Sponsored
MoonPay
Buy, sell and swap Ethereum with MoonPay.Buy Now!
Spend less on fees, more on crypto. Buy crypto easily with MoonPay Balance. 20M+ users trust MoonPay worldwide.
MetaMask
Buy and swap tokens in a few clicks. Buy Now!
Choose from 1000s of tokens directly in MetaMask. Token swaps available across 9 networks.
eToro
One-stop crypto shop: trusted, simple & safe.
Don’t invest unless you’re prepared to lose all the money you invest.
Sponsored
Сoins.game
100 free spins for registration. Spin now!
Everyday giveaways up to 100 ETH, Lucky Spins. Deposit BONUS 300% and Cashbacks!
BC.GAME
The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
Stake
200% Bonus, 100K Daily Giveaways, Instant Withdrawals Play Now!
Slots, Roulette, Poker & more - Proud sponsors of UFC, Everton & StakeF1 team!
Sponsored
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
CryptoSlots
Play & Get 25 Free Spins at CryptoSlots Play Now
Anonymous play on awesome games - sign up now for 25 free jackpot spins - worth $100s!
CryptoWins
200% More Funds to Play on Us up to 4 BTC! Claim Now!
100s of games, generous bonuses, 20+ years of trusted gaming. Join CryptoWins & start winning today!
Overview
ETH Balance
0 ETH
Eth Value
$0.00Token Holdings
More Info
Private Name Tags
ContractCreator
TokenTracker
Latest 25 from a total of 110 transactions
| Transaction Hash |
Method
|
Block
|
From
|
To
|
|||||
|---|---|---|---|---|---|---|---|---|---|
| Batch Claim | 21978982 | 29 hrs ago | IN | 0 ETH | 0.00008995 | ||||
| Batch Claim | 21978683 | 30 hrs ago | IN | 0 ETH | 0.00007236 | ||||
| Batch Claim | 21977485 | 34 hrs ago | IN | 0 ETH | 0.00005997 | ||||
| Batch Claim | 21977005 | 35 hrs ago | IN | 0 ETH | 0.00005181 | ||||
| Batch Claim | 21976300 | 38 hrs ago | IN | 0 ETH | 0.00011127 | ||||
| Batch Claim | 21976300 | 38 hrs ago | IN | 0 ETH | 0.00015635 | ||||
| Batch Claim | 21976021 | 39 hrs ago | IN | 0 ETH | 0.00011198 | ||||
| Stake | 21975951 | 39 hrs ago | IN | 0 ETH | 0.0002254 | ||||
| Batch Claim | 21975447 | 41 hrs ago | IN | 0 ETH | 0.0001757 | ||||
| Batch Claim | 21975266 | 41 hrs ago | IN | 0 ETH | 0.0001649 | ||||
| Batch Claim | 21975226 | 41 hrs ago | IN | 0 ETH | 0.00065918 | ||||
| Batch Claim | 21975210 | 41 hrs ago | IN | 0 ETH | 0.00093161 | ||||
| Stake | 21972113 | 2 days ago | IN | 0 ETH | 0.00020596 | ||||
| Stake | 21971590 | 2 days ago | IN | 0 ETH | 0.00013916 | ||||
| Stake | 21963029 | 3 days ago | IN | 0 ETH | 0.0002482 | ||||
| Stake | 21961377 | 3 days ago | IN | 0 ETH | 0.00056171 | ||||
| Batch Claim | 21961369 | 3 days ago | IN | 0 ETH | 0.00022291 | ||||
| Stake | 21960640 | 3 days ago | IN | 0 ETH | 0.00595481 | ||||
| Stake | 21954666 | 4 days ago | IN | 0 ETH | 0.00018738 | ||||
| Batch Claim | 21947467 | 5 days ago | IN | 0 ETH | 0.00012089 | ||||
| Batch Claim | 21946475 | 5 days ago | IN | 0 ETH | 0.00008189 | ||||
| Stake | 21945605 | 5 days ago | IN | 0 ETH | 0.00080243 | ||||
| Stake | 21940211 | 6 days ago | IN | 0 ETH | 0.00020393 | ||||
| Compound Rewards | 21939943 | 6 days ago | IN | 0 ETH | 0.00022108 | ||||
| Set Approval For... | 21939938 | 6 days ago | IN | 0 ETH | 0.00005544 |
View more zero value Internal Transactions in Advanced View mode
Advanced mode:
Loading...
Loading
This contract may be a proxy contract. Click on More Options and select Is this a proxy? to confirm and enable the "Read as Proxy" & "Write as Proxy" tabs.
Contract Source Code Verified (Exact Match)
Contract Name:
ShaolinStaking
Compiler Version
v0.8.27+commit.40a35a09
Optimization Enabled:
Yes with 200 runs
Other Settings:
shanghai EvmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.27;
import "@const/Constants.sol";
import {Time} from "@utils/Time.sol";
import {Errors} from "@utils/Errors.sol";
import {Shaolin} from "@core/Shaolin.sol";
import {IWETH9} from "@interfaces/IWETH9.sol";
import {wdiv, wmul, sub, wpow} from "@utils/Math.sol";
import {SwapActions, SwapActionParams} from "@actions/SwapActions.sol";
import {ERC721} from "@openzeppelin/contracts/token/ERC721/ERC721.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {ERC20Burnable} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";
struct UserRecord {
uint256 shares;
uint256 lockedShaolin;
uint256 rewardDebt;
uint32 endTime;
}
/**
* @title ShaolinStaking
* @notice The staking contract of the Shaolin system, allowing users to stake tokens, earn rewards, and compound earnings.
* @dev This contract implements staking using ERC721 tokens as proof of staking positions. Users can stake and earn rewards based on locked periods.
*/
contract ShaolinStaking is ERC721, SwapActions {
using SafeERC20 for *;
/**
* @notice Enum to represent different staking pools with varying durations.
*/
enum POOLS {
DAY8, // 8-day pool
DAY16 // 16-day pool
}
uint32 public constant MIN_DURATION = 88 days;
uint32 public constant MAX_DURATION = 365 days;
uint32 public immutable startTimestamp;
IWETH9 public immutable weth;
Shaolin public immutable shaolin;
uint256 public totalShares;
uint256 public rewardPerShare;
uint96 public tokenId;
uint32 public lastDistributedDay;
mapping(POOLS => uint256) public toDistribute;
mapping(uint256 id => UserRecord record) public userRecords;
mapping(address user => uint256 totalShares) public userShares;
mapping(address => bool) isBlacklisted;
//==========ERRORS==========//
error ShaolinStaking__InvalidDuration();
error ShaolinStaking__NoSharesToClaim();
error ShaolinStaking__LockPeriodNotOver();
error ShaolinStaking__Blacklisted(address _user);
error ShaolinStaking__OnlyMintingAndBurning();
/**
* @dev Emitted when a user stakes `shaolin` tokens for a specific `duration`.
* @param staker The address of the user staking.
* @param shaolin Amount of shaolin tokens staked.
* @param id The staking position token ID.
* @param _shares The number of shares obtained from the staking.
* @param duration The duration for which the tokens are staked.
*/
event Staked(address indexed staker, uint256 indexed shaolin, uint152 indexed id, uint256 _shares, uint32 duration);
/**
* @dev Emitted when a user unstakes their tokens.
* @param shares The number of shares being unstaked.
* @param shaolinAmountReceived The amount of shaolin tokens returned to the user.
* @param _tokenId The staking position token ID.
* @param recepient The address receiving the unstaked tokens.
*/
event Unstaked(
uint256 indexed shares, uint256 indexed shaolinAmountReceived, uint256 indexed _tokenId, address recepient
);
/**
* @dev Emitted when a user claims rewards.
* @param id The staking position token ID.
* @param rewards The amount of rewards claimed.
* @param newRewardDebt The updated reward debt for the staking position.
* @param ownerOfStake The owner of the staking position.
*/
event Claimed(uint256 indexed id, uint256 indexed rewards, uint256 indexed newRewardDebt, address ownerOfStake);
/**
* @dev Emitted when rewards are distributed for a pool.
* @param pool The pool where rewards are distributed.
* @param amount The amount of rewards distributed.
*/
event Distributed(POOLS indexed pool, uint256 indexed amount);
/**
* @dev Emitted when rewards are auto compounded
* @param newShares The additional shares received from the compounding
* @param stakeId The stake id that had auto compounded the rewards
* @param ownerOfStake The owner of the stake
*/
event CompoundedRewards(uint256 indexed newShares, uint256 indexed stakeId, address indexed ownerOfStake);
constructor(uint32 _startTimestamp, address _shaolin, address _weth, SwapActionParams memory _params)
SwapActions(_params)
ERC721("Staking", "STK")
{
startTimestamp = _startTimestamp;
shaolin = Shaolin(_shaolin);
weth = IWETH9(_weth);
lastDistributedDay = 1;
}
modifier notBlackListed(address _user) {
_notBlacklisted(_user);
_;
}
function toggleBlackListed(address _user, bool _value) external onlyOwner {
isBlacklisted[_user] = _value;
}
/**
* @notice Allows a user to stake a certain amount of Shaolin tokens for a specific duration.
* @param _duration The duration (in seconds) to lock the tokens for.
* @param _shaolinAmount The amount of Shaolin tokens to stake.
* @return _tokenId The ID of the staking position token created.
* @return shares The number of shares granted for staking.
*/
function stake(uint32 _duration, uint256 _shaolinAmount)
external
notAmount0(_shaolinAmount)
notBlackListed(msg.sender)
returns (uint96 _tokenId, uint256 shares)
{
require(
MIN_DURATION <= _duration && _duration <= MAX_DURATION && _duration % 24 hours == 0,
ShaolinStaking__InvalidDuration()
);
updateRewardsIfNecessary();
_tokenId = ++tokenId;
shares = convertShaolinToShares(_shaolinAmount, _duration);
userRecords[_tokenId] = UserRecord({
endTime: Time.blockTs() + _duration,
shares: shares,
rewardDebt: rewardPerShare,
lockedShaolin: _shaolinAmount
});
totalShares += shares;
userShares[msg.sender] += shares;
emit Staked(msg.sender, _shaolinAmount, _tokenId, shares, _duration);
shaolin.transferFrom(msg.sender, address(this), _shaolinAmount);
_mint(msg.sender, _tokenId);
}
/**
* @notice Allows a user to batch check the total claimable rewards for multiple staking positions.
* @param _ids The array of staking position token IDs.
* @return toClaim The total amount of claimable rewards.
*/
function batchClaimableAmount(uint256[] calldata _ids) external view returns (uint256 toClaim) {
uint32 currentDay = _getCurrentDay();
uint256 m_rewardsPerShare = rewardPerShare;
bool distributeDay8 = (currentDay / 8 > lastDistributedDay / 8);
bool distributeDay16 = (currentDay / 16 > lastDistributedDay / 16);
if (distributeDay8) m_rewardsPerShare += wdiv(toDistribute[POOLS.DAY8], totalShares);
if (distributeDay16) m_rewardsPerShare += wdiv(toDistribute[POOLS.DAY16], totalShares);
for (uint256 i; i < _ids.length; ++i) {
uint256 _id = _ids[i];
UserRecord memory _rec = userRecords[_id];
toClaim += wmul(_rec.shares, m_rewardsPerShare - _rec.rewardDebt);
}
}
/**
* @notice Allows a user to unstake their tokens after the staking period has ended.
* @param _tokenId The staking position token ID.
* @param _receiver The address to receive the unstaked tokens.
*/
function unstake(uint256 _tokenId, address _receiver) public notAddress0(_receiver) notAmount0(_tokenId) {
UserRecord memory record = userRecords[_tokenId];
require(record.shares != 0, ShaolinStaking__NoSharesToClaim());
require(record.endTime <= Time.blockTs(), ShaolinStaking__LockPeriodNotOver());
isApprovedOrOwner(_tokenId, msg.sender);
address ownerOfPosition = ownerOf(_tokenId);
_claim(_tokenId, _receiver);
uint256 _locked = record.lockedShaolin;
uint256 _shares = record.shares;
delete userRecords[_tokenId];
totalShares -= _shares;
userShares[ownerOfPosition] -= _shares;
emit Unstaked(_shares, _locked, _tokenId, _receiver);
shaolin.transfer(_receiver, _locked);
_burn(_tokenId);
}
function compoundRewards(uint256 _id, uint256 _amountShaolinMin, uint32 _deadline)
external
notExpired(_deadline)
notBlackListed(ownerOf(_id))
{
updateRewardsIfNecessary();
isApprovedOrOwner(_id, msg.sender);
UserRecord storage _rec = userRecords[_id];
uint256 amountToCompound = wmul(_rec.shares, rewardPerShare - _rec.rewardDebt);
uint256 shaolinAmount =
swapExactInput(address(weth), address(shaolin), amountToCompound, _amountShaolinMin, POOL_FEE, _deadline);
_rec.rewardDebt = rewardPerShare;
_rec.lockedShaolin += uint256(shaolinAmount);
_rec.shares += uint256(shaolinAmount);
address _ownerOfPosition = ownerOf(_id);
userShares[_ownerOfPosition] += shaolinAmount;
totalShares += shaolinAmount;
emit CompoundedRewards(shaolinAmount, _id, ownerOf(_id));
}
function convertShaolinToShares(uint256 _amount, uint32 _duration) public pure returns (uint256 shares) {
shares = _amount;
shares += uint256(
wmul(
uint256(_amount),
_stakingBonus(
_duration, MIN_DURATION, MAX_DURATION, STAKING_ERANK_MINIMUM_BONUS, STAKING_ERANK_MAXIMUM_BONUS
)
)
);
}
// Generic function to calculate the linear interpolation
function _stakingBonus(
uint32 _duration,
uint32 _lowerBoundDays,
uint32 _upperBoundDays,
uint256 _lowerMultiplier,
uint256 _upperMultiplier
) private pure returns (uint256) {
return _lowerMultiplier
+ (_duration - _lowerBoundDays) * (_upperMultiplier - _lowerMultiplier) / (_upperBoundDays - _lowerBoundDays);
}
/**
* @notice Allows batch unstaking of multiple staking positions.
* @param _ids Array of staking position token IDs.
* @param _receiver Address to receive the unstaked tokens.
*/
function batchUnstake(uint256[] calldata _ids, address _receiver) external {
for (uint256 i; i < _ids.length; ++i) {
unstake(_ids[i], _receiver);
}
}
/**
* @notice Allows a user to claim their staking rewards.
* @param _tokenId The staking position token ID.
* @param _receiver The address to receive the rewards.
*/
function claim(uint256 _tokenId, address _receiver) public notAddress0(_receiver) notAmount0(_tokenId) {
isApprovedOrOwner(_tokenId, msg.sender);
_claim(_tokenId, _receiver);
}
/**
* @notice Batch claim rewards for multiple staking positions.
* @param _ids Array of staking position token IDs.
* @param _receiver Address to receive the claimed rewards.
*/
function batchClaim(uint256[] calldata _ids, address _receiver) external {
for (uint256 i; i < _ids.length; ++i) {
claim(_ids[i], _receiver);
}
}
/**
* @notice Checks if the user is authorized to operate on a given token.
* @param _tokenId The staking position token ID.
* @param _spender The address to check.
*/
function isApprovedOrOwner(uint256 _tokenId, address _spender) public view {
_checkAuthorized(ownerOf(_tokenId), _spender, _tokenId);
}
/**
* @notice Distributes rewards into the staking pools.
* @param _amount The amount of rewards to distribute.
*/
function distribute(uint256 _amount) external notAmount0(_amount) {
_distribute(_amount);
}
function distributeToSpecificPool(POOLS _pool, uint256 _amount) external notAmount0(_amount) {
updateRewardsIfNecessary();
weth.safeTransferFrom(msg.sender, address(this), _amount);
toDistribute[_pool] += _amount;
}
/**
* @notice Updates the staking rewards if necessary.
*/
function updateRewardsIfNecessary() public {
if (totalShares == 0) return;
uint32 currentDay = _getCurrentDay();
bool distributeDay8 = (currentDay / 8 > lastDistributedDay / 8);
bool distributeDay16 = (currentDay / 16 > lastDistributedDay / 16);
if (distributeDay8) _updateRewards(POOLS.DAY8, toDistribute);
if (distributeDay16) _updateRewards(POOLS.DAY16, toDistribute);
lastDistributedDay = currentDay;
}
/**
* @dev Internal function to claim rewards for a staking position.
* @param _tokenId The staking position token ID.
* @param _receiver The address to receive the rewards.
*/
function _claim(uint256 _tokenId, address _receiver) internal {
UserRecord storage _rec = userRecords[_tokenId];
updateRewardsIfNecessary();
uint256 amountToClaim = wmul(_rec.shares, rewardPerShare - _rec.rewardDebt);
_rec.rewardDebt = rewardPerShare;
emit Claimed(_tokenId, amountToClaim, rewardPerShare, ownerOf(_tokenId));
weth.transfer(_receiver, amountToClaim);
}
/**
* @dev Internal function to distribute rewards into pools.
* @param amount The amount of rewards to distribute.
*/
function _distribute(uint256 amount) internal {
updateRewardsIfNecessary();
toDistribute[POOLS.DAY8] += wmul(amount, DAY8POOL_DIST);
toDistribute[POOLS.DAY16] += wmul(amount, DAY16POOL_DIST);
weth.safeTransferFrom(msg.sender, address(this), amount);
}
/**
* @dev Internal function to update rewards for a given pool.
* @param pool The pool being updated.
* @param toDist A reference to the mapping of distributions.
*/
function _updateRewards(POOLS pool, mapping(POOLS => uint256) storage toDist) internal {
if (toDist[pool] == 0) return;
rewardPerShare += wdiv(toDist[pool], totalShares);
emit Distributed(pool, toDist[pool]);
toDistribute[pool] = 0;
}
/**
* @dev Returns the current day since the contract started.
* @return currentDay The current day.
*/
function _getCurrentDay() internal view returns (uint32 currentDay) {
if (startTimestamp > Time.blockTs()) return 1;
currentDay = Time.dayGap(startTimestamp, Time.blockTs()) + 1;
}
function _notBlacklisted(address _user) internal view {
require(!isBlacklisted[_user], ShaolinStaking__Blacklisted(_user));
}
/**
* @dev Overrides the _update function from ERC721 to restrict token transfers.
* @param to The address to update the ownership to.
* @param _id The ID of the token.
* @param auth The authorized address for the update.
* @return The address of the token's previous owner.
*/
function _update(address to, uint256 _id, address auth) internal override returns (address) {
address from = _ownerOf(_id);
require(from == address(0) || to == address(0), ShaolinStaking__OnlyMintingAndBurning());
return super._update(to, _id, auth);
}
}// SPDX-License-Identifier: MIT pragma solidity 0.8.27; // Distribution addresses address constant DEAD_ADDR = 0x000000000000000000000000000000000000dEaD; address constant GENESIS_2 = 0xE2A8315e1219361F7fCD2De5872e457bC6A804Fe; address constant OWNER = 0x5da227386E0FD73329FE3923394913ecA3A624f7; address constant GENESIS_WALLET = 0x8881243728be21c9DF8804B527fB33085d59CFbF; address constant FEES_WALLET = 0x248da8895EEda78f41611E4d0960962E74518E93; address constant LIQUIDITY_BONDING = 0x3eB390EC0816c8ADC22A29379050BeC45Caf9AED; address constant EDEN_BNB = 0x1681EB21026104Fa63121fD517e065cEc21A4b4C; address constant LOTUS_BNB = 0xfa7FB02eF0E934c6c2106617eBbbD0b7a01f57D5; // Percentages in WAD uint64 constant INCENTIVE_FEE = 0.015e18; //1.5% uint64 constant TO_BUY_AND_BURN = 0.35e18; // 35% uint64 constant TO_REWARD_POOLS = 0.2e18; // 20% uint64 constant TO_CONVERT_TO_WBTC = 0.15e18; // 15% uint64 constant TO_LAMBO_REWARD = 0.04e18; // 4% uint64 constant TO_LOTUS_EDEN_BNB = 0.14e18; // 14% uint64 constant TO_LIQUIDITY_BONDING = 0.04e18; // 4% uint64 constant TO_GENESIS = 0.06e18; // 6% uint64 constant TO_GENESIS_2 = 0.02e18; // 2% uint256 constant FOR_VOLT_TREASURY = 0.168e18; // 16.7% uint256 constant MIN_SHAO_FOR_WBTC_POOL = 125_000e18; uint256 constant MIN_SHAO_FOR_LAMBO_POOL = 375_000e18; // Reward pools distribution uint64 constant DAY8POOL_DIST = 0.5e18; // 50% uint64 constant DAY16POOL_DIST = 0.5e18; // 50% // ERANK BONUSES uint64 constant MINING_ERANK_25DAYS = 0.03e18; // 3% uint64 constant MINING_ERANK_50DAYS = 0.08e18; // 8% uint64 constant MINING_ERANK_75DAYS = 0.13e18; // 13% uint64 constant MINING_ERANK_100DAYS = 0.18e18; // 18% uint64 constant STAKING_ERANK_MINIMUM_BONUS = 0.05e18; // 5% uint64 constant STAKING_ERANK_MAXIMUM_BONUS = 1e18; // 100% // PRECISION uint64 constant WAD = 1e18; // INTERVALS uint16 constant INTERVAL_TIME = 5 minutes; uint16 constant INTERVALS_PER_DAY = uint16(24 hours / INTERVAL_TIME); //UNIV3 uint24 constant POOL_FEE = 10_000; //1% int16 constant TICK_SPACING = 200; // Uniswap's tick spacing for 1% pools is 200 //LIQUIDITY CONFIG ///@dev The initial ETH amount needed to create liquidity pool uint96 constant INITIAL_ETH_FOR_LIQ = 1.53e18; ///@dev The intial LOTUS that pairs with WETH uint96 constant INITIAL_SHAO_FOR_LP = 1_888_888e18; uint32 constant WINNERS_PER_DRAW = 5;
// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
library Time {
///@notice The cut-off time in seconds from the start of the day for a day turnover, equivalent to 18 hours (64,800 seconds).
uint32 constant TURN_OVER_TIME = 64800;
///@notice The total number of seconds in a day.
uint32 constant SECONDS_PER_DAY = 86400;
/**
* @notice Returns the current block timestamp.
* @dev This function retrieves the timestamp using assembly for gas efficiency.
* @return ts The current block timestamp.
*/
function blockTs() internal view returns (uint32 ts) {
assembly {
ts := timestamp()
}
}
/**
* @notice Calculates the number of weeks passed since a given timestamp.
* @dev Uses assembly to retrieve the current timestamp and calculates the number of turnover time periods passed.
* @param t The starting timestamp.
* @return weeksPassed The number of weeks that have passed since the provided timestamp.
*/
function weekSince(uint32 t) internal view returns (uint32 weeksPassed) {
assembly {
let currentTime := timestamp()
let timeElapsed := sub(currentTime, t)
weeksPassed := div(timeElapsed, TURN_OVER_TIME)
}
}
/**
* @notice Calculates the number of full days between two timestamps.
* @dev Subtracts the start time from the end time and divides by the seconds per day.
* @param start The starting timestamp.
* @param end The ending timestamp.
* @return daysPassed The number of full days between the two timestamps.
*/
function dayGap(uint32 start, uint256 end) public pure returns (uint32 daysPassed) {
assembly {
daysPassed := div(sub(end, start), SECONDS_PER_DAY)
}
}
/**
* @notice Get the day count for a timestamp
* @param t The timestamp from which to get the timestamp
*/
function dayCountByT(uint32 t) public pure returns (uint32) {
// Adjust the timestamp to the cut-off time
uint32 adjustedTime = t - TURN_OVER_TIME;
// Calculate the number of days since Unix epoch
return adjustedTime / SECONDS_PER_DAY;
}
function weekDayByT(uint32 t) public pure returns (uint8 weekDay) {
assembly {
// Subtract 14 hours from the timestamp
let adjustedTimestamp := sub(t, TURN_OVER_TIME)
// Divide by the number of seconds in a day (86400)
let days := div(adjustedTimestamp, SECONDS_PER_DAY)
// Add 4 to align with weekday and calculate mod 7
let result := mod(add(days, 4), 7)
// Store result as uint8
weekDay := result
}
}
/**
* @notice Calculates the end of the day at 2 PM UTC based on a given timestamp.
* @dev Adjusts the provided timestamp by subtracting the turnover time, calculates the next day's timestamp at 2 PM UTC.
* @param t The starting timestamp.
* @return nextDayStartAt2PM The timestamp for the next day ending at 2 PM UTC.
*/
function getDayEnd(uint32 t) public pure returns (uint32 nextDayStartAt2PM) {
// Adjust the timestamp to the cutoff time (2 PM UTC)
uint32 adjustedTime = t - TURN_OVER_TIME;
// Calculate the number of days since Unix epoch
uint32 daysSinceEpoch = adjustedTime / SECONDS_PER_DAY;
// Calculate the start of the next day at 2 PM UTC
nextDayStartAt2PM = (daysSinceEpoch + 1) * SECONDS_PER_DAY + TURN_OVER_TIME;
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
contract Errors {
/// @notice Error thrown when an address is the zero address.
error Address0();
/// @notice Error thrown when an amount is zero.
error Amount0();
/// @notice Error thrown when an operation is attempted after the specified deadline.
error Expired();
/// @notice Error thrown when bytes32 is 0
error Bytes0();
/// @notice Error thrown when one value is greater than another.
/// @param a The first value that is greater than the second value.
/// @param b The second value which is smaller or equal to the first value.
error GreaterThan(uint256 a, uint256 b);
/**
* @notice Modifier to prevent operations with a zero amount.
* @dev Throws an `Amount0` error if the provided amount is zero.
* @param a The amount to be checked.
*/
modifier notAmount0(uint256 a) {
_notAmount0(a);
_;
}
/**
* @notice Modifier to ensure a function is called before a specified deadline.
* @dev Throws an `Expired` error if the current block timestamp exceeds the provided deadline.
* @param _deadline The deadline timestamp by which the function must be called.
*/
modifier notExpired(uint32 _deadline) {
_notExpired(_deadline);
_;
}
/**
* @notice Modifier to prevent operations with the zero address.
* @dev Throws an `Address0` error if the provided address is the zero address.
* @param a The address to be checked.
*/
modifier notAddress0(address a) {
_notAddress0(a);
_;
}
/**
* @notice Modifier to ensure the first value is not greater than the second value.
* @dev Throws a `GreaterThan` error if `b` is smaller than `a`.
* @param a The first value to be compared.
* @param b The second value to be compared.
*/
modifier notGt(uint256 a, uint256 b) {
_notGt(a, b);
_;
}
function _notAddress0(address a) internal pure {
require(a != address(0), Address0());
}
function _notAmount0(uint256 a) internal pure {
require(a != 0, Amount0());
}
function _notGt(uint256 a, uint256 b) internal pure {
require(b >= a, GreaterThan(a, b));
}
function _notExpired(uint32 _deadline) internal view {
require(block.timestamp <= _deadline, Expired());
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
import "@const/Constants.sol";
import {sqrt} from "@utils/Math.sol";
import {ShaolinStaking} from "./Staking.sol";
import {ShaolinBuyAndBurn} from "./BuyAndBurn.sol";
import {OracleLibrary} from "@libs/OracleLibrary.sol";
import {WBTCPoolFeeder} from "@core/WBTCPoolFeeder.sol";
import {ShaolinMining, MiningStats} from "./Mining.sol";
import {SwapActionParams} from "./actions/SwapActions.sol";
import {OFT} from "@layerzerolabs/oft-evm/contracts/OFT.sol";
import {LotusEdenBnBFeeder} from "@core/LotusEdenBnBFeeder.sol";
import {Ownable} from "@openzeppelin/contracts/access/Ownable2Step.sol";
import {IQuoter} from "@uniswap/v3-periphery/contracts/interfaces/IQuoter.sol";
import {PoolAddress} from "@uniswap/v3-periphery/contracts/libraries/PoolAddress.sol";
import {IUniswapV3Pool} from "@uniswap/v3-core/contracts/interfaces/IUniswapV3Pool.sol";
import {INonfungiblePositionManager} from "@uniswap/v3-periphery/contracts/interfaces/INonfungiblePositionManager.sol";
/**
* @title Shaolin
* @dev ERC20 token contract for Shaolin tokens.
*/
contract Shaolin is OFT {
address public immutable pool;
ShaolinMining public mining;
ShaolinStaking public staking;
ShaolinBuyAndBurn public buyAndBurn;
WBTCPoolFeeder public wbtcPoolFeeder;
LotusEdenBnBFeeder public lotusEdenBnBFeeder;
error Shaolin__OnlyMining();
error Shaolin__OnlyMigrator();
constructor(address _v3PositionManager, address _lzEndpoint, address _delegate, address _weth)
OFT("SHAO", "SHAO", _lzEndpoint, _delegate)
Ownable(msg.sender)
{
_mint(LIQUIDITY_BONDING, 33_333_340e18);
pool = _createUniswapV3Pool(_weth, _v3PositionManager);
}
//=======MODIFIERS=========//
modifier onlyMining() {
_onlyMining();
_;
}
function setBnB(ShaolinBuyAndBurn _bnb) external onlyOwner {
buyAndBurn = _bnb;
}
function setStaking(ShaolinStaking _staking) external onlyOwner {
staking = _staking;
}
function setMining(ShaolinMining _mining) external onlyOwner {
mining = _mining;
}
function setWBTCPoolFeeder(WBTCPoolFeeder _wbtcPoolFeeder) external onlyOwner {
wbtcPoolFeeder = _wbtcPoolFeeder;
}
function setLotusEdenBNBFeeder(LotusEdenBnBFeeder _lotusEdenBNBFeeder) external onlyOwner {
lotusEdenBnBFeeder = _lotusEdenBNBFeeder;
}
function emitShaolin(address _receiver, uint256 _amount) external onlyMining {
_mint(_receiver, _amount);
}
function burn(uint256 value) public virtual {
_burn(_msgSender(), value);
}
function burnFrom(address account, uint256 value) public virtual {
_spendAllowance(account, _msgSender(), value);
_burn(account, value);
}
function _createUniswapV3Pool(address _weth, address UNISWAP_V3_POSITION_MANAGER)
internal
returns (address _pool)
{
address _shao = address(this);
uint256 shaoAmount = INITIAL_SHAO_FOR_LP;
uint256 wethAmount = INITIAL_ETH_FOR_LIQ;
(address token0, address token1) = _shao < _weth ? (_shao, _weth) : (_weth, _shao);
(uint256 amount0, uint256 amount1) = token0 == _weth ? (wethAmount, shaoAmount) : (shaoAmount, wethAmount);
uint160 sqrtPX96 = uint160((sqrt((amount1 * 1e18) / amount0) * 2 ** 96) / 1e9);
INonfungiblePositionManager manager = INonfungiblePositionManager(UNISWAP_V3_POSITION_MANAGER);
_pool = manager.createAndInitializePoolIfNecessary(token0, token1, POOL_FEE, sqrtPX96);
IUniswapV3Pool(_pool).increaseObservationCardinalityNext(uint16(100));
}
function _onlyMining() internal view {
require(msg.sender == address(mining), Shaolin__OnlyMining());
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity 0.8.27;
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
/// @title Interface for WETH9
interface IWETH9 is IERC20 {
/// @notice Deposit ether to get wrapped ether
function deposit() external payable;
/// @notice Withdraw wrapped ether to get ether
function withdraw(uint256) external;
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
/* solhint-disable func-visibility, no-inline-assembly */
error Math__toInt256_overflow();
error Math__toUint64_overflow();
error Math__add_overflow_signed();
error Math__sub_overflow_signed();
error Math__mul_overflow_signed();
error Math__mul_overflow();
error Math__div_overflow();
uint256 constant WAD = 1e18;
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/SafeCastLib.sol#L367
function toInt256(uint256 x) pure returns (int256) {
if (x >= 1 << 255) revert Math__toInt256_overflow();
return int256(x);
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/SafeCastLib.sol#L53
function toUint64(uint256 x) pure returns (uint64) {
if (x >= 1 << 64) revert Math__toUint64_overflow();
return uint64(x);
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/FixedPointMathLib.sol#L602
function abs(int256 x) pure returns (uint256 z) {
assembly ("memory-safe") {
let mask := sub(0, shr(255, x))
z := xor(mask, add(mask, x))
}
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/FixedPointMathLib.sol#L620
function min(uint256 x, uint256 y) pure returns (uint256 z) {
assembly ("memory-safe") {
z := xor(x, mul(xor(x, y), lt(y, x)))
}
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/FixedPointMathLib.sol#L628
function min(int256 x, int256 y) pure returns (int256 z) {
assembly ("memory-safe") {
z := xor(x, mul(xor(x, y), slt(y, x)))
}
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/FixedPointMathLib.sol#L636
function max(uint256 x, uint256 y) pure returns (uint256 z) {
assembly ("memory-safe") {
z := xor(x, mul(xor(x, y), gt(y, x)))
}
}
/// @dev Taken from https://github.com/makerdao/dss/blob/fa4f6630afb0624d04a003e920b0d71a00331d98/src/vat.sol#L74
function add(uint256 x, int256 y) pure returns (uint256 z) {
assembly ("memory-safe") {
z := add(x, y)
}
if ((y > 0 && z < x) || (y < 0 && z > x)) {
revert Math__add_overflow_signed();
}
}
/// @dev Taken from https://github.com/makerdao/dss/blob/fa4f6630afb0624d04a003e920b0d71a00331d98/src/vat.sol#L79
function sub(uint256 x, uint256 y) pure returns (uint256 z) {
assembly ("memory-safe") {
z := sub(x, y)
}
if ((y > 0 && z > x) || (y < 0 && z < x)) {
revert Math__sub_overflow_signed();
}
}
/// @dev Taken from https://github.com/makerdao/dss/blob/fa4f6630afb0624d04a003e920b0d71a00331d98/src/vat.sol#L84
function mul(uint256 x, int256 y) pure returns (int256 z) {
unchecked {
z = int256(x) * y;
if (int256(x) < 0 || (y != 0 && z / y != int256(x))) {
revert Math__mul_overflow_signed();
}
}
}
/// @dev Equivalent to `(x * y) / WAD` rounded down.
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/FixedPointMathLib.sol#L54
function wmul(uint256 x, uint256 y) pure returns (uint256 z) {
assembly ("memory-safe") {
// Equivalent to `require(y == 0 || x <= type(uint256).max / y)`.
if mul(y, gt(x, div(not(0), y))) {
// Store the function selector of `Math__mul_overflow()`.
mstore(0x00, 0xc4c5d7f5)
// Revert with (offset, size).
revert(0x1c, 0x04)
}
z := div(mul(x, y), WAD)
}
}
function wmul(uint256 x, int256 y) pure returns (int256 z) {
unchecked {
z = mul(x, y) / int256(WAD);
}
}
/// @dev Equivalent to `(x * y) / WAD` rounded up.
/// @dev Taken from https://github.com/Vectorized/solady/blob/969a78905274b32cdb7907398c443f7ea212e4f4/src/utils/FixedPointMathLib.sol#L69C22-L69C22
function wmulUp(uint256 x, uint256 y) pure returns (uint256 z) {
/// @solidity memory-safe-assembly
assembly {
// Equivalent to `require(y == 0 || x <= type(uint256).max / y)`.
if mul(y, gt(x, div(not(0), y))) {
// Store the function selector of `Math__mul_overflow()`.
mstore(0x00, 0xc4c5d7f5)
// Revert with (offset, size).
revert(0x1c, 0x04)
}
z := add(iszero(iszero(mod(mul(x, y), WAD))), div(mul(x, y), WAD))
}
}
/// @dev Equivalent to `(x * WAD) / y` rounded down.
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/FixedPointMathLib.sol#L84
function wdiv(uint256 x, uint256 y) pure returns (uint256 z) {
assembly ("memory-safe") {
// Equivalent to `require(y != 0 && (WAD == 0 || x <= type(uint256).max / WAD))`.
if iszero(mul(y, iszero(mul(WAD, gt(x, div(not(0), WAD)))))) {
// Store the function selector of `Math__div_overflow()`.
mstore(0x00, 0xbcbede65)
// Revert with (offset, size).
revert(0x1c, 0x04)
}
z := div(mul(x, WAD), y)
}
}
/// @dev Equivalent to `(x * WAD) / y` rounded up.
/// @dev Taken from https://github.com/Vectorized/solady/blob/969a78905274b32cdb7907398c443f7ea212e4f4/src/utils/FixedPointMathLib.sol#L99
function wdivUp(uint256 x, uint256 y) pure returns (uint256 z) {
/// @solidity memory-safe-assembly
assembly {
// Equivalent to `require(y != 0 && (WAD == 0 || x <= type(uint256).max / WAD))`.
if iszero(mul(y, iszero(mul(WAD, gt(x, div(not(0), WAD)))))) {
// Store the function selector of `Math__div_overflow()`.
mstore(0x00, 0xbcbede65)
// Revert with (offset, size).
revert(0x1c, 0x04)
}
z := add(iszero(iszero(mod(mul(x, WAD), y))), div(mul(x, WAD), y))
}
}
/// @dev Taken from https://github.com/makerdao/dss/blob/fa4f6630afb0624d04a003e920b0d71a00331d98/src/jug.sol#L62
function wpow(uint256 x, uint256 n, uint256 b) pure returns (uint256 z) {
unchecked {
assembly ("memory-safe") {
switch n
case 0 { z := b }
default {
switch x
case 0 { z := 0 }
default {
switch mod(n, 2)
case 0 { z := b }
default { z := x }
let half := div(b, 2) // for rounding.
for { n := div(n, 2) } n { n := div(n, 2) } {
let xx := mul(x, x)
if shr(128, x) { revert(0, 0) }
let xxRound := add(xx, half)
if lt(xxRound, xx) { revert(0, 0) }
x := div(xxRound, b)
if mod(n, 2) {
let zx := mul(z, x)
if and(iszero(iszero(x)), iszero(eq(div(zx, x), z))) { revert(0, 0) }
let zxRound := add(zx, half)
if lt(zxRound, zx) { revert(0, 0) }
z := div(zxRound, b)
}
}
}
}
}
}
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/cde0a5fb594da8655ba6bfcdc2e40a7c870c0cc0/src/utils/FixedPointMathLib.sol#L110
/// @dev Equivalent to `x` to the power of `y`.
/// because `x ** y = (e ** ln(x)) ** y = e ** (ln(x) * y)`.
function wpow(int256 x, int256 y) pure returns (int256) {
// Using `ln(x)` means `x` must be greater than 0.
return wexp((wln(x) * y) / int256(WAD));
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/cde0a5fb594da8655ba6bfcdc2e40a7c870c0cc0/src/utils/FixedPointMathLib.sol#L116
/// @dev Returns `exp(x)`, denominated in `WAD`.
function wexp(int256 x) pure returns (int256 r) {
unchecked {
// When the result is < 0.5 we return zero. This happens when
// x <= floor(log(0.5e18) * 1e18) ~ -42e18
if (x <= -42139678854452767551) return r;
/// @solidity memory-safe-assembly
assembly {
// When the result is > (2**255 - 1) / 1e18 we can not represent it as an
// int. This happens when x >= floor(log((2**255 - 1) / 1e18) * 1e18) ~ 135.
if iszero(slt(x, 135305999368893231589)) {
mstore(0x00, 0xa37bfec9) // `ExpOverflow()`.
revert(0x1c, 0x04)
}
}
// x is now in the range (-42, 136) * 1e18. Convert to (-42, 136) * 2**96
// for more intermediate precision and a binary basis. This base conversion
// is a multiplication by 1e18 / 2**96 = 5**18 / 2**78.
x = (x << 78) / 5 ** 18;
// Reduce range of x to (-½ ln 2, ½ ln 2) * 2**96 by factoring out powers
// of two such that exp(x) = exp(x') * 2**k, where k is an integer.
// Solving this gives k = round(x / log(2)) and x' = x - k * log(2).
int256 k = ((x << 96) / 54916777467707473351141471128 + 2 ** 95) >> 96;
x = x - k * 54916777467707473351141471128;
// k is in the range [-61, 195].
// Evaluate using a (6, 7)-term rational approximation.
// p is made monic, we'll multiply by a scale factor later.
int256 y = x + 1346386616545796478920950773328;
y = ((y * x) >> 96) + 57155421227552351082224309758442;
int256 p = y + x - 94201549194550492254356042504812;
p = ((p * y) >> 96) + 28719021644029726153956944680412240;
p = p * x + (4385272521454847904659076985693276 << 96);
// We leave p in 2**192 basis so we don't need to scale it back up for the division.
int256 q = x - 2855989394907223263936484059900;
q = ((q * x) >> 96) + 50020603652535783019961831881945;
q = ((q * x) >> 96) - 533845033583426703283633433725380;
q = ((q * x) >> 96) + 3604857256930695427073651918091429;
q = ((q * x) >> 96) - 14423608567350463180887372962807573;
q = ((q * x) >> 96) + 26449188498355588339934803723976023;
/// @solidity memory-safe-assembly
assembly {
// Div in assembly because solidity adds a zero check despite the unchecked.
// The q polynomial won't have zeros in the domain as all its roots are complex.
// No scaling is necessary because p is already 2**96 too large.
r := sdiv(p, q)
}
// r should be in the range (0.09, 0.25) * 2**96.
// We now need to multiply r by:
// * the scale factor s = ~6.031367120.
// * the 2**k factor from the range reduction.
// * the 1e18 / 2**96 factor for base conversion.
// We do this all at once, with an intermediate result in 2**213
// basis, so the final right shift is always by a positive amount.
r = int256((uint256(r) * 3822833074963236453042738258902158003155416615667) >> uint256(195 - k));
}
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/cde0a5fb594da8655ba6bfcdc2e40a7c870c0cc0/src/utils/FixedPointMathLib.sol#L184
/// @dev Returns `ln(x)`, denominated in `WAD`.
function wln(int256 x) pure returns (int256 r) {
unchecked {
/// @solidity memory-safe-assembly
assembly {
if iszero(sgt(x, 0)) {
mstore(0x00, 0x1615e638) // `LnWadUndefined()`.
revert(0x1c, 0x04)
}
}
// We want to convert x from 10**18 fixed point to 2**96 fixed point.
// We do this by multiplying by 2**96 / 10**18. But since
// ln(x * C) = ln(x) + ln(C), we can simply do nothing here
// and add ln(2**96 / 10**18) at the end.
// Compute k = log2(x) - 96, t = 159 - k = 255 - log2(x) = 255 ^ log2(x).
int256 t;
/// @solidity memory-safe-assembly
assembly {
t := shl(7, lt(0xffffffffffffffffffffffffffffffff, x))
t := or(t, shl(6, lt(0xffffffffffffffff, shr(t, x))))
t := or(t, shl(5, lt(0xffffffff, shr(t, x))))
t := or(t, shl(4, lt(0xffff, shr(t, x))))
t := or(t, shl(3, lt(0xff, shr(t, x))))
// forgefmt: disable-next-item
t := xor(
t,
byte(
and(
0x1f,
shr(shr(t, x), 0x8421084210842108cc6318c6db6d54be)
),
0xf8f9f9faf9fdfafbf9fdfcfdfafbfcfef9fafdfafcfcfbfefafafcfbffffffff
)
)
}
// Reduce range of x to (1, 2) * 2**96
// ln(2^k * x) = k * ln(2) + ln(x)
x = int256(uint256(x << uint256(t)) >> 159);
// Evaluate using a (8, 8)-term rational approximation.
// p is made monic, we will multiply by a scale factor later.
int256 p = x + 3273285459638523848632254066296;
p = ((p * x) >> 96) + 24828157081833163892658089445524;
p = ((p * x) >> 96) + 43456485725739037958740375743393;
p = ((p * x) >> 96) - 11111509109440967052023855526967;
p = ((p * x) >> 96) - 45023709667254063763336534515857;
p = ((p * x) >> 96) - 14706773417378608786704636184526;
p = p * x - (795164235651350426258249787498 << 96);
// We leave p in 2**192 basis so we don't need to scale it back up for the division.
// q is monic by convention.
int256 q = x + 5573035233440673466300451813936;
q = ((q * x) >> 96) + 71694874799317883764090561454958;
q = ((q * x) >> 96) + 283447036172924575727196451306956;
q = ((q * x) >> 96) + 401686690394027663651624208769553;
q = ((q * x) >> 96) + 204048457590392012362485061816622;
q = ((q * x) >> 96) + 31853899698501571402653359427138;
q = ((q * x) >> 96) + 909429971244387300277376558375;
/// @solidity memory-safe-assembly
assembly {
// Div in assembly because solidity adds a zero check despite the unchecked.
// The q polynomial is known not to have zeros in the domain.
// No scaling required because p is already 2**96 too large.
r := sdiv(p, q)
}
// r is in the range (0, 0.125) * 2**96
// Finalization, we need to:
// * multiply by the scale factor s = 5.549…
// * add ln(2**96 / 10**18)
// * add k * ln(2)
// * multiply by 10**18 / 2**96 = 5**18 >> 78
// mul s * 5e18 * 2**96, base is now 5**18 * 2**192
r *= 1677202110996718588342820967067443963516166;
// add ln(2) * k * 5e18 * 2**192
r += 16597577552685614221487285958193947469193820559219878177908093499208371 * (159 - t);
// add ln(2**96 / 10**18) * 5e18 * 2**192
r += 600920179829731861736702779321621459595472258049074101567377883020018308;
// base conversion: mul 2**18 / 2**192
r >>= 174;
}
}
/// @dev Returns the square root of `x`, rounded down.
function sqrt(uint256 x) pure returns (uint256 z) {
/// @solidity memory-safe-assembly
assembly {
// `floor(sqrt(2**15)) = 181`. `sqrt(2**15) - 181 = 2.84`.
z := 181 // The "correct" value is 1, but this saves a multiplication later.
