Sponsored
MoonPay
Buy crypto with our non-custodial and fully decentralised platform. Buy Now!
15M+ users trust MoonPay. Checkout with your preferred payment method.
MetaMask
Manage your web3 everything with MetaMask Portfolio. Try Now!
Ready to onboard to Ethereum? With MetaMask Portfolio, you're in control.
Nexo
Join the hunt for $12,000,000+ in NEXO Tokens. Get Nexo
Collect points for eligible actions and use multipliers to win big.
Sponsored
MetaMask
Meet MetaMask Portfolio - your key to getting more out of web3. Try Now
Ready to simplify your web3 experience? Try the all-in-one web3 app trusted by millions worldwide.
CEX.IO
Claim Your Mystery Box For A Guaranteed Crypto Prize CLAIM NOW
Opt-in, make your first trade on Exchange Plus & receive random crypto rewards from 10,000 SHIB, to 0.01 BTC.
Zeedex
Earn $Zdex with each swap. Join Now
You will earn $Zdex as rewards by any trade or stake on ZeeDex exchange.
Sponsored
Сoins.game
100 free spins for registration. Spin now!
Everyday giveaways up to 100 ETH, Lucky Spins. Deposit BONUS 300% and Cashbacks!
Celsius Casino
- $400 Freespins - Instant Withdraw - No KYC - 200% Bonus. Spin Now!
9 years old Licensed Crypto Casino, Instant Withdraw 24/7, 6000+ Slots available, Paypal Deposit, Instant Live Support 24/7, 30% Rakeback.
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
Sponsored
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
CryptoWins
200% Welcome Bonus – Supercharge Your Crypto Up to 4 BTC! Claim Now!
Play 100s of games anonymously with all major cryptos. Join CryptoWins & start winning!
CryptoSlots
Play & Get 25 Free Spins at CryptoSlots Play Now
Anonymous play on awesome games - sign up now for 25 free jackpot spins - worth $100s!
Feature Tip: Add private address tag to any address under My Name Tag !
Overview
ETH Balance
0 ETH
Eth Value
$0.00More Info
Private Name Tags
ContractCreator
Latest 15 from a total of 15 transactions
| Transaction Hash |
Method
|
Block
|
From
|
To
|
Value | ||||
|---|---|---|---|---|---|---|---|---|---|
| Set New Governan... | 18847996 | 192 days ago | IN | 0 ETH | 0.00055365 | ||||
| Withdraw | 18370160 | 259 days ago | IN | 0.00488285 ETH | 0.00473712 | ||||
| Withdraw | 18362765 | 260 days ago | IN | 0.00436764 ETH | 0.00430393 | ||||
| Deposit | 18362719 | 260 days ago | IN | 0 ETH | 0.00750422 | ||||
| Withdraw | 18339427 | 263 days ago | IN | 0 ETH | 0.00385619 | ||||
| Deposit | 18339421 | 263 days ago | IN | 0 ETH | 0.00549213 | ||||
| Withdraw | 18339412 | 263 days ago | IN | 0 ETH | 0.00229353 | ||||
| Withdraw | 18339342 | 263 days ago | IN | 0.00394787 ETH | 0.00410893 | ||||
| Deposit | 18339335 | 263 days ago | IN | 0 ETH | 0.00579081 | ||||
| Withdraw | 18339313 | 263 days ago | IN | 0 ETH | 0.00232494 | ||||
| Withdraw | 18332191 | 264 days ago | IN | 0.00419599 ETH | 0.00405886 | ||||
| Withdraw | 18331529 | 264 days ago | IN | 0.00418061 ETH | 0.00448383 | ||||
| Withdraw | 18331513 | 264 days ago | IN | 0 ETH | 0.00236751 | ||||
| Set Tornado Tree... | 18323534 | 266 days ago | IN | 0 ETH | 0.00034147 | ||||
| 0x60806040 | 18323520 | 266 days ago | IN | Create: PGRouter | 0 ETH | 0.01135663 |
Loading...
Loading
Contract Name:
PGRouter
Compiler Version
v0.8.14+commit.80d49f37
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: MIT
pragma solidity 0.8.14;
import "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import "@openzeppelin/contracts/utils/math/Math.sol";
import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
import "./RelayerRegistry.sol";
import "./InstanceRegistry.sol";
import "../interfaces/ITornadoInstance.sol";
import "../tornado-core/Tornado.sol";
import "../interfaces/ITornadoTrees.sol";
contract PGRouter is Initializable {
using SafeERC20 for IERC20;
event EncryptedNote(address indexed sender, bytes encryptedNote);
event TornadoTreesUpdated(ITornadoTrees addr);
event NewGovernanceAddressUpdated(address newGovernanceAddress);
address public governance;
InstanceRegistry public instanceRegistry;
RelayerRegistry public relayerRegistry;
ITornadoTrees public tornadoTrees;
modifier onlyGovernance() {
require(msg.sender == governance, "Not authorized");
_;
}
modifier onlyInstanceRegistry() {
require(msg.sender == address(instanceRegistry), "Not authorized");
_;
}
constructor(address _tornadoTrees, address _governance, address _instanceRegistry, address _relayerRegistry) {
tornadoTrees = ITornadoTrees(_tornadoTrees);
governance = _governance;
instanceRegistry = InstanceRegistry(_instanceRegistry);
relayerRegistry = RelayerRegistry(_relayerRegistry);
}
/**
@notice For proxy pattern
*/
function initialize(
address _tornadoTrees,
address _governance,
address _instanceRegistry,
address _relayerRegistry
) public initializer {
tornadoTrees = ITornadoTrees(_tornadoTrees);
governance = _governance;
instanceRegistry = InstanceRegistry(_instanceRegistry);
relayerRegistry = RelayerRegistry(_relayerRegistry);
}
/**
@notice Deposit funds into the contract.
@param _tornado PortralGate pool instance address
@param _commitment the note commitment, which is PedersenHash(nullifier + secret)
@param _encryptedNote the encrypted note
@param sender the sender address (used in cases when the sender is not the caller e.g. zapper contract)
*/
function deposit(
ITornadoInstance _tornado,
bytes32 _commitment,
bytes memory _encryptedNote,
address sender
) public payable virtual {
(bool isERC20, IERC20 token, InstanceRegistry.InstanceState state, , , uint256 maxDepositAmount) = instanceRegistry.instances(
_tornado
);
require(state != InstanceRegistry.InstanceState.DISABLED, "The instance is not supported");
require(token.balanceOf(address(_tornado)) < maxDepositAmount, "Exceed deposit Cap for the pool");
if (isERC20) {
token.safeTransferFrom(msg.sender, address(this), _tornado.denomination());
}
_tornado.deposit{ value: msg.value }(_commitment);
if (state == InstanceRegistry.InstanceState.MINABLE) {
tornadoTrees.registerDeposit(address(_tornado), _commitment);
}
emit EncryptedNote(sender, _encryptedNote);
}
/**
@notice Withdraw a deposit from the contract. Relayer withdrawn should have different _relayer and _recipient addresses.
@param _tornado TC pool instance address
@param _proof is a zkSNARK proof data, and input is an array of circuit public inputs `input` array
@param _root merkle root of all deposits in the contract
@param _nullifierHash hash of unique deposit nullifier to prevent double spends
@param _recipient the recipient address to recieve the token
@param _relayer the relayer address
@param _fee the token amount sent to relayer as fee
@param _refund the eth amount sent to recipient as gas
*/
function withdraw(
ITornadoInstance _tornado,
bytes calldata _proof,
bytes32 _root,
bytes32 _nullifierHash,
address payable _recipient,
address payable _relayer,
uint256 _fee,
uint256 _refund
) public payable virtual {
(, , InstanceRegistry.InstanceState state, , , ) = instanceRegistry.instances(_tornado);
require(state != InstanceRegistry.InstanceState.DISABLED, "The instance is not supported");
if (_relayer != _recipient) {
require(relayerRegistry.isRelayerRegistered(_relayer) && msg.sender == _relayer, "Invalid Relayer.");
}
_tornado.withdraw{ value: msg.value }(_proof, _root, _nullifierHash, _recipient, _relayer, _fee, _refund);
if (state == InstanceRegistry.InstanceState.MINABLE) {
tornadoTrees.registerWithdrawal(address(_tornado), _nullifierHash);
}
}
/**
@dev Sets `amount` allowance of `_spender` over the router's (this contract) tokens.
