\x01")
mstore(add(ptr, 0x02), domainSeparator)
mstore(add(ptr, 0x22), structHash)
data := keccak256(ptr, 0x42)
}
}
/**
* @dev Returns an Ethereum Signed Data with intended validator, created from a
* `validator` and `data` according to the version 0 of EIP-191.
*
* See {recover}.
*/
function toDataWithIntendedValidatorHash(address validator, bytes memory data) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19\x00", validator, data));
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/math/Math.sol)
pragma solidity ^0.8.0;
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library MathUpgradeable {
enum Rounding {
Down, // Toward negative infinity
Up, // Toward infinity
Zero // Toward zero
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds up instead
* of rounding down.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
* with further edits by Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod0 := mul(x, y)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
require(denominator > prod1, "Math: mulDiv overflow");
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.
// See https://cs.stackexchange.com/q/138556/92363.
// Does not overflow because the denominator cannot be zero at this stage in the function.
uint256 twos = denominator & (~denominator + 1);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works
// in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (rounding == Rounding.Up && 10 ** result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256, rounded down, of a positive value.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (rounding == Rounding.Up && 1 << (result << 3) < value ? 1 : 0);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/SignedMath.sol)
pragma solidity ^0.8.0;
/**
* @dev Standard signed math utilities missing in the Solidity language.
*/
library SignedMathUpgradeable {
/**
* @dev Returns the largest of two signed numbers.
*/
function max(int256 a, int256 b) internal pure returns (int256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two signed numbers.
*/
function min(int256 a, int256 b) internal pure returns (int256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two signed numbers without overflow.
* The result is rounded towards zero.
*/
function average(int256 a, int256 b) internal pure returns (int256) {
// Formula from the book "Hacker's Delight"
int256 x = (a & b) + ((a ^ b) >> 1);
return x + (int256(uint256(x) >> 255) & (a ^ b));
}
/**
* @dev Returns the absolute unsigned value of a signed value.
*/
function abs(int256 n) internal pure returns (uint256) {
unchecked {
// must be unchecked in order to support `n = type(int256).min`
return uint256(n >= 0 ? n : -n);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/StorageSlot.sol)
// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.
pragma solidity ^0.8.0;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```solidity
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, `uint256`._
* _Available since v4.9 for `string`, `bytes`._
*/
library StorageSlotUpgradeable {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
struct StringSlot {
string value;
}
struct BytesSlot {
bytes value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` with member `value` located at `slot`.
*/
function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` representation of the string storage pointer `store`.
*/
function getStringSlot(string storage store) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
/**
* @dev Returns an `BytesSlot` with member `value` located at `slot`.
*/
function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.
*/
function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Strings.sol)
pragma solidity ^0.8.0;
import "./math/MathUpgradeable.sol";
import "./math/SignedMathUpgradeable.sol";
/**
* @dev String operations.
*/
library StringsUpgradeable {
bytes16 private constant _SYMBOLS = "0123456789abcdef";
uint8 private constant _ADDRESS_LENGTH = 20;
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/
function toString(uint256 value) internal pure returns (string memory) {
unchecked {
uint256 length = MathUpgradeable.log10(value) + 1;
string memory buffer = new string(length);
uint256 ptr;
/// @solidity memory-safe-assembly
assembly {
ptr := add(buffer, add(32, length))
}
while (true) {
ptr--;
/// @solidity memory-safe-assembly
assembly {
mstore8(ptr, byte(mod(value, 10), _SYMBOLS))
}
value /= 10;
if (value == 0) break;
}
return buffer;
}
}
/**
* @dev Converts a `int256` to its ASCII `string` decimal representation.
*/
function toString(int256 value) internal pure returns (string memory) {
return string(abi.encodePacked(value < 0 ? "-" : "", toString(SignedMathUpgradeable.abs(value))));
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/
function toHexString(uint256 value) internal pure returns (string memory) {
unchecked {
return toHexString(value, MathUpgradeable.log256(value) + 1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
bytes memory buffer = new bytes(2 * length + 2);
buffer[0] = "0";
buffer[1] = "x";
for (uint256 i = 2 * length + 1; i > 1; --i) {
buffer[i] = _SYMBOLS[value & 0xf];
value >>= 4;
}
require(value == 0, "Strings: hex length insufficient");
return string(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation.
*/
function toHexString(address addr) internal pure returns (string memory) {
return toHexString(uint256(uint160(addr)), _ADDRESS_LENGTH);
}
/**
* @dev Returns true if the two strings are equal.
*/
function equal(string memory a, string memory b) internal pure returns (bool) {
return keccak256(bytes(a)) == keccak256(bytes(b));
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (interfaces/IERC1271.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC1271 standard signature validation method for
* contracts as defined in https://eips.ethereum.org/EIPS/eip-1271[ERC-1271].
*
* _Available since v4.1._
*/
interface IERC1271 {
/**
* @dev Should return whether the signature provided is valid for the provided data
* @param hash Hash of the data to be signed
* @param signature Signature byte array associated with _data
*/
function isValidSignature(bytes32 hash, bytes memory signature) external view returns (bytes4 magicValue);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 amount) external returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/cryptography/ECDSA.sol)
pragma solidity ^0.8.0;
import "../Strings.sol";
/**
* @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
*
* These functions can be used to verify that a message was signed by the holder
* of the private keys of a given address.
*/
library ECDSA {
enum RecoverError {
NoError,
InvalidSignature,
InvalidSignatureLength,
InvalidSignatureS,
InvalidSignatureV // Deprecated in v4.8
}
function _throwError(RecoverError error) private pure {
if (error == RecoverError.NoError) {
return; // no error: do nothing
} else if (error == RecoverError.InvalidSignature) {
revert("ECDSA: invalid signature");
} else if (error == RecoverError.InvalidSignatureLength) {
revert("ECDSA: invalid signature length");
} else if (error == RecoverError.InvalidSignatureS) {
revert("ECDSA: invalid signature 's' value");
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature` or error string. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*
* Documentation for signature generation:
* - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
* - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError) {
if (signature.length == 65) {
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them
// currently is to use assembly.
/// @solidity memory-safe-assembly
assembly {
r := mload(add(signature, 0x20))
s := mload(add(signature, 0x40))
v := byte(0, mload(add(signature, 0x60)))
}
return tryRecover(hash, v, r, s);
} else {
return (address(0), RecoverError.InvalidSignatureLength);
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature`. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*/
function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, signature);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
*
* See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address, RecoverError) {
bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
uint8 v = uint8((uint256(vs) >> 255) + 27);
return tryRecover(hash, v, r, s);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
*
* _Available since v4.2._
*/
function recover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, r, vs);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `v`,
* `r` and `s` signature fields separately.
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal pure returns (address, RecoverError) {
// EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
// unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
// the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most
// signatures from current libraries generate a unique signature with an s-value in the lower half order.
//
// If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
// with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
// vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
// these malleable signatures as well.
if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
return (address(0), RecoverError.InvalidSignatureS);
}
// If the signature is valid (and not malleable), return the signer address
address signer = ecrecover(hash, v, r, s);
if (signer == address(0)) {
return (address(0), RecoverError.InvalidSignature);
}
return (signer, RecoverError.NoError);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `v`,
* `r` and `s` signature fields separately.
*/
function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, v, r, s);
_throwError(error);
return recovered;
}
/**
* @dev Returns an Ethereum Signed Message, created from a `hash`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32 message) {
// 32 is the length in bytes of hash,
// enforced by the type signature above
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, "\x19Ethereum Signed Message:\n32")
mstore(0x1c, hash)
message := keccak256(0x00, 0x3c)
}
}
/**
* @dev Returns an Ethereum Signed Message, created from `s`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n", Strings.toString(s.length), s));
}
/**
* @dev Returns an Ethereum Signed Typed Data, created from a
* `domainSeparator` and a `structHash`. This produces hash corresponding
* to the one signed with the
* https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]
* JSON-RPC method as part of EIP-712.
*
* See {recover}.
*/
function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32 data) {
/// @solidity memory-safe-assembly
assembly {
let ptr := mload(0x40)
mstore(ptr, "\x19\x01")
mstore(add(ptr, 0x02), domainSeparator)
mstore(add(ptr, 0x22), structHash)
data := keccak256(ptr, 0x42)
}
}
/**
* @dev Returns an Ethereum Signed Data with intended validator, created from a
* `validator` and `data` according to the version 0 of EIP-191.
*
* See {recover}.
*/
function toDataWithIntendedValidatorHash(address validator, bytes memory data) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19\x00", validator, data));
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.2) (utils/cryptography/MerkleProof.sol)
pragma solidity ^0.8.0;
/**
* @dev These functions deal with verification of Merkle Tree proofs.
*
* The tree and the proofs can be generated using our
* https://github.com/OpenZeppelin/merkle-tree[JavaScript library].
* You will find a quickstart guide in the readme.
*
* WARNING: You should avoid using leaf values that are 64 bytes long prior to
* hashing, or use a hash function other than keccak256 for hashing leaves.
* This is because the concatenation of a sorted pair of internal nodes in
* the merkle tree could be reinterpreted as a leaf value.
* OpenZeppelin's JavaScript library generates merkle trees that are safe
* against this attack out of the box.
*/
library MerkleProof {
/**
* @dev Returns true if a `leaf` can be proved to be a part of a Merkle tree
* defined by `root`. For this, a `proof` must be provided, containing
* sibling hashes on the branch from the leaf to the root of the tree. Each
* pair of leaves and each pair of pre-images are assumed to be sorted.
*/
function verify(bytes32[] memory proof, bytes32 root, bytes32 leaf) internal pure returns (bool) {
return processProof(proof, leaf) == root;
}
/**
* @dev Calldata version of {verify}
*
* _Available since v4.7._
*/
function verifyCalldata(bytes32[] calldata proof, bytes32 root, bytes32 leaf) internal pure returns (bool) {
return processProofCalldata(proof, leaf) == root;
}
/**
* @dev Returns the rebuilt hash obtained by traversing a Merkle tree up
* from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt
* hash matches the root of the tree. When processing the proof, the pairs
* of leafs & pre-images are assumed to be sorted.
*
* _Available since v4.4._
*/
function processProof(bytes32[] memory proof, bytes32 leaf) internal pure returns (bytes32) {
bytes32 computedHash = leaf;
for (uint256 i = 0; i < proof.length; i++) {
computedHash = _hashPair(computedHash, proof[i]);
}
return computedHash;
}
/**
* @dev Calldata version of {processProof}
*
* _Available since v4.7._
*/
function processProofCalldata(bytes32[] calldata proof, bytes32 leaf) internal pure returns (bytes32) {
bytes32 computedHash = leaf;
for (uint256 i = 0; i < proof.length; i++) {
computedHash = _hashPair(computedHash, proof[i]);
}
return computedHash;
}
/**
* @dev Returns true if the `leaves` can be simultaneously proven to be a part of a merkle tree defined by
* `root`, according to `proof` and `proofFlags` as described in {processMultiProof}.
*
* CAUTION: Not all merkle trees admit multiproofs. See {processMultiProof} for details.
*
* _Available since v4.7._
*/
function multiProofVerify(
bytes32[] memory proof,
bool[] memory proofFlags,
bytes32 root,
bytes32[] memory leaves
) internal pure returns (bool) {
return processMultiProof(proof, proofFlags, leaves) == root;
}
/**
* @dev Calldata version of {multiProofVerify}
*
* CAUTION: Not all merkle trees admit multiproofs. See {processMultiProof} for details.
*
* _Available since v4.7._
*/
function multiProofVerifyCalldata(
bytes32[] calldata proof,
bool[] calldata proofFlags,
bytes32 root,
bytes32[] memory leaves
) internal pure returns (bool) {
return processMultiProofCalldata(proof, proofFlags, leaves) == root;
}
/**
* @dev Returns the root of a tree reconstructed from `leaves` and sibling nodes in `proof`. The reconstruction
* proceeds by incrementally reconstructing all inner nodes by combining a leaf/inner node with either another
* leaf/inner node or a proof sibling node, depending on whether each `proofFlags` item is true or false
* respectively.
*
* CAUTION: Not all merkle trees admit multiproofs. To use multiproofs, it is sufficient to ensure that: 1) the tree
* is complete (but not necessarily perfect), 2) the leaves to be proven are in the opposite order they are in the
* tree (i.e., as seen from right to left starting at the deepest layer and continuing at the next layer).
*
* _Available since v4.7._
*/
function processMultiProof(
bytes32[] memory proof,
bool[] memory proofFlags,
bytes32[] memory leaves
) internal pure returns (bytes32 merkleRoot) {
// This function rebuilds the root hash by traversing the tree up from the leaves. The root is rebuilt by
// consuming and producing values on a queue. The queue starts with the `leaves` array, then goes onto the
// `hashes` array. At the end of the process, the last hash in the `hashes` array should contain the root of
// the merkle tree.
uint256 leavesLen = leaves.length;
uint256 proofLen = proof.length;
uint256 totalHashes = proofFlags.length;
// Check proof validity.
require(leavesLen + proofLen - 1 == totalHashes, "MerkleProof: invalid multiproof");
// The xxxPos values are "pointers" to the next value to consume in each array. All accesses are done using
// `xxx[xxxPos++]`, which return the current value and increment the pointer, thus mimicking a queue's "pop".
bytes32[] memory hashes = new bytes32[](totalHashes);
uint256 leafPos = 0;
uint256 hashPos = 0;
uint256 proofPos = 0;
// At each step, we compute the next hash using two values:
// - a value from the "main queue". If not all leaves have been consumed, we get the next leaf, otherwise we
// get the next hash.
// - depending on the flag, either another value from the "main queue" (merging branches) or an element from the
// `proof` array.
for (uint256 i = 0; i < totalHashes; i++) {
bytes32 a = leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++];
bytes32 b = proofFlags[i]
? (leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++])
: proof[proofPos++];
hashes[i] = _hashPair(a, b);
}
if (totalHashes > 0) {
require(proofPos == proofLen, "MerkleProof: invalid multiproof");
unchecked {
return hashes[totalHashes - 1];
}
} else if (leavesLen > 0) {
return leaves[0];
} else {
return proof[0];
}
}
/**
* @dev Calldata version of {processMultiProof}.
*
* CAUTION: Not all merkle trees admit multiproofs. See {processMultiProof} for details.
*
* _Available since v4.7._
*/
function processMultiProofCalldata(
bytes32[] calldata proof,
bool[] calldata proofFlags,
bytes32[] memory leaves
) internal pure returns (bytes32 merkleRoot) {
// This function rebuilds the root hash by traversing the tree up from the leaves. The root is rebuilt by
// consuming and producing values on a queue. The queue starts with the `leaves` array, then goes onto the
// `hashes` array. At the end of the process, the last hash in the `hashes` array should contain the root of
// the merkle tree.
uint256 leavesLen = leaves.length;
uint256 proofLen = proof.length;
uint256 totalHashes = proofFlags.length;
// Check proof validity.
require(leavesLen + proofLen - 1 == totalHashes, "MerkleProof: invalid multiproof");
// The xxxPos values are "pointers" to the next value to consume in each array. All accesses are done using
// `xxx[xxxPos++]`, which return the current value and increment the pointer, thus mimicking a queue's "pop".
bytes32[] memory hashes = new bytes32[](totalHashes);
uint256 leafPos = 0;
uint256 hashPos = 0;
uint256 proofPos = 0;
// At each step, we compute the next hash using two values:
// - a value from the "main queue". If not all leaves have been consumed, we get the next leaf, otherwise we
// get the next hash.
// - depending on the flag, either another value from the "main queue" (merging branches) or an element from the
// `proof` array.
for (uint256 i = 0; i < totalHashes; i++) {
bytes32 a = leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++];
bytes32 b = proofFlags[i]
? (leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++])
: proof[proofPos++];
hashes[i] = _hashPair(a, b);
}
if (totalHashes > 0) {
require(proofPos == proofLen, "MerkleProof: invalid multiproof");
unchecked {
return hashes[totalHashes - 1];
}
} else if (leavesLen > 0) {
return leaves[0];
} else {
return proof[0];
}
}
function _hashPair(bytes32 a, bytes32 b) private pure returns (bytes32) {
return a < b ? _efficientHash(a, b) : _efficientHash(b, a);
}
function _efficientHash(bytes32 a, bytes32 b) private pure returns (bytes32 value) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, a)
mstore(0x20, b)
value := keccak256(0x00, 0x40)
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/cryptography/SignatureChecker.sol)
pragma solidity ^0.8.0;
import "./ECDSA.sol";
import "../../interfaces/IERC1271.sol";
/**
* @dev Signature verification helper that can be used instead of `ECDSA.recover` to seamlessly support both ECDSA
* signatures from externally owned accounts (EOAs) as well as ERC1271 signatures from smart contract wallets like
* Argent and Gnosis Safe.
*
* _Available since v4.1._
*/
library SignatureChecker {
/**
* @dev Checks if a signature is valid for a given signer and data hash. If the signer is a smart contract, the
* signature is validated against that smart contract using ERC1271, otherwise it's validated using `ECDSA.recover`.
*
* NOTE: Unlike ECDSA signatures, contract signatures are revocable, and the outcome of this function can thus
* change through time. It could return true at block N and false at block N+1 (or the opposite).
*/
function isValidSignatureNow(address signer, bytes32 hash, bytes memory signature) internal view returns (bool) {
(address recovered, ECDSA.RecoverError error) = ECDSA.tryRecover(hash, signature);
return
(error == ECDSA.RecoverError.NoError && recovered == signer) ||
isValidERC1271SignatureNow(signer, hash, signature);
}
/**
* @dev Checks if a signature is valid for a given signer and data hash. The signature is validated
* against the signer smart contract using ERC1271.
*
* NOTE: Unlike ECDSA signatures, contract signatures are revocable, and the outcome of this function can thus
* change through time. It could return true at block N and false at block N+1 (or the opposite).
*/
function isValidERC1271SignatureNow(
address signer,
bytes32 hash,
bytes memory signature
) internal view returns (bool) {
(bool success, bytes memory result) = signer.staticcall(
abi.encodeWithSelector(IERC1271.isValidSignature.selector, hash, signature)
);
return (success &&
result.length >= 32 &&
abi.decode(result, (bytes32)) == bytes32(IERC1271.isValidSignature.selector));
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/math/Math.sol)
pragma solidity ^0.8.0;
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
enum Rounding {
Down, // Toward negative infinity
Up, // Toward infinity
Zero // Toward zero
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds up instead
* of rounding down.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
* with further edits by Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod0 := mul(x, y)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
require(denominator > prod1, "Math: mulDiv overflow");
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.
// See https://cs.stackexchange.com/q/138556/92363.
// Does not overflow because the denominator cannot be zero at this stage in the function.
uint256 twos = denominator & (~denominator + 1);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works
// in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (rounding == Rounding.Up && 10 ** result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256, rounded down, of a positive value.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (rounding == Rounding.Up && 1 << (result << 3) < value ? 1 : 0);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/SignedMath.sol)
pragma solidity ^0.8.0;
/**
* @dev Standard signed math utilities missing in the Solidity language.
*/
library SignedMath {
/**
* @dev Returns the largest of two signed numbers.
*/
function max(int256 a, int256 b) internal pure returns (int256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two signed numbers.
*/
function min(int256 a, int256 b) internal pure returns (int256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two signed numbers without overflow.
* The result is rounded towards zero.
*/
function average(int256 a, int256 b) internal pure returns (int256) {
// Formula from the book "Hacker's Delight"
int256 x = (a & b) + ((a ^ b) >> 1);
return x + (int256(uint256(x) >> 255) & (a ^ b));
}
/**
* @dev Returns the absolute unsigned value of a signed value.
*/
function abs(int256 n) internal pure returns (uint256) {
unchecked {
// must be unchecked in order to support `n = type(int256).min`
return uint256(n >= 0 ? n : -n);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Strings.sol)
pragma solidity ^0.8.0;
import "./math/Math.sol";
import "./math/SignedMath.sol";
/**
* @dev String operations.
*/
library Strings {
bytes16 private constant _SYMBOLS = "0123456789abcdef";
uint8 private constant _ADDRESS_LENGTH = 20;
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/
function toString(uint256 value) internal pure returns (string memory) {
unchecked {
uint256 length = Math.log10(value) + 1;
string memory buffer = new string(length);
uint256 ptr;
/// @solidity memory-safe-assembly
assembly {
ptr := add(buffer, add(32, length))
}
while (true) {
ptr--;
/// @solidity memory-safe-assembly
assembly {
mstore8(ptr, byte(mod(value, 10), _SYMBOLS))
}
value /= 10;
if (value == 0) break;
}
return buffer;
}
}
/**
* @dev Converts a `int256` to its ASCII `string` decimal representation.
*/
function toString(int256 value) internal pure returns (string memory) {
return string(abi.encodePacked(value < 0 ? "-" : "", toString(SignedMath.abs(value))));
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/
function toHexString(uint256 value) internal pure returns (string memory) {
unchecked {
return toHexString(value, Math.log256(value) + 1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
bytes memory buffer = new bytes(2 * length + 2);
buffer[0] = "0";
buffer[1] = "x";
for (uint256 i = 2 * length + 1; i > 1; --i) {
buffer[i] = _SYMBOLS[value & 0xf];
value >>= 4;
}
require(value == 0, "Strings: hex length insufficient");
return string(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation.
*/
function toHexString(address addr) internal pure returns (string memory) {
return toHexString(uint256(uint160(addr)), _ADDRESS_LENGTH);
}
/**
* @dev Returns true if the two strings are equal.
*/
function equal(string memory a, string memory b) internal pure returns (bool) {
return keccak256(bytes(a)) == keccak256(bytes(b));
}
}// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
/**
* @notice Interface for the WETH9 contract.
*/
interface WETH9Interface {
/**
* @notice Burn Wrapped Ether and receive native Ether.
* @param wad Amount of WETH to unwrap and send to caller.
*/
function withdraw(uint256 wad) external;
/**
* @notice Lock native Ether and mint Wrapped Ether ERC20
* @dev msg.value is amount of Wrapped Ether to mint/Ether to lock.
*/
function deposit() external payable;
/**
* @notice Get balance of WETH held by `guy`.
* @param guy Address to get balance of.
* @return wad Amount of WETH held by `guy`.
*/
function balanceOf(address guy) external view returns (uint256 wad);
/**
* @notice Transfer `wad` of WETH from caller to `guy`.
* @param guy Address to send WETH to.
* @param wad Amount of WETH to send.
* @return ok True if transfer succeeded.
*/
function transfer(address guy, uint256 wad) external returns (bool);
}// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
/**
* @notice Concise list of functions in HubPool implementation.
*/
interface HubPoolInterface {
// This leaf is meant to be decoded in the HubPool to rebalance tokens between HubPool and SpokePool.
struct PoolRebalanceLeaf {
// This is used to know which chain to send cross-chain transactions to (and which SpokePool to send to).
uint256 chainId;
// Total LP fee amount per token in this bundle, encompassing all associated bundled relays.
uint256[] bundleLpFees;
// Represents the amount to push to or pull from the SpokePool. If +, the pool pays the SpokePool. If negative
// the SpokePool pays the HubPool. There can be arbitrarily complex rebalancing rules defined offchain. This
// number is only nonzero when the rules indicate that a rebalancing action should occur. When a rebalance does
// occur, runningBalances must be set to zero for this token and netSendAmounts should be set to the previous
// runningBalances + relays - deposits in this bundle. If non-zero then it must be set on the SpokePool's
// RelayerRefundLeaf amountToReturn as -1 * this value to show if funds are being sent from or to the SpokePool.
int256[] netSendAmounts;
// This is only here to be emitted in an event to track a running unpaid balance between the L2 pool and the L1
// pool. A positive number indicates that the HubPool owes the SpokePool funds. A negative number indicates that
// the SpokePool owes the HubPool funds. See the comment above for the dynamics of this and netSendAmounts.
int256[] runningBalances;
// Used by data worker to mark which leaves should relay roots to SpokePools, and to otherwise organize leaves.