// This segment is to get a reasonable initial estimate for the Babylonian method. With a bad
// start, the correct # of bits increases ~linearly each iteration instead of ~quadratically.
// Let `y = x / 2**r`. We check `y >= 2**(k + 8)`
// but shift right by `k` bits to ensure that if `x >= 256`, then `y >= 256`.
let r := shl(7, lt(0xffffffffffffffffffffffffffffffffff, x))
r := or(r, shl(6, lt(0xffffffffffffffffff, shr(r, x))))
r := or(r, shl(5, lt(0xffffffffff, shr(r, x))))
r := or(r, shl(4, lt(0xffffff, shr(r, x))))
z := shl(shr(1, r), z)
// Goal was to get `z*z*y` within a small factor of `x`. More iterations could
// get y in a tighter range. Currently, we will have y in `[256, 256*(2**16))`.
// We ensured `y >= 256` so that the relative difference between `y` and `y+1` is small.
// That's not possible if `x < 256` but we can just verify those cases exhaustively.
// Now, `z*z*y <= x < z*z*(y+1)`, and `y <= 2**(16+8)`, and either `y >= 256`, or `x < 256`.
// Correctness can be checked exhaustively for `x < 256`, so we assume `y >= 256`.
// Then `z*sqrt(y)` is within `sqrt(257)/sqrt(256)` of `sqrt(x)`, or about 20bps.
// For `s` in the range `[1/256, 256]`, the estimate `f(s) = (181/1024) * (s+1)`
// is in the range `(1/2.84 * sqrt(s), 2.84 * sqrt(s))`,
// with largest error when `s = 1` and when `s = 256` or `1/256`.
// Since `y` is in `[256, 256*(2**16))`, let `a = y/65536`, so that `a` is in `[1/256, 256)`.
// Then we can estimate `sqrt(y)` using
// `sqrt(65536) * 181/1024 * (a + 1) = 181/4 * (y + 65536)/65536 = 181 * (y + 65536)/2**18`.
// There is no overflow risk here since `y < 2**136` after the first branch above.
z := shr(18, mul(z, add(shr(r, x), 65536))) // A `mul()` is saved from starting `z` at 181.
// Given the worst case multiplicative error of 2.84 above, 7 iterations should be enough.
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
// If `x+1` is a perfect square, the Babylonian method cycles between
// `floor(sqrt(x))` and `ceil(sqrt(x))`. This statement ensures we return floor.
// See: https://en.wikipedia.org/wiki/Integer_square_root#Using_only_integer_division
z := sub(z, lt(div(x, z), z))
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
import "@const/Constants.sol";
import {Errors} from "@utils/Errors.sol";
import {wmul, min} from "@utils/Math.sol";
import {PoolAddress} from "@libs/PoolAddress.sol";
import {OracleLibrary} from "@libs/OracleLibrary.sol";
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {Ownable2Step, Ownable} from "@openzeppelin/contracts/access/Ownable2Step.sol";
import {TickMath} from "@uniswap/v3-core/contracts/libraries/TickMath.sol";
import {ISwapRouter} from "@uniswap/v3-periphery/contracts/interfaces/ISwapRouter.sol";
/// @notice Struct representing slippage settings for a pool.
struct Slippage {
uint224 slippage; //< Slippage in WAD (scaled by 1e18)
uint32 twapLookback; //< TWAP lookback period in minutes (used as seconds in code)
}
struct SwapActionParams {
address _v3Router;
address _v3Factory;
address _owner;
}
/**
* @title SwapActions
* @notice A contract that facilitates token swapping on Uniswap V3 with slippage management.
* @dev Uses Uniswap V3 Router and Oracle libraries for swap actions and TWAP calculations.
*/
contract SwapActions is Ownable2Step, Errors {
/// @notice Address of the Uniswap V3 Router
address public immutable uniswapV3Router;
/// @notice Address of the Uniswap V3 Factory
address public immutable v3Factory;
/// @notice Address of the admin responsible for managing slippage
address public slippageAdmin;
/// @notice Mapping of pool addresses to their respective slippage settings
mapping(address pool => Slippage) public slippageConfigs;
/// @notice Thrown when an invalid slippage is provided
error SwapActions__InvalidSlippage();
/// @notice Thrown when a non-admin/non-owner attempts to perform slippage actions
error SwapActions__OnlySlippageAdmin();
/// @notice Thrown when an invalid TWA lookback is passed
error SwapActions__InvalidLookBack();
event SlippageAdminChanged(address indexed oldAdmin, address indexed newAdmin);
event SlippageConfigChanged(address indexed pool, uint224 indexed newSlippage, uint32 indexed newLookback);
/**
* @dev Ensures the caller is either the slippage admin or the contract owner.
*/
modifier onlySlippageAdminOrOwner() {
_onlySlippageAdminOrOwner();
_;
}
/**
* @param params The aprams to initialize the SwapAcitons contract.
*/
constructor(SwapActionParams memory params) Ownable(params._owner) {
uniswapV3Router = params._v3Router;
v3Factory = params._v3Factory;
slippageAdmin = params._owner;
}
/**
* @notice Change the address of the slippage admin.
* @param _new New slippage admin address.
* @dev Only callable by the contract owner.
*/
function changeSlippageAdmin(address _new) external notAddress0(_new) onlyOwner {
emit SlippageAdminChanged(slippageAdmin, _new);
slippageAdmin = _new;
}
/**
* @notice Change slippage configuration for a specific pool.
* @param pool Address of the Uniswap V3 pool.
* @param _newSlippage New slippage value (in WAD).
* @param _newLookBack New TWAP lookback period (in minutes).
* @dev Only callable by the slippage admin or the owner.
*/
function changeSlippageConfig(address pool, uint224 _newSlippage, uint32 _newLookBack)
external
notAmount0(_newLookBack)
onlySlippageAdminOrOwner
{
require(_newLookBack <= 20, SwapActions__InvalidLookBack());
require(_newSlippage <= WAD, SwapActions__InvalidSlippage());
emit SlippageConfigChanged(pool, _newSlippage, _newLookBack);
slippageConfigs[pool] = Slippage({slippage: _newSlippage, twapLookback: _newLookBack});
}
/**
* @notice Perform an exact input swap on Uniswap V3.
* @param tokenIn Address of the input token.
* @param tokenOut Address of the output token.
* @param tokenInAmount Amount of the input token to swap.
* @param minAmountOut Optional minimum amount out, if it's 0 it uses the twap
* @param deadline Deadline timestamp for the swap.
* @return amountReceived Amount of the output token received.
* @dev The function uses the TWAP (Time-Weighted Average Price) to ensure the swap is performed within slippage tolerance.
*/
function swapExactInput(
address tokenIn,
address tokenOut,
uint256 tokenInAmount,
uint256 minAmountOut,
uint24 poolTier,
uint32 deadline
) internal returns (uint256 amountReceived) {
IERC20(tokenIn).approve(uniswapV3Router, tokenInAmount);
bytes memory path = abi.encodePacked(tokenIn, poolTier, tokenOut);
(uint256 twapAmount, uint224 slippage) = getTwapAmount(tokenIn, tokenOut, poolTier, tokenInAmount);
uint256 minAmount = minAmountOut == 0 ? wmul(twapAmount, slippage) : minAmountOut;
ISwapRouter.ExactInputParams memory params = ISwapRouter.ExactInputParams({
path: path,
recipient: address(this),
deadline: deadline,
amountIn: tokenInAmount,
amountOutMinimum: minAmount
});
return ISwapRouter(uniswapV3Router).exactInput(params);
}
/**
* @notice Get the TWAP (Time-Weighted Average Price) and slippage for a given token pair.
* @param tokenIn Address of the input token.
* @param tokenOut Address of the output token.
* @param amount Amount of the input token.
* @return twapAmount The TWAP amount of the output token for the given input.
* @return slippage The slippage tolerance for the pool.
*/
function getTwapAmount(address tokenIn, address tokenOut, uint24 poolTier, uint256 amount)
public
view
returns (uint256 twapAmount, uint224 slippage)
{
address poolAddress = PoolAddress.computeAddress(v3Factory, PoolAddress.getPoolKey(tokenIn, tokenOut, poolTier));
Slippage memory slippageConfig = slippageConfigs[poolAddress];
if (slippageConfig.twapLookback == 0 && slippageConfig.slippage == 0) {
slippageConfig = Slippage({twapLookback: 15, slippage: WAD - 0.2e18});
}
uint32 secondsAgo = slippageConfig.twapLookback * 60;
uint32 oldestObservation = OracleLibrary.getOldestObservationSecondsAgo(poolAddress);
if (oldestObservation < secondsAgo) secondsAgo = oldestObservation;
(int24 arithmeticMeanTick,) = OracleLibrary.consult(poolAddress, secondsAgo);
uint160 sqrtPriceX96 = TickMath.getSqrtRatioAtTick(arithmeticMeanTick);
slippage = slippageConfig.slippage;
twapAmount = OracleLibrary.getQuoteForSqrtRatioX96(sqrtPriceX96, amount, tokenIn, tokenOut);
}
/**
* @dev Internal function to check if the caller is the slippage admin or contract owner.
*/
function _onlySlippageAdminOrOwner() private view {
require(msg.sender == slippageAdmin || msg.sender == owner(), SwapActions__OnlySlippageAdmin());
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/ERC721.sol)
pragma solidity ^0.8.20;
import {IERC721} from "./IERC721.sol";
import {IERC721Metadata} from "./extensions/IERC721Metadata.sol";
import {ERC721Utils} from "./utils/ERC721Utils.sol";
import {Context} from "../../utils/Context.sol";
import {Strings} from "../../utils/Strings.sol";
import {IERC165, ERC165} from "../../utils/introspection/ERC165.sol";
import {IERC721Errors} from "../../interfaces/draft-IERC6093.sol";
/**
* @dev Implementation of https://eips.ethereum.org/EIPS/eip-721[ERC-721] Non-Fungible Token Standard, including
* the Metadata extension, but not including the Enumerable extension, which is available separately as
* {ERC721Enumerable}.
*/
abstract contract ERC721 is Context, ERC165, IERC721, IERC721Metadata, IERC721Errors {
using Strings for uint256;
// Token name
string private _name;
// Token symbol
string private _symbol;
mapping(uint256 tokenId => address) private _owners;
mapping(address owner => uint256) private _balances;
mapping(uint256 tokenId => address) private _tokenApprovals;
mapping(address owner => mapping(address operator => bool)) private _operatorApprovals;
/**
* @dev Initializes the contract by setting a `name` and a `symbol` to the token collection.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual override(ERC165, IERC165) returns (bool) {
return
interfaceId == type(IERC721).interfaceId ||
interfaceId == type(IERC721Metadata).interfaceId ||
super.supportsInterface(interfaceId);
}
/**
* @dev See {IERC721-balanceOf}.
*/
function balanceOf(address owner) public view virtual returns (uint256) {
if (owner == address(0)) {
revert ERC721InvalidOwner(address(0));
}
return _balances[owner];
}
/**
* @dev See {IERC721-ownerOf}.
*/
function ownerOf(uint256 tokenId) public view virtual returns (address) {
return _requireOwned(tokenId);
}
/**
* @dev See {IERC721Metadata-name}.
*/
function name() public view virtual returns (string memory) {
return _name;
}
/**
* @dev See {IERC721Metadata-symbol}.
*/
function symbol() public view virtual returns (string memory) {
return _symbol;
}
/**
* @dev See {IERC721Metadata-tokenURI}.
*/
function tokenURI(uint256 tokenId) public view virtual returns (string memory) {
_requireOwned(tokenId);
string memory baseURI = _baseURI();
return bytes(baseURI).length > 0 ? string.concat(baseURI, tokenId.toString()) : "";
}
/**
* @dev Base URI for computing {tokenURI}. If set, the resulting URI for each
* token will be the concatenation of the `baseURI` and the `tokenId`. Empty
* by default, can be overridden in child contracts.
*/
function _baseURI() internal view virtual returns (string memory) {
return "";
}
/**
* @dev See {IERC721-approve}.
*/
function approve(address to, uint256 tokenId) public virtual {
_approve(to, tokenId, _msgSender());
}
/**
* @dev See {IERC721-getApproved}.
*/
function getApproved(uint256 tokenId) public view virtual returns (address) {
_requireOwned(tokenId);
return _getApproved(tokenId);
}
/**
* @dev See {IERC721-setApprovalForAll}.
*/
function setApprovalForAll(address operator, bool approved) public virtual {
_setApprovalForAll(_msgSender(), operator, approved);
}
/**
* @dev See {IERC721-isApprovedForAll}.
*/
function isApprovedForAll(address owner, address operator) public view virtual returns (bool) {
return _operatorApprovals[owner][operator];
}
/**
* @dev See {IERC721-transferFrom}.
*/
function transferFrom(address from, address to, uint256 tokenId) public virtual {
if (to == address(0)) {
revert ERC721InvalidReceiver(address(0));
}
// Setting an "auth" arguments enables the `_isAuthorized` check which verifies that the token exists
// (from != 0). Therefore, it is not needed to verify that the return value is not 0 here.
address previousOwner = _update(to, tokenId, _msgSender());
if (previousOwner != from) {
revert ERC721IncorrectOwner(from, tokenId, previousOwner);
}
}
/**
* @dev See {IERC721-safeTransferFrom}.
*/
function safeTransferFrom(address from, address to, uint256 tokenId) public {
safeTransferFrom(from, to, tokenId, "");
}
/**
* @dev See {IERC721-safeTransferFrom}.
*/
function safeTransferFrom(address from, address to, uint256 tokenId, bytes memory data) public virtual {
transferFrom(from, to, tokenId);
ERC721Utils.checkOnERC721Received(_msgSender(), from, to, tokenId, data);
}
/**
* @dev Returns the owner of the `tokenId`. Does NOT revert if token doesn't exist
*
* IMPORTANT: Any overrides to this function that add ownership of tokens not tracked by the
* core ERC-721 logic MUST be matched with the use of {_increaseBalance} to keep balances
* consistent with ownership. The invariant to preserve is that for any address `a` the value returned by
* `balanceOf(a)` must be equal to the number of tokens such that `_ownerOf(tokenId)` is `a`.
*/
function _ownerOf(uint256 tokenId) internal view virtual returns (address) {
return _owners[tokenId];
}
/**
* @dev Returns the approved address for `tokenId`. Returns 0 if `tokenId` is not minted.
*/
function _getApproved(uint256 tokenId) internal view virtual returns (address) {
return _tokenApprovals[tokenId];
}
/**
* @dev Returns whether `spender` is allowed to manage `owner`'s tokens, or `tokenId` in
* particular (ignoring whether it is owned by `owner`).
*
* WARNING: This function assumes that `owner` is the actual owner of `tokenId` and does not verify this
* assumption.
*/
function _isAuthorized(address owner, address spender, uint256 tokenId) internal view virtual returns (bool) {
return
spender != address(0) &&
(owner == spender || isApprovedForAll(owner, spender) || _getApproved(tokenId) == spender);
}
/**
* @dev Checks if `spender` can operate on `tokenId`, assuming the provided `owner` is the actual owner.
* Reverts if:
* - `spender` does not have approval from `owner` for `tokenId`.
* - `spender` does not have approval to manage all of `owner`'s assets.
*
* WARNING: This function assumes that `owner` is the actual owner of `tokenId` and does not verify this
* assumption.
*/
function _checkAuthorized(address owner, address spender, uint256 tokenId) internal view virtual {
if (!_isAuthorized(owner, spender, tokenId)) {
if (owner == address(0)) {
revert ERC721NonexistentToken(tokenId);
} else {
revert ERC721InsufficientApproval(spender, tokenId);
}
}
}
/**
* @dev Unsafe write access to the balances, used by extensions that "mint" tokens using an {ownerOf} override.
*
* NOTE: the value is limited to type(uint128).max. This protect against _balance overflow. It is unrealistic that
* a uint256 would ever overflow from increments when these increments are bounded to uint128 values.
*
* WARNING: Increasing an account's balance using this function tends to be paired with an override of the
* {_ownerOf} function to resolve the ownership of the corresponding tokens so that balances and ownership
* remain consistent with one another.
*/
function _increaseBalance(address account, uint128 value) internal virtual {
unchecked {
_balances[account] += value;
}
}
/**
* @dev Transfers `tokenId` from its current owner to `to`, or alternatively mints (or burns) if the current owner
* (or `to`) is the zero address. Returns the owner of the `tokenId` before the update.
*
* The `auth` argument is optional. If the value passed is non 0, then this function will check that
* `auth` is either the owner of the token, or approved to operate on the token (by the owner).
*
* Emits a {Transfer} event.
*
* NOTE: If overriding this function in a way that tracks balances, see also {_increaseBalance}.
*/
function _update(address to, uint256 tokenId, address auth) internal virtual returns (address) {
address from = _ownerOf(tokenId);
// Perform (optional) operator check
if (auth != address(0)) {
_checkAuthorized(from, auth, tokenId);
}
// Execute the update
if (from != address(0)) {
// Clear approval. No need to re-authorize or emit the Approval event
_approve(address(0), tokenId, address(0), false);
unchecked {
_balances[from] -= 1;
}
}
if (to != address(0)) {
unchecked {
_balances[to] += 1;
}
}
_owners[tokenId] = to;
emit Transfer(from, to, tokenId);
return from;
}
/**
* @dev Mints `tokenId` and transfers it to `to`.
*
* WARNING: Usage of this method is discouraged, use {_safeMint} whenever possible
*
* Requirements:
*
* - `tokenId` must not exist.
* - `to` cannot be the zero address.
*
* Emits a {Transfer} event.
*/
function _mint(address to, uint256 tokenId) internal {
if (to == address(0)) {
revert ERC721InvalidReceiver(address(0));
}
address previousOwner = _update(to, tokenId, address(0));
if (previousOwner != address(0)) {
revert ERC721InvalidSender(address(0));
}
}
/**
* @dev Mints `tokenId`, transfers it to `to` and checks for `to` acceptance.
*
* Requirements:
*
* - `tokenId` must not exist.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer.
*
* Emits a {Transfer} event.
*/
function _safeMint(address to, uint256 tokenId) internal {
_safeMint(to, tokenId, "");
}
/**
* @dev Same as {xref-ERC721-_safeMint-address-uint256-}[`_safeMint`], with an additional `data` parameter which is
* forwarded in {IERC721Receiver-onERC721Received} to contract recipients.
*/
function _safeMint(address to, uint256 tokenId, bytes memory data) internal virtual {
_mint(to, tokenId);
ERC721Utils.checkOnERC721Received(_msgSender(), address(0), to, tokenId, data);
}
/**
* @dev Destroys `tokenId`.
* The approval is cleared when the token is burned.
* This is an internal function that does not check if the sender is authorized to operate on the token.
*
* Requirements:
*
* - `tokenId` must exist.
*
* Emits a {Transfer} event.
*/
function _burn(uint256 tokenId) internal {
address previousOwner = _update(address(0), tokenId, address(0));
if (previousOwner == address(0)) {
revert ERC721NonexistentToken(tokenId);
}
}
/**
* @dev Transfers `tokenId` from `from` to `to`.
* As opposed to {transferFrom}, this imposes no restrictions on msg.sender.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - `tokenId` token must be owned by `from`.
*
* Emits a {Transfer} event.
*/
function _transfer(address from, address to, uint256 tokenId) internal {
if (to == address(0)) {
revert ERC721InvalidReceiver(address(0));
}
address previousOwner = _update(to, tokenId, address(0));
if (previousOwner == address(0)) {
revert ERC721NonexistentToken(tokenId);
} else if (previousOwner != from) {
revert ERC721IncorrectOwner(from, tokenId, previousOwner);
}
}
/**
* @dev Safely transfers `tokenId` token from `from` to `to`, checking that contract recipients
* are aware of the ERC-721 standard to prevent tokens from being forever locked.
*
* `data` is additional data, it has no specified format and it is sent in call to `to`.
*
* This internal function is like {safeTransferFrom} in the sense that it invokes
* {IERC721Receiver-onERC721Received} on the receiver, and can be used to e.g.
* implement alternative mechanisms to perform token transfer, such as signature-based.
*
* Requirements:
*
* - `tokenId` token must exist and be owned by `from`.
* - `to` cannot be the zero address.
* - `from` cannot be the zero address.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer.
*
* Emits a {Transfer} event.
*/
function _safeTransfer(address from, address to, uint256 tokenId) internal {
_safeTransfer(from, to, tokenId, "");
}
/**
* @dev Same as {xref-ERC721-_safeTransfer-address-address-uint256-}[`_safeTransfer`], with an additional `data` parameter which is
* forwarded in {IERC721Receiver-onERC721Received} to contract recipients.
*/
function _safeTransfer(address from, address to, uint256 tokenId, bytes memory data) internal virtual {
_transfer(from, to, tokenId);
ERC721Utils.checkOnERC721Received(_msgSender(), from, to, tokenId, data);
}
/**
* @dev Approve `to` to operate on `tokenId`
*
* The `auth` argument is optional. If the value passed is non 0, then this function will check that `auth` is
* either the owner of the token, or approved to operate on all tokens held by this owner.
*
* Emits an {Approval} event.
*
* Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
*/
function _approve(address to, uint256 tokenId, address auth) internal {
_approve(to, tokenId, auth, true);
}
/**
* @dev Variant of `_approve` with an optional flag to enable or disable the {Approval} event. The event is not
* emitted in the context of transfers.
*/
function _approve(address to, uint256 tokenId, address auth, bool emitEvent) internal virtual {
// Avoid reading the owner unless necessary
if (emitEvent || auth != address(0)) {
address owner = _requireOwned(tokenId);
// We do not use _isAuthorized because single-token approvals should not be able to call approve
if (auth != address(0) && owner != auth && !isApprovedForAll(owner, auth)) {
revert ERC721InvalidApprover(auth);
}
if (emitEvent) {
emit Approval(owner, to, tokenId);
}
}
_tokenApprovals[tokenId] = to;
}
/**
* @dev Approve `operator` to operate on all of `owner` tokens
*
* Requirements:
* - operator can't be the address zero.
*
* Emits an {ApprovalForAll} event.
*/
function _setApprovalForAll(address owner, address operator, bool approved) internal virtual {
if (operator == address(0)) {
revert ERC721InvalidOperator(operator);
}
_operatorApprovals[owner][operator] = approved;
emit ApprovalForAll(owner, operator, approved);
}
/**
* @dev Reverts if the `tokenId` doesn't have a current owner (it hasn't been minted, or it has been burned).
* Returns the owner.
*
* Overrides to ownership logic should be done to {_ownerOf}.
*/
function _requireOwned(uint256 tokenId) internal view returns (address) {
address owner = _ownerOf(tokenId);
if (owner == address(0)) {
revert ERC721NonexistentToken(tokenId);
}
return owner;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
import {IERC1363} from "../../../interfaces/IERC1363.sol";
import {Address} from "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC-20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
/**
* @dev An operation with an ERC-20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*
* NOTE: If the token implements ERC-7674, this function will not modify any temporary allowance. This function
* only sets the "standard" allowance. Any temporary allowance will remain active, in addition to the value being
* set here.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value));
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeCall(token.approve, (spender, 0)));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Performs an {ERC1363} transferAndCall, with a fallback to the simple {ERC20} transfer if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
safeTransfer(token, to, value);
} else if (!token.transferAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} transferFromAndCall, with a fallback to the simple {ERC20} transferFrom if the target
* has no code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferFromAndCallRelaxed(
IERC1363 token,
address from,
address to,
uint256 value,
bytes memory data
) internal {
if (to.code.length == 0) {
safeTransferFrom(token, from, to, value);
} else if (!token.transferFromAndCall(from, to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} approveAndCall, with a fallback to the simple {ERC20} approve if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* NOTE: When the recipient address (`to`) has no code (i.e. is an EOA), this function behaves as {forceApprove}.
* Opposedly, when the recipient address (`to`) has code, this function only attempts to call {ERC1363-approveAndCall}
* once without retrying, and relies on the returned value to be true.
*
* Reverts if the returned value is other than `true`.
*/
function approveAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
forceApprove(token, to, value);
} else if (!token.approveAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturnBool} that reverts if call fails to meet the requirements.
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
uint256 returnSize;
uint256 returnValue;
assembly ("memory-safe") {
let success := call(gas(), token, 0, add(data, 0x20), mload(data), 0, 0x20)
// bubble errors
if iszero(success) {
let ptr := mload(0x40)
returndatacopy(ptr, 0, returndatasize())
revert(ptr, returndatasize())
}
returnSize := returndatasize()
returnValue := mload(0)
}
if (returnSize == 0 ? address(token).code.length == 0 : returnValue != 1) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silently catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
bool success;
uint256 returnSize;
uint256 returnValue;
assembly ("memory-safe") {
success := call(gas(), token, 0, add(data, 0x20), mload(data), 0, 0x20)
returnSize := returndatasize()
returnValue := mload(0)
}
return success && (returnSize == 0 ? address(token).code.length > 0 : returnValue == 1);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/ERC20Burnable.sol)
pragma solidity ^0.8.20;
import {ERC20} from "../ERC20.sol";
import {Context} from "../../../utils/Context.sol";
/**
* @dev Extension of {ERC20} that allows token holders to destroy both their own
* tokens and those that they have an allowance for, in a way that can be
* recognized off-chain (via event analysis).
*/
abstract contract ERC20Burnable is Context, ERC20 {
/**
* @dev Destroys a `value` amount of tokens from the caller.
*
* See {ERC20-_burn}.
*/
function burn(uint256 value) public virtual {
_burn(_msgSender(), value);
}
/**
* @dev Destroys a `value` amount of tokens from `account`, deducting from
* the caller's allowance.
*
* See {ERC20-_burn} and {ERC20-allowance}.
*
* Requirements:
*
* - the caller must have allowance for ``accounts``'s tokens of at least
* `value`.
*/
function burnFrom(address account, uint256 value) public virtual {
_spendAllowance(account, _msgSender(), value);
_burn(account, value);
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
import "@const/Constants.sol";
import {Shaolin} from "@core/Shaolin.sol";
import {Time} from "@utils/Time.sol";
import {wmul, min} from "@utils/Math.sol";
import {IWETH9} from "@interfaces/IWETH9.sol";
import {SwapActions, SwapActionParams} from "@actions/SwapActions.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {ERC20Burnable} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";
/**
* @title ShaolinBuyAndBurn
* @notice This contract handles the buying and burning of SHAO tokens using Uniswap V3 pools.
*/
contract ShaolinBuyAndBurn is SwapActions {
using SafeERC20 for *;
/// @notice Struct to represent intervals for burning
struct Interval {
uint256 amountAllocated;
uint256 amountBurned;
}
///@notice The startTimestamp
uint32 public immutable startTimeStamp;
IWETH9 public immutable weth;
Shaolin public immutable shaolin;
/// @notice Timestamp of the last burn call
uint32 public lastBurnedIntervalStartTimestamp;
/// @notice Total amount of SHAO tokens burnt
uint256 public totalShaolinBurnt;
/// @notice The last burned interval
uint256 public lastBurnedInterval;
/// @notice Maximum amount of weth to be swapped and then burned
uint256 public swapCap;
/// @notice Mapping from interval number to Interval struct
mapping(uint32 interval => Interval) public intervals;
/// @notice Last interval number
uint32 public lastIntervalNumber;
/// @notice Total WETH tokens distributed
uint256 public totalWETHDistributed;
/// @notice That last snapshot timestamp
uint32 lastSnapshot;
/// @notice Event emitted when tokens are bought and burnt
event BuyAndBurn(uint256 indexed wethAmount, uint256 indexed shaolinBurnt, address indexed caller);
error NotStartedYet();
error IntervalAlreadyBurned();
error OnlyEOA();
constructor(uint32 startTimestamp, address _weth, address _shaolin, SwapActionParams memory _params)
SwapActions(_params)
{
startTimeStamp = startTimestamp;
shaolin = Shaolin(_shaolin);
weth = IWETH9(_weth);
swapCap = type(uint256).max;
}
/// @notice Updates the contract state for intervals
modifier intervalUpdate() {
_intervalUpdate();
_;
}
function setSwapCap(uint256 _newCap) external onlySlippageAdminOrOwner {
swapCap = _newCap == 0 ? type(uint256).max : _newCap;
}
function getCurrentInterval()
public
view
returns (
uint32 _lastInterval,
uint256 _amountAllocated,
uint32 _missedIntervals,
uint32 _lastIntervalStartTimestamp,
uint256 beforeCurrday,
bool updated
)
{
uint32 startPoint = lastBurnedIntervalStartTimestamp == 0 ? startTimeStamp : lastBurnedIntervalStartTimestamp;
uint32 timeElapseSinceLastBurn = Time.blockTs() - startPoint;
if (lastBurnedIntervalStartTimestamp == 0 || timeElapseSinceLastBurn > INTERVAL_TIME) {
(_lastInterval, _amountAllocated, _missedIntervals, beforeCurrday) =
_calculateIntervals(timeElapseSinceLastBurn);
_lastIntervalStartTimestamp = startPoint;
_missedIntervals += timeElapseSinceLastBurn > INTERVAL_TIME && lastBurnedIntervalStartTimestamp != 0 ? 1 : 0;
updated = true;
}
}
/**
* @notice Swaps WETH for SHAO and burns the SHAO tokens
* @param _deadline The deadline for which the passes should pass
*/
function swapWETHForShaolinAndBurn(uint32 _deadline) external intervalUpdate notExpired(_deadline) {
require(msg.sender == tx.origin, OnlyEOA());
Interval storage currInterval = intervals[lastIntervalNumber];
require(currInterval.amountBurned == 0, IntervalAlreadyBurned());
if (currInterval.amountAllocated > swapCap) currInterval.amountAllocated = swapCap;
currInterval.amountBurned = currInterval.amountAllocated;
uint256 incentive = wmul(currInterval.amountAllocated, INCENTIVE_FEE);
uint256 wethToSwapAndBurn = currInterval.amountAllocated - incentive;
uint256 shaolinAmount =
swapExactInput(address(weth), address(shaolin), wethToSwapAndBurn, 0, POOL_FEE, _deadline);
burnShaolin();
weth.safeTransfer(msg.sender, incentive);
lastBurnedInterval = lastIntervalNumber;
emit BuyAndBurn(wethToSwapAndBurn, shaolinAmount, msg.sender);
}
/// @notice Burns SHAO tokens held by the contract
function burnShaolin() public {
uint256 shaolinToBurn = shaolin.balanceOf(address(this));
totalShaolinBurnt = totalShaolinBurnt + shaolinToBurn;
shaolin.burn(shaolinToBurn);
}
/**
* @notice Distributes WETH tokens for burning
* @param _amount The amount of WETH tokens
*/
function distributeWETHForBurning(uint256 _amount) external notAmount0(_amount) {
///@dev - If there are some missed intervals update the accumulated allocation before depositing new weth
weth.safeTransferFrom(msg.sender, address(this), _amount);
if (Time.blockTs() > startTimeStamp && Time.blockTs() - lastBurnedIntervalStartTimestamp > INTERVAL_TIME) {
_intervalUpdate();
}
}
function getDailyWETHAllocation(uint32 t) public pure returns (uint256 dailyWadAllocation) {
uint8 weekDay = Time.weekDayByT(t);
dailyWadAllocation = weekDay == 0 || weekDay == 6 ? 0.08e18 : 0.04e18;
}
function _calculateIntervals(uint256 timeElapsedSince)
internal
view
returns (
uint32 _lastIntervalNumber,
uint256 _totalAmountForInterval,
uint32 missedIntervals,
uint256 beforeCurrDay
)
{
missedIntervals = _calculateMissedIntervals(timeElapsedSince);
_lastIntervalNumber = lastIntervalNumber + missedIntervals + 1;
uint32 currentDay = Time.dayGap(startTimeStamp, uint32(block.timestamp));
uint32 dayOfLastInterval = lastBurnedIntervalStartTimestamp == 0
? currentDay
: Time.dayGap(startTimeStamp, lastBurnedIntervalStartTimestamp);
if (currentDay == dayOfLastInterval) {
uint256 dailyAllocation = wmul(totalWETHDistributed, getDailyWETHAllocation(Time.blockTs()));
_totalAmountForInterval = (dailyAllocation * (missedIntervals + 1)) / INTERVALS_PER_DAY;
} else {
uint32 _lastBurnedIntervalStartTimestamp = lastBurnedIntervalStartTimestamp;
uint32 theEndOfTheDay = Time.getDayEnd(_lastBurnedIntervalStartTimestamp);
uint256 balanceOf = weth.balanceOf(address(this));
while (currentDay >= dayOfLastInterval) {
uint32 end = uint32(Time.blockTs() < theEndOfTheDay ? Time.blockTs() : theEndOfTheDay - 1);
uint32 accumulatedIntervalsForTheDay = (end - _lastBurnedIntervalStartTimestamp) / INTERVAL_TIME;
uint256 diff = balanceOf > _totalAmountForInterval ? balanceOf - _totalAmountForInterval : 0;
//@note - If the day we are looping over the same day as the last interval's use the cached allocation, otherwise use the current balance
uint256 forAllocation = Time.dayGap(startTimeStamp, lastBurnedIntervalStartTimestamp)
== dayOfLastInterval
? totalWETHDistributed
: balanceOf >= _totalAmountForInterval + wmul(diff, getDailyWETHAllocation(end)) ? diff : 0;
uint256 dailyAllocation = wmul(forAllocation, getDailyWETHAllocation(end));
///@notice -> minus INTERVAL_TIME minutes since, at the end of the day the new epoch with new allocation
_lastBurnedIntervalStartTimestamp = theEndOfTheDay - INTERVAL_TIME;
///@notice -> plus INTERVAL_TIME minutes to flip into the next day
theEndOfTheDay = Time.getDayEnd(_lastBurnedIntervalStartTimestamp + INTERVAL_TIME);
if (dayOfLastInterval == currentDay) beforeCurrDay = _totalAmountForInterval;
_totalAmountForInterval +=
uint256((dailyAllocation * accumulatedIntervalsForTheDay) / INTERVALS_PER_DAY);
dayOfLastInterval++;
}
}
Interval memory prevInt = intervals[lastIntervalNumber];
//@note - If the last interval was only updated, but not burned add its allocation to the next one.
uint256 additional = prevInt.amountBurned == 0 ? prevInt.amountAllocated : 0;
if (_totalAmountForInterval + additional > weth.balanceOf(address(this))) {
_totalAmountForInterval = uint256(weth.balanceOf(address(this)));
} else {
_totalAmountForInterval += additional;
}
}
function _calculateMissedIntervals(uint256 timeElapsedSince) internal view returns (uint32 _missedIntervals) {
_missedIntervals = uint32(timeElapsedSince / INTERVAL_TIME);
if (lastBurnedIntervalStartTimestamp != 0) _missedIntervals--;
}
function _updateSnapshot(uint256 deltaAmount) internal {
if (Time.blockTs() < startTimeStamp || lastSnapshot + 24 hours > Time.blockTs()) return;
uint32 timeElapsed = Time.blockTs() - startTimeStamp;
uint32 snapshots = timeElapsed / 24 hours;
uint256 balance = weth.balanceOf(address(this));
totalWETHDistributed = deltaAmount > balance ? 0 : balance - deltaAmount;
lastSnapshot = startTimeStamp + (snapshots * 24 hours);
}
/// @notice Updates the contract state for intervals
function _intervalUpdate() private {
require(Time.blockTs() >= startTimeStamp, NotStartedYet());
if (lastSnapshot == 0) _updateSnapshot(0);
(
uint32 _lastInterval,
uint256 _amountAllocated,
uint32 _missedIntervals,
uint32 _lastIntervalStartTimestamp,
uint256 beforeCurrentDay,
bool updated
) = getCurrentInterval();
_updateSnapshot(beforeCurrentDay);
if (updated) {
lastBurnedIntervalStartTimestamp = _lastIntervalStartTimestamp + (uint32(_missedIntervals) * INTERVAL_TIME);
intervals[_lastInterval] = Interval({amountAllocated: _amountAllocated, amountBurned: 0});
lastIntervalNumber = _lastInterval;
}
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
import {Math} from "@openzeppelin/contracts/utils/math/Math.sol";
import {IUniswapV3Pool} from "@uniswap/v3-core/contracts/interfaces/IUniswapV3Pool.sol";
/**
* @notice Adapted Uniswap V3 OracleLibrary computation to be compliant with Solidity 0.8.x and later.
*
* Documentation for Auditors:
*
* Solidity Version: Updated the Solidity version pragma to ^0.8.0. This change ensures compatibility
* with Solidity version 0.8.x.
*
* Safe Arithmetic Operations: Solidity 0.8.x automatically checks for arithmetic overflows/underflows.
* Therefore, the code no longer needs to use SafeMath library (or similar) for basic arithmetic operations.
* This change simplifies the code and reduces the potential for errors related to manual overflow/underflow checking.
*
* Overflow/Underflow: With the introduction of automatic overflow/underflow checks in Solidity 0.8.x, the code is inherently
* safer and less prone to certain types of arithmetic errors.
*
* Removal of SafeMath Library: Since Solidity 0.8.x handles arithmetic operations safely, the use of SafeMath library
* is omitted in this update.
*
* Git-style diff for the `consult` function:
*
* ```diff
* function consult(address pool, uint32 secondsAgo)
* internal
* view
* returns (int24 arithmeticMeanTick, uint128 harmonicMeanLiquidity)
* {
* require(secondsAgo != 0, 'BP');
*
* uint32[] memory secondsAgos = new uint32[](2);
* secondsAgos[0] = secondsAgo;
* secondsAgos[1] = 0;
*
* (int56[] memory tickCumulatives, uint160[] memory secondsPerLiquidityCumulativeX128s) =
* IUniswapV3Pool(pool).observe(secondsAgos);
*
* int56 tickCumulativesDelta = tickCumulatives[1] - tickCumulatives[0];
* uint160 secondsPerLiquidityCumulativesDelta =
* secondsPerLiquidityCumulativeX128s[1] - secondsPerLiquidityCumulativeX128s[0];
*
* - arithmeticMeanTick = int24(tickCumulativesDelta / secondsAgo);
* + int56 secondsAgoInt56 = int56(uint56(secondsAgo));
* + arithmeticMeanTick = int24(tickCumulativesDelta / secondsAgoInt56);
* // Always round to negative infinity
* - if (tickCumulativesDelta < 0 && (tickCumulativesDelta % secondsAgo != 0)) arithmeticMeanTick--;
* + if (tickCumulativesDelta < 0 && (tickCumulativesDelta % secondsAgoInt56 != 0)) arithmeticMeanTick--;
*
* - uint192 secondsAgoX160 = uint192(secondsAgo) * type(uint160).max;
* + uint192 secondsAgoUint192 = uint192(secondsAgo);
* + uint192 secondsAgoX160 = secondsAgoUint192 * type(uint160).max;
* harmonicMeanLiquidity = uint128(secondsAgoX160 / (uint192(secondsPerLiquidityCumulativesDelta) << 32));
* }
* ```
*/
/// @title Oracle library
/// @notice Provides functions to integrate with V3 pool oracle
library OracleLibrary {
/// @notice Calculates time-weighted means of tick and liquidity for a given Uniswap V3 pool
/// @param pool Address of the pool that we want to observe
/// @param secondsAgo Number of seconds in the past from which to calculate the time-weighted means
/// @return arithmeticMeanTick The arithmetic mean tick from (block.timestamp - secondsAgo) to block.timestamp
/// @return harmonicMeanLiquidity The harmonic mean liquidity from (block.timestamp - secondsAgo) to block.timestamp
function consult(address pool, uint32 secondsAgo)
internal
view
returns (int24 arithmeticMeanTick, uint128 harmonicMeanLiquidity)
{
require(secondsAgo != 0, "BP");
uint32[] memory secondsAgos = new uint32[](2);
secondsAgos[0] = secondsAgo;
secondsAgos[1] = 0;
(int56[] memory tickCumulatives, uint160[] memory secondsPerLiquidityCumulativeX128s) =
IUniswapV3Pool(pool).observe(secondsAgos);
int56 tickCumulativesDelta = tickCumulatives[1] - tickCumulatives[0];
uint160 secondsPerLiquidityCumulativesDelta;
unchecked {
secondsPerLiquidityCumulativesDelta =
secondsPerLiquidityCumulativeX128s[1] - secondsPerLiquidityCumulativeX128s[0];
}
// Safe casting of secondsAgo to int56 for division
int56 secondsAgoInt56 = int56(uint56(secondsAgo));
arithmeticMeanTick = int24(tickCumulativesDelta / secondsAgoInt56);
// Always round to negative infinity
if (tickCumulativesDelta < 0 && (tickCumulativesDelta % secondsAgoInt56 != 0)) arithmeticMeanTick--;
// Safe casting of secondsAgo to uint192 for multiplication
uint192 secondsAgoUint192 = uint192(secondsAgo);
harmonicMeanLiquidity = uint128(
(secondsAgoUint192 * uint192(type(uint160).max)) / (uint192(secondsPerLiquidityCumulativesDelta) << 32)
);
}
/// @notice Given a pool, it returns the number of seconds ago of the oldest stored observation
/// @param pool Address of Uniswap V3 pool that we want to observe
/// @return secondsAgo The number of seconds ago of the oldest observation stored for the pool
function getOldestObservationSecondsAgo(address pool) internal view returns (uint32 secondsAgo) {
(,, uint16 observationIndex, uint16 observationCardinality,,,) = IUniswapV3Pool(pool).slot0();
require(observationCardinality > 0, "NI");
(uint32 observationTimestamp,,, bool initialized) =
IUniswapV3Pool(pool).observations((observationIndex + 1) % observationCardinality);
// The next index might not be initialized if the cardinality is in the process of increasing
// In this case the oldest observation is always in index 0
if (!initialized) {
(observationTimestamp,,,) = IUniswapV3Pool(pool).observations(0);
}
secondsAgo = uint32(block.timestamp) - observationTimestamp;
}
/// @notice Given a tick and a token amount, calculates the amount of token received in exchange
/// a slightly modified version of the UniSwap library getQuoteAtTick to accept a sqrtRatioX96 as input parameter
/// @param sqrtRatioX96 The sqrt ration
/// @param baseAmount Amount of token to be converted
/// @param baseToken Address of an ERC20 token contract used as the baseAmount denomination
/// @param quoteToken Address of an ERC20 token contract used as the quoteAmount denomination
/// @return quoteAmount Amount of quoteToken received for baseAmount of baseToken
function getQuoteForSqrtRatioX96(uint160 sqrtRatioX96, uint256 baseAmount, address baseToken, address quoteToken)
internal
pure
returns (uint256 quoteAmount)
{
// Calculate quoteAmount with better precision if it doesn't overflow when multiplied by itself
if (sqrtRatioX96 <= type(uint128).max) {
uint256 ratioX192 = uint256(sqrtRatioX96) ** 2;
quoteAmount = baseToken < quoteToken
? Math.mulDiv(ratioX192, baseAmount, 1 << 192)
: Math.mulDiv(1 << 192, baseAmount, ratioX192);
} else {
uint256 ratioX128 = Math.mulDiv(sqrtRatioX96, sqrtRatioX96, 1 << 64);
quoteAmount = baseToken < quoteToken
? Math.mulDiv(ratioX128, baseAmount, 1 << 128)
: Math.mulDiv(1 << 128, baseAmount, ratioX128);
}
}
}// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.27;
import "@actions/SwapActions.sol";
import {wmul} from "@utils/Math.sol";
import {Time} from "@utils/Time.sol";
import {WBTCPool} from "@core/pools/WBTCPool.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
contract WBTCPoolFeeder is SwapActions {
using SafeERC20 for *;
//=============STRUCTS============//
/// @notice Struct to represent intervals for burning
struct Interval {
uint256 amountAllocated;
uint256 amountBurned;
}
//===========IMMUTABLE===========//
///@notice The startTimestamp
uint32 public immutable startTimeStamp;
IERC20 immutable weth;
WBTCPool immutable wbtcPool;
IERC20 immutable wbtc;
//===========STATE===========//
/// @notice Timestamp of the last burn call
uint32 public lastBurnedIntervalStartTimestamp;
/// @notice Last interval number
uint32 public lastIntervalNumber;
/// @notice Last burned interval
uint32 public lastBurnedInterval;
/// @notice That last snapshot timestamp
uint32 public lastSnapshot;
///@notice WETH Swap cap
uint256 public swapCap;
/// @notice Mapping from interval number to Interval struct
mapping(uint32 interval => Interval) public intervals;
/// @notice Total WETH tokens distributed
uint256 public totalWETHDistributed;
uint256 public toDistribute;
//===========EVENTS===========//
/// @notice Event emitted when tokens are bought and burnt
event BuyAndBurn(uint256 indexed wbtcAmount, uint256 indexed vyperReceived, address indexed caller);
//===========ERRORS===========//
/// @notice Error when the contract has not started yet
error NotStartedYet();
/// @notice Error when interval has already been burned
error IntervalAlreadyBurned();
error MustStartAt5PMUTC();
error BuyAndBurn__OnlyEOA();
//========CONSTRUCTOR========//
/// @notice Constructor initializes the contract
constructor(
uint32 _startTimestamp,
address _weth,
address _wbtc,
address _wbtcPool,
SwapActionParams memory _params
) SwapActions(_params) {
swapCap = type(uint256).max;
wbtcPool = WBTCPool(_wbtcPool);
weth = IERC20(_weth);
wbtc = IERC20(_wbtc);
startTimeStamp = _startTimestamp;
}
//========MODIFIERS=======//
/// @notice Updates the contract state for intervals
modifier intervalUpdate() {
_intervalUpdate();
_;
}
//==========================//
//==========PUBLIC==========//
//==========================//
function changeSwapCap(uint256 _newSwapCap) external onlySlippageAdminOrOwner {
swapCap = _newSwapCap == 0 ? type(uint256).max : _newSwapCap;
}
/**
* @notice Swaps WETH for WBTC and sends to WBTC Pools
* @param _deadline The deadline for which the passes should pass
*/
function swapWETHToWBTCAndDistribute(uint32 _deadline) external intervalUpdate {
if (msg.sender != tx.origin) revert BuyAndBurn__OnlyEOA();
Interval storage currInterval = intervals[lastIntervalNumber];
if (currInterval.amountBurned != 0) revert IntervalAlreadyBurned();
_updateSnapshot();
if (currInterval.amountAllocated > swapCap) {
uint256 difference = currInterval.amountAllocated - swapCap;
//@note - Add the difference for the next day
toDistribute += difference;
currInterval.amountAllocated = swapCap;
}
uint256 incentive = wmul(currInterval.amountAllocated, INCENTIVE_FEE);
currInterval.amountBurned = currInterval.amountAllocated;
uint256 wbtcAmount =
swapExactInput(address(weth), address(wbtc), currInterval.amountAllocated - incentive, 0, 500, _deadline);
weth.safeTransfer(msg.sender, incentive);
wbtc.approve(address(wbtcPool), wbtcAmount);
wbtcPool.distribute(wbtcAmount);
lastBurnedInterval = lastIntervalNumber;
emit BuyAndBurn(currInterval.amountAllocated - incentive, wbtcAmount, msg.sender);
}
/**
* @notice Distributes WETH tokens for burning
* @param _amount The amount of WETH tokens
*/
function distributeWETH(uint256 _amount) external notAmount0(_amount) {
///@dev - If there are some missed intervals update the accumulated allocation before depositing new WETH
if (Time.blockTs() > startTimeStamp && Time.blockTs() - lastBurnedIntervalStartTimestamp > INTERVAL_TIME) {
_intervalUpdate();
}
weth.safeTransferFrom(msg.sender, address(this), _amount);
_updateSnapshot();
toDistribute += _amount;
}
//==========================//
//=========INTERNAL=========//
//==========================//
function _calculateIntervals(uint256 timeElapsedSince)
internal
view
returns (uint32 _lastIntervalNumber, uint256 _totalAmountForInterval, uint32 missedIntervals)
{
missedIntervals = _calculateMissedIntervals(timeElapsedSince);
_lastIntervalNumber = lastIntervalNumber + missedIntervals + 1;
uint32 currentDay = Time.dayCountByT(uint32(block.timestamp));
uint32 _lastBurnedIntervalTimestamp = lastBurnedIntervalStartTimestamp;
uint32 dayOfLastInterval =
_lastBurnedIntervalTimestamp == 0 ? currentDay : Time.dayCountByT(_lastBurnedIntervalTimestamp);
uint256 _totalWETHDistributed = totalWETHDistributed;
if (currentDay == dayOfLastInterval) {
_totalAmountForInterval = (_totalWETHDistributed * (missedIntervals + 1)) / INTERVALS_PER_DAY;
} else {
uint32 _lastBurnedIntervalStartTimestamp = _lastBurnedIntervalTimestamp;
uint32 theEndOfTheDay = Time.getDayEnd(_lastBurnedIntervalStartTimestamp);
uint32 accumulatedIntervalsForTheDay = (theEndOfTheDay - _lastBurnedIntervalStartTimestamp) / INTERVAL_TIME;
//@note - Calculate the remaining intervals from the last one's day
_totalAmountForInterval +=
uint256(_totalWETHDistributed * accumulatedIntervalsForTheDay) / INTERVALS_PER_DAY;
//@note - Calculate the upcoming intervals with the to distribute shares
uint256 _intervalsForNewDay = missedIntervals >= accumulatedIntervalsForTheDay
? (missedIntervals - accumulatedIntervalsForTheDay) + 1
: 0;
_totalAmountForInterval += (_intervalsForNewDay > INTERVALS_PER_DAY)
? uint256(toDistribute)
: uint256(toDistribute * _intervalsForNewDay) / INTERVALS_PER_DAY;
}
Interval memory prevInt = intervals[lastIntervalNumber];
//@note - If the last interval was only updated, but not burned add its allocation to the next one.