*/
function approveExactToken(IERC20 _token, address _spender, uint256 _amount) external onlyInstanceRegistry {
_token.safeApprove(_spender, _amount);
}
/**
@notice Manually backup encrypted notes
*/
function backupNotes(bytes[] calldata _encryptedNotes) external virtual {
for (uint256 i = 0; i < _encryptedNotes.length; i++) {
emit EncryptedNote(msg.sender, _encryptedNotes[i]);
}
}
/**
@dev Update new tornado tree instance.
@param _tornadoTrees new tornado tree instance address
*/
function setTornadoTreesContract(ITornadoTrees _tornadoTrees) external virtual onlyGovernance {
tornadoTrees = _tornadoTrees;
emit TornadoTreesUpdated(_tornadoTrees);
}
/**
@notice Set new governance address.
@param _govAddr new governance address
*/
function setNewGovernance(address _govAddr) external onlyGovernance {
require(_govAddr != address(0), "Empty governance address.");
governance = _govAddr;
emit NewGovernanceAddressUpdated(_govAddr);
}
/// @dev Method to claim junk and accidentally sent tokens
function rescueTokens(IERC20 _token, address payable _to, uint256 _amount) external virtual onlyGovernance {
require(_to != address(0), "PG: can not send to zero address");
if (address(_token) == address(0)) {
// for Ether
uint256 totalBalance = address(this).balance;
uint256 balance = Math.min(totalBalance, _amount);
(bool sent, ) = _to.call{ value: balance }("");
require(sent, "Failed to send Ether");
} else {
// any other erc20
uint256 totalBalance = _token.balanceOf(address(this));
uint256 balance = Math.min(totalBalance, _amount);
require(balance > 0, "PG: trying to send 0 balance");
_token.safeTransfer(_to, balance);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.2;
import "../../utils/AddressUpgradeable.sol";
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Indicates that the contract has been initialized.
* @custom:oz-retyped-from bool
*/
uint8 private _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool private _initializing;
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint8 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that functions marked with `initializer` can be nested in the context of a
* constructor.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
bool isTopLevelCall = !_initializing;
require(
(isTopLevelCall && _initialized < 1) || (!AddressUpgradeable.isContract(address(this)) && _initialized == 1),
"Initializable: contract is already initialized"
);
_initialized = 1;
if (isTopLevelCall) {
_initializing = true;
}
_;
if (isTopLevelCall) {
_initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: setting the version to 255 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint8 version) {
require(!_initializing && _initialized < version, "Initializable: contract is already initialized");
_initialized = version;
_initializing = true;
_;
_initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
require(_initializing, "Initializable: contract is not initializing");
_;
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
require(!_initializing, "Initializable: contract is initializing");
if (_initialized != type(uint8).max) {
_initialized = type(uint8).max;
emit Initialized(type(uint8).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint8) {
return _initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _initializing;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library AddressUpgradeable {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (security/ReentrancyGuard.sol)
pragma solidity ^0.8.0;
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant _NOT_ENTERED = 1;
uint256 private constant _ENTERED = 2;
uint256 private _status;
constructor() {
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be _NOT_ENTERED
require(_status != _ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
/**
* @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
* `nonReentrant` function in the call stack.
*/
function _reentrancyGuardEntered() internal view returns (bool) {
return _status == _ENTERED;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 amount) external returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/extensions/IERC20Permit.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
import "../extensions/IERC20Permit.sol";
import "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(IERC20 token, address spender, uint256 value) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
require(
(value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, oldAllowance + value));
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, oldAllowance - value));
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Compatible with tokens that require the approval to be set to
* 0 before setting it to a non-zero value.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeWithSelector(token.approve.selector, spender, value);
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, 0));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Use a ERC-2612 signature to set the `owner` approval toward `spender` on `token`.
* Revert on invalid signature.
*/
function safePermit(
IERC20Permit token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal {
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
require(returndata.length == 0 || abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false
// and not revert is the subcall reverts.
(bool success, bytes memory returndata) = address(token).call(data);
return
success && (returndata.length == 0 || abi.decode(returndata, (bool))) && Address.isContract(address(token));
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/math/Math.sol)
pragma solidity ^0.8.0;
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
enum Rounding {
Down, // Toward negative infinity
Up, // Toward infinity
Zero // Toward zero
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds up instead
* of rounding down.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
* with further edits by Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod0 := mul(x, y)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
require(denominator > prod1, "Math: mulDiv overflow");
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.
// See https://cs.stackexchange.com/q/138556/92363.
// Does not overflow because the denominator cannot be zero at this stage in the function.
uint256 twos = denominator & (~denominator + 1);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works
// in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (rounding == Rounding.Up && 10 ** result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256, rounded down, of a positive value.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (rounding == Rounding.Up && 1 << (result << 3) < value ? 1 : 0);
}
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
interface IHasher {
function poseidon(bytes32[2] calldata inputs) external pure returns (bytes32);
function poseidon(bytes32[3] calldata inputs) external pure returns (bytes32);
function MiMCSponge(
uint256 in_xL,
uint256 in_xR
) external pure returns (uint256 xL, uint256 xR);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
interface ITornadoInstance {
function token() external view returns (address);
function denomination() external view returns (uint256);
function deposit(bytes32 commitment) external payable;
function withdraw(
bytes calldata proof,
bytes32 root,
bytes32 nullifierHash,
address payable recipient,
address payable relayer,
uint256 fee,
uint256 refund
) external payable;
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
interface ITornadoTrees {
function registerDeposit(address instance, bytes32 commitment) external;
function registerWithdrawal(address instance, bytes32 nullifier) external;
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.14;
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import "../interfaces/ITornadoInstance.sol";
import "./PGRouter.sol";
contract InstanceRegistry {
using SafeERC20 for IERC20;
enum InstanceState {
DISABLED,
ENABLED, // is enabled but mining is disabled
MINABLE // is enabled and mining is enabled
}
struct Instance {
bool isERC20;
IERC20 token;
InstanceState state;
// the fee of the uniswap pool which will be used to get a TWAP
uint24 uniswapPoolSwappingFee;
// the fee the protocol takes from relayer, it should be multiplied by PROTOCOL_FEE_DIVIDER from FeeManager.sol
uint32 protocolFeePercentage;
uint256 maxDepositAmount;
}
struct TornadoConfig {
ITornadoInstance addr;
Instance instance;
}
uint256 public MAX_FEE = 30;
address public governance;
PGRouter public router;
mapping(ITornadoInstance => Instance) public instances;
ITornadoInstance[] public instanceIds;
event InstanceStateUpdated(ITornadoInstance indexed instance, InstanceState state);
event RouterRegistered(address pgRouter);
event NewGovernanceAddressUpdated(address newGovernanceAddress);
modifier onlyGovernance() {
require(msg.sender == governance, "Not authorized");
_;
}
constructor(address _governance) {
governance = _governance;
}
/**
* @dev initialise a set of tornado instances.
*/
function initInstances(TornadoConfig[] memory _instances) external onlyGovernance {
for (uint256 i = 0; i < _instances.length; i++) {
_updateInstance(_instances[i]);
instanceIds.push(_instances[i].addr);
}
}
/**
* @dev Update an instance state.
*/
function updateInstanceState(ITornadoInstance _addr, InstanceState _state) external virtual onlyGovernance {
Instance storage _instance = instances[_addr];
_instance.state = _state;
emit InstanceStateUpdated(_addr, _state);
}
/**
* @dev Add or update an instance.
*/
function updateInstance(TornadoConfig calldata _tornadoConf) external virtual onlyGovernance {
require(_tornadoConf.instance.state != InstanceState.DISABLED, "Use removeInstance() for remove");
Instance memory _inst = instances[_tornadoConf.addr];
if (_inst.state == InstanceState.DISABLED && address(_inst.token) == address(0) && _inst.maxDepositAmount == 0) {
// make sure it's a new instance.
instanceIds.push(_tornadoConf.addr);
}
_updateInstance(_tornadoConf);
}
/**
* @dev Remove an instance.
* @param _instanceId The instance id in `instanceIds` mapping to remove.