// For example, each leaf should contain all the rebalance information for a single chain, but in the case where
// the list of l1Tokens is very large such that they all can't fit into a single leaf that can be executed under
// the block gas limit, then the data worker can use this groupIndex to organize them. Any leaves with
// a groupIndex equal to 0 will relay roots to the SpokePool, so the data worker should ensure that only one
// leaf for a specific chainId should have a groupIndex equal to 0.
uint256 groupIndex;
// Used as the index in the bitmap to track whether this leaf has been executed or not.
uint8 leafId;
// The bundleLpFees, netSendAmounts, and runningBalances are required to be the same length. They are parallel
// arrays for the given chainId and should be ordered by the l1Tokens field. All whitelisted tokens with nonzero
// relays on this chain in this bundle in the order of whitelisting.
address[] l1Tokens;
}
// A data worker can optimistically store several merkle roots on this contract by staking a bond and calling
// proposeRootBundle. By staking a bond, the data worker is alleging that the merkle roots all contain valid leaves
// that can be executed later to:
// - Send funds from this contract to a SpokePool or vice versa
// - Send funds from a SpokePool to Relayer as a refund for a relayed deposit
// - Send funds from a SpokePool to a deposit recipient to fulfill a "slow" relay
// Anyone can dispute this struct if the merkle roots contain invalid leaves before the
// challengePeriodEndTimestamp. Once the expiration timestamp is passed, executeRootBundle to execute a leaf
// from the poolRebalanceRoot on this contract and it will simultaneously publish the relayerRefundRoot and
// slowRelayRoot to a SpokePool. The latter two roots, once published to the SpokePool, contain
// leaves that can be executed on the SpokePool to pay relayers or recipients.
struct RootBundle {
// Contains leaves instructing this contract to send funds to SpokePools.
bytes32 poolRebalanceRoot;
// Relayer refund merkle root to be published to a SpokePool.
bytes32 relayerRefundRoot;
// Slow relay merkle root to be published to a SpokePool.
bytes32 slowRelayRoot;
// This is a 1D bitmap, with max size of 256 elements, limiting us to 256 chainsIds.
uint256 claimedBitMap;
// Proposer of this root bundle.
address proposer;
// Number of pool rebalance leaves to execute in the poolRebalanceRoot. After this number
// of leaves are executed, a new root bundle can be proposed
uint8 unclaimedPoolRebalanceLeafCount;
// When root bundle challenge period passes and this root bundle becomes executable.
uint32 challengePeriodEndTimestamp;
}
// Each whitelisted L1 token has an associated pooledToken struct that contains all information used to track the
// cumulative LP positions and if this token is enabled for deposits.
struct PooledToken {
// LP token given to LPs of a specific L1 token.
address lpToken;
// True if accepting new LP's.
bool isEnabled;
// Timestamp of last LP fee update.
uint32 lastLpFeeUpdate;
// Number of LP funds sent via pool rebalances to SpokePools and are expected to be sent
// back later.
int256 utilizedReserves;
// Number of LP funds held in contract less utilized reserves.
uint256 liquidReserves;
// Number of LP funds reserved to pay out to LPs as fees.
uint256 undistributedLpFees;
}
// Helper contracts to facilitate cross chain actions between HubPool and SpokePool for a specific network.
struct CrossChainContract {
address adapter;
address spokePool;
}
function setPaused(bool pause) external;
function emergencyDeleteProposal() external;
function relaySpokePoolAdminFunction(uint256 chainId, bytes memory functionData) external;
function setProtocolFeeCapture(address newProtocolFeeCaptureAddress, uint256 newProtocolFeeCapturePct) external;
function setBond(IERC20 newBondToken, uint256 newBondAmount) external;
function setLiveness(uint32 newLiveness) external;
function setIdentifier(bytes32 newIdentifier) external;
function setCrossChainContracts(
uint256 l2ChainId,
address adapter,
address spokePool
) external;
function enableL1TokenForLiquidityProvision(address l1Token) external;
function disableL1TokenForLiquidityProvision(address l1Token) external;
function addLiquidity(address l1Token, uint256 l1TokenAmount) external payable;
function removeLiquidity(
address l1Token,
uint256 lpTokenAmount,
bool sendEth
) external;
function exchangeRateCurrent(address l1Token) external returns (uint256);
function liquidityUtilizationCurrent(address l1Token) external returns (uint256);
function liquidityUtilizationPostRelay(address l1Token, uint256 relayedAmount) external returns (uint256);
function sync(address l1Token) external;
function proposeRootBundle(
uint256[] memory bundleEvaluationBlockNumbers,
uint8 poolRebalanceLeafCount,
bytes32 poolRebalanceRoot,
bytes32 relayerRefundRoot,
bytes32 slowRelayRoot
) external;
function executeRootBundle(
uint256 chainId,
uint256 groupIndex,
uint256[] memory bundleLpFees,
int256[] memory netSendAmounts,
int256[] memory runningBalances,
uint8 leafId,
address[] memory l1Tokens,
bytes32[] memory proof
) external;
function disputeRootBundle() external;
function claimProtocolFeesCaptured(address l1Token) external;
function setPoolRebalanceRoute(
uint256 destinationChainId,
address l1Token,
address destinationToken
) external;
function setDepositRoute(
uint256 originChainId,
uint256 destinationChainId,
address originToken,
bool depositsEnabled
) external;
function poolRebalanceRoute(uint256 destinationChainId, address l1Token)
external
view
returns (address destinationToken);
function loadEthForL2Calls() external payable;
}// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
/**
* @notice Contains common data structures and functions used by all SpokePool implementations.
*/
interface SpokePoolInterface {
// This leaf is meant to be decoded in the SpokePool to pay out successful relayers.
struct RelayerRefundLeaf {
// This is the amount to return to the HubPool. This occurs when there is a PoolRebalanceLeaf netSendAmount that
// is negative. This is just the negative of this value.
uint256 amountToReturn;
// Used to verify that this is being executed on the correct destination chainId.
uint256 chainId;
// This array designates how much each of those addresses should be refunded.
uint256[] refundAmounts;
// Used as the index in the bitmap to track whether this leaf has been executed or not.
uint32 leafId;
// The associated L2TokenAddress that these claims apply to.
address l2TokenAddress;
// Must be same length as refundAmounts and designates each address that must be refunded.
address[] refundAddresses;
}
// This struct represents the data to fully specify a relay. If any portion of this data differs, the relay is
// considered to be completely distinct. Only one relay for a particular depositId, chainId pair should be
// considered valid and repaid. This data is hashed and inserted into the slow relay merkle root so that an off
// chain validator can choose when to refund slow relayers.
/// @custom:audit FOLLOWING STRUCT TO BE DEPRECATED
struct RelayData {
// The address that made the deposit on the origin chain.
address depositor;
// The recipient address on the destination chain.
address recipient;
// The corresponding token address on the destination chain.
address destinationToken;
// The total relay amount before fees are taken out.
uint256 amount;
// Origin chain id.
uint256 originChainId;
// Destination chain id.
uint256 destinationChainId;
// The LP Fee percentage computed by the relayer based on the deposit's quote timestamp
// and the HubPool's utilization.
int64 realizedLpFeePct;
// The relayer fee percentage specified in the deposit.
int64 relayerFeePct;
// The id uniquely identifying this deposit on the origin chain.
uint32 depositId;
// Data that is forwarded to the recipient.
bytes message;
}
/// @custom:audit FOLLOWING STRUCT TO BE DEPRECATED
struct SlowFill {
RelayData relayData;
int256 payoutAdjustmentPct;
}
// Stores collection of merkle roots that can be published to this contract from the HubPool, which are referenced
// by "data workers" via inclusion proofs to execute leaves in the roots.
struct RootBundle {
// Merkle root of slow relays that were not fully filled and whose recipient is still owed funds from the LP pool.
bytes32 slowRelayRoot;
// Merkle root of relayer refunds for successful relays.
bytes32 relayerRefundRoot;
// This is a 2D bitmap tracking which leaves in the relayer refund root have been claimed, with max size of
// 256x(2^248) leaves per root.
mapping(uint256 => uint256) claimedBitmap;
}
function setCrossDomainAdmin(address newCrossDomainAdmin) external;
function setHubPool(address newHubPool) external;
function setEnableRoute(
address originToken,
uint256 destinationChainId,
bool enable
) external;
function pauseDeposits(bool pause) external;
function pauseFills(bool pause) external;
function relayRootBundle(bytes32 relayerRefundRoot, bytes32 slowRelayRoot) external;
function emergencyDeleteRootBundle(uint256 rootBundleId) external;
function deposit(
address recipient,
address originToken,
uint256 amount,
uint256 destinationChainId,
int64 relayerFeePct,
uint32 quoteTimestamp,
bytes memory message,
uint256 maxCount
) external payable;
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function depositFor(
address depositor,
address recipient,
address originToken,
uint256 amount,
uint256 destinationChainId,
int64 relayerFeePct,
uint32 quoteTimestamp,
bytes memory message,
uint256 maxCount
) external payable;
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function depositNow(
address recipient,
address originToken,
uint256 amount,
uint256 destinationChainId,
int64 relayerFeePct,
bytes memory message,
uint256 maxCount
) external payable;
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function speedUpDeposit(
address depositor,
int64 updatedRelayerFeePct,
uint32 depositId,
address updatedRecipient,
bytes memory updatedMessage,
bytes memory depositorSignature
) external;
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function fillRelay(
address depositor,
address recipient,
address destinationToken,
uint256 amount,
uint256 maxTokensToSend,
uint256 repaymentChainId,
uint256 originChainId,
int64 realizedLpFeePct,
int64 relayerFeePct,
uint32 depositId,
bytes memory message,
uint256 maxCount
) external;
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function fillRelayWithUpdatedDeposit(
address depositor,
address recipient,
address updatedRecipient,
address destinationToken,
uint256 amount,
uint256 maxTokensToSend,
uint256 repaymentChainId,
uint256 originChainId,
int64 realizedLpFeePct,
int64 relayerFeePct,
int64 updatedRelayerFeePct,
uint32 depositId,
bytes memory message,
bytes memory updatedMessage,
bytes memory depositorSignature,
uint256 maxCount
) external;
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function executeSlowRelayLeaf(
address depositor,
address recipient,
address destinationToken,
uint256 amount,
uint256 originChainId,
int64 realizedLpFeePct,
int64 relayerFeePct,
uint32 depositId,
uint32 rootBundleId,
bytes memory message,
int256 payoutAdjustment,
bytes32[] memory proof
) external;
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function executeRelayerRefundLeaf(
uint32 rootBundleId,
SpokePoolInterface.RelayerRefundLeaf memory relayerRefundLeaf,
bytes32[] memory proof
) external payable;
function chainId() external view returns (uint256);
error NotEOA();
}// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
// Contains structs and functions used by SpokePool contracts to facilitate universal settlement.
interface V3SpokePoolInterface {
/**************************************
* ENUMS *
**************************************/
// Fill status tracks on-chain state of deposit, uniquely identified by relayHash.
enum FillStatus {
Unfilled,
RequestedSlowFill,
Filled
}
// Fill type is emitted in the FilledRelay event to assist Dataworker with determining which types of
// fills to refund (e.g. only fast fills) and whether a fast fill created a sow fill excess.
enum FillType {
FastFill,
// Fast fills are normal fills that do not replace a slow fill request.
ReplacedSlowFill,
// Replaced slow fills are fast fills that replace a slow fill request. This type is used by the Dataworker
// to know when to send excess funds from the SpokePool to the HubPool because they can no longer be used
// for a slow fill execution.
SlowFill
// Slow fills are requested via requestSlowFill and executed by executeSlowRelayLeaf after a bundle containing
// the slow fill is validated.
}
/**************************************
* STRUCTS *
**************************************/
// This struct represents the data to fully specify a **unique** relay submitted on this chain.
// This data is hashed with the chainId() and saved by the SpokePool to prevent collisions and protect against
// replay attacks on other chains. If any portion of this data differs, the relay is considered to be
// completely distinct.
struct V3RelayData {
// The address that made the deposit on the origin chain.
address depositor;
// The recipient address on the destination chain.
address recipient;
// This is the exclusive relayer who can fill the deposit before the exclusivity deadline.
address exclusiveRelayer;
// Token that is deposited on origin chain by depositor.
address inputToken;
// Token that is received on destination chain by recipient.
address outputToken;
// The amount of input token deposited by depositor.
uint256 inputAmount;
// The amount of output token to be received by recipient.
uint256 outputAmount;
// Origin chain id.
uint256 originChainId;
// The id uniquely identifying this deposit on the origin chain.
uint32 depositId;
// The timestamp on the destination chain after which this deposit can no longer be filled.
uint32 fillDeadline;
// The timestamp on the destination chain after which any relayer can fill the deposit.
uint32 exclusivityDeadline;
// Data that is forwarded to the recipient.
bytes message;
}
// Contains parameters passed in by someone who wants to execute a slow relay leaf.
struct V3SlowFill {
V3RelayData relayData;
uint256 chainId;
uint256 updatedOutputAmount;
}
// Contains information about a relay to be sent along with additional information that is not unique to the
// relay itself but is required to know how to process the relay. For example, "updatedX" fields can be used
// by the relayer to modify fields of the relay with the depositor's permission, and "repaymentChainId" is specified
// by the relayer to determine where to take a relayer refund, but doesn't affect the uniqueness of the relay.
struct V3RelayExecutionParams {
V3RelayData relay;
bytes32 relayHash;
uint256 updatedOutputAmount;
address updatedRecipient;
bytes updatedMessage;
uint256 repaymentChainId;
}
// Packs together parameters emitted in FilledV3Relay because there are too many emitted otherwise.
// Similar to V3RelayExecutionParams, these parameters are not used to uniquely identify the deposit being
// filled so they don't have to be unpacked by all clients.
struct V3RelayExecutionEventInfo {
address updatedRecipient;
bytes updatedMessage;
uint256 updatedOutputAmount;
FillType fillType;
}
/**************************************
* EVENTS *
**************************************/
event V3FundsDeposited(
address inputToken,
address outputToken,
uint256 inputAmount,
uint256 outputAmount,
uint256 indexed destinationChainId,
uint32 indexed depositId,
uint32 quoteTimestamp,
uint32 fillDeadline,
uint32 exclusivityDeadline,
address indexed depositor,
address recipient,
address exclusiveRelayer,
bytes message
);
event RequestedSpeedUpV3Deposit(
uint256 updatedOutputAmount,
uint32 indexed depositId,
address indexed depositor,
address updatedRecipient,
bytes updatedMessage,
bytes depositorSignature
);
event FilledV3Relay(
address inputToken,
address outputToken,
uint256 inputAmount,
uint256 outputAmount,
uint256 repaymentChainId,
uint256 indexed originChainId,
uint32 indexed depositId,
uint32 fillDeadline,
uint32 exclusivityDeadline,
address exclusiveRelayer,
address indexed relayer,
address depositor,
address recipient,
bytes message,
V3RelayExecutionEventInfo relayExecutionInfo
);
event RequestedV3SlowFill(
address inputToken,
address outputToken,
uint256 inputAmount,
uint256 outputAmount,
uint256 indexed originChainId,
uint32 indexed depositId,
uint32 fillDeadline,
uint32 exclusivityDeadline,
address exclusiveRelayer,
address depositor,
address recipient,
bytes message
);
/**************************************
* FUNCTIONS *
**************************************/
function depositV3(
address depositor,
address recipient,
address inputToken,
address outputToken,
uint256 inputAmount,
uint256 outputAmount,
uint256 destinationChainId,
address exclusiveRelayer,
uint32 quoteTimestamp,
uint32 fillDeadline,
uint32 exclusivityDeadline,
bytes calldata message
) external payable;
function speedUpV3Deposit(
address depositor,
uint32 depositId,
uint256 updatedOutputAmount,
address updatedRecipient,
bytes calldata updatedMessage,
bytes calldata depositorSignature
) external;
function fillV3Relay(V3RelayData calldata relayData, uint256 repaymentChainId) external;
function fillV3RelayWithUpdatedDeposit(
V3RelayData calldata relayData,
uint256 repaymentChainId,
uint256 updatedOutputAmount,
address updatedRecipient,
bytes calldata updatedMessage,
bytes calldata depositorSignature
) external;
function requestV3SlowFill(V3RelayData calldata relayData) external;
function executeV3SlowRelayLeaf(
V3SlowFill calldata slowFillLeaf,
uint32 rootBundleId,
bytes32[] calldata proof
) external;
/**************************************
* ERRORS *
**************************************/
error DisabledRoute();
error InvalidQuoteTimestamp();
error InvalidFillDeadline();
error InvalidExclusiveRelayer();
error InvalidExclusivityDeadline();
error MsgValueDoesNotMatchInputAmount();
error NotExclusiveRelayer();
error NoSlowFillsInExclusivityWindow();
error RelayFilled();
error InvalidSlowFillRequest();
error ExpiredFillDeadline();
error InvalidMerkleProof();
error InvalidChainId();
error InvalidMerkleLeaf();
error ClaimedMerkleLeaf();
error InvalidPayoutAdjustmentPct();
}// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./interfaces/SpokePoolInterface.sol";
import "./interfaces/V3SpokePoolInterface.sol";
import "./interfaces/HubPoolInterface.sol";
import "@openzeppelin/contracts/utils/cryptography/MerkleProof.sol";
/**
* @notice Library to help with merkle roots, proofs, and claims.
*/
library MerkleLib {
/**
* @notice Verifies that a repayment is contained within a merkle root.
* @param root the merkle root.
* @param rebalance the rebalance struct.
* @param proof the merkle proof.
* @return bool to signal if the pool rebalance proof correctly shows inclusion of the rebalance within the tree.
*/
function verifyPoolRebalance(
bytes32 root,
HubPoolInterface.PoolRebalanceLeaf memory rebalance,
bytes32[] memory proof
) internal pure returns (bool) {
return MerkleProof.verify(proof, root, keccak256(abi.encode(rebalance)));
}
/**
* @notice Verifies that a relayer refund is contained within a merkle root.
* @param root the merkle root.
* @param refund the refund struct.
* @param proof the merkle proof.
* @return bool to signal if the relayer refund proof correctly shows inclusion of the refund within the tree.
*/
function verifyRelayerRefund(
bytes32 root,
SpokePoolInterface.RelayerRefundLeaf memory refund,
bytes32[] memory proof
) internal pure returns (bool) {
return MerkleProof.verify(proof, root, keccak256(abi.encode(refund)));
}
/**
* @notice Verifies that a distribution is contained within a merkle root.
* @param root the merkle root.
* @param slowRelayFulfillment the relayData fulfillment struct.
* @param proof the merkle proof.
* @return bool to signal if the slow relay's proof correctly shows inclusion of the slow relay within the tree.
*/
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function verifySlowRelayFulfillment(
bytes32 root,
SpokePoolInterface.SlowFill memory slowRelayFulfillment,
bytes32[] memory proof
) internal pure returns (bool) {
return MerkleProof.verify(proof, root, keccak256(abi.encode(slowRelayFulfillment)));
}
function verifyV3SlowRelayFulfillment(
bytes32 root,
V3SpokePoolInterface.V3SlowFill memory slowRelayFulfillment,
bytes32[] memory proof
) internal pure returns (bool) {
return MerkleProof.verify(proof, root, keccak256(abi.encode(slowRelayFulfillment)));
}
// The following functions are primarily copied from
// https://github.com/Uniswap/merkle-distributor/blob/master/contracts/MerkleDistributor.sol with minor changes.
/**
* @notice Tests whether a claim is contained within a claimedBitMap mapping.
* @param claimedBitMap a simple uint256 mapping in storage used as a bitmap.
* @param index the index to check in the bitmap.
* @return bool indicating if the index within the claimedBitMap has been marked as claimed.
*/
function isClaimed(mapping(uint256 => uint256) storage claimedBitMap, uint256 index) internal view returns (bool) {
uint256 claimedWordIndex = index / 256;
uint256 claimedBitIndex = index % 256;
uint256 claimedWord = claimedBitMap[claimedWordIndex];
uint256 mask = (1 << claimedBitIndex);
return claimedWord & mask == mask;
}
/**
* @notice Marks an index in a claimedBitMap as claimed.
* @param claimedBitMap a simple uint256 mapping in storage used as a bitmap.
* @param index the index to mark in the bitmap.
*/
function setClaimed(mapping(uint256 => uint256) storage claimedBitMap, uint256 index) internal {
uint256 claimedWordIndex = index / 256;
uint256 claimedBitIndex = index % 256;
claimedBitMap[claimedWordIndex] = claimedBitMap[claimedWordIndex] | (1 << claimedBitIndex);
}
/**
* @notice Tests whether a claim is contained within a 1D claimedBitMap mapping.
* @param claimedBitMap a simple uint256 value, encoding a 1D bitmap.
* @param index the index to check in the bitmap. Uint8 type enforces that index can't be > 255.
* @return bool indicating if the index within the claimedBitMap has been marked as claimed.
*/
function isClaimed1D(uint256 claimedBitMap, uint8 index) internal pure returns (bool) {
uint256 mask = (1 << index);
return claimedBitMap & mask == mask;
}
/**
* @notice Marks an index in a claimedBitMap as claimed.
* @param claimedBitMap a simple uint256 mapping in storage used as a bitmap. Uint8 type enforces that index
* can't be > 255.
* @param index the index to mark in the bitmap.
* @return uint256 representing the modified input claimedBitMap with the index set to true.
*/
function setClaimed1D(uint256 claimedBitMap, uint8 index) internal pure returns (uint256) {
return claimedBitMap | (1 << index);
}
}// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "./MerkleLib.sol";
import "./external/interfaces/WETH9Interface.sol";
import "./interfaces/SpokePoolInterface.sol";
import "./interfaces/V3SpokePoolInterface.sol";
import "./upgradeable/MultiCallerUpgradeable.sol";
import "./upgradeable/EIP712CrossChainUpgradeable.sol";
import "./upgradeable/AddressLibUpgradeable.sol";
import "@openzeppelin/contracts-upgradeable/token/ERC20/IERC20Upgradeable.sol";
import "@openzeppelin/contracts-upgradeable/token/ERC20/utils/SafeERC20Upgradeable.sol";
import "@openzeppelin/contracts/utils/cryptography/SignatureChecker.sol";
import "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol";
import "@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol";
import "@openzeppelin/contracts/utils/math/SignedMath.sol";
// This interface is expected to be implemented by any contract that expects to receive messages from the SpokePool.
interface AcrossMessageHandler {
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function handleAcrossMessage(
address tokenSent,
uint256 amount,
bool fillCompleted,
address relayer,
bytes memory message
) external;
// New function interface to be used with V3 functions since fillCompleted no longer has any
// meaning now that partial fills are impossible.
function handleV3AcrossMessage(
address tokenSent,
uint256 amount,
address relayer,
bytes memory message
) external;
}
/**
* @title SpokePool
* @notice Base contract deployed on source and destination chains enabling depositors to transfer assets from source to
* destination. Deposit orders are fulfilled by off-chain relayers who also interact with this contract. Deposited
* tokens are locked on the source chain and relayers send the recipient the desired token currency and amount
* on the destination chain. Locked source chain tokens are later sent over the canonical token bridge to L1 HubPool.
* Relayers are refunded with destination tokens out of this contract after another off-chain actor, a "data worker",
* submits a proof that the relayer correctly submitted a relay on this SpokePool.
* @custom:security-contact [email protected]
*/
abstract contract SpokePool is
V3SpokePoolInterface,
SpokePoolInterface,
UUPSUpgradeable,
ReentrancyGuardUpgradeable,
MultiCallerUpgradeable,
EIP712CrossChainUpgradeable
{
using SafeERC20Upgradeable for IERC20Upgradeable;
using AddressLibUpgradeable for address;
// Address of the L1 contract that acts as the owner of this SpokePool. This should normally be set to the HubPool
// address. The crossDomainAdmin address is unused when the SpokePool is deployed to the same chain as the HubPool.
address public crossDomainAdmin;
// Address of the L1 contract that will send tokens to and receive tokens from this contract to fund relayer
// refunds and slow relays.
address public hubPool;
// Note: The following two storage variables prefixed with DEPRECATED used to be variables that could be set by
// the cross-domain admin. Admins ended up not changing these in production, so to reduce
// gas in deposit/fill functions, we are converting them to private variables to maintain the contract
// storage layout and replacing them with immutable or constant variables, because retrieving a constant
// value is cheaper than retrieving a storage variable. Please see out the immutable/constant variable section.
WETH9Interface private DEPRECATED_wrappedNativeToken;
uint32 private DEPRECATED_depositQuoteTimeBuffer;
// Count of deposits is used to construct a unique deposit identifier for this spoke pool.
uint32 public numberOfDeposits;
// Whether deposits and fills are disabled.
bool public pausedFills;
bool public pausedDeposits;
// This contract can store as many root bundles as the HubPool chooses to publish here.
RootBundle[] public rootBundles;
// Origin token to destination token routings can be turned on or off, which can enable or disable deposits.
mapping(address => mapping(uint256 => bool)) public enabledDepositRoutes;
// Each relay is associated with the hash of parameters that uniquely identify the original deposit and a relay
// attempt for that deposit. The relay itself is just represented as the amount filled so far. The total amount to
// relay, the fees, and the agents are all parameters included in the hash key.
mapping(bytes32 => uint256) private DEPRECATED_relayFills;
// Note: We will likely un-deprecate the fill and deposit counters to implement a better
// dynamic LP fee mechanism but for now we'll deprecate it to reduce bytecode
// in deposit/fill functions. These counters are designed to implement a fee mechanism that is based on a
// canonical history of deposit and fill events and how they update a virtual running balance of liabilities and
// assets, which then determines the LP fee charged to relays.
// This keeps track of the worst-case liabilities due to fills.
// It is never reset. Users should only rely on it to determine the worst-case increase in liabilities between
// two points. This is used to provide frontrunning protection to ensure the relayer's assumptions about the state
// upon which their expected repayments are based will not change before their transaction is mined.
mapping(address => uint256) private DEPRECATED_fillCounter;
// This keeps track of the total running deposits for each token. This allows depositors to protect themselves from
// frontrunning that might change their worst-case quote.
mapping(address => uint256) private DEPRECATED_depositCounter;
// This tracks the number of identical refunds that have been requested.
// The intention is to allow an off-chain system to know when this could be a duplicate and ensure that the other
// requests are known and accounted for.
mapping(bytes32 => uint256) private DEPRECATED_refundsRequested;
// Mapping of V3 relay hashes to fill statuses. Distinguished from relayFills
// to eliminate any chance of collision between pre and post V3 relay hashes.
mapping(bytes32 => uint256) public fillStatuses;
/**************************************************************
* CONSTANT/IMMUTABLE VARIABLES *
**************************************************************/
// Constant and immutable variables do not take up storage slots and are instead added to the contract bytecode
// at compile time. The difference between them is that constant variables must be declared inline, meaning
// that they cannot be changed in production without changing the contract code, while immutable variables
// can be set in the constructor. Therefore we use the immutable keyword for variables that we might want to be
// different for each child contract (one obvious example of this is the wrappedNativeToken) or that we might
// want to update in the future like depositQuoteTimeBuffer. Constants are unlikely to ever be changed.
// Address of wrappedNativeToken contract for this network. If an origin token matches this, then the caller can
// optionally instruct this contract to wrap native tokens when depositing (ie ETH->WETH or MATIC->WMATIC).
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable
WETH9Interface public immutable wrappedNativeToken;
// Any deposit quote times greater than or less than this value to the current contract time is blocked. Forces
// caller to use an approximately "current" realized fee.
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable
uint32 public immutable depositQuoteTimeBuffer;
// The fill deadline can only be set this far into the future from the timestamp of the deposit on this contract.
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable
uint32 public immutable fillDeadlineBuffer;
uint256 public constant MAX_TRANSFER_SIZE = 1e36;
// Note: this needs to be larger than the max transfer size to ensure that all slow fills are fillable, even if
// their fees are negative.
// It's important that it isn't too large, however, as it should be multipliable by ~2e18 without overflowing.