uint256 additional = prevInt.amountBurned == 0 && prevInt.amountAllocated != 0 ? prevInt.amountAllocated : 0;
if (_totalAmountForInterval + additional > weth.balanceOf(address(this))) {
_totalAmountForInterval = uint256(weth.balanceOf(address(this)));
} else {
_totalAmountForInterval += additional;
}
}
function _calculateMissedIntervals(uint256 timeElapsedSince) internal view returns (uint32 _missedIntervals) {
_missedIntervals = uint32(timeElapsedSince / INTERVAL_TIME);
if (lastBurnedIntervalStartTimestamp != 0) _missedIntervals--;
}
function _updateSnapshot() internal {
if (Time.blockTs() < startTimeStamp || lastSnapshot + 24 hours > Time.blockTs()) return;
if (lastSnapshot != 0 && lastSnapshot + 48 hours <= Time.blockTs()) {
// If we have missed entire snapshot of interacting with the contract
toDistribute = 0;
}
totalWETHDistributed = toDistribute;
toDistribute = 0;
uint32 timeElapsed = Time.blockTs() - startTimeStamp;
uint32 snapshots = timeElapsed / 24 hours;
lastSnapshot = startTimeStamp + (snapshots * 24 hours);
}
/// @notice Updates the contract state for intervals
function _intervalUpdate() private {
if (Time.blockTs() < startTimeStamp) revert NotStartedYet();
if (lastSnapshot == 0) _updateSnapshot();
(
uint32 _lastInterval,
uint256 _amountAllocated,
uint32 _missedIntervals,
uint32 _lastIntervalStartTimestamp,
bool updated
) = getCurrentInterval();
if (updated) {
lastBurnedIntervalStartTimestamp = _lastIntervalStartTimestamp + (uint32(_missedIntervals) * INTERVAL_TIME);
intervals[_lastInterval] = Interval({amountAllocated: _amountAllocated, amountBurned: 0});
lastIntervalNumber = _lastInterval;
}
}
function getCurrentInterval()
public
view
returns (
uint32 _lastInterval,
uint256 _amountAllocated,
uint32 _missedIntervals,
uint32 _lastIntervalStartTimestamp,
bool updated
)
{
if (startTimeStamp > Time.blockTs()) return (0, 0, 0, 0, false);
uint32 startPoint = lastBurnedIntervalStartTimestamp == 0 ? startTimeStamp : lastBurnedIntervalStartTimestamp;
uint32 timeElapseSinceLastBurn = Time.blockTs() - startPoint;
if (lastBurnedIntervalStartTimestamp == 0 || timeElapseSinceLastBurn > INTERVAL_TIME) {
(_lastInterval, _amountAllocated, _missedIntervals) = _calculateIntervals(timeElapseSinceLastBurn);
_lastIntervalStartTimestamp = startPoint;
_missedIntervals += timeElapseSinceLastBurn > INTERVAL_TIME && lastBurnedIntervalStartTimestamp != 0 ? 1 : 0;
updated = true;
}
}
}// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.27;
import "@const/Constants.sol";
import {Time} from "@utils/Time.sol";
import {Errors} from "@utils/Errors.sol";
import {Shaolin} from "@core/Shaolin.sol";
import {IWETH9} from "@interfaces/IWETH9.sol";
import {ShaolinStaking} from "@core/Staking.sol";
import {WBTCPool} from "@core/pools/WBTCPool.sol";
import {LamboPool} from "@core/pools/LamboPool.sol";
import {wmul, wpow, sub, min} from "@utils/Math.sol";
import {ShaolinBuyAndBurn} from "@core/BuyAndBurn.sol";
import {SwapActions, SwapActionParams} from "@actions/SwapActions.sol";
import {TickMath} from "@uniswap/v3-core/contracts/libraries/TickMath.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {ERC20Burnable} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";
import {INonfungiblePositionManager} from "@uniswap/v3-periphery/contracts/interfaces/INonfungiblePositionManager.sol";
struct MiningStats {
uint256 initialMinerCost; // The initial cost for users to create a miner (this goes up daily)
uint256 initialShaolinMintable; // The initial shaolin mintable per day per max power (this goes down daily)
uint64 shaolinMintableDailyDecrease; // The % that the initial shaolin mintable per day decreases daily
}
enum MinerStatus {
CLAIMED, // Status for when the user claims his miner
ACTIVE // Status for when the miner is still active
}
/**
* @title ShaolinMining
* @notice This contract allows users to perform virtual mining of SHAO tokens using WETH tokens.
* @dev The contract also manages the lifecycle of miners and their rewards over time.
*/
contract ShaolinMining is SwapActions {
using SafeERC20 for ERC20Burnable;
struct Miner {
uint32 startTs; // The timestamp when the mining starts
uint32 maturityTs; // The timestamp when the mining matures and can be claimed
uint8 numOfDays; // The number of days the mining lasts, cannot overflow as max duration is 180 days
uint256 mintable; // The amount of SHAO tokens that can be mined
uint256 cost; // The cost of mining in WETH tokens
MinerStatus status; // The status of the miner (ACTIVE or CLAIMED)
}
struct LP {
bool hasLP; // Whether liquidity has been provided
bool isShaolinToken0; // If SHAO is token 0
uint240 tokenId; // The token ID of the LP
}
uint32 constant MIN_DURATION = 1 days;
uint32 constant MAX_DURATION = 100 days;
uint32 public immutable startTimestamp; // Timestamp for the start of the mining period
address public immutable v3PositionManager;
IWETH9 public immutable weth;
WBTCPool public immutable wbtcPool;
LamboPool public immutable lamboPool;
Shaolin public immutable shaolin;
LP lp; // Liquidity provider state
MiningStats public stats; // Mining statistics for cost and mintable SHAO
mapping(address user => uint64 minerId) public userMiners; // User's latest miner ID
mapping(address user => mapping(uint64 id => Miner)) public miners; // User's miner details by miner ID
mapping(address user => uint256 totalAmountMined) public totalMined; // User's total mined shaolin (EXCLUDING BONUS)
mapping(address => bool) isBlacklisted;
error ShaolinMining__InvalidDuration(); // Error for invalid mining duration
error ShaolinMining__MinerNotMatureYet(); // Error when trying to claim an immature miner
error ShaolinMining__MinerAlreadyClaimed(); // Error when trying to claim an already claimed miner
error ShaolinMining__NotStartedYet(); // Error when trying to interact with the contract before the start date
error ShaolinMining__LiquidityAlreadyAdded(); // Error when trying to add liquidity when it has already been added
error ShaolinMining__NotEnoughWETHForLiquidity(); // Error when trying to add liquidity when there is not enough amount for it
error ShaolinMining__InvalidLadderParams(); // Error when trying to create a ladder with incorrect params
error ShaolinMining__MaxLadderEndExceeded(); // Error when trying create a ladder than ends later than the MAX_LADDER_END_TIME
error ShaolinMining__NotEnoughETH(); // Error when trying to mine (single or batch) with insufficient eth amount
error ShaolinMining__TransferFailed(); // Error when call to refund a user fails
error ShaolinMining__OnlyWETH(); // Error when other users are directly trying to send ETH\
error ShaolinMining__Blacklisted(address); // Error thrown when blackisted address tries to interact with the contract
error ShaolinMining__MiningIsOver(); // Error thrown when trying to mine after 88 days of start time
/**
* @notice Emitted when a miner is created.
* @param user The address of the user who created the miner.
* @param power The mining power specified.
* @param cost The cost of the miner.
* @param id The ID of the created miner.
*/
event MinerCreated(
address indexed user, uint256 indexed power, uint256 indexed cost, uint32 startTs, uint32 maturityTs, uint64 id
);
/**
* @notice Emitted when a miner is claimed.
* @param _user The address of the user claiming the miner.
* @param _id The ID of the claimed miner.
* @param shaolinMined The amount of SHAO tokens mined.
* @param lRankBonus The L-Rank bonus amount
*/
event MinerClaimed(address indexed _user, uint256 indexed _id, uint256 indexed shaolinMined, uint256 lRankBonus);
/**
* @notice Emitted when distribution happens
* @param toBuyAndBurn WETH distributed ot BuyAndBurn
* @param toGenesis WETH distributed to genesis
*/
event Distributed(uint256 indexed toBuyAndBurn, uint256 indexed toGenesis);
/**
* @notice Constructor to initialize the ShaolinMining contract.
* @param _params The swap action contract params
* @param _miningStats The mining stats params
* @param _startTimestamp The timestamp when mining starts.
* @param _v3PositionManager The uniswapV3 position manager
*/
constructor(
uint32 _startTimestamp,
address _v3PositionManager,
address _shaolin,
address _weth,
address _wbtc,
address _vrfCoordinator,
uint256 _subscriptionId,
bytes32 _keyHash,
SwapActionParams memory _params,
MiningStats memory _miningStats
) SwapActions(_params) {
shaolin = Shaolin(_shaolin);
weth = IWETH9(_weth);
wbtcPool = new WBTCPool(_startTimestamp, _wbtc, address(this));
lamboPool = new LamboPool(
address(this), _vrfCoordinator, _subscriptionId, _weth, _keyHash, _params._owner, _startTimestamp
);
lamboPool.transferOwnership(_params._owner);
startTimestamp = _startTimestamp;
v3PositionManager = _v3PositionManager;
stats = _miningStats;
}
modifier notBlackListed(address _user) {
_notBlacklisted(_user);
_;
}
/* == EXTERNAL == */
function toggleBlackListed(address _user, bool _value) external onlyOwner {
isBlacklisted[_user] = _value;
}
/**
* @notice Starts the mining process for a specified duration and power.
* @param _duration The duration of the mining.
* @param _power The mining power specified.
*/
function startMining(uint32 _duration, uint256 _power)
external
payable
notBlackListed(msg.sender)
returns (uint256 toMine)
{
uint32 start = Time.blockTs();
uint256 cost = getCurrentMinerCostByPower(_power);
require(msg.value >= cost, ShaolinMining__NotEnoughETH());
weth.deposit{value: cost}();
toMine = _mine(start, _duration, _power);
totalMined[msg.sender] += toMine;
_participateInWBTCPool(toMine);
_participateInLamboPool();
_refundIfNeeded(msg.value - cost);
}
/**
* @notice Starts batch mining for a specified duration and power multiple times.
* @param _duration The duration of the mining.
* @param _power The mining power specified.
* @param _count The number of miners to create.
*/
function startMiningBatch(uint32 _duration, uint256 _power, uint256 _count)
public
payable
notBlackListed(msg.sender)
returns (uint256 toMine)
{
_count = min(100, _count);
uint256 sentAmount = msg.value;
uint32 start = Time.blockTs();
uint256 cost = getCurrentMinerCostByPower(_power);
for (uint64 i; i < _count; ++i) {
require(sentAmount >= cost, ShaolinMining__NotEnoughETH());
weth.deposit{value: cost}();
sentAmount -= cost;
toMine += _mine(start, _duration, _power);
}
totalMined[msg.sender] += toMine;
_participateInWBTCPool(toMine);
_participateInLamboPool();
_refundIfNeeded(sentAmount);
}
/**
* @notice Claims a miner that has matured.
* @param _id The ID of the miner to claim.
*/
function claimMiner(uint64 _id) external returns (uint256 totalMinedAmount) {
totalMinedAmount = _claim(msg.sender, _id);
}
/**
* @notice Claims multiple miners that have matured.
* @param _ids The IDs of the miners to claim.
*/
function batchClaim(uint64[] calldata _ids) external returns (uint256 totalMinedAmount) {
for (uint64 i; i < _ids.length; ++i) {
totalMinedAmount += _claim(msg.sender, _ids[i]);
}
}
/* == PUBLIC == */
/**
* @notice Gets the current miner cost based on the specified power.
* @param _power The mining power specified.
* @return cost The cost of the miner in WETH tokens.
*/
function getCurrentMinerCostByPower(uint256 _power) public view returns (uint256 cost) {
cost = uint256(wmul(stats.initialMinerCost, _power));
}
/**
* @notice Gets the current SHAO mintable based on the specified power.
* @param _power The mining power specified.
* @return mintable The amount of SHAO tokens that can be minted.
*/
function getCurrentShaolinMintableByPower(uint256 _power, uint32 timeOfCreation)
public
view
returns (uint256 mintable)
{
mintable = uint256(wmul(currentShaolinMintable(timeOfCreation), _power));
}
/**
* @notice Gets the current base SHAO mintable.
* @notice Decreases daily
* @return mintable The current SHAO tokens that can be minted.
*/
function currentShaolinMintable(uint32 timeOfCreation) public view returns (uint256 mintable) {
MiningStats memory _stats = stats;
uint32 currentDay = Time.dayGap(startTimestamp, timeOfCreation);
mintable = uint256(
wmul(_stats.initialShaolinMintable, wpow(WAD - _stats.shaolinMintableDailyDecrease, currentDay, WAD))
);
}
/**
* @dev Internal function to handle the mining process.
* @param _startOfMining The timestamp when the mining starts.
* @param _duration The duration of the mining.
* @param _power The mining power specified.
*/
function _mine(uint32 _startOfMining, uint32 _duration, uint256 _power)
internal
notAmount0(_power)
notGt(Time.blockTs(), _startOfMining)
notGt(_power, WAD)
returns (uint256)
{
require(Time.blockTs() >= startTimestamp, ShaolinMining__NotStartedYet());
require(
MIN_DURATION <= _duration && _duration <= MAX_DURATION && _duration % 24 hours == 0,
ShaolinMining__InvalidDuration()
);
require(Time.blockTs() - startTimestamp <= 88 days, ShaolinMining__MiningIsOver());
uint256 cost = getCurrentMinerCostByPower(_power);
{
uint64 _lastId = ++userMiners[msg.sender];
Miner memory _currentMiner = Miner({
cost: cost,
mintable: getCurrentShaolinMintableByPower(_power, _startOfMining),
startTs: _startOfMining,
maturityTs: _startOfMining + _duration,
numOfDays: uint8(_duration / 1 days), // Cannot overflow, max duration is 100 days
status: MinerStatus.ACTIVE
});
miners[msg.sender][_lastId] = _currentMiner;
}
emit MinerCreated(msg.sender, _power, cost, _startOfMining, _startOfMining + _duration, userMiners[msg.sender]);
_distribute(cost);
return getCurrentShaolinMintableByPower(_power, _startOfMining) * uint8(_duration / 1 days);
}
function _participateInWBTCPool(uint256 newAmount) internal {
wbtcPool.addToShares(msg.sender, newAmount);
}
function _participateInLamboPool() internal {
uint256 total = totalMined[msg.sender];
if (total >= MIN_SHAO_FOR_LAMBO_POOL) lamboPool.participate(msg.sender);
}
function _refundIfNeeded(uint256 excessAmount) internal {
if (excessAmount > 0) {
(bool success,) = msg.sender.call{value: excessAmount}("");
require(success, ShaolinMining__TransferFailed());
}
}
/**
* @dev Internal function to claim a matured miner.
* @param _user The address of the user claiming the miner.
* @param _id The ID of the miner to claim.
*/
function _claim(address _user, uint64 _id) internal returns (uint256 totalAmountMined) {
Miner storage _miner = miners[_user][_id];
require(_miner.status == MinerStatus.ACTIVE, ShaolinMining__MinerAlreadyClaimed());
require(Time.blockTs() >= _miner.maturityTs, ShaolinMining__MinerNotMatureYet());
_miner.status = MinerStatus.CLAIMED;
uint256 minedAmount = _miner.mintable * _miner.numOfDays;
uint256 lRankBonus = calculateERankBonus(minedAmount, _miner.numOfDays);
totalAmountMined = minedAmount + lRankBonus;
emit MinerClaimed(_user, _id, minedAmount, lRankBonus);
shaolin.emitShaolin(_user, totalAmountMined);
}
/**
* @dev Internal function to calculate the ERank bonus based on the mining duration.
* @param _amountMined The amount of SHAO tokens mined.
* @param _numOfDays The number of days the miner mined for.
* @return eRankBonus The ERank bonus added to the mined amount.
*/
function calculateERankBonus(uint256 _amountMined, uint8 _numOfDays) public pure returns (uint256 eRankBonus) {
if (_numOfDays <= 25) {
eRankBonus = wmul(_amountMined, MINING_ERANK_25DAYS);
} else if (_numOfDays <= 50) {
eRankBonus = wmul(_amountMined, MINING_ERANK_50DAYS);
} else if (_numOfDays <= 75) {
eRankBonus = wmul(_amountMined, MINING_ERANK_75DAYS);
} else {
eRankBonus = wmul(_amountMined, MINING_ERANK_100DAYS);
}
}
/**
* @dev Internal function to distribute the WETH tokens if liquidity is provided.
* @param _amount The amount of WETH tokens to distribute.
*/
function _distribute(uint256 _amount) internal {
uint256 wethBalance = weth.balanceOf(address(this));
// If there is no added liquidity but the balance exceeds the initial liquidity, distribute the difference
if (!lp.hasLP) {
if (wethBalance <= INITIAL_ETH_FOR_LIQ) return;
_amount = uint192(wethBalance - INITIAL_ETH_FOR_LIQ);
}
uint256 _toBuyAndBurn = wmul(_amount, TO_BUY_AND_BURN);
uint256 _toStaking = wmul(_amount, TO_REWARD_POOLS);
uint256 _toConvertToWBTC = wmul(_amount, TO_CONVERT_TO_WBTC);
uint256 _toLamboPool = wmul(_amount, TO_LAMBO_REWARD);
uint256 _toLotusEdenBnB = wmul(_amount, TO_LOTUS_EDEN_BNB);
uint256 _toLP = wmul(_amount, TO_LIQUIDITY_BONDING);
uint256 _toGenesis = wmul(_amount, TO_GENESIS);
uint256 _toGenesis2 = wmul(_amount, TO_GENESIS_2);
weth.approve(address(shaolin.buyAndBurn()), _toBuyAndBurn);
shaolin.buyAndBurn().distributeWETHForBurning(_toBuyAndBurn);
weth.approve(address(shaolin.staking()), _toStaking);
shaolin.staking().distribute(_toStaking);
weth.approve(address(shaolin.wbtcPoolFeeder()), _toConvertToWBTC);
shaolin.wbtcPoolFeeder().distributeWETH(_toConvertToWBTC);
weth.transfer(address(lamboPool), _toLamboPool);
lamboPool.distributeRewards(_toLamboPool);
weth.approve(address(shaolin.lotusEdenBnBFeeder()), _toLotusEdenBnB);
shaolin.lotusEdenBnBFeeder().distributeWETH(_toLotusEdenBnB);
weth.transfer(GENESIS_WALLET, _toGenesis);
weth.transfer(LIQUIDITY_BONDING, _toLP);
weth.transfer(GENESIS_2, _toGenesis2);
}
///////////////////////
////// LIQUIDITY //////
///////////////////////
/**
* @notice Sends the fees acquired from the UniswapV3 position
* @return amount0 The amount of token0 collected
* @return amount1 The amount of token1 collected
*/
function collectFees() external returns (uint256 amount0, uint256 amount1) {
LP memory _lp = lp;
INonfungiblePositionManager.CollectParams memory params = INonfungiblePositionManager.CollectParams({
tokenId: _lp.tokenId,
recipient: FEES_WALLET,
amount0Max: type(uint128).max,
amount1Max: type(uint128).max
});
(amount0, amount1) = INonfungiblePositionManager(v3PositionManager).collect(params);
}
/**
* @notice Adds liquidity to WETH/SHAO pool
* @param _deadline The deadline for the liquidity addition
*/
function addLiquidityToWETHShaolinPool(uint32 _deadline, uint64 slippage)
external
onlyOwner
notExpired(_deadline)
{
require(!lp.hasLP, ShaolinMining__LiquidityAlreadyAdded());
require(weth.balanceOf(address(this)) >= INITIAL_ETH_FOR_LIQ, ShaolinMining__NotEnoughWETHForLiquidity());
shaolin.emitShaolin(address(this), INITIAL_SHAO_FOR_LP);
(
uint256 amount0Sorted,
uint256 amount1Sorted,
uint256 amount0Min,
uint256 amount1Min,
address token0,
address token1
) = _sortAmounts(INITIAL_SHAO_FOR_LP, INITIAL_ETH_FOR_LIQ, slippage);
ERC20Burnable(token0).approve(v3PositionManager, amount0Sorted);
ERC20Burnable(token1).approve(v3PositionManager, amount1Sorted);
INonfungiblePositionManager.MintParams memory params = INonfungiblePositionManager.MintParams({
token0: token0,
token1: token1,
fee: POOL_FEE,
tickLower: (TickMath.MIN_TICK / TICK_SPACING) * TICK_SPACING,
tickUpper: (TickMath.MAX_TICK / TICK_SPACING) * TICK_SPACING,
amount0Desired: amount0Sorted,
amount1Desired: amount1Sorted,
amount0Min: amount0Min,
amount1Min: amount1Min,
recipient: address(this),
deadline: _deadline
});
(uint256 tokenId,, uint256 amount0Added, uint256 amount1Added) =
INonfungiblePositionManager(v3PositionManager).mint(params);
ERC20Burnable(token0).approve(address(v3PositionManager), 0);
ERC20Burnable(token1).approve(address(v3PositionManager), 0);
if (amount0Added < amount0Sorted) {
ERC20Burnable(token0).transfer(LIQUIDITY_BONDING, amount0Sorted - amount0Added);
}
if (amount1Added < amount1Sorted) {
ERC20Burnable(token1).transfer(LIQUIDITY_BONDING, amount1Sorted - amount1Added);
}
lp = LP({hasLP: true, tokenId: uint240(tokenId), isShaolinToken0: token0 == address(shaolin)});
}
function _notBlacklisted(address _user) internal view {
require(!isBlacklisted[_user], ShaolinMining__Blacklisted(_user));
}
///@notice Sorts tokens and amounts for adding liquidity
function _sortAmounts(uint256 _shaolinAmount, uint256 _wethAmount, uint64 slippage)
internal
view
returns (
uint256 amount0,
uint256 amount1,
uint256 amount0Min,
uint256 amount1Min,
address token0,
address token1
)
{
address _weth = address(weth);
address _shaolin = address(shaolin);
(token0, token1) = _weth < _shaolin ? (_weth, _shaolin) : (_shaolin, _weth);
(amount0, amount1) = token0 == _weth ? (_wethAmount, _shaolinAmount) : (_shaolinAmount, _wethAmount);
(amount0Min, amount1Min) = (wmul(amount0, slippage), wmul(amount1, slippage));
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { ERC20 } from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import { IOFT, OFTCore } from "./OFTCore.sol";
/**
* @title OFT Contract
* @dev OFT is an ERC-20 token that extends the functionality of the OFTCore contract.
*/
abstract contract OFT is OFTCore, ERC20 {
/**
* @dev Constructor for the OFT contract.
* @param _name The name of the OFT.
* @param _symbol The symbol of the OFT.
* @param _lzEndpoint The LayerZero endpoint address.
* @param _delegate The delegate capable of making OApp configurations inside of the endpoint.
*/
constructor(
string memory _name,
string memory _symbol,
address _lzEndpoint,
address _delegate
) ERC20(_name, _symbol) OFTCore(decimals(), _lzEndpoint, _delegate) {}
/**
* @dev Retrieves the address of the underlying ERC20 implementation.
* @return The address of the OFT token.
*
* @dev In the case of OFT, address(this) and erc20 are the same contract.
*/
function token() public view returns (address) {
return address(this);
}
/**
* @notice Indicates whether the OFT contract requires approval of the 'token()' to send.
* @return requiresApproval Needs approval of the underlying token implementation.
*
* @dev In the case of OFT where the contract IS the token, approval is NOT required.
*/
function approvalRequired() external pure virtual returns (bool) {
return false;
}
/**
* @dev Burns tokens from the sender's specified balance.
* @param _from The address to debit the tokens from.
* @param _amountLD The amount of tokens to send in local decimals.
* @param _minAmountLD The minimum amount to send in local decimals.
* @param _dstEid The destination chain ID.
* @return amountSentLD The amount sent in local decimals.
* @return amountReceivedLD The amount received in local decimals on the remote.
*/
function _debit(
address _from,
uint256 _amountLD,
uint256 _minAmountLD,
uint32 _dstEid
) internal virtual override returns (uint256 amountSentLD, uint256 amountReceivedLD) {
(amountSentLD, amountReceivedLD) = _debitView(_amountLD, _minAmountLD, _dstEid);
// @dev In NON-default OFT, amountSentLD could be 100, with a 10% fee, the amountReceivedLD amount is 90,
// therefore amountSentLD CAN differ from amountReceivedLD.
// @dev Default OFT burns on src.
_burn(_from, amountSentLD);
}
/**
* @dev Credits tokens to the specified address.
* @param _to The address to credit the tokens to.
* @param _amountLD The amount of tokens to credit in local decimals.
* @dev _srcEid The source chain ID.
* @return amountReceivedLD The amount of tokens ACTUALLY received in local decimals.
*/
function _credit(
address _to,
uint256 _amountLD,
uint32 /*_srcEid*/
) internal virtual override returns (uint256 amountReceivedLD) {
if (_to == address(0x0)) _to = address(0xdead); // _mint(...) does not support address(0x0)
// @dev Default OFT mints on dst.
_mint(_to, _amountLD);
// @dev In the case of NON-default OFT, the _amountLD MIGHT not be == amountReceivedLD.
return _amountLD;
}
}// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.27;
/* === SYSTEM === */
import "@actions/SwapActions.sol";
/* === OZ === */
import {ILotusEdenBnB} from "@interfaces/ILotusEdenBnB.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
/* == UTILS == */
import {wmul} from "@utils/Math.sol";
import {Time} from "@utils/Time.sol";
contract LotusEdenBnBFeeder is SwapActions {
using SafeERC20 for *;
//=============STRUCTS============//
/// @notice Struct to represent intervals for burning
struct Interval {
uint256 amountAllocated;
uint256 amountBurned;
}
//===========IMMUTABLE===========//
///@notice The startTimestamp
uint32 public immutable startTimeStamp;
IERC20 public immutable weth;
IERC20 immutable titanX;
ILotusEdenBnB immutable lotusBnB;
ILotusEdenBnB immutable edenBnB;
//===========STATE===========//
/// @notice Timestamp of the last burn call
uint32 public lastBurnedIntervalStartTimestamp;
/// @notice Last interval number
uint32 public lastIntervalNumber;
/// @notice Last burned interval
uint32 public lastBurnedInterval;
/// @notice That last snapshot timestamp
uint32 public lastSnapshot;
///@notice WETH Swap cap
uint256 public swapCap;
/// @notice Mapping from interval number to Interval struct
mapping(uint32 interval => Interval) public intervals;
/// @notice Total WETH tokens distributed
uint256 public totalWETHDistributed;
uint256 public toDistribute;
//===========EVENTS===========//
/// @notice Event emitted when tokens are bought and burnt
event BuyAndBurn(uint256 indexed wethAmount, uint256 indexed titanXAmount, address indexed caller);
//===========ERRORS===========//
/// @notice Error when the contract has not started yet
error NotStartedYet();
/// @notice Error when interval has already been burned
error IntervalAlreadyBurned();
error MustStartAt5PMUTC();
error BuyAndBurn__OnlyEOA();
//========CONSTRUCTOR========//
/// @notice Constructor initializes the contract
constructor(
uint32 _startTimestamp,
address _weth,
address _titanX,
address _lotusBnB,
address _edenBnb,
SwapActionParams memory _params
) SwapActions(_params) {
swapCap = type(uint256).max;
lotusBnB = ILotusEdenBnB(_lotusBnB);
edenBnB = ILotusEdenBnB(_edenBnb);
titanX = IERC20(_titanX);
weth = IERC20(_weth);
startTimeStamp = _startTimestamp;
}
//========MODIFIERS=======//
/// @notice Updates the contract state for intervals
modifier intervalUpdate() {
_intervalUpdate();
_;
}
//==========================//
//==========PUBLIC==========//
//==========================//
function changeSwapCap(uint256 _newSwapCap) external onlySlippageAdminOrOwner {
swapCap = _newSwapCap == 0 ? type(uint256).max : _newSwapCap;
}
/**
* @notice Swaps WETH for TITANX and sends to respective BNBs
* @param _deadline The deadline for which the passes should pass
*/
function swapWETHToTitanXAndDistribute(uint32 _deadline) external intervalUpdate {
if (msg.sender != tx.origin) revert BuyAndBurn__OnlyEOA();
Interval storage currInterval = intervals[lastIntervalNumber];
if (currInterval.amountBurned != 0) revert IntervalAlreadyBurned();
_updateSnapshot();
if (currInterval.amountAllocated > swapCap) {
uint256 difference = currInterval.amountAllocated - swapCap;
//@note - Add the difference for the next day
toDistribute += difference;
currInterval.amountAllocated = swapCap;
}
uint256 incentive = wmul(currInterval.amountAllocated, INCENTIVE_FEE);
currInterval.amountBurned = currInterval.amountAllocated;
uint256 titanXAmount = swapExactInput(
address(weth), address(titanX), currInterval.amountAllocated - incentive, 0, POOL_FEE, _deadline
);
weth.safeTransfer(msg.sender, incentive);
uint256 toBnBs = wmul(titanXAmount, WAD / 2);
titanX.approve(address(edenBnB), toBnBs);
titanX.approve(address(lotusBnB), toBnBs);
edenBnB.distributeTitanXForBurning(toBnBs);
lotusBnB.distributeTitanXForBurning(toBnBs);
lastBurnedInterval = lastIntervalNumber;
emit BuyAndBurn(currInterval.amountAllocated - incentive, titanXAmount, msg.sender);
}
/**
* @notice Distributes WETH tokens for burning
* @param _amount The amount of WETH tokens
*/
function distributeWETH(uint256 _amount) external notAmount0(_amount) {
///@dev - If there are some missed intervals update the accumulated allocation before depositing new WETH
if (Time.blockTs() > startTimeStamp && Time.blockTs() - lastBurnedIntervalStartTimestamp > INTERVAL_TIME) {
_intervalUpdate();
}
weth.safeTransferFrom(msg.sender, address(this), _amount);
_updateSnapshot();
toDistribute += _amount;
}
//==========================//
//=========INTERNAL=========//
//==========================//
function _calculateIntervals(uint256 timeElapsedSince)
internal
view
returns (uint32 _lastIntervalNumber, uint256 _totalAmountForInterval, uint32 missedIntervals)
{
missedIntervals = _calculateMissedIntervals(timeElapsedSince);
_lastIntervalNumber = lastIntervalNumber + missedIntervals + 1;
uint32 currentDay = Time.dayCountByT(uint32(block.timestamp));
uint32 _lastBurnedIntervalTimestamp = lastBurnedIntervalStartTimestamp;
uint32 dayOfLastInterval =
_lastBurnedIntervalTimestamp == 0 ? currentDay : Time.dayCountByT(_lastBurnedIntervalTimestamp);
uint256 _totalWETHDistributed = totalWETHDistributed;
if (currentDay == dayOfLastInterval) {
_totalAmountForInterval = (_totalWETHDistributed * (missedIntervals + 1)) / INTERVALS_PER_DAY;
} else {
uint32 _lastBurnedIntervalStartTimestamp = _lastBurnedIntervalTimestamp;
uint32 theEndOfTheDay = Time.getDayEnd(_lastBurnedIntervalStartTimestamp);
uint32 accumulatedIntervalsForTheDay = (theEndOfTheDay - _lastBurnedIntervalStartTimestamp) / INTERVAL_TIME;
//@note - Calculate the remaining intervals from the last one's day
_totalAmountForInterval +=
uint256(_totalWETHDistributed * accumulatedIntervalsForTheDay) / INTERVALS_PER_DAY;
//@note - Calculate the upcoming intervals with the to distribute shares
uint256 _intervalsForNewDay = missedIntervals >= accumulatedIntervalsForTheDay
? (missedIntervals - accumulatedIntervalsForTheDay) + 1
: 0;
_totalAmountForInterval += (_intervalsForNewDay > INTERVALS_PER_DAY)
? uint256(toDistribute)
: uint256(toDistribute * _intervalsForNewDay) / INTERVALS_PER_DAY;
}
Interval memory prevInt = intervals[lastIntervalNumber];
//@note - If the last interval was only updated, but not burned add its allocation to the next one.
uint256 additional = prevInt.amountBurned == 0 && prevInt.amountAllocated != 0 ? prevInt.amountAllocated : 0;
if (_totalAmountForInterval + additional > weth.balanceOf(address(this))) {
_totalAmountForInterval = uint256(weth.balanceOf(address(this)));
} else {
_totalAmountForInterval += additional;
}
}
function _calculateMissedIntervals(uint256 timeElapsedSince) internal view returns (uint32 _missedIntervals) {
_missedIntervals = uint32(timeElapsedSince / INTERVAL_TIME);
if (lastBurnedIntervalStartTimestamp != 0) _missedIntervals--;
}
function _updateSnapshot() internal {
if (Time.blockTs() < startTimeStamp || lastSnapshot + 24 hours > Time.blockTs()) return;
if (lastSnapshot != 0 && lastSnapshot + 48 hours <= Time.blockTs()) {
// If we have missed entire snapshot of interacting with the contract
toDistribute = 0;
}
totalWETHDistributed = toDistribute;
toDistribute = 0;
uint32 timeElapsed = Time.blockTs() - startTimeStamp;
uint32 snapshots = timeElapsed / 24 hours;
lastSnapshot = startTimeStamp + (snapshots * 24 hours);
}
/// @notice Updates the contract state for intervals
function _intervalUpdate() private {
if (Time.blockTs() < startTimeStamp) revert NotStartedYet();
if (lastSnapshot == 0) _updateSnapshot();
(
uint32 _lastInterval,
uint256 _amountAllocated,
uint32 _missedIntervals,
uint32 _lastIntervalStartTimestamp,
bool updated
) = getCurrentInterval();
if (updated) {
lastBurnedIntervalStartTimestamp = _lastIntervalStartTimestamp + (uint32(_missedIntervals) * INTERVAL_TIME);
intervals[_lastInterval] = Interval({amountAllocated: _amountAllocated, amountBurned: 0});
lastIntervalNumber = _lastInterval;
}
}
function getCurrentInterval()
public
view
returns (
uint32 _lastInterval,
uint256 _amountAllocated,
uint32 _missedIntervals,
uint32 _lastIntervalStartTimestamp,
bool updated
)
{
if (startTimeStamp > Time.blockTs()) return (0, 0, 0, 0, false);
uint32 startPoint = lastBurnedIntervalStartTimestamp == 0 ? startTimeStamp : lastBurnedIntervalStartTimestamp;
uint32 timeElapseSinceLastBurn = Time.blockTs() - startPoint;
if (lastBurnedIntervalStartTimestamp == 0 || timeElapseSinceLastBurn > INTERVAL_TIME) {
(_lastInterval, _amountAllocated, _missedIntervals) = _calculateIntervals(timeElapseSinceLastBurn);
_lastIntervalStartTimestamp = startPoint;
_missedIntervals += timeElapseSinceLastBurn > INTERVAL_TIME && lastBurnedIntervalStartTimestamp != 0 ? 1 : 0;
updated = true;
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (access/Ownable2Step.sol)
pragma solidity ^0.8.20;
import {Ownable} from "./Ownable.sol";
/**
* @dev Contract module which provides access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* This extension of the {Ownable} contract includes a two-step mechanism to transfer
* ownership, where the new owner must call {acceptOwnership} in order to replace the
* old one. This can help prevent common mistakes, such as transfers of ownership to
* incorrect accounts, or to contracts that are unable to interact with the
* permission system.
*
* The initial owner is specified at deployment time in the constructor for `Ownable`. This
* can later be changed with {transferOwnership} and {acceptOwnership}.
*
* This module is used through inheritance. It will make available all functions
* from parent (Ownable).
*/
abstract contract Ownable2Step is Ownable {
address private _pendingOwner;
event OwnershipTransferStarted(address indexed previousOwner, address indexed newOwner);
/**
* @dev Returns the address of the pending owner.
*/
function pendingOwner() public view virtual returns (address) {
return _pendingOwner;
}
/**
* @dev Starts the ownership transfer of the contract to a new account. Replaces the pending transfer if there is one.
* Can only be called by the current owner.
*
* Setting `newOwner` to the zero address is allowed; this can be used to cancel an initiated ownership transfer.
*/
function transferOwnership(address newOwner) public virtual override onlyOwner {
_pendingOwner = newOwner;
emit OwnershipTransferStarted(owner(), newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`) and deletes any pending owner.
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual override {
delete _pendingOwner;
super._transferOwnership(newOwner);
}
/**
* @dev The new owner accepts the ownership transfer.
*/
function acceptOwnership() public virtual {
address sender = _msgSender();
if (pendingOwner() != sender) {
revert OwnableUnauthorizedAccount(sender);
}
_transferOwnership(sender);
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
pragma abicoder v2;
/// @title Quoter Interface
/// @notice Supports quoting the calculated amounts from exact input or exact output swaps
/// @dev These functions are not marked view because they rely on calling non-view functions and reverting
/// to compute the result. They are also not gas efficient and should not be called on-chain.
interface IQuoter {
/// @notice Returns the amount out received for a given exact input swap without executing the swap
/// @param path The path of the swap, i.e. each token pair and the pool fee
/// @param amountIn The amount of the first token to swap
/// @return amountOut The amount of the last token that would be received
function quoteExactInput(bytes memory path, uint256 amountIn) external returns (uint256 amountOut);
/// @notice Returns the amount out received for a given exact input but for a swap of a single pool
/// @param tokenIn The token being swapped in
/// @param tokenOut The token being swapped out
/// @param fee The fee of the token pool to consider for the pair
/// @param amountIn The desired input amount
/// @param sqrtPriceLimitX96 The price limit of the pool that cannot be exceeded by the swap
/// @return amountOut The amount of `tokenOut` that would be received
function quoteExactInputSingle(
address tokenIn,
address tokenOut,
uint24 fee,
uint256 amountIn,
uint160 sqrtPriceLimitX96
) external returns (uint256 amountOut);
/// @notice Returns the amount in required for a given exact output swap without executing the swap
/// @param path The path of the swap, i.e. each token pair and the pool fee. Path must be provided in reverse order
/// @param amountOut The amount of the last token to receive
/// @return amountIn The amount of first token required to be paid
function quoteExactOutput(bytes memory path, uint256 amountOut) external returns (uint256 amountIn);
/// @notice Returns the amount in required to receive the given exact output amount but for a swap of a single pool
/// @param tokenIn The token being swapped in
/// @param tokenOut The token being swapped out
/// @param fee The fee of the token pool to consider for the pair
/// @param amountOut The desired output amount
/// @param sqrtPriceLimitX96 The price limit of the pool that cannot be exceeded by the swap
/// @return amountIn The amount required as the input for the swap in order to receive `amountOut`
function quoteExactOutputSingle(
address tokenIn,
address tokenOut,
uint24 fee,
uint256 amountOut,
uint160 sqrtPriceLimitX96
) external returns (uint256 amountIn);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Provides functions for deriving a pool address from the factory, tokens, and the fee
library PoolAddress {
bytes32 internal constant POOL_INIT_CODE_HASH = 0xa598dd2fba360510c5a8f02f44423a4468e902df5857dbce3ca162a43a3a31ff;
/// @notice The identifying key of the pool
struct PoolKey {
address token0;
address token1;
uint24 fee;
}
/// @notice Returns PoolKey: the ordered tokens with the matched fee levels
/// @param tokenA The first token of a pool, unsorted
/// @param tokenB The second token of a pool, unsorted
/// @param fee The fee level of the pool
/// @return Poolkey The pool details with ordered token0 and token1 assignments
function getPoolKey(
address tokenA,
address tokenB,
uint24 fee
) internal pure returns (PoolKey memory) {
if (tokenA > tokenB) (tokenA, tokenB) = (tokenB, tokenA);
return PoolKey({token0: tokenA, token1: tokenB, fee: fee});
}
/// @notice Deterministically computes the pool address given the factory and PoolKey
/// @param factory The Uniswap V3 factory contract address
/// @param key The PoolKey
/// @return pool The contract address of the V3 pool
function computeAddress(address factory, PoolKey memory key) internal pure returns (address pool) {
require(key.token0 < key.token1);
pool = address(
uint160(
uint256(
keccak256(
abi.encodePacked(
hex'ff',
factory,
keccak256(abi.encode(key.token0, key.token1, key.fee)),
POOL_INIT_CODE_HASH
)
)
)
)
);
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
import {IUniswapV3PoolImmutables} from './pool/IUniswapV3PoolImmutables.sol';
import {IUniswapV3PoolState} from './pool/IUniswapV3PoolState.sol';
import {IUniswapV3PoolDerivedState} from './pool/IUniswapV3PoolDerivedState.sol';
import {IUniswapV3PoolActions} from './pool/IUniswapV3PoolActions.sol';
import {IUniswapV3PoolOwnerActions} from './pool/IUniswapV3PoolOwnerActions.sol';
import {IUniswapV3PoolErrors} from './pool/IUniswapV3PoolErrors.sol';
import {IUniswapV3PoolEvents} from './pool/IUniswapV3PoolEvents.sol';
/// @title The interface for a Uniswap V3 Pool
/// @notice A Uniswap pool facilitates swapping and automated market making between any two assets that strictly conform
/// to the ERC20 specification
/// @dev The pool interface is broken up into many smaller pieces
interface IUniswapV3Pool is
IUniswapV3PoolImmutables,
IUniswapV3PoolState,
IUniswapV3PoolDerivedState,
IUniswapV3PoolActions,
IUniswapV3PoolOwnerActions,
IUniswapV3PoolErrors,
IUniswapV3PoolEvents
{
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
pragma abicoder v2;
import '@openzeppelin/contracts/token/ERC721/extensions/IERC721Metadata.sol';
import '@openzeppelin/contracts/token/ERC721/extensions/IERC721Enumerable.sol';
import './IPoolInitializer.sol';
import './IERC721Permit.sol';
import './IPeripheryPayments.sol';
import './IPeripheryImmutableState.sol';
import '../libraries/PoolAddress.sol';
/// @title Non-fungible token for positions
/// @notice Wraps Uniswap V3 positions in a non-fungible token interface which allows for them to be transferred
/// and authorized.
interface INonfungiblePositionManager is
IPoolInitializer,
IPeripheryPayments,
IPeripheryImmutableState,
IERC721Metadata,
IERC721Enumerable,
IERC721Permit
{
/// @notice Emitted when liquidity is increased for a position NFT
/// @dev Also emitted when a token is minted
/// @param tokenId The ID of the token for which liquidity was increased
/// @param liquidity The amount by which liquidity for the NFT position was increased
/// @param amount0 The amount of token0 that was paid for the increase in liquidity
/// @param amount1 The amount of token1 that was paid for the increase in liquidity
event IncreaseLiquidity(uint256 indexed tokenId, uint128 liquidity, uint256 amount0, uint256 amount1);
/// @notice Emitted when liquidity is decreased for a position NFT
/// @param tokenId The ID of the token for which liquidity was decreased
/// @param liquidity The amount by which liquidity for the NFT position was decreased
/// @param amount0 The amount of token0 that was accounted for the decrease in liquidity
/// @param amount1 The amount of token1 that was accounted for the decrease in liquidity
event DecreaseLiquidity(uint256 indexed tokenId, uint128 liquidity, uint256 amount0, uint256 amount1);
/// @notice Emitted when tokens are collected for a position NFT
/// @dev The amounts reported may not be exactly equivalent to the amounts transferred, due to rounding behavior
/// @param tokenId The ID of the token for which underlying tokens were collected
/// @param recipient The address of the account that received the collected tokens
/// @param amount0 The amount of token0 owed to the position that was collected
/// @param amount1 The amount of token1 owed to the position that was collected
event Collect(uint256 indexed tokenId, address recipient, uint256 amount0, uint256 amount1);
/// @notice Returns the position information associated with a given token ID.