*/
function removeInstance(uint256 _instanceId) external virtual onlyGovernance {
ITornadoInstance _instance = instanceIds[_instanceId];
(bool isERC20, IERC20 token) = (instances[_instance].isERC20, instances[_instance].token);
if (isERC20) {
uint256 allowance = token.allowance(address(router), address(_instance));
if (allowance != 0) {
router.approveExactToken(token, address(_instance), 0);
}
}
delete instances[_instance];
instanceIds[_instanceId] = instanceIds[instanceIds.length - 1];
instanceIds.pop();
emit InstanceStateUpdated(_instance, InstanceState.DISABLED);
}
/**
* @notice This function should allow governance to set a new protocol fee for relayers
* @param instance the to update
* @param newFee the new fee to use
* */
function setProtocolFee(ITornadoInstance instance, uint32 newFee) external onlyGovernance {
require(address(instance) != address(0), "Empty Instance.");
require(address(instances[instance].token) != address(0), "Instance Token is Empty.");
require(newFee <= MAX_FEE, "NewFee exceed MaxFee.");
instances[instance].protocolFeePercentage = newFee;
}
/**
* @notice This function should allow governance to set a new tornado proxy address
* @param routerAddress address of the new proxy
* */
function setPGRouter(address routerAddress) external onlyGovernance {
router = PGRouter(routerAddress);
emit RouterRegistered(routerAddress);
}
function _updateInstance(TornadoConfig memory _tornadoConf) internal virtual {
instances[_tornadoConf.addr] = _tornadoConf.instance;
if (_tornadoConf.instance.isERC20) {
IERC20 token = IERC20(_tornadoConf.addr.token());
require(token == _tornadoConf.instance.token, "Incorrect token");
uint256 allowance = token.allowance(address(router), address(_tornadoConf.addr));
if (allowance == 0) {
router.approveExactToken(token, address(_tornadoConf.addr), type(uint256).max);
}
}
emit InstanceStateUpdated(_tornadoConf.addr, _tornadoConf.instance.state);
}
/**
* @dev Returns all instance configs
*/
function getAllInstances() public view returns (TornadoConfig[] memory result) {
result = new TornadoConfig[](instanceIds.length);
for (uint256 i = 0; i < instanceIds.length; i++) {
ITornadoInstance _instance = instanceIds[i];
result[i] = TornadoConfig({ addr: _instance, instance: instances[_instance] });
}
}
/**
* @notice Set new governance address.
* @param _govAddr new governance address
*/
function setNewGovernance(address _govAddr) external onlyGovernance {
require(_govAddr != address(0), "Empty governance address.");
governance = _govAddr;
emit NewGovernanceAddressUpdated(_govAddr);
}
/**
* @dev Returns all instance addresses
*/
function getAllInstanceAddresses() public view returns (ITornadoInstance[] memory result) {
result = new ITornadoInstance[](instanceIds.length);
for (uint256 i = 0; i < instanceIds.length; i++) {
result[i] = instanceIds[i];
}
}
/**
* @notice get erc20 tornado instance token
* @param instance the interface (contract) key to the instance data
*/
function getPoolToken(ITornadoInstance instance) external view returns (address) {
return address(instances[instance].token);
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.14;
import "@openzeppelin/contracts/access/Ownable.sol";
contract RelayerRegistry is Ownable {
mapping(address => bool) public isRelayer;
event RelayerAdded(address indexed relayer);
event RelayerRemoved(address indexed relayer);
/**
@dev Add a new relayer.
@param _relayer A new relayer address
*/
function add(address _relayer) public onlyOwner {
require(!isRelayer[_relayer], "The relayer already exists");
isRelayer[_relayer] = true;
emit RelayerAdded(_relayer);
}
/**
@dev Remove a new relayer.
@param _relayer A new relayer address to remove
*/
function remove(address _relayer) public onlyOwner {
require(isRelayer[_relayer], "The relayer does not exist");
isRelayer[_relayer] = false;
emit RelayerRemoved(_relayer);
}
/**
@dev Check address intance is a relayer?
@param _relayer A relayer address to check
@return true or false
*/
function isRelayerRegistered(address _relayer) external view returns (bool) {
return isRelayer[_relayer];
}
}// https://tornado.cash
/*
* d888888P dP a88888b. dP
* 88 88 d8' `88 88
* 88 .d8888b. 88d888b. 88d888b. .d8888b. .d888b88 .d8888b. 88 .d8888b. .d8888b. 88d888b.
* 88 88' `88 88' `88 88' `88 88' `88 88' `88 88' `88 88 88' `88 Y8ooooo. 88' `88
* 88 88. .88 88 88 88 88. .88 88. .88 88. .88 dP Y8. .88 88. .88 88 88 88
* dP `88888P' dP dP dP `88888P8 `88888P8 `88888P' 88 Y88888P' `88888P8 `88888P' dP dP
* ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
*/
import "../interfaces/IHasher.sol";
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract MerkleTreeWithHistory {
uint256 public constant FIELD_SIZE =
21888242871839275222246405745257275088548364400416034343698204186575808495617;
uint256 public constant ZERO_VALUE =
21663839004416932945382355908790599225266501822907911457504978515578255421292; // = keccak256("tornado") % FIELD_SIZE
IHasher public immutable hasher;
uint32 public levels;
// the following variables are made public for easier testing and debugging and
// are not supposed to be accessed in regular code
// filledSubtrees and roots could be bytes32[size], but using mappings makes it cheaper because
// it removes index range check on every interaction
mapping(uint256 => bytes32) public filledSubtrees;
mapping(uint256 => bytes32) public roots;
uint32 public constant ROOT_HISTORY_SIZE = 30;
uint32 public currentRootIndex = 0;
uint32 public nextIndex = 0;
constructor(uint32 _levels, IHasher _hasher) {
require(_levels > 0, "_levels should be greater than zero");
require(_levels < 32, "_levels should be less than 32");
levels = _levels;
hasher = _hasher;
for (uint32 i = 0; i < _levels; i++) {
filledSubtrees[i] = zeros(i);
}
roots[0] = zeros(_levels - 1);
}
/**
@dev Hash 2 tree leaves, returns MiMC(_left, _right)
*/
function hashLeftRight(
IHasher _hasher,
bytes32 _left,
bytes32 _right
) public pure returns (bytes32) {
require(
uint256(_left) < FIELD_SIZE,
"_left should be inside the field"
);
require(
uint256(_right) < FIELD_SIZE,
"_right should be inside the field"
);
uint256 R = uint256(_left);
uint256 C = 0;
(R, C) = _hasher.MiMCSponge(R, C);
R = addmod(R, uint256(_right), FIELD_SIZE);
(R, C) = _hasher.MiMCSponge(R, C);
return bytes32(R);
}
function _insert(bytes32 _leaf) internal returns (uint32 index) {
uint32 _nextIndex = nextIndex;
require(
_nextIndex != uint32(2) ** levels,
"Merkle tree is full. No more leaves can be added"