// 1e40 * 2e18 = 2e58 << 2^255 ~= 5e76
/// @custom:audit FOLLOWING VARIABLE TO BE DEPRECATED
uint256 public constant SLOW_FILL_MAX_TOKENS_TO_SEND = 1e40;
// Set max payout adjustment to something
/// @custom:audit FOLLOWING VARIABLE TO BE DEPRECATED
bytes32 public constant UPDATE_DEPOSIT_DETAILS_HASH =
keccak256(
"UpdateDepositDetails(uint32 depositId,uint256 originChainId,int64 updatedRelayerFeePct,address updatedRecipient,bytes updatedMessage)"
);
bytes32 public constant UPDATE_V3_DEPOSIT_DETAILS_HASH =
keccak256(
"UpdateDepositDetails(uint32 depositId,uint256 originChainId,uint256 updatedOutputAmount,address updatedRecipient,bytes updatedMessage)"
);
// Default chain Id used to signify that no repayment is requested, for example when executing a slow fill.
uint256 public constant EMPTY_REPAYMENT_CHAIN_ID = 0;
// Default address used to signify that no relayer should be credited with a refund, for example
// when executing a slow fill.
address public constant EMPTY_RELAYER = address(0);
// This is the magic value that signals to the off-chain validator
// that this deposit can never expire. A deposit with this fill deadline should always be eligible for a
// slow fill, meaning that its output token and input token must be "equivalent". Therefore, this value is only
// used as a fillDeadline in deposit(), a soon to be deprecated function that also hardcodes outputToken to
// the zero address, which forces the off-chain validator to replace the output token with the equivalent
// token for the input token. By using this magic value, off-chain validators do not have to keep
// this event in their lookback window when querying for expired deposts.
uint32 public constant INFINITE_FILL_DEADLINE = type(uint32).max;
/****************************************
* EVENTS *
****************************************/
event SetXDomainAdmin(address indexed newAdmin);
event SetHubPool(address indexed newHubPool);
event EnabledDepositRoute(address indexed originToken, uint256 indexed destinationChainId, bool enabled);
/// @custom:audit FOLLOWING EVENT TO BE DEPRECATED
event FundsDeposited(
uint256 amount,
uint256 originChainId,
uint256 indexed destinationChainId,
int64 relayerFeePct,
uint32 indexed depositId,
uint32 quoteTimestamp,
address originToken,
address recipient,
address indexed depositor,
bytes message
);
/// @custom:audit FOLLOWING EVENT TO BE DEPRECATED
event RequestedSpeedUpDeposit(
int64 newRelayerFeePct,
uint32 indexed depositId,
address indexed depositor,
address updatedRecipient,
bytes updatedMessage,
bytes depositorSignature
);
/// @custom:audit FOLLOWING EVENT TO BE DEPRECATED
event FilledRelay(
uint256 amount,
uint256 totalFilledAmount,
uint256 fillAmount,
uint256 repaymentChainId,
uint256 indexed originChainId,
uint256 destinationChainId,
int64 relayerFeePct,
int64 realizedLpFeePct,
uint32 indexed depositId,
address destinationToken,
address relayer,
address indexed depositor,
address recipient,
bytes message,
RelayExecutionInfo updatableRelayData
);
event RelayedRootBundle(
uint32 indexed rootBundleId,
bytes32 indexed relayerRefundRoot,
bytes32 indexed slowRelayRoot
);
event ExecutedRelayerRefundRoot(
uint256 amountToReturn,
uint256 indexed chainId,
uint256[] refundAmounts,
uint32 indexed rootBundleId,
uint32 indexed leafId,
address l2TokenAddress,
address[] refundAddresses,
address caller
);
event TokensBridged(
uint256 amountToReturn,
uint256 indexed chainId,
uint32 indexed leafId,
address indexed l2TokenAddress,
address caller
);
event EmergencyDeleteRootBundle(uint256 indexed rootBundleId);
event PausedDeposits(bool isPaused);
event PausedFills(bool isPaused);
/**
* @notice Represents data used to fill a deposit.
* @param relay Relay containing original data linked to deposit. Contains fields that can be
* overridden by other parameters in the RelayExecution struct.
* @param relayHash Hash of the relay data.
* @param updatedRelayerFeePct Actual relayer fee pct to use for this relay.
* @param updatedRecipient Actual recipient to use for this relay.
* @param updatedMessage Actual message to use for this relay.
* @param repaymentChainId Chain ID of the network that the relayer will receive refunds on.
* @param maxTokensToSend Max number of tokens to pull from relayer.
* @param maxCount Max count to protect the relayer from frontrunning.
* @param slowFill Whether this is a slow fill.
* @param payoutAdjustmentPct Adjustment to the payout amount. Can be used to increase or decrease the payout to
* allow for rewards or penalties. Used in slow fills.
*/
/// @custom:audit FOLLOWING STRUCT TO BE DEPRECATED
struct RelayExecution {
RelayData relay;
bytes32 relayHash;
int64 updatedRelayerFeePct;
address updatedRecipient;
bytes updatedMessage;
uint256 repaymentChainId;
uint256 maxTokensToSend;
uint256 maxCount;
bool slowFill;
int256 payoutAdjustmentPct;
}
/**
* @notice Packs together information to include in FilledRelay event.
* @dev This struct is emitted as opposed to its constituent parameters due to the limit on number of
* parameters in an event.
* @param recipient Recipient of the relayed funds.
* @param message Message included in the relay.
* @param relayerFeePct Relayer fee pct used for this relay.
* @param isSlowRelay Whether this is a slow relay.
* @param payoutAdjustmentPct Adjustment to the payout amount.
*/
/// @custom:audit FOLLOWING STRUCT TO BE DEPRECATED
struct RelayExecutionInfo {
address recipient;
bytes message;
int64 relayerFeePct;
bool isSlowRelay;
int256 payoutAdjustmentPct;
}
/**
* @notice Construct the SpokePool. Normally, logic contracts used in upgradeable proxies shouldn't
* have constructors since the following code will be executed within the logic contract's state, not the
* proxy contract's state. However, if we restrict the constructor to setting only immutable variables, then
* we are safe because immutable variables are included in the logic contract's bytecode rather than its storage.
* @dev Do not leave an implementation contract uninitialized. An uninitialized implementation contract can be
* taken over by an attacker, which may impact the proxy. To prevent the implementation contract from being
* used, you should invoke the _disableInitializers function in the constructor to automatically lock it when
* it is deployed:
* @param _wrappedNativeTokenAddress wrappedNativeToken address for this network to set.
* @param _depositQuoteTimeBuffer depositQuoteTimeBuffer to set. Quote timestamps can't be set more than this amount
* into the past from the block time of the deposit.
* @param _fillDeadlineBuffer fillDeadlineBuffer to set. Fill deadlines can't be set more than this amount
* into the future from the block time of the deposit.
*/
/// @custom:oz-upgrades-unsafe-allow constructor
constructor(
address _wrappedNativeTokenAddress,
uint32 _depositQuoteTimeBuffer,
uint32 _fillDeadlineBuffer
) {
wrappedNativeToken = WETH9Interface(_wrappedNativeTokenAddress);
depositQuoteTimeBuffer = _depositQuoteTimeBuffer;
fillDeadlineBuffer = _fillDeadlineBuffer;
_disableInitializers();
}
/**
* @notice Construct the base SpokePool.
* @param _initialDepositId Starting deposit ID. Set to 0 unless this is a re-deployment in order to mitigate
* relay hash collisions.
* @param _crossDomainAdmin Cross domain admin to set. Can be changed by admin.
* @param _hubPool Hub pool address to set. Can be changed by admin.
*/
function __SpokePool_init(
uint32 _initialDepositId,
address _crossDomainAdmin,
address _hubPool
) public onlyInitializing {
numberOfDeposits = _initialDepositId;
__EIP712_init("ACROSS-V2", "1.0.0");
__UUPSUpgradeable_init();
__ReentrancyGuard_init();
_setCrossDomainAdmin(_crossDomainAdmin);
_setHubPool(_hubPool);
}
/****************************************
* MODIFIERS *
****************************************/
/**
* @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract. Called by
* {upgradeTo} and {upgradeToAndCall}.
* @dev This should be set to cross domain admin for specific SpokePool.
*/
modifier onlyAdmin() {
_requireAdminSender();
_;
}
modifier unpausedDeposits() {
require(!pausedDeposits, "Paused deposits");
_;
}
modifier unpausedFills() {
require(!pausedFills, "Paused fills");
_;
}
/**************************************
* ADMIN FUNCTIONS *
**************************************/
// Allows cross domain admin to upgrade UUPS proxy implementation.
function _authorizeUpgrade(address newImplementation) internal override onlyAdmin {}
/**
* @notice Pauses deposit-related functions. This is intended to be used if this contract is deprecated or when
* something goes awry.
* @dev Affects `deposit()` but not `speedUpDeposit()`, so that existing deposits can be sped up and still
* relayed.
* @param pause true if the call is meant to pause the system, false if the call is meant to unpause it.
*/
function pauseDeposits(bool pause) public override onlyAdmin nonReentrant {
pausedDeposits = pause;
emit PausedDeposits(pause);
}
/**
* @notice Pauses fill-related functions. This is intended to be used if this contract is deprecated or when
* something goes awry.
* @dev Affects fillRelayWithUpdatedDeposit() and fillRelay().
* @param pause true if the call is meant to pause the system, false if the call is meant to unpause it.
*/
function pauseFills(bool pause) public override onlyAdmin nonReentrant {
pausedFills = pause;
emit PausedFills(pause);
}
/**
* @notice Change cross domain admin address. Callable by admin only.
* @param newCrossDomainAdmin New cross domain admin.
*/
function setCrossDomainAdmin(address newCrossDomainAdmin) public override onlyAdmin nonReentrant {
_setCrossDomainAdmin(newCrossDomainAdmin);
}
/**
* @notice Change L1 hub pool address. Callable by admin only.
* @param newHubPool New hub pool.
*/
function setHubPool(address newHubPool) public override onlyAdmin nonReentrant {
_setHubPool(newHubPool);
}
/**
* @notice Enable/Disable an origin token => destination chain ID route for deposits. Callable by admin only.
* @param originToken Token that depositor can deposit to this contract.
* @param destinationChainId Chain ID for where depositor wants to receive funds.
* @param enabled True to enable deposits, False otherwise.
*/
function setEnableRoute(
address originToken,
uint256 destinationChainId,
bool enabled
) public override onlyAdmin nonReentrant {
enabledDepositRoutes[originToken][destinationChainId] = enabled;
emit EnabledDepositRoute(originToken, destinationChainId, enabled);
}
/**
* @notice This method stores a new root bundle in this contract that can be executed to refund relayers, fulfill
* slow relays, and send funds back to the HubPool on L1. This method can only be called by the admin and is
* designed to be called as part of a cross-chain message from the HubPool's executeRootBundle method.
* @param relayerRefundRoot Merkle root containing relayer refund leaves that can be individually executed via
* executeRelayerRefundLeaf().
* @param slowRelayRoot Merkle root containing slow relay fulfillment leaves that can be individually executed via
* executeSlowRelayLeaf().
*/
function relayRootBundle(bytes32 relayerRefundRoot, bytes32 slowRelayRoot) public override onlyAdmin nonReentrant {
uint32 rootBundleId = uint32(rootBundles.length);
RootBundle storage rootBundle = rootBundles.push();
rootBundle.relayerRefundRoot = relayerRefundRoot;
rootBundle.slowRelayRoot = slowRelayRoot;
emit RelayedRootBundle(rootBundleId, relayerRefundRoot, slowRelayRoot);
}
/**
* @notice This method is intended to only be used in emergencies where a bad root bundle has reached the
* SpokePool.
* @param rootBundleId Index of the root bundle that needs to be deleted. Note: this is intentionally a uint256
* to ensure that a small input range doesn't limit which indices this method is able to reach.
*/
function emergencyDeleteRootBundle(uint256 rootBundleId) public override onlyAdmin nonReentrant {
// Deleting a struct containing a mapping does not delete the mapping in Solidity, therefore the bitmap's
// data will still remain potentially leading to vulnerabilities down the line. The way around this would
// be to iterate through every key in the mapping and resetting the value to 0, but this seems expensive and
// would require a new list in storage to keep track of keys.
//slither-disable-next-line mapping-deletion
delete rootBundles[rootBundleId];
emit EmergencyDeleteRootBundle(rootBundleId);
}
/**************************************
* DEPOSITOR FUNCTIONS *
**************************************/
/**
* @notice Called by user to bridge funds from origin to destination chain. Depositor will effectively lock
* tokens in this contract and receive a destination token on the destination chain. The origin => destination
* token mapping is stored on the L1 HubPool.
* @notice The caller must first approve this contract to spend amount of originToken.
* @notice The originToken => destinationChainId must be enabled.
* @notice This method is payable because the caller is able to deposit native token if the originToken is
* wrappedNativeToken and this function will handle wrapping the native token to wrappedNativeToken.
* @dev Produces a V3FundsDeposited event with an infinite expiry, meaning that this deposit can never expire.
* Moreover, the event's outputToken is set to 0x0 meaning that this deposit can always be slow filled.
* @param recipient Address to receive funds at on destination chain.
* @param originToken Token to lock into this contract to initiate deposit.
* @param amount Amount of tokens to deposit. Will be amount of tokens to receive less fees.
* @param destinationChainId Denotes network where user will receive funds from SpokePool by a relayer.
* @param relayerFeePct % of deposit amount taken out to incentivize a fast relayer.
* @param quoteTimestamp Timestamp used by relayers to compute this deposit's realizedLPFeePct which is paid
* to LP pool on HubPool.
* @param message Arbitrary data that can be used to pass additional information to the recipient along with the tokens.
* Note: this is intended to be used to pass along instructions for how a contract should use or allocate the tokens.
*/
function deposit(
address recipient,
address originToken,
uint256 amount,
uint256 destinationChainId,
int64 relayerFeePct,
uint32 quoteTimestamp,
bytes memory message,
uint256 // maxCount. Deprecated.
) public payable override nonReentrant unpausedDeposits {
_deposit(
msg.sender,
recipient,
originToken,
amount,
destinationChainId,
relayerFeePct,
quoteTimestamp,
message
);
}
/**
* @notice The only difference between depositFor and deposit is that the depositor address stored
* in the relay hash can be overridden by the caller. This means that the passed in depositor
* can speed up the deposit, which is useful if the deposit is taken from the end user to a middle layer
* contract, like an aggregator or the SpokePoolVerifier, before calling deposit on this contract.
* @notice The caller must first approve this contract to spend amount of originToken.
* @notice The originToken => destinationChainId must be enabled.
* @notice This method is payable because the caller is able to deposit native token if the originToken is
* wrappedNativeToken and this function will handle wrapping the native token to wrappedNativeToken.
* @param depositor Address who is credited for depositing funds on origin chain and can speed up the deposit.
* @param recipient Address to receive funds at on destination chain.
* @param originToken Token to lock into this contract to initiate deposit.
* @param amount Amount of tokens to deposit. Will be amount of tokens to receive less fees.
* @param destinationChainId Denotes network where user will receive funds from SpokePool by a relayer.
* @param relayerFeePct % of deposit amount taken out to incentivize a fast relayer.
* @param quoteTimestamp Timestamp used by relayers to compute this deposit's realizedLPFeePct which is paid
* to LP pool on HubPool.
* @param message Arbitrary data that can be used to pass additional information to the recipient along with the tokens.
* Note: this is intended to be used to pass along instructions for how a contract should use or allocate the tokens.
*/
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function depositFor(
address depositor,
address recipient,
address originToken,
uint256 amount,
uint256 destinationChainId,
int64 relayerFeePct,
uint32 quoteTimestamp,
bytes memory message,
uint256 // maxCount. Deprecated.
) public payable nonReentrant unpausedDeposits {
_deposit(depositor, recipient, originToken, amount, destinationChainId, relayerFeePct, quoteTimestamp, message);
}
/**
* @notice This is a simple wrapper for deposit() that sets the quoteTimestamp to the current SpokePool timestamp.
* @notice This function is intended for multisig depositors who can accept some LP fee uncertainty in order to lift
* the quoteTimestamp buffer constraint.
* @dev Re-orgs may produce invalid fills if the quoteTimestamp moves across a change in HubPool utilisation.
* @dev The existing function modifiers are already enforced by deposit(), so no additional modifiers are imposed.
* @param recipient Address to receive funds at on destination chain.
* @param originToken Token to lock into this contract to initiate deposit.
* @param amount Amount of tokens to deposit. Will be amount of tokens to receive less fees.
* @param destinationChainId Denotes network where user will receive funds from SpokePool by a relayer.
* @param relayerFeePct % of deposit amount taken out to incentivize a fast relayer.
* @param message Arbitrary data that can be used to pass additional information to the recipient along with the tokens.
* Note: this is intended to be used to pass along instructions for how a contract should use or allocate the tokens.
* @param maxCount used to protect the depositor from frontrunning to guarantee their quote remains valid.
*/
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function depositNow(
address recipient,
address originToken,
uint256 amount,
uint256 destinationChainId,
int64 relayerFeePct,
bytes memory message,
uint256 maxCount
) public payable {
deposit(
recipient,
originToken,
amount,
destinationChainId,
relayerFeePct,
uint32(getCurrentTime()),
message,
maxCount
);
}
/**
* @notice This is a simple wrapper for depositFor() that sets the quoteTimestamp to the current SpokePool timestamp.
* @notice This function is intended for multisig depositors who can accept some LP fee uncertainty in order to lift
* the quoteTimestamp buffer constraint.
* @dev Re-orgs may produce invalid fills if the quoteTimestamp moves across a change in HubPool utilisation.
* @dev The existing function modifiers are already enforced by depositFor(), so no additional modifiers are imposed.
* @param depositor Address who is credited for depositing funds on origin chain and can speed up the deposit.
* @param recipient Address to receive funds at on destination chain.
* @param originToken Token to lock into this contract to initiate deposit.
* @param amount Amount of tokens to deposit. Will be amount of tokens to receive less fees.
* @param destinationChainId Denotes network where user will receive funds from SpokePool by a relayer.
* @param relayerFeePct % of deposit amount taken out to incentivize a fast relayer.
* @param message Arbitrary data that can be used to pass additional information to the recipient along with the tokens.
* Note: this is intended to be used to pass along instructions for how a contract should use or allocate the tokens.
* @param maxCount used to protect the depositor from frontrunning to guarantee their quote remains valid.
*/
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function depositForNow(
address depositor,
address recipient,
address originToken,
uint256 amount,
uint256 destinationChainId,
int64 relayerFeePct,
bytes memory message,
uint256 maxCount
) public payable {
depositFor(
depositor,
recipient,
originToken,
amount,
destinationChainId,
relayerFeePct,
uint32(getCurrentTime()),
message,
maxCount
);
}
/**
* @notice Convenience method that depositor can use to signal to relayer to use updated fee.
* @notice Relayer should only use events emitted by this function to submit fills with updated fees, otherwise they
* risk their fills getting disputed for being invalid, for example if the depositor never actually signed the
* update fee message.
* @notice This function will revert if the depositor did not sign a message containing the updated fee for the
* deposit ID stored in this contract. If the deposit ID is for another contract, or the depositor address is
* incorrect, or the updated fee is incorrect, then the signature will not match and this function will revert.
* @notice This function is not subject to a deposit pause on the off chance that deposits sent before all deposits
* are paused have very low fees and the user wants to entice a relayer to fill them with a higher fee.
* @param depositor Signer of the update fee message who originally submitted the deposit. If the deposit doesn't
* exist, then the relayer will not be able to fill any relay, so the caller should validate that the depositor
* did in fact submit a relay.
* @param updatedRelayerFeePct New relayer fee that relayers can use.
* @param depositId Deposit to update fee for that originated in this contract.
* @param updatedRecipient New recipient address that should receive the tokens.
* @param updatedMessage New message that should be provided to the recipient.
* @param depositorSignature Signed message containing the depositor address, this contract chain ID, the updated
* relayer fee %, and the deposit ID. This signature is produced by signing a hash of data according to the
* EIP-712 standard. See more in the _verifyUpdateRelayerFeeMessage() comments.
*/
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function speedUpDeposit(
address depositor,
int64 updatedRelayerFeePct,
uint32 depositId,
address updatedRecipient,
bytes memory updatedMessage,
bytes memory depositorSignature
) public override nonReentrant {
require(SignedMath.abs(updatedRelayerFeePct) < 0.5e18, "Invalid relayer fee");
_verifyUpdateDepositMessage(
depositor,
depositId,
chainId(),
updatedRelayerFeePct,
updatedRecipient,
updatedMessage,
depositorSignature
);
// Assuming the above checks passed, a relayer can take the signature and the updated relayer fee information
// from the following event to submit a fill with an updated fee %.
emit RequestedSpeedUpDeposit(
updatedRelayerFeePct,
depositId,
depositor,
updatedRecipient,
updatedMessage,
depositorSignature
);
}
/********************************************
* V3 DEPOSITOR FUNCTIONS *
********************************************/
/**
* @notice Request to bridge input token cross chain to a destination chain and receive a specified amount
* of output tokens. The fee paid to relayers and the system should be captured in the spread between output
* amount and input amount when adjusted to be denominated in the input token. A relayer on the destination
* chain will send outputAmount of outputTokens to the recipient and receive inputTokens on a repayment
* chain of their choice. Therefore, the fee should account for destination fee transaction costs,
* the relayer's opportunity cost of capital while they wait to be refunded following an optimistic challenge
* window in the HubPool, and the system fee that they'll be charged.
* @dev On the destination chain, the hash of the deposit data will be used to uniquely identify this deposit, so
* modifying any params in it will result in a different hash and a different deposit. The hash will comprise
* all parameters to this function along with this chain's chainId(). Relayers are only refunded for filling
* deposits with deposit hashes that map exactly to the one emitted by this contract.
* @param depositor The account credited with the deposit who can request to "speed up" this deposit by modifying
* the output amount, recipient, and message.
* @param recipient The account receiving funds on the destination chain. Can be an EOA or a contract. If
* the output token is the wrapped native token for the chain, then the recipient will receive native token if
* an EOA or wrapped native token if a contract.
* @param inputToken The token pulled from the caller's account and locked into this contract to
* initiate the deposit. The equivalent of this token on the relayer's repayment chain of choice will be sent
* as a refund. If this is equal to the wrapped native token then the caller can optionally pass in native token as
* msg.value, as long as msg.value = inputTokenAmount.
* @param outputToken The token that the relayer will send to the recipient on the destination chain. Must be an
* ERC20.
* @param inputAmount The amount of input tokens to pull from the caller's account and lock into this contract.
* This amount will be sent to the relayer on their repayment chain of choice as a refund following an optimistic
* challenge window in the HubPool, less a system fee.
* @param outputAmount The amount of output tokens that the relayer will send to the recipient on the destination.
* @param destinationChainId The destination chain identifier. Must be enabled along with the input token
* as a valid deposit route from this spoke pool or this transaction will revert.
* @param exclusiveRelayer The relayer that will be exclusively allowed to fill this deposit before the
* exclusivity deadline timestamp. This must be a valid, non-zero address if the exclusivity deadline is
* greater than the current block.timestamp. If the exclusivity deadline is < currentTime, then this must be
* address(0), and vice versa if this is address(0).
* @param quoteTimestamp The HubPool timestamp that is used to determine the system fee paid by the depositor.
* This must be set to some time between [currentTime - depositQuoteTimeBuffer, currentTime]
* where currentTime is block.timestamp on this chain or this transaction will revert.
* @param fillDeadline The deadline for the relayer to fill the deposit. After this destination chain timestamp,
* the fill will revert on the destination chain. Must be set between [currentTime, currentTime + fillDeadlineBuffer]
* where currentTime is block.timestamp on this chain or this transaction will revert.
* @param exclusivityDeadline The deadline for the exclusive relayer to fill the deposit. After this
* destination chain timestamp, anyone can fill this deposit on the destination chain. If exclusiveRelayer is set
* to address(0), then this also must be set to 0, (and vice versa), otherwise this must be set >= current time.
* @param message The message to send to the recipient on the destination chain if the recipient is a contract.
* If the message is not empty, the recipient contract must implement handleV3AcrossMessage() or the fill will revert.
*/
function depositV3(
address depositor,
address recipient,
address inputToken,
address outputToken,
uint256 inputAmount,
uint256 outputAmount,
uint256 destinationChainId,
address exclusiveRelayer,
uint32 quoteTimestamp,
uint32 fillDeadline,
uint32 exclusivityDeadline,
bytes calldata message
) public payable override nonReentrant unpausedDeposits {
// Check that deposit route is enabled for the input token. There are no checks required for the output token
// which is pulled from the relayer at fill time and passed through this contract atomically to the recipient.
if (!enabledDepositRoutes[inputToken][destinationChainId]) revert DisabledRoute();
// Require that quoteTimestamp has a maximum age so that depositors pay an LP fee based on recent HubPool usage.
// It is assumed that cross-chain timestamps are normally loosely in-sync, but clock drift can occur. If the
// SpokePool time stalls or lags significantly, it is still possible to make deposits by setting quoteTimestamp
// within the configured buffer. The owner should pause deposits/fills if this is undesirable.
// This will underflow if quoteTimestamp is more than depositQuoteTimeBuffer;
// this is safe but will throw an unintuitive error.
// slither-disable-next-line timestamp
uint256 currentTime = getCurrentTime();
if (currentTime - quoteTimestamp > depositQuoteTimeBuffer) revert InvalidQuoteTimestamp();
// fillDeadline is relative to the destination chain.
// Don’t allow fillDeadline to be more than several bundles into the future.
// This limits the maximum required lookback for dataworker and relayer instances.
// Also, don't allow fillDeadline to be in the past. This poses a potential UX issue if the destination
// chain time keeping and this chain's time keeping are out of sync but is not really a practical hurdle
// unless they are significantly out of sync or the depositor is setting very short fill deadlines. This latter
// situation won't be a problem for honest users.
if (fillDeadline < currentTime || fillDeadline > currentTime + fillDeadlineBuffer) revert InvalidFillDeadline();
// As a safety measure, prevent caller from inadvertently locking funds during exclusivity period
// by forcing them to specify an exclusive relayer if the exclusivity period
// is in the future. If this deadline is 0, then the exclusive relayer must also be address(0).