/// @dev Throws if the token ID is not valid.
/// @param tokenId The ID of the token that represents the position
/// @return nonce The nonce for permits
/// @return operator The address that is approved for spending
/// @return token0 The address of the token0 for a specific pool
/// @return token1 The address of the token1 for a specific pool
/// @return fee The fee associated with the pool
/// @return tickLower The lower end of the tick range for the position
/// @return tickUpper The higher end of the tick range for the position
/// @return liquidity The liquidity of the position
/// @return feeGrowthInside0LastX128 The fee growth of token0 as of the last action on the individual position
/// @return feeGrowthInside1LastX128 The fee growth of token1 as of the last action on the individual position
/// @return tokensOwed0 The uncollected amount of token0 owed to the position as of the last computation
/// @return tokensOwed1 The uncollected amount of token1 owed to the position as of the last computation
function positions(uint256 tokenId)
external
view
returns (
uint96 nonce,
address operator,
address token0,
address token1,
uint24 fee,
int24 tickLower,
int24 tickUpper,
uint128 liquidity,
uint256 feeGrowthInside0LastX128,
uint256 feeGrowthInside1LastX128,
uint128 tokensOwed0,
uint128 tokensOwed1
);
struct MintParams {
address token0;
address token1;
uint24 fee;
int24 tickLower;
int24 tickUpper;
uint256 amount0Desired;
uint256 amount1Desired;
uint256 amount0Min;
uint256 amount1Min;
address recipient;
uint256 deadline;
}
/// @notice Creates a new position wrapped in a NFT
/// @dev Call this when the pool does exist and is initialized. Note that if the pool is created but not initialized
/// a method does not exist, i.e. the pool is assumed to be initialized.
/// @param params The params necessary to mint a position, encoded as `MintParams` in calldata
/// @return tokenId The ID of the token that represents the minted position
/// @return liquidity The amount of liquidity for this position
/// @return amount0 The amount of token0
/// @return amount1 The amount of token1
function mint(MintParams calldata params)
external
payable
returns (
uint256 tokenId,
uint128 liquidity,
uint256 amount0,
uint256 amount1
);
struct IncreaseLiquidityParams {
uint256 tokenId;
uint256 amount0Desired;
uint256 amount1Desired;
uint256 amount0Min;
uint256 amount1Min;
uint256 deadline;
}
/// @notice Increases the amount of liquidity in a position, with tokens paid by the `msg.sender`
/// @param params tokenId The ID of the token for which liquidity is being increased,
/// amount0Desired The desired amount of token0 to be spent,
/// amount1Desired The desired amount of token1 to be spent,
/// amount0Min The minimum amount of token0 to spend, which serves as a slippage check,
/// amount1Min The minimum amount of token1 to spend, which serves as a slippage check,
/// deadline The time by which the transaction must be included to effect the change
/// @return liquidity The new liquidity amount as a result of the increase
/// @return amount0 The amount of token0 to acheive resulting liquidity
/// @return amount1 The amount of token1 to acheive resulting liquidity
function increaseLiquidity(IncreaseLiquidityParams calldata params)
external
payable
returns (
uint128 liquidity,
uint256 amount0,
uint256 amount1
);
struct DecreaseLiquidityParams {
uint256 tokenId;
uint128 liquidity;
uint256 amount0Min;
uint256 amount1Min;
uint256 deadline;
}
/// @notice Decreases the amount of liquidity in a position and accounts it to the position
/// @param params tokenId The ID of the token for which liquidity is being decreased,
/// amount The amount by which liquidity will be decreased,
/// amount0Min The minimum amount of token0 that should be accounted for the burned liquidity,
/// amount1Min The minimum amount of token1 that should be accounted for the burned liquidity,
/// deadline The time by which the transaction must be included to effect the change
/// @return amount0 The amount of token0 accounted to the position's tokens owed
/// @return amount1 The amount of token1 accounted to the position's tokens owed
function decreaseLiquidity(DecreaseLiquidityParams calldata params)
external
payable
returns (uint256 amount0, uint256 amount1);
struct CollectParams {
uint256 tokenId;
address recipient;
uint128 amount0Max;
uint128 amount1Max;
}
/// @notice Collects up to a maximum amount of fees owed to a specific position to the recipient
/// @param params tokenId The ID of the NFT for which tokens are being collected,
/// recipient The account that should receive the tokens,
/// amount0Max The maximum amount of token0 to collect,
/// amount1Max The maximum amount of token1 to collect
/// @return amount0 The amount of fees collected in token0
/// @return amount1 The amount of fees collected in token1
function collect(CollectParams calldata params) external payable returns (uint256 amount0, uint256 amount1);
/// @notice Burns a token ID, which deletes it from the NFT contract. The token must have 0 liquidity and all tokens
/// must be collected first.
/// @param tokenId The ID of the token that is being burned
function burn(uint256 tokenId) external payable;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC-20 standard as defined in the ERC.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Provides functions for deriving a pool address from the factory, tokens, and the fee
library PoolAddress {
bytes32 internal constant POOL_INIT_CODE_HASH = 0xe34f199b19b2b4f47f68442619d555527d244f78a3297ea89325f843f87b8b54;
/// @notice The identifying key of the pool
struct PoolKey {
address token0;
address token1;
uint24 fee;
}
/// @notice Returns PoolKey: the ordered tokens with the matched fee levels
/// @param tokenA The first token of a pool, unsorted
/// @param tokenB The second token of a pool, unsorted
/// @param fee The fee level of the pool
/// @return Poolkey The pool details with ordered token0 and token1 assignments
function getPoolKey(address tokenA, address tokenB, uint24 fee) internal pure returns (PoolKey memory) {
if (tokenA > tokenB) (tokenA, tokenB) = (tokenB, tokenA);
return PoolKey({token0: tokenA, token1: tokenB, fee: fee});
}
/// @notice Deterministically computes the pool address given the factory and PoolKey
/// @param factory The Uniswap V3 factory contract address
/// @param key The PoolKey
/// @return pool The contract address of the V3 pool
function computeAddress(address factory, PoolKey memory key) internal pure returns (address pool) {
require(key.token0 < key.token1);
pool = address(
uint160(
uint256(
keccak256(
abi.encodePacked(
hex"ff",
factory,
keccak256(abi.encode(key.token0, key.token1, key.fee)),
POOL_INIT_CODE_HASH
)
)
)
)
);
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity ^0.8.0;
/// @title Math library for computing sqrt prices from ticks and vice versa
/// @notice Computes sqrt price for ticks of size 1.0001, i.e. sqrt(1.0001^tick) as fixed point Q64.96 numbers. Supports
/// prices between 2**-128 and 2**128
library TickMath {
error T();
error R();
/// @dev The minimum tick that may be passed to #getSqrtRatioAtTick computed from log base 1.0001 of 2**-128
int24 internal constant MIN_TICK = -887272;
/// @dev The maximum tick that may be passed to #getSqrtRatioAtTick computed from log base 1.0001 of 2**128
int24 internal constant MAX_TICK = -MIN_TICK;
/// @dev The minimum value that can be returned from #getSqrtRatioAtTick. Equivalent to getSqrtRatioAtTick(MIN_TICK)
uint160 internal constant MIN_SQRT_RATIO = 4295128739;
/// @dev The maximum value that can be returned from #getSqrtRatioAtTick. Equivalent to getSqrtRatioAtTick(MAX_TICK)
uint160 internal constant MAX_SQRT_RATIO = 1461446703485210103287273052203988822378723970342;
/// @notice Calculates sqrt(1.0001^tick) * 2^96
/// @dev Throws if |tick| > max tick
/// @param tick The input tick for the above formula
/// @return sqrtPriceX96 A Fixed point Q64.96 number representing the sqrt of the ratio of the two assets (token1/token0)
/// at the given tick
function getSqrtRatioAtTick(int24 tick) internal pure returns (uint160 sqrtPriceX96) {
unchecked {
uint256 absTick = tick < 0 ? uint256(-int256(tick)) : uint256(int256(tick));
if (absTick > uint256(int256(MAX_TICK))) revert T();
uint256 ratio = absTick & 0x1 != 0
? 0xfffcb933bd6fad37aa2d162d1a594001
: 0x100000000000000000000000000000000;
if (absTick & 0x2 != 0) ratio = (ratio * 0xfff97272373d413259a46990580e213a) >> 128;
if (absTick & 0x4 != 0) ratio = (ratio * 0xfff2e50f5f656932ef12357cf3c7fdcc) >> 128;
if (absTick & 0x8 != 0) ratio = (ratio * 0xffe5caca7e10e4e61c3624eaa0941cd0) >> 128;
if (absTick & 0x10 != 0) ratio = (ratio * 0xffcb9843d60f6159c9db58835c926644) >> 128;
if (absTick & 0x20 != 0) ratio = (ratio * 0xff973b41fa98c081472e6896dfb254c0) >> 128;
if (absTick & 0x40 != 0) ratio = (ratio * 0xff2ea16466c96a3843ec78b326b52861) >> 128;
if (absTick & 0x80 != 0) ratio = (ratio * 0xfe5dee046a99a2a811c461f1969c3053) >> 128;
if (absTick & 0x100 != 0) ratio = (ratio * 0xfcbe86c7900a88aedcffc83b479aa3a4) >> 128;
if (absTick & 0x200 != 0) ratio = (ratio * 0xf987a7253ac413176f2b074cf7815e54) >> 128;
if (absTick & 0x400 != 0) ratio = (ratio * 0xf3392b0822b70005940c7a398e4b70f3) >> 128;
if (absTick & 0x800 != 0) ratio = (ratio * 0xe7159475a2c29b7443b29c7fa6e889d9) >> 128;
if (absTick & 0x1000 != 0) ratio = (ratio * 0xd097f3bdfd2022b8845ad8f792aa5825) >> 128;
if (absTick & 0x2000 != 0) ratio = (ratio * 0xa9f746462d870fdf8a65dc1f90e061e5) >> 128;
if (absTick & 0x4000 != 0) ratio = (ratio * 0x70d869a156d2a1b890bb3df62baf32f7) >> 128;
if (absTick & 0x8000 != 0) ratio = (ratio * 0x31be135f97d08fd981231505542fcfa6) >> 128;
if (absTick & 0x10000 != 0) ratio = (ratio * 0x9aa508b5b7a84e1c677de54f3e99bc9) >> 128;
if (absTick & 0x20000 != 0) ratio = (ratio * 0x5d6af8dedb81196699c329225ee604) >> 128;
if (absTick & 0x40000 != 0) ratio = (ratio * 0x2216e584f5fa1ea926041bedfe98) >> 128;
if (absTick & 0x80000 != 0) ratio = (ratio * 0x48a170391f7dc42444e8fa2) >> 128;
if (tick > 0) ratio = type(uint256).max / ratio;
// this divides by 1<<32 rounding up to go from a Q128.128 to a Q128.96.
// we then downcast because we know the result always fits within 160 bits due to our tick input constraint
// we round up in the division so getTickAtSqrtRatio of the output price is always consistent
sqrtPriceX96 = uint160((ratio >> 32) + (ratio % (1 << 32) == 0 ? 0 : 1));
}
}
/// @notice Calculates the greatest tick value such that getRatioAtTick(tick) <= ratio
/// @dev Throws in case sqrtPriceX96 < MIN_SQRT_RATIO, as MIN_SQRT_RATIO is the lowest value getRatioAtTick may
/// ever return.
/// @param sqrtPriceX96 The sqrt ratio for which to compute the tick as a Q64.96
/// @return tick The greatest tick for which the ratio is less than or equal to the input ratio
function getTickAtSqrtRatio(uint160 sqrtPriceX96) internal pure returns (int24 tick) {
unchecked {
// second inequality must be < because the price can never reach the price at the max tick
if (!(sqrtPriceX96 >= MIN_SQRT_RATIO && sqrtPriceX96 < MAX_SQRT_RATIO)) revert R();
uint256 ratio = uint256(sqrtPriceX96) << 32;
uint256 r = ratio;
uint256 msb = 0;
assembly {
let f := shl(7, gt(r, 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := shl(6, gt(r, 0xFFFFFFFFFFFFFFFF))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := shl(5, gt(r, 0xFFFFFFFF))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := shl(4, gt(r, 0xFFFF))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := shl(3, gt(r, 0xFF))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := shl(2, gt(r, 0xF))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := shl(1, gt(r, 0x3))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := gt(r, 0x1)
msb := or(msb, f)
}
if (msb >= 128) r = ratio >> (msb - 127);
else r = ratio << (127 - msb);
int256 log_2 = (int256(msb) - 128) << 64;
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(63, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(62, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(61, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(60, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(59, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(58, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(57, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(56, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(55, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(54, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(53, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(52, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(51, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(50, f))
}
int256 log_sqrt10001 = log_2 * 255738958999603826347141; // 128.128 number
int24 tickLow = int24((log_sqrt10001 - 3402992956809132418596140100660247210) >> 128);
int24 tickHi = int24((log_sqrt10001 + 291339464771989622907027621153398088495) >> 128);
tick = tickLow == tickHi ? tickLow : getSqrtRatioAtTick(tickHi) <= sqrtPriceX96 ? tickHi : tickLow;
}
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
pragma abicoder v2;
import '@uniswap/v3-core/contracts/interfaces/callback/IUniswapV3SwapCallback.sol';
/// @title Router token swapping functionality
/// @notice Functions for swapping tokens via Uniswap V3
interface ISwapRouter is IUniswapV3SwapCallback {
struct ExactInputSingleParams {
address tokenIn;
address tokenOut;
uint24 fee;
address recipient;
uint256 deadline;
uint256 amountIn;
uint256 amountOutMinimum;
uint160 sqrtPriceLimitX96;
}
/// @notice Swaps `amountIn` of one token for as much as possible of another token
/// @param params The parameters necessary for the swap, encoded as `ExactInputSingleParams` in calldata
/// @return amountOut The amount of the received token
function exactInputSingle(ExactInputSingleParams calldata params) external payable returns (uint256 amountOut);
struct ExactInputParams {
bytes path;
address recipient;
uint256 deadline;
uint256 amountIn;
uint256 amountOutMinimum;
}
/// @notice Swaps `amountIn` of one token for as much as possible of another along the specified path
/// @param params The parameters necessary for the multi-hop swap, encoded as `ExactInputParams` in calldata
/// @return amountOut The amount of the received token
function exactInput(ExactInputParams calldata params) external payable returns (uint256 amountOut);
struct ExactOutputSingleParams {
address tokenIn;
address tokenOut;
uint24 fee;
address recipient;
uint256 deadline;
uint256 amountOut;
uint256 amountInMaximum;
uint160 sqrtPriceLimitX96;
}
/// @notice Swaps as little as possible of one token for `amountOut` of another token
/// @param params The parameters necessary for the swap, encoded as `ExactOutputSingleParams` in calldata
/// @return amountIn The amount of the input token
function exactOutputSingle(ExactOutputSingleParams calldata params) external payable returns (uint256 amountIn);
struct ExactOutputParams {
bytes path;
address recipient;
uint256 deadline;
uint256 amountOut;
uint256 amountInMaximum;
}
/// @notice Swaps as little as possible of one token for `amountOut` of another along the specified path (reversed)
/// @param params The parameters necessary for the multi-hop swap, encoded as `ExactOutputParams` in calldata
/// @return amountIn The amount of the input token
function exactOutput(ExactOutputParams calldata params) external payable returns (uint256 amountIn);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/IERC721.sol)
pragma solidity ^0.8.20;
import {IERC165} from "../../utils/introspection/IERC165.sol";
/**
* @dev Required interface of an ERC-721 compliant contract.
*/
interface IERC721 is IERC165 {
/**
* @dev Emitted when `tokenId` token is transferred from `from` to `to`.
*/
event Transfer(address indexed from, address indexed to, uint256 indexed tokenId);
/**
* @dev Emitted when `owner` enables `approved` to manage the `tokenId` token.
*/
event Approval(address indexed owner, address indexed approved, uint256 indexed tokenId);
/**
* @dev Emitted when `owner` enables or disables (`approved`) `operator` to manage all of its assets.
*/
event ApprovalForAll(address indexed owner, address indexed operator, bool approved);
/**
* @dev Returns the number of tokens in ``owner``'s account.
*/
function balanceOf(address owner) external view returns (uint256 balance);
/**
* @dev Returns the owner of the `tokenId` token.
*
* Requirements:
*
* - `tokenId` must exist.
*/
function ownerOf(uint256 tokenId) external view returns (address owner);
/**
* @dev Safely transfers `tokenId` token from `from` to `to`.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must exist and be owned by `from`.
* - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon
* a safe transfer.
*
* Emits a {Transfer} event.
*/
function safeTransferFrom(address from, address to, uint256 tokenId, bytes calldata data) external;
/**
* @dev Safely transfers `tokenId` token from `from` to `to`, checking first that contract recipients
* are aware of the ERC-721 protocol to prevent tokens from being forever locked.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must exist and be owned by `from`.
* - If the caller is not `from`, it must have been allowed to move this token by either {approve} or
* {setApprovalForAll}.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon
* a safe transfer.
*
* Emits a {Transfer} event.
*/
function safeTransferFrom(address from, address to, uint256 tokenId) external;
/**
* @dev Transfers `tokenId` token from `from` to `to`.
*
* WARNING: Note that the caller is responsible to confirm that the recipient is capable of receiving ERC-721
* or else they may be permanently lost. Usage of {safeTransferFrom} prevents loss, though the caller must
* understand this adds an external call which potentially creates a reentrancy vulnerability.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must be owned by `from`.
* - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 tokenId) external;
/**
* @dev Gives permission to `to` to transfer `tokenId` token to another account.
* The approval is cleared when the token is transferred.
*
* Only a single account can be approved at a time, so approving the zero address clears previous approvals.
*
* Requirements:
*
* - The caller must own the token or be an approved operator.
* - `tokenId` must exist.
*
* Emits an {Approval} event.
*/
function approve(address to, uint256 tokenId) external;
/**
* @dev Approve or remove `operator` as an operator for the caller.
* Operators can call {transferFrom} or {safeTransferFrom} for any token owned by the caller.
*
* Requirements:
*
* - The `operator` cannot be the address zero.
*
* Emits an {ApprovalForAll} event.
*/
function setApprovalForAll(address operator, bool approved) external;
/**
* @dev Returns the account approved for `tokenId` token.
*
* Requirements:
*
* - `tokenId` must exist.
*/
function getApproved(uint256 tokenId) external view returns (address operator);
/**
* @dev Returns if the `operator` is allowed to manage all of the assets of `owner`.
*
* See {setApprovalForAll}
*/
function isApprovedForAll(address owner, address operator) external view returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC721/extensions/IERC721Metadata.sol)
pragma solidity ^0.8.20;
import {IERC721} from "../IERC721.sol";
/**
* @title ERC-721 Non-Fungible Token Standard, optional metadata extension
* @dev See https://eips.ethereum.org/EIPS/eip-721
*/
interface IERC721Metadata is IERC721 {
/**
* @dev Returns the token collection name.
*/
function name() external view returns (string memory);
/**
* @dev Returns the token collection symbol.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the Uniform Resource Identifier (URI) for `tokenId` token.
*/
function tokenURI(uint256 tokenId) external view returns (string memory);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/utils/ERC721Utils.sol)
pragma solidity ^0.8.20;
import {IERC721Receiver} from "../IERC721Receiver.sol";
import {IERC721Errors} from "../../../interfaces/draft-IERC6093.sol";
/**
* @dev Library that provide common ERC-721 utility functions.
*
* See https://eips.ethereum.org/EIPS/eip-721[ERC-721].
*
* _Available since v5.1._
*/
library ERC721Utils {
/**
* @dev Performs an acceptance check for the provided `operator` by calling {IERC721-onERC721Received}
* on the `to` address. The `operator` is generally the address that initiated the token transfer (i.e. `msg.sender`).
*
* The acceptance call is not executed and treated as a no-op if the target address doesn't contain code (i.e. an EOA).
* Otherwise, the recipient must implement {IERC721Receiver-onERC721Received} and return the acceptance magic value to accept
* the transfer.
*/
function checkOnERC721Received(
address operator,
address from,
address to,
uint256 tokenId,
bytes memory data
) internal {
if (to.code.length > 0) {
try IERC721Receiver(to).onERC721Received(operator, from, tokenId, data) returns (bytes4 retval) {
if (retval != IERC721Receiver.onERC721Received.selector) {
// Token rejected
revert IERC721Errors.ERC721InvalidReceiver(to);
}
} catch (bytes memory reason) {
if (reason.length == 0) {
// non-IERC721Receiver implementer
revert IERC721Errors.ERC721InvalidReceiver(to);
} else {
assembly ("memory-safe") {
revert(add(32, reason), mload(reason))
}
}
}
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Strings.sol)
pragma solidity ^0.8.20;
import {Math} from "./math/Math.sol";
import {SignedMath} from "./math/SignedMath.sol";
/**
* @dev String operations.
*/
library Strings {
bytes16 private constant HEX_DIGITS = "0123456789abcdef";
uint8 private constant ADDRESS_LENGTH = 20;
/**
* @dev The `value` string doesn't fit in the specified `length`.
*/
error StringsInsufficientHexLength(uint256 value, uint256 length);
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/
function toString(uint256 value) internal pure returns (string memory) {
unchecked {
uint256 length = Math.log10(value) + 1;
string memory buffer = new string(length);
uint256 ptr;
assembly ("memory-safe") {
ptr := add(buffer, add(32, length))
}
while (true) {
ptr--;
assembly ("memory-safe") {
mstore8(ptr, byte(mod(value, 10), HEX_DIGITS))
}
value /= 10;
if (value == 0) break;
}
return buffer;
}
}
/**
* @dev Converts a `int256` to its ASCII `string` decimal representation.
*/
function toStringSigned(int256 value) internal pure returns (string memory) {
return string.concat(value < 0 ? "-" : "", toString(SignedMath.abs(value)));
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/
function toHexString(uint256 value) internal pure returns (string memory) {
unchecked {
return toHexString(value, Math.log256(value) + 1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
uint256 localValue = value;
bytes memory buffer = new bytes(2 * length + 2);
buffer[0] = "0";
buffer[1] = "x";
for (uint256 i = 2 * length + 1; i > 1; --i) {
buffer[i] = HEX_DIGITS[localValue & 0xf];
localValue >>= 4;
}
if (localValue != 0) {
revert StringsInsufficientHexLength(value, length);
}
return string(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal
* representation.
*/
function toHexString(address addr) internal pure returns (string memory) {
return toHexString(uint256(uint160(addr)), ADDRESS_LENGTH);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its checksummed ASCII `string` hexadecimal
* representation, according to EIP-55.
*/
function toChecksumHexString(address addr) internal pure returns (string memory) {
bytes memory buffer = bytes(toHexString(addr));
// hash the hex part of buffer (skip length + 2 bytes, length 40)
uint256 hashValue;
assembly ("memory-safe") {
hashValue := shr(96, keccak256(add(buffer, 0x22), 40))
}
for (uint256 i = 41; i > 1; --i) {
// possible values for buffer[i] are 48 (0) to 57 (9) and 97 (a) to 102 (f)
if (hashValue & 0xf > 7 && uint8(buffer[i]) > 96) {
// case shift by xoring with 0x20
buffer[i] ^= 0x20;
}
hashValue >>= 4;
}
return string(buffer);
}
/**
* @dev Returns true if the two strings are equal.
*/
function equal(string memory a, string memory b) internal pure returns (bool) {
return bytes(a).length == bytes(b).length && keccak256(bytes(a)) == keccak256(bytes(b));
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/introspection/ERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "./IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC-165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*/
abstract contract ERC165 is IERC165 {
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (interfaces/draft-IERC6093.sol)
pragma solidity ^0.8.20;
/**
* @dev Standard ERC-20 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-20 tokens.
*/
interface IERC20Errors {
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
*/
error ERC20InsufficientBalance(address sender, uint256 balance, uint256 needed);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC20InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC20InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `spender`’s `allowance`. Used in transfers.
* @param spender Address that may be allowed to operate on tokens without being their owner.
* @param allowance Amount of tokens a `spender` is allowed to operate with.
* @param needed Minimum amount required to perform a transfer.
*/
error ERC20InsufficientAllowance(address spender, uint256 allowance, uint256 needed);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC20InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `spender` to be approved. Used in approvals.
* @param spender Address that may be allowed to operate on tokens without being their owner.
*/
error ERC20InvalidSpender(address spender);
}
/**
* @dev Standard ERC-721 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-721 tokens.
*/
interface IERC721Errors {
/**
* @dev Indicates that an address can't be an owner. For example, `address(0)` is a forbidden owner in ERC-20.
* Used in balance queries.
* @param owner Address of the current owner of a token.
*/
error ERC721InvalidOwner(address owner);
/**
* @dev Indicates a `tokenId` whose `owner` is the zero address.
* @param tokenId Identifier number of a token.
*/
error ERC721NonexistentToken(uint256 tokenId);
/**
* @dev Indicates an error related to the ownership over a particular token. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param tokenId Identifier number of a token.
* @param owner Address of the current owner of a token.
*/
error ERC721IncorrectOwner(address sender, uint256 tokenId, address owner);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC721InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC721InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param tokenId Identifier number of a token.
*/
error ERC721InsufficientApproval(address operator, uint256 tokenId);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC721InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/
error ERC721InvalidOperator(address operator);
}
/**
* @dev Standard ERC-1155 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-1155 tokens.
*/
interface IERC1155Errors {
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
* @param tokenId Identifier number of a token.
*/
error ERC1155InsufficientBalance(address sender, uint256 balance, uint256 needed, uint256 tokenId);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC1155InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC1155InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param owner Address of the current owner of a token.
*/
error ERC1155MissingApprovalForAll(address operator, address owner);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC1155InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/
error ERC1155InvalidOperator(address operator);
/**
* @dev Indicates an array length mismatch between ids and values in a safeBatchTransferFrom operation.
* Used in batch transfers.
* @param idsLength Length of the array of token identifiers
* @param valuesLength Length of the array of token amounts
*/
error ERC1155InvalidArrayLength(uint256 idsLength, uint256 valuesLength);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (interfaces/IERC1363.sol)
pragma solidity ^0.8.20;
import {IERC20} from "./IERC20.sol";
import {IERC165} from "./IERC165.sol";
/**
* @title IERC1363
* @dev Interface of the ERC-1363 standard as defined in the https://eips.ethereum.org/EIPS/eip-1363[ERC-1363].
*
* Defines an extension interface for ERC-20 tokens that supports executing code on a recipient contract
* after `transfer` or `transferFrom`, or code on a spender contract after `approve`, in a single transaction.
*/
interface IERC1363 is IERC20, IERC165 {
/*
* Note: the ERC-165 identifier for this interface is 0xb0202a11.
* 0xb0202a11 ===
* bytes4(keccak256('transferAndCall(address,uint256)')) ^
* bytes4(keccak256('transferAndCall(address,uint256,bytes)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256,bytes)')) ^
* bytes4(keccak256('approveAndCall(address,uint256)')) ^
* bytes4(keccak256('approveAndCall(address,uint256,bytes)'))
*/
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @param data Additional data with no specified format, sent in call to `spender`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value, bytes calldata data) external returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Address.sol)
pragma solidity ^0.8.20;
import {Errors} from "./Errors.sol";
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev There's no code at `target` (it is not a contract).
*/
error AddressEmptyCode(address target);
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
if (address(this).balance < amount) {
revert Errors.InsufficientBalance(address(this).balance, amount);
}
(bool success, ) = recipient.call{value: amount}("");
if (!success) {
revert Errors.FailedCall();
}
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason or custom error, it is bubbled
* up by this function (like regular Solidity function calls). However, if
* the call reverted with no returned reason, this function reverts with a
* {Errors.FailedCall} error.
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
if (address(this).balance < value) {
revert Errors.InsufficientBalance(address(this).balance, value);
}
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target
* was not a contract or bubbling up the revert reason (falling back to {Errors.FailedCall}) in case
* of an unsuccessful call.
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata
) internal view returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
// only check if target is a contract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
if (returndata.length == 0 && target.code.length == 0) {
revert AddressEmptyCode(target);
}
return returndata;
}
}
/**
* @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the
* revert reason or with a default {Errors.FailedCall} error.
*/
function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
return returndata;
}
}
/**
* @dev Reverts with returndata if present. Otherwise reverts with {Errors.FailedCall}.
*/
function _revert(bytes memory returndata) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
assembly ("memory-safe") {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert Errors.FailedCall();
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "./IERC20.sol";
import {IERC20Metadata} from "./extensions/IERC20Metadata.sol";
import {Context} from "../../utils/Context.sol";
import {IERC20Errors} from "../../interfaces/draft-IERC6093.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* The default value of {decimals} is 18. To change this, you should override
* this function so it returns a different value.
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC-20
* applications.
*/
abstract contract ERC20 is Context, IERC20, IERC20Metadata, IERC20Errors {
mapping(address account => uint256) private _balances;
mapping(address account => mapping(address spender => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the default value returned by this function, unless
* it's overridden.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `value`.
*/
function transfer(address to, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_transfer(owner, to, value);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `value` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, value);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Skips emitting an {Approval} event indicating an allowance update. This is not
* required by the ERC. See {xref-ERC20-_approve-address-address-uint256-bool-}[_approve].
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `value`.
* - the caller must have allowance for ``from``'s tokens of at least
* `value`.
*/
function transferFrom(address from, address to, uint256 value) public virtual returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, value);
_transfer(from, to, value);
return true;
}
/**
* @dev Moves a `value` amount of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _transfer(address from, address to, uint256 value) internal {
if (from == address(0)) {
revert ERC20InvalidSender(address(0));
}
if (to == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(from, to, value);
}
/**
* @dev Transfers a `value` amount of tokens from `from` to `to`, or alternatively mints (or burns) if `from`
* (or `to`) is the zero address. All customizations to transfers, mints, and burns should be done by overriding
* this function.
*
* Emits a {Transfer} event.
*/
function _update(address from, address to, uint256 value) internal virtual {
if (from == address(0)) {
// Overflow check required: The rest of the code assumes that totalSupply never overflows
_totalSupply += value;
} else {
uint256 fromBalance = _balances[from];
if (fromBalance < value) {
revert ERC20InsufficientBalance(from, fromBalance, value);
}
unchecked {
// Overflow not possible: value <= fromBalance <= totalSupply.
_balances[from] = fromBalance - value;
}
}
if (to == address(0)) {
unchecked {
// Overflow not possible: value <= totalSupply or value <= fromBalance <= totalSupply.
_totalSupply -= value;
}
} else {
unchecked {
// Overflow not possible: balance + value is at most totalSupply, which we know fits into a uint256.
_balances[to] += value;
}
}
emit Transfer(from, to, value);
}
/**
* @dev Creates a `value` amount of tokens and assigns them to `account`, by transferring it from address(0).
* Relies on the `_update` mechanism
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _mint(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(address(0), account, value);
}
/**
* @dev Destroys a `value` amount of tokens from `account`, lowering the total supply.
* Relies on the `_update` mechanism.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead
*/
function _burn(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidSender(address(0));
}
_update(account, address(0), value);
}
/**
* @dev Sets `value` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*
* Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
*/
function _approve(address owner, address spender, uint256 value) internal {
_approve(owner, spender, value, true);
}
/**
* @dev Variant of {_approve} with an optional flag to enable or disable the {Approval} event.
*
* By default (when calling {_approve}) the flag is set to true. On the other hand, approval changes made by
* `_spendAllowance` during the `transferFrom` operation set the flag to false. This saves gas by not emitting any
* `Approval` event during `transferFrom` operations.
*
* Anyone who wishes to continue emitting `Approval` events on the`transferFrom` operation can force the flag to
* true using the following override:
*
* ```solidity
* function _approve(address owner, address spender, uint256 value, bool) internal virtual override {
* super._approve(owner, spender, value, true);
* }
* ```
*
* Requirements are the same as {_approve}.
*/
function _approve(address owner, address spender, uint256 value, bool emitEvent) internal virtual {
if (owner == address(0)) {
revert ERC20InvalidApprover(address(0));
}
if (spender == address(0)) {
revert ERC20InvalidSpender(address(0));
}
_allowances[owner][spender] = value;
if (emitEvent) {
emit Approval(owner, spender, value);
}
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `value`.
*
* Does not update the allowance value in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Does not emit an {Approval} event.
*/
function _spendAllowance(address owner, address spender, uint256 value) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
if (currentAllowance < value) {
revert ERC20InsufficientAllowance(spender, currentAllowance, value);
}
unchecked {
_approve(owner, spender, currentAllowance - value, false);
}
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/Math.sol)
pragma solidity ^0.8.20;
import {Panic} from "../Panic.sol";
import {SafeCast} from "./SafeCast.sol";
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
enum Rounding {
Floor, // Toward negative infinity
Ceil, // Toward positive infinity
Trunc, // Toward zero
Expand // Away from zero
}
/**
* @dev Returns the addition of two unsigned integers, with an success flag (no overflow).
*/
function tryAdd(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
uint256 c = a + b;
if (c < a) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with an success flag (no overflow).
*/
function trySub(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
if (b > a) return (false, 0);
return (true, a - b);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with an success flag (no overflow).
*/
function tryMul(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) return (true, 0);
uint256 c = a * b;
if (c / a != b) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the division of two unsigned integers, with a success flag (no division by zero).
*/
function tryDiv(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
if (b == 0) return (false, 0);
return (true, a / b);
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a success flag (no division by zero).
*/
function tryMod(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
if (b == 0) return (false, 0);
return (true, a % b);
}
}
/**
* @dev Branchless ternary evaluation for `a ? b : c`. Gas costs are constant.
*
* IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone.
* However, the compiler may optimize Solidity ternary operations (i.e. `a ? b : c`) to only compute
* one branch when needed, making this function more expensive.
*/
function ternary(bool condition, uint256 a, uint256 b) internal pure returns (uint256) {
unchecked {
// branchless ternary works because:
// b ^ (a ^ b) == a
// b ^ 0 == b
return b ^ ((a ^ b) * SafeCast.toUint(condition));
}
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return ternary(a > b, a, b);
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return ternary(a < b, a, b);
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds towards infinity instead
* of rounding towards zero.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
if (b == 0) {
// Guarantee the same behavior as in a regular Solidity division.
Panic.panic(Panic.DIVISION_BY_ZERO);
}
// The following calculation ensures accurate ceiling division without overflow.
// Since a is non-zero, (a - 1) / b will not overflow.
// The largest possible result occurs when (a - 1) / b is type(uint256).max,
// but the largest value we can obtain is type(uint256).max - 1, which happens
// when a = type(uint256).max and b = 1.
unchecked {
return SafeCast.toUint(a > 0) * ((a - 1) / b + 1);
}
}
/**
* @dev Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
* denominator == 0.
*
* Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
* Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2²⁵⁶ and mod 2²⁵⁶ - 1, then use
// the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2²⁵⁶ + prod0.
uint256 prod0 = x * y; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return prod0 / denominator;
}
// Make sure the result is less than 2²⁵⁶. Also prevents denominator == 0.
if (denominator <= prod1) {
Panic.panic(ternary(denominator == 0, Panic.DIVISION_BY_ZERO, Panic.UNDER_OVERFLOW));
}
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator.
// Always >= 1. See https://cs.stackexchange.com/q/138556/92363.
uint256 twos = denominator & (0 - denominator);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2²⁵⁶ / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2²⁵⁶. Now that denominator is an odd number, it has an inverse modulo 2²⁵⁶ such
// that denominator * inv ≡ 1 mod 2²⁵⁶. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv ≡ 1 mod 2⁴.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
// works in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2⁸
inverse *= 2 - denominator * inverse; // inverse mod 2¹⁶
inverse *= 2 - denominator * inverse; // inverse mod 2³²
inverse *= 2 - denominator * inverse; // inverse mod 2⁶⁴
inverse *= 2 - denominator * inverse; // inverse mod 2¹²⁸
inverse *= 2 - denominator * inverse; // inverse mod 2²⁵⁶
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2²⁵⁶. Since the preconditions guarantee that the outcome is
// less than 2²⁵⁶, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @dev Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
return mulDiv(x, y, denominator) + SafeCast.toUint(unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0);
}
/**
* @dev Calculate the modular multiplicative inverse of a number in Z/nZ.
*
* If n is a prime, then Z/nZ is a field. In that case all elements are inversible, except 0.
* If n is not a prime, then Z/nZ is not a field, and some elements might not be inversible.
*
* If the input value is not inversible, 0 is returned.
*
* NOTE: If you know for sure that n is (big) a prime, it may be cheaper to use Fermat's little theorem and get the
* inverse using `Math.modExp(a, n - 2, n)`. See {invModPrime}.
*/
function invMod(uint256 a, uint256 n) internal pure returns (uint256) {
unchecked {
if (n == 0) return 0;
// The inverse modulo is calculated using the Extended Euclidean Algorithm (iterative version)
// Used to compute integers x and y such that: ax + ny = gcd(a, n).
// When the gcd is 1, then the inverse of a modulo n exists and it's x.
// ax + ny = 1
// ax = 1 + (-y)n
// ax ≡ 1 (mod n) # x is the inverse of a modulo n
// If the remainder is 0 the gcd is n right away.
uint256 remainder = a % n;
uint256 gcd = n;
// Therefore the initial coefficients are:
// ax + ny = gcd(a, n) = n
// 0a + 1n = n
int256 x = 0;
int256 y = 1;
while (remainder != 0) {
uint256 quotient = gcd / remainder;
(gcd, remainder) = (
// The old remainder is the next gcd to try.
remainder,
// Compute the next remainder.
// Can't overflow given that (a % gcd) * (gcd // (a % gcd)) <= gcd
// where gcd is at most n (capped to type(uint256).max)
gcd - remainder * quotient
);
(x, y) = (
// Increment the coefficient of a.
y,
// Decrement the coefficient of n.
// Can overflow, but the result is casted to uint256 so that the
// next value of y is "wrapped around" to a value between 0 and n - 1.
x - y * int256(quotient)
);
}
if (gcd != 1) return 0; // No inverse exists.
return ternary(x < 0, n - uint256(-x), uint256(x)); // Wrap the result if it's negative.
}
}
/**
* @dev Variant of {invMod}. More efficient, but only works if `p` is known to be a prime greater than `2`.
*
* From https://en.wikipedia.org/wiki/Fermat%27s_little_theorem[Fermat's little theorem], we know that if p is
* prime, then `a**(p-1) ≡ 1 mod p`. As a consequence, we have `a * a**(p-2) ≡ 1 mod p`, which means that
* `a**(p-2)` is the modular multiplicative inverse of a in Fp.
*
* NOTE: this function does NOT check that `p` is a prime greater than `2`.
*/
function invModPrime(uint256 a, uint256 p) internal view returns (uint256) {
unchecked {
return Math.modExp(a, p - 2, p);
}
}
/**
* @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m)
*
* Requirements:
* - modulus can't be zero
* - underlying staticcall to precompile must succeed
*
* IMPORTANT: The result is only valid if the underlying call succeeds. When using this function, make
* sure the chain you're using it on supports the precompiled contract for modular exponentiation
* at address 0x05 as specified in https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise,
* the underlying function will succeed given the lack of a revert, but the result may be incorrectly
* interpreted as 0.
*/
function modExp(uint256 b, uint256 e, uint256 m) internal view returns (uint256) {
(bool success, uint256 result) = tryModExp(b, e, m);
if (!success) {
Panic.panic(Panic.DIVISION_BY_ZERO);
}
return result;
}
/**
* @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m).
* It includes a success flag indicating if the operation succeeded. Operation will be marked as failed if trying
* to operate modulo 0 or if the underlying precompile reverted.
*
* IMPORTANT: The result is only valid if the success flag is true. When using this function, make sure the chain
* you're using it on supports the precompiled contract for modular exponentiation at address 0x05 as specified in
* https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise, the underlying function will succeed given the lack
* of a revert, but the result may be incorrectly interpreted as 0.
*/
function tryModExp(uint256 b, uint256 e, uint256 m) internal view returns (bool success, uint256 result) {
if (m == 0) return (false, 0);
assembly ("memory-safe") {
let ptr := mload(0x40)
// | Offset | Content | Content (Hex) |
// |-----------|------------|--------------------------------------------------------------------|
// | 0x00:0x1f | size of b | 0x0000000000000000000000000000000000000000000000000000000000000020 |
// | 0x20:0x3f | size of e | 0x0000000000000000000000000000000000000000000000000000000000000020 |
// | 0x40:0x5f | size of m | 0x0000000000000000000000000000000000000000000000000000000000000020 |
// | 0x60:0x7f | value of b | 0x<.............................................................b> |
// | 0x80:0x9f | value of e | 0x<.............................................................e> |
// | 0xa0:0xbf | value of m | 0x<.............................................................m> |
mstore(ptr, 0x20)
mstore(add(ptr, 0x20), 0x20)
mstore(add(ptr, 0x40), 0x20)
mstore(add(ptr, 0x60), b)
mstore(add(ptr, 0x80), e)
mstore(add(ptr, 0xa0), m)
// Given the result < m, it's guaranteed to fit in 32 bytes,
// so we can use the memory scratch space located at offset 0.
success := staticcall(gas(), 0x05, ptr, 0xc0, 0x00, 0x20)
result := mload(0x00)
}
}
/**
* @dev Variant of {modExp} that supports inputs of arbitrary length.
*/
function modExp(bytes memory b, bytes memory e, bytes memory m) internal view returns (bytes memory) {
(bool success, bytes memory result) = tryModExp(b, e, m);
if (!success) {
Panic.panic(Panic.DIVISION_BY_ZERO);
}
return result;
}
/**
* @dev Variant of {tryModExp} that supports inputs of arbitrary length.