);
uint32 currentIndex = _nextIndex;
bytes32 currentLevelHash = _leaf;
bytes32 left;
bytes32 right;
for (uint32 i = 0; i < levels; i++) {
if (currentIndex % 2 == 0) {
left = currentLevelHash;
right = zeros(i);
filledSubtrees[i] = currentLevelHash;
} else {
left = filledSubtrees[i];
right = currentLevelHash;
}
currentLevelHash = hashLeftRight(hasher, left, right);
currentIndex /= 2;
}
uint32 newRootIndex = (currentRootIndex + 1) % ROOT_HISTORY_SIZE;
currentRootIndex = newRootIndex;
roots[newRootIndex] = currentLevelHash;
nextIndex = _nextIndex + 1;
return _nextIndex;
}
/**
@dev Whether the root is present in the root history
*/
function isKnownRoot(bytes32 _root) public view returns (bool) {
if (_root == 0) {
return false;
}
uint32 _currentRootIndex = currentRootIndex;
uint32 i = _currentRootIndex;
do {
if (_root == roots[i]) {
return true;
}
if (i == 0) {
i = ROOT_HISTORY_SIZE;
}
i--;
} while (i != _currentRootIndex);
return false;
}
/**
@dev Returns the last root
*/
function getLastRoot() public view returns (bytes32) {
return roots[currentRootIndex];
}
/// @dev provides Zero (Empty) elements for a MiMC MerkleTree. Up to 32 levels
function zeros(uint256 i) public pure returns (bytes32) {
if (i == 0)
return
bytes32(
0x2fe54c60d3acabf3343a35b6eba15db4821b340f76e741e2249685ed4899af6c
);
else if (i == 1)
return
bytes32(
0x256a6135777eee2fd26f54b8b7037a25439d5235caee224154186d2b8a52e31d
);
else if (i == 2)
return
bytes32(
0x1151949895e82ab19924de92c40a3d6f7bcb60d92b00504b8199613683f0c200
);
else if (i == 3)
return
bytes32(
0x20121ee811489ff8d61f09fb89e313f14959a0f28bb428a20dba6b0b068b3bdb
);
else if (i == 4)
return
bytes32(
0x0a89ca6ffa14cc462cfedb842c30ed221a50a3d6bf022a6a57dc82ab24c157c9
);
else if (i == 5)
return
bytes32(
0x24ca05c2b5cd42e890d6be94c68d0689f4f21c9cec9c0f13fe41d566dfb54959
);
else if (i == 6)
return
bytes32(
0x1ccb97c932565a92c60156bdba2d08f3bf1377464e025cee765679e604a7315c
);
else if (i == 7)
return
bytes32(
0x19156fbd7d1a8bf5cba8909367de1b624534ebab4f0f79e003bccdd1b182bdb4
);
else if (i == 8)
return
bytes32(
0x261af8c1f0912e465744641409f622d466c3920ac6e5ff37e36604cb11dfff80
);
else if (i == 9)
return
bytes32(
0x0058459724ff6ca5a1652fcbc3e82b93895cf08e975b19beab3f54c217d1c007
);
else if (i == 10)
return
bytes32(
0x1f04ef20dee48d39984d8eabe768a70eafa6310ad20849d4573c3c40c2ad1e30
);
else if (i == 11)
return
bytes32(
0x1bea3dec5dab51567ce7e200a30f7ba6d4276aeaa53e2686f962a46c66d511e5
);
else if (i == 12)
return
bytes32(
0x0ee0f941e2da4b9e31c3ca97a40d8fa9ce68d97c084177071b3cb46cd3372f0f
);
else if (i == 13)
return
bytes32(
0x1ca9503e8935884501bbaf20be14eb4c46b89772c97b96e3b2ebf3a36a948bbd
);
else if (i == 14)
return
bytes32(
0x133a80e30697cd55d8f7d4b0965b7be24057ba5dc3da898ee2187232446cb108
);
else if (i == 15)
return
bytes32(
0x13e6d8fc88839ed76e182c2a779af5b2c0da9dd18c90427a644f7e148a6253b6
);
else if (i == 16)
return
bytes32(
0x1eb16b057a477f4bc8f572ea6bee39561098f78f15bfb3699dcbb7bd8db61854
);
else if (i == 17)
return
bytes32(
0x0da2cb16a1ceaabf1c16b838f7a9e3f2a3a3088d9e0a6debaa748114620696ea
);
else if (i == 18)
return
bytes32(
0x24a3b3d822420b14b5d8cb6c28a574f01e98ea9e940551d2ebd75cee12649f9d
);
else if (i == 19)
return
bytes32(
0x198622acbd783d1b0d9064105b1fc8e4d8889de95c4c519b3f635809fe6afc05
);
else if (i == 20)
return
bytes32(
0x29d7ed391256ccc3ea596c86e933b89ff339d25ea8ddced975ae2fe30b5296d4
);
else if (i == 21)
return
bytes32(
0x19be59f2f0413ce78c0c3703a3a5451b1d7f39629fa33abd11548a76065b2967
);
else if (i == 22)
return
bytes32(
0x1ff3f61797e538b70e619310d33f2a063e7eb59104e112e95738da1254dc3453
);
else if (i == 23)
return
bytes32(
0x10c16ae9959cf8358980d9dd9616e48228737310a10e2b6b731c1a548f036c48
);
else if (i == 24)
return
bytes32(
0x0ba433a63174a90ac20992e75e3095496812b652685b5e1a2eae0b1bf4e8fcd1
);
else if (i == 25)
return
bytes32(
0x019ddb9df2bc98d987d0dfeca9d2b643deafab8f7036562e627c3667266a044c
);
else if (i == 26)
return
bytes32(
0x2d3c88b23175c5a5565db928414c66d1912b11acf974b2e644caaac04739ce99
);
else if (i == 27)
return
bytes32(
0x2eab55f6ae4e66e32c5189eed5c470840863445760f5ed7e7b69b2a62600f354
);
else if (i == 28)
return
bytes32(
0x002df37a2642621802383cf952bf4dd1f32e05433beeb1fd41031fb7eace979d
);
else if (i == 29)
return
bytes32(
0x104aeb41435db66c3e62feccc1d6f5d98d0a0ed75d1374db457cf462e3a1f427
);
else if (i == 30)
return
bytes32(
0x1f3c6fd858e9a7d4b0d1f38e256a09d81d5a5e3c963987e2d4b814cfab7c6ebb
);
else if (i == 31)
return
bytes32(
0x2c7a07d20dff79d01fecedc1134284a8d08436606c93693b67e333f671bf69cc
);
else revert("Index out of bounds");
}
}// https://tornado.cash
/*
* d888888P dP a88888b. dP
* 88 88 d8' `88 88
* 88 .d8888b. 88d888b. 88d888b. .d8888b. .d888b88 .d8888b. 88 .d8888b. .d8888b. 88d888b.
* 88 88' `88 88' `88 88' `88 88' `88 88' `88 88' `88 88 88' `88 Y8ooooo. 88' `88
* 88 88. .88 88 88 88 88. .88 88. .88 88. .88 dP Y8. .88 88. .88 88 88 88
* dP `88888P' dP dP dP `88888P8 `88888P8 `88888P' 88 Y88888P' `88888P8 `88888P' dP dP
* ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
*/
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "./MerkleTreeWithHistory.sol";
import "@openzeppelin/contracts/security/ReentrancyGuard.sol";
interface IVerifier {
function verifyProof(
bytes memory _proof,
uint256[6] memory _input
) external returns (bool);
}
abstract contract Tornado is MerkleTreeWithHistory, ReentrancyGuard {
IVerifier public immutable verifier;
uint256 public denomination;
mapping(bytes32 => bool) public nullifierHashes;
// we store all commitments just to prevent accidental deposits with the same commitment
mapping(bytes32 => bool) public commitments;
event Deposit(
bytes32 indexed commitment,
uint32 leafIndex,
uint256 timestamp
);
event Withdrawal(
address to,
bytes32 nullifierHash,
address indexed relayer,
uint256 fee
);
/**
@dev The constructor
@param _verifier the address of SNARK verifier for this contract
@param _hasher the address of MiMC hash contract
@param _denomination transfer amount for each deposit
@param _merkleTreeHeight the height of deposits' Merkle Tree
*/
constructor(
IVerifier _verifier,
IHasher _hasher,
uint256 _denomination,
uint32 _merkleTreeHeight
) MerkleTreeWithHistory(_merkleTreeHeight, _hasher) {
require(_denomination > 0, "denomination should be greater than 0");
verifier = _verifier;
denomination = _denomination;
}
/**
@dev Deposit funds into the contract. The caller must send (for ETH) or approve (for ERC20) value equal to or `denomination` of this instance.