// @dev Checks if either are > 0 by bitwise or-ing.
if (uint256(uint160(exclusiveRelayer)) | exclusivityDeadline != 0) {
// Now that we know one is nonzero, we need to perform checks on each.
// Check that exclusive relayer is nonzero.
if (exclusiveRelayer == address(0)) revert InvalidExclusiveRelayer();
// Check that deadline is in the future.
if (exclusivityDeadline < currentTime) revert InvalidExclusivityDeadline();
}
// No need to sanity check exclusivityDeadline because if its bigger than fillDeadline, then
// there the full deadline is exclusive, and if its too small, then there is no exclusivity period.
// If the address of the origin token is a wrappedNativeToken contract and there is a msg.value with the
// transaction then the user is sending the native token. In this case, the native token should be
// wrapped.
if (inputToken == address(wrappedNativeToken) && msg.value > 0) {
if (msg.value != inputAmount) revert MsgValueDoesNotMatchInputAmount();
wrappedNativeToken.deposit{ value: msg.value }();
// Else, it is a normal ERC20. In this case pull the token from the caller as per normal.
// Note: this includes the case where the L2 caller has WETH (already wrapped ETH) and wants to bridge them.
// In this case the msg.value will be set to 0, indicating a "normal" ERC20 bridging action.
} else {
// msg.value should be 0 if input token isn't the wrapped native token.
if (msg.value != 0) revert MsgValueDoesNotMatchInputAmount();
IERC20Upgradeable(inputToken).safeTransferFrom(msg.sender, address(this), inputAmount);
}
emit V3FundsDeposited(
inputToken,
outputToken,
inputAmount,
outputAmount,
destinationChainId,
// Increment count of deposits so that deposit ID for this spoke pool is unique.
numberOfDeposits++,
quoteTimestamp,
fillDeadline,
exclusivityDeadline,
depositor,
recipient,
exclusiveRelayer,
message
);
}
/**
* @notice Depositor can use this function to signal to relayer to use updated output amount, recipient,
* and/or message.
* @dev the depositor and depositId must match the params in a V3FundsDeposited event that the depositor
* wants to speed up. The relayer has the option but not the obligation to use this updated information
* when filling the deposit via fillV3RelayWithUpdatedDeposit().
* @param depositor Depositor that must sign the depositorSignature and was the original depositor.
* @param depositId Deposit ID to speed up.
* @param updatedOutputAmount New output amount to use for this deposit. Should be lower than previous value
* otherwise relayer has no incentive to use this updated value.
* @param updatedRecipient New recipient to use for this deposit. Can be modified if the recipient is a contract
* that expects to receive a message from the relay and for some reason needs to be modified.
* @param updatedMessage New message to use for this deposit. Can be modified if the recipient is a contract
* that expects to receive a message from the relay and for some reason needs to be modified.
* @param depositorSignature Signed EIP712 hashstruct containing the deposit ID. Should be signed by the depositor
* account. If depositor is a contract, then should implement EIP1271 to sign as a contract. See
* _verifyUpdateV3DepositMessage() for more details about how this signature should be constructed.
*/
function speedUpV3Deposit(
address depositor,
uint32 depositId,
uint256 updatedOutputAmount,
address updatedRecipient,
bytes calldata updatedMessage,
bytes calldata depositorSignature
) public override nonReentrant {
_verifyUpdateV3DepositMessage(
depositor,
depositId,
chainId(),
updatedOutputAmount,
updatedRecipient,
updatedMessage,
depositorSignature
);
// Assuming the above checks passed, a relayer can take the signature and the updated deposit information
// from the following event to submit a fill with updated relay data.
emit RequestedSpeedUpV3Deposit(
updatedOutputAmount,
depositId,
depositor,
updatedRecipient,
updatedMessage,
depositorSignature
);
}
/**************************************
* RELAYER FUNCTIONS *
**************************************/
/**
/**
* @notice Called by relayer to fulfill part of a deposit by sending destination tokens to the recipient.
* Relayer is expected to pass in unique identifying information for deposit that they want to fulfill, and this
* relay submission will be validated by off-chain data workers who can dispute this relay if any part is invalid.
* If the relay is valid, then the relayer will be refunded on their desired repayment chain. If relay is invalid,
* then relayer will not receive any refund.
* @notice All of the deposit data can be found via on-chain events from the origin SpokePool, except for the
* realizedLpFeePct which is a function of the HubPool's utilization at the deposit quote time. This fee %
* is deterministic based on the quote time, so the relayer should just compute it using the canonical algorithm
* as described in a UMIP linked to the HubPool's identifier.
* @param depositor Depositor on origin chain who set this chain as the destination chain.
* @param recipient Specified recipient on this chain.
* @param destinationToken Token to send to recipient. Should be mapped to the origin token, origin chain ID
* and this chain ID via a mapping on the HubPool.
* @param amount Full size of the deposit.
* @param maxTokensToSend Max amount of tokens to send recipient. If higher than amount, then caller will
* send recipient the full relay amount.
* @param repaymentChainId Chain of SpokePool where relayer wants to be refunded after the challenge window has
* passed.
* @param originChainId Chain of SpokePool where deposit originated.
* @param realizedLpFeePct Fee % based on L1 HubPool utilization at deposit quote time. Deterministic based on
* quote time.
* @param relayerFeePct Fee % to keep as relayer, specified by depositor.
* @param depositId Unique deposit ID on origin spoke pool.
* @param message Message to send to recipient along with tokens.
* @param maxCount Max count to protect the relayer from frontrunning.
*/
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function fillRelay(
address depositor,
address recipient,
address destinationToken,
uint256 amount,
uint256 maxTokensToSend,
uint256 repaymentChainId,
uint256 originChainId,
int64 realizedLpFeePct,
int64 relayerFeePct,
uint32 depositId,
bytes memory message,
uint256 maxCount
) public nonReentrant unpausedFills {
// Each relay attempt is mapped to the hash of data uniquely identifying it, which includes the deposit data
// such as the origin chain ID and the deposit ID, and the data in a relay attempt such as who the recipient
// is, which chain and currency the recipient wants to receive funds on, and the relay fees.
RelayExecution memory relayExecution = RelayExecution({
relay: SpokePoolInterface.RelayData({
depositor: depositor,
recipient: recipient,
destinationToken: destinationToken,
amount: amount,
realizedLpFeePct: realizedLpFeePct,
relayerFeePct: relayerFeePct,
depositId: depositId,
originChainId: originChainId,
destinationChainId: chainId(),
message: message
}),
relayHash: bytes32(0),
updatedRelayerFeePct: relayerFeePct,
updatedRecipient: recipient,
updatedMessage: message,
repaymentChainId: repaymentChainId,
maxTokensToSend: maxTokensToSend,
slowFill: false,
payoutAdjustmentPct: 0,
maxCount: maxCount
});
relayExecution.relayHash = _getRelayHash(relayExecution.relay);
uint256 fillAmountPreFees = _fillRelay(relayExecution);
_emitFillRelay(relayExecution, fillAmountPreFees);
}
/**
* @notice Called by relayer to execute same logic as calling fillRelay except that relayer is using an updated
* relayer fee %. The fee % must have been emitted in a message cryptographically signed by the depositor.
* @notice By design, the depositor probably emitted the message with the updated fee by calling speedUpDeposit().
* @param depositor Depositor on origin chain who set this chain as the destination chain.
* @param recipient Specified recipient on this chain.
* @param destinationToken Token to send to recipient. Should be mapped to the origin token, origin chain ID
* and this chain ID via a mapping on the HubPool.
* @param amount Full size of the deposit.
* @param maxTokensToSend Max amount of tokens to send recipient. If higher than amount, then caller will
* send recipient the full relay amount.
* @param repaymentChainId Chain of SpokePool where relayer wants to be refunded after the challenge window has
* passed.
* @param originChainId Chain of SpokePool where deposit originated.
* @param realizedLpFeePct Fee % based on L1 HubPool utilization at deposit quote time. Deterministic based on
* quote time.
* @param relayerFeePct Original fee % to keep as relayer set by depositor.
* @param updatedRelayerFeePct New fee % to keep as relayer also specified by depositor.
* @param depositId Unique deposit ID on origin spoke pool.
* @param message Original message that was sent along with this deposit.
* @param updatedMessage Modified message that the depositor signed when updating parameters.
* @param depositorSignature Signed message containing the depositor address, this contract chain ID, the updated
* relayer fee %, and the deposit ID. This signature is produced by signing a hash of data according to the
* EIP-712 standard. See more in the _verifyUpdateRelayerFeeMessage() comments.
* @param maxCount Max fill count to protect the relayer from frontrunning.
*/
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function fillRelayWithUpdatedDeposit(
address depositor,
address recipient,
address updatedRecipient,
address destinationToken,
uint256 amount,
uint256 maxTokensToSend,
uint256 repaymentChainId,
uint256 originChainId,
int64 realizedLpFeePct,
int64 relayerFeePct,
int64 updatedRelayerFeePct,
uint32 depositId,
bytes memory message,
bytes memory updatedMessage,
bytes memory depositorSignature,
uint256 maxCount
) public override nonReentrant unpausedFills {
RelayExecution memory relayExecution = RelayExecution({
relay: SpokePoolInterface.RelayData({
depositor: depositor,
recipient: recipient,
destinationToken: destinationToken,
amount: amount,
realizedLpFeePct: realizedLpFeePct,
relayerFeePct: relayerFeePct,
depositId: depositId,
originChainId: originChainId,
destinationChainId: chainId(),
message: message
}),
relayHash: bytes32(0),
updatedRelayerFeePct: updatedRelayerFeePct,
updatedRecipient: updatedRecipient,
updatedMessage: updatedMessage,
repaymentChainId: repaymentChainId,
maxTokensToSend: maxTokensToSend,
slowFill: false,
payoutAdjustmentPct: 0,
maxCount: maxCount
});
relayExecution.relayHash = _getRelayHash(relayExecution.relay);
_verifyUpdateDepositMessage(
depositor,
depositId,
originChainId,
updatedRelayerFeePct,
updatedRecipient,
updatedMessage,
depositorSignature
);
uint256 fillAmountPreFees = _fillRelay(relayExecution);
_emitFillRelay(relayExecution, fillAmountPreFees);
}
/******************************************
* V3 RELAYER FUNCTIONS *
******************************************/
/**
* @notice Fulfill request to bridge cross chain by sending specified output tokens to the recipient.
* @dev The fee paid to relayers and the system should be captured in the spread between output
* amount and input amount when adjusted to be denominated in the input token. A relayer on the destination
* chain will send outputAmount of outputTokens to the recipient and receive inputTokens on a repayment
* chain of their choice. Therefore, the fee should account for destination fee transaction costs, the
* relayer's opportunity cost of capital while they wait to be refunded following an optimistic challenge
* window in the HubPool, and a system fee charged to relayers.
* @dev The hash of the relayData will be used to uniquely identify the deposit to fill, so
* modifying any params in it will result in a different hash and a different deposit. The hash will comprise
* all parameters passed to depositV3() on the origin chain along with that chain's chainId(). This chain's
* chainId() must therefore match the destinationChainId passed into depositV3.
* Relayers are only refunded for filling deposits with deposit hashes that map exactly to the one emitted by the
* origin SpokePool therefore the relayer should not modify any params in relayData.
* @dev Cannot fill more than once. Partial fills are not supported.
* @param relayData struct containing all the data needed to identify the deposit to be filled. Should match
* all the same-named parameters emitted in the origin chain V3FundsDeposited event.
* - depositor: The account credited with the deposit who can request to "speed up" this deposit by modifying
* the output amount, recipient, and message.
* - recipient The account receiving funds on this chain. Can be an EOA or a contract. If
* the output token is the wrapped native token for the chain, then the recipient will receive native token if
* an EOA or wrapped native token if a contract.
* - inputToken: The token pulled from the caller's account to initiate the deposit. The equivalent of this
* token on the repayment chain will be sent as a refund to the caller.
* - outputToken The token that the caller will send to the recipient on the destination chain. Must be an
* ERC20.
* - inputAmount: This amount, less a system fee, will be sent to the caller on their repayment chain of choice as a refund
* following an optimistic challenge window in the HubPool.
* - outputAmount: The amount of output tokens that the caller will send to the recipient.
* - originChainId: The origin chain identifier.
* - exclusiveRelayer The relayer that will be exclusively allowed to fill this deposit before the
* exclusivity deadline timestamp.
* - fillDeadline The deadline for the caller to fill the deposit. After this timestamp,
* the fill will revert on the destination chain.
* - exclusivityDeadline: The deadline for the exclusive relayer to fill the deposit. After this
* timestamp, anyone can fill this deposit.
* - message The message to send to the recipient if the recipient is a contract that implements a
* handleV3AcrossMessage() public function
* @param repaymentChainId Chain of SpokePool where relayer wants to be refunded after the challenge window has
* passed. Will receive inputAmount of the equivalent token to inputToken on the repayment chain.
*/
function fillV3Relay(V3RelayData calldata relayData, uint256 repaymentChainId)
public
override
nonReentrant
unpausedFills
{
// Exclusivity deadline is inclusive and is the latest timestamp that the exclusive relayer has sole right
// to fill the relay.
if (relayData.exclusivityDeadline >= getCurrentTime() && relayData.exclusiveRelayer != msg.sender) {
revert NotExclusiveRelayer();
}
V3RelayExecutionParams memory relayExecution = V3RelayExecutionParams({
relay: relayData,
relayHash: _getV3RelayHash(relayData),
updatedOutputAmount: relayData.outputAmount,
updatedRecipient: relayData.recipient,
updatedMessage: relayData.message,
repaymentChainId: repaymentChainId
});
_fillRelayV3(relayExecution, msg.sender, false);
}
/**
* @notice Identical to fillV3Relay except that the relayer wants to use a depositor's updated output amount,
* recipient, and/or message. The relayer should only use this function if they can supply a message signed
* by the depositor that contains the fill's matching deposit ID along with updated relay parameters.
* If the signature can be verified, then this function will emit a FilledV3Event that will be used by
* the system for refund verification purposes. In otherwords, this function is an alternative way to fill a
* a deposit than fillV3Relay.
* @dev Subject to same exclusivity deadline rules as fillV3Relay().
* @param relayData struct containing all the data needed to identify the deposit to be filled. See fillV3Relay().
* @param repaymentChainId Chain of SpokePool where relayer wants to be refunded after the challenge window has
* passed. See fillV3Relay().
* @param updatedOutputAmount New output amount to use for this deposit.
* @param updatedRecipient New recipient to use for this deposit.
* @param updatedMessage New message to use for this deposit.
* @param depositorSignature Signed EIP712 hashstruct containing the deposit ID. Should be signed by the depositor
* account.
*/
function fillV3RelayWithUpdatedDeposit(
V3RelayData calldata relayData,
uint256 repaymentChainId,
uint256 updatedOutputAmount,
address updatedRecipient,
bytes calldata updatedMessage,
bytes calldata depositorSignature
) public override nonReentrant unpausedFills {
// Exclusivity deadline is inclusive and is the latest timestamp that the exclusive relayer has sole right
// to fill the relay.
if (relayData.exclusivityDeadline >= getCurrentTime() && relayData.exclusiveRelayer != msg.sender) {
revert NotExclusiveRelayer();
}
V3RelayExecutionParams memory relayExecution = V3RelayExecutionParams({
relay: relayData,
relayHash: _getV3RelayHash(relayData),
updatedOutputAmount: updatedOutputAmount,
updatedRecipient: updatedRecipient,
updatedMessage: updatedMessage,
repaymentChainId: repaymentChainId
});
_verifyUpdateV3DepositMessage(
relayData.depositor,
relayData.depositId,
relayData.originChainId,
updatedOutputAmount,
updatedRecipient,
updatedMessage,
depositorSignature
);
_fillRelayV3(relayExecution, msg.sender, false);
}
/**
* @notice Request Across to send LP funds to this contract to fulfill a slow fill relay
* for a deposit in the next bundle.
* @dev Slow fills are not possible unless the input and output tokens are "equivalent", i.e.
* they route to the same L1 token via PoolRebalanceRoutes.
* @dev Slow fills are created by inserting slow fill objects into a merkle tree that is included
* in the next HubPool "root bundle". Once the optimistic challenge window has passed, the HubPool
* will relay the slow root to this chain via relayRootBundle(). Once the slow root is relayed,
* the slow fill can be executed by anyone who calls executeV3SlowRelayLeaf().
* @dev Cannot request a slow fill if the fill deadline has passed.
* @dev Cannot request a slow fill if the relay has already been filled or a slow fill has already been requested.
* @param relayData struct containing all the data needed to identify the deposit that should be
* slow filled. If any of the params are missing or different from the origin chain deposit,
* then Across will not include a slow fill for the intended deposit.
*/
function requestV3SlowFill(V3RelayData calldata relayData) public override nonReentrant unpausedFills {
// If a depositor has set an exclusivity deadline, then only the exclusive relayer should be able to
// fast fill within this deadline. Moreover, the depositor should expect to get *fast* filled within
// this deadline, not slow filled. As a simplifying assumption, we will not allow slow fills to be requested
// this exclusivity period.
if (relayData.exclusivityDeadline >= getCurrentTime()) {
revert NoSlowFillsInExclusivityWindow();
}
if (relayData.fillDeadline < getCurrentTime()) revert ExpiredFillDeadline();
bytes32 relayHash = _getV3RelayHash(relayData);
if (fillStatuses[relayHash] != uint256(FillStatus.Unfilled)) revert InvalidSlowFillRequest();
fillStatuses[relayHash] = uint256(FillStatus.RequestedSlowFill);
emit RequestedV3SlowFill(
relayData.inputToken,
relayData.outputToken,
relayData.inputAmount,
relayData.outputAmount,
relayData.originChainId,
relayData.depositId,
relayData.fillDeadline,
relayData.exclusivityDeadline,
relayData.exclusiveRelayer,
relayData.depositor,
relayData.recipient,
relayData.message
);
}
/**************************************
* DATA WORKER FUNCTIONS *
**************************************/
/**
* @notice Executes a slow relay leaf stored as part of a root bundle. Will send the full amount remaining in the
* relay to the recipient, less fees.
* @dev This function assumes that the relay's destination chain ID is the current chain ID, which prevents
* the caller from executing a slow relay intended for another chain on this chain.
* @param depositor Depositor on origin chain who set this chain as the destination chain.
* @param recipient Specified recipient on this chain.
* @param destinationToken Token to send to recipient. Should be mapped to the origin token, origin chain ID
* and this chain ID via a mapping on the HubPool.
* @param amount Full size of the deposit.
* @param originChainId Chain of SpokePool where deposit originated.
* @param realizedLpFeePct Fee % based on L1 HubPool utilization at deposit quote time. Deterministic based on
* quote time.
* @param relayerFeePct Original fee % to keep as relayer set by depositor.
* @param depositId Unique deposit ID on origin spoke pool.
* @param rootBundleId Unique ID of root bundle containing slow relay root that this leaf is contained in.
* @param message Message to send to the recipient if the recipient is a contract.
* @param payoutAdjustment Adjustment to the payout amount. Can be used to increase or decrease the payout to allow
* for rewards or penalties.
* @param proof Inclusion proof for this leaf in slow relay root in root bundle.
*/
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function executeSlowRelayLeaf(
address depositor,
address recipient,
address destinationToken,
uint256 amount,
uint256 originChainId,
int64 realizedLpFeePct,
int64 relayerFeePct,
uint32 depositId,
uint32 rootBundleId,
bytes memory message,
int256 payoutAdjustment,
bytes32[] memory proof
) public override nonReentrant {
_preExecuteLeafHook(destinationToken);
_executeSlowRelayLeaf(
depositor,
recipient,
destinationToken,
amount,
originChainId,
chainId(),
realizedLpFeePct,
relayerFeePct,
depositId,
rootBundleId,
message,
payoutAdjustment,
proof
);
}
/**
* @notice Executes a slow relay leaf stored as part of a root bundle relayed by the HubPool.
* @dev Executing a slow fill leaf is equivalent to filling the relayData so this function cannot be used to
* double fill a recipient. The relayData that is filled is included in the slowFillLeaf and is hashed
* like any other fill sent through fillV3Relay().
* @dev There is no relayer credited with filling this relay since funds are sent directly out of this contract.
* @param slowFillLeaf Contains all data necessary to uniquely identify a relay for this chain. This struct is
* hashed and included in a merkle root that is relayed to all spoke pools.
* - relayData: struct containing all the data needed to identify the original deposit to be slow filled.
* - chainId: chain identifier where slow fill leaf should be executed. If this doesn't match this chain's
* chainId, then this function will revert.
* - updatedOutputAmount: Amount to be sent to recipient out of this contract's balance. Can be set differently
* from relayData.outputAmount to charge a different fee because this deposit was "slow" filled. Usually,
* this will be set higher to reimburse the recipient for waiting for the slow fill.
* @param rootBundleId Unique ID of root bundle containing slow relay root that this leaf is contained in.
* @param proof Inclusion proof for this leaf in slow relay root in root bundle.
*/
function executeV3SlowRelayLeaf(
V3SlowFill calldata slowFillLeaf,
uint32 rootBundleId,
bytes32[] calldata proof
) public override nonReentrant {
V3RelayData memory relayData = slowFillLeaf.relayData;
_preExecuteLeafHook(relayData.outputToken);
// @TODO In the future consider allowing way for slow fill leaf to be created with updated
// deposit params like outputAmount, message and recipient.
V3RelayExecutionParams memory relayExecution = V3RelayExecutionParams({
relay: relayData,
relayHash: _getV3RelayHash(relayData),
updatedOutputAmount: slowFillLeaf.updatedOutputAmount,
updatedRecipient: relayData.recipient,
updatedMessage: relayData.message,
repaymentChainId: EMPTY_REPAYMENT_CHAIN_ID // Repayment not relevant for slow fills.
});
_verifyV3SlowFill(relayExecution, rootBundleId, proof);
// - No relayer to refund for slow fill executions.
_fillRelayV3(relayExecution, EMPTY_RELAYER, true);
}
/**
* @notice Executes a relayer refund leaf stored as part of a root bundle. Will send the relayer the amount they
* sent to the recipient plus a relayer fee.
* @param rootBundleId Unique ID of root bundle containing relayer refund root that this leaf is contained in.
* @param relayerRefundLeaf Contains all data necessary to reconstruct leaf contained in root bundle and to
* refund relayer. This data structure is explained in detail in the SpokePoolInterface.
* @param proof Inclusion proof for this leaf in relayer refund root in root bundle.
*/
function executeRelayerRefundLeaf(
uint32 rootBundleId,
SpokePoolInterface.RelayerRefundLeaf memory relayerRefundLeaf,
bytes32[] memory proof
) public payable virtual override nonReentrant {
_preExecuteLeafHook(relayerRefundLeaf.l2TokenAddress);
if (relayerRefundLeaf.chainId != chainId()) revert InvalidChainId();
RootBundle storage rootBundle = rootBundles[rootBundleId];
// Check that proof proves that relayerRefundLeaf is contained within the relayer refund root.
// Note: This should revert if the relayerRefundRoot is uninitialized.
if (!MerkleLib.verifyRelayerRefund(rootBundle.relayerRefundRoot, relayerRefundLeaf, proof))
revert InvalidMerkleProof();
_setClaimedLeaf(rootBundleId, relayerRefundLeaf.leafId);
_distributeRelayerRefunds(
relayerRefundLeaf.chainId,
relayerRefundLeaf.amountToReturn,
relayerRefundLeaf.refundAmounts,
relayerRefundLeaf.leafId,
relayerRefundLeaf.l2TokenAddress,
relayerRefundLeaf.refundAddresses
);
emit ExecutedRelayerRefundRoot(
relayerRefundLeaf.amountToReturn,
relayerRefundLeaf.chainId,
relayerRefundLeaf.refundAmounts,
rootBundleId,
relayerRefundLeaf.leafId,
relayerRefundLeaf.l2TokenAddress,
relayerRefundLeaf.refundAddresses,
msg.sender
);
}
/**************************************
* VIEW FUNCTIONS *
**************************************/
/**
* @notice Returns chain ID for this network.
* @dev Some L2s like ZKSync don't support the CHAIN_ID opcode so we allow the implementer to override this.
*/
function chainId() public view virtual override returns (uint256) {
return block.chainid;
}
/**
* @notice Gets the current time.
* @return uint for the current timestamp.
*/
function getCurrentTime() public view virtual returns (uint256) {
return block.timestamp; // solhint-disable-line not-rely-on-time
}
/**************************************
* INTERNAL FUNCTIONS *
**************************************/
function _deposit(
address depositor,
address recipient,
address originToken,
uint256 amount,
uint256 destinationChainId,
int64 relayerFeePct,
uint32 quoteTimestamp,
bytes memory message
) internal {
// Check that deposit route is enabled.
require(enabledDepositRoutes[originToken][destinationChainId], "Disabled route");
// We limit the relay fees to prevent the user spending all their funds on fees.
require(SignedMath.abs(relayerFeePct) < 0.5e18, "Invalid relayer fee");
require(amount <= MAX_TRANSFER_SIZE, "Amount too large");
// Require that quoteTimestamp has a maximum age so that depositors pay an LP fee based on recent HubPool usage.
// It is assumed that cross-chain timestamps are normally loosely in-sync, but clock drift can occur. If the
// SpokePool time stalls or lags significantly, it is still possible to make deposits by setting quoteTimestamp
// within the configured buffer. The owner should pause deposits if this is undesirable. This will underflow if
// quoteTimestamp is more than depositQuoteTimeBuffer; this is safe but will throw an unintuitive error.
// slither-disable-next-line timestamp
require(getCurrentTime() - quoteTimestamp <= depositQuoteTimeBuffer, "invalid quoteTimestamp");
// Increment count of deposits so that deposit ID for this spoke pool is unique.
uint32 newDepositId = numberOfDeposits++;
// If the address of the origin token is a wrappedNativeToken contract and there is a msg.value with the
// transaction then the user is sending ETH. In this case, the ETH should be deposited to wrappedNativeToken.
if (originToken == address(wrappedNativeToken) && msg.value > 0) {
require(msg.value == amount, "msg.value must match amount");
wrappedNativeToken.deposit{ value: msg.value }();
// Else, it is a normal ERC20. In this case pull the token from the user's wallet as per normal.