*/
function tryModExp(
bytes memory b,
bytes memory e,
bytes memory m
) internal view returns (bool success, bytes memory result) {
if (_zeroBytes(m)) return (false, new bytes(0));
uint256 mLen = m.length;
// Encode call args in result and move the free memory pointer
result = abi.encodePacked(b.length, e.length, mLen, b, e, m);
assembly ("memory-safe") {
let dataPtr := add(result, 0x20)
// Write result on top of args to avoid allocating extra memory.
success := staticcall(gas(), 0x05, dataPtr, mload(result), dataPtr, mLen)
// Overwrite the length.
// result.length > returndatasize() is guaranteed because returndatasize() == m.length
mstore(result, mLen)
// Set the memory pointer after the returned data.
mstore(0x40, add(dataPtr, mLen))
}
}
/**
* @dev Returns whether the provided byte array is zero.
*/
function _zeroBytes(bytes memory byteArray) private pure returns (bool) {
for (uint256 i = 0; i < byteArray.length; ++i) {
if (byteArray[i] != 0) {
return false;
}
}
return true;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded
* towards zero.
*
* This method is based on Newton's method for computing square roots; the algorithm is restricted to only
* using integer operations.
*/
function sqrt(uint256 a) internal pure returns (uint256) {
unchecked {
// Take care of easy edge cases when a == 0 or a == 1
if (a <= 1) {
return a;
}
// In this function, we use Newton's method to get a root of `f(x) := x² - a`. It involves building a
// sequence x_n that converges toward sqrt(a). For each iteration x_n, we also define the error between
// the current value as `ε_n = | x_n - sqrt(a) |`.
//
// For our first estimation, we consider `e` the smallest power of 2 which is bigger than the square root
// of the target. (i.e. `2**(e-1) ≤ sqrt(a) < 2**e`). We know that `e ≤ 128` because `(2¹²⁸)² = 2²⁵⁶` is
// bigger than any uint256.
//
// By noticing that
// `2**(e-1) ≤ sqrt(a) < 2**e → (2**(e-1))² ≤ a < (2**e)² → 2**(2*e-2) ≤ a < 2**(2*e)`
// we can deduce that `e - 1` is `log2(a) / 2`. We can thus compute `x_n = 2**(e-1)` using a method similar
// to the msb function.
uint256 aa = a;
uint256 xn = 1;
if (aa >= (1 << 128)) {
aa >>= 128;
xn <<= 64;
}
if (aa >= (1 << 64)) {
aa >>= 64;
xn <<= 32;
}
if (aa >= (1 << 32)) {
aa >>= 32;
xn <<= 16;
}
if (aa >= (1 << 16)) {
aa >>= 16;
xn <<= 8;
}
if (aa >= (1 << 8)) {
aa >>= 8;
xn <<= 4;
}
if (aa >= (1 << 4)) {
aa >>= 4;
xn <<= 2;
}
if (aa >= (1 << 2)) {
xn <<= 1;
}
// We now have x_n such that `x_n = 2**(e-1) ≤ sqrt(a) < 2**e = 2 * x_n`. This implies ε_n ≤ 2**(e-1).
//
// We can refine our estimation by noticing that the middle of that interval minimizes the error.
// If we move x_n to equal 2**(e-1) + 2**(e-2), then we reduce the error to ε_n ≤ 2**(e-2).
// This is going to be our x_0 (and ε_0)
xn = (3 * xn) >> 1; // ε_0 := | x_0 - sqrt(a) | ≤ 2**(e-2)
// From here, Newton's method give us:
// x_{n+1} = (x_n + a / x_n) / 2
//
// One should note that:
// x_{n+1}² - a = ((x_n + a / x_n) / 2)² - a
// = ((x_n² + a) / (2 * x_n))² - a
// = (x_n⁴ + 2 * a * x_n² + a²) / (4 * x_n²) - a
// = (x_n⁴ + 2 * a * x_n² + a² - 4 * a * x_n²) / (4 * x_n²)
// = (x_n⁴ - 2 * a * x_n² + a²) / (4 * x_n²)
// = (x_n² - a)² / (2 * x_n)²
// = ((x_n² - a) / (2 * x_n))²
// ≥ 0
// Which proves that for all n ≥ 1, sqrt(a) ≤ x_n
//
// This gives us the proof of quadratic convergence of the sequence:
// ε_{n+1} = | x_{n+1} - sqrt(a) |
// = | (x_n + a / x_n) / 2 - sqrt(a) |
// = | (x_n² + a - 2*x_n*sqrt(a)) / (2 * x_n) |
// = | (x_n - sqrt(a))² / (2 * x_n) |
// = | ε_n² / (2 * x_n) |
// = ε_n² / | (2 * x_n) |
//
// For the first iteration, we have a special case where x_0 is known:
// ε_1 = ε_0² / | (2 * x_0) |
// ≤ (2**(e-2))² / (2 * (2**(e-1) + 2**(e-2)))
// ≤ 2**(2*e-4) / (3 * 2**(e-1))
// ≤ 2**(e-3) / 3
// ≤ 2**(e-3-log2(3))
// ≤ 2**(e-4.5)
//
// For the following iterations, we use the fact that, 2**(e-1) ≤ sqrt(a) ≤ x_n:
// ε_{n+1} = ε_n² / | (2 * x_n) |
// ≤ (2**(e-k))² / (2 * 2**(e-1))
// ≤ 2**(2*e-2*k) / 2**e
// ≤ 2**(e-2*k)
xn = (xn + a / xn) >> 1; // ε_1 := | x_1 - sqrt(a) | ≤ 2**(e-4.5) -- special case, see above
xn = (xn + a / xn) >> 1; // ε_2 := | x_2 - sqrt(a) | ≤ 2**(e-9) -- general case with k = 4.5
xn = (xn + a / xn) >> 1; // ε_3 := | x_3 - sqrt(a) | ≤ 2**(e-18) -- general case with k = 9
xn = (xn + a / xn) >> 1; // ε_4 := | x_4 - sqrt(a) | ≤ 2**(e-36) -- general case with k = 18
xn = (xn + a / xn) >> 1; // ε_5 := | x_5 - sqrt(a) | ≤ 2**(e-72) -- general case with k = 36
xn = (xn + a / xn) >> 1; // ε_6 := | x_6 - sqrt(a) | ≤ 2**(e-144) -- general case with k = 72
// Because e ≤ 128 (as discussed during the first estimation phase), we know have reached a precision
// ε_6 ≤ 2**(e-144) < 1. Given we're operating on integers, then we can ensure that xn is now either
// sqrt(a) or sqrt(a) + 1.
return xn - SafeCast.toUint(xn > a / xn);
}
}
/**
* @dev Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && result * result < a);
}
}
/**
* @dev Return the log in base 2 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
uint256 exp;
unchecked {
exp = 128 * SafeCast.toUint(value > (1 << 128) - 1);
value >>= exp;
result += exp;
exp = 64 * SafeCast.toUint(value > (1 << 64) - 1);
value >>= exp;
result += exp;
exp = 32 * SafeCast.toUint(value > (1 << 32) - 1);
value >>= exp;
result += exp;
exp = 16 * SafeCast.toUint(value > (1 << 16) - 1);
value >>= exp;
result += exp;
exp = 8 * SafeCast.toUint(value > (1 << 8) - 1);
value >>= exp;
result += exp;
exp = 4 * SafeCast.toUint(value > (1 << 4) - 1);
value >>= exp;
result += exp;
exp = 2 * SafeCast.toUint(value > (1 << 2) - 1);
value >>= exp;
result += exp;
result += SafeCast.toUint(value > 1);
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << result < value);
}
}
/**
* @dev Return the log in base 10 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 10 ** result < value);
}
}
/**
* @dev Return the log in base 256 of a positive value rounded towards zero.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
uint256 isGt;
unchecked {
isGt = SafeCast.toUint(value > (1 << 128) - 1);
value >>= isGt * 128;
result += isGt * 16;
isGt = SafeCast.toUint(value > (1 << 64) - 1);
value >>= isGt * 64;
result += isGt * 8;
isGt = SafeCast.toUint(value > (1 << 32) - 1);
value >>= isGt * 32;
result += isGt * 4;
isGt = SafeCast.toUint(value > (1 << 16) - 1);
value >>= isGt * 16;
result += isGt * 2;
result += SafeCast.toUint(value > (1 << 8) - 1);
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << (result << 3) < value);
}
}
/**
* @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.
*/
function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) {
return uint8(rounding) % 2 == 1;
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
import "@const/Constants.sol";
import {Time} from "@utils/Time.sol";
import {Errors} from "@utils/Errors.sol";
import {wdiv, wmul} from "@utils/Math.sol";
import {ShaolinMining} from "@core/Mining.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
struct CycleState {
uint256 totalShares; //< Total shares in the cycle.
uint256 available; //< Rewards per share for the cycle.
mapping(address user => uint256 shares) sharesOf; //< Shares of a user for a cycle
}
/**
* @title WBTCPool
* @dev Manages rewards distribution for WBTC staking cycles.
*/
contract WBTCPool is Errors {
using SafeERC20 for IERC20;
/// @notice Duration of each rewards cycle in days.
uint32 constant DURATION_PER_CYCLE = 28;
/// @notice Reference to the ShaolinMining contract.
ShaolinMining immutable mining;
/// @notice Reference to the WBTC ERC20 token contract.
IERC20 public immutable wbtc;
/// @notice The start timestamp of the contract.
uint32 public immutable startTimestamp;
/// @dev Mapping of cycle numbers to their respective cycle states.
mapping(uint32 cycle => CycleState) cycles;
/// @dev Tracks pending shares for users in specific cycles.
mapping(uint32 cycle => mapping(address _user => uint256)) public pendingShares;
/// @notice Emitted when shares are added for a user.
/// @param _user The address of the user.
/// @param _cycle The cycle for which the user deposited
/// @param additionalAmount The amount of shares added.
event SharesAdded(address indexed _user, uint32 indexed _cycle, uint256 indexed additionalAmount);
/// @notice Emitted when shares are added for a user.
/// @param _user The address of the user.
/// @param _cycle The cycle for which the user deposited
/// @param _claimed The amount of WBTC claimed.
event RewardClaimed(address indexed _user, uint32 indexed _cycle, uint256 indexed _claimed);
/// @notice Thrown when a function is called by an address other than the mining contract.
error WBTCPool__OnlyMining();
/// @notice Thrown when there are no rewards available to claim.
error WBTCPool__NothingToClaim();
error WBTCPool__CycleNotOver();
/**
* @dev Initializes the contract with the given parameters.
* @param _startTimestamp The timestamp when the contract starts.
* @param _wbtc The address of the WBTC token.
* @param _mining The address of the ShaolinMining contract.
*/
constructor(uint32 _startTimestamp, address _wbtc, address _mining) {
mining = ShaolinMining(payable(_mining));
wbtc = IERC20(_wbtc);
startTimestamp = _startTimestamp;
}
/// @dev Modifier to restrict access to the mining contract.
modifier onlyMining() {
_onlyMining();
_;
}
/**
* @notice Adds shares to a user for the current cycle.
* @param _user The address of the user.
* @param _amount The amount of shares to add.
*/
function addToShares(address _user, uint256 _amount) public onlyMining {
uint32 _currCycle = getCurrentCycle();
CycleState storage _cycle = cycles[_currCycle];
uint256 shares = _cycle.sharesOf[_user];
if (shares > 0) {
emit SharesAdded(_user, _currCycle, _amount);
_cycle.totalShares += _amount;
_cycle.sharesOf[_user] += _amount;
} else {
pendingShares[_currCycle][_user] += _amount;
uint256 total = pendingShares[_currCycle][_user];
if (total < MIN_SHAO_FOR_WBTC_POOL) return;
emit SharesAdded(_user, _currCycle, _amount);
_cycle.totalShares += total;
_cycle.sharesOf[_user] += total;
pendingShares[_currCycle][_user] = 0;
}
}
/**
* @notice Calculates the claimable rewards for a user in a specific cycle.
* @param _user The address of the user.
* @param _cycle The cycle number.
* @return The claimable rewards amount.
*/
function claimableAmount(address _user, uint32 _cycle) public view returns (uint256) {
CycleState storage _cycleState = cycles[_cycle];
uint256 shares = _cycleState.sharesOf[_user];
uint256 available;
if (_cycleState.totalShares == 0) return 0;
if (_cycle < getCurrentCycle()) available = _cycleState.available;
return (((shares * available) * WAD) / _cycleState.totalShares) / WAD;
}
/**
* @notice Calculates the total claimable rewards for a user across multiple cycles.
* @param _user The address of the user.
* @param _cycles The array of cycle numbers.
* @return total The total claimable rewards.
*/
function batchClaimableAmount(address _user, uint32[] calldata _cycles) external view returns (uint256 total) {
for (uint32 i; i < _cycles.length; i++) {
total += claimableAmount(_user, _cycles[i]);
}
}
/**
* @notice Claims rewards for a user across multiple cycles.
* @param _receiver The address to send the rewards to.
* @param _cycles The array of cycle numbers.
*/
function batchClaim(address _receiver, uint32[] calldata _cycles) external {
for (uint32 i; i < _cycles.length; i++) {
claim(_receiver, _cycles[i]);
}
}
/**
* @notice Claims rewards for a specific cycle and sends them to the receiver.
* @param _receiver The address to send the rewards to.
* @param _cycle The cycle number for which to claim rewards.
*/
function claim(address _receiver, uint32 _cycle) public notAddress0(_receiver) {
require(_cycle < getCurrentCycle(), WBTCPool__CycleNotOver());
CycleState storage _cycleState = cycles[_cycle];
uint256 amountToClaim = claimableAmount(msg.sender, _cycle);
require(amountToClaim > 0, WBTCPool__NothingToClaim());
_cycleState.sharesOf[msg.sender] = 0;
emit RewardClaimed(msg.sender, _cycle, amountToClaim);
wbtc.transfer(_receiver, amountToClaim);
}
/**
* @notice Distributes rewards to the current cycle.
* @param amount The amount of rewards to distribute.
*/
function distribute(uint256 amount) external notAmount0(amount) {
cycles[getCurrentCycle()].available += amount;
wbtc.safeTransferFrom(msg.sender, address(this), amount);
}
/**
* @dev Returns the current cycle number based on the current day.
* @return cycle The current cycle number.
*/
function getCurrentCycle() public view returns (uint32 cycle) {
uint32 currentDay = _getCurrentDay();
cycle = (currentDay / DURATION_PER_CYCLE) + 1;
}
function getAvailableForCycle(uint32 _cycle) external view returns (uint256 available) {
return cycles[_cycle].available;
}
function getShareOfUserForCycle(uint32 _cycle, address _user) public view returns (uint256 shares) {
return cycles[_cycle].sharesOf[_user];
}
/**
* @dev Returns the current day since the contract started.
* @return currentDay The current day.
*/
function _getCurrentDay() internal view returns (uint32 currentDay) {
if (startTimestamp > Time.blockTs()) return 1;
currentDay = Time.dayGap(startTimestamp, Time.blockTs()) + 1;
}
/**
* @dev Ensures that the caller is the mining contract.
*/
function _onlyMining() internal view {
require(msg.sender == address(mining), WBTCPool__OnlyMining());
}
}// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.27;
import "@const/Constants.sol";
import {Time} from "@utils/Time.sol";
import {wmul} from "@utils/Math.sol";
import {Errors} from "@utils/Errors.sol";
import {IERC20} from "@openzeppelin/contracts/interfaces/IERC20.sol";
import {EnumerableSet} from "@openzeppelin/contracts/utils/structs/EnumerableSet.sol";
import {VRFV2PlusClient} from "@chainlink/contracts/src/v0.8/vrf/dev/libraries/VRFV2PlusClient.sol";
import {VRFConsumerBaseV2Plus} from "@chainlink/contracts/src/v0.8/vrf/dev/VRFConsumerBaseV2Plus.sol";
/**
* @title WinnerRequest
* @notice Struct to track the state and details of a winner selection request
* @param upForGrabs The total rewards available for distribution at the time of the request
* @param fulfilled Boolean indicating whether the winner selection has been completed
*/
struct WinnerRequest {
uint256 upForGrabs;
bool fulfilled;
}
/**
* @title LamboPool
* @notice A decentralized mining pool contract that manages participants and distributes rewards using
* Chainlink VRF for fair winner selection
* @dev Implements VRFConsumerBaseV2Plus for secure randomness generation and inherits error definitions from Errors contract
* @custom:security-contact [email protected]
*/
contract LamboPool is VRFConsumerBaseV2Plus, Errors {
using EnumerableSet for EnumerableSet.AddressSet;
uint256 public constant COOLDOWN_PER_DRAW = 2 weeks;
/// @notice Address of the mining contract authorized to add participants and distribute rewards
address public immutable mining;
/// @notice Address of the contract administrator
address public admin;
/// @notice The key hash used for Chainlink VRF requests
/// @dev Identifies the gas lane price that you want to use for VRF requests
bytes32 public keyHash;
/// @notice Number of block confirmations to wait before fulfilling VRF request
/// @dev Must be between 3 and 200 blocks
uint16 public requestConfirmations = 3;
/// @notice Maximum gas allowed for the VRF callback
/// @dev Should be sufficient to process the maximum number of winners
uint32 public callbackGasLimit = 700_000;
/// @notice The WETH token contract used for reward distributions
IERC20 public immutable weth;
/// @notice Chainlink VRF subscription ID used for funding randomness requests
uint256 public immutable subscriptionId;
/// @notice ID of the most recent VRF request
/// @dev Used to track pending randomness requests
uint256 public lastRequestId;
/// @notice Mapping to store details of each winner selection request
/// @dev Links VRF request IDs to their corresponding WinnerRequest structs
mapping(uint256 requestId => WinnerRequest) public requests;
/// @notice Timestamp of the last interval calculation
/// @dev Used to enforce cooldown periods between draws
uint32 public lastIntervalCall;
/// @notice Current total rewards available for distribution
/// @dev Accumulated from mining rewards and updated after each distribution
uint256 public upForGrabs;
/// @notice Set of all current pool participants
/// @dev Uses OpenZeppelin's EnumerableSet for efficient membership checks and enumeration
EnumerableSet.AddressSet private participants;
/**
* @notice Ensures caller is the mining contract
* @dev Reverts with OnlyMining error if caller is not authorized
*/
modifier onlyMining() {
_onlyMining();
_;
}
/**
* @notice Ensures no VRF request is currently pending
* @dev Reverts with RandomnessAlreadyRequested if a request is unfulfilled
*/
modifier noPendingRandomness() {
_noPendingRandomness();
_;
}
/**
* @notice Restricts access to admin functions
* @dev Reverts with OnlyAdmin if caller is not the administrator
*/
modifier onlyAdmin() {
_onlyAdmin();
_;
}
/// @notice Thrown when non-mining contract calls restricted functions
error OnlyMining();
/// @notice Thrown when attempting a new VRF request while one is pending
error RandomnessAlreadyRequested();
/// @notice Thrown when attempting operations before cooldown period ends
error OnlyAfterIntervalTime();
/// @notice Thrown when attempting to distribute zero rewards
error EmptyTreasury();
/// @notice Thrown when attempting winner selection with no participants
error NoParticipation();
/// @notice Thrown when non-admin calls admin functions
error OnlyAdmin();
/// @notice Thrown when invalid gas limit is provided
error InvalidGasLimit();
/// @notice Thrown when invalid confirmation count is provided
error InvalidRequestConfirmations();
/**
* @notice Emitted when a winner is selected and rewards are distributed
* @param winner Address of the selected winner
* @param amountWon Amount of WETH rewards distributed to the winner
*/
event WinnerSelected(address indexed winner, uint256 indexed amountWon);
/**
* @notice Initializes the LamboPool contract
* @dev Sets up VRF consumer, mining contract reference, and initial state
* @param _mining Address of authorized mining contract
* @param _vrfCoordinator Address of Chainlink VRF coordinator
* @param _subscriptionId Chainlink VRF subscription ID
* @param _weth Address of WETH token contract
* @param _keyHash VRF gas lane key hash
* @param _admin Address of contract administrator
* @param _startTimestamp Initial timestamp for interval calculations
*/
constructor(
address _mining,
address _vrfCoordinator,
uint256 _subscriptionId,
address _weth,
bytes32 _keyHash,
address _admin,
uint32 _startTimestamp
) VRFConsumerBaseV2Plus(_vrfCoordinator) {
mining = _mining;
weth = IERC20(_weth);
lastIntervalCall = _startTimestamp;
keyHash = _keyHash;
subscriptionId = _subscriptionId;
admin = _admin;
}
/* == ADMIN FUNCTIONS == */
/**
* @notice Updates the number of block confirmations required for VRF requests
* @param _newRequestConfirmations New confirmation count (must be 3-10)
* @dev Only callable by admin, ensures reasonable confirmation range
*/
function changeRequestConfirmations(uint16 _newRequestConfirmations) external onlyAdmin {
require(_newRequestConfirmations >= 3 && _newRequestConfirmations <= 10, InvalidRequestConfirmations());
requestConfirmations = _newRequestConfirmations;
}
/**
* @notice Updates the gas limit for VRF callback
* @param _newGasLimit New gas limit (minimum 450,000)
* @dev Only callable by admin, ensures sufficient gas for processing
*/
function changeCallBackGasLimimt(uint32 _newGasLimit) external onlyAdmin notAmount0(_newGasLimit) {
require(_newGasLimit >= 450_000, InvalidGasLimit());
callbackGasLimit = _newGasLimit;
}
/**
* @notice Updates the VRF key hash
* @param _newKeyHash New key hash for VRF requests
* @dev Only callable by admin
*/
function changeKeyHash(bytes32 _newKeyHash) external onlyAdmin {
keyHash = _newKeyHash;
}
/**
* @notice Emergency function to resolve stuck VRF requests
* @dev Only callable by admin, marks last request as fulfilled
*/
function unblockPendingRequest() external onlyAdmin {
WinnerRequest storage _winnerReq = requests[lastRequestId];
_winnerReq.fulfilled = true;
}
/**
* @notice Initiates the winner selection process
* @dev If participants <= WINNERS_PER_DRAW, distributes evenly; otherwise uses VRF
* @return requestId The VRF request ID (if randomness was requested)
*/
function pickWinner() external noPendingRandomness returns (uint256 requestId) {
require(upForGrabs != 0, EmptyTreasury());
require(lastIntervalCall + COOLDOWN_PER_DRAW <= Time.blockTs(), OnlyAfterIntervalTime());
require(participants.length() != 0, NoParticipation());
if (participants.length() <= WINNERS_PER_DRAW) {
_updateInterval();
_distributeEvenlyToParticipants(upForGrabs, participants.length());
} else {
requestId = s_vrfCoordinator.requestRandomWords(
VRFV2PlusClient.RandomWordsRequest({
keyHash: keyHash,
subId: subscriptionId,
requestConfirmations: requestConfirmations,
callbackGasLimit: callbackGasLimit,
numWords: WINNERS_PER_DRAW,
extraArgs: VRFV2PlusClient._argsToBytes(VRFV2PlusClient.ExtraArgsV1({nativePayment: false}))
})
);
lastRequestId = requestId;
requests[requestId] = WinnerRequest({fulfilled: false, upForGrabs: upForGrabs});
}
}
/**
* @notice Checks if an address is a current participant
* @param _user Address to check
* @return bool True if address is a participant
*/
function isParticipant(address _user) public view returns (bool) {
return participants.contains(_user);
}
/**
* @notice Callback function for VRF randomness fulfillment
* @dev Processes random words to select winners and distribute rewards
* @param requestId The ID of the fulfilled VRF request
* @param randomWords Array of random values from VRF
*/
function fulfillRandomWords(uint256 requestId, uint256[] calldata randomWords) internal override {
WinnerRequest storage _winnerReq = requests[requestId];
if (_winnerReq.fulfilled) return;
_updateInterval();
bool fulfilled = _selectWinnerAccordingToRandomness(_winnerReq.upForGrabs, randomWords);
_winnerReq.fulfilled = fulfilled;
}
/**
* @notice Distributes rewards evenly among participants
* @dev Used when participant count <= WINNERS_PER_DRAW
* @param toDistribute Total amount to distribute
* @param totalParticipants Number of participants
* @return bool Success status
*/
function _distributeEvenlyToParticipants(uint256 toDistribute, uint256 totalParticipants) internal returns (bool) {
uint256 perUser = toDistribute / totalParticipants;
for (uint32 i; i < totalParticipants; i++) {
address winner = participants.at(i);
emit WinnerSelected(winner, perUser);
weth.transfer(winner, perUser);
}
upForGrabs -= perUser * totalParticipants;
return true;
}
/**
* @notice Updates the interval timestamp for cooldown tracking
* @dev Accounts for multiple missed intervals
*/
function _updateInterval() internal {
uint256 missedIntervals = (Time.blockTs() - lastIntervalCall) / COOLDOWN_PER_DRAW;
lastIntervalCall = uint32(lastIntervalCall + (COOLDOWN_PER_DRAW * missedIntervals));
}
/**
* @notice Processes random values to select winners and distribute rewards
* @dev Removes winners temporarily to prevent duplicate selection
* @param toDistribute Total amount to distribute
* @param randomWords Array of random values
* @return bool Success status
*/
function _selectWinnerAccordingToRandomness(uint256 toDistribute, uint256[] memory randomWords)
internal
returns (bool)
{
address[] memory winners = new address[](randomWords.length);
for (uint32 i; i < randomWords.length; i++) {
uint256 randomness = randomWords[i];
address winner = participants.at(randomness % participants.length());
uint256 toWinner = wmul(toDistribute, uint256(0.2e18));
emit WinnerSelected(winner, toWinner);
winners[i] = winner;
participants.remove(winner);
weth.transfer(winner, toWinner);
}
for (uint32 i; i < winners.length; i++) {
participants.add(winners[i]);
}
upForGrabs -= toDistribute;
return true;
}
/**
* @notice Adds a new participant to the pool
* @dev Only callable by mining contract, checks for duplicates
* @param _participant Address to add as participant
*/
function participate(address _participant) external onlyMining noPendingRandomness {
if (participants.contains(_participant)) return;
participants.add(_participant);
}
/**
* @notice Adds rewards to the distribution pool
* @dev Only callable by mining contract
* @param _amount Amount of WETH to add to rewards
*/
function distributeRewards(uint256 _amount) external onlyMining {
upForGrabs += _amount;
}
/**
* @notice Validates caller is mining contract
* @dev Internal function used by onlyMining modifier
*/
function _onlyMining() internal view {
require(msg.sender == mining, OnlyMining());
}
/**
* @notice Checks for pending randomness requests
* @dev Internal function used by noPendingRandomness modifier
*/
function _noPendingRandomness() internal view {
WinnerRequest memory _lastReq = requests[lastRequestId];
require(lastRequestId == 0 || _lastReq.fulfilled, RandomnessAlreadyRequested());
}
/**
* @notice Validates caller is admin
* @dev Internal function used by onlyAdmin modifier
*/
function _onlyAdmin() internal view {
require(msg.sender == admin, OnlyAdmin());
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { IERC20 } from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import { OApp, Origin } from "@layerzerolabs/oapp-evm/contracts/oapp/OApp.sol";
import { OAppOptionsType3 } from "@layerzerolabs/oapp-evm/contracts/oapp/libs/OAppOptionsType3.sol";
import { IOAppMsgInspector } from "@layerzerolabs/oapp-evm/contracts/oapp/interfaces/IOAppMsgInspector.sol";
import { OAppPreCrimeSimulator } from "@layerzerolabs/oapp-evm/contracts/precrime/OAppPreCrimeSimulator.sol";
import { IOFT, SendParam, OFTLimit, OFTReceipt, OFTFeeDetail, MessagingReceipt, MessagingFee } from "./interfaces/IOFT.sol";
import { OFTMsgCodec } from "./libs/OFTMsgCodec.sol";
import { OFTComposeMsgCodec } from "./libs/OFTComposeMsgCodec.sol";
/**
* @title OFTCore
* @dev Abstract contract for the OftChain (OFT) token.
*/
abstract contract OFTCore is IOFT, OApp, OAppPreCrimeSimulator, OAppOptionsType3 {
using OFTMsgCodec for bytes;
using OFTMsgCodec for bytes32;
// @notice Provides a conversion rate when swapping between denominations of SD and LD
// - shareDecimals == SD == shared Decimals
// - localDecimals == LD == local decimals
// @dev Considers that tokens have different decimal amounts on various chains.
// @dev eg.
// For a token
// - locally with 4 decimals --> 1.2345 => uint(12345)
// - remotely with 2 decimals --> 1.23 => uint(123)
// - The conversion rate would be 10 ** (4 - 2) = 100
// @dev If you want to send 1.2345 -> (uint 12345), you CANNOT represent that value on the remote,
// you can only display 1.23 -> uint(123).
// @dev To preserve the dust that would otherwise be lost on that conversion,
// we need to unify a denomination that can be represented on ALL chains inside of the OFT mesh
uint256 public immutable decimalConversionRate;
// @notice Msg types that are used to identify the various OFT operations.
// @dev This can be extended in child contracts for non-default oft operations
// @dev These values are used in things like combineOptions() in OAppOptionsType3.sol.
uint16 public constant SEND = 1;
uint16 public constant SEND_AND_CALL = 2;
// Address of an optional contract to inspect both 'message' and 'options'
address public msgInspector;
event MsgInspectorSet(address inspector);
/**
* @dev Constructor.
* @param _localDecimals The decimals of the token on the local chain (this chain).
* @param _endpoint The address of the LayerZero endpoint.
* @param _delegate The delegate capable of making OApp configurations inside of the endpoint.
*/
constructor(uint8 _localDecimals, address _endpoint, address _delegate) OApp(_endpoint, _delegate) {
if (_localDecimals < sharedDecimals()) revert InvalidLocalDecimals();
decimalConversionRate = 10 ** (_localDecimals - sharedDecimals());
}
/**
* @notice Retrieves interfaceID and the version of the OFT.
* @return interfaceId The interface ID.
* @return version The version.
*
* @dev interfaceId: This specific interface ID is '0x02e49c2c'.
* @dev version: Indicates a cross-chain compatible msg encoding with other OFTs.
* @dev If a new feature is added to the OFT cross-chain msg encoding, the version will be incremented.
* ie. localOFT version(x,1) CAN send messages to remoteOFT version(x,1)
*/
function oftVersion() external pure virtual returns (bytes4 interfaceId, uint64 version) {
return (type(IOFT).interfaceId, 1);
}
/**
* @dev Retrieves the shared decimals of the OFT.
* @return The shared decimals of the OFT.
*
* @dev Sets an implicit cap on the amount of tokens, over uint64.max() will need some sort of outbound cap / totalSupply cap
* Lowest common decimal denominator between chains.
* Defaults to 6 decimal places to provide up to 18,446,744,073,709.551615 units (max uint64).
* For tokens exceeding this totalSupply(), they will need to override the sharedDecimals function with something smaller.
* ie. 4 sharedDecimals would be 1,844,674,407,370,955.1615
*/
function sharedDecimals() public view virtual returns (uint8) {
return 6;
}
/**
* @dev Sets the message inspector address for the OFT.
* @param _msgInspector The address of the message inspector.
*
* @dev This is an optional contract that can be used to inspect both 'message' and 'options'.
* @dev Set it to address(0) to disable it, or set it to a contract address to enable it.
*/
function setMsgInspector(address _msgInspector) public virtual onlyOwner {
msgInspector = _msgInspector;
emit MsgInspectorSet(_msgInspector);
}
/**
* @notice Provides the fee breakdown and settings data for an OFT. Unused in the default implementation.
* @param _sendParam The parameters for the send operation.
* @return oftLimit The OFT limit information.
* @return oftFeeDetails The details of OFT fees.
* @return oftReceipt The OFT receipt information.
*/
function quoteOFT(
SendParam calldata _sendParam
)
external
view
virtual
returns (OFTLimit memory oftLimit, OFTFeeDetail[] memory oftFeeDetails, OFTReceipt memory oftReceipt)
{
uint256 minAmountLD = 0; // Unused in the default implementation.
uint256 maxAmountLD = IERC20(this.token()).totalSupply(); // Unused in the default implementation.
oftLimit = OFTLimit(minAmountLD, maxAmountLD);
// Unused in the default implementation; reserved for future complex fee details.
oftFeeDetails = new OFTFeeDetail[](0);
// @dev This is the same as the send() operation, but without the actual send.
// - amountSentLD is the amount in local decimals that would be sent from the sender.
// - amountReceivedLD is the amount in local decimals that will be credited to the recipient on the remote OFT instance.
// @dev The amountSentLD MIGHT not equal the amount the user actually receives. HOWEVER, the default does.
(uint256 amountSentLD, uint256 amountReceivedLD) = _debitView(
_sendParam.amountLD,
_sendParam.minAmountLD,
_sendParam.dstEid
);
oftReceipt = OFTReceipt(amountSentLD, amountReceivedLD);
}
/**
* @notice Provides a quote for the send() operation.
* @param _sendParam The parameters for the send() operation.
* @param _payInLzToken Flag indicating whether the caller is paying in the LZ token.
* @return msgFee The calculated LayerZero messaging fee from the send() operation.
*
* @dev MessagingFee: LayerZero msg fee
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
*/
function quoteSend(
SendParam calldata _sendParam,
bool _payInLzToken
) external view virtual returns (MessagingFee memory msgFee) {
// @dev mock the amount to receive, this is the same operation used in the send().
// The quote is as similar as possible to the actual send() operation.
(, uint256 amountReceivedLD) = _debitView(_sendParam.amountLD, _sendParam.minAmountLD, _sendParam.dstEid);
// @dev Builds the options and OFT message to quote in the endpoint.
(bytes memory message, bytes memory options) = _buildMsgAndOptions(_sendParam, amountReceivedLD);
// @dev Calculates the LayerZero fee for the send() operation.
return _quote(_sendParam.dstEid, message, options, _payInLzToken);
}
/**
* @dev Executes the send operation.
* @param _sendParam The parameters for the send operation.
* @param _fee The calculated fee for the send() operation.
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
* @param _refundAddress The address to receive any excess funds.
* @return msgReceipt The receipt for the send operation.
* @return oftReceipt The OFT receipt information.
*
* @dev MessagingReceipt: LayerZero msg receipt
* - guid: The unique identifier for the sent message.
* - nonce: The nonce of the sent message.
* - fee: The LayerZero fee incurred for the message.
*/
function send(
SendParam calldata _sendParam,
MessagingFee calldata _fee,
address _refundAddress
) external payable virtual returns (MessagingReceipt memory msgReceipt, OFTReceipt memory oftReceipt) {
return _send(_sendParam, _fee, _refundAddress);
}
/**
* @dev Internal function to execute the send operation.
* @param _sendParam The parameters for the send operation.
* @param _fee The calculated fee for the send() operation.
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
* @param _refundAddress The address to receive any excess funds.
* @return msgReceipt The receipt for the send operation.
* @return oftReceipt The OFT receipt information.
*
* @dev MessagingReceipt: LayerZero msg receipt
* - guid: The unique identifier for the sent message.
* - nonce: The nonce of the sent message.
* - fee: The LayerZero fee incurred for the message.
*/
function _send(
SendParam calldata _sendParam,
MessagingFee calldata _fee,
address _refundAddress
) internal virtual returns (MessagingReceipt memory msgReceipt, OFTReceipt memory oftReceipt) {
// @dev Applies the token transfers regarding this send() operation.
// - amountSentLD is the amount in local decimals that was ACTUALLY sent/debited from the sender.
// - amountReceivedLD is the amount in local decimals that will be received/credited to the recipient on the remote OFT instance.
(uint256 amountSentLD, uint256 amountReceivedLD) = _debit(
msg.sender,
_sendParam.amountLD,
_sendParam.minAmountLD,
_sendParam.dstEid
);
// @dev Builds the options and OFT message to quote in the endpoint.
(bytes memory message, bytes memory options) = _buildMsgAndOptions(_sendParam, amountReceivedLD);
// @dev Sends the message to the LayerZero endpoint and returns the LayerZero msg receipt.
msgReceipt = _lzSend(_sendParam.dstEid, message, options, _fee, _refundAddress);
// @dev Formulate the OFT receipt.
oftReceipt = OFTReceipt(amountSentLD, amountReceivedLD);
emit OFTSent(msgReceipt.guid, _sendParam.dstEid, msg.sender, amountSentLD, amountReceivedLD);
}
/**
* @dev Internal function to build the message and options.
* @param _sendParam The parameters for the send() operation.
* @param _amountLD The amount in local decimals.
* @return message The encoded message.
* @return options The encoded options.
*/
function _buildMsgAndOptions(
SendParam calldata _sendParam,
uint256 _amountLD
) internal view virtual returns (bytes memory message, bytes memory options) {
bool hasCompose;
// @dev This generated message has the msg.sender encoded into the payload so the remote knows who the caller is.
(message, hasCompose) = OFTMsgCodec.encode(
_sendParam.to,
_toSD(_amountLD),
// @dev Must be include a non empty bytes if you want to compose, EVEN if you dont need it on the remote.
// EVEN if you dont require an arbitrary payload to be sent... eg. '0x01'
_sendParam.composeMsg
);
// @dev Change the msg type depending if its composed or not.
uint16 msgType = hasCompose ? SEND_AND_CALL : SEND;
// @dev Combine the callers _extraOptions with the enforced options via the OAppOptionsType3.
options = combineOptions(_sendParam.dstEid, msgType, _sendParam.extraOptions);
// @dev Optionally inspect the message and options depending if the OApp owner has set a msg inspector.
// @dev If it fails inspection, needs to revert in the implementation. ie. does not rely on return boolean
address inspector = msgInspector; // caches the msgInspector to avoid potential double storage read
if (inspector != address(0)) IOAppMsgInspector(inspector).inspect(message, options);
}
/**
* @dev Internal function to handle the receive on the LayerZero endpoint.
* @param _origin The origin information.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address from the src chain.
* - nonce: The nonce of the LayerZero message.
* @param _guid The unique identifier for the received LayerZero message.
* @param _message The encoded message.
* @dev _executor The address of the executor.
* @dev _extraData Additional data.
*/
function _lzReceive(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address /*_executor*/, // @dev unused in the default implementation.
bytes calldata /*_extraData*/ // @dev unused in the default implementation.
) internal virtual override {
// @dev The src sending chain doesnt know the address length on this chain (potentially non-evm)
// Thus everything is bytes32() encoded in flight.
address toAddress = _message.sendTo().bytes32ToAddress();
// @dev Credit the amountLD to the recipient and return the ACTUAL amount the recipient received in local decimals
uint256 amountReceivedLD = _credit(toAddress, _toLD(_message.amountSD()), _origin.srcEid);
if (_message.isComposed()) {
// @dev Proprietary composeMsg format for the OFT.
bytes memory composeMsg = OFTComposeMsgCodec.encode(
_origin.nonce,
_origin.srcEid,
amountReceivedLD,
_message.composeMsg()
);
// @dev Stores the lzCompose payload that will be executed in a separate tx.
// Standardizes functionality for executing arbitrary contract invocation on some non-evm chains.
// @dev The off-chain executor will listen and process the msg based on the src-chain-callers compose options passed.
// @dev The index is used when a OApp needs to compose multiple msgs on lzReceive.
// For default OFT implementation there is only 1 compose msg per lzReceive, thus its always 0.
endpoint.sendCompose(toAddress, _guid, 0 /* the index of the composed message*/, composeMsg);
}
emit OFTReceived(_guid, _origin.srcEid, toAddress, amountReceivedLD);
}
/**
* @dev Internal function to handle the OAppPreCrimeSimulator simulated receive.
* @param _origin The origin information.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address from the src chain.
* - nonce: The nonce of the LayerZero message.
* @param _guid The unique identifier for the received LayerZero message.
* @param _message The LayerZero message.
* @param _executor The address of the off-chain executor.
* @param _extraData Arbitrary data passed by the msg executor.
*
* @dev Enables the preCrime simulator to mock sending lzReceive() messages,
* routes the msg down from the OAppPreCrimeSimulator, and back up to the OAppReceiver.
*/
function _lzReceiveSimulate(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) internal virtual override {
_lzReceive(_origin, _guid, _message, _executor, _extraData);
}
/**
* @dev Check if the peer is considered 'trusted' by the OApp.
* @param _eid The endpoint ID to check.
* @param _peer The peer to check.
* @return Whether the peer passed is considered 'trusted' by the OApp.
*
* @dev Enables OAppPreCrimeSimulator to check whether a potential Inbound Packet is from a trusted source.
*/
function isPeer(uint32 _eid, bytes32 _peer) public view virtual override returns (bool) {
return peers[_eid] == _peer;
}
/**
* @dev Internal function to remove dust from the given local decimal amount.
* @param _amountLD The amount in local decimals.
* @return amountLD The amount after removing dust.
*
* @dev Prevents the loss of dust when moving amounts between chains with different decimals.
* @dev eg. uint(123) with a conversion rate of 100 becomes uint(100).
*/
function _removeDust(uint256 _amountLD) internal view virtual returns (uint256 amountLD) {
return (_amountLD / decimalConversionRate) * decimalConversionRate;
}
/**
* @dev Internal function to convert an amount from shared decimals into local decimals.
* @param _amountSD The amount in shared decimals.
* @return amountLD The amount in local decimals.
*/
function _toLD(uint64 _amountSD) internal view virtual returns (uint256 amountLD) {
return _amountSD * decimalConversionRate;
}
/**
* @dev Internal function to convert an amount from local decimals into shared decimals.
* @param _amountLD The amount in local decimals.
* @return amountSD The amount in shared decimals.
*/
function _toSD(uint256 _amountLD) internal view virtual returns (uint64 amountSD) {
return uint64(_amountLD / decimalConversionRate);
}
/**
* @dev Internal function to mock the amount mutation from a OFT debit() operation.
* @param _amountLD The amount to send in local decimals.
* @param _minAmountLD The minimum amount to send in local decimals.
* @dev _dstEid The destination endpoint ID.
* @return amountSentLD The amount sent, in local decimals.
* @return amountReceivedLD The amount to be received on the remote chain, in local decimals.
*
* @dev This is where things like fees would be calculated and deducted from the amount to be received on the remote.
*/
function _debitView(
uint256 _amountLD,
uint256 _minAmountLD,
uint32 /*_dstEid*/
) internal view virtual returns (uint256 amountSentLD, uint256 amountReceivedLD) {
// @dev Remove the dust so nothing is lost on the conversion between chains with different decimals for the token.
amountSentLD = _removeDust(_amountLD);
// @dev The amount to send is the same as amount received in the default implementation.
amountReceivedLD = amountSentLD;
// @dev Check for slippage.
if (amountReceivedLD < _minAmountLD) {
revert SlippageExceeded(amountReceivedLD, _minAmountLD);
}
}
/**
* @dev Internal function to perform a debit operation.
* @param _from The address to debit.
* @param _amountLD The amount to send in local decimals.
* @param _minAmountLD The minimum amount to send in local decimals.
* @param _dstEid The destination endpoint ID.
* @return amountSentLD The amount sent in local decimals.
* @return amountReceivedLD The amount received in local decimals on the remote.
*
* @dev Defined here but are intended to be overriden depending on the OFT implementation.
* @dev Depending on OFT implementation the _amountLD could differ from the amountReceivedLD.
*/
function _debit(
address _from,
uint256 _amountLD,
uint256 _minAmountLD,
uint32 _dstEid
) internal virtual returns (uint256 amountSentLD, uint256 amountReceivedLD);
/**
* @dev Internal function to perform a credit operation.
* @param _to The address to credit.
* @param _amountLD The amount to credit in local decimals.
* @param _srcEid The source endpoint ID.
* @return amountReceivedLD The amount ACTUALLY received in local decimals.
*
* @dev Defined here but are intended to be overriden depending on the OFT implementation.
* @dev Depending on OFT implementation the _amountLD could differ from the amountReceivedLD.
*/
function _credit(
address _to,
uint256 _amountLD,
uint32 _srcEid
) internal virtual returns (uint256 amountReceivedLD);
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
interface ILotusEdenBnB {
function distributeTitanXForBurning(uint256 amount) external;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)
pragma solidity ^0.8.20;
import {Context} from "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* The initial owner is set to the address provided by the deployer. This can
* later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
/**
* @dev The caller account is not authorized to perform an operation.
*/
error OwnableUnauthorizedAccount(address account);
/**
* @dev The owner is not a valid owner account. (eg. `address(0)`)
*/
error OwnableInvalidOwner(address owner);
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the address provided by the deployer as the initial owner.
*/
constructor(address initialOwner) {
if (initialOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(initialOwner);
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
if (owner() != _msgSender()) {
revert OwnableUnauthorizedAccount(_msgSender());
}
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
if (newOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Pool state that never changes
/// @notice These parameters are fixed for a pool forever, i.e., the methods will always return the same values
interface IUniswapV3PoolImmutables {
/// @notice The contract that deployed the pool, which must adhere to the IUniswapV3Factory interface
/// @return The contract address
function factory() external view returns (address);
/// @notice The first of the two tokens of the pool, sorted by address
/// @return The token contract address
function token0() external view returns (address);
/// @notice The second of the two tokens of the pool, sorted by address
/// @return The token contract address
function token1() external view returns (address);
/// @notice The pool's fee in hundredths of a bip, i.e. 1e-6
/// @return The fee
function fee() external view returns (uint24);
/// @notice The pool tick spacing
/// @dev Ticks can only be used at multiples of this value, minimum of 1 and always positive
/// e.g.: a tickSpacing of 3 means ticks can be initialized every 3rd tick, i.e., ..., -6, -3, 0, 3, 6, ...
/// This value is an int24 to avoid casting even though it is always positive.