@param _commitment the note commitment, which is PedersenHash(nullifier + secret)
*/
function deposit(bytes32 _commitment) external payable nonReentrant {
require(!commitments[_commitment], "The commitment has been submitted");
uint32 insertedIndex = _insert(_commitment);
commitments[_commitment] = true;
_processDeposit();
emit Deposit(_commitment, insertedIndex, block.timestamp);
}
/** @dev this function is defined in a child contract */
function _processDeposit() internal virtual;
/**
@dev Withdraw a deposit from the contract. `proof` is a zkSNARK proof data, and input is an array of circuit public inputs
`input` array consists of:
- merkle root of all deposits in the contract
- hash of unique deposit nullifier to prevent double spends
- the recipient of funds
- optional fee that goes to the transaction sender (usually a relay)
*/
function withdraw(
bytes calldata _proof,
bytes32 _root,
bytes32 _nullifierHash,
address payable _recipient,
address payable _relayer,
uint256 _fee,
uint256 _refund
) external payable nonReentrant {
require(_fee <= denomination, "Fee exceeds transfer value");
require(
!nullifierHashes[_nullifierHash],
"The note has been already spent"
);
require(isKnownRoot(_root), "Cannot find your merkle root"); // Make sure to use a recent one
require(verifier.verifyProof(_proof, [uint256(_root), uint256(_nullifierHash), uint256(uint160(address(_recipient))), uint256(uint160(address(_relayer))), _fee, _refund]), "Invalid withdraw proof");
nullifierHashes[_nullifierHash] = true;
_processWithdraw(_recipient, _relayer, _fee, _refund);
emit Withdrawal(_recipient, _nullifierHash, _relayer, _fee);
}
/** @dev this function is defined in a child contract */
function _processWithdraw(
address payable _recipient,
address payable _relayer,
uint256 _fee,
uint256 _refund
) internal virtual;
/** @dev whether a note is already spent */
function isSpent(bytes32 _nullifierHash) public view returns (bool) {
return nullifierHashes[_nullifierHash];
}
/** @dev whether an array of notes is already spent */
function isSpentArray(
bytes32[] calldata _nullifierHashes
) external view returns (bool[] memory spent) {
spent = new bool[](_nullifierHashes.length);
for (uint256 i = 0; i < _nullifierHashes.length; i++) {
if (isSpent(_nullifierHashes[i])) {
spent[i] = true;
}
}
}
}{
"evmVersion": "london",
"libraries": {},
"metadata": {
"bytecodeHash": "ipfs",
"useLiteralContent": true
},
"optimizer": {
"enabled": true,
"runs": 200
},
"remappings": [],
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
}
}Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
[{"inputs":[{"internalType":"address","name":"_tornadoTrees","type":"address"},{"internalType":"address","name":"_governance","type":"address"},{"internalType":"address","name":"_instanceRegistry","type":"address"},{"internalType":"address","name":"_relayerRegistry","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"sender","type":"address"},{"indexed":false,"internalType":"bytes","name":"encryptedNote","type":"bytes"}],"name":"EncryptedNote","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint8","name":"version","type":"uint8"}],"name":"Initialized","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"newGovernanceAddress","type":"address"}],"name":"NewGovernanceAddressUpdated","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"contract ITornadoTrees","name":"addr","type":"address"}],"name":"TornadoTreesUpdated","type":"event"},{"inputs":[{"internalType":"contract IERC20","name":"_token","type":"address"},{"internalType":"address","name":"_spender","type":"address"},{"internalType":"uint256","name":"_amount","type":"uint256"}],"name":"approveExactToken","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes[]","name":"_encryptedNotes","type":"bytes[]"}],"name":"backupNotes","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"contract ITornadoInstance","name":"_tornado","type":"address"},{"internalType":"bytes32","name":"_commitment","type":"bytes32"},{"internalType":"bytes","name":"_encryptedNote","type":"bytes"},{"internalType":"address","name":"sender","type":"address"}],"name":"deposit","outputs":[],"stateMutability":"payable","type":"function"},{"inputs":[],"name":"governance","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"_tornadoTrees","type":"address"},{"internalType":"address","name":"_governance","type":"address"},{"internalType":"address","name":"_instanceRegistry","type":"address"},{"internalType":"address","name":"_relayerRegistry","type":"address"}],"name":"initialize","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"instanceRegistry","outputs":[{"internalType":"contract InstanceRegistry","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"relayerRegistry","outputs":[{"internalType":"contract RelayerRegistry","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"contract IERC20","name":"_token","type":"address"},{"internalType":"address payable","name":"_to","type":"address"},{"internalType":"uint256","name":"_amount","type":"uint256"}],"name":"rescueTokens","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"_govAddr","type":"address"}],"name":"setNewGovernance","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"contract ITornadoTrees","name":"_tornadoTrees","type":"address"}],"name":"setTornadoTreesContract","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"tornadoTrees","outputs":[{"internalType":"contract ITornadoTrees","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"contract ITornadoInstance","name":"_tornado","type":"address"},{"internalType":"bytes","name":"_proof","type":"bytes"},{"internalType":"bytes32","name":"_root","type":"bytes32"},{"internalType":"bytes32","name":"_nullifierHash","type":"bytes32"},{"internalType":"address payable","name":"_recipient","type":"address"},{"internalType":"address payable","name":"_relayer","type":"address"},{"internalType":"uint256","name":"_fee","type":"uint256"},{"internalType":"uint256","name":"_refund","type":"uint256"}],"name":"withdraw","outputs":[],"stateMutability":"payable","type":"function"}]Contract Creation Code
60806040523480156200001157600080fd5b5060405162001950380380620019508339810160408190526200003491620000b5565b600380546001600160a01b039586166001600160a01b03199182161790915560008054948616620100000262010000600160b01b03199095169490941790935560018054928516928416929092179091556002805491909316911617905562000112565b80516001600160a01b0381168114620000b057600080fd5b919050565b60008060008060808587031215620000cc57600080fd5b620000d78562000098565b9350620000e76020860162000098565b9250620000f76040860162000098565b9150620001076060860162000098565b905092959194509250565b61182e80620001226000396000f3fe6080604052600436106100a75760003560e01c80636485ba2a116100645780636485ba2a14610183578063b438689f146101a3578063cea9d26f146101b6578063e2658c9c146101d6578063e7d460bb146101f6578063f8c8765e1461021657600080fd5b806314e18376146100ac57806336a3874b146100c15780633cb837fd146100fd5780633ef107831461011d57806347ff589d1461013d5780635aa6e6751461015d575b600080fd5b6100bf6100ba36600461126c565b610236565b005b3480156100cd57600080fd5b506001546100e1906001600160a01b031681565b6040516001600160a01b03909116815260200160405180910390f35b34801561010957600080fd5b506003546100e1906001600160a01b031681565b34801561012957600080fd5b506100bf61013836600461134a565b610593565b34801561014957600080fd5b506002546100e1906001600160a01b031681565b34801561016957600080fd5b506000546100e1906201000090046001600160a01b031681565b34801561018f57600080fd5b506100bf61019e36600461138b565b6105d6565b6100bf6101b1366004611400565b61064f565b3480156101c257600080fd5b506100bf6101d136600461134a565b610908565b3480156101e257600080fd5b506100bf6101f13660046114cd565b610b33565b34801561020257600080fd5b506100bf6102113660046114cd565b610bb8565b34801561022257600080fd5b506100bf6102313660046114ea565b610c96565b60015460405163032bb44360e01b81526001600160a01b038681166004830152600092839283928392169063032bb4439060240160c060405180830381865afa158015610287573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ab9190611556565b95505050935093509350600060028111156102c8576102c86115e5565b8260028111156102da576102da6115e5565b0361032c5760405162461bcd60e51b815260206004820152601d60248201527f54686520696