// Note: this includes the case where the L2 user has WETH (already wrapped ETH) and wants to bridge them.
// In this case the msg.value will be set to 0, indicating a "normal" ERC20 bridging action.
} else IERC20Upgradeable(originToken).safeTransferFrom(msg.sender, address(this), amount);
emit V3FundsDeposited(
originToken, // inputToken
address(0), // outputToken. Setting this to 0x0 means that the outputToken should be assumed to be the
// canonical token for the destination chain matching the inputToken. Therefore, this deposit
// can always be slow filled.
// - setting token to 0x0 will signal to off-chain validator that the "equivalent"
// token as the inputToken for the destination chain should be replaced here.
amount, // inputAmount
_computeAmountPostFees(amount, relayerFeePct), // outputAmount
// - output amount will be the deposit amount less relayerFeePct, which should now be set
// equal to realizedLpFeePct + gasFeePct + capitalCostFeePct where (gasFeePct + capitalCostFeePct)
// is equal to the old usage of `relayerFeePct`.
destinationChainId,
newDepositId,
quoteTimestamp,
INFINITE_FILL_DEADLINE, // fillDeadline. Default to infinite expiry because
// expired deposits refunds could be a breaking change for existing users of this function.
0, // exclusivityDeadline. Setting this to 0 along with the exclusiveRelayer to 0x0 means that there
// is no exclusive deadline
depositor,
recipient,
address(0), // exclusiveRelayer. Setting this to 0x0 will signal to off-chain validator that there
// is no exclusive relayer.
message
);
}
function _distributeRelayerRefunds(
uint256 _chainId,
uint256 amountToReturn,
uint256[] memory refundAmounts,
uint32 leafId,
address l2TokenAddress,
address[] memory refundAddresses
) internal {
if (refundAddresses.length != refundAmounts.length) revert InvalidMerkleLeaf();
// Send each relayer refund address the associated refundAmount for the L2 token address.
// Note: Even if the L2 token is not enabled on this spoke pool, we should still refund relayers.
uint256 length = refundAmounts.length;
for (uint256 i = 0; i < length; ++i) {
uint256 amount = refundAmounts[i];
if (amount > 0) IERC20Upgradeable(l2TokenAddress).safeTransfer(refundAddresses[i], amount);
}
// If leaf's amountToReturn is positive, then send L2 --> L1 message to bridge tokens back via
// chain-specific bridging method.
if (amountToReturn > 0) {
_bridgeTokensToHubPool(amountToReturn, l2TokenAddress);
emit TokensBridged(amountToReturn, _chainId, leafId, l2TokenAddress, msg.sender);
}
}
// Verifies inclusion proof of leaf in root and sends recipient remainder of relay. Marks relay as filled.
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function _executeSlowRelayLeaf(
address depositor,
address recipient,
address destinationToken,
uint256 amount,
uint256 originChainId,
uint256 destinationChainId,
int64 realizedLpFeePct,
int64 relayerFeePct,
uint32 depositId,
uint32 rootBundleId,
bytes memory message,
int256 payoutAdjustmentPct,
bytes32[] memory proof
) internal {
RelayExecution memory relayExecution = RelayExecution({
relay: SpokePoolInterface.RelayData({
depositor: depositor,
recipient: recipient,
destinationToken: destinationToken,
amount: amount,
realizedLpFeePct: realizedLpFeePct,
relayerFeePct: relayerFeePct,
depositId: depositId,
originChainId: originChainId,
destinationChainId: destinationChainId,
message: message
}),
relayHash: bytes32(0),
updatedRelayerFeePct: 0,
updatedRecipient: recipient,
updatedMessage: message,
repaymentChainId: 0,
maxTokensToSend: SLOW_FILL_MAX_TOKENS_TO_SEND,
slowFill: true,
payoutAdjustmentPct: payoutAdjustmentPct,
maxCount: type(uint256).max
});
relayExecution.relayHash = _getRelayHash(relayExecution.relay);
_verifySlowFill(relayExecution, rootBundleId, proof);
// Note: use relayAmount as the max amount to send, so the relay is always completely filled by the contract's
// funds in all cases. As this is a slow relay we set the relayerFeePct to 0. This effectively refunds the
// relayer component of the relayerFee thereby only charging the depositor the LpFee.
uint256 fillAmountPreFees = _fillRelay(relayExecution);
// Note: Set repayment chain ID to 0 to indicate that there is no repayment to be made. The off-chain data
// worker can use repaymentChainId=0 as a signal to ignore such relays for refunds. Also, set the relayerFeePct
// to 0 as slow relays do not pay the caller of this method (depositor is refunded this fee).
_emitFillRelay(relayExecution, fillAmountPreFees);
}
function _setCrossDomainAdmin(address newCrossDomainAdmin) internal {
require(newCrossDomainAdmin != address(0), "Bad bridge router address");
crossDomainAdmin = newCrossDomainAdmin;
emit SetXDomainAdmin(newCrossDomainAdmin);
}
function _setHubPool(address newHubPool) internal {
require(newHubPool != address(0), "Bad hub pool address");
hubPool = newHubPool;
emit SetHubPool(newHubPool);
}
function _preExecuteLeafHook(address) internal virtual {
// This method by default is a no-op. Different child spoke pools might want to execute functionality here
// such as wrapping any native tokens owned by the contract into wrapped tokens before proceeding with
// executing the leaf.
}
// Should be overriden by implementing contract depending on how L2 handles sending tokens to L1.
function _bridgeTokensToHubPool(uint256 amountToReturn, address l2TokenAddress) internal virtual;
function _setClaimedLeaf(uint32 rootBundleId, uint32 leafId) internal {
RootBundle storage rootBundle = rootBundles[rootBundleId];
// Verify the leafId in the leaf has not yet been claimed.
if (MerkleLib.isClaimed(rootBundle.claimedBitmap, leafId)) revert ClaimedMerkleLeaf();
// Set leaf as claimed in bitmap. This is passed by reference to the storage rootBundle.
MerkleLib.setClaimed(rootBundle.claimedBitmap, leafId);
}
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function _verifyUpdateDepositMessage(
address depositor,
uint32 depositId,
uint256 originChainId,
int64 updatedRelayerFeePct,
address updatedRecipient,
bytes memory updatedMessage,
bytes memory depositorSignature
) internal view {
// A depositor can request to modify an un-relayed deposit by signing a hash containing the updated
// details and information uniquely identifying the deposit to relay. This information ensures
// that this signature cannot be re-used for other deposits.
// Note: We use the EIP-712 (https://eips.ethereum.org/EIPS/eip-712) standard for hashing and signing typed data.
// Specifically, we use the version of the encoding known as "v4", as implemented by the JSON RPC method
// `eth_signedTypedDataV4` in MetaMask (https://docs.metamask.io/guide/signing-data.html).
bytes32 expectedTypedDataV4Hash = _hashTypedDataV4(
// EIP-712 compliant hash struct: https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct
keccak256(
abi.encode(
UPDATE_DEPOSIT_DETAILS_HASH,
depositId,
originChainId,
updatedRelayerFeePct,
updatedRecipient,
keccak256(updatedMessage)
)
),
// By passing in the origin chain id, we enable the verification of the signature on a different chain
originChainId
);
_verifyDepositorSignature(depositor, expectedTypedDataV4Hash, depositorSignature);
}
function _verifyUpdateV3DepositMessage(
address depositor,
uint32 depositId,
uint256 originChainId,
uint256 updatedOutputAmount,
address updatedRecipient,
bytes memory updatedMessage,
bytes memory depositorSignature
) internal view {
// A depositor can request to modify an un-relayed deposit by signing a hash containing the updated
// details and information uniquely identifying the deposit to relay. This information ensures
// that this signature cannot be re-used for other deposits.
// Note: We use the EIP-712 (https://eips.ethereum.org/EIPS/eip-712) standard for hashing and signing typed data.
// Specifically, we use the version of the encoding known as "v4", as implemented by the JSON RPC method
// `eth_signedTypedDataV4` in MetaMask (https://docs.metamask.io/guide/signing-data.html).
bytes32 expectedTypedDataV4Hash = _hashTypedDataV4(
// EIP-712 compliant hash struct: https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct
keccak256(
abi.encode(
UPDATE_V3_DEPOSIT_DETAILS_HASH,
depositId,
originChainId,
updatedOutputAmount,
updatedRecipient,
keccak256(updatedMessage)
)
),
// By passing in the origin chain id, we enable the verification of the signature on a different chain
originChainId
);
_verifyDepositorSignature(depositor, expectedTypedDataV4Hash, depositorSignature);
}
// This function is isolated and made virtual to allow different L2's to implement chain specific recovery of
// signers from signatures because some L2s might not support ecrecover. To be safe, consider always reverting
// this function for L2s where ecrecover is different from how it works on Ethereum, otherwise there is the
// potential to forge a signature from the depositor using a different private key than the original depositor's.
function _verifyDepositorSignature(
address depositor,
bytes32 ethSignedMessageHash,
bytes memory depositorSignature
) internal view virtual {
// Note:
// - We don't need to worry about reentrancy from a contract deployed at the depositor address since the method
// `SignatureChecker.isValidSignatureNow` is a view method. Re-entrancy can happen, but it cannot affect state.
// - EIP-1271 signatures are supported. This means that a signature valid now, may not be valid later and vice-versa.
// - For an EIP-1271 signature to work, the depositor contract address must map to a deployed contract on the destination
// chain that can validate the signature.
// - Regular signatures from an EOA are also supported.
bool isValid = SignatureChecker.isValidSignatureNow(depositor, ethSignedMessageHash, depositorSignature);
require(isValid, "invalid signature");
}
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function _verifySlowFill(
RelayExecution memory relayExecution,
uint32 rootBundleId,
bytes32[] memory proof
) internal view {
SlowFill memory slowFill = SlowFill({
relayData: relayExecution.relay,
payoutAdjustmentPct: relayExecution.payoutAdjustmentPct
});
require(
MerkleLib.verifySlowRelayFulfillment(rootBundles[rootBundleId].slowRelayRoot, slowFill, proof),
"Invalid slow relay proof"
);
}
function _verifyV3SlowFill(
V3RelayExecutionParams memory relayExecution,
uint32 rootBundleId,
bytes32[] memory proof
) internal view {
V3SlowFill memory slowFill = V3SlowFill({
relayData: relayExecution.relay,
chainId: chainId(),
updatedOutputAmount: relayExecution.updatedOutputAmount
});
if (!MerkleLib.verifyV3SlowRelayFulfillment(rootBundles[rootBundleId].slowRelayRoot, slowFill, proof))
revert InvalidMerkleProof();
}
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function _computeAmountPreFees(uint256 amount, int64 feesPct) private pure returns (uint256) {
return (1e18 * amount) / uint256((int256(1e18) - feesPct));
}
function _computeAmountPostFees(uint256 amount, int256 feesPct) private pure returns (uint256) {
return (amount * uint256(int256(1e18) - feesPct)) / 1e18;
}
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function _getRelayHash(SpokePoolInterface.RelayData memory relayData) private pure returns (bytes32) {
return keccak256(abi.encode(relayData));
}
function _getV3RelayHash(V3RelayData memory relayData) private view returns (bytes32) {
return keccak256(abi.encode(relayData, chainId()));
}
// Unwraps ETH and does a transfer to a recipient address. If the recipient is a smart contract then sends wrappedNativeToken.
function _unwrapwrappedNativeTokenTo(address payable to, uint256 amount) internal {
if (address(to).isContract()) {
IERC20Upgradeable(address(wrappedNativeToken)).safeTransfer(to, amount);
} else {
wrappedNativeToken.withdraw(amount);
AddressLibUpgradeable.sendValue(to, amount);
}
}
/**
* @notice Caller specifies the max amount of tokens to send to user. Based on this amount and the amount of the
* relay remaining (as stored in the relayFills mapping), pull the amount of tokens from the caller
* and send to the recipient.
* @dev relayFills keeps track of pre-fee fill amounts as a convenience to relayers who want to specify round
* numbers for the maxTokensToSend parameter or convenient numbers like 100 (i.e. relayers who will fully
* fill any relay up to 100 tokens, and partial fill with 100 tokens for larger relays).
* @dev Caller must approve this contract to transfer up to maxTokensToSend of the relayData.destinationToken.
* The amount to be sent might end up less if there is insufficient relay amount remaining to be sent.
*/
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function _fillRelay(RelayExecution memory relayExecution) internal returns (uint256 fillAmountPreFees) {
RelayData memory relayData = relayExecution.relay;
// We limit the relay fees to prevent the user spending all their funds on fees. Note that 0.5e18 (i.e. 50%)
// fees are just magic numbers. The important point is to prevent the total fee from being 100%, otherwise
// computing the amount pre fees runs into divide-by-0 issues.
require(
SignedMath.abs(relayExecution.updatedRelayerFeePct) < 0.5e18 &&
SignedMath.abs(relayData.realizedLpFeePct) < 0.5e18,
"invalid fees"
);
require(relayData.amount <= MAX_TRANSFER_SIZE, "Amount too large");
// Check that the relay has not already been completely filled. Note that the relays mapping will point to
// the amount filled so far for a particular relayHash, so this will start at 0 and increment with each fill.
require(DEPRECATED_relayFills[relayExecution.relayHash] < relayData.amount, "relay filled");
// Derive the amount of the relay filled if the caller wants to send exactly maxTokensToSend tokens to
// the recipient. For example, if the user wants to send 10 tokens to the recipient, the full relay amount
// is 100, and the fee %'s total 5%, then this computation would return ~10.5, meaning that to fill 10.5/100
// of the full relay size, the caller would need to send 10 tokens to the user.
// This is equivalent to the amount to be sent by the relayer before fees have been taken out.
fillAmountPreFees = _computeAmountPreFees(
relayExecution.maxTokensToSend,
(relayData.realizedLpFeePct + relayExecution.updatedRelayerFeePct)
);
// If fill amount minus fees, which is possible with small fill amounts and negative fees, then
// revert.
require(fillAmountPreFees > 0, "fill amount pre fees is 0");
// If user's specified max amount to send is greater than the amount of the relay remaining pre-fees,
// we'll pull exactly enough tokens to complete the relay.
uint256 amountRemainingInRelay = relayData.amount - DEPRECATED_relayFills[relayExecution.relayHash];
if (amountRemainingInRelay < fillAmountPreFees) {
fillAmountPreFees = amountRemainingInRelay;
}
// Apply post-fees computation to amount that relayer will send to user. Rounding errors are possible
// when computing fillAmountPreFees and then amountToSend, and we just want to enforce that
// the error added to amountToSend is consistently applied to partial and full fills.
uint256 amountToSend = _computeAmountPostFees(
fillAmountPreFees,
relayData.realizedLpFeePct + relayExecution.updatedRelayerFeePct
);
// This can only happen in a slow fill, where the contract is funding the relay.
if (relayExecution.payoutAdjustmentPct != 0) {
// If payoutAdjustmentPct is positive, then the recipient will receive more than the amount they
// were originally expecting. If it is negative, then the recipient will receive less.
// -1e18 is -100%. Because we cannot pay out negative values, that is the minimum.
require(relayExecution.payoutAdjustmentPct >= -1e18, "payoutAdjustmentPct too small");
// Allow the payout adjustment to go up to 1000% (i.e. 11x).
// This is a sanity check to ensure the payouts do not grow too large via some sort of issue in bundle
// construction.
require(relayExecution.payoutAdjustmentPct <= 100e18, "payoutAdjustmentPct too large");
// Note: since _computeAmountPostFees is typically intended for fees, the signage must be reversed.
amountToSend = _computeAmountPostFees(amountToSend, -relayExecution.payoutAdjustmentPct);
// Note: this error should never happen, since the maxTokensToSend is expected to be set much higher than
// the amount, but it is here as a sanity check.
require(amountToSend <= relayExecution.maxTokensToSend, "Somehow hit maxTokensToSend!");
}
// Since the first partial fill is used to update the fill counter for the entire refund amount, we don't have
// a simple way to handle the case where follow-up partial fills take repayment on different chains. We'd
// need a way to decrement the fill counter in this case (or increase deposit counter) to ensure that users
// have adequate frontrunning protections.
// Instead of adding complexity, we require that all partial fills set repayment chain equal to destination chain.
// Note: .slowFill is checked because slow fills set repaymentChainId to 0.
bool localRepayment = relayExecution.repaymentChainId == relayExecution.relay.destinationChainId;
require(
localRepayment || relayExecution.relay.amount == fillAmountPreFees || relayExecution.slowFill,
"invalid repayment chain"
);
// relayFills keeps track of pre-fee fill amounts as a convenience to relayers who want to specify round
// numbers for the maxTokensToSend parameter or convenient numbers like 100 (i.e. relayers who will fully
// fill any relay up to 100 tokens, and partial fill with 100 tokens for larger relays).
DEPRECATED_relayFills[relayExecution.relayHash] += fillAmountPreFees;
// If relayer and receiver are the same address, there is no need to do any transfer, as it would result in no
// net movement of funds.
// Note: this is important because it means that relayers can intentionally self-relay in a capital efficient
// way (no need to have funds on the destination).
// If this is a slow fill, we can't exit early since we still need to send funds out of this contract
// since there is no "relayer".
if (msg.sender == relayExecution.updatedRecipient && !relayExecution.slowFill) return fillAmountPreFees;
// If relay token is wrappedNativeToken then unwrap and send native token.
if (relayData.destinationToken == address(wrappedNativeToken)) {
// Note: useContractFunds is True if we want to send funds to the recipient directly out of this contract,
// otherwise we expect the caller to send funds to the recipient. If useContractFunds is True and the
// recipient wants wrappedNativeToken, then we can assume that wrappedNativeToken is already in the
// contract, otherwise we'll need the user to send wrappedNativeToken to this contract. Regardless, we'll
// need to unwrap it to native token before sending to the user.
if (!relayExecution.slowFill)
IERC20Upgradeable(relayData.destinationToken).safeTransferFrom(msg.sender, address(this), amountToSend);
_unwrapwrappedNativeTokenTo(payable(relayExecution.updatedRecipient), amountToSend);
// Else, this is a normal ERC20 token. Send to recipient.
} else {
// Note: Similar to note above, send token directly from the contract to the user in the slow relay case.
if (!relayExecution.slowFill)
IERC20Upgradeable(relayData.destinationToken).safeTransferFrom(
msg.sender,
relayExecution.updatedRecipient,
amountToSend
);
else
IERC20Upgradeable(relayData.destinationToken).safeTransfer(
relayExecution.updatedRecipient,
amountToSend
);
}
if (relayExecution.updatedRecipient.isContract() && relayExecution.updatedMessage.length > 0) {
AcrossMessageHandler(relayExecution.updatedRecipient).handleAcrossMessage(
relayData.destinationToken,
amountToSend,
DEPRECATED_relayFills[relayExecution.relayHash] >= relayData.amount,
msg.sender,
relayExecution.updatedMessage
);
}
}
// @param relayer: relayer who is actually credited as filling this deposit. Can be different from
// exclusiveRelayer if passed exclusivityDeadline or if slow fill.
function _fillRelayV3(
V3RelayExecutionParams memory relayExecution,
address relayer,
bool isSlowFill
) internal {
V3RelayData memory relayData = relayExecution.relay;
if (relayData.fillDeadline < getCurrentTime()) revert ExpiredFillDeadline();
bytes32 relayHash = relayExecution.relayHash;
// If a slow fill for this fill was requested then the relayFills value for this hash will be
// FillStatus.RequestedSlowFill. Therefore, if this is the status, then this fast fill
// will be replacing the slow fill. If this is a slow fill execution, then the following variable
// is trivially true. We'll emit this value in the FilledRelay
// event to assist the Dataworker in knowing when to return funds back to the HubPool that can no longer
// be used for a slow fill execution.
FillType fillType = isSlowFill
? FillType.SlowFill
: (
// The following is true if this is a fast fill that was sent after a slow fill request.
fillStatuses[relayExecution.relayHash] == uint256(FillStatus.RequestedSlowFill)
? FillType.ReplacedSlowFill
: FillType.FastFill
);
// @dev This function doesn't support partial fills. Therefore, we associate the relay hash with
// an enum tracking its fill status. All filled relays, whether slow or fast fills, are set to the Filled
// status. However, we also use this slot to track whether this fill had a slow fill requested. Therefore
// we can include a bool in the FilledRelay event making it easy for the dataworker to compute if this
// fill was a fast fill that replaced a slow fill and therefore this SpokePool has excess funds that it
// needs to send back to the HubPool.
if (fillStatuses[relayHash] == uint256(FillStatus.Filled)) revert RelayFilled();
fillStatuses[relayHash] = uint256(FillStatus.Filled);
// @dev Before returning early, emit events to assist the dataworker in being able to know which fills were
// successful.
emit FilledV3Relay(
relayData.inputToken,
relayData.outputToken,
relayData.inputAmount,
relayData.outputAmount,
relayExecution.repaymentChainId,
relayData.originChainId,
relayData.depositId,
relayData.fillDeadline,
relayData.exclusivityDeadline,
relayData.exclusiveRelayer,
relayer,
relayData.depositor,
relayData.recipient,
relayData.message,
V3RelayExecutionEventInfo({
updatedRecipient: relayExecution.updatedRecipient,
updatedMessage: relayExecution.updatedMessage,
updatedOutputAmount: relayExecution.updatedOutputAmount,
fillType: fillType
})
);
// If relayer and receiver are the same address, there is no need to do any transfer, as it would result in no
// net movement of funds.
// Note: this is important because it means that relayers can intentionally self-relay in a capital efficient
// way (no need to have funds on the destination).
// If this is a slow fill, we can't exit early since we still need to send funds out of this contract
// since there is no "relayer".
address recipientToSend = relayExecution.updatedRecipient;
if (msg.sender == recipientToSend && !isSlowFill) return;
// If relay token is wrappedNativeToken then unwrap and send native token.
address outputToken = relayData.outputToken;
uint256 amountToSend = relayExecution.updatedOutputAmount;
if (outputToken == address(wrappedNativeToken)) {
// Note: useContractFunds is True if we want to send funds to the recipient directly out of this contract,
// otherwise we expect the caller to send funds to the recipient. If useContractFunds is True and the
// recipient wants wrappedNativeToken, then we can assume that wrappedNativeToken is already in the
// contract, otherwise we'll need the user to send wrappedNativeToken to this contract. Regardless, we'll
// need to unwrap it to native token before sending to the user.
if (!isSlowFill) IERC20Upgradeable(outputToken).safeTransferFrom(msg.sender, address(this), amountToSend);
_unwrapwrappedNativeTokenTo(payable(recipientToSend), amountToSend);
// Else, this is a normal ERC20 token. Send to recipient.
} else {
// Note: Similar to note above, send token directly from the contract to the user in the slow relay case.
if (!isSlowFill) IERC20Upgradeable(outputToken).safeTransferFrom(msg.sender, recipientToSend, amountToSend);
else IERC20Upgradeable(outputToken).safeTransfer(recipientToSend, amountToSend);
}
bytes memory updatedMessage = relayExecution.updatedMessage;
if (recipientToSend.isContract() && updatedMessage.length > 0) {
AcrossMessageHandler(recipientToSend).handleV3AcrossMessage(
outputToken,
amountToSend,
msg.sender,
updatedMessage
);
}
}
/// @custom:audit FOLLOWING FUNCTION TO BE DEPRECATED
function _emitFillRelay(RelayExecution memory relayExecution, uint256 fillAmountPreFees) internal {
RelayExecutionInfo memory relayExecutionInfo = RelayExecutionInfo({
relayerFeePct: relayExecution.updatedRelayerFeePct,
recipient: relayExecution.updatedRecipient,
message: relayExecution.updatedMessage,
isSlowRelay: relayExecution.slowFill,
payoutAdjustmentPct: relayExecution.payoutAdjustmentPct
});
emit FilledRelay(
relayExecution.relay.amount,
DEPRECATED_relayFills[relayExecution.relayHash],
fillAmountPreFees,
relayExecution.repaymentChainId,
relayExecution.relay.originChainId,
relayExecution.relay.destinationChainId,
relayExecution.relay.relayerFeePct,
relayExecution.relay.realizedLpFeePct,
relayExecution.relay.depositId,
relayExecution.relay.destinationToken,
msg.sender,
relayExecution.relay.depositor,
relayExecution.relay.recipient,
relayExecution.relay.message,
relayExecutionInfo
);
}
// Implementing contract needs to override this to ensure that only the appropriate cross chain admin can execute
// certain admin functions. For L2 contracts, the cross chain admin refers to some L1 address or contract, and for
// L1, this would just be the same admin of the HubPool.
function _requireAdminSender() internal virtual;
// Added to enable the this contract to receive native token (ETH). Used when unwrapping wrappedNativeToken.
receive() external payable {}
// Reserve storage slots for future versions of this base contract to add state variables without
// affecting the storage layout of child contracts. Decrement the size of __gap whenever state variables
// are added. This is at bottom of contract to make sure it's always at the end of storage.
uint256[999] private __gap;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)
pragma solidity ^0.8.0;
/**
* @title AddressUpgradeable
* @dev Collection of functions related to the address type
* @notice Logic is 100% copied from "@openzeppelin/contracts-upgradeable/contracts/utils/AddressUpgradeable.sol" but one
* comment is added to clarify why we allow delegatecall() in this contract, which is typically unsafe for use in
* upgradeable implementation contracts.
* @dev See https://docs.openzeppelin.com/upgrades-plugins/1.x/faq#delegatecall-selfdestruct for more details.
*/
library AddressLibUpgradeable {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{ value: amount }("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{ value: value }(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
/// @custom:oz-upgrades-unsafe-allow delegatecall
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
import "@openzeppelin/contracts-upgradeable/utils/cryptography/ECDSAUpgradeable.sol";
import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
/**
* @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data.