/// @return The tick spacing
function tickSpacing() external view returns (int24);
/// @notice The maximum amount of position liquidity that can use any tick in the range
/// @dev This parameter is enforced per tick to prevent liquidity from overflowing a uint128 at any point, and
/// also prevents out-of-range liquidity from being used to prevent adding in-range liquidity to a pool
/// @return The max amount of liquidity per tick
function maxLiquidityPerTick() external view returns (uint128);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Pool state that can change
/// @notice These methods compose the pool's state, and can change with any frequency including multiple times
/// per transaction
interface IUniswapV3PoolState {
/// @notice The 0th storage slot in the pool stores many values, and is exposed as a single method to save gas
/// when accessed externally.
/// @return sqrtPriceX96 The current price of the pool as a sqrt(token1/token0) Q64.96 value
/// @return tick The current tick of the pool, i.e. according to the last tick transition that was run.
/// This value may not always be equal to SqrtTickMath.getTickAtSqrtRatio(sqrtPriceX96) if the price is on a tick
/// boundary.
/// @return observationIndex The index of the last oracle observation that was written,
/// @return observationCardinality The current maximum number of observations stored in the pool,
/// @return observationCardinalityNext The next maximum number of observations, to be updated when the observation.
/// @return feeProtocol The protocol fee for both tokens of the pool.
/// Encoded as two 4 bit values, where the protocol fee of token1 is shifted 4 bits and the protocol fee of token0
/// is the lower 4 bits. Used as the denominator of a fraction of the swap fee, e.g. 4 means 1/4th of the swap fee.
/// unlocked Whether the pool is currently locked to reentrancy
function slot0()
external
view
returns (
uint160 sqrtPriceX96,
int24 tick,
uint16 observationIndex,
uint16 observationCardinality,
uint16 observationCardinalityNext,
uint8 feeProtocol,
bool unlocked
);
/// @notice The fee growth as a Q128.128 fees of token0 collected per unit of liquidity for the entire life of the pool
/// @dev This value can overflow the uint256
function feeGrowthGlobal0X128() external view returns (uint256);
/// @notice The fee growth as a Q128.128 fees of token1 collected per unit of liquidity for the entire life of the pool
/// @dev This value can overflow the uint256
function feeGrowthGlobal1X128() external view returns (uint256);
/// @notice The amounts of token0 and token1 that are owed to the protocol
/// @dev Protocol fees will never exceed uint128 max in either token
function protocolFees() external view returns (uint128 token0, uint128 token1);
/// @notice The currently in range liquidity available to the pool
/// @dev This value has no relationship to the total liquidity across all ticks
/// @return The liquidity at the current price of the pool
function liquidity() external view returns (uint128);
/// @notice Look up information about a specific tick in the pool
/// @param tick The tick to look up
/// @return liquidityGross the total amount of position liquidity that uses the pool either as tick lower or
/// tick upper
/// @return liquidityNet how much liquidity changes when the pool price crosses the tick,
/// @return feeGrowthOutside0X128 the fee growth on the other side of the tick from the current tick in token0,
/// @return feeGrowthOutside1X128 the fee growth on the other side of the tick from the current tick in token1,
/// @return tickCumulativeOutside the cumulative tick value on the other side of the tick from the current tick
/// @return secondsPerLiquidityOutsideX128 the seconds spent per liquidity on the other side of the tick from the current tick,
/// @return secondsOutside the seconds spent on the other side of the tick from the current tick,
/// @return initialized Set to true if the tick is initialized, i.e. liquidityGross is greater than 0, otherwise equal to false.
/// Outside values can only be used if the tick is initialized, i.e. if liquidityGross is greater than 0.
/// In addition, these values are only relative and must be used only in comparison to previous snapshots for
/// a specific position.
function ticks(int24 tick)
external
view
returns (
uint128 liquidityGross,
int128 liquidityNet,
uint256 feeGrowthOutside0X128,
uint256 feeGrowthOutside1X128,
int56 tickCumulativeOutside,
uint160 secondsPerLiquidityOutsideX128,
uint32 secondsOutside,
bool initialized
);
/// @notice Returns 256 packed tick initialized boolean values. See TickBitmap for more information
function tickBitmap(int16 wordPosition) external view returns (uint256);
/// @notice Returns the information about a position by the position's key
/// @param key The position's key is a hash of a preimage composed by the owner, tickLower and tickUpper
/// @return liquidity The amount of liquidity in the position,
/// @return feeGrowthInside0LastX128 fee growth of token0 inside the tick range as of the last mint/burn/poke,
/// @return feeGrowthInside1LastX128 fee growth of token1 inside the tick range as of the last mint/burn/poke,
/// @return tokensOwed0 the computed amount of token0 owed to the position as of the last mint/burn/poke,
/// @return tokensOwed1 the computed amount of token1 owed to the position as of the last mint/burn/poke
function positions(bytes32 key)
external
view
returns (
uint128 liquidity,
uint256 feeGrowthInside0LastX128,
uint256 feeGrowthInside1LastX128,
uint128 tokensOwed0,
uint128 tokensOwed1
);
/// @notice Returns data about a specific observation index
/// @param index The element of the observations array to fetch
/// @dev You most likely want to use #observe() instead of this method to get an observation as of some amount of time
/// ago, rather than at a specific index in the array.
/// @return blockTimestamp The timestamp of the observation,
/// @return tickCumulative the tick multiplied by seconds elapsed for the life of the pool as of the observation timestamp,
/// @return secondsPerLiquidityCumulativeX128 the seconds per in range liquidity for the life of the pool as of the observation timestamp,
/// @return initialized whether the observation has been initialized and the values are safe to use
function observations(uint256 index)
external
view
returns (
uint32 blockTimestamp,
int56 tickCumulative,
uint160 secondsPerLiquidityCumulativeX128,
bool initialized
);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Pool state that is not stored
/// @notice Contains view functions to provide information about the pool that is computed rather than stored on the
/// blockchain. The functions here may have variable gas costs.
interface IUniswapV3PoolDerivedState {
/// @notice Returns the cumulative tick and liquidity as of each timestamp `secondsAgo` from the current block timestamp
/// @dev To get a time weighted average tick or liquidity-in-range, you must call this with two values, one representing
/// the beginning of the period and another for the end of the period. E.g., to get the last hour time-weighted average tick,
/// you must call it with secondsAgos = [3600, 0].
/// @dev The time weighted average tick represents the geometric time weighted average price of the pool, in
/// log base sqrt(1.0001) of token1 / token0. The TickMath library can be used to go from a tick value to a ratio.
/// @param secondsAgos From how long ago each cumulative tick and liquidity value should be returned
/// @return tickCumulatives Cumulative tick values as of each `secondsAgos` from the current block timestamp
/// @return secondsPerLiquidityCumulativeX128s Cumulative seconds per liquidity-in-range value as of each `secondsAgos` from the current block
/// timestamp
function observe(uint32[] calldata secondsAgos)
external
view
returns (int56[] memory tickCumulatives, uint160[] memory secondsPerLiquidityCumulativeX128s);
/// @notice Returns a snapshot of the tick cumulative, seconds per liquidity and seconds inside a tick range
/// @dev Snapshots must only be compared to other snapshots, taken over a period for which a position existed.
/// I.e., snapshots cannot be compared if a position is not held for the entire period between when the first
/// snapshot is taken and the second snapshot is taken.
/// @param tickLower The lower tick of the range
/// @param tickUpper The upper tick of the range
/// @return tickCumulativeInside The snapshot of the tick accumulator for the range
/// @return secondsPerLiquidityInsideX128 The snapshot of seconds per liquidity for the range
/// @return secondsInside The snapshot of seconds per liquidity for the range
function snapshotCumulativesInside(int24 tickLower, int24 tickUpper)
external
view
returns (
int56 tickCumulativeInside,
uint160 secondsPerLiquidityInsideX128,
uint32 secondsInside
);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Permissionless pool actions
/// @notice Contains pool methods that can be called by anyone
interface IUniswapV3PoolActions {
/// @notice Sets the initial price for the pool
/// @dev Price is represented as a sqrt(amountToken1/amountToken0) Q64.96 value
/// @param sqrtPriceX96 the initial sqrt price of the pool as a Q64.96
function initialize(uint160 sqrtPriceX96) external;
/// @notice Adds liquidity for the given recipient/tickLower/tickUpper position
/// @dev The caller of this method receives a callback in the form of IUniswapV3MintCallback#uniswapV3MintCallback
/// in which they must pay any token0 or token1 owed for the liquidity. The amount of token0/token1 due depends
/// on tickLower, tickUpper, the amount of liquidity, and the current price.
/// @param recipient The address for which the liquidity will be created
/// @param tickLower The lower tick of the position in which to add liquidity
/// @param tickUpper The upper tick of the position in which to add liquidity
/// @param amount The amount of liquidity to mint
/// @param data Any data that should be passed through to the callback
/// @return amount0 The amount of token0 that was paid to mint the given amount of liquidity. Matches the value in the callback
/// @return amount1 The amount of token1 that was paid to mint the given amount of liquidity. Matches the value in the callback
function mint(
address recipient,
int24 tickLower,
int24 tickUpper,
uint128 amount,
bytes calldata data
) external returns (uint256 amount0, uint256 amount1);
/// @notice Collects tokens owed to a position
/// @dev Does not recompute fees earned, which must be done either via mint or burn of any amount of liquidity.
/// Collect must be called by the position owner. To withdraw only token0 or only token1, amount0Requested or
/// amount1Requested may be set to zero. To withdraw all tokens owed, caller may pass any value greater than the
/// actual tokens owed, e.g. type(uint128).max. Tokens owed may be from accumulated swap fees or burned liquidity.
/// @param recipient The address which should receive the fees collected
/// @param tickLower The lower tick of the position for which to collect fees
/// @param tickUpper The upper tick of the position for which to collect fees
/// @param amount0Requested How much token0 should be withdrawn from the fees owed
/// @param amount1Requested How much token1 should be withdrawn from the fees owed
/// @return amount0 The amount of fees collected in token0
/// @return amount1 The amount of fees collected in token1
function collect(
address recipient,
int24 tickLower,
int24 tickUpper,
uint128 amount0Requested,
uint128 amount1Requested
) external returns (uint128 amount0, uint128 amount1);
/// @notice Burn liquidity from the sender and account tokens owed for the liquidity to the position
/// @dev Can be used to trigger a recalculation of fees owed to a position by calling with an amount of 0
/// @dev Fees must be collected separately via a call to #collect
/// @param tickLower The lower tick of the position for which to burn liquidity
/// @param tickUpper The upper tick of the position for which to burn liquidity
/// @param amount How much liquidity to burn
/// @return amount0 The amount of token0 sent to the recipient
/// @return amount1 The amount of token1 sent to the recipient
function burn(
int24 tickLower,
int24 tickUpper,
uint128 amount
) external returns (uint256 amount0, uint256 amount1);
/// @notice Swap token0 for token1, or token1 for token0
/// @dev The caller of this method receives a callback in the form of IUniswapV3SwapCallback#uniswapV3SwapCallback
/// @param recipient The address to receive the output of the swap
/// @param zeroForOne The direction of the swap, true for token0 to token1, false for token1 to token0
/// @param amountSpecified The amount of the swap, which implicitly configures the swap as exact input (positive), or exact output (negative)
/// @param sqrtPriceLimitX96 The Q64.96 sqrt price limit. If zero for one, the price cannot be less than this
/// value after the swap. If one for zero, the price cannot be greater than this value after the swap
/// @param data Any data to be passed through to the callback
/// @return amount0 The delta of the balance of token0 of the pool, exact when negative, minimum when positive
/// @return amount1 The delta of the balance of token1 of the pool, exact when negative, minimum when positive
function swap(
address recipient,
bool zeroForOne,
int256 amountSpecified,
uint160 sqrtPriceLimitX96,
bytes calldata data
) external returns (int256 amount0, int256 amount1);
/// @notice Receive token0 and/or token1 and pay it back, plus a fee, in the callback
/// @dev The caller of this method receives a callback in the form of IUniswapV3FlashCallback#uniswapV3FlashCallback
/// @dev Can be used to donate underlying tokens pro-rata to currently in-range liquidity providers by calling
/// with 0 amount{0,1} and sending the donation amount(s) from the callback
/// @param recipient The address which will receive the token0 and token1 amounts
/// @param amount0 The amount of token0 to send
/// @param amount1 The amount of token1 to send
/// @param data Any data to be passed through to the callback
function flash(
address recipient,
uint256 amount0,
uint256 amount1,
bytes calldata data
) external;
/// @notice Increase the maximum number of price and liquidity observations that this pool will store
/// @dev This method is no-op if the pool already has an observationCardinalityNext greater than or equal to
/// the input observationCardinalityNext.
/// @param observationCardinalityNext The desired minimum number of observations for the pool to store
function increaseObservationCardinalityNext(uint16 observationCardinalityNext) external;
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Permissioned pool actions
/// @notice Contains pool methods that may only be called by the factory owner
interface IUniswapV3PoolOwnerActions {
/// @notice Set the denominator of the protocol's % share of the fees
/// @param feeProtocol0 new protocol fee for token0 of the pool
/// @param feeProtocol1 new protocol fee for token1 of the pool
function setFeeProtocol(uint8 feeProtocol0, uint8 feeProtocol1) external;
/// @notice Collect the protocol fee accrued to the pool
/// @param recipient The address to which collected protocol fees should be sent
/// @param amount0Requested The maximum amount of token0 to send, can be 0 to collect fees in only token1
/// @param amount1Requested The maximum amount of token1 to send, can be 0 to collect fees in only token0
/// @return amount0 The protocol fee collected in token0
/// @return amount1 The protocol fee collected in token1
function collectProtocol(
address recipient,
uint128 amount0Requested,
uint128 amount1Requested
) external returns (uint128 amount0, uint128 amount1);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Errors emitted by a pool
/// @notice Contains all events emitted by the pool
interface IUniswapV3PoolErrors {
error LOK();
error TLU();
error TLM();
error TUM();
error AI();
error M0();
error M1();
error AS();
error IIA();
error L();
error F0();
error F1();
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Events emitted by a pool
/// @notice Contains all events emitted by the pool
interface IUniswapV3PoolEvents {
/// @notice Emitted exactly once by a pool when #initialize is first called on the pool
/// @dev Mint/Burn/Swap cannot be emitted by the pool before Initialize
/// @param sqrtPriceX96 The initial sqrt price of the pool, as a Q64.96
/// @param tick The initial tick of the pool, i.e. log base 1.0001 of the starting price of the pool
event Initialize(uint160 sqrtPriceX96, int24 tick);
/// @notice Emitted when liquidity is minted for a given position
/// @param sender The address that minted the liquidity
/// @param owner The owner of the position and recipient of any minted liquidity
/// @param tickLower The lower tick of the position
/// @param tickUpper The upper tick of the position
/// @param amount The amount of liquidity minted to the position range
/// @param amount0 How much token0 was required for the minted liquidity
/// @param amount1 How much token1 was required for the minted liquidity
event Mint(
address sender,
address indexed owner,
int24 indexed tickLower,
int24 indexed tickUpper,
uint128 amount,
uint256 amount0,
uint256 amount1
);
/// @notice Emitted when fees are collected by the owner of a position
/// @dev Collect events may be emitted with zero amount0 and amount1 when the caller chooses not to collect fees
/// @param owner The owner of the position for which fees are collected
/// @param tickLower The lower tick of the position
/// @param tickUpper The upper tick of the position
/// @param amount0 The amount of token0 fees collected
/// @param amount1 The amount of token1 fees collected
event Collect(
address indexed owner,
address recipient,
int24 indexed tickLower,
int24 indexed tickUpper,
uint128 amount0,
uint128 amount1
);
/// @notice Emitted when a position's liquidity is removed
/// @dev Does not withdraw any fees earned by the liquidity position, which must be withdrawn via #collect
/// @param owner The owner of the position for which liquidity is removed
/// @param tickLower The lower tick of the position
/// @param tickUpper The upper tick of the position
/// @param amount The amount of liquidity to remove
/// @param amount0 The amount of token0 withdrawn
/// @param amount1 The amount of token1 withdrawn
event Burn(
address indexed owner,
int24 indexed tickLower,
int24 indexed tickUpper,
uint128 amount,
uint256 amount0,
uint256 amount1
);
/// @notice Emitted by the pool for any swaps between token0 and token1
/// @param sender The address that initiated the swap call, and that received the callback
/// @param recipient The address that received the output of the swap
/// @param amount0 The delta of the token0 balance of the pool
/// @param amount1 The delta of the token1 balance of the pool
/// @param sqrtPriceX96 The sqrt(price) of the pool after the swap, as a Q64.96
/// @param liquidity The liquidity of the pool after the swap
/// @param tick The log base 1.0001 of price of the pool after the swap
event Swap(
address indexed sender,
address indexed recipient,
int256 amount0,
int256 amount1,
uint160 sqrtPriceX96,
uint128 liquidity,
int24 tick
);
/// @notice Emitted by the pool for any flashes of token0/token1
/// @param sender The address that initiated the swap call, and that received the callback
/// @param recipient The address that received the tokens from flash
/// @param amount0 The amount of token0 that was flashed
/// @param amount1 The amount of token1 that was flashed
/// @param paid0 The amount of token0 paid for the flash, which can exceed the amount0 plus the fee
/// @param paid1 The amount of token1 paid for the flash, which can exceed the amount1 plus the fee
event Flash(
address indexed sender,
address indexed recipient,
uint256 amount0,
uint256 amount1,
uint256 paid0,
uint256 paid1
);
/// @notice Emitted by the pool for increases to the number of observations that can be stored
/// @dev observationCardinalityNext is not the observation cardinality until an observation is written at the index
/// just before a mint/swap/burn.
/// @param observationCardinalityNextOld The previous value of the next observation cardinality
/// @param observationCardinalityNextNew The updated value of the next observation cardinality
event IncreaseObservationCardinalityNext(
uint16 observationCardinalityNextOld,
uint16 observationCardinalityNextNew
);
/// @notice Emitted when the protocol fee is changed by the pool
/// @param feeProtocol0Old The previous value of the token0 protocol fee
/// @param feeProtocol1Old The previous value of the token1 protocol fee
/// @param feeProtocol0New The updated value of the token0 protocol fee
/// @param feeProtocol1New The updated value of the token1 protocol fee
event SetFeeProtocol(uint8 feeProtocol0Old, uint8 feeProtocol1Old, uint8 feeProtocol0New, uint8 feeProtocol1New);
/// @notice Emitted when the collected protocol fees are withdrawn by the factory owner
/// @param sender The address that collects the protocol fees
/// @param recipient The address that receives the collected protocol fees
/// @param amount0 The amount of token0 protocol fees that is withdrawn
/// @param amount0 The amount of token1 protocol fees that is withdrawn
event CollectProtocol(address indexed sender, address indexed recipient, uint128 amount0, uint128 amount1);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC721/extensions/IERC721Enumerable.sol)
pragma solidity ^0.8.20;
import {IERC721} from "../IERC721.sol";
/**
* @title ERC-721 Non-Fungible Token Standard, optional enumeration extension
* @dev See https://eips.ethereum.org/EIPS/eip-721
*/
interface IERC721Enumerable is IERC721 {
/**
* @dev Returns the total amount of tokens stored by the contract.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns a token ID owned by `owner` at a given `index` of its token list.
* Use along with {balanceOf} to enumerate all of ``owner``'s tokens.
*/
function tokenOfOwnerByIndex(address owner, uint256 index) external view returns (uint256);
/**
* @dev Returns a token ID at a given `index` of all the tokens stored by the contract.
* Use along with {totalSupply} to enumerate all tokens.
*/
function tokenByIndex(uint256 index) external view returns (uint256);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
pragma abicoder v2;
/// @title Creates and initializes V3 Pools
/// @notice Provides a method for creating and initializing a pool, if necessary, for bundling with other methods that
/// require the pool to exist.
interface IPoolInitializer {
/// @notice Creates a new pool if it does not exist, then initializes if not initialized
/// @dev This method can be bundled with others via IMulticall for the first action (e.g. mint) performed against a pool
/// @param token0 The contract address of token0 of the pool
/// @param token1 The contract address of token1 of the pool
/// @param fee The fee amount of the v3 pool for the specified token pair
/// @param sqrtPriceX96 The initial square root price of the pool as a Q64.96 value
/// @return pool Returns the pool address based on the pair of tokens and fee, will return the newly created pool address if necessary
function createAndInitializePoolIfNecessary(
address token0,
address token1,
uint24 fee,
uint160 sqrtPriceX96
) external payable returns (address pool);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
import '@openzeppelin/contracts/token/ERC721/IERC721.sol';
/// @title ERC721 with permit
/// @notice Extension to ERC721 that includes a permit function for signature based approvals
interface IERC721Permit is IERC721 {
/// @notice The permit typehash used in the permit signature
/// @return The typehash for the permit
function PERMIT_TYPEHASH() external pure returns (bytes32);
/// @notice The domain separator used in the permit signature
/// @return The domain seperator used in encoding of permit signature
function DOMAIN_SEPARATOR() external view returns (bytes32);
/// @notice Approve of a specific token ID for spending by spender via signature
/// @param spender The account that is being approved
/// @param tokenId The ID of the token that is being approved for spending
/// @param deadline The deadline timestamp by which the call must be mined for the approve to work
/// @param v Must produce valid secp256k1 signature from the holder along with `r` and `s`
/// @param r Must produce valid secp256k1 signature from the holder along with `v` and `s`
/// @param s Must produce valid secp256k1 signature from the holder along with `r` and `v`
function permit(
address spender,
uint256 tokenId,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external payable;
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
/// @title Periphery Payments
/// @notice Functions to ease deposits and withdrawals of ETH
interface IPeripheryPayments {
/// @notice Unwraps the contract's WETH9 balance and sends it to recipient as ETH.
/// @dev The amountMinimum parameter prevents malicious contracts from stealing WETH9 from users.
/// @param amountMinimum The minimum amount of WETH9 to unwrap
/// @param recipient The address receiving ETH
function unwrapWETH9(uint256 amountMinimum, address recipient) external payable;
/// @notice Refunds any ETH balance held by this contract to the `msg.sender`
/// @dev Useful for bundling with mint or increase liquidity that uses ether, or exact output swaps
/// that use ether for the input amount
function refundETH() external payable;
/// @notice Transfers the full amount of a token held by this contract to recipient
/// @dev The amountMinimum parameter prevents malicious contracts from stealing the token from users
/// @param token The contract address of the token which will be transferred to `recipient`
/// @param amountMinimum The minimum amount of token required for a transfer
/// @param recipient The destination address of the token
function sweepToken(
address token,
uint256 amountMinimum,
address recipient
) external payable;
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Immutable state
/// @notice Functions that return immutable state of the router
interface IPeripheryImmutableState {
/// @return Returns the address of the Uniswap V3 factory
function factory() external view returns (address);
/// @return Returns the address of WETH9
function WETH9() external view returns (address);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Callback for IUniswapV3PoolActions#swap
/// @notice Any contract that calls IUniswapV3PoolActions#swap must implement this interface
interface IUniswapV3SwapCallback {
/// @notice Called to `msg.sender` after executing a swap via IUniswapV3Pool#swap.
/// @dev In the implementation you must pay the pool tokens owed for the swap.
/// The caller of this method must be checked to be a UniswapV3Pool deployed by the canonical UniswapV3Factory.
/// amount0Delta and amount1Delta can both be 0 if no tokens were swapped.
/// @param amount0Delta The amount of token0 that was sent (negative) or must be received (positive) by the pool by
/// the end of the swap. If positive, the callback must send that amount of token0 to the pool.
/// @param amount1Delta The amount of token1 that was sent (negative) or must be received (positive) by the pool by
/// the end of the swap. If positive, the callback must send that amount of token1 to the pool.
/// @param data Any data passed through by the caller via the IUniswapV3PoolActions#swap call
function uniswapV3SwapCallback(
int256 amount0Delta,
int256 amount1Delta,
bytes calldata data
) external;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/introspection/IERC165.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC-165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[ERC].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/IERC721Receiver.sol)
pragma solidity ^0.8.20;
/**
* @title ERC-721 token receiver interface
* @dev Interface for any contract that wants to support safeTransfers
* from ERC-721 asset contracts.
*/
interface IERC721Receiver {
/**
* @dev Whenever an {IERC721} `tokenId` token is transferred to this contract via {IERC721-safeTransferFrom}
* by `operator` from `from`, this function is called.
*
* It must return its Solidity selector to confirm the token transfer.
* If any other value is returned or the interface is not implemented by the recipient, the transfer will be
* reverted.
*
* The selector can be obtained in Solidity with `IERC721Receiver.onERC721Received.selector`.
*/
function onERC721Received(
address operator,
address from,
uint256 tokenId,
bytes calldata data
) external returns (bytes4);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/SignedMath.sol)
pragma solidity ^0.8.20;
import {SafeCast} from "./SafeCast.sol";
/**
* @dev Standard signed math utilities missing in the Solidity language.
*/
library SignedMath {
/**
* @dev Branchless ternary evaluation for `a ? b : c`. Gas costs are constant.
*
* IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone.
* However, the compiler may optimize Solidity ternary operations (i.e. `a ? b : c`) to only compute
* one branch when needed, making this function more expensive.
*/
function ternary(bool condition, int256 a, int256 b) internal pure returns (int256) {
unchecked {
// branchless ternary works because:
// b ^ (a ^ b) == a
// b ^ 0 == b
return b ^ ((a ^ b) * int256(SafeCast.toUint(condition)));
}
}
/**
* @dev Returns the largest of two signed numbers.
*/
function max(int256 a, int256 b) internal pure returns (int256) {
return ternary(a > b, a, b);
}
/**
* @dev Returns the smallest of two signed numbers.
*/
function min(int256 a, int256 b) internal pure returns (int256) {
return ternary(a < b, a, b);
}
/**
* @dev Returns the average of two signed numbers without overflow.
* The result is rounded towards zero.
*/
function average(int256 a, int256 b) internal pure returns (int256) {
// Formula from the book "Hacker's Delight"
int256 x = (a & b) + ((a ^ b) >> 1);
return x + (int256(uint256(x) >> 255) & (a ^ b));
}
/**
* @dev Returns the absolute unsigned value of a signed value.
*/
function abs(int256 n) internal pure returns (uint256) {
unchecked {
// Formula from the "Bit Twiddling Hacks" by Sean Eron Anderson.
// Since `n` is a signed integer, the generated bytecode will use the SAR opcode to perform the right shift,
// taking advantage of the most significant (or "sign" bit) in two's complement representation.
// This opcode adds new most significant bits set to the value of the previous most significant bit. As a result,
// the mask will either be `bytes32(0)` (if n is positive) or `~bytes32(0)` (if n is negative).
int256 mask = n >> 255;
// A `bytes32(0)` mask leaves the input unchanged, while a `~bytes32(0)` mask complements it.
return uint256((n + mask) ^ mask);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../token/ERC20/IERC20.sol";// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "../utils/introspection/IERC165.sol";// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Errors.sol)
pragma solidity ^0.8.20;
/**
* @dev Collection of common custom errors used in multiple contracts
*
* IMPORTANT: Backwards compatibility is not guaranteed in future versions of the library.
* It is recommended to avoid relying on the error API for critical functionality.
*
* _Available since v5.1._
*/
library Errors {
/**
* @dev The ETH balance of the account is not enough to perform the operation.
*/
error InsufficientBalance(uint256 balance, uint256 needed);
/**
* @dev A call to an address target failed. The target may have reverted.
*/
error FailedCall();
/**
* @dev The deployment failed.
*/
error FailedDeployment();
/**
* @dev A necessary precompile is missing.
*/
error MissingPrecompile(address);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC-20 standard.
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Panic.sol)
pragma solidity ^0.8.20;
/**
* @dev Helper library for emitting standardized panic codes.
*
* ```solidity
* contract Example {
* using Panic for uint256;
*
* // Use any of the declared internal constants
* function foo() { Panic.GENERIC.panic(); }
*
* // Alternatively
* function foo() { Panic.panic(Panic.GENERIC); }
* }
* ```
*
* Follows the list from https://github.com/ethereum/solidity/blob/v0.8.24/libsolutil/ErrorCodes.h[libsolutil].
*
* _Available since v5.1._
*/
// slither-disable-next-line unused-state
library Panic {
/// @dev generic / unspecified error
uint256 internal constant GENERIC = 0x00;
/// @dev used by the assert() builtin
uint256 internal constant ASSERT = 0x01;
/// @dev arithmetic underflow or overflow
uint256 internal constant UNDER_OVERFLOW = 0x11;
/// @dev division or modulo by zero
uint256 internal constant DIVISION_BY_ZERO = 0x12;
/// @dev enum conversion error
uint256 internal constant ENUM_CONVERSION_ERROR = 0x21;
/// @dev invalid encoding in storage
uint256 internal constant STORAGE_ENCODING_ERROR = 0x22;
/// @dev empty array pop
uint256 internal constant EMPTY_ARRAY_POP = 0x31;
/// @dev array out of bounds access
uint256 internal constant ARRAY_OUT_OF_BOUNDS = 0x32;
/// @dev resource error (too large allocation or too large array)
uint256 internal constant RESOURCE_ERROR = 0x41;
/// @dev calling invalid internal function
uint256 internal constant INVALID_INTERNAL_FUNCTION = 0x51;
/// @dev Reverts with a panic code. Recommended to use with
/// the internal constants with predefined codes.
function panic(uint256 code) internal pure {
assembly ("memory-safe") {
mstore(0x00, 0x4e487b71)
mstore(0x20, code)
revert(0x1c, 0x24)
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/SafeCast.sol)
// This file was procedurally generated from scripts/generate/templates/SafeCast.js.
pragma solidity ^0.8.20;
/**
* @dev Wrappers over Solidity's uintXX/intXX/bool casting operators with added overflow
* checks.
*
* Downcasting from uint256/int256 in Solidity does not revert on overflow. This can
* easily result in undesired exploitation or bugs, since developers usually
* assume that overflows raise errors. `SafeCast` restores this intuition by
* reverting the transaction when such an operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeCast {
/**
* @dev Value doesn't fit in an uint of `bits` size.
*/
error SafeCastOverflowedUintDowncast(uint8 bits, uint256 value);
/**
* @dev An int value doesn't fit in an uint of `bits` size.
*/
error SafeCastOverflowedIntToUint(int256 value);
/**
* @dev Value doesn't fit in an int of `bits` size.
*/
error SafeCastOverflowedIntDowncast(uint8 bits, int256 value);
/**
* @dev An uint value doesn't fit in an int of `bits` size.
*/
error SafeCastOverflowedUintToInt(uint256 value);
/**
* @dev Returns the downcasted uint248 from uint256, reverting on
* overflow (when the input is greater than largest uint248).
*
* Counterpart to Solidity's `uint248` operator.
*
* Requirements:
*
* - input must fit into 248 bits
*/
function toUint248(uint256 value) internal pure returns (uint248) {
if (value > type(uint248).max) {
revert SafeCastOverflowedUintDowncast(248, value);
}
return uint248(value);
}
/**
* @dev Returns the downcasted uint240 from uint256, reverting on
* overflow (when the input is greater than largest uint240).
*
* Counterpart to Solidity's `uint240` operator.
*
* Requirements:
*
* - input must fit into 240 bits
*/
function toUint240(uint256 value) internal pure returns (uint240) {
if (value > type(uint240).max) {
revert SafeCastOverflowedUintDowncast(240, value);
}
return uint240(value);
}
/**
* @dev Returns the downcasted uint232 from uint256, reverting on
* overflow (when the input is greater than largest uint232).
*
* Counterpart to Solidity's `uint232` operator.
*
* Requirements:
*
* - input must fit into 232 bits
*/
function toUint232(uint256 value) internal pure returns (uint232) {
if (value > type(uint232).max) {
revert SafeCastOverflowedUintDowncast(232, value);
}
return uint232(value);
}
/**
* @dev Returns the downcasted uint224 from uint256, reverting on
* overflow (when the input is greater than largest uint224).
*
* Counterpart to Solidity's `uint224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*/
function toUint224(uint256 value) internal pure returns (uint224) {
if (value > type(uint224).max) {
revert SafeCastOverflowedUintDowncast(224, value);
}
return uint224(value);
}
/**
* @dev Returns the downcasted uint216 from uint256, reverting on
* overflow (when the input is greater than largest uint216).
*
* Counterpart to Solidity's `uint216` operator.
*
* Requirements:
*
* - input must fit into 216 bits
*/
function toUint216(uint256 value) internal pure returns (uint216) {
if (value > type(uint216).max) {
revert SafeCastOverflowedUintDowncast(216, value);
}
return uint216(value);
}
/**
* @dev Returns the downcasted uint208 from uint256, reverting on
* overflow (when the input is greater than largest uint208).
*
* Counterpart to Solidity's `uint208` operator.
*
* Requirements:
*
* - input must fit into 208 bits
*/
function toUint208(uint256 value) internal pure returns (uint208) {
if (value > type(uint208).max) {
revert SafeCastOverflowedUintDowncast(208, value);
}
return uint208(value);
}
/**
* @dev Returns the downcasted uint200 from uint256, reverting on
* overflow (when the input is greater than largest uint200).
*
* Counterpart to Solidity's `uint200` operator.
*
* Requirements:
*
* - input must fit into 200 bits
*/
function toUint200(uint256 value) internal pure returns (uint200) {
if (value > type(uint200).max) {
revert SafeCastOverflowedUintDowncast(200, value);
}
return uint200(value);
}
/**
* @dev Returns the downcasted uint192 from uint256, reverting on
* overflow (when the input is greater than largest uint192).
*
* Counterpart to Solidity's `uint192` operator.
*
* Requirements:
*
* - input must fit into 192 bits
*/
function toUint192(uint256 value) internal pure returns (uint192) {
if (value > type(uint192).max) {
revert SafeCastOverflowedUintDowncast(192, value);
}
return uint192(value);
}
/**
* @dev Returns the downcasted uint184 from uint256, reverting on
* overflow (when the input is greater than largest uint184).
*
* Counterpart to Solidity's `uint184` operator.
*
* Requirements:
*
* - input must fit into 184 bits
*/
function toUint184(uint256 value) internal pure returns (uint184) {
if (value > type(uint184).max) {
revert SafeCastOverflowedUintDowncast(184, value);
}
return uint184(value);
}
/**
* @dev Returns the downcasted uint176 from uint256, reverting on
* overflow (when the input is greater than largest uint176).
*
* Counterpart to Solidity's `uint176` operator.
*
* Requirements:
*
* - input must fit into 176 bits
*/
function toUint176(uint256 value) internal pure returns (uint176) {
if (value > type(uint176).max) {
revert SafeCastOverflowedUintDowncast(176, value);
}
return uint176(value);
}
/**
* @dev Returns the downcasted uint168 from uint256, reverting on
* overflow (when the input is greater than largest uint168).
*
* Counterpart to Solidity's `uint168` operator.
*
* Requirements:
*
* - input must fit into 168 bits
*/
function toUint168(uint256 value) internal pure returns (uint168) {
if (value > type(uint168).max) {
revert SafeCastOverflowedUintDowncast(168, value);
}
return uint168(value);
}
/**
* @dev Returns the downcasted uint160 from uint256, reverting on
* overflow (when the input is greater than largest uint160).
*
* Counterpart to Solidity's `uint160` operator.
*
* Requirements:
*
* - input must fit into 160 bits
*/
function toUint160(uint256 value) internal pure returns (uint160) {
if (value > type(uint160).max) {
revert SafeCastOverflowedUintDowncast(160, value);
}
return uint160(value);
}
/**
* @dev Returns the downcasted uint152 from uint256, reverting on
* overflow (when the input is greater than largest uint152).
*
* Counterpart to Solidity's `uint152` operator.
*
* Requirements:
*
* - input must fit into 152 bits
*/
function toUint152(uint256 value) internal pure returns (uint152) {
if (value > type(uint152).max) {
revert SafeCastOverflowedUintDowncast(152, value);
}
return uint152(value);
}
/**
* @dev Returns the downcasted uint144 from uint256, reverting on
* overflow (when the input is greater than largest uint144).
*
* Counterpart to Solidity's `uint144` operator.
*
* Requirements:
*
* - input must fit into 144 bits
*/
function toUint144(uint256 value) internal pure returns (uint144) {
if (value > type(uint144).max) {
revert SafeCastOverflowedUintDowncast(144, value);
}
return uint144(value);
}
/**
* @dev Returns the downcasted uint136 from uint256, reverting on
* overflow (when the input is greater than largest uint136).
*
* Counterpart to Solidity's `uint136` operator.
*
* Requirements:
*
* - input must fit into 136 bits
*/
function toUint136(uint256 value) internal pure returns (uint136) {
if (value > type(uint136).max) {
revert SafeCastOverflowedUintDowncast(136, value);
}
return uint136(value);
}
/**
* @dev Returns the downcasted uint128 from uint256, reverting on
* overflow (when the input is greater than largest uint128).
*
* Counterpart to Solidity's `uint128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*/
function toUint128(uint256 value) internal pure returns (uint128) {
if (value > type(uint128).max) {
revert SafeCastOverflowedUintDowncast(128, value);
}
return uint128(value);
}
/**
* @dev Returns the downcasted uint120 from uint256, reverting on
* overflow (when the input is greater than largest uint120).
*
* Counterpart to Solidity's `uint120` operator.
*
* Requirements:
*
* - input must fit into 120 bits
*/
function toUint120(uint256 value) internal pure returns (uint120) {
if (value > type(uint120).max) {
revert SafeCastOverflowedUintDowncast(120, value);
}
return uint120(value);
}
/**
* @dev Returns the downcasted uint112 from uint256, reverting on
* overflow (when the input is greater than largest uint112).
*
* Counterpart to Solidity's `uint112` operator.
*
* Requirements:
*
* - input must fit into 112 bits
*/
function toUint112(uint256 value) internal pure returns (uint112) {
if (value > type(uint112).max) {
revert SafeCastOverflowedUintDowncast(112, value);
}
return uint112(value);
}
/**
* @dev Returns the downcasted uint104 from uint256, reverting on
* overflow (when the input is greater than largest uint104).
*
* Counterpart to Solidity's `uint104` operator.
*
* Requirements:
*
* - input must fit into 104 bits
*/
function toUint104(uint256 value) internal pure returns (uint104) {
if (value > type(uint104).max) {
revert SafeCastOverflowedUintDowncast(104, value);
}
return uint104(value);
}
/**
* @dev Returns the downcasted uint96 from uint256, reverting on
* overflow (when the input is greater than largest uint96).
*
* Counterpart to Solidity's `uint96` operator.
*
* Requirements:
*
* - input must fit into 96 bits
*/
function toUint96(uint256 value) internal pure returns (uint96) {
if (value > type(uint96).max) {
revert SafeCastOverflowedUintDowncast(96, value);
}
return uint96(value);
}
/**
* @dev Returns the downcasted uint88 from uint256, reverting on
* overflow (when the input is greater than largest uint88).
*
* Counterpart to Solidity's `uint88` operator.
*
* Requirements:
*
* - input must fit into 88 bits
*/
function toUint88(uint256 value) internal pure returns (uint88) {
if (value > type(uint88).max) {
revert SafeCastOverflowedUintDowncast(88, value);
}
return uint88(value);
}
/**
* @dev Returns the downcasted uint80 from uint256, reverting on
* overflow (when the input is greater than largest uint80).
*
* Counterpart to Solidity's `uint80` operator.
*
* Requirements:
*
* - input must fit into 80 bits
*/
function toUint80(uint256 value) internal pure returns (uint80) {
if (value > type(uint80).max) {
revert SafeCastOverflowedUintDowncast(80, value);
}
return uint80(value);
}
/**
* @dev Returns the downcasted uint72 from uint256, reverting on
* overflow (when the input is greater than largest uint72).
*
* Counterpart to Solidity's `uint72` operator.
*
* Requirements:
*
* - input must fit into 72 bits
*/
function toUint72(uint256 value) internal pure returns (uint72) {
if (value > type(uint72).max) {
revert SafeCastOverflowedUintDowncast(72, value);
}
return uint72(value);
}
/**
* @dev Returns the downcasted uint64 from uint256, reverting on
* overflow (when the input is greater than largest uint64).
*
* Counterpart to Solidity's `uint64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*/
function toUint64(uint256 value) internal pure returns (uint64) {
if (value > type(uint64).max) {
revert SafeCastOverflowedUintDowncast(64, value);
}
return uint64(value);
}
/**
* @dev Returns the downcasted uint56 from uint256, reverting on
* overflow (when the input is greater than largest uint56).
*
* Counterpart to Solidity's `uint56` operator.
*
* Requirements:
*
* - input must fit into 56 bits
*/
function toUint56(uint256 value) internal pure returns (uint56) {
if (value > type(uint56).max) {
revert SafeCastOverflowedUintDowncast(56, value);
}
return uint56(value);
}
/**
* @dev Returns the downcasted uint48 from uint256, reverting on
* overflow (when the input is greater than largest uint48).
*
* Counterpart to Solidity's `uint48` operator.
*
* Requirements:
*
* - input must fit into 48 bits
*/
function toUint48(uint256 value) internal pure returns (uint48) {
if (value > type(uint48).max) {
revert SafeCastOverflowedUintDowncast(48, value);
}
return uint48(value);
}
/**
* @dev Returns the downcasted uint40 from uint256, reverting on
* overflow (when the input is greater than largest uint40).
*
* Counterpart to Solidity's `uint40` operator.
*
* Requirements:
*
* - input must fit into 40 bits
*/
function toUint40(uint256 value) internal pure returns (uint40) {
if (value > type(uint40).max) {
revert SafeCastOverflowedUintDowncast(40, value);
}
return uint40(value);
}
/**
* @dev Returns the downcasted uint32 from uint256, reverting on
* overflow (when the input is greater than largest uint32).
*
* Counterpart to Solidity's `uint32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*/
function toUint32(uint256 value) internal pure returns (uint32) {
if (value > type(uint32).max) {
revert SafeCastOverflowedUintDowncast(32, value);
}
return uint32(value);
}
/**
* @dev Returns the downcasted uint24 from uint256, reverting on
* overflow (when the input is greater than largest uint24).
*
* Counterpart to Solidity's `uint24` operator.
*
* Requirements:
*
* - input must fit into 24 bits
*/
function toUint24(uint256 value) internal pure returns (uint24) {
if (value > type(uint24).max) {
revert SafeCastOverflowedUintDowncast(24, value);
}
return uint24(value);
}
/**
* @dev Returns the downcasted uint16 from uint256, reverting on
* overflow (when the input is greater than largest uint16).
*
* Counterpart to Solidity's `uint16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*/
function toUint16(uint256 value) internal pure returns (uint16) {
if (value > type(uint16).max) {
revert SafeCastOverflowedUintDowncast(16, value);
}
return uint16(value);
}
/**
* @dev Returns the downcasted uint8 from uint256, reverting on
* overflow (when the input is greater than largest uint8).
*
* Counterpart to Solidity's `uint8` operator.
*
* Requirements:
*
* - input must fit into 8 bits
*/
function toUint8(uint256 value) internal pure returns (uint8) {
if (value > type(uint8).max) {
revert SafeCastOverflowedUintDowncast(8, value);
}
return uint8(value);
}
/**
* @dev Converts a signed int256 into an unsigned uint256.
*
* Requirements:
*
* - input must be greater than or equal to 0.
*/
function toUint256(int256 value) internal pure returns (uint256) {
if (value < 0) {
revert SafeCastOverflowedIntToUint(value);
}
return uint256(value);
}
/**
* @dev Returns the downcasted int248 from int256, reverting on
* overflow (when the input is less than smallest int248 or
* greater than largest int248).
*
* Counterpart to Solidity's `int248` operator.
*
* Requirements:
*
* - input must fit into 248 bits
*/
function toInt248(int256 value) internal pure returns (int248 downcasted) {
downcasted = int248(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(248, value);
}
}
/**
* @dev Returns the downcasted int240 from int256, reverting on
* overflow (when the input is less than smallest int240 or
* greater than largest int240).
*
* Counterpart to Solidity's `int240` operator.
*
* Requirements:
*
* - input must fit into 240 bits
*/
function toInt240(int256 value) internal pure returns (int240 downcasted) {
downcasted = int240(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(240, value);
}
}
/**
* @dev Returns the downcasted int232 from int256, reverting on
* overflow (when the input is less than smallest int232 or
* greater than largest int232).
*
* Counterpart to Solidity's `int232` operator.
*
* Requirements:
*
* - input must fit into 232 bits
*/
function toInt232(int256 value) internal pure returns (int232 downcasted) {
downcasted = int232(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(232, value);
}
}
/**
* @dev Returns the downcasted int224 from int256, reverting on
* overflow (when the input is less than smallest int224 or
* greater than largest int224).
*
* Counterpart to Solidity's `int224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*/
function toInt224(int256 value) internal pure returns (int224 downcasted) {
downcasted = int224(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(224, value);
}
}
/**
* @dev Returns the downcasted int216 from int256, reverting on
* overflow (when the input is less than smallest int216 or
* greater than largest int216).
*
* Counterpart to Solidity's `int216` operator.
*
* Requirements:
*
* - input must fit into 216 bits
*/
function toInt216(int256 value) internal pure returns (int216 downcasted) {
downcasted = int216(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(216, value);
}
}
/**
* @dev Returns the downcasted int208 from int256, reverting on
* overflow (when the input is less than smallest int208 or
* greater than largest int208).