e7374616e6365206973206e6f7420737570706f7274656400000060448201526064015b60405180910390fd5b6040516370a0823160e01b81526001600160a01b0389811660048301528291908516906370a0823190602401602060405180830381865afa158015610375573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061039991906115fb565b106103e65760405162461bcd60e51b815260206004820152601f60248201527f457863656564206465706f7369742043617020666f722074686520706f6f6c006044820152606401610323565b83156104655761046533308a6001600160a01b0316638bca6d166040518163ffffffff1660e01b8152600401602060405180830381865afa15801561042f573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061045391906115fb565b6001600160a01b038716929190610dfb565b60405163b214faa560e01b8152600481018890526001600160a01b0389169063b214faa59034906024016000604051808303818588803b1580156104a857600080fd5b505af11580156104bc573d6000803e3d6000fd5b50600293506104ca92505050565b8260028111156104dc576104dc6115e5565b036105485760035460405163c6758d6b60e01b81526001600160a01b038a81166004830152602482018a90529091169063c6758d6b90604401600060405180830381600087803b15801561052f57600080fd5b505af1158015610543573d6000803e3d6000fd5b505050505b846001600160a01b03167ffa28df43db3553771f7209dcef046f3bdfea15870ab625dcda30ac58b82b400887604051610581919061166c565b60405180910390a25050505050505050565b6001546001600160a01b031633146105bd5760405162461bcd60e51b81526004016103239061167f565b6105d16001600160a01b0384168383610e6c565b505050565b60005b818110156105d157337ffa28df43db3553771f7209dcef046f3bdfea15870ab625dcda30ac58b82b4008848484818110610615576106156116a7565b905060200281019061062791906116bd565b604051610635929190611734565b60405180910390a28061064781611748565b9150506105d9565b60015460405163032bb44360e01b81526001600160a01b038b81166004830152600092169063032bb4439060240160c060405180830381865afa15801561069a573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906106be9190611556565b50919450600093506106cf92505050565b8160028111156106e1576106e16115e5565b0361072e5760405162461bcd60e51b815260206004820152601d60248201527f54686520696e7374616e6365206973206e6f7420737570706f727465640000006044820152606401610323565b846001600160a01b0316846001600160a01b0316146108085760025460405163fb04c93960e01b81526001600160a01b0386811660048301529091169063fb04c93990602401602060405180830381865afa158015610791573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906107b5919061176f565b80156107c95750336001600160a01b038516145b6108085760405162461bcd60e51b815260206004820152601060248201526f24b73b30b634b2102932b630bcb2b91760811b6044820152606401610323565b6040516310d056db60e11b81526001600160a01b038b16906321a0adb6903490610844908d908d908d908d908d908d908d908d9060040161178a565b6000604051808303818588803b15801561085d57600080fd5b505af1158015610871573d6000803e3d6000fd5b506002935061087f92505050565b816002811115610891576108916115e5565b036108fc57600354604051620d70c960e51b81526001600160a01b038c8116600483015260248201899052909116906301ae192090604401600060405180830381600087803b1580156108e357600080fd5b505af11580156108f7573d6000803e3d6000fd5b505050505b50505050505050505050565b6000546201000090046001600160a01b031633146109385760405162461bcd60e51b81526004016103239061167f565b6001600160a01b03821661098e5760405162461bcd60e51b815260206004820181905260248201527f50473a2063616e206e6f742073656e6420746f207a65726f20616464726573736044820152606401610323565b6001600160a01b038316610a4d574760006109a98284610f81565b90506000846001600160a01b03168260405160006040518083038185875af1925050503d80600081146109f8576040519150601f19603f3d011682016040523d82523d6000602084013e6109fd565b606091505b5050905080610a455760405162461bcd60e51b81526020600482015260146024820152732330b4b632b2103a379039b2b7321022ba3432b960611b6044820152606401610323565b505050505050565b6040516370a0823160e01b81523060048201526000906001600160a01b038516906370a0823190602401602060405180830381865afa158015610a94573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610ab891906115fb565b90506000610ac68284610f81565b905060008111610b185760405162461bcd60e51b815260206004820152601c60248201527f50473a20747279696e6720746f2073656e6420302062616c616e6365000000006044820152606401610323565b610b2c6001600160a01b0386168583610f99565b5050505050565b6000546201000090046001600160a01b03163314610b635760405162461bcd60e51b81526004016103239061167f565b600380546001600160a01b0319166001600160a01b0383169081179091556040519081527fd5ef75672982cb39cc849450302ce426d1655271003cae8a66cb533c12f86ecc906020015b60405180910390a150565b6000546201000090046001600160a01b03163314610be85760405162461bcd60e51b81526004016103239061167f565b6001600160a01b038116610c3e5760405162461bcd60e51b815260206004820152601960248201527f456d70747920676f7665726e616e636520616464726573732e000000000000006044820152606401610323565b6000805462010000600160b01b031916620100006001600160a01b038416908102919091179091556040519081527fdfcda33d8201dd955a88e96312bfcc91eaf5915e4a050f08e067acfda262896a90602001610bad565b600054610100900460ff1615808015610cb65750600054600160ff909116105b80610cd05750303b158015610cd0575060005460ff166001145b610d335760405162461bcd60e51b815260206004820152602e60248201527f496e697469616c697a61626c653a20636f6e747261637420697320616c72656160448201526d191e481a5b9a5d1a585b1a5e995960921b6064820152608401610323565b6000805460ff191660011790558015610d56576000805461ff0019166101001790555b600380546001600160a01b03199081166001600160a01b03888116919091179092556000805462010000600160b01b0319166201000088851602179055600180548216868416179055600280549091169184169190911790558015610b2c576000805461ff0019169055604051600181527f7f26b83ff96e1f2b6a682f133852f6798a09c465da95921460cefb38474024989060200160405180910390a15050505050565b6040516001600160a01b0380851660248301528316604482015260648101829052610e669085906323b872dd60e01b906084015b60408051601f198184030181529190526020810180516001600160e01b03166001600160e01b031990931692909217909152610fc9565b50505050565b801580610ee65750604051636eb1769f60e11b81523060048201526001600160a01b03838116602483015284169063dd62ed3e90604401602060405180830381865afa158015610ec0573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610ee491906115fb565b155b610f515760405162461bcd60e51b815260206004820152603660248201527f5361666545524332303a20617070726f76652066726f6d206e6f6e2d7a65726f60448201527520746f206e6f6e2d7a65726f20616c6c6f77616e636560501b6064820152608401610323565b6040516001600160a01b0383166024820152604481018290526105d190849063095ea7b360e01b90606401610e2f565b6000818310610f905781610f92565b825b9392505050565b6040516001600160a01b0383166024820152604481018290526105d190849063a9059cbb60e01b90606401610e2f565b600061101e826040518060400160405280602081526020017f5361666545524332303a206c6f772d6c6576656c2063616c6c206661696c6564815250856001600160a01b031661109e9092919063ffffffff16565b905080516000148061103f57508080602001905181019061103f919061176f565b6105d15760405162461bcd60e51b815260206004820152602a60248201527f5361666545524332303a204552433230206f7065726174696f6e20646964206e6044820152691bdd081cdd58d8d9595960b21b6064820152608401610323565b60606110ad84846000856110b5565b949350505050565b6060824710156111165760405162461bcd60e51b815260206004820152602660248201527f416464726573733a20696e73756666696369656e742062616c616e636520666f6044820152651c8818d85b1b60d21b6064820152608401610323565b600080866001600160a01b0316858760405161113291906117dc565b60006040518083038185875af1925050503d806000811461116f576040519150601f19603f3d011682016040523d82523d6000602084013e611174565b606091505b509150915061118587838387611190565b979650505050505050565b606083156111ff5782516000036111f8576001600160a01b0385163b6111f85760405162461bcd60e51b815260206004820152601d60248201527f416464726573733a2063616c6c20746f206e6f6e2d636f6e74726163740000006044820152606401610323565b50816110ad565b6110ad83838151156112145781518083602001fd5b8060405162461bcd60e51b8152600401610323919061166c565b6001600160a01b038116811461124357600080fd5b50565b634e487b7160e01b600052604160045260246000fd5b80356112678161122e565b919050565b6000806000806080858703121561128257600080fd5b843561128d8161122e565b935060208501359250604085013567ffffffffffffffff808211156112b157600080fd5b818701915087601f8301126112c557600080fd5b8135818111156112d7576112d7611246565b604051601f8201601f19908116603f011681019083821181831017156112ff576112ff611246565b816040528281528a602084870101111561131857600080fd5b82602086016020830137600060208483010152809650505