*
* This contract is based on OpenZeppelin's implementation:
* https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/blob/master/contracts/utils/cryptography/EIP712Upgradeable.sol
*
* NOTE: Modified version that allows to build a domain separator that relies on a different chain id than the chain this
* contract is deployed to. An example use case we want to support is:
* - User A signs a message on chain with id = 1
* - User B executes a method by verifying user A's EIP-712 compliant signature on a chain with id != 1
*/
abstract contract EIP712CrossChainUpgradeable is Initializable {
/* solhint-disable var-name-mixedcase */
bytes32 private _HASHED_NAME;
bytes32 private _HASHED_VERSION;
bytes32 private constant _TYPE_HASH = keccak256("EIP712Domain(string name,string version,uint256 chainId)");
/* solhint-enable var-name-mixedcase */
/**
* @dev Initializes the domain separator and parameter caches.
*
* The meaning of `name` and `version` is specified in
* https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]:
*
* - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol.
* - `version`: the current major version of the signing domain.
*
* NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart
* contract upgrade].
*/
function __EIP712_init(string memory name, string memory version) internal onlyInitializing {
__EIP712_init_unchained(name, version);
}
function __EIP712_init_unchained(string memory name, string memory version) internal onlyInitializing {
bytes32 hashedName = keccak256(bytes(name));
bytes32 hashedVersion = keccak256(bytes(version));
_HASHED_NAME = hashedName;
_HASHED_VERSION = hashedVersion;
}
/**
* @dev Returns the domain separator depending on the `originChainId`.
* @param originChainId Chain id of network where message originates from.
* @return bytes32 EIP-712-compliant domain separator.
*/
function _domainSeparatorV4(uint256 originChainId) internal view returns (bytes32) {
return keccak256(abi.encode(_TYPE_HASH, _HASHED_NAME, _HASHED_VERSION, originChainId));
}
/**
* @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this
* function returns the hash of the fully encoded EIP712 message for this domain.
*
* This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example:
*
* ```solidity
* bytes32 structHash = keccak256(abi.encode(
* keccak256("Mail(address to,string contents)"),
* mailTo,
* keccak256(bytes(mailContents))
* ));
* bytes32 digest = _hashTypedDataV4(structHash, originChainId);
* address signer = ECDSA.recover(digest, signature);
* ```
* @param structHash Hashed struct as defined in https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct.
* @param originChainId Chain id of network where message originates from.
* @return bytes32 Hash digest that is recoverable via `EDCSA.recover`.
*/
function _hashTypedDataV4(bytes32 structHash, uint256 originChainId) internal view virtual returns (bytes32) {
return ECDSAUpgradeable.toTypedDataHash(_domainSeparatorV4(originChainId), structHash);
}
// Reserve storage slots for future versions of this base contract to add state variables without
// affecting the storage layout of child contracts. Decrement the size of __gap whenever state variables
// are added. This is at bottom of contract to make sure it's always at the end of storage.
uint256[1000] private __gap;
}// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
/**
* @title MultiCallerUpgradeable
* @notice Logic is 100% copied from "@uma/core/contracts/common/implementation/MultiCaller.sol" but one
* comment is added to clarify why we allow delegatecall() in this contract, which is typically unsafe for use in
* upgradeable implementation contracts.
* @dev See https://docs.openzeppelin.com/upgrades-plugins/1.x/faq#delegatecall-selfdestruct for more details.
*/
contract MultiCallerUpgradeable {
function _validateMulticallData(bytes[] calldata data) internal virtual {
// no-op
}
function multicall(bytes[] calldata data) external returns (bytes[] memory results) {
_validateMulticallData(data);
results = new bytes[](data.length);
//slither-disable-start calls-loop
for (uint256 i = 0; i < data.length; i++) {
// Typically, implementation contracts used in the upgradeable proxy pattern shouldn't call `delegatecall`
// because it could allow a malicious actor to call this implementation contract directly (rather than
// through a proxy contract) and then selfdestruct() the contract, thereby freezing the upgradeable
// proxy. However, since we're only delegatecall-ing into this contract, then we can consider this
// use of delegatecall() safe.
//slither-disable-start low-level-calls
/// @custom:oz-upgrades-unsafe-allow delegatecall
(bool success, bytes memory result) = address(this).delegatecall(data[i]);
//slither-disable-end low-level-calls
if (!success) {
// Next 5 lines from https://ethereum.stackexchange.com/a/83577
if (result.length < 68) revert();
//slither-disable-next-line assembly
assembly {
result := add(result, 0x04)
}
revert(abi.decode(result, (string)));
}
results[i] = result;
}
//slither-disable-end calls-loop
}
// Reserve storage slots for future versions of this base contract to add state variables without
// affecting the storage layout of child contracts. Decrement the size of __gap whenever state variables
// are added. This is at bottom of contract to make sure its always at the end of storage.
uint256[1000] private __gap;
}{
"optimizer": {
"enabled": true,
"runs": 1000
},
"viaIR": true,
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
},
"libraries": {}
}Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
[{"inputs":[{"internalType":"address","name":"_wrappedNativeTokenAddress","type":"address"},{"internalType":"uint32","name":"_depositQuoteTimeBuffer","type":"uint32"},{"internalType":"uint32","name":"_fillDeadlineBuffer","type":"uint32"}],"stateMutability":"nonpayable","type":"constructor"},{"inputs":[],"name":"ClaimedMerkleLeaf","type":"error"},{"inputs":[],"name":"DisabledRoute","type":"error"},{"inputs":[],"name":"ExpiredFillDeadline","type":"error"},{"inputs":[],"name":"InvalidChainId","type":"error"},{"inputs":[],"name":"InvalidExclusiveRelayer","type":"error"},{"inputs":[],"name":"InvalidExclusivityDeadline","type":"error"},{"inputs":[],"name":"InvalidFillDeadline","type":"error"},{"inputs":[],"name":"InvalidMerkleLeaf","type":"error"},{"inputs":[],"name":"InvalidMerkleProof","type":"error"},{"inputs":[],"name":"InvalidPayoutAdjustmentPct","type":"error"},{"inputs":[],"name":"InvalidQuoteTimestamp","type":"error"},{"inputs":[],"name":"InvalidSlowFillRequest","type":"error"},{"inputs":[],"name":"MsgValueDoesNotMatchInputAmount","type":"error"},{"inputs":[],"name":"NoSlowFillsInExclusivityWindow","type":"error"},{"inputs":[],"name":"NotEOA","type":"error"},{"inputs":[],"name":"NotExclusiveRelayer","type":"error"},{"inputs":[],"name":"RelayFilled","type":"error"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"previousAdmin","type":"address"},{"indexed":false,"internalType":"address","name":"newAdmin","type":"address"}],"name":"AdminChanged","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"beacon","type":"address"}],"name":"BeaconUpgraded","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"uint256","name":"rootBundleId","type":"uint256"}],"name":"EmergencyDeleteRootBundle","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"originToken","type":"address"},{"indexed":true,"internalType":"uint256","name":"destinationChainId","type":"uint256"},{"indexed":false,"internalType":"bool","name":"enabled","type":"bool"}],"name":"EnabledDepositRoute","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"amountToReturn","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"chainId","type":"uint256"},{"indexed":false,"internalType":"uint256[]","name":"refundAmounts","type":"uint256[]"},{"indexed":true,"internalType":"uint32","name":"rootBundleId","type":"uint32"},{"indexed":true,"internalType":"uint32","name":"leafId","type":"uint32"},{"indexed":false,"internalType":"address","name":"l2TokenAddress","type":"address"},{"indexed":false,"internalType":"address[]","name":"refundAddresses","type":"address[]"},{"indexed":false,"internalType":"address","name":"caller","type":"address"}],"name":"ExecutedRelayerRefundRoot","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"amount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"totalFilledAmount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"fillAmount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"repaymentChainId","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"originChainId","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"destinationChainId","type":"uint256"},{"indexed":false,"internalType":"int64","name":"relayerFeePct","type":"int64"},{"indexed":false,"internalType":"int64","name":"realizedLpFeePct","type":"int64"},{"indexed":true,"internalType":"uint32","name":"depositId","type":"uint32"},{"indexed":false,"internalType":"address","name":"destinationToken","type":"address"},{"indexed":false,"internalType":"address","name":"relayer","type":"address"},{"indexed":true,"internalType":"address","name":"depositor","type":"address"},{"indexed":false,"internalType":"address","name":"recipient","type":"address"},{"indexed":false,"internalType":"bytes","name":"message","type":"bytes"},{"components":[{"internalType":"address","name":"recipient","type":"address"},{"internalType":"bytes","name":"message","type":"bytes"},{"internalType":"int64","name":"relayerFeePct","type":"int64"},{"internalType":"bool","name":"isSlowRelay","type":"bool"},{"internalType":"int256","name":"payoutAdjustmentPct","type":"int256"}],"indexed":false,"internalType":"struct SpokePool.RelayExecutionInfo","name":"updatableRelayData","type":"tuple"}],"name":"FilledRelay","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"inputToken","type":"address"},{"indexed":false,"internalType":"address","name":"outputToken","type":"address"},{"indexed":false,"internalType":"uint256","name":"inputAmount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"outputAmount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"repaymentChainId","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"originChainId","type":"uint256"},{"indexed":true,"internalType":"uint32","name":"depositId","type":"uint32"},{"indexed":false,"internalType":"uint32","name":"fillDeadline","type":"uint32"},{"indexed":false,"internalType":"uint32","name":"exclusivityDeadline","type":"uint32"},{"indexed":false,"internalType":"address","name":"exclusiveRelayer","type":"address"},{"indexed":true,"internalType":"address","name":"relayer","type":"address"},{"indexed":false,"internalType":"address","name":"depositor","type":"address"},{"indexed":false,"internalType":"address","name":"recipient","type":"address"},{"indexed":false,"internalType":"bytes","name":"message","type":"bytes"},{"components":[{"internalType":"address","name":"updatedRecipient","type":"address"},{"internalType":"bytes","name":"updatedMessage","type":"bytes"},{"internalType":"uint256","name":"updatedOutputAmount","type":"uint256"},{"internalType":"enum V3SpokePoolInterface.FillType","name":"fillType","type":"uint8"}],"indexed":false,"internalType":"struct V3SpokePoolInterface.V3RelayExecutionEventInfo","name":"relayExecutionInfo","type":"tuple"}],"name":"FilledV3Relay","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"amount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"originChainId","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"destinationChainId","type":"uint256"},{"indexed":false,"internalType":"int64","name":"relayerFeePct","type":"int64"},{"indexed":true,"internalType":"uint32","name":"depositId","type":"uint32"},{"indexed":false,"internalType":"uint32","name":"quoteTimestamp","type":"uint32"},{"indexed":false,"internalType":"address","name":"originToken","type":"address"},{"indexed":false,"internalType":"address","name":"recipient","type":"address"},{"indexed":true,"internalType":"address","name":"depositor","type":"address"},{"indexed":false,"internalType":"bytes","name":"message","type":"bytes"}],"name":"FundsDeposited","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint8","name":"version","type":"uint8"}],"name":"Initialized","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"previousOwner","type":"address"},{"indexed":true,"internalType":"address","name":"newOwner","type":"address"}],"name":"OwnershipTransferred","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"bool","name":"isPaused","type":"bool"}],"name":"PausedDeposits","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"bool","name":"isPaused","type":"bool"}],"name":"PausedFills","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"uint32","name":"rootBundleId","type":"uint32"},{"indexed":true,"internalType":"bytes32","name":"relayerRefundRoot","type":"bytes32"},{"indexed":true,"internalType":"bytes32","name":"slowRelayRoot","type":"bytes32"}],"name":"RelayedRootBundle","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"int64","name":"newRelayerFeePct","type":"int64"},{"indexed":true,"internalType":"uint32","name":"depositId","type":"uint32"},{"indexed":true,"internalType":"address","name":"depositor","type":"address"},{"indexed":false,"internalType":"address","name":"updatedRecipient","type":"address"},{"indexed":false,"internalType":"bytes","name":"updatedMessage","type":"bytes"},{"indexed":false,"internalType":"bytes","name":"depositorSignature","type":"bytes"}],"name":"RequestedSpeedUpDeposit","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"updatedOutputAmount","type":"uint256"},{"indexed":true,"internalType":"uint32","name":"depositId","type":"uint32"},{"indexed":true,"internalType":"address","name":"depositor","type":"address"},{"indexed":false,"internalType":"address","name":"updatedRecipient","type":"address"},{"indexed":false,"internalType":"bytes","name":"updatedMessage","type":"bytes"},{"indexed":false,"internalType":"bytes","name":"depositorSignature","type":"bytes"}],"name":"RequestedSpeedUpV3Deposit","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"inputToken","type":"address"},{"indexed":false,"internalType":"address","name":"outputToken","type":"address"},{"indexed":false,"internalType":"uint256","name":"inputAmount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"outputAmount","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"originChainId","type":"uint256"},{"indexed":true,"internalType":"uint32","name":"depositId","type":"uint32"},{"indexed":false,"internalType":"uint32","name":"fillDeadline","type":"uint32"},{"indexed":false,"internalType":"uint32","name":"exclusivityDeadline","type":"uint32"},{"indexed":false,"internalType":"address","name":"exclusiveRelayer","type":"address"},{"indexed":false,"internalType":"address","name":"depositor","type":"address"},{"indexed":false,"internalType":"address","name":"recipient","type":"address"},{"indexed":false,"internalType":"bytes","name":"message","type":"bytes"}],"name":"RequestedV3SlowFill","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"newHubPool","type":"address"}],"name":"SetHubPool","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"newAdmin","type":"address"}],"name":"SetXDomainAdmin","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"amountToReturn","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"chainId","type":"uint256"},{"indexed":true,"internalType":"uint32","name":"leafId","type":"uint32"},{"indexed":true,"internalType":"address","name":"l2TokenAddress","type":"address"},{"indexed":false,"internalType":"address","name":"caller","type":"address"}],"name":"TokensBridged","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"implementation","type":"address"}],"name":"Upgraded","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"inputToken","type":"address"},{"indexed":false,"internalType":"address","name":"outputToken","type":"address"},{"indexed":false,"internalType":"uint256","name":"inputAmount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"outputAmount","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"destinationChainId","type":"uint256"},{"indexed":true,"internalType":"uint32","name":"depositId","type":"uint32"},{"indexed":false,"internalType":"uint32","name":"quoteTimestamp","type":"uint32"},{"indexed":false,"internalType":"uint32","name":"fillDeadline","type":"uint32"},{"indexed":false,"internalType":"uint32","name":"exclusivityDeadline","type":"uint32"},{"indexed":true,"internalType":"address","name":"depositor","type":"address"},{"indexed":false,"internalType":"address","name":"recipient","type":"address"},{"indexed":false,"internalType":"address","name":"exclusiveRelayer","type":"address"},{"indexed":false,"internalType":"bytes","name":"message","type":"bytes"}],"name":"V3FundsDeposited","type":"event"},{"inputs":[],"name":"EMPTY_RELAYER","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"EMPTY_REPAYMENT_CHAIN_ID","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"INFINITE_FILL_DEADLINE","outputs":[{"internalType":"uint32","name":"","type":"uint32"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"MAX_TRANSFER_SIZE","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"SLOW_FILL_MAX_TOKENS_TO_SEND","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"UPDATE_DEPOSIT_DETAILS_HASH","outputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"UPDATE_V3_DEPOSIT_DETAILS_HASH","outputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint32","name":"_initialDepositId","type":"uint32"},{"internalType":"address","name":"_crossDomainAdmin","type":"address"},{"internalType":"address","name":"_hubPool","type":"address"}],"name":"__SpokePool_init","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"chainId","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"crossDomainAdmin","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"recipient","type":"address"},{"internalType":"address","name":"originToken","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"},{"internalType":"uint256","name":"destinationChainId","type":"uint256"},{"internalType":"int64","name":"relayerFeePct","type":"int64"},{"internalType":"uint32","name":"quoteTimestamp","type":"uint32"},{"internalType":"bytes","name":"message","type":"bytes"},{"internalType":"uint256","name":"","type":"uint256"}],"name":"deposit","outputs":[],"stateMutability":"payable","type":"function"},{"inputs":[{"internalType":"address","name":"depositor","type":"address"},{"internalType":"address","name":"recipient","type":"address"},{"internalType":"address","name":"originToken","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"},{"internalType":"uint256","name":"destinationChainId","type":"uint256"},{"internalType":"int64","name":"relayerFeePct","type":"int64"},{"internalType":"uint32","name":"quoteTimestamp","type":"uint32"},{"internalType":"bytes","name":"message","type":"bytes"},{"internalType":"uint256","name":"","type":"uint256"}],"name":"depositFor","outputs":[],"stateMutability":"payable","type":"function"},{"inputs":[{"internalType":"address","name":"depositor","type":"address"},{"internalType":"address","name":"recipient","type":"address"},{"internalType":"address","name":"originToken","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"},{"internalType":"uint256","name":"destinationChainId","type":"uint256"},{"internalType":"int64","name":"relayerFeePct","type":"int64"},{"internalType":"bytes","name":"message","type":"bytes"},{"internalType":"uint256","name":"maxCount","type":"uint256"}],"name":"depositForNow","outputs":[],"stateMutability":"payable","type":"function"},{"inputs":[{"internalType":"address","name":"recipient","type":"address"},{"internalType":"address","name":"originToken","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"},{"internalType":"uint256","name":"destinationChainId","type":"uint256"},{"internalType":"int64","name":"relayerFeePct","type":"int64"},{"internalType":"bytes","name":"message","type":"bytes"},{"internalType":"uint256","name":"maxCount","type":"uint256"}],"name":"depositNow","outputs":[],"stateMutability":"payable","type":"function"},{"inputs":[],"name":"depositQuoteTimeBuffer","outputs":[{"internalType":"uint32","name":"","type":"uint32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"depositor","type":"address"},{"internalType":"address","name":"recipient","type":"address"},{"internalType":"address","name":"inputToken","type":"address"},{"internalType":"address","name":"outputToken","type":"address"},{"internalType":"uint256","name":"inputAmount","type":"uint256"},{"internalType":"uint256","name":"outputAmount","type":"uint256"},{"internalType":"uint256","name":"destinationChainId","type":"uint256"},{"internalType":"address","name":"exclusiveRelayer","type":"address"},{"internalType":"uint32","name":"quoteTimestamp","type":"uint32"},{"internalType":"uint32","name":"fillDeadline","type":"uint32"},{"internalType":"uint32","name":"exclusivityDeadline","type":"uint32"},{"internalType":"bytes","name":"message","type":"bytes"}],"name":"depositV3","outputs":[],"stateMutability":"payable","type":"function"},{"inputs":[{"internalType":"uint256","name":"rootBundleId","type":"uint256"}],"name":"emergencyDeleteRootBundle","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"","type":"address"},{"internalType":"uint256","name":"","type":"uint256"}],"name":"enabledDepositRoutes","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint32","name":"rootBundleId","type":"uint32"},{"components":[{"internalType":"uint256","name":"amountToReturn","type":"uint256"},{"internalType":"uint256","name":"chainId","type":"uint256"},{"internalType":"uint256[]","name":"refundAmounts","type":"uint256[]"},{"internalType":"uint32","name":"leafId","type":"uint32"},{"internalType":"address","name":"l2TokenAddress","type":"address"},{"internalType":"address[]","name":"refundAddresses","type":"address[]"}],"internalType":"struct SpokePoolInterface.RelayerRefundLeaf","name":"relayerRefundLeaf","type":"tuple"},{"internalType":"bytes32[]","name":"proof","type":"bytes32[]"}],"name":"executeRelayerRefundLeaf","outputs":[],"stateMutability":"payable","type":"function"},{"inputs":[{"internalType":"address","name":"depositor","type":"address"},{"internalType":"address","name":"recipient","type":"address"},{"internalType":"address","name":"destinationToken","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"},{"internalType":"uint256","name":"originChainId","type":"uint256"},{"internalType":"int64","name":"realizedLpFeePct","type":"int64"},{"internalType":"int64","name":"relayerFeePct","type":"int64"},{"internalType":"uint32","name":"depositId","type":"uint32"},{"internalType":"uint32","name":"rootBundleId","type":"uint32"},{"internalType":"bytes","name":"message","type":"bytes"},{"internalType":"int256","name":"payoutAdjustment","type":"int256"},{"internalType":"bytes32[]","name":"proof","type":"bytes32[]"}],"name":"executeSlowRelayLeaf","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"components":[{"components":[{"internalType":"address","name":"depositor","type":"address"},{"internalType":"address","name":"recipient","type":"address"},{"internalType":"address","name":"exclusiveRelayer","type":"address"},{"internalType":"address","name":"inputToken","type":"address"},{"internalType":"address","name":"outputToken","type":"address"},{"internalType":"uint256","name":"inputAmount","type":"uint256"},{"internalType":"uint256","name":"outputAmount","type":"uint256"},{"internalType":"uint256","name":"originChainId","type":"uint256"},{"internalType":"uint32","name":"depositId","type":"uint32"},{"internalType":"uint32","name":"fillDeadline","type":"uint32"},{"internalType":"uint32","name":"exclusivityDeadline","type":"uint32"},{"internalType":"bytes","name":"message","type":"bytes"}],"internalType":"struct V3SpokePoolInterface.V3RelayData","name":"relayData","type":"tuple"},{"internalType":"uint256","name":"chainId","type":"uint256"},{"internalType":"uint256","name":"updatedOutputAmount","type":"uint256"}],"internalType":"struct V3SpokePoolInterface.V3SlowFill","name":"slowFillLeaf","type":"tuple"},{"internalType":"uint32","name":"rootBundleId","type":"uint32"},{"internalType":"bytes32[]","name":"proof","type":"bytes32[]"}],"name":"executeV3SlowRelayLeaf","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"fillDeadlineBuffer","outputs":[{"internalType":"uint32","name":"","type":"uint32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"depositor","type":"address"},{"internalType":"address","name":"recipient","type":"address"},{"internalType":"address","name":"destinationToken","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"},{"internalType":"uint256","name":"maxTokensToSend","type":"uint256"},{"internalType":"uint256","name":"repaymentChainId","type":"uint256"},{"internalType":"uint256","name":"originChainId","type":"uint256"},{"internalType":"int64","name":"realizedLpFeePct","type":"int64"},{"internalType":"int64","name":"relayerFeePct","type":"int64"},{"internalType":"uint32","name":"depositId","type":"uint32"},{"internalType":"bytes","name":"message","type":"bytes"},{"internalType":"uint256","name":"maxCount","type":"uint256"}],"name":"fillRelay","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"depositor","type":"address"},{"internalType":"address","name":"recipient","type":"address"},{"internalType":"address","name":"updatedRecipient","type":"address"},{"internalType":"address","name":"destinationToken","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"},{"internalType":"uint256","name":"maxTokensToSend","type":"uint256"},{"internalType":"uint256","name":"repaymentChainId","type":"uint256"},{"internalType":"uint256","name":"originChainId","type":"uint256"},{"internalType":"int64","name":"realizedLpFeePct","type":"int64"},{"internalType":"int64","name":"relayerFeePct","type":"int64"},{"internalType":"int64","name":"updatedRelayerFeePct","type":"int64"},{"internalType":"uint32","name":"depositId","type":"uint32"},{"internalType":"bytes","name":"message","type":"bytes"},{"internalType":"bytes","name":"updatedMessage","type":"bytes"},{"internalType":"bytes","name":"depositorSignature","type":"bytes"},{"internalType":"uint256","name":"maxCount","type":"uint256"}],"name":"fillRelayWithUpdatedDeposit","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"name":"fillStatuses","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"components":[{"internalType":"address","name":"depositor","type":"address"},{"internalType":"address","name":"recipient","type":"address"},{"internalType":"address","name":"exclusiveRelayer","type":"address"},{"internalType":"address","name":"inputToken","type":"address"},{"internalType":"address","name":"outputToken","type":"address"},{"internalType":"uint256","name":"inputAmount","type":"uint256"},{"internalType":"uint256","name":"outputAmount","type":"uint256"},{"internalType":"uint256","name":"originChainId","type":"uint256"},{"internalType":"uint32","name":"depositId","type":"uint32"},{"internalType":"uint32","name":"fillDeadline","type":"uint32"},{"internalType":"uint32","name":"exclusivityDeadline","type":"uint32"},{"internalType":"bytes","name":"message","type":"bytes"}],"internalType":"struct