*
* Counterpart to Solidity's `int208` operator.
*
* Requirements:
*
* - input must fit into 208 bits
*/
function toInt208(int256 value) internal pure returns (int208 downcasted) {
downcasted = int208(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(208, value);
}
}
/**
* @dev Returns the downcasted int200 from int256, reverting on
* overflow (when the input is less than smallest int200 or
* greater than largest int200).
*
* Counterpart to Solidity's `int200` operator.
*
* Requirements:
*
* - input must fit into 200 bits
*/
function toInt200(int256 value) internal pure returns (int200 downcasted) {
downcasted = int200(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(200, value);
}
}
/**
* @dev Returns the downcasted int192 from int256, reverting on
* overflow (when the input is less than smallest int192 or
* greater than largest int192).
*
* Counterpart to Solidity's `int192` operator.
*
* Requirements:
*
* - input must fit into 192 bits
*/
function toInt192(int256 value) internal pure returns (int192 downcasted) {
downcasted = int192(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(192, value);
}
}
/**
* @dev Returns the downcasted int184 from int256, reverting on
* overflow (when the input is less than smallest int184 or
* greater than largest int184).
*
* Counterpart to Solidity's `int184` operator.
*
* Requirements:
*
* - input must fit into 184 bits
*/
function toInt184(int256 value) internal pure returns (int184 downcasted) {
downcasted = int184(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(184, value);
}
}
/**
* @dev Returns the downcasted int176 from int256, reverting on
* overflow (when the input is less than smallest int176 or
* greater than largest int176).
*
* Counterpart to Solidity's `int176` operator.
*
* Requirements:
*
* - input must fit into 176 bits
*/
function toInt176(int256 value) internal pure returns (int176 downcasted) {
downcasted = int176(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(176, value);
}
}
/**
* @dev Returns the downcasted int168 from int256, reverting on
* overflow (when the input is less than smallest int168 or
* greater than largest int168).
*
* Counterpart to Solidity's `int168` operator.
*
* Requirements:
*
* - input must fit into 168 bits
*/
function toInt168(int256 value) internal pure returns (int168 downcasted) {
downcasted = int168(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(168, value);
}
}
/**
* @dev Returns the downcasted int160 from int256, reverting on
* overflow (when the input is less than smallest int160 or
* greater than largest int160).
*
* Counterpart to Solidity's `int160` operator.
*
* Requirements:
*
* - input must fit into 160 bits
*/
function toInt160(int256 value) internal pure returns (int160 downcasted) {
downcasted = int160(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(160, value);
}
}
/**
* @dev Returns the downcasted int152 from int256, reverting on
* overflow (when the input is less than smallest int152 or
* greater than largest int152).
*
* Counterpart to Solidity's `int152` operator.
*
* Requirements:
*
* - input must fit into 152 bits
*/
function toInt152(int256 value) internal pure returns (int152 downcasted) {
downcasted = int152(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(152, value);
}
}
/**
* @dev Returns the downcasted int144 from int256, reverting on
* overflow (when the input is less than smallest int144 or
* greater than largest int144).
*
* Counterpart to Solidity's `int144` operator.
*
* Requirements:
*
* - input must fit into 144 bits
*/
function toInt144(int256 value) internal pure returns (int144 downcasted) {
downcasted = int144(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(144, value);
}
}
/**
* @dev Returns the downcasted int136 from int256, reverting on
* overflow (when the input is less than smallest int136 or
* greater than largest int136).
*
* Counterpart to Solidity's `int136` operator.
*
* Requirements:
*
* - input must fit into 136 bits
*/
function toInt136(int256 value) internal pure returns (int136 downcasted) {
downcasted = int136(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(136, value);
}
}
/**
* @dev Returns the downcasted int128 from int256, reverting on
* overflow (when the input is less than smallest int128 or
* greater than largest int128).
*
* Counterpart to Solidity's `int128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*/
function toInt128(int256 value) internal pure returns (int128 downcasted) {
downcasted = int128(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(128, value);
}
}
/**
* @dev Returns the downcasted int120 from int256, reverting on
* overflow (when the input is less than smallest int120 or
* greater than largest int120).
*
* Counterpart to Solidity's `int120` operator.
*
* Requirements:
*
* - input must fit into 120 bits
*/
function toInt120(int256 value) internal pure returns (int120 downcasted) {
downcasted = int120(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(120, value);
}
}
/**
* @dev Returns the downcasted int112 from int256, reverting on
* overflow (when the input is less than smallest int112 or
* greater than largest int112).
*
* Counterpart to Solidity's `int112` operator.
*
* Requirements:
*
* - input must fit into 112 bits
*/
function toInt112(int256 value) internal pure returns (int112 downcasted) {
downcasted = int112(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(112, value);
}
}
/**
* @dev Returns the downcasted int104 from int256, reverting on
* overflow (when the input is less than smallest int104 or
* greater than largest int104).
*
* Counterpart to Solidity's `int104` operator.
*
* Requirements:
*
* - input must fit into 104 bits
*/
function toInt104(int256 value) internal pure returns (int104 downcasted) {
downcasted = int104(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(104, value);
}
}
/**
* @dev Returns the downcasted int96 from int256, reverting on
* overflow (when the input is less than smallest int96 or
* greater than largest int96).
*
* Counterpart to Solidity's `int96` operator.
*
* Requirements:
*
* - input must fit into 96 bits
*/
function toInt96(int256 value) internal pure returns (int96 downcasted) {
downcasted = int96(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(96, value);
}
}
/**
* @dev Returns the downcasted int88 from int256, reverting on
* overflow (when the input is less than smallest int88 or
* greater than largest int88).
*
* Counterpart to Solidity's `int88` operator.
*
* Requirements:
*
* - input must fit into 88 bits
*/
function toInt88(int256 value) internal pure returns (int88 downcasted) {
downcasted = int88(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(88, value);
}
}
/**
* @dev Returns the downcasted int80 from int256, reverting on
* overflow (when the input is less than smallest int80 or
* greater than largest int80).
*
* Counterpart to Solidity's `int80` operator.
*
* Requirements:
*
* - input must fit into 80 bits
*/
function toInt80(int256 value) internal pure returns (int80 downcasted) {
downcasted = int80(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(80, value);
}
}
/**
* @dev Returns the downcasted int72 from int256, reverting on
* overflow (when the input is less than smallest int72 or
* greater than largest int72).
*
* Counterpart to Solidity's `int72` operator.
*
* Requirements:
*
* - input must fit into 72 bits
*/
function toInt72(int256 value) internal pure returns (int72 downcasted) {
downcasted = int72(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(72, value);
}
}
/**
* @dev Returns the downcasted int64 from int256, reverting on
* overflow (when the input is less than smallest int64 or
* greater than largest int64).
*
* Counterpart to Solidity's `int64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*/
function toInt64(int256 value) internal pure returns (int64 downcasted) {
downcasted = int64(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(64, value);
}
}
/**
* @dev Returns the downcasted int56 from int256, reverting on
* overflow (when the input is less than smallest int56 or
* greater than largest int56).
*
* Counterpart to Solidity's `int56` operator.
*
* Requirements:
*
* - input must fit into 56 bits
*/
function toInt56(int256 value) internal pure returns (int56 downcasted) {
downcasted = int56(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(56, value);
}
}
/**
* @dev Returns the downcasted int48 from int256, reverting on
* overflow (when the input is less than smallest int48 or
* greater than largest int48).
*
* Counterpart to Solidity's `int48` operator.
*
* Requirements:
*
* - input must fit into 48 bits
*/
function toInt48(int256 value) internal pure returns (int48 downcasted) {
downcasted = int48(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(48, value);
}
}
/**
* @dev Returns the downcasted int40 from int256, reverting on
* overflow (when the input is less than smallest int40 or
* greater than largest int40).
*
* Counterpart to Solidity's `int40` operator.
*
* Requirements:
*
* - input must fit into 40 bits
*/
function toInt40(int256 value) internal pure returns (int40 downcasted) {
downcasted = int40(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(40, value);
}
}
/**
* @dev Returns the downcasted int32 from int256, reverting on
* overflow (when the input is less than smallest int32 or
* greater than largest int32).
*
* Counterpart to Solidity's `int32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*/
function toInt32(int256 value) internal pure returns (int32 downcasted) {
downcasted = int32(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(32, value);
}
}
/**
* @dev Returns the downcasted int24 from int256, reverting on
* overflow (when the input is less than smallest int24 or
* greater than largest int24).
*
* Counterpart to Solidity's `int24` operator.
*
* Requirements:
*
* - input must fit into 24 bits
*/
function toInt24(int256 value) internal pure returns (int24 downcasted) {
downcasted = int24(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(24, value);
}
}
/**
* @dev Returns the downcasted int16 from int256, reverting on
* overflow (when the input is less than smallest int16 or
* greater than largest int16).
*
* Counterpart to Solidity's `int16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*/
function toInt16(int256 value) internal pure returns (int16 downcasted) {
downcasted = int16(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(16, value);
}
}
/**
* @dev Returns the downcasted int8 from int256, reverting on
* overflow (when the input is less than smallest int8 or
* greater than largest int8).
*
* Counterpart to Solidity's `int8` operator.
*
* Requirements:
*
* - input must fit into 8 bits
*/
function toInt8(int256 value) internal pure returns (int8 downcasted) {
downcasted = int8(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(8, value);
}
}
/**
* @dev Converts an unsigned uint256 into a signed int256.
*
* Requirements:
*
* - input must be less than or equal to maxInt256.
*/
function toInt256(uint256 value) internal pure returns (int256) {
// Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive
if (value > uint256(type(int256).max)) {
revert SafeCastOverflowedUintToInt(value);
}
return int256(value);
}
/**
* @dev Cast a boolean (false or true) to a uint256 (0 or 1) with no jump.
*/
function toUint(bool b) internal pure returns (uint256 u) {
assembly ("memory-safe") {
u := iszero(iszero(b))
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/structs/EnumerableSet.sol)
// This file was procedurally generated from scripts/generate/templates/EnumerableSet.js.
pragma solidity ^0.8.20;
/**
* @dev Library for managing
* https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive
* types.
*
* Sets have the following properties:
*
* - Elements are added, removed, and checked for existence in constant time
* (O(1)).
* - Elements are enumerated in O(n). No guarantees are made on the ordering.
*
* ```solidity
* contract Example {
* // Add the library methods
* using EnumerableSet for EnumerableSet.AddressSet;
*
* // Declare a set state variable
* EnumerableSet.AddressSet private mySet;
* }
* ```
*
* As of v3.3.0, sets of type `bytes32` (`Bytes32Set`), `address` (`AddressSet`)
* and `uint256` (`UintSet`) are supported.
*
* [WARNING]
* ====
* Trying to delete such a structure from storage will likely result in data corruption, rendering the structure
* unusable.
* See https://github.com/ethereum/solidity/pull/11843[ethereum/solidity#11843] for more info.
*
* In order to clean an EnumerableSet, you can either remove all elements one by one or create a fresh instance using an
* array of EnumerableSet.
* ====
*/
library EnumerableSet {
// To implement this library for multiple types with as little code
// repetition as possible, we write it in terms of a generic Set type with
// bytes32 values.
// The Set implementation uses private functions, and user-facing
// implementations (such as AddressSet) are just wrappers around the
// underlying Set.
// This means that we can only create new EnumerableSets for types that fit
// in bytes32.
struct Set {
// Storage of set values
bytes32[] _values;
// Position is the index of the value in the `values` array plus 1.
// Position 0 is used to mean a value is not in the set.
mapping(bytes32 value => uint256) _positions;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function _add(Set storage set, bytes32 value) private returns (bool) {
if (!_contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes
// and use 0 as a sentinel value
set._positions[value] = set._values.length;
return true;
} else {
return false;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function _remove(Set storage set, bytes32 value) private returns (bool) {
// We cache the value's position to prevent multiple reads from the same storage slot
uint256 position = set._positions[value];
if (position != 0) {
// Equivalent to contains(set, value)
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in
// the array, and then remove the last element (sometimes called as 'swap and pop').
// This modifies the order of the array, as noted in {at}.
uint256 valueIndex = position - 1;
uint256 lastIndex = set._values.length - 1;
if (valueIndex != lastIndex) {
bytes32 lastValue = set._values[lastIndex];
// Move the lastValue to the index where the value to delete is
set._values[valueIndex] = lastValue;
// Update the tracked position of the lastValue (that was just moved)
set._positions[lastValue] = position;
}
// Delete the slot where the moved value was stored
set._values.pop();
// Delete the tracked position for the deleted slot
delete set._positions[value];
return true;
} else {
return false;
}
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function _contains(Set storage set, bytes32 value) private view returns (bool) {
return set._positions[value] != 0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/
function _length(Set storage set) private view returns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function _at(Set storage set, uint256 index) private view returns (bytes32) {
return set._values[index];
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function _values(Set storage set) private view returns (bytes32[] memory) {
return set._values;
}
// Bytes32Set
struct Bytes32Set {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(Bytes32Set storage set, bytes32 value) internal returns (bool) {
return _add(set._inner, value);
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(Bytes32Set storage set, bytes32 value) internal returns (bool) {
return _remove(set._inner, value);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(Bytes32Set storage set, bytes32 value) internal view returns (bool) {
return _contains(set._inner, value);
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(Bytes32Set storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(Bytes32Set storage set, uint256 index) internal view returns (bytes32) {
return _at(set._inner, index);
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(Bytes32Set storage set) internal view returns (bytes32[] memory) {
bytes32[] memory store = _values(set._inner);
bytes32[] memory result;
assembly ("memory-safe") {
result := store
}
return result;
}
// AddressSet
struct AddressSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(AddressSet storage set, address value) internal returns (bool) {
return _add(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(AddressSet storage set, address value) internal returns (bool) {
return _remove(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(AddressSet storage set, address value) internal view returns (bool) {
return _contains(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(AddressSet storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(AddressSet storage set, uint256 index) internal view returns (address) {
return address(uint160(uint256(_at(set._inner, index))));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(AddressSet storage set) internal view returns (address[] memory) {
bytes32[] memory store = _values(set._inner);
address[] memory result;
assembly ("memory-safe") {
result := store
}
return result;
}
// UintSet
struct UintSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(UintSet storage set, uint256 value) internal returns (bool) {
return _add(set._inner, bytes32(value));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(UintSet storage set, uint256 value) internal returns (bool) {
return _remove(set._inner, bytes32(value));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(UintSet storage set, uint256 value) internal view returns (bool) {
return _contains(set._inner, bytes32(value));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(UintSet storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(UintSet storage set, uint256 index) internal view returns (uint256) {
return uint256(_at(set._inner, index));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(UintSet storage set) internal view returns (uint256[] memory) {
bytes32[] memory store = _values(set._inner);
uint256[] memory result;
assembly ("memory-safe") {
result := store
}
return result;
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
// End consumer library.
library VRFV2PlusClient {
// extraArgs will evolve to support new features
bytes4 public constant EXTRA_ARGS_V1_TAG = bytes4(keccak256("VRF ExtraArgsV1"));
struct ExtraArgsV1 {
bool nativePayment;
}
struct RandomWordsRequest {
bytes32 keyHash;
uint256 subId;
uint16 requestConfirmations;
uint32 callbackGasLimit;
uint32 numWords;
bytes extraArgs;
}
function _argsToBytes(ExtraArgsV1 memory extraArgs) internal pure returns (bytes memory bts) {
return abi.encodeWithSelector(EXTRA_ARGS_V1_TAG, extraArgs);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
import {IVRFCoordinatorV2Plus} from "./interfaces/IVRFCoordinatorV2Plus.sol";
import {IVRFMigratableConsumerV2Plus} from "./interfaces/IVRFMigratableConsumerV2Plus.sol";
import {ConfirmedOwner} from "../../shared/access/ConfirmedOwner.sol";
/** ****************************************************************************
* @notice Interface for contracts using VRF randomness
* *****************************************************************************
* @dev PURPOSE
*
* @dev Reggie the Random Oracle (not his real job) wants to provide randomness
* @dev to Vera the verifier in such a way that Vera can be sure he's not
* @dev making his output up to suit himself. Reggie provides Vera a public key
* @dev to which he knows the secret key. Each time Vera provides a seed to
* @dev Reggie, he gives back a value which is computed completely
* @dev deterministically from the seed and the secret key.
*
* @dev Reggie provides a proof by which Vera can verify that the output was
* @dev correctly computed once Reggie tells it to her, but without that proof,
* @dev the output is indistinguishable to her from a uniform random sample
* @dev from the output space.
*
* @dev The purpose of this contract is to make it easy for unrelated contracts
* @dev to talk to Vera the verifier about the work Reggie is doing, to provide
* @dev simple access to a verifiable source of randomness. It ensures 2 things:
* @dev 1. The fulfillment came from the VRFCoordinatorV2Plus.
* @dev 2. The consumer contract implements fulfillRandomWords.
* *****************************************************************************
* @dev USAGE
*
* @dev Calling contracts must inherit from VRFConsumerBaseV2Plus, and can
* @dev initialize VRFConsumerBaseV2Plus's attributes in their constructor as
* @dev shown:
*
* @dev contract VRFConsumerV2Plus is VRFConsumerBaseV2Plus {
* @dev constructor(<other arguments>, address _vrfCoordinator, address _subOwner)
* @dev VRFConsumerBaseV2Plus(_vrfCoordinator, _subOwner) public {
* @dev <initialization with other arguments goes here>
* @dev }
* @dev }
*
* @dev The oracle will have given you an ID for the VRF keypair they have
* @dev committed to (let's call it keyHash). Create a subscription, fund it
* @dev and your consumer contract as a consumer of it (see VRFCoordinatorInterface
* @dev subscription management functions).
* @dev Call requestRandomWords(keyHash, subId, minimumRequestConfirmations,
* @dev callbackGasLimit, numWords, extraArgs),
* @dev see (IVRFCoordinatorV2Plus for a description of the arguments).
*
* @dev Once the VRFCoordinatorV2Plus has received and validated the oracle's response
* @dev to your request, it will call your contract's fulfillRandomWords method.
*
* @dev The randomness argument to fulfillRandomWords is a set of random words
* @dev generated from your requestId and the blockHash of the request.
*
* @dev If your contract could have concurrent requests open, you can use the
* @dev requestId returned from requestRandomWords to track which response is associated
* @dev with which randomness request.
* @dev See "SECURITY CONSIDERATIONS" for principles to keep in mind,
* @dev if your contract could have multiple requests in flight simultaneously.
*
* @dev Colliding `requestId`s are cryptographically impossible as long as seeds
* @dev differ.
*
* *****************************************************************************
* @dev SECURITY CONSIDERATIONS
*
* @dev A method with the ability to call your fulfillRandomness method directly
* @dev could spoof a VRF response with any random value, so it's critical that
* @dev it cannot be directly called by anything other than this base contract
* @dev (specifically, by the VRFConsumerBaseV2Plus.rawFulfillRandomness method).
*
* @dev For your users to trust that your contract's random behavior is free
* @dev from malicious interference, it's best if you can write it so that all
* @dev behaviors implied by a VRF response are executed *during* your
* @dev fulfillRandomness method. If your contract must store the response (or
* @dev anything derived from it) and use it later, you must ensure that any
* @dev user-significant behavior which depends on that stored value cannot be
* @dev manipulated by a subsequent VRF request.
*
* @dev Similarly, both miners and the VRF oracle itself have some influence
* @dev over the order in which VRF responses appear on the blockchain, so if
* @dev your contract could have multiple VRF requests in flight simultaneously,
* @dev you must ensure that the order in which the VRF responses arrive cannot
* @dev be used to manipulate your contract's user-significant behavior.
*
* @dev Since the block hash of the block which contains the requestRandomness
* @dev call is mixed into the input to the VRF *last*, a sufficiently powerful
* @dev miner could, in principle, fork the blockchain to evict the block
* @dev containing the request, forcing the request to be included in a
* @dev different block with a different hash, and therefore a different input
* @dev to the VRF. However, such an attack would incur a substantial economic
* @dev cost. This cost scales with the number of blocks the VRF oracle waits
* @dev until it calls responds to a request. It is for this reason that
* @dev that you can signal to an oracle you'd like them to wait longer before
* @dev responding to the request (however this is not enforced in the contract
* @dev and so remains effective only in the case of unmodified oracle software).
*/
abstract contract VRFConsumerBaseV2Plus is IVRFMigratableConsumerV2Plus, ConfirmedOwner {
error OnlyCoordinatorCanFulfill(address have, address want);
error OnlyOwnerOrCoordinator(address have, address owner, address coordinator);
error ZeroAddress();
// s_vrfCoordinator should be used by consumers to make requests to vrfCoordinator
// so that coordinator reference is updated after migration
IVRFCoordinatorV2Plus public s_vrfCoordinator;
/**
* @param _vrfCoordinator address of VRFCoordinator contract
*/
constructor(address _vrfCoordinator) ConfirmedOwner(msg.sender) {
if (_vrfCoordinator == address(0)) {
revert ZeroAddress();
}
s_vrfCoordinator = IVRFCoordinatorV2Plus(_vrfCoordinator);
}
/**
* @notice fulfillRandomness handles the VRF response. Your contract must
* @notice implement it. See "SECURITY CONSIDERATIONS" above for important
* @notice principles to keep in mind when implementing your fulfillRandomness
* @notice method.
*
* @dev VRFConsumerBaseV2Plus expects its subcontracts to have a method with this
* @dev signature, and will call it once it has verified the proof
* @dev associated with the randomness. (It is triggered via a call to
* @dev rawFulfillRandomness, below.)
*
* @param requestId The Id initially returned by requestRandomness
* @param randomWords the VRF output expanded to the requested number of words
*/
// solhint-disable-next-line chainlink-solidity/prefix-internal-functions-with-underscore
function fulfillRandomWords(uint256 requestId, uint256[] calldata randomWords) internal virtual;
// rawFulfillRandomness is called by VRFCoordinator when it receives a valid VRF
// proof. rawFulfillRandomness then calls fulfillRandomness, after validating
// the origin of the call
function rawFulfillRandomWords(uint256 requestId, uint256[] calldata randomWords) external {
if (msg.sender != address(s_vrfCoordinator)) {
revert OnlyCoordinatorCanFulfill(msg.sender, address(s_vrfCoordinator));
}
fulfillRandomWords(requestId, randomWords);
}
/**
* @inheritdoc IVRFMigratableConsumerV2Plus
*/
function setCoordinator(address _vrfCoordinator) external override onlyOwnerOrCoordinator {
if (_vrfCoordinator == address(0)) {
revert ZeroAddress();
}
s_vrfCoordinator = IVRFCoordinatorV2Plus(_vrfCoordinator);
emit CoordinatorSet(_vrfCoordinator);
}
modifier onlyOwnerOrCoordinator() {
if (msg.sender != owner() && msg.sender != address(s_vrfCoordinator)) {
revert OnlyOwnerOrCoordinator(msg.sender, owner(), address(s_vrfCoordinator));
}
_;
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
// @dev Import the 'MessagingFee' and 'MessagingReceipt' so it's exposed to OApp implementers
// solhint-disable-next-line no-unused-import
import { OAppSender, MessagingFee, MessagingReceipt } from "./OAppSender.sol";
// @dev Import the 'Origin' so it's exposed to OApp implementers
// solhint-disable-next-line no-unused-import
import { OAppReceiver, Origin } from "./OAppReceiver.sol";
import { OAppCore } from "./OAppCore.sol";
/**
* @title OApp
* @dev Abstract contract serving as the base for OApp implementation, combining OAppSender and OAppReceiver functionality.
*/
abstract contract OApp is OAppSender, OAppReceiver {
/**
* @dev Constructor to initialize the OApp with the provided endpoint and owner.
* @param _endpoint The address of the LOCAL LayerZero endpoint.
* @param _delegate The delegate capable of making OApp configurations inside of the endpoint.
*/
constructor(address _endpoint, address _delegate) OAppCore(_endpoint, _delegate) {}
/**
* @notice Retrieves the OApp version information.
* @return senderVersion The version of the OAppSender.sol implementation.
* @return receiverVersion The version of the OAppReceiver.sol implementation.
*/
function oAppVersion()
public
pure
virtual
override(OAppSender, OAppReceiver)
returns (uint64 senderVersion, uint64 receiverVersion)
{
return (SENDER_VERSION, RECEIVER_VERSION);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
import { IOAppOptionsType3, EnforcedOptionParam } from "../interfaces/IOAppOptionsType3.sol";
/**
* @title OAppOptionsType3
* @dev Abstract contract implementing the IOAppOptionsType3 interface with type 3 options.
*/
abstract contract OAppOptionsType3 is IOAppOptionsType3, Ownable {
uint16 internal constant OPTION_TYPE_3 = 3;
// @dev The "msgType" should be defined in the child contract.
mapping(uint32 eid => mapping(uint16 msgType => bytes enforcedOption)) public enforcedOptions;
/**
* @dev Sets the enforced options for specific endpoint and message type combinations.
* @param _enforcedOptions An array of EnforcedOptionParam structures specifying enforced options.
*
* @dev Only the owner/admin of the OApp can call this function.
* @dev Provides a way for the OApp to enforce things like paying for PreCrime, AND/OR minimum dst lzReceive gas amounts etc.
* @dev These enforced options can vary as the potential options/execution on the remote may differ as per the msgType.
* eg. Amount of lzReceive() gas necessary to deliver a lzCompose() message adds overhead you dont want to pay
* if you are only making a standard LayerZero message ie. lzReceive() WITHOUT sendCompose().
*/
function setEnforcedOptions(EnforcedOptionParam[] calldata _enforcedOptions) public virtual onlyOwner {
_setEnforcedOptions(_enforcedOptions);
}
/**
* @dev Sets the enforced options for specific endpoint and message type combinations.
* @param _enforcedOptions An array of EnforcedOptionParam structures specifying enforced options.
*
* @dev Provides a way for the OApp to enforce things like paying for PreCrime, AND/OR minimum dst lzReceive gas amounts etc.
* @dev These enforced options can vary as the potential options/execution on the remote may differ as per the msgType.
* eg. Amount of lzReceive() gas necessary to deliver a lzCompose() message adds overhead you dont want to pay
* if you are only making a standard LayerZero message ie. lzReceive() WITHOUT sendCompose().
*/
function _setEnforcedOptions(EnforcedOptionParam[] memory _enforcedOptions) internal virtual {
for (uint256 i = 0; i < _enforcedOptions.length; i++) {
// @dev Enforced options are only available for optionType 3, as type 1 and 2 dont support combining.
_assertOptionsType3(_enforcedOptions[i].options);
enforcedOptions[_enforcedOptions[i].eid][_enforcedOptions[i].msgType] = _enforcedOptions[i].options;
}
emit EnforcedOptionSet(_enforcedOptions);
}
/**
* @notice Combines options for a given endpoint and message type.
* @param _eid The endpoint ID.
* @param _msgType The OAPP message type.
* @param _extraOptions Additional options passed by the caller.
* @return options The combination of caller specified options AND enforced options.
*
* @dev If there is an enforced lzReceive option:
* - {gasLimit: 200k, msg.value: 1 ether} AND a caller supplies a lzReceive option: {gasLimit: 100k, msg.value: 0.5 ether}
* - The resulting options will be {gasLimit: 300k, msg.value: 1.5 ether} when the message is executed on the remote lzReceive() function.
* @dev This presence of duplicated options is handled off-chain in the verifier/executor.
*/
function combineOptions(
uint32 _eid,
uint16 _msgType,
bytes calldata _extraOptions
) public view virtual returns (bytes memory) {
bytes memory enforced = enforcedOptions[_eid][_msgType];
// No enforced options, pass whatever the caller supplied, even if it's empty or legacy type 1/2 options.
if (enforced.length == 0) return _extraOptions;
// No caller options, return enforced
if (_extraOptions.length == 0) return enforced;
// @dev If caller provided _extraOptions, must be type 3 as its the ONLY type that can be combined.
if (_extraOptions.length >= 2) {
_assertOptionsType3(_extraOptions);
// @dev Remove the first 2 bytes containing the type from the _extraOptions and combine with enforced.
return bytes.concat(enforced, _extraOptions[2:]);
}
// No valid set of options was found.
revert InvalidOptions(_extraOptions);
}
/**
* @dev Internal function to assert that options are of type 3.
* @param _options The options to be checked.
*/
function _assertOptionsType3(bytes memory _options) internal pure virtual {
uint16 optionsType;
assembly {
optionsType := mload(add(_options, 2))
}
if (optionsType != OPTION_TYPE_3) revert InvalidOptions(_options);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
/**
* @title IOAppMsgInspector
* @dev Interface for the OApp Message Inspector, allowing examination of message and options contents.
*/
interface IOAppMsgInspector {
// Custom error message for inspection failure
error InspectionFailed(bytes message, bytes options);
/**
* @notice Allows the inspector to examine LayerZero message contents and optionally throw a revert if invalid.
* @param _message The message payload to be inspected.
* @param _options Additional options or parameters for inspection.
* @return valid A boolean indicating whether the inspection passed (true) or failed (false).
*
* @dev Optionally done as a revert, OR use the boolean provided to handle the failure.
*/
function inspect(bytes calldata _message, bytes calldata _options) external view returns (bool valid);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
import { IPreCrime } from "./interfaces/IPreCrime.sol";
import { IOAppPreCrimeSimulator, InboundPacket, Origin } from "./interfaces/IOAppPreCrimeSimulator.sol";
/**
* @title OAppPreCrimeSimulator
* @dev Abstract contract serving as the base for preCrime simulation functionality in an OApp.
*/
abstract contract OAppPreCrimeSimulator is IOAppPreCrimeSimulator, Ownable {
// The address of the preCrime implementation.
address public preCrime;
/**
* @dev Retrieves the address of the OApp contract.
* @return The address of the OApp contract.
*
* @dev The simulator contract is the base contract for the OApp by default.
* @dev If the simulator is a separate contract, override this function.
*/
function oApp() external view virtual returns (address) {
return address(this);
}
/**
* @dev Sets the preCrime contract address.
* @param _preCrime The address of the preCrime contract.
*/
function setPreCrime(address _preCrime) public virtual onlyOwner {
preCrime = _preCrime;
emit PreCrimeSet(_preCrime);
}
/**
* @dev Interface for pre-crime simulations. Always reverts at the end with the simulation results.
* @param _packets An array of InboundPacket objects representing received packets to be delivered.
*
* @dev WARNING: MUST revert at the end with the simulation results.
* @dev Gives the preCrime implementation the ability to mock sending packets to the lzReceive function,
* WITHOUT actually executing them.
*/
function lzReceiveAndRevert(InboundPacket[] calldata _packets) public payable virtual {
for (uint256 i = 0; i < _packets.length; i++) {
InboundPacket calldata packet = _packets[i];
// Ignore packets that are not from trusted peers.
if (!isPeer(packet.origin.srcEid, packet.origin.sender)) continue;
// @dev Because a verifier is calling this function, it doesnt have access to executor params:
// - address _executor
// - bytes calldata _extraData
// preCrime will NOT work for OApps that rely on these two parameters inside of their _lzReceive().
// They are instead stubbed to default values, address(0) and bytes("")
// @dev Calling this.lzReceiveSimulate removes ability for assembly return 0 callstack exit,
// which would cause the revert to be ignored.
this.lzReceiveSimulate{ value: packet.value }(
packet.origin,
packet.guid,
packet.message,
packet.executor,
packet.extraData
);
}
// @dev Revert with the simulation results. msg.sender must implement IPreCrime.buildSimulationResult().
revert SimulationResult(IPreCrime(msg.sender).buildSimulationResult());
}
/**
* @dev Is effectively an internal function because msg.sender must be address(this).
* Allows resetting the call stack for 'internal' calls.
* @param _origin The origin information containing the source endpoint and sender address.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address on the src chain.
* - nonce: The nonce of the message.
* @param _guid The unique identifier of the packet.
* @param _message The message payload of the packet.
* @param _executor The executor address for the packet.
* @param _extraData Additional data for the packet.
*/
function lzReceiveSimulate(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) external payable virtual {
// @dev Ensure ONLY can be called 'internally'.
if (msg.sender != address(this)) revert OnlySelf();
_lzReceiveSimulate(_origin, _guid, _message, _executor, _extraData);
}
/**
* @dev Internal function to handle the OAppPreCrimeSimulator simulated receive.
* @param _origin The origin information.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address from the src chain.
* - nonce: The nonce of the LayerZero message.
* @param _guid The GUID of the LayerZero message.
* @param _message The LayerZero message.
* @param _executor The address of the off-chain executor.
* @param _extraData Arbitrary data passed by the msg executor.
*
* @dev Enables the preCrime simulator to mock sending lzReceive() messages,
* routes the msg down from the OAppPreCrimeSimulator, and back up to the OAppReceiver.
*/
function _lzReceiveSimulate(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) internal virtual;
/**
* @dev checks if the specified peer is considered 'trusted' by the OApp.
* @param _eid The endpoint Id to check.
* @param _peer The peer to check.
* @return Whether the peer passed is considered 'trusted' by the OApp.
*/
function isPeer(uint32 _eid, bytes32 _peer) public view virtual returns (bool);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { MessagingReceipt, MessagingFee } from "@layerzerolabs/oapp-evm/contracts/oapp/OAppSender.sol";
/**
* @dev Struct representing token parameters for the OFT send() operation.
*/
struct SendParam {
uint32 dstEid; // Destination endpoint ID.
bytes32 to; // Recipient address.
uint256 amountLD; // Amount to send in local decimals.
uint256 minAmountLD; // Minimum amount to send in local decimals.
bytes extraOptions; // Additional options supplied by the caller to be used in the LayerZero message.
bytes composeMsg; // The composed message for the send() operation.
bytes oftCmd; // The OFT command to be executed, unused in default OFT implementations.
}
/**
* @dev Struct representing OFT limit information.
* @dev These amounts can change dynamically and are up the specific oft implementation.
*/
struct OFTLimit {
uint256 minAmountLD; // Minimum amount in local decimals that can be sent to the recipient.
uint256 maxAmountLD; // Maximum amount in local decimals that can be sent to the recipient.
}
/**
* @dev Struct representing OFT receipt information.
*/
struct OFTReceipt {
uint256 amountSentLD; // Amount of tokens ACTUALLY debited from the sender in local decimals.
// @dev In non-default implementations, the amountReceivedLD COULD differ from this value.
uint256 amountReceivedLD; // Amount of tokens to be received on the remote side.
}
/**
* @dev Struct representing OFT fee details.
* @dev Future proof mechanism to provide a standardized way to communicate fees to things like a UI.
*/
struct OFTFeeDetail {
int256 feeAmountLD; // Amount of the fee in local decimals.
string description; // Description of the fee.
}
/**
* @title IOFT
* @dev Interface for the OftChain (OFT) token.
* @dev Does not inherit ERC20 to accommodate usage by OFTAdapter as well.
* @dev This specific interface ID is '0x02e49c2c'.
*/
interface IOFT {
// Custom error messages
error InvalidLocalDecimals();
error SlippageExceeded(uint256 amountLD, uint256 minAmountLD);
// Events
event OFTSent(
bytes32 indexed guid, // GUID of the OFT message.
uint32 dstEid, // Destination Endpoint ID.
address indexed fromAddress, // Address of the sender on the src chain.
uint256 amountSentLD, // Amount of tokens sent in local decimals.
uint256 amountReceivedLD // Amount of tokens received in local decimals.
);
event OFTReceived(
bytes32 indexed guid, // GUID of the OFT message.
uint32 srcEid, // Source Endpoint ID.
address indexed toAddress, // Address of the recipient on the dst chain.
uint256 amountReceivedLD // Amount of tokens received in local decimals.
);
/**
* @notice Retrieves interfaceID and the version of the OFT.
* @return interfaceId The interface ID.
* @return version The version.
*
* @dev interfaceId: This specific interface ID is '0x02e49c2c'.
* @dev version: Indicates a cross-chain compatible msg encoding with other OFTs.
* @dev If a new feature is added to the OFT cross-chain msg encoding, the version will be incremented.
* ie. localOFT version(x,1) CAN send messages to remoteOFT version(x,1)
*/
function oftVersion() external view returns (bytes4 interfaceId, uint64 version);
/**
* @notice Retrieves the address of the token associated with the OFT.
* @return token The address of the ERC20 token implementation.
*/
function token() external view returns (address);
/**
* @notice Indicates whether the OFT contract requires approval of the 'token()' to send.
* @return requiresApproval Needs approval of the underlying token implementation.
*
* @dev Allows things like wallet implementers to determine integration requirements,
* without understanding the underlying token implementation.
*/
function approvalRequired() external view returns (bool);
/**
* @notice Retrieves the shared decimals of the OFT.
* @return sharedDecimals The shared decimals of the OFT.
*/
function sharedDecimals() external view returns (uint8);
/**
* @notice Provides the fee breakdown and settings data for an OFT. Unused in the default implementation.
* @param _sendParam The parameters for the send operation.
* @return limit The OFT limit information.
* @return oftFeeDetails The details of OFT fees.
* @return receipt The OFT receipt information.
*/
function quoteOFT(
SendParam calldata _sendParam
) external view returns (OFTLimit memory, OFTFeeDetail[] memory oftFeeDetails, OFTReceipt memory);
/**
* @notice Provides a quote for the send() operation.
* @param _sendParam The parameters for the send() operation.
* @param _payInLzToken Flag indicating whether the caller is paying in the LZ token.
* @return fee The calculated LayerZero messaging fee from the send() operation.
*
* @dev MessagingFee: LayerZero msg fee
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
*/
function quoteSend(SendParam calldata _sendParam, bool _payInLzToken) external view returns (MessagingFee memory);
/**
* @notice Executes the send() operation.
* @param _sendParam The parameters for the send operation.
* @param _fee The fee information supplied by the caller.
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
* @param _refundAddress The address to receive any excess funds from fees etc. on the src.
* @return receipt The LayerZero messaging receipt from the send() operation.
* @return oftReceipt The OFT receipt information.
*
* @dev MessagingReceipt: LayerZero msg receipt
* - guid: The unique identifier for the sent message.
* - nonce: The nonce of the sent message.
* - fee: The LayerZero fee incurred for the message.
*/
function send(
SendParam calldata _sendParam,
MessagingFee calldata _fee,
address _refundAddress
) external payable returns (MessagingReceipt memory, OFTReceipt memory);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
library OFTMsgCodec {
// Offset constants for encoding and decoding OFT messages
uint8 private constant SEND_TO_OFFSET = 32;
uint8 private constant SEND_AMOUNT_SD_OFFSET = 40;
/**
* @dev Encodes an OFT LayerZero message.
* @param _sendTo The recipient address.
* @param _amountShared The amount in shared decimals.
* @param _composeMsg The composed message.
* @return _msg The encoded message.
* @return hasCompose A boolean indicating whether the message has a composed payload.
*/
function encode(
bytes32 _sendTo,
uint64 _amountShared,
bytes memory _composeMsg
) internal view returns (bytes memory _msg, bool hasCompose) {
hasCompose = _composeMsg.length > 0;
// @dev Remote chains will want to know the composed function caller ie. msg.sender on the src.
_msg = hasCompose
? abi.encodePacked(_sendTo, _amountShared, addressToBytes32(msg.sender), _composeMsg)
: abi.encodePacked(_sendTo, _amountShared);
}
/**
* @dev Checks if the OFT message is composed.
* @param _msg The OFT message.
* @return A boolean indicating whether the message is composed.
*/
function isComposed(bytes calldata _msg) internal pure returns (bool) {
return _msg.length > SEND_AMOUNT_SD_OFFSET;
}
/**
* @dev Retrieves the recipient address from the OFT message.
* @param _msg The OFT message.
* @return The recipient address.
*/
function sendTo(bytes calldata _msg) internal pure returns (bytes32) {
return bytes32(_msg[:SEND_TO_OFFSET]);
}
/**
* @dev Retrieves the amount in shared decimals from the OFT message.
* @param _msg The OFT message.
* @return The amount in shared decimals.
*/
function amountSD(bytes calldata _msg) internal pure returns (uint64) {
return uint64(bytes8(_msg[SEND_TO_OFFSET:SEND_AMOUNT_SD_OFFSET]));
}
/**
* @dev Retrieves the composed message from the OFT message.
* @param _msg The OFT message.
* @return The composed message.
*/
function composeMsg(bytes calldata _msg) internal pure returns (bytes memory) {
return _msg[SEND_AMOUNT_SD_OFFSET:];
}
/**
* @dev Converts an address to bytes32.
* @param _addr The address to convert.
* @return The bytes32 representation of the address.
*/
function addressToBytes32(address _addr) internal pure returns (bytes32) {
return bytes32(uint256(uint160(_addr)));
}
/**
* @dev Converts bytes32 to an address.
* @param _b The bytes32 value to convert.
* @return The address representation of bytes32.
*/
function bytes32ToAddress(bytes32 _b) internal pure returns (address) {
return address(uint160(uint256(_b)));
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
library OFTComposeMsgCodec {
// Offset constants for decoding composed messages
uint8 private constant NONCE_OFFSET = 8;
uint8 private constant SRC_EID_OFFSET = 12;
uint8 private constant AMOUNT_LD_OFFSET = 44;
uint8 private constant COMPOSE_FROM_OFFSET = 76;
/**
* @dev Encodes a OFT composed message.
* @param _nonce The nonce value.
* @param _srcEid The source endpoint ID.
* @param _amountLD The amount in local decimals.
* @param _composeMsg The composed message.
* @return _msg The encoded Composed message.
*/
function encode(
uint64 _nonce,
uint32 _srcEid,
uint256 _amountLD,
bytes memory _composeMsg // 0x[composeFrom][composeMsg]
) internal pure returns (bytes memory _msg) {
_msg = abi.encodePacked(_nonce, _srcEid, _amountLD, _composeMsg);
}
/**
* @dev Retrieves the nonce for the composed message.
* @param _msg The message.
* @return The nonce value.
*/
function nonce(bytes calldata _msg) internal pure returns (uint64) {
return uint64(bytes8(_msg[:NONCE_OFFSET]));
}
/**
* @dev Retrieves the source endpoint ID for the composed message.
* @param _msg The message.
* @return The source endpoint ID.
*/
function srcEid(bytes calldata _msg) internal pure returns (uint32) {
return uint32(bytes4(_msg[NONCE_OFFSET:SRC_EID_OFFSET]));
}
/**
* @dev Retrieves the amount in local decimals from the composed message.
* @param _msg The message.
* @return The amount in local decimals.
*/
function amountLD(bytes calldata _msg) internal pure returns (uint256) {
return uint256(bytes32(_msg[SRC_EID_OFFSET:AMOUNT_LD_OFFSET]));
}
/**
* @dev Retrieves the composeFrom value from the composed message.
* @param _msg The message.
* @return The composeFrom value.
*/
function composeFrom(bytes calldata _msg) internal pure returns (bytes32) {
return bytes32(_msg[AMOUNT_LD_OFFSET:COMPOSE_FROM_OFFSET]);
}
/**
* @dev Retrieves the composed message.
* @param _msg The message.
* @return The composed message.
*/
function composeMsg(bytes calldata _msg) internal pure returns (bytes memory) {
return _msg[COMPOSE_FROM_OFFSET:];
}
/**
* @dev Converts an address to bytes32.
* @param _addr The address to convert.
* @return The bytes32 representation of the address.
*/
function addressToBytes32(address _addr) internal pure returns (bytes32) {
return bytes32(uint256(uint160(_addr)));
}
/**
* @dev Converts bytes32 to an address.
* @param _b The bytes32 value to convert.
* @return The address representation of bytes32.
*/
function bytes32ToAddress(bytes32 _b) internal pure returns (address) {
return address(uint160(uint256(_b)));
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import {VRFV2PlusClient} from "../libraries/VRFV2PlusClient.sol";
import {IVRFSubscriptionV2Plus} from "./IVRFSubscriptionV2Plus.sol";
// Interface that enables consumers of VRFCoordinatorV2Plus to be future-proof for upgrades
// This interface is supported by subsequent versions of VRFCoordinatorV2Plus
interface IVRFCoordinatorV2Plus is IVRFSubscriptionV2Plus {
/**
* @notice Request a set of random words.
* @param req - a struct containing following fields for randomness request:
* keyHash - Corresponds to a particular oracle job which uses
* that key for generating the VRF proof. Different keyHash's have different gas price
* ceilings, so you can select a specific one to bound your maximum per request cost.
* subId - The ID of the VRF subscription. Must be funded
* with the minimum subscription balance required for the selected keyHash.
* requestConfirmations - How many blocks you'd like the
* oracle to wait before responding to the request. See SECURITY CONSIDERATIONS
* for why you may want to request more. The acceptable range is
* [minimumRequestBlockConfirmations, 200].
* callbackGasLimit - How much gas you'd like to receive in your
* fulfillRandomWords callback. Note that gasleft() inside fulfillRandomWords
* may be slightly less than this amount because of gas used calling the function
* (argument decoding etc.), so you may need to request slightly more than you expect
* to have inside fulfillRandomWords. The acceptable range is
* [0, maxGasLimit]
* numWords - The number of uint256 random values you'd like to receive
* in your fulfillRandomWords callback. Note these numbers are expanded in a
* secure way by the VRFCoordinator from a single random value supplied by the oracle.