050505061133f6060860161125c565b905092959194509250565b60008060006060848603121561135f57600080fd5b833561136a8161122e565b9250602084013561137a8161122e565b929592945050506040919091013590565b6000806020838503121561139e57600080fd5b823567ffffffffffffffff808211156113b657600080fd5b818501915085601f8301126113ca57600080fd5b8135818111156113d957600080fd5b8660208260051b85010111156113ee57600080fd5b60209290920196919550909350505050565b60008060008060008060008060006101008a8c03121561141f57600080fd5b893561142a8161122e565b985060208a013567ffffffffffffffff8082111561144757600080fd5b818c0191508c601f83011261145b57600080fd5b81358181111561146a57600080fd5b8d602082850101111561147c57600080fd5b602083019a5080995050505060408a0135955060608a013594506114a260808b0161125c565b93506114b060a08b0161125c565b925060c08a0135915060e08a013590509295985092959850929598565b6000602082840312156114df57600080fd5b8135610f928161122e565b6000806000806080858703121561150057600080fd5b843561150b8161122e565b9350602085013561151b8161122e565b9250604085013561152b8161122e565b9150606085013561153b8161122e565b939692955090935050565b8051801515811461126757600080fd5b60008060008060008060c0878903121561156f57600080fd5b61157887611546565b955060208701516115888161122e565b60408801519095506003811061159d57600080fd5b606088015190945062ffffff811681146115b657600080fd5b608088015190935063ffffffff811681146115d057600080fd5b8092505060a087015190509295509295509295565b634e487b7160e01b600052602160045260246000fd5b60006020828403121561160d57600080fd5b5051919050565b60005b8381101561162f578181015183820152602001611617565b83811115610e665750506000910152565b60008151808452611658816020860160208601611614565b601f01601f19169290920160200192915050565b602081526000610f926020830184611640565b6020808252600e908201526d139bdd08185d5d1a1bdc9a5e995960921b604082015260600190565b634e487b7160e01b600052603260045260246000fd5b6000808335601e198436030181126116d457600080fd5b83018035915067ffffffffffffffff8211156116ef57600080fd5b60200191503681900382131561170457600080fd5b9250929050565b81835281816020850137506000828201602090810191909152601f909101601f19169091010190565b6020815260006110ad60208301848661170b565b60006001820161176857634e487b7160e01b600052601160045260246000fd5b5060010190565b60006020828403121561178157600080fd5b610f9282611546565b60e08152600061179e60e083018a8c61170b565b60208301989098525060408101959095526001600160a01b03938416606086015291909216608084015260a083019190915260c09091015292915050565b600082516117ee818460208701611614565b919091019291505056fea2646970667358221220e745feb45b8ada2f8bd0abe0c58d5b95acdf09d0368120897e69370f0e13539f64736f6c634300080e003300000000000000000000000000000000000000000000000000000000000000000000000000000000000000005e92e534faa0c816fb449f95a29182978d47cf65000000000000000000000000a27bc61b39450b3e481859df96617dd50ec8dc1f000000000000000000000000941c2f20ca7e899efec1b0b502a51bd95ab7c206
Deployed Bytecode
0x6080604052600436106100a75760003560e01c80636485ba2a116100645780636485ba2a14610183578063b438689f146101a3578063cea9d26f146101b6578063e2658c9c146101d6578063e7d460bb146101f6578063f8c8765e1461021657600080fd5b806314e18376146100ac57806336a3874b146100c15780633cb837fd146100fd5780633ef107831461011d57806347ff589d1461013d5780635aa6e6751461015d575b600080fd5b6100bf6100ba36600461126c565b610236565b005b3480156100cd57600080fd5b506001546100e1906001600160a01b031681565b6040516001600160a01b03909116815260200160405180910390f35b34801561010957600080fd5b506003546100e1906001600160a01b031681565b34801561012957600080fd5b506100bf61013836600461134a565b610593565b34801561014957600080fd5b506002546100e1906001600160a01b031681565b34801561016957600080fd5b506000546100e1906201000090046001600160a01b031681565b34801561018f57600080fd5b506100bf61019e36600461138b565b6105d6565b6100bf6101b1366004611400565b61064f565b3480156101c257600080fd5b506100bf6101d136600461134a565b610908565b3480156101e257600080fd5b506100bf6101f13660046114cd565b610b33565b34801561020257600080fd5b506100bf6102113660046114cd565b610bb8565b34801561022257600080fd5b506100bf6102313660046114ea565b610c96565b60015460405163032bb44360e01b81526001600160a01b038681166004830152600092839283928392169063032bb4439060240160c060405180830381865afa158015610287573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ab9190611556565b95505050935093509350600060028111156102c8576102c86115e5565b8260028111156102da576102da6115e5565b0361032c5760405162461bcd60e51b815260206004820152601d60248201527f54686520696e7374616e6365206973206e6f7420737570706f7274656400000060448201526064015b60405180910390fd5b6040516370a0823160e01b81526001600160a01b0389811660048301528291908516906370a0823190602401602060405180830381865afa158015610375573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061039991906115fb565b106103e65760405162461bcd60e51b815260206004820152601f60248201527f457863656564206465706f7369742043617020666f722074686520706f6f6c006044820152606401610323565b83156104655761046533308a6001600160a01b0316638bca6d166040518163ffffffff1660e01b8152600401602060405180830381865afa15801561042f573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061045391906115fb565b6001600160a01b038716929190610dfb565b60405163b214faa560e01b8152600481018890526001600160a01b0389169063b214faa59034906024016000604051808303818588803b1580156104a857600080fd5b505af11580156104bc573d6000803e3d6000fd5b50600293506104ca92505050565b8260028111156104dc576104dc6115e5565b036105485760035460405163c6758d6b60e01b81526001600160a01b038a81166004830152602482018a90529091169063c6758d6b90604401600060405180830381600087803b15801561052f57600080fd5b505af1158015610543573d6000803e3d6000fd5b505050505b846001600160a01b03167ffa28df43db3553771f7209dcef046f3bdfea15870ab625dcda30ac58b82b400887604051610581919061166c565b60405180910390a25050505050505050565b6001546001600160a01b031633146105bd5760405162461bcd60e51b81526004016103239061167f565b6105d16001600160a01b0384168383610e6c565b505050565b60005b818110156105d157337ffa28df43db3553771f7209dcef046f3bdfea15870ab625dcda30ac58b82b4008848484818110610615576106156116a7565b905060200281019061062791906116bd565b604051610635929190611734565b60405180910390a28061064781611748565b9150506105d9565b60015460405163032bb44360e01b81526001600160a01b038b81166004830152600092169063032bb4439060240160c060405180830381865afa15801561069a573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906106be9190611556565b50919450600093506106cf92505050565b8160028111156106e1576106e16115e5565b0361072e5760405162461bcd60e51b815260206004820152601d60248201527f54686520696e7374616e6365206973206e6f7420737570706f727465640000006044820152606401610323565b846001600160a01b0316846001600160a01b0316146108085760025460405163fb04c93960e01b81526001600160a01b0386811660048301529091169063fb04c93990602401602060405180830381865afa158015610791573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906107b5919061176f565b80156107c95750336001600160a01b038516145b6108085760405162461bcd60e51b815260206004820152601060248201526f24b73b30b634b2102932b630bcb2b91760811b6044820152606401610323565b6040516310d056db60e11b81526001600160a01b038b16906321a0adb6903490610844908d908d908d908d908d908d908d908d9060040161178a565b6000604051808303818588803b15801561085d57600080fd5b505af1158015610871573d6000803e3d6000fd5b506002935061087f92505050565b816002811115610891576108916115e5565b036108fc57600354604051620d70c960e51b81526001600160a01b038c8116600483015260248201899052909116906301ae192090604401600060405180830381600087803b1580156108e357600080fd5b505af11580156108f7573d6000803e3d6000fd5b505050505b50505050505050505050565b6000546201000090046001600160a01b031633146109385760405162461bcd60e51b81526004016103239061167f565b6001600160a01b03821661098e5760405162461bcd60e51b815260206004820181905260248201527f50473a2063616e206e6f742073656e6420746f207a65726f20616464726573736044820152606401610323565b6001600160a01b038316610a4d574760006109a98284610f81565b90506000846001600160a01b03168260405160006040518083038185875af1925050503d80600081146109f8576040519150601f19603f3d011682016040523d82523d6000602084013e6109fd565b606091505b5050905080610a455760405162461bcd60e51b81526020600482015260146024820152732330b4b632b2103a379039b2b7321022ba3432b960611b6044820152606401610323565b505050505050565b6040516370a0823160e01b81523060048201526000906001600160a01b038516906370a0823190602401602060405180830381865afa158015610a94573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