V3SpokePoolInterface.V3RelayData","name":"relayData","type":"tuple"},{"internalType":"uint256","name":"repaymentChainId","type":"uint256"}],"name":"fillV3Relay","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"components":[{"internalType":"address","name":"depositor","type":"address"},{"internalType":"address","name":"recipient","type":"address"},{"internalType":"address","name":"exclusiveRelayer","type":"address"},{"internalType":"address","name":"inputToken","type":"address"},{"internalType":"address","name":"outputToken","type":"address"},{"internalType":"uint256","name":"inputAmount","type":"uint256"},{"internalType":"uint256","name":"outputAmount","type":"uint256"},{"internalType":"uint256","name":"originChainId","type":"uint256"},{"internalType":"uint32","name":"depositId","type":"uint32"},{"internalType":"uint32","name":"fillDeadline","type":"uint32"},{"internalType":"uint32","name":"exclusivityDeadline","type":"uint32"},{"internalType":"bytes","name":"message","type":"bytes"}],"internalType":"struct V3SpokePoolInterface.V3RelayData","name":"relayData","type":"tuple"},{"internalType":"uint256","name":"repaymentChainId","type":"uint256"},{"internalType":"uint256","name":"updatedOutputAmount","type":"uint256"},{"internalType":"address","name":"updatedRecipient","type":"address"},{"internalType":"bytes","name":"updatedMessage","type":"bytes"},{"internalType":"bytes","name":"depositorSignature","type":"bytes"}],"name":"fillV3RelayWithUpdatedDeposit","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"getCurrentTime","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"hubPool","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint32","name":"_initialDepositId","type":"uint32"},{"internalType":"address","name":"_hubPool","type":"address"}],"name":"initialize","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes[]","name":"data","type":"bytes[]"}],"name":"multicall","outputs":[{"internalType":"bytes[]","name":"results","type":"bytes[]"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"numberOfDeposits","outputs":[{"internalType":"uint32","name":"","type":"uint32"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"owner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bool","name":"pause","type":"bool"}],"name":"pauseDeposits","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bool","name":"pause","type":"bool"}],"name":"pauseFills","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"pausedDeposits","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"pausedFills","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"proxiableUUID","outputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"relayerRefundRoot","type":"bytes32"},{"internalType":"bytes32","name":"slowRelayRoot","type":"bytes32"}],"name":"relayRootBundle","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"renounceOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"components":[{"internalType":"address","name":"depositor","type":"address"},{"internalType":"address","name":"recipient","type":"address"},{"internalType":"address","name":"exclusiveRelayer","type":"address"},{"internalType":"address","name":"inputToken","type":"address"},{"internalType":"address","name":"outputToken","type":"address"},{"internalType":"uint256","name":"inputAmount","type":"uint256"},{"internalType":"uint256","name":"outputAmount","type":"uint256"},{"internalType":"uint256","name":"originChainId","type":"uint256"},{"internalType":"uint32","name":"depositId","type":"uint32"},{"internalType":"uint32","name":"fillDeadline","type":"uint32"},{"internalType":"uint32","name":"exclusivityDeadline","type":"uint32"},{"internalType":"bytes","name":"message","type":"bytes"}],"internalType":"struct V3SpokePoolInterface.V3RelayData","name":"relayData","type":"tuple"}],"name":"requestV3SlowFill","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"","type":"uint256"}],"name":"rootBundles","outputs":[{"internalType":"bytes32","name":"slowRelayRoot","type":"bytes32"},{"internalType":"bytes32","name":"relayerRefundRoot","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"newCrossDomainAdmin","type":"address"}],"name":"setCrossDomainAdmin","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"originToken","type":"address"},{"internalType":"uint256","name":"destinationChainId","type":"uint256"},{"internalType":"bool","name":"enabled","type":"bool"}],"name":"setEnableRoute","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"newHubPool","type":"address"}],"name":"setHubPool","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"depositor","type":"address"},{"internalType":"int64","name":"updatedRelayerFeePct","type":"int64"},{"internalType":"uint32","name":"depositId","type":"uint32"},{"internalType":"address","name":"updatedRecipient","type":"address"},{"internalType":"bytes","name":"updatedMessage","type":"bytes"},{"internalType":"bytes","name":"depositorSignature","type":"bytes"}],"name":"speedUpDeposit","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"depositor","type":"address"},{"internalType":"uint32","name":"depositId","type":"uint32"},{"internalType":"uint256","name":"updatedOutputAmount","type":"uint256"},{"internalType":"address","name":"updatedRecipient","type":"address"},{"internalType":"bytes","name":"updatedMessage","type":"bytes"},{"internalType":"bytes","name":"depositorSignature","type":"bytes"}],"name":"speedUpV3Deposit","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"newOwner","type":"address"}],"name":"transferOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"newImplementation","type":"address"}],"name":"upgradeTo","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"newImplementation","type":"address"},{"internalType":"bytes","name":"data","type":"bytes"}],"name":"upgradeToAndCall","outputs":[],"stateMutability":"payable","type":"function"},{"inputs":[],"name":"wrappedNativeToken","outputs":[{"internalType":"contract WETH9Interface","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"stateMutability":"payable","type":"receive"}]Deployed Bytecode
0x6080604052600436101561001a575b3615610018575f80fd5b005b5f3560e01c8063079bd2c7146103445780630c2097f71461033f5780631186ec331461033a57806315348e44146102d657806317fcb39b146103355780631b3d5559146103305780631dfb2d021461032b578063272751c71461032657806329cb924d146103215780632cfc26c51461031c5780632e378115146103175780633659cfe61461031257806344b8be681461030d578063493a4f84146103085780634e0fb8f5146103035780634f1ef286146102fe5780635249fef1146102f95780635285e058146102f457806352d1902d146102ef578063541f4f14146102ea57806357f6dcb8146102e55780635ceaec32146102e05780636068d6cb146102db5780636bbbcd2e146102d6578063715018a6146102d1578063738b62e5146102cc5780637b939232146102c75780637e688bba146102c25780638624c35c146102bd5780638a7860ce146102b85780638da5cb5b146102b3578063979f2bc2146102ae5780639963e5a8146102a957806399cc2968146102a45780639a8a05921461029f578063a1244c671461029a578063a78e4b6014610295578063ac9650d814610290578063ae527fbb1461028b578063b5e1bf5f14610286578063bbca7db014610281578063c35c83fc1461027c578063ccfa597114610277578063ceb4c98714610272578063dda521131461026d578063ddd224f114610268578063de7eba7814610263578063e19044021461025e578063ee2a53f814610259578063f2fde38b146102545763fd7c10540361000e5761239f565b6122f8565b6122ba565b612240565b612210565b6121e7565b6121c1565b6121a3565b612120565b6120f5565b611ff5565b611fca565b611f47565b611e66565b611d52565b611d2b565b611d11565b611c63565b611a5a565b611965565b61193e565b6118c6565b6117d4565b61174c565b6116a4565b6115f5565b61159a565b610843565b611574565b6114a7565b611467565b6113d3565b6112fa565b6112d3565b611285565b6110dd565b610fc3565b610f0e565b610e7a565b610cca565b610b83565b610b3a565b610b20565b610a81565b610a42565b61096a565b61085d565b6107b3565b61070e565b610357565b5f91031261035357565b5f80fd5b34610353575f36600319011261035357602060405163ffffffff7f0000000000000000000000000000000000000000000000000000000000007080168152f35b6001600160a01b0381160361035357565b600435906103b582610397565b565b602435906103b582610397565b604435906103b582610397565b606435906103b582610397565b35906103b582610397565b60a435908160070b820361035357565b60c435908160070b820361035357565b608435908160070b820361035357565b61010435908160070b820361035357565b61012435908160070b820361035357565b61014435908160070b820361035357565b63ffffffff81160361035357565b60e435906103b58261044c565b61010435906103b58261044c565b61012435906103b58261044c565b61016435906103b58261044c565b61014435906103b58261044c565b35906103b58261044c565b634e487b7160e01b5f52604160045260245ffd5b67ffffffffffffffff81116104d257604052565b6104aa565b6060810190811067ffffffffffffffff8211176104d257604052565b6080810190811067ffffffffffffffff8211176104d257604052565b60a0810190811067ffffffffffffffff8211176104d257604052565b6020810190811067ffffffffffffffff8211176104d257604052565b6040810190811067ffffffffffffffff8211176104d257604052565b60e0810190811067ffffffffffffffff8211176104d257604052565b90601f8019910116810190811067ffffffffffffffff8211176104d257604052565b6040519060c0820182811067ffffffffffffffff8211176104d257604052565b60405190610140820182811067ffffffffffffffff8211176104d257604052565b60405190610180820182811067ffffffffffffffff8211176104d257604052565b604051906103b5826104f3565b604051906103b58261050f565b67ffffffffffffffff81116104d257601f01601f191660200190565b9291926106458261061d565b91610653604051938461057f565b829481845281830111610353578281602093845f960137010152565b9080601f830112156103535781602061068a93359101610639565b90565b67ffffffffffffffff81116104d25760051b60200190565b92916106b08261068d565b916106be604051938461057f565b829481845260208094019160051b810192831161035357905b8282106106e45750505050565b813581529083019083016106d7565b9080601f830112156103535781602061068a933591016106a5565b34610353576101803660031901126103535760043561072c81610397565b6107346103b7565b9061073d6103c4565b6107456103e9565b9261074e6103f9565b61075661045a565b61075e610467565b91610124359667ffffffffffffffff978881116103535761078390369060040161066f565b9461016435988911610353576107a06100189936906004016106f3565b976101443597608435926064359261242e565b610100366003190112610353576004356107cc81610397565b602435906107d982610397565b6107e1610409565b60a435906107ee8261044c565b60c4359367ffffffffffffffff85116103535761081261083c95369060040161066f565b9361081b6134fb565b61082e60ff61086b5460e81c161561253d565b6064359160443591336136da565b6001606555005b34610353575f3660031901126103535760206040515f8152f35b34610353575f3660031901126103535760206040516001600160a01b037f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc2168152f35b9080601f830112156103535760209082356108ba8161068d565b936108c8604051958661057f565b81855260208086019260051b82010192831161035357602001905b8282106108f1575050505090565b813581529083019083016108e3565b9080601f8301121561035357602090823561091a8161068d565b93610928604051958661057f565b81855260208086019260051b82010192831161035357602001905b828210610951575050505090565b838091833561095f81610397565b815201910190610943565b600319606036820112610353576004356109838161044c565b60243567ffffffffffffffff928382116103535760c0908236030112610353576109ab6105a1565b9080600401358252602481013560208301526044810135848111610353576109d990600436918401016108a0565b60408301526109ea6064820161049f565b60608301526109fb608482016103de565b608083015260a481013590848211610353576004610a1c9236920101610900565b60a082015260443592831161035357610a3c6100189336906004016106f3565b91612588565b346103535760203660031901126103535761083c600435610a6281610397565b610a6a614e94565b610a726134fb565b613b25565b8015150361035357565b3461035357606036600319011261035357600435610a9e81610397565b602435907f0a21fdd43d0ad0c62689ee7230a47309a050755bcc52eba00310add65297692a60206001600160a01b0360443593610ada85610a77565b610ae2614e94565b610aea6134fb565b1692835f5261086d825260405f20855f52825260405f209015159060ff1981541660ff8316179055604051908152a36001606555005b34610353575f366003190112610353576020604051428152f35b34610353575f3660031901126103535760206040517f152eb71524aef34d838ab76573c14b1ebfa5e385d9ab29d7cf5398daa2438bd98152f35b90816101809103126103535790565b346103535760403660031901126103535760043567ffffffffffffffff811161035357610bb4903690600401610b74565b610bbc6134fb565b610bcf60ff61086b5460e01c1615612772565b610bdc61014082016127bd565b63ffffffff429116101580610cac575b610c8257610c7890610c64610c09610c0436846127d1565b613c7d565b9160c0610c5d610c1b602084016127c7565b610c296101608501856128b1565b939094610c346105a1565b97610c3f36836127d1565b89526020890152013560408701526001600160a01b03166060860152565b3691610639565b608082015260243560a08201523390613dd0565b6100186001606555565b60046040517fc3a9b9d0000000000000000000000000000000000000000000000000000000008152fd5b50610cb9604082016127c7565b6001600160a01b0316331415610bec565b3461035357602036600319011261035357600435610ce781610397565b6001600160a01b0390817f00000000000000000000000090438ad3d81a0739ce1cb20c73564682388c5fdd1691610d20833014156128e4565b610d4f7f360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc938285541614612955565b610d57614e94565b60405190610d648261052b565b5f82527f4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd91435460ff1615610d9d5750506100189150615544565b6020600491604094939451928380926352d1902d60e01b825286165afa5f9181610e49575b50610e365760405162461bcd60e51b815260206004820152602e60248201527f45524331393637557067726164653a206e657720696d706c656d656e7461746960448201527f6f6e206973206e6f7420555550530000000000000000000000000000000000006064820152608490fd5b0390fd5b61001893610e449114614390565b615423565b610e6c91925060203d602011610e73575b610e64818361057f565b810190614381565b905f610dc2565b503d610e5a565b346103535761018036600319011261035357600435610e9881610397565b602435610ea481610397565b604435610eb081610397565b60e4358060070b810361035357610ec5610419565b610ecd610475565b91610144359567ffffffffffffffff871161035357610ef361001897369060040161066f565b94610164359660c4359260a4359260843592606435926129c6565b3461035357604036600319011261035357602435600435610f2d614e94565b610f356134fb565b61086c8054680100000000000000008110156104d25763ffffffff9160018201905583610f618261227b565b5084600182015555167fc86ba04c55bc5eb2f2876b91c438849a296dbec7b08751c3074d92e04f0a77af5f80a46001606555005b9181601f840112156103535782359167ffffffffffffffff8311610353576020838186019501011161035357565b346103535760c036600319011261035357600435610fe081610397565b60243590610fed8261044c565b604435606435610ffc81610397565b67ffffffffffffffff916084358381116103535761101e903690600401610f95565b93909460a435918211610353576110c163ffffffff7fb0a29aed3d389a1041194255878b423f7780be3ed2324d4693508c6ff189845e966110666110d3953690600401610f95565b9390996110716134fb565b6110988c8c8b8b61108f611086368a89610639565b938b3691610639565b9346908c614d99565b6001600160a01b0392836040519a8b9a8b521660208a0152608060408a01526080890191612ac0565b93868503606088015216981696612ac0565b0390a36001606555005b6040366003190112610353576004356110f581610397565b60243567ffffffffffffffff81116103535761111590369060040161066f565b906001600160a01b0391827f00000000000000000000000090438ad3d81a0739ce1cb20c73564682388c5fdd169261114f843014156128e4565b61117e7f360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc948286541614612955565b611186614e94565b7f4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd91435460ff16156111bc5750506100189150615544565b6020600491604094939451928380926352d1902d60e01b825286165afa5f9181611264575b506112515760405162461bcd60e51b815260206004820152602e60248201527f45524331393637557067726164653a206e657720696d706c656d656e7461746960448201527f6f6e206973206e6f7420555550530000000000000000000000000000000000006064820152608490fd5b6100189361125f9114614390565b6154f2565b61127e91925060203d602011610e7357610e64818361057f565b905f6111e1565b34610353576040366003190112610353576001600160a01b036004356112aa81610397565b165f5261086d60205260405f206024355f52602052602060ff60405f2054166040519015158152f35b34610353575f3660031901126103535760206001600160a01b036108695416604051908152f35b34610353575f366003190112610353576001600160a01b037f00000000000000000000000090438ad3d81a0739ce1cb20c73564682388c5fdd163003611369576040517f360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc8152602090f35b0390f35b608460405162461bcd60e51b815260206004820152603860248201527f555550535570677261646561626c653a206d757374206e6f742062652063616c60448201527f6c6564207468726f7567682064656c656761746563616c6c00000000000000006064820152fd5b610120366003190112610353576004356113ec81610397565b6024356113f881610397565b6044359061140582610397565b61140d6103e9565b60c4359161141a8361044c565b60e4359467ffffffffffffffff86116103535761143e61083c96369060040161066f565b946114476134fb565b61145a60ff61086b5460e81c161561253d565b60843592606435926136da565b34610353575f36600319011261035357602060405163ffffffff7f0000000000000000000000000000000000000000000000000000000000000e10168152f35b3461035357610200366003190112610353576114c16103a8565b6114c96103b7565b906114d26103c4565b916114db6103d1565b926114e4610419565b936114ed61042a565b6114f561043b565b6114fd610483565b91610184359767ffffffffffffffff988981116103535761152290369060040161066f565b946101a4358a81116103535761153c90369060040161066f565b966101c4359a8b11610353576115596100189b369060040161066f565b986101e4359a60e4359360c4359360a4359360843593612ae0565b34610353575f36600319011261035357602060ff61086b5460e81c166040519015158152f35b34610353575f366003190112610353576115b2614e94565b5f6001600160a01b03610c8c8054906001600160a01b031982169055167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e08280a3005b34610353576020366003190112610353577fe88463c2f254e2b070013a2dc7ee1e099f9bc00534cbdf03af551dc26ae49219602060043561163581610a77565b61163d614e94565b6116456134fb565b151561086b80547fffff00ffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7dff00000000000000000000000000000000000000000000000000000000008460e81b169116179055604051908152a16001606555005b610180366003190112610353576004356116bd81610397565b602435906116ca82610397565b6044356116d681610397565b606435906116e382610397565b60e4356116ef81610397565b610104356116fc8161044c565b610124359161170a8361044c565b611712610491565b93610164359767ffffffffffffffff891161035357611738610018993690600401610f95565b98909760c4359360a4359360843593612bdc565b346103535760c03660031901126103535760043561176981610397565b602435908160070b820361035357604435916117848361044c565b60643561179081610397565b67ffffffffffffffff93608435858111610353576117b290369060040161066f565b9260a435958611610353576117ce61001896369060040161066f565b94612fcc565b34610353576040366003190112610353576004356117f18161044c565b61183e60243561180081610397565b5f549261182460ff8560081c1615809581966118b8575b8115611898575b506130c3565b83611835600160ff195f5416175f55565b61188157613134565b61184457005b61185261ff00195f54165f55565b604051600181527f7f26b83ff96e1f2b6a682f133852f6798a09c465da95921460cefb384740249890602090a1005b61189361010061ff00195f5416175f55565b613134565b303b159150816118aa575b505f61181e565b6001915060ff16145f6118a3565b600160ff8216109150611817565b34610353576020366003190112610353576004356118e2614e94565b6118ea6134fb565b6118f38161227b565b61192b576001815f80935501557f3569b846531b754c99cb80df3f49cd72fa6fe106aaee5ab8e0caf35a9d7ce88d5f80a26001606555005b634e487b7160e01b5f525f60045260245ffd5b34610353575f3660031901126103535760206001600160a01b03610c8c5416604051908152f35b34610353576060366003190112610353576100186004356119858161044c565b610a7260243561199481610397565b6119d7604435936119a485610397565b6119b460ff5f5460081c166131db565b61086b9063ffffffff60c01b1963ffffffff60c01b83549260c01b169116179055565b6040516119e381610547565b6009815260208101906820a1a927a9a996ab1960b91b825260405191611a0883610547565b600583526020830191640312e302e360dc1b8352611a3560ff5f5460081c16611a30816131db565b6131db565b519020915190209061047f5561048055611a4d614fa1565b611a55614fb1565b614fcc565b346103535760203660031901126103535760043567ffffffffffffffff811161035357611a8b903690600401610b74565b611a936134fb565b611aa660ff61086b5460e01c1615612772565b610140810190611ab5826127bd565b63ffffffff90814291161015611c395761012082019042611ae1611ad8846127bd565b63ffffffff1690565b10611c0f57611af3610c0436856127d1565b91611b07835f5261087260205260405f2090565b54611be557611b49611b437f923794976d026d6b119735adc163cb71decfc903e17c3dc226c00789593c04e1945f5261087260205260405f2090565b60019055565b611bd8611b58606086016127c7565b95611b65608087016127c7565b95611b85611b7f611b7961010084016127bd565b956127bd565b926127bd565b611b91604083016127c7565b611b9a836127c7565b90611ba7602085016127c7565b92611bb66101608601866128b1565b9690956040519a8b9a169d60e08201359d60a060c0840135930135918c61326f565b0390a36100186001606555565b60046040517f012f9e44000000000000000000000000000000000000000000000000000000008152fd5b60046040517fd642b7d9000000000000000000000000000000000000000000000000000000008152fd5b60046040517f09deb9ec000000000000000000000000000000000000000000000000000000008152fd5b34610353576020366003190112610353577f2d5b62420992e5a4afce0e77742636ca2608ef58289fd2e1baa5161ef6e7e41e6020600435611ca381610a77565b611cab614e94565b611cb36134fb565b151561086b80547fffffff00ffffffffffffffffffffffffffffffffffffffffffffffffffffffff7cff000000000000000000000000000000000000000000000000000000008460e01b169116179055604051908152a16001606555005b34610353575f366003190112610353576020604051468152f35b34610353575f36600319011261035357602063ffffffff61086b5460c01c16604051908152f35b34610353575f3660031901126103535760206040517f0e058f05b73c62ee68329d2c67c067aaae9a06503cc306378d144d0f0177882b8152f35b9181601f840112156103535782359167ffffffffffffffff8311610353576020808501948460051b01011161035357565b5f5b838110611dce5750505f910152565b8181015183820152602001611dbf565b90602091611df781518092818552858086019101611dbd565b601f01601f1916010190565b6020808201906020835283518092526040830192602060408460051b8301019501935f915b848310611e385750505050505090565b9091929394958480611e56600193603f198682030187528a51611dde565b9801930193019194939290611e28565b34610353576020366003190112610353576004803567ffffffffffffffff811161035357611e98903690600401611d8c565b91611ea2836132d7565b925f5b818110611eba57604051806113658782611e03565b5f80611ec7838588613320565b60409391611ed985518093819361333b565b0390305af490611ee7613348565b9115611f0e575090600191611efc82886133e7565b52611f0781876133e7565b5001611ea5565b8482604481511061035357611f328183610e32930151602480918301019101613377565b925192839262461bcd60e51b845283016133d6565b60e036600319011261035357600435611f5f81610397565b602435611f6b81610397565b611f73610409565b9160a4359267ffffffffffffffff841161035357611f9861083c94369060040161066f565b92611fa16134fb565b611fb460ff61086b5460e81c161561253d565b63ffffffff4216926064359160443591336136da565b34610353575f366003190112610353576020604051701d6329f1c35ca4bfabb9f56100000000008152f35b34610353576003196060368201126103535760043567ffffffffffffffff8082116103535760608236039384011261035357602435906120348261044c565b6044359081116103535761204c903690600401611d8c565b9190936120576134fb565b600484013590610182190181121561035357610c78946120f0936120846120e993600436918901016127d1565b956120d761209188613c7d565b9160446120a860208b01516001600160a01b031690565b916101608b0151946120b86105a1565b9b8c5260208c0152013560408a01526001600160a01b03166060890152565b60808701525f60a087015236916106a5565b9083615058565b6140ca565b34610353576020366003190112610353576004355f52610872602052602060405f2054604051908152f35b346103535760c03660031901126103535767ffffffffffffffff60043581811161035357612152903690600401610b74565b6064359061215f82610397565b60843583811161035357612177903690600401610f95565b9060a43594851161035357612193610018953690600401610f95565b94909360443590602435906133fb565b34610353575f36600319011261035357602060405163ffffffff8152f35b34610353575f36600319011261035357602060ff61086b5460e01c166040519015158152f35b34610353575f3660031901126103535760206040516ec097ce7bc90715b34b9f10000000008152f35b346103535760203660031901126103535761083c60043561223081610397565b612238614e94565b611a556134fb565b34610353575f3660031901126103535760206001600160a01b0361086a5416604051908152f35b634e487b7160e01b5f52603260045260245ffd5b61086c9081548110156122b5576003915f52027f71cd7344f4eb2efc8e30291f6dbdb44d618ca368ea5425d217c1d604bf26b84d01905f90565b612267565b346103535760203660031901126103535760043561086c54811015610353576122e460409161227b565b506001815491015482519182526020820152f35b346103535760203660031901126103535760043561231581610397565b61231d614e94565b6001600160a01b038116156123355761001890614eed565b608460405162461bcd60e51b815260206004820152602660248201527f4f776e61626c653a206e6577206f776e657220697320746865207a65726f206160448201527f64647265737300000000000000000000000000000000000000000000000000006064820152fd5b610100366003190112610353576004356123b881610397565b602435906123c582610397565b6044356123d181610397565b6123d96103e9565b60c4359367ffffffffffffffff8511610353576123fd61083c95369060040161066f565b936124066134fb565b61241960ff61086b5460e81c161561253d565b63ffffffff42169360843592606435926136da565b9a98959391999694929097996124426134fb565b61244a6105c1565b6001600160a01b03909c168c526001600160a01b03891660208d01526001600160a01b031660408c015260608b015260808a01524660a08a015260070b60c089015260070b60e088015263ffffffff16610100878101919091526101209180838901526124b56105c1565b9788525f6020890181815260408a01919091526001600160a01b03909516606089015260808801525f60a0880152701d6329f1c35ca4bfabb9f561000000000060c08801525f1960e088015260019087015285015283516125159061449f565b905261252191836150e8565b61252a81614753565b61253391614c43565b6103b56001606555565b1561254457565b606460405162461bcd60e51b815260206004820152600f60248201527f506175736564206465706f7369747300000000000000000000000000000000006044820152fd5b91906125926134fb565b6020810191825146036126a2576125ba6125be918360016125b28861227b565b500154613900565b1590565b612691577ff8bd640004bcec1b89657020f561d0b070cbdf662d0b158db9dccb0a8301bfab60608201926125ff6125f9855163ffffffff1690565b866139c0565b805161268484519261266961265b604088019761264b8951966126268c5163ffffffff1690565b97608084019861263d8a516001600160a01b031690565b9160a086019b8c5194613a2d565b5192519751985163ffffffff1690565b93516001600160a01b031690565b935163ffffffff9485604051968796169a16983393866126cc565b0390a46103b56001606555565b600460405163582f497d60e11b8152fd5b60046040517f7a47c9a2000000000000000000000000000000000000000000000000000000008152fd5b95949392919060a0870190875260209060a08289015282518091528160c089019301905f5b81811061275e575050506001600160a01b03809316604088015286820360608801528080855193848152019401925f905b8382106127455750505050509060806103b5929401906001600160a01b03169052565b8451811686529482019493820193600190910190612722565b8251855293830193918301916001016126f1565b1561277957565b606460405162461bcd60e51b815260206004820152600c60248201527f5061757365642066696c6c7300000000000000000000000000000000000000006044820152fd5b3561068a8161044c565b3561068a81610397565b919061018083820312610353576127e66105e2565b926127f0816103de565b84526127fe602082016103de565b602085015261280f604082016103de565b6040850152612820606082016103de565b6060850152612831608082016103de565b608085015260a081013560a085015260c081013560c085015260e081013560e085015261010061286281830161049f565b9085015261012061287481830161049f565b9085015261014061288681830161049f565b90850152610160918282013567ffffffffffffffff8111610353576128ab920161066f565b90830152565b903590601e1981360301821215610353570180359067ffffffffffffffff82116103535760200191813603831361035357565b156128eb57565b608460405162461bcd60e51b815260206004820152602c60248201527f46756e6374696f6e206d7573742062652063616c6c6564207468726f7567682060448201527f64656c656761746563616c6c00000000000000000000000000000000000000006064820152fd5b1561295c57565b608460405162461bcd60e51b815260206004820152602c60248201527f46756e6374696f6e206d7573742062652063616c6c6564207468726f7567682060448201527f6163746976652070726f787900000000000000000000000000000000000000006064820152fd5b9a9692909897999395916129d86134fb565b61086b5460e01c60ff16156129ec90612772565b6129f46105c1565b6001600160a01b03909c168c526001600160a01b038a1660208d01526001600160a01b031660408c015260608b015260808a01524660a08a015260070b60c0890152600787900b60e08901526101009485890190612a57919063ffffffff169052565b6101209581878a0152612a686105c1565b9889525f60208a0190815260079890980b60408a01526001600160a01b03166060890152608088015260a087015260c086015260e085015283015f905282015f90528151612ab59061449f565b905261252a81614753565b908060209392818452848401375f828201840152601f01601f1916010190565b9d9c9b959e9390928e9799939b98929b612af86134fb565b61086b5460e01c60ff1615612b0c90612772565b612b146105c1565b6001600160a01b0390991689526001600160a01b031660208901526001600160a01b031660408801526060870152608086018890524660a087015260070b60c086015260070b60e085015263ffffffff851661010085810191909152916101209384860152612b816105c1565b9485525f60208601908152600789900b60408701526001600160a01b038a166060870152949c8d8b608082015260a0015260c08d015260e08c01528a015f905289015f90528851612bd19061449f565b905261252196614e1c565b979b95999196939b9a949890929a612bf26134fb565b61086b998a5460e81c60ff1615612c089061253d565b8b612c258a6001600160a01b03165f5261086d60205260405f2090565b5f918252602052604090205460ff1615612ee75763ffffffff9d8e612c4c81851642612f25565b907f0000000000000000000000000000000000000000000000000000000000000e101610612ebd578e808516428110918215612e87575b5050612e5d578e9b6001600160a01b039c8d891690871690818117612df7575b50508c7f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc2168d8c1681811480612dee575b15612dd45750823403612daa57803b15610353575f60049160405192838092630d0e30db60e41b825234905af18015612da557612d8c575b505b5460c01c63ffffffff169e8f612d2390612f4f565b612d4a9061086b9063ffffffff60c01b1963ffffffff60c01b83549260c01b169116179055565b6040519c8d9c169f169d612d5e9a8c612f64565b037fa123dc29aebf7d0c3322c8eeb5b999e859f39937950ed31056532713d0de396f91a46103b56001606555565b80612d99612d9f926104be565b80610349565b5f612d0c565b612f44565b60046040517f6452a35d000000000000000000000000000000000000000000000000000000008152fd5b905034612daa5782612de99130903390614f35565b612d0e565b50341515612cd4565b15612e33574211612e09575f80612ca3565b60046040517f25a63a5b000000000000000000000000000000000000000000000000000000008152fd5b60046040517f495d907f000000000000000000000000000000000000000000000000000000008152fd5b60046040517f582e3889000000000000000000000000000000000000000000000000000000008152fd5b612eb59192507f00000000000000000000000000000000000000000000000000000000000070801642612f37565b108f80612c83565b60046040517ff722177f000000000000000000000000000000000000000000000000000000008152fd5b60046040517f2a58c4f3000000000000000000000000000000000000000000000000000000008152fd5b634e487b7160e01b5f52601160045260245ffd5b91908203918211612f3257565b612f11565b91908201809211612f3257565b6040513d5f823e3d90fd5b63ffffffff809116908114612f325760010190565b6001600160a01b03918216815291811660208301526040820192909252606081019290925263ffffffff928316608083015292821660a0820152921660c083015291821660e08201529116610100820152610140610120820181905261068a93910191612ac0565b61306e9063ffffffff7fa6aa57bd282fc82378458de27be4eadfa791a0c7321c49562eeba8b2643dd566959497966130026134fb565b6130308882888860070b986130286706f05b59d3b200006130228c614f92565b10613078565b468e89614e1c565b61305c6001600160a01b0391826040519889988952166020880152608060408801526080870190611dde565b92858403606087015216971695611dde565b0390a36001606555565b1561307f57565b606460405162461bcd60e51b815260206004820152601360248201527f496e76616c69642072656c6179657220666565000000000000000000000000006044820152fd5b156130ca57565b608460405162461bcd60e51b815260206004820152602e60248201527f496e697469616c697a61626c653a20636f6e747261637420697320616c72656160448201527f647920696e697469616c697a65640000000000000000000000000000000000006064820152fd5b906131596103b59261315060ff5f5460081c16611a30816131db565b6119a433614eed565b60405161316581610547565b6009815260208101906820a1a927a9a996ab1960b91b82526040519161318a83610547565b600583526020830191640312e302e360dc1b83526131b260ff5f5460081c16611a30816131db565b519020915190209061047f55610480556131ca614fa1565b6131d2614fb1565b610a7281614fcc565b156131e257565b608460405162461bcd60e51b815260206004820152602b60248201527f496e697469616c697a61626c653a20636f6e7472616374206973206e6f74206960448201527f6e697469616c697a696e670000000000000000000000000000000000000000006064820152fd5b634e487b7160e01b5f52602160045260245ffd5b6003111561326a57565b61324c565b969091939792959461068a9b9995610140996001600160a01b0398898098818098168d521660208c015260408b015260608a015263ffffffff80921660808a01521660a08801521660c08601521660e084015216610100820152816101208201520191612ac0565b906132e18261068d565b6132ee604051918261057f565b82815280926132ff601f199161068d565b01905f5b82811061330f57505050565b806060602080938501015201613303565b908210156122b5576133379160051b8101906128b1565b9091565b908092918237015f815290565b3d15613372573d906133598261061d565b91613367604051938461057f565b82523d5f602084013e565b606090565b6020818303126103535780519067ffffffffffffffff8211610353570181601f820112156103535780516133aa8161061d565b926133b8604051948561057f565b818452602082840101116103535761068a9160208085019101611dbd565b90602061068a928181520190611dde565b80518210156122b55760209160051b010190565b94909693956134086134fb565b61341b60ff61086b5460e01c1615612772565b61342861014087016127bd565b63ffffffff4291161015806134dd575b610c825761344636876127d1565b61344f90613c7d565b976134586105a1565b9861346336896127d1565b8a5260208a0152604089018490526001600160a01b03851660608a015261348b36848a610639565b60808a015260a089015261349e866127c7565b966134ac61010088016127bd565b9236906134b892610639565b9436906134c492610639565b9460e00135906134d396614d99565b3361253391613dd0565b506134ea604087016127c7565b6001600160a01b0316331415613438565b60026065541461350c576002606555565b606460405162461bcd60e51b815260206004820152601f60248201527f5265656e7472616e637947756172643a207265656e7472616e742063616c6c006044820152fd5b1561355757565b606460405162461bcd60e51b815260206004820152600e60248201527f44697361626c656420726f7574650000000000000000000000000000000000006044820152fd5b156135a257565b606460405162461bcd60e51b815260206004820152601060248201527f416d6f756e7420746f6f206c61726765000000000000000000000000000000006044820152fd5b156135ed57565b606460405162461bcd60e51b815260206004820152601660248201527f696e76616c69642071756f746554696d657374616d70000000000000000000006044820152fd5b1561363857565b606460405162461bcd60e51b815260206004820152601b60248201527f6d73672e76616c7565206d757374206d6174636820616d6f756e7400000000006044820152fd5b929361068a9695919294610140956001600160a01b0380951686525f60208701526040860152606085015263ffffffff809116608085015260a08401525f60c08401521660e08201525f610100820152816101208201520190611dde565b919596939492909261372161371c613715886137088b6001600160a01b03165f5261086d60205260405f2090565b905f5260205260405f2090565b5460ff1690565b613550565b60070b9361373a6706f05b59d3b2000061302287614f92565b6137556ec097ce7bc90715b34b9f100000000083111561359b565b63ffffffff9361379461376a868b1642612f25565b867f0000000000000000000000000000000000000000000000000000000000000e101610156135e6565b61086b5460c01c63ffffffff16986137ae6119b48b612f4f565b6001600160a01b0395867f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc21694878b16868114806138bb575b1561387e57506137f8813414613631565b853b15610353575f60049660405197888092630d0e30db60e41b825234905af18015612da5577fa123dc29aebf7d0c3322c8eeb5b999e859f39937950ed31056532713d0de396f99613866976138559261386b575b505b826151ad565b91604051988998169c169a8761367c565b0390a4565b80612d99613878926104be565b5f61384d565b61386696507fa123dc29aebf7d0c3322c8eeb5b999e859f39937950ed31056532713d0de396f996138b6836138559330903390614f35565b61384f565b503415156137e7565b9081518082526020808093019301915f5b8281106138e3575050505090565b83516001600160a01b0316855293810193928101926001016138d5565b6040805160208082018181528551838501528186015160608401529285015160c0608084015280516101008401819052610120840198979692918201915f5b8281106139ac57505050508161399561068a979860a08461396f60606139a39701518387019063ffffffff169052565b60808101516001600160a01b031660c08601520151838203603f190160e08501526138c4565b03601f19810183528261057f565b519020916151e3565b83518b52998101999281019260010161393f565b6139cb60029161227b565b500162ffffff8260081c16805f5281602052600160ff60405f205494161b8080941614613a03575f5260205260405f20908154179055565b60046040517f954476d9000000000000000000000000000000000000000000000000000000008152fd5b9294939190938051825103613afb578151915f5b838110613aad575050505082613a58575b50505050565b6001600160a01b0381613a8c7f828fc203220356df8f072a91681caee7d5c75095e2a95e80ed5a14b384697f719386615282565b6040805195865233602087015291169463ffffffff1693a45f808080613a52565b80613aba600192846133e7565b5180613ac8575b5001613a41565b613af590613ae6613ad984886133e7565b516001600160a01b031690565b6001600160a01b038916615234565b5f613ac1565b60046040517fcd298b38000000000000000000000000000000000000000000000000000000008152fd5b6001600160a01b03168015613b6d5761086a816001600160a01b03198254161790557f1f17a88f67b0f49060a34bec1a4723a563620e6aa265eb640b5046dcee0759a05f80a2565b606460405162461bcd60e51b815260206004820152601460248201527f4261642068756220706f6f6c20616464726573730000000000000000000000006044820152fd5b80516001600160a01b0316825261068a91610180906020838101516001600160a01b0316908201526040838101516001600160a01b0316908201526060838101516001600160a01b0316908201526080838101516001600160a01b03169082015260a083015160a082015260c083015160c082015260e083015160e0820152613c48610100808501519083019063ffffffff169052565b6101208381015163ffffffff16908201526101408381015163ffffffff16908201528161016080940151938201520190611dde565b604051613cae81613c9a6020820194604086526060830190613bb1565b46604083015203601f19810183528261057f565b51902090565b613cbd82613260565b52565b906001600160a01b038251168152606080613cea6020850151608060208601526080850190611dde565b9360408101516040850152015191613d0183613260565b015290565b9a97909695613d849661068a9d9b9660808e613d7398613d939e986101809d6001600160a01b03998a80921685521660208401526040830152606082015201528c60a063ffffffff8094169101521660c08c01521660e08a01526101008901906001600160a01b03169052565b6001600160a01b0316610120870152565b80610140860152840190611dde565b91610160818403910152613cc0565b9061068a94936080936001600160a01b03809316845260208401521660408201528160608201520190611dde565b805191610120830190613de7825163ffffffff1690565b63ffffffff42911610611c0f5760208301516001613e0e825f5261087260205260405f2090565b54036140c3576001905b6002613e2d825f5261087260205260405f2090565b541461409957613e46905f5261087260205260405f2090565b6002905560608501516001600160a01b031660808601516001600160a01b03169260a0870151918660c0890151948960a08301519660e082015197610100830151613e949063ffffffff1690565b9a5163ffffffff1661014084015163ffffffff16906040850151613ebe906001600160a01b031690565b928551613ed1906001600160a01b031690565b946020870151613ee7906001600160a01b031690565b9661016001519760608a0151613f03906001600160a01b031690565b996080810151906040015190613f17610603565b6001600160a01b03909c168c5260208c015260408b0152613f3b9060608b01613cb4565b6040519b6001600160a01b038d9c169f63ffffffff169e613f5c9b8d613d06565b037f571749edf1d5c9599318cdbc4e28a6475d65e87fd3b2ddbe1e9a8d5e7a0f0ff791a460608101516001600160a01b031691829033821480614091575b613a5257608001516001600160a01b03169260806040840151936001600160a01b03861685856001600160a01b037f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc21683145f1461408157506140009130903390614f35565b61400a858461529b565b0151913b151580614077575b6140205750505050565b803b156103535761404d935f809460405196879586948593633a5be8cb60e01b8552339160048601613da2565b03925af18015612da557614064575b808080613a52565b80612d99614071926104be565b5f61405c565b5081511515614016565b61408c923390614f35565b61400a565b506001613f9a565b60046040517f8f260c60000000000000000000000000000000000000000000000000000000008152fd5b5f90613e18565b905f825161012081016140e1815163ffffffff1690565b63ffffffff42911610611c0f5760208501516002614108825f5261087260205260405f2090565b541461409957614121905f5261087260205260405f2090565b6002905560608201516001600160a01b031660808301516001600160a01b03169060a08401519260c0850151918860a0810151938760e08101519561010082015161416f9063ffffffff1690565b955163ffffffff1661014083015163ffffffff1660408401516001600160a01b03169184516141a4906001600160a01b031690565b9360208601516141ba906001600160a01b031690565b9561016001519660608901516141d6906001600160a01b031690565b9860808101519060400151906141ea610603565b6001600160a01b03909b168b5260208b015260408a0152600260608a01526040519d63ffffffff8f9c169d61421f9b8d613d06565b037f571749edf1d5c9599318cdbc4e28a6475d65e87fd3b2ddbe1e9a8d5e7a0f0ff7905f94a460608401516001600160a01b0316906001600160a01b0394858316918233148061437a575b61437157608001516001600160a01b03169060408101519687818416917f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc21682145f1461435a57906080929187614346575b6142c791508561529b565b0151923b15158061433c575b6142e0575b505050509050565b813b15614338578361430c959660405196879586948593633a5be8cb60e01b8552339160048601613da2565b03925af18015612da557614325575b80808084936142d8565b80612d99614332926104be565b5f61431b565b8380fd5b50825115156142d3565b6143539130903390614f35565b5f886142bc565b60809291965061436c90865f98615234565b6142c7565b50505050509050565b505f61426a565b90816020910312610353575190565b1561439757565b608460405162461bcd60e51b815260206004820152602960248201527f45524331393637557067726164653a20756e737570706f727465642070726f7860448201527f6961626c655555494400000000000000000000000000000000000000000000006064820152fd5b80516001600160a01b0316825261068a91610140906020838101516001600160a01b0316908201526040838101516001600160a01b031690820152606083015160608201526080830151608082015260a083015160a082015261446e60c084015160c083019060070b9052565b60e08381015160070b908201526101008381015163ffffffff16908201528161012080940151938201520190611dde565b604051613cae816139956020820194602086526040830190614401565b156144c357565b606460405162461bcd60e51b815260206004820152600c60248201527f696e76616c6964206665657300000000000000000000000000000000000000006044820152fd5b1561450e57565b606460405162461bcd60e51b815260206004820152600c60248201527f72656c61792066696c6c656400000000000000000000000000000000000000006044820152fd5b9060070b9060070b0190677fffffffffffffff198212677fffffffffffffff831317612f3257565b1561458157565b606460405162461bcd60e51b815260206004820152601960248201527f66696c6c20616d6f756e742070726520666565732069732030000000000000006044820152fd5b156145cc57565b606460405162461bcd60e51b815260206004820152601d60248201527f7061796f757441646a7573746d656e7450637420746f6f20736d616c6c0000006044820152fd5b1561461757565b606460405162461bcd60e51b815260206004820152601d60248201527f7061796f757441646a7573746d656e7450637420746f6f206c617267650000006044820152fd5b7f80000000000000000000000000000000000000000000000000000000000000008114612f32575f0390565b1561468e57565b606460405162461bcd60e51b815260206004820152601c60248201527f536f6d65686f7720686974206d6178546f6b656e73546f53656e6421000000006044820152fd5b156146d957565b606460405162461bcd60e51b815260206004820152601760248201527f696e76616c69642072657061796d656e7420636861696e0000000000000000006044820152fd5b919360a09361068a96956001600160a01b0380941685526020850152151560408401521660608201528160808201520190611dde565b9081519160408101926147936706f05b59d3b200008061478561478061477a895160070b90565b60070b90565b614f92565b109081614b60575b506144bc565b606081016147b36ec097ce7bc90715b34b9f10000000008251111561359b565b60208301906147d86147cf83515f5261086e60205260405f2090565b54825111614507565b60c084019283519661480860c08301986148026147f68b5160070b90565b845160070b5b90614552565b906155f1565b9761481489151561457a565b614834845161482d87515f5261086e60205260405f2090565b5490612f25565b898110614b56575b5061477a614863926147fc61485561485d945160070b90565b915160070b90565b886151ad565b936101208601805180614b01575b50505060a08501518786519160a083015114918215614af3575b50508015614ada575b61489d906146d2565b6148b183515f5261086e60205260405f2090565b6148bc888254612f37565b905560608501916148d483516001600160a01b031690565b926001600160a01b0392838516331480614ac3575b614ab957906040614976920194878561490988516001600160a01b031690565b16917f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc287168303614a68575050506149486125ba6101008a0151151590565b614a42575b613ad98761497161496584516001600160a01b031690565b6001600160a01b031690565b61529b565b91823b151580614a34575b61498f575b50505050505050565b6149a86149b9916080941694516001600160a01b031690565b94515f5261086e60205260405f2090565b549051111594015193813b15610353575f8094614a07604051978896879586947f0ea1f93800000000000000000000000000000000000000000000000000000000865233926004870161471d565b03925af18015612da557614a21575b808080808080614986565b80612d99614a2e926104be565b5f614a16565b506080870151511515614981565b614a6387614a5a61496588516001600160a01b031690565b30903390614f35565b61494d565b614a796125ba6101008d0151151590565b15614ab05750614aab9150614a9861496588516001600160a01b031690565b83516001600160a01b0316903390614f35565b613ad9565b614aab92615234565b5050505050505050565b50614ad56125ba6101008a0151151590565b6148e9565b5061489d614aec610100870151151590565b9050614894565b60600151149050875f61488b565b95614b3e614b4492614b22614b4e9599670de0b6b3a763ffff1913156145c5565b614b3868056bc75e2d6310000082511315614610565b5161465b565b906151ad565b9451851115614687565b5f8080614871565b985061477a61483c565b9050614b7661478061477a60c086015160070b90565b105f61478d565b906001600160a01b038251168152608080614ba7602085015160a0602086015260a0850190611dde565b93604081015160070b6040850152606081015115156060850152015191015290565b9a979361068a9c9a95919793614c349a979360208e6101809b8152015260408d015260608c015260808b015260070b60a08a015260070b60c08901526001600160a01b03928380921660e08a0152166101008801521661012086015280610140860152840190611dde565b91610160818403910152614b7d565b906040820151614c539060070b90565b916060810151614c69906001600160a01b031690565b906080810151936101009485830151614c8190151590565b610120928385015192614c92610610565b6001600160a01b039097168752602087015260070b60408601521515606085015260808401528151606001516020830151614cd6905f5261086e60205260405f2090565b549360a084015193519460808601519560a08101519160e0820151614cfb9060070b90565b60c083015160070b9a83015163ffffffff169a6040840151614d23906001600160a01b031690565b918451614d36906001600160a01b031690565b986020860151614d4c906001600160a01b031690565b950151956040519a6001600160a01b038c9b169e63ffffffff169d3396614d739b8d614bc9565b037f8ab9dc6c19fe88e69bc70221b339c84332752fdd49591b7c51e66bae3947b73c91a4565b9392614e16936001600160a01b036103b5989760208151910120916040519363ffffffff60208601967f152eb71524aef34d838ab76573c14b1ebfa5e385d9ab29d7cf5398daa2438bd9885216604086015286606086015260808501521660a083015260c082015260c08152614e0e81610563565b51902061563f565b90615718565b9392614e16936001600160a01b036103b5989760208151910120916040519363ffffffff60208601967f0e058f05b73c62ee68329d2c67c067aaae9a06503cc306378d144d0f0177882b885216604086015286606086015260070b60808501521660a083015260c082015260c08152614e0e81610563565b6001600160a01b03610c8c54163303614ea957565b606460405162461bcd60e51b815260206004820152602060248201527f4f776e61626c653a2063616c6c6572206973206e6f7420746865206f776e65726044820152fd5b610c8c9081546001600160a01b0380921692836001600160a01b03198316179055167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e05f80a3565b90926103b593604051937f23b872dd0000000000000000000000000000000000000000000000000000000060208601526001600160a01b038092166024860152166044840152606483015260648252614f8d8261050f565b615801565b5f8112614f9c5790565b5f0390565b6103b560ff5f5460081c166131db565b614fc560ff5f5460081c16611a30816131db565b6001606555565b6001600160a01b0316801561501457610869816001600160a01b03198254161790557fa9e8c42c9e7fca7f62755189a16b2f5314d43d8fb24e91ba54e6d65f9314e8495f80a2565b606460405162461bcd60e51b815260206004820152601960248201527f4261642062726964676520726f757465722061646472657373000000000000006044820152fd5b916125ba906150d192845160408096015191865191615076836104d7565b82526139a3615091602084019246845289850195865261227b565b50549388519283916150b66020840196602088525160608d86015260a0850190613bb1565b9151606084015251608083015203601f19810183528261057f565b6150d85750565b6004905163582f497d60e11b8152fd5b909161012082519201516040938451908582019082821067ffffffffffffffff8311176104d2576151629561512792885283526020830193845261227b565b5054916139a38651809261514d602083019560208752518a808501526080840190614401565b9051606083015203601f19810183528261057f565b1561516a5750565b6064905162461bcd60e51b815260206004820152601860248201527f496e76616c696420736c6f772072656c61792070726f6f6600000000000000006044820152fd5b90670de0b6b3a7640000915f828403921283831281169084841390151617612f3257818102918183041490151715612f32570490565b929091905f915b845183101561522c576151fd83866133e7565b51908181101561521b575f52602052600160405f205b9201916151ea565b905f52602052600160405f20615213565b915092501490565b6103b5926001600160a01b03604051937fa9059cbb000000000000000000000000000000000000000000000000000000006020860152166024840152604483015260448252614f8d826104f3565b6103b5916001600160a01b038061086a54169116615234565b6001600160a01b0390811690813b156152db57906103b592917f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc216615234565b7f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc216803b15610353575f80916024604051809481937f2e1a7d4d0000000000000000000000000000000000000000000000000000000083528860048401525af18015612da557615414575b508147106153d0575f80809381935af161535e613348565b501561536657565b608460405162461bcd60e51b815260206004820152603a60248201527f416464726573733a20756e61626c6520746f2073656e642076616c75652c207260448201527f6563697069656e74206d617920686176652072657665727465640000000000006064820152fd5b606460405162461bcd60e51b815260206004820152601d60248201527f416464726573733a20696e73756666696369656e742062616c616e63650000006044820152fd5b61541d906104be565b5f615346565b9061542d82615544565b6001600160a01b0382167fbc7cd75a20ee27fd9adebab32041f755214dbc6bffa90cc0225b39da2e5c2d3b5f80a28051158015906154eb575b61546e575050565b6154e8915f8060405193615481856104d7565b602785527f416464726573733a206c6f772d6c6576656c2064656c65676174652063616c6c60208601527f206661696c6564000000000000000000000000000000000000000000000000006040860152602081519101845af46154e2613348565b9161592c565b50565b505f615466565b906154fc82615544565b6001600160a01b0382167fbc7cd75a20ee27fd9adebab32041f755214dbc6bffa90cc0225b39da2e5c2d3b5f80a280511580159061553c5761546e575050565b506001615466565b803b15615587576001600160a01b037f360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc91166001600160a01b0319825416179055565b608460405162461bcd60e51b815260206004820152602d60248201527f455243313936373a206e657720696d706c656d656e746174696f6e206973206e60448201527f6f74206120636f6e7472616374000000000000000000000000000000000000006064820152fd5b670de0b6b3a7640000918183029183830403612f325760070b808303925f821281851281169082861390151617612f32571461562b570490565b634e487b7160e01b5f52601260045260245ffd5b60429161047f549061048054906040519160208301937fc2f8787176b8ac6bf7215b4adcc1e069bf4ab82d9ab1df05a57a91d425935b6e8552604084015260608301526080820152608081526156948161050f565b51902090604051917f19010000000000000000000000000000000000000000000000000000000000008352600283015260228201522090565b156156d457565b606460405162461bcd60e51b815260206004820152601160248201527f696e76616c6964207369676e61747572650000000000000000000000000000006044820152fd5b919061572482826158fb565b939092600585101561326a576103b5941593846157eb575b50831561574c575b5050506156cd565b5f92935090829160405161579d8161399560208201947f1626ba7e00000000000000000000000000000000000000000000000000000000998a87526024840152604060448401526064830190611dde565b51915afa906157aa613348565b826157dd575b826157c0575b50505f8080615744565b6157d591925060208082518301019101614381565b145f806157b6565b9150602082511015916157b0565b6001600160a01b0383811691161493505f61573c565b604051615858916001600160a01b031661581a82610547565b5f806020958685527f5361666545524332303a206c6f772d6c6576656c2063616c6c206661696c656487860152868151910182855af16154e2613348565b80518281159182156158db575b50509050156158715750565b6084906040519062461bcd60e51b82526004820152602a60248201527f5361666545524332303a204552433230206f7065726174696f6e20646964206e60448201527f6f742073756363656564000000000000000000000000000000000000000000006064820152fd5b8380929350010312610353578101516158f381610a77565b80825f615865565b9060418151145f146159235761333791602082015190606060408401519301515f1a906159bc565b50505f90600290565b9192901561598d5750815115615940575090565b3b156159495790565b606460405162461bcd60e51b815260206004820152601d60248201527f416464726573733a2063616c6c20746f206e6f6e2d636f6e74726163740000006044820152fd5b8251909150156159a05750805190602001fd5b610e329060405191829162461bcd60e51b8352600483016133d6565b7f7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a08411615a2c576020935f9360ff60809460405194855216868401526040830152606082015282805260015afa15612da5575f516001600160a01b03811615615a2457905f90565b505f90600190565b505050505f9060039056fea26469706673582212201578c54f60661019ca08ec77052ea7a49ea53290bfc1e965e1c1df56f1a3937a64736f6c63430008170033
Loading...
Loading
Loading...
Loading
Multichain Portfolio | 26 Chains
| Chain | Token | Portfolio % | Price | Amount | Value |
|---|
Loading...
Loading
[ Download: CSV Export ]
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.