610ab891906115fb565b90506000610ac68284610f81565b905060008111610b185760405162461bcd60e51b815260206004820152601c60248201527f50473a20747279696e6720746f2073656e6420302062616c616e6365000000006044820152606401610323565b610b2c6001600160a01b0386168583610f99565b5050505050565b6000546201000090046001600160a01b03163314610b635760405162461bcd60e51b81526004016103239061167f565b600380546001600160a01b0319166001600160a01b0383169081179091556040519081527fd5ef75672982cb39cc849450302ce426d1655271003cae8a66cb533c12f86ecc906020015b60405180910390a150565b6000546201000090046001600160a01b03163314610be85760405162461bcd60e51b81526004016103239061167f565b6001600160a01b038116610c3e5760405162461bcd60e51b815260206004820152601960248201527f456d70747920676f7665726e616e636520616464726573732e000000000000006044820152606401610323565b6000805462010000600160b01b031916620100006001600160a01b038416908102919091179091556040519081527fdfcda33d8201dd955a88e96312bfcc91eaf5915e4a050f08e067acfda262896a90602001610bad565b600054610100900460ff1615808015610cb65750600054600160ff909116105b80610cd05750303b158015610cd0575060005460ff166001145b610d335760405162461bcd60e51b815260206004820152602e60248201527f496e697469616c697a61626c653a20636f6e747261637420697320616c72656160448201526d191e481a5b9a5d1a585b1a5e995960921b6064820152608401610323565b6000805460ff191660011790558015610d56576000805461ff0019166101001790555b600380546001600160a01b03199081166001600160a01b03888116919091179092556000805462010000600160b01b0319166201000088851602179055600180548216868416179055600280549091169184169190911790558015610b2c576000805461ff0019169055604051600181527f7f26b83ff96e1f2b6a682f133852f6798a09c465da95921460cefb38474024989060200160405180910390a15050505050565b6040516001600160a01b0380851660248301528316604482015260648101829052610e669085906323b872dd60e01b906084015b60408051601f198184030181529190526020810180516001600160e01b03166001600160e01b031990931692909217909152610fc9565b50505050565b801580610ee65750604051636eb1769f60e11b81523060048201526001600160a01b03838116602483015284169063dd62ed3e90604401602060405180830381865afa158015610ec0573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610ee491906115fb565b155b610f515760405162461bcd60e51b815260206004820152603660248201527f5361666545524332303a20617070726f76652066726f6d206e6f6e2d7a65726f60448201527520746f206e6f6e2d7a65726f20616c6c6f77616e636560501b6064820152608401610323565b6040516001600160a01b0383166024820152604481018290526105d190849063095ea7b360e01b90606401610e2f565b6000818310610f905781610f92565b825b9392505050565b6040516001600160a01b0383166024820152604481018290526105d190849063a9059cbb60e01b90606401610e2f565b600061101e826040518060400160405280602081526020017f5361666545524332303a206c6f772d6c6576656c2063616c6c206661696c6564815250856001600160a01b031661109e9092919063ffffffff16565b905080516000148061103f57508080602001905181019061103f919061176f565b6105d15760405162461bcd60e51b815260206004820152602a60248201527f5361666545524332303a204552433230206f7065726174696f6e20646964206e6044820152691bdd081cdd58d8d9595960b21b6064820152608401610323565b60606110ad84846000856110b5565b949350505050565b6060824710156111165760405162461bcd60e51b815260206004820152602660248201527f416464726573733a20696e73756666696369656e742062616c616e636520666f6044820152651c8818d85b1b60d21b6064820152608401610323565b600080866001600160a01b0316858760405161113291906117dc565b60006040518083038185875af1925050503d806000811461116f576040519150601f19603f3d011682016040523d82523d6000602084013e611174565b606091505b509150915061118587838387611190565b979650505050505050565b606083156111ff5782516000036111f8576001600160a01b0385163b6111f85760405162461bcd60e51b815260206004820152601d60248201527f416464726573733a2063616c6c20746f206e6f6e2d636f6e74726163740000006044820152606401610323565b50816110ad565b6110ad83838151156112145781518083602001fd5b8060405162461bcd60e51b8152600401610323919061166c565b6001600160a01b038116811461124357600080fd5b50565b634e487b7160e01b600052604160045260246000fd5b80356112678161122e565b919050565b6000806000806080858703121561128257600080fd5b843561128d8161122e565b935060208501359250604085013567ffffffffffffffff808211156112b157600080fd5b818701915087601f8301126112c557600080fd5b8135818111156112d7576112d7611246565b604051601f8201601f19908116603f011681019083821181831017156112ff576112ff611246565b816040528281528a602084870101111561131857600080fd5b82602086016020830137600060208483010152809650505050505061133f6060860161125c565b905092959194509250565b60008060006060848603121561135f57600080fd5b833561136a8161122e565b9250602084013561137a8161122e565b929592945050506040919091013590565b6000806020838503121561139e57600080fd5b823567ffffffffffffffff808211156113b657600080fd5b818501915085601f8301126113ca57600080fd5b8135818111156113d957600080fd5b8660208260051b85010111156113ee57600080fd5b60209290920196919550909350505050565b60008060008060008060008060006101008a8c03121561141f57600080fd5b893561142a8161122e565b985060208a013567ffffffffffffffff8082111561144757600080fd5b818c0191508c601f83011261145b57600080fd5b81358181111561146a57600080fd5b8d602082850101111561147c57600080fd5b602083019a5080995050505060408a0135955060608a013594506114a260808b0161125c565b93506114b060a08b0161125c565b925060c08a0135915060e08a013590509295985092959850929598565b6000602082840312156114df57600080fd5b8135610f928161122e565b6000806000806080858703121561150057600080fd5b843561150b8161122e565b9350602085013561151b8161122e565b9250604085013561152b8161122e565b9150606085013561153b8161122e565b939692955090935050565b8051801515811461126757600080fd5b60008060008060008060c0878903121561156f57600080fd5b61157887611546565b955060208701516115888161122e565b60408801519095506003811061159d57600080fd5b606088015190945062ffffff811681146115b657600080fd5b608088015190935063ffffffff811681146115d057600080fd5b8092505060a087015190509295509295509295565b634e487b7160e01b600052602160045260246000fd5b60006020828403121561160d57600080fd5b5051919050565b60005b8381101561162f578181015183820152602001611617565b83811115610e665750506000910152565b60008151808452611658816020860160208601611614565b601f01601f19169290920160200192915050565b602081526000610f926020830184611640565b6020808252600e908201526d139bdd08185d5d1a1bdc9a5e995960921b604082015260600190565b634e487b7160e01b600052603260045260246000fd5b6000808335601e198436030181126116d457600080fd5b83018035915067ffffffffffffffff8211156116ef57600080fd5b60200191503681900382131561170457600080fd5b9250929050565b81835281816020850137506000828201602090810191909152601f909101601f19169091010190565b6020815260006110ad60208301848661170b565b60006001820161176857634e487b7160e01b600052601160045260246000fd5b5060010190565b60006020828403121561178157600080fd5b610f9282611546565b60e08152600061179e60e083018a8c61170b565b60208301989098525060408101959095526001600160a01b03938416606086015291909216608084015260a083019190915260c09091015292915050565b600082516117ee818460208701611614565b919091019291505056fea2646970667358221220e745feb45b8ada2f8bd0abe0c58d5b95acdf09d0368120897e69370f0e13539f64736f6c634300080e0033
Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)
00000000000000000000000000000000000000000000000000000000000000000000000000000000000000005e92e534faa0c816fb449f95a29182978d47cf65000000000000000000000000a27bc61b39450b3e481859df96617dd50ec8dc1f000000000000000000000000941c2f20ca7e899efec1b0b502a51bd95ab7c206
-----Decoded View---------------
Arg [0] : _tornadoTrees (address): 0x0000000000000000000000000000000000000000
Arg [1] : _governance (address): 0x5e92e534fAa0c816fb449F95A29182978D47CF65
Arg [2] : _instanceRegistry (address): 0xA27bC61b39450b3e481859DF96617Dd50ec8dc1F
Arg [3] : _relayerRegistry (address): 0x941c2F20ca7E899EfeC1B0b502A51bd95ab7c206
-----Encoded View---------------
4 Constructor Arguments found :
Arg [0] : 0000000000000000000000000000000000000000000000000000000000000000
Arg [1] : 0000000000000000000000005e92e534faa0c816fb449f95a29182978d47cf65
Arg [2] : 000000000000000000000000a27bc61b39450b3e481859df96617dd50ec8dc1f
Arg [3] : 000000000000000000000000941c2f20ca7e899efec1b0b502a51bd95ab7c206
Loading...
Loading
Loading...
Loading
Multichain Portfolio | 26 Chains
| Chain | Token | Portfolio % | Price | Amount | Value |
|---|
Loading...
Loading
[ Download: CSV Export ]
[ Download: CSV Export ]
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.