* extraArgs - abi-encoded extra args
* @return requestId - A unique identifier of the request. Can be used to match
* a request to a response in fulfillRandomWords.
*/
function requestRandomWords(VRFV2PlusClient.RandomWordsRequest calldata req) external returns (uint256 requestId);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/// @notice The IVRFMigratableConsumerV2Plus interface defines the
/// @notice method required to be implemented by all V2Plus consumers.
/// @dev This interface is designed to be used in VRFConsumerBaseV2Plus.
interface IVRFMigratableConsumerV2Plus {
event CoordinatorSet(address vrfCoordinator);
/// @notice Sets the VRF Coordinator address
/// @notice This method should only be callable by the coordinator or contract owner
function setCoordinator(address vrfCoordinator) external;
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import {ConfirmedOwnerWithProposal} from "./ConfirmedOwnerWithProposal.sol";
/// @title The ConfirmedOwner contract
/// @notice A contract with helpers for basic contract ownership.
contract ConfirmedOwner is ConfirmedOwnerWithProposal {
constructor(address newOwner) ConfirmedOwnerWithProposal(newOwner, address(0)) {}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { SafeERC20, IERC20 } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import { MessagingParams, MessagingFee, MessagingReceipt } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroEndpointV2.sol";
import { OAppCore } from "./OAppCore.sol";
/**
* @title OAppSender
* @dev Abstract contract implementing the OAppSender functionality for sending messages to a LayerZero endpoint.
*/
abstract contract OAppSender is OAppCore {
using SafeERC20 for IERC20;
// Custom error messages
error NotEnoughNative(uint256 msgValue);
error LzTokenUnavailable();
// @dev The version of the OAppSender implementation.
// @dev Version is bumped when changes are made to this contract.
uint64 internal constant SENDER_VERSION = 1;
/**
* @notice Retrieves the OApp version information.
* @return senderVersion The version of the OAppSender.sol contract.
* @return receiverVersion The version of the OAppReceiver.sol contract.
*
* @dev Providing 0 as the default for OAppReceiver version. Indicates that the OAppReceiver is not implemented.
* ie. this is a SEND only OApp.
* @dev If the OApp uses both OAppSender and OAppReceiver, then this needs to be override returning the correct versions
*/
function oAppVersion() public view virtual returns (uint64 senderVersion, uint64 receiverVersion) {
return (SENDER_VERSION, 0);
}
/**
* @dev Internal function to interact with the LayerZero EndpointV2.quote() for fee calculation.
* @param _dstEid The destination endpoint ID.
* @param _message The message payload.
* @param _options Additional options for the message.
* @param _payInLzToken Flag indicating whether to pay the fee in LZ tokens.
* @return fee The calculated MessagingFee for the message.
* - nativeFee: The native fee for the message.
* - lzTokenFee: The LZ token fee for the message.
*/
function _quote(
uint32 _dstEid,
bytes memory _message,
bytes memory _options,
bool _payInLzToken
) internal view virtual returns (MessagingFee memory fee) {
return
endpoint.quote(
MessagingParams(_dstEid, _getPeerOrRevert(_dstEid), _message, _options, _payInLzToken),
address(this)
);
}
/**
* @dev Internal function to interact with the LayerZero EndpointV2.send() for sending a message.
* @param _dstEid The destination endpoint ID.
* @param _message The message payload.
* @param _options Additional options for the message.
* @param _fee The calculated LayerZero fee for the message.
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
* @param _refundAddress The address to receive any excess fee values sent to the endpoint.
* @return receipt The receipt for the sent message.
* - guid: The unique identifier for the sent message.
* - nonce: The nonce of the sent message.
* - fee: The LayerZero fee incurred for the message.
*/
function _lzSend(
uint32 _dstEid,
bytes memory _message,
bytes memory _options,
MessagingFee memory _fee,
address _refundAddress
) internal virtual returns (MessagingReceipt memory receipt) {
// @dev Push corresponding fees to the endpoint, any excess is sent back to the _refundAddress from the endpoint.
uint256 messageValue = _payNative(_fee.nativeFee);
if (_fee.lzTokenFee > 0) _payLzToken(_fee.lzTokenFee);
return
// solhint-disable-next-line check-send-result
endpoint.send{ value: messageValue }(
MessagingParams(_dstEid, _getPeerOrRevert(_dstEid), _message, _options, _fee.lzTokenFee > 0),
_refundAddress
);
}
/**
* @dev Internal function to pay the native fee associated with the message.
* @param _nativeFee The native fee to be paid.
* @return nativeFee The amount of native currency paid.
*
* @dev If the OApp needs to initiate MULTIPLE LayerZero messages in a single transaction,
* this will need to be overridden because msg.value would contain multiple lzFees.
* @dev Should be overridden in the event the LayerZero endpoint requires a different native currency.
* @dev Some EVMs use an ERC20 as a method for paying transactions/gasFees.
* @dev The endpoint is EITHER/OR, ie. it will NOT support both types of native payment at a time.
*/
function _payNative(uint256 _nativeFee) internal virtual returns (uint256 nativeFee) {
if (msg.value != _nativeFee) revert NotEnoughNative(msg.value);
return _nativeFee;
}
/**
* @dev Internal function to pay the LZ token fee associated with the message.
* @param _lzTokenFee The LZ token fee to be paid.
*
* @dev If the caller is trying to pay in the specified lzToken, then the lzTokenFee is passed to the endpoint.
* @dev Any excess sent, is passed back to the specified _refundAddress in the _lzSend().
*/
function _payLzToken(uint256 _lzTokenFee) internal virtual {
// @dev Cannot cache the token because it is not immutable in the endpoint.
address lzToken = endpoint.lzToken();
if (lzToken == address(0)) revert LzTokenUnavailable();
// Pay LZ token fee by sending tokens to the endpoint.
IERC20(lzToken).safeTransferFrom(msg.sender, address(endpoint), _lzTokenFee);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { IOAppReceiver, Origin } from "./interfaces/IOAppReceiver.sol";
import { OAppCore } from "./OAppCore.sol";
/**
* @title OAppReceiver
* @dev Abstract contract implementing the ILayerZeroReceiver interface and extending OAppCore for OApp receivers.
*/
abstract contract OAppReceiver is IOAppReceiver, OAppCore {
// Custom error message for when the caller is not the registered endpoint/
error OnlyEndpoint(address addr);
// @dev The version of the OAppReceiver implementation.
// @dev Version is bumped when changes are made to this contract.
uint64 internal constant RECEIVER_VERSION = 2;
/**
* @notice Retrieves the OApp version information.
* @return senderVersion The version of the OAppSender.sol contract.
* @return receiverVersion The version of the OAppReceiver.sol contract.
*
* @dev Providing 0 as the default for OAppSender version. Indicates that the OAppSender is not implemented.
* ie. this is a RECEIVE only OApp.
* @dev If the OApp uses both OAppSender and OAppReceiver, then this needs to be override returning the correct versions.
*/
function oAppVersion() public view virtual returns (uint64 senderVersion, uint64 receiverVersion) {
return (0, RECEIVER_VERSION);
}
/**
* @notice Indicates whether an address is an approved composeMsg sender to the Endpoint.
* @dev _origin The origin information containing the source endpoint and sender address.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address on the src chain.
* - nonce: The nonce of the message.
* @dev _message The lzReceive payload.
* @param _sender The sender address.
* @return isSender Is a valid sender.
*
* @dev Applications can optionally choose to implement separate composeMsg senders that are NOT the bridging layer.
* @dev The default sender IS the OAppReceiver implementer.
*/
function isComposeMsgSender(
Origin calldata /*_origin*/,
bytes calldata /*_message*/,
address _sender
) public view virtual returns (bool) {
return _sender == address(this);
}
/**
* @notice Checks if the path initialization is allowed based on the provided origin.
* @param origin The origin information containing the source endpoint and sender address.
* @return Whether the path has been initialized.
*
* @dev This indicates to the endpoint that the OApp has enabled msgs for this particular path to be received.
* @dev This defaults to assuming if a peer has been set, its initialized.
* Can be overridden by the OApp if there is other logic to determine this.
*/
function allowInitializePath(Origin calldata origin) public view virtual returns (bool) {
return peers[origin.srcEid] == origin.sender;
}
/**
* @notice Retrieves the next nonce for a given source endpoint and sender address.
* @dev _srcEid The source endpoint ID.
* @dev _sender The sender address.
* @return nonce The next nonce.
*
* @dev The path nonce starts from 1. If 0 is returned it means that there is NO nonce ordered enforcement.
* @dev Is required by the off-chain executor to determine the OApp expects msg execution is ordered.
* @dev This is also enforced by the OApp.
* @dev By default this is NOT enabled. ie. nextNonce is hardcoded to return 0.
*/
function nextNonce(uint32 /*_srcEid*/, bytes32 /*_sender*/) public view virtual returns (uint64 nonce) {
return 0;
}
/**
* @dev Entry point for receiving messages or packets from the endpoint.
* @param _origin The origin information containing the source endpoint and sender address.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address on the src chain.
* - nonce: The nonce of the message.
* @param _guid The unique identifier for the received LayerZero message.
* @param _message The payload of the received message.
* @param _executor The address of the executor for the received message.
* @param _extraData Additional arbitrary data provided by the corresponding executor.
*
* @dev Entry point for receiving msg/packet from the LayerZero endpoint.
*/
function lzReceive(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) public payable virtual {
// Ensures that only the endpoint can attempt to lzReceive() messages to this OApp.
if (address(endpoint) != msg.sender) revert OnlyEndpoint(msg.sender);
// Ensure that the sender matches the expected peer for the source endpoint.
if (_getPeerOrRevert(_origin.srcEid) != _origin.sender) revert OnlyPeer(_origin.srcEid, _origin.sender);
// Call the internal OApp implementation of lzReceive.
_lzReceive(_origin, _guid, _message, _executor, _extraData);
}
/**
* @dev Internal function to implement lzReceive logic without needing to copy the basic parameter validation.
*/
function _lzReceive(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) internal virtual;
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
import { IOAppCore, ILayerZeroEndpointV2 } from "./interfaces/IOAppCore.sol";
/**
* @title OAppCore
* @dev Abstract contract implementing the IOAppCore interface with basic OApp configurations.
*/
abstract contract OAppCore is IOAppCore, Ownable {
// The LayerZero endpoint associated with the given OApp
ILayerZeroEndpointV2 public immutable endpoint;
// Mapping to store peers associated with corresponding endpoints
mapping(uint32 eid => bytes32 peer) public peers;
/**
* @dev Constructor to initialize the OAppCore with the provided endpoint and delegate.
* @param _endpoint The address of the LOCAL Layer Zero endpoint.
* @param _delegate The delegate capable of making OApp configurations inside of the endpoint.
*
* @dev The delegate typically should be set as the owner of the contract.
*/
constructor(address _endpoint, address _delegate) {
endpoint = ILayerZeroEndpointV2(_endpoint);
if (_delegate == address(0)) revert InvalidDelegate();
endpoint.setDelegate(_delegate);
}
/**
* @notice Sets the peer address (OApp instance) for a corresponding endpoint.
* @param _eid The endpoint ID.
* @param _peer The address of the peer to be associated with the corresponding endpoint.
*
* @dev Only the owner/admin of the OApp can call this function.
* @dev Indicates that the peer is trusted to send LayerZero messages to this OApp.
* @dev Set this to bytes32(0) to remove the peer address.
* @dev Peer is a bytes32 to accommodate non-evm chains.
*/
function setPeer(uint32 _eid, bytes32 _peer) public virtual onlyOwner {
_setPeer(_eid, _peer);
}
/**
* @notice Sets the peer address (OApp instance) for a corresponding endpoint.
* @param _eid The endpoint ID.
* @param _peer The address of the peer to be associated with the corresponding endpoint.
*
* @dev Indicates that the peer is trusted to send LayerZero messages to this OApp.
* @dev Set this to bytes32(0) to remove the peer address.
* @dev Peer is a bytes32 to accommodate non-evm chains.
*/
function _setPeer(uint32 _eid, bytes32 _peer) internal virtual {
peers[_eid] = _peer;
emit PeerSet(_eid, _peer);
}
/**
* @notice Internal function to get the peer address associated with a specific endpoint; reverts if NOT set.
* ie. the peer is set to bytes32(0).
* @param _eid The endpoint ID.
* @return peer The address of the peer associated with the specified endpoint.
*/
function _getPeerOrRevert(uint32 _eid) internal view virtual returns (bytes32) {
bytes32 peer = peers[_eid];
if (peer == bytes32(0)) revert NoPeer(_eid);
return peer;
}
/**
* @notice Sets the delegate address for the OApp.
* @param _delegate The address of the delegate to be set.
*
* @dev Only the owner/admin of the OApp can call this function.
* @dev Provides the ability for a delegate to set configs, on behalf of the OApp, directly on the Endpoint contract.
*/
function setDelegate(address _delegate) public onlyOwner {
endpoint.setDelegate(_delegate);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
/**
* @dev Struct representing enforced option parameters.
*/
struct EnforcedOptionParam {
uint32 eid; // Endpoint ID
uint16 msgType; // Message Type
bytes options; // Additional options
}
/**
* @title IOAppOptionsType3
* @dev Interface for the OApp with Type 3 Options, allowing the setting and combining of enforced options.
*/
interface IOAppOptionsType3 {
// Custom error message for invalid options
error InvalidOptions(bytes options);
// Event emitted when enforced options are set
event EnforcedOptionSet(EnforcedOptionParam[] _enforcedOptions);
/**
* @notice Sets enforced options for specific endpoint and message type combinations.
* @param _enforcedOptions An array of EnforcedOptionParam structures specifying enforced options.
*/
function setEnforcedOptions(EnforcedOptionParam[] calldata _enforcedOptions) external;
/**
* @notice Combines options for a given endpoint and message type.
* @param _eid The endpoint ID.
* @param _msgType The OApp message type.
* @param _extraOptions Additional options passed by the caller.
* @return options The combination of caller specified options AND enforced options.
*/
function combineOptions(
uint32 _eid,
uint16 _msgType,
bytes calldata _extraOptions
) external view returns (bytes memory options);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
struct PreCrimePeer {
uint32 eid;
bytes32 preCrime;
bytes32 oApp;
}
// TODO not done yet
interface IPreCrime {
error OnlyOffChain();
// for simulate()
error PacketOversize(uint256 max, uint256 actual);
error PacketUnsorted();
error SimulationFailed(bytes reason);
// for preCrime()
error SimulationResultNotFound(uint32 eid);
error InvalidSimulationResult(uint32 eid, bytes reason);
error CrimeFound(bytes crime);
function getConfig(bytes[] calldata _packets, uint256[] calldata _packetMsgValues) external returns (bytes memory);
function simulate(
bytes[] calldata _packets,
uint256[] calldata _packetMsgValues
) external payable returns (bytes memory);
function buildSimulationResult() external view returns (bytes memory);
function preCrime(
bytes[] calldata _packets,
uint256[] calldata _packetMsgValues,
bytes[] calldata _simulations
) external;
function version() external view returns (uint64 major, uint8 minor);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
// @dev Import the Origin so it's exposed to OAppPreCrimeSimulator implementers.
// solhint-disable-next-line no-unused-import
import { InboundPacket, Origin } from "../libs/Packet.sol";
/**
* @title IOAppPreCrimeSimulator Interface
* @dev Interface for the preCrime simulation functionality in an OApp.
*/
interface IOAppPreCrimeSimulator {
// @dev simulation result used in PreCrime implementation
error SimulationResult(bytes result);
error OnlySelf();
/**
* @dev Emitted when the preCrime contract address is set.
* @param preCrimeAddress The address of the preCrime contract.
*/
event PreCrimeSet(address preCrimeAddress);
/**
* @dev Retrieves the address of the preCrime contract implementation.
* @return The address of the preCrime contract.
*/
function preCrime() external view returns (address);
/**
* @dev Retrieves the address of the OApp contract.
* @return The address of the OApp contract.
*/
function oApp() external view returns (address);
/**
* @dev Sets the preCrime contract address.
* @param _preCrime The address of the preCrime contract.
*/
function setPreCrime(address _preCrime) external;
/**
* @dev Mocks receiving a packet, then reverts with a series of data to infer the state/result.
* @param _packets An array of LayerZero InboundPacket objects representing received packets.
*/
function lzReceiveAndRevert(InboundPacket[] calldata _packets) external payable;
/**
* @dev checks if the specified peer is considered 'trusted' by the OApp.
* @param _eid The endpoint Id to check.
* @param _peer The peer to check.
* @return Whether the peer passed is considered 'trusted' by the OApp.
*/
function isPeer(uint32 _eid, bytes32 _peer) external view returns (bool);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/// @notice The IVRFSubscriptionV2Plus interface defines the subscription
/// @notice related methods implemented by the V2Plus coordinator.
interface IVRFSubscriptionV2Plus {
/**
* @notice Add a consumer to a VRF subscription.
* @param subId - ID of the subscription
* @param consumer - New consumer which can use the subscription
*/
function addConsumer(uint256 subId, address consumer) external;
/**
* @notice Remove a consumer from a VRF subscription.
* @param subId - ID of the subscription
* @param consumer - Consumer to remove from the subscription
*/
function removeConsumer(uint256 subId, address consumer) external;
/**
* @notice Cancel a subscription
* @param subId - ID of the subscription
* @param to - Where to send the remaining LINK to
*/
function cancelSubscription(uint256 subId, address to) external;
/**
* @notice Accept subscription owner transfer.
* @param subId - ID of the subscription
* @dev will revert if original owner of subId has
* not requested that msg.sender become the new owner.
*/
function acceptSubscriptionOwnerTransfer(uint256 subId) external;
/**
* @notice Request subscription owner transfer.
* @param subId - ID of the subscription
* @param newOwner - proposed new owner of the subscription
*/
function requestSubscriptionOwnerTransfer(uint256 subId, address newOwner) external;
/**
* @notice Create a VRF subscription.
* @return subId - A unique subscription id.
* @dev You can manage the consumer set dynamically with addConsumer/removeConsumer.
* @dev Note to fund the subscription with LINK, use transferAndCall. For example
* @dev LINKTOKEN.transferAndCall(
* @dev address(COORDINATOR),
* @dev amount,
* @dev abi.encode(subId));
* @dev Note to fund the subscription with Native, use fundSubscriptionWithNative. Be sure
* @dev to send Native with the call, for example:
* @dev COORDINATOR.fundSubscriptionWithNative{value: amount}(subId);
*/
function createSubscription() external returns (uint256 subId);
/**
* @notice Get a VRF subscription.
* @param subId - ID of the subscription
* @return balance - LINK balance of the subscription in juels.
* @return nativeBalance - native balance of the subscription in wei.
* @return reqCount - Requests count of subscription.
* @return owner - owner of the subscription.
* @return consumers - list of consumer address which are able to use this subscription.
*/
function getSubscription(
uint256 subId
)
external
view
returns (uint96 balance, uint96 nativeBalance, uint64 reqCount, address owner, address[] memory consumers);
/*
* @notice Check to see if there exists a request commitment consumers
* for all consumers and keyhashes for a given sub.
* @param subId - ID of the subscription
* @return true if there exists at least one unfulfilled request for the subscription, false
* otherwise.
*/
function pendingRequestExists(uint256 subId) external view returns (bool);
/**
* @notice Paginate through all active VRF subscriptions.
* @param startIndex index of the subscription to start from
* @param maxCount maximum number of subscriptions to return, 0 to return all
* @dev the order of IDs in the list is **not guaranteed**, therefore, if making successive calls, one
* @dev should consider keeping the blockheight constant to ensure a holistic picture of the contract state
*/
function getActiveSubscriptionIds(uint256 startIndex, uint256 maxCount) external view returns (uint256[] memory);
/**
* @notice Fund a subscription with native.
* @param subId - ID of the subscription
* @notice This method expects msg.value to be greater than or equal to 0.
*/
function fundSubscriptionWithNative(uint256 subId) external payable;
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import {IOwnable} from "../interfaces/IOwnable.sol";
/// @title The ConfirmedOwner contract
/// @notice A contract with helpers for basic contract ownership.
contract ConfirmedOwnerWithProposal is IOwnable {
address private s_owner;
address private s_pendingOwner;
event OwnershipTransferRequested(address indexed from, address indexed to);
event OwnershipTransferred(address indexed from, address indexed to);
constructor(address newOwner, address pendingOwner) {
// solhint-disable-next-line gas-custom-errors
require(newOwner != address(0), "Cannot set owner to zero");
s_owner = newOwner;
if (pendingOwner != address(0)) {
_transferOwnership(pendingOwner);
}
}
/// @notice Allows an owner to begin transferring ownership to a new address.
function transferOwnership(address to) public override onlyOwner {
_transferOwnership(to);
}
/// @notice Allows an ownership transfer to be completed by the recipient.
function acceptOwnership() external override {
// solhint-disable-next-line gas-custom-errors
require(msg.sender == s_pendingOwner, "Must be proposed owner");
address oldOwner = s_owner;
s_owner = msg.sender;
s_pendingOwner = address(0);
emit OwnershipTransferred(oldOwner, msg.sender);
}
/// @notice Get the current owner
function owner() public view override returns (address) {
return s_owner;
}
/// @notice validate, transfer ownership, and emit relevant events
function _transferOwnership(address to) private {
// solhint-disable-next-line gas-custom-errors
require(to != msg.sender, "Cannot transfer to self");
s_pendingOwner = to;
emit OwnershipTransferRequested(s_owner, to);
}
/// @notice validate access
function _validateOwnership() internal view {
// solhint-disable-next-line gas-custom-errors
require(msg.sender == s_owner, "Only callable by owner");
}
/// @notice Reverts if called by anyone other than the contract owner.
modifier onlyOwner() {
_validateOwnership();
_;
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
import { IMessageLibManager } from "./IMessageLibManager.sol";
import { IMessagingComposer } from "./IMessagingComposer.sol";
import { IMessagingChannel } from "./IMessagingChannel.sol";
import { IMessagingContext } from "./IMessagingContext.sol";
struct MessagingParams {
uint32 dstEid;
bytes32 receiver;
bytes message;
bytes options;
bool payInLzToken;
}
struct MessagingReceipt {
bytes32 guid;
uint64 nonce;
MessagingFee fee;
}
struct MessagingFee {
uint256 nativeFee;
uint256 lzTokenFee;
}
struct Origin {
uint32 srcEid;
bytes32 sender;
uint64 nonce;
}
interface ILayerZeroEndpointV2 is IMessageLibManager, IMessagingComposer, IMessagingChannel, IMessagingContext {
event PacketSent(bytes encodedPayload, bytes options, address sendLibrary);
event PacketVerified(Origin origin, address receiver, bytes32 payloadHash);
event PacketDelivered(Origin origin, address receiver);
event LzReceiveAlert(
address indexed receiver,
address indexed executor,
Origin origin,
bytes32 guid,
uint256 gas,
uint256 value,
bytes message,
bytes extraData,
bytes reason
);
event LzTokenSet(address token);
event DelegateSet(address sender, address delegate);
function quote(MessagingParams calldata _params, address _sender) external view returns (MessagingFee memory);
function send(
MessagingParams calldata _params,
address _refundAddress
) external payable returns (MessagingReceipt memory);
function verify(Origin calldata _origin, address _receiver, bytes32 _payloadHash) external;
function verifiable(Origin calldata _origin, address _receiver) external view returns (bool);
function initializable(Origin calldata _origin, address _receiver) external view returns (bool);
function lzReceive(
Origin calldata _origin,
address _receiver,
bytes32 _guid,
bytes calldata _message,
bytes calldata _extraData
) external payable;
// oapp can burn messages partially by calling this function with its own business logic if messages are verified in order
function clear(address _oapp, Origin calldata _origin, bytes32 _guid, bytes calldata _message) external;
function setLzToken(address _lzToken) external;
function lzToken() external view returns (address);
function nativeToken() external view returns (address);
function setDelegate(address _delegate) external;
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { ILayerZeroReceiver, Origin } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroReceiver.sol";
interface IOAppReceiver is ILayerZeroReceiver {
/**
* @notice Indicates whether an address is an approved composeMsg sender to the Endpoint.
* @param _origin The origin information containing the source endpoint and sender address.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address on the src chain.
* - nonce: The nonce of the message.
* @param _message The lzReceive payload.
* @param _sender The sender address.
* @return isSender Is a valid sender.
*
* @dev Applications can optionally choose to implement a separate composeMsg sender that is NOT the bridging layer.
* @dev The default sender IS the OAppReceiver implementer.
*/
function isComposeMsgSender(
Origin calldata _origin,
bytes calldata _message,
address _sender
) external view returns (bool isSender);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { ILayerZeroEndpointV2 } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroEndpointV2.sol";
/**
* @title IOAppCore
*/
interface IOAppCore {
// Custom error messages
error OnlyPeer(uint32 eid, bytes32 sender);
error NoPeer(uint32 eid);
error InvalidEndpointCall();
error InvalidDelegate();
// Event emitted when a peer (OApp) is set for a corresponding endpoint
event PeerSet(uint32 eid, bytes32 peer);
/**
* @notice Retrieves the OApp version information.
* @return senderVersion The version of the OAppSender.sol contract.
* @return receiverVersion The version of the OAppReceiver.sol contract.
*/
function oAppVersion() external view returns (uint64 senderVersion, uint64 receiverVersion);
/**
* @notice Retrieves the LayerZero endpoint associated with the OApp.
* @return iEndpoint The LayerZero endpoint as an interface.
*/
function endpoint() external view returns (ILayerZeroEndpointV2 iEndpoint);
/**
* @notice Retrieves the peer (OApp) associated with a corresponding endpoint.
* @param _eid The endpoint ID.
* @return peer The peer address (OApp instance) associated with the corresponding endpoint.
*/
function peers(uint32 _eid) external view returns (bytes32 peer);
/**
* @notice Sets the peer address (OApp instance) for a corresponding endpoint.
* @param _eid The endpoint ID.
* @param _peer The address of the peer to be associated with the corresponding endpoint.
*/
function setPeer(uint32 _eid, bytes32 _peer) external;
/**
* @notice Sets the delegate address for the OApp Core.
* @param _delegate The address of the delegate to be set.
*/
function setDelegate(address _delegate) external;
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { Origin } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroEndpointV2.sol";
import { PacketV1Codec } from "@layerzerolabs/lz-evm-protocol-v2/contracts/messagelib/libs/PacketV1Codec.sol";
/**
* @title InboundPacket
* @dev Structure representing an inbound packet received by the contract.
*/
struct InboundPacket {
Origin origin; // Origin information of the packet.
uint32 dstEid; // Destination endpointId of the packet.
address receiver; // Receiver address for the packet.
bytes32 guid; // Unique identifier of the packet.
uint256 value; // msg.value of the packet.
address executor; // Executor address for the packet.
bytes message; // Message payload of the packet.
bytes extraData; // Additional arbitrary data for the packet.
}
/**
* @title PacketDecoder
* @dev Library for decoding LayerZero packets.
*/
library PacketDecoder {
using PacketV1Codec for bytes;
/**
* @dev Decode an inbound packet from the given packet data.
* @param _packet The packet data to decode.
* @return packet An InboundPacket struct representing the decoded packet.
*/
function decode(bytes calldata _packet) internal pure returns (InboundPacket memory packet) {
packet.origin = Origin(_packet.srcEid(), _packet.sender(), _packet.nonce());
packet.dstEid = _packet.dstEid();
packet.receiver = _packet.receiverB20();
packet.guid = _packet.guid();
packet.message = _packet.message();
}
/**
* @dev Decode multiple inbound packets from the given packet data and associated message values.
* @param _packets An array of packet data to decode.
* @param _packetMsgValues An array of associated message values for each packet.
* @return packets An array of InboundPacket structs representing the decoded packets.
*/
function decode(
bytes[] calldata _packets,
uint256[] memory _packetMsgValues
) internal pure returns (InboundPacket[] memory packets) {
packets = new InboundPacket[](_packets.length);
for (uint256 i = 0; i < _packets.length; i++) {
bytes calldata packet = _packets[i];
packets[i] = PacketDecoder.decode(packet);
// @dev Allows the verifier to specify the msg.value that gets passed in lzReceive.
packets[i].value = _packetMsgValues[i];
}
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
interface IOwnable {
function owner() external returns (address);
function transferOwnership(address recipient) external;
function acceptOwnership() external;
}// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
struct SetConfigParam {
uint32 eid;
uint32 configType;
bytes config;
}
interface IMessageLibManager {
struct Timeout {
address lib;
uint256 expiry;
}
event LibraryRegistered(address newLib);
event DefaultSendLibrarySet(uint32 eid, address newLib);
event DefaultReceiveLibrarySet(uint32 eid, address newLib);
event DefaultReceiveLibraryTimeoutSet(uint32 eid, address oldLib, uint256 expiry);
event SendLibrarySet(address sender, uint32 eid, address newLib);
event ReceiveLibrarySet(address receiver, uint32 eid, address newLib);
event ReceiveLibraryTimeoutSet(address receiver, uint32 eid, address oldLib, uint256 timeout);
function registerLibrary(address _lib) external;
function isRegisteredLibrary(address _lib) external view returns (bool);
function getRegisteredLibraries() external view returns (address[] memory);
function setDefaultSendLibrary(uint32 _eid, address _newLib) external;
function defaultSendLibrary(uint32 _eid) external view returns (address);
function setDefaultReceiveLibrary(uint32 _eid, address _newLib, uint256 _timeout) external;
function defaultReceiveLibrary(uint32 _eid) external view returns (address);
function setDefaultReceiveLibraryTimeout(uint32 _eid, address _lib, uint256 _expiry) external;
function defaultReceiveLibraryTimeout(uint32 _eid) external view returns (address lib, uint256 expiry);
function isSupportedEid(uint32 _eid) external view returns (bool);
function isValidReceiveLibrary(address _receiver, uint32 _eid, address _lib) external view returns (bool);
/// ------------------- OApp interfaces -------------------
function setSendLibrary(address _oapp, uint32 _eid, address _newLib) external;
function getSendLibrary(address _sender, uint32 _eid) external view returns (address lib);
function isDefaultSendLibrary(address _sender, uint32 _eid) external view returns (bool);
function setReceiveLibrary(address _oapp, uint32 _eid, address _newLib, uint256 _gracePeriod) external;
function getReceiveLibrary(address _receiver, uint32 _eid) external view returns (address lib, bool isDefault);
function setReceiveLibraryTimeout(address _oapp, uint32 _eid, address _lib, uint256 _gracePeriod) external;
function receiveLibraryTimeout(address _receiver, uint32 _eid) external view returns (address lib, uint256 expiry);
function setConfig(address _oapp, address _lib, SetConfigParam[] calldata _params) external;
function getConfig(
address _oapp,
address _lib,
uint32 _eid,
uint32 _configType
) external view returns (bytes memory config);
}// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
interface IMessagingComposer {
event ComposeSent(address from, address to, bytes32 guid, uint16 index, bytes message);
event ComposeDelivered(address from, address to, bytes32 guid, uint16 index);
event LzComposeAlert(
address indexed from,
address indexed to,
address indexed executor,
bytes32 guid,
uint16 index,
uint256 gas,
uint256 value,
bytes message,
bytes extraData,
bytes reason
);
function composeQueue(
address _from,
address _to,
bytes32 _guid,
uint16 _index
) external view returns (bytes32 messageHash);
function sendCompose(address _to, bytes32 _guid, uint16 _index, bytes calldata _message) external;
function lzCompose(
address _from,
address _to,
bytes32 _guid,
uint16 _index,
bytes calldata _message,
bytes calldata _extraData
) external payable;
}// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
interface IMessagingChannel {
event InboundNonceSkipped(uint32 srcEid, bytes32 sender, address receiver, uint64 nonce);
event PacketNilified(uint32 srcEid, bytes32 sender, address receiver, uint64 nonce, bytes32 payloadHash);
event PacketBurnt(uint32 srcEid, bytes32 sender, address receiver, uint64 nonce, bytes32 payloadHash);
function eid() external view returns (uint32);
// this is an emergency function if a message cannot be verified for some reasons
// required to provide _nextNonce to avoid race condition
function skip(address _oapp, uint32 _srcEid, bytes32 _sender, uint64 _nonce) external;
function nilify(address _oapp, uint32 _srcEid, bytes32 _sender, uint64 _nonce, bytes32 _payloadHash) external;
function burn(address _oapp, uint32 _srcEid, bytes32 _sender, uint64 _nonce, bytes32 _payloadHash) external;
function nextGuid(address _sender, uint32 _dstEid, bytes32 _receiver) external view returns (bytes32);
function inboundNonce(address _receiver, uint32 _srcEid, bytes32 _sender) external view returns (uint64);
function outboundNonce(address _sender, uint32 _dstEid, bytes32 _receiver) external view returns (uint64);
function inboundPayloadHash(
address _receiver,
uint32 _srcEid,
bytes32 _sender,
uint64 _nonce
) external view returns (bytes32);
function lazyInboundNonce(address _receiver, uint32 _srcEid, bytes32 _sender) external view returns (uint64);
}// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
interface IMessagingContext {
function isSendingMessage() external view returns (bool);
function getSendContext() external view returns (uint32 dstEid, address sender);
}// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
import { Origin } from "./ILayerZeroEndpointV2.sol";
interface ILayerZeroReceiver {
function allowInitializePath(Origin calldata _origin) external view returns (bool);
function nextNonce(uint32 _eid, bytes32 _sender) external view returns (uint64);
function lzReceive(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) external payable;
}// SPDX-License-Identifier: LZBL-1.2
pragma solidity ^0.8.20;
import { Packet } from "../../interfaces/ISendLib.sol";
import { AddressCast } from "../../libs/AddressCast.sol";
library PacketV1Codec {
using AddressCast for address;
using AddressCast for bytes32;
uint8 internal constant PACKET_VERSION = 1;
// header (version + nonce + path)
// version
uint256 private constant PACKET_VERSION_OFFSET = 0;
// nonce
uint256 private constant NONCE_OFFSET = 1;
// path
uint256 private constant SRC_EID_OFFSET = 9;
uint256 private constant SENDER_OFFSET = 13;
uint256 private constant DST_EID_OFFSET = 45;
uint256 private constant RECEIVER_OFFSET = 49;
// payload (guid + message)
uint256 private constant GUID_OFFSET = 81; // keccak256(nonce + path)
uint256 private constant MESSAGE_OFFSET = 113;
function encode(Packet memory _packet) internal pure returns (bytes memory encodedPacket) {
encodedPacket = abi.encodePacked(
PACKET_VERSION,
_packet.nonce,
_packet.srcEid,
_packet.sender.toBytes32(),
_packet.dstEid,
_packet.receiver,
_packet.guid,
_packet.message
);
}
function encodePacketHeader(Packet memory _packet) internal pure returns (bytes memory) {
return
abi.encodePacked(
PACKET_VERSION,
_packet.nonce,
_packet.srcEid,
_packet.sender.toBytes32(),
_packet.dstEid,
_packet.receiver
);
}
function encodePayload(Packet memory _packet) internal pure returns (bytes memory) {
return abi.encodePacked(_packet.guid, _packet.message);
}
function header(bytes calldata _packet) internal pure returns (bytes calldata) {
return _packet[0:GUID_OFFSET];
}
function version(bytes calldata _packet) internal pure returns (uint8) {
return uint8(bytes1(_packet[PACKET_VERSION_OFFSET:NONCE_OFFSET]));
}
function nonce(bytes calldata _packet) internal pure returns (uint64) {
return uint64(bytes8(_packet[NONCE_OFFSET:SRC_EID_OFFSET]));
}
function srcEid(bytes calldata _packet) internal pure returns (uint32) {
return uint32(bytes4(_packet[SRC_EID_OFFSET:SENDER_OFFSET]));
}
function sender(bytes calldata _packet) internal pure returns (bytes32) {
return bytes32(_packet[SENDER_OFFSET:DST_EID_OFFSET]);
}
function senderAddressB20(bytes calldata _packet) internal pure returns (address) {
return sender(_packet).toAddress();
}
function dstEid(bytes calldata _packet) internal pure returns (uint32) {
return uint32(bytes4(_packet[DST_EID_OFFSET:RECEIVER_OFFSET]));
}
function receiver(bytes calldata _packet) internal pure returns (bytes32) {
return bytes32(_packet[RECEIVER_OFFSET:GUID_OFFSET]);
}
function receiverB20(bytes calldata _packet) internal pure returns (address) {
return receiver(_packet).toAddress();
}
function guid(bytes calldata _packet) internal pure returns (bytes32) {
return bytes32(_packet[GUID_OFFSET:MESSAGE_OFFSET]);
}
function message(bytes calldata _packet) internal pure returns (bytes calldata) {
return bytes(_packet[MESSAGE_OFFSET:]);
}
function payload(bytes calldata _packet) internal pure returns (bytes calldata) {
return bytes(_packet[GUID_OFFSET:]);
}
function payloadHash(bytes calldata _packet) internal pure returns (bytes32) {
return keccak256(payload(_packet));
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
import { MessagingFee } from "./ILayerZeroEndpointV2.sol";
import { IMessageLib } from "./IMessageLib.sol";
struct Packet {
uint64 nonce;
uint32 srcEid;
address sender;
uint32 dstEid;
bytes32 receiver;
bytes32 guid;
bytes message;
}
interface ISendLib is IMessageLib {
function send(
Packet calldata _packet,
bytes calldata _options,
bool _payInLzToken
) external returns (MessagingFee memory, bytes memory encodedPacket);
function quote(
Packet calldata _packet,
bytes calldata _options,
bool _payInLzToken
) external view returns (MessagingFee memory);
function setTreasury(address _treasury) external;
function withdrawFee(address _to, uint256 _amount) external;
function withdrawLzTokenFee(address _lzToken, address _to, uint256 _amount) external;
}// SPDX-License-Identifier: LZBL-1.2
pragma solidity ^0.8.20;
library AddressCast {
error AddressCast_InvalidSizeForAddress();
error AddressCast_InvalidAddress();
function toBytes32(bytes calldata _addressBytes) internal pure returns (bytes32 result) {
if (_addressBytes.length > 32) revert AddressCast_InvalidAddress();
result = bytes32(_addressBytes);
unchecked {
uint256 offset = 32 - _addressBytes.length;
result = result >> (offset * 8);
}
}
function toBytes32(address _address) internal pure returns (bytes32 result) {
result = bytes32(uint256(uint160(_address)));
}
function toBytes(bytes32 _addressBytes32, uint256 _size) internal pure returns (bytes memory result) {
if (_size == 0 || _size > 32) revert AddressCast_InvalidSizeForAddress();
result = new bytes(_size);
unchecked {
uint256 offset = 256 - _size * 8;
assembly {
mstore(add(result, 32), shl(offset, _addressBytes32))
}
}
}
function toAddress(bytes32 _addressBytes32) internal pure returns (address result) {
result = address(uint160(uint256(_addressBytes32)));
}
function toAddress(bytes calldata _addressBytes) internal pure returns (address result) {
if (_addressBytes.length != 20) revert AddressCast_InvalidAddress();
result = address(bytes20(_addressBytes));
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
import { IERC165 } from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
import { SetConfigParam } from "./IMessageLibManager.sol";
enum MessageLibType {
Send,
Receive,
SendAndReceive
}
interface IMessageLib is IERC165 {
function setConfig(address _oapp, SetConfigParam[] calldata _config) external;
function getConfig(uint32 _eid, address _oapp, uint32 _configType) external view returns (bytes memory config);
function isSupportedEid(uint32 _eid) external view returns (bool);
// message libs of same major version are compatible
function version() external view returns (uint64 major, uint8 minor, uint8 endpointVersion);
function messageLibType() external view returns (MessageLibType);
}{
"remappings": [
"@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/",
"@uniswap/v3-core/=lib/v3-core/",
"@uniswap/v3-periphery/=lib/v3-periphery/",
"@uniswap/v2-periphery/=lib/v2-periphery/",
"@uniswap/v2-core/=lib/v2-core/",
"@chainlink/=lib/chainlink/",
"@murky/=lib/murky/src/",
"@layerzerolabs/oft-evm/=lib/devtools/packages/oft-evm/",
"@layerzerolabs/oapp-evm/=lib/devtools/packages/oapp-evm/",
"@layerzerolabs/lz-evm-protocol-v2/=lib/layerzero-v2/packages/layerzero-v2/evm/protocol/",
"@utils/=src/utils/",
"@libs/=src/libs/",
"@core/=src/",
"@const/=src/const/",
"@actions/=src/actions/",
"@interfaces/=src/interfaces/",
"@script/=script/",
"chainlink/=lib/chainlink/",
"devtools/=lib/devtools/packages/toolbox-foundry/src/",
"ds-test/=lib/openzeppelin-contracts/lib/forge-std/lib/ds-test/src/",
"erc4626-tests/=lib/openzeppelin-contracts/lib/erc4626-tests/",
"forge-std/=lib/forge-std/src/",
"halmos-cheatcodes/=lib/openzeppelin-contracts/lib/halmos-cheatcodes/src/",
"layerzero-v2/=lib/layerzero-v2/",
"openzeppelin-contracts/=lib/openzeppelin-contracts/",
"v3-core/=lib/v3-core/contracts/",
"v3-periphery/=lib/v3-periphery/contracts/"
],
"optimizer": {
"enabled": true,
"runs": 200
},
"metadata": {
"useLiteralContent": false,
"bytecodeHash": "ipfs",
"appendCBOR": true
},
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
},
"evmVersion": "shanghai",
"viaIR": false,
"libraries": {
"src/utils/Time.sol": {
"Time": "0x5DCD2315A462F0046641b2118E106fBb47D133D3"
}
}
}Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
Contract ABI
API[{"inputs":[{"internalType":"uint32","name":"_startTimestamp","type":"uint32"},{"internalType":"address","name":"_shaolin","type":"address"},{"internalType":"address","name":"_weth","type":"address"},{"components":[{"internalType":"address","name":"_v3Router","type":"address"},{"internalType":"address","name":"_v3Factory","type":"address"},{"internalType":"address","name":"_owner","type":"address"}],"internalType":"struct SwapActionParams","name":"_params","type":"tuple"}],"stateMutability":"nonpayable","type":"constructor"},{"inputs":[],"name":"Address0","type":"error"},{"inputs":[],"name":"Amount0","type":"error"},{"inputs":[],"name":"Bytes0","type":"error"},{"inputs":[{"internalType":"address","name":"sender","type":"address"},{"internalType":"uint256","name":"tokenId","type":"uint256"},{"internalType":"address","name":"owner","type":"address"}],"name":"ERC721IncorrectOwner","type":"error"},{"inputs":[{"internalType":"address","name":"operator","type":"address"},{"internalType":"uint256","name":"tokenId","type":"uint256"}],"name":"ERC721InsufficientApproval","type":"error"},{"inputs":[{"internalType":"address","name":"approver","type":"address"}],"name":"ERC721InvalidApprover","type":"error"},{"inputs":[{"internalType":"address","name":"operator","type":"address"}],"name":"ERC721InvalidOperator","type":"error"},{"inputs":[{"internalType":"address","name":"owner","type":"address"}],"name":"ERC721InvalidOwner","type":"error"},{"inputs":[{"internalType":"address","name":"receiver","type":"address"}],"name":"ERC721InvalidReceiver","type":"error"},{"inputs":[{"internalType":"address","name":"sender","type":"address"}],"name":"ERC721InvalidSender","type":"error"},{"inputs":[{"internalType":"uint256","name":"tokenId","type":"uint256"}],"name":"ERC721NonexistentToken","type":"error"},{"inputs":[],"name":"Expired","type":"error"},{"inputs":[{"internalType":"uint256","name":"a","type":"uint256"},{"internalType":"uint256","name":"b","type":"uint256"}],"name":"GreaterThan","type":"error"},{"inputs":[{"internalType":"address","name":"owner","type":"address"}],"name":"OwnableInvalidOwner","type":"error"},{"inputs":[{"internalType":"address","name":"account","type":"address"}],"name":"OwnableUnauthorizedAccount","type":"error"},{"inputs":[{"internalType":"address","name":"token","type":"address"}],"name":"SafeERC20FailedOperation","type":"error"},{"inputs":[{"internalType":"address","name":"_user","type":"address"}],"name":"ShaolinStaking__Blacklisted","type":"error"},{"inputs":[],"name":"ShaolinStaking__InvalidDuration","type":"error"},{"inputs":[],"name":"ShaolinStaking__LockPeriodNotOver","type":"error"},{"inputs":[],"name":"ShaolinStaking__NoSharesToClaim","type":"error"},{"inputs":[],"name":"ShaolinStaking__OnlyMintingAndBurning","type":"error"},{"inputs":[],"name":"SwapActions__InvalidLookBack","type":"error"},{"inputs":[],"name":"SwapActions__InvalidSlippage","type":"error"},{"inputs":[],"name":"SwapActions__OnlySlippageAdmin","type":"error"},{"inputs":[],"name":"T","type":"error"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"owner","type":"address"},{"indexed":true,"internalType":"address","name":"approved","type":"address"},{"indexed":true,"internalType":"uint256","name":"tokenId","type":"uint256"}],"name":"Approval","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"owner","type":"address"},{"indexed":true,"internalType":"address","name":"operator","type":"address"},{"indexed":false,"internalType":"bool","name":"approved","type":"bool"}],"name":"ApprovalForAll","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"uint256","name":"id","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"rewards","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"newRewardDebt","type":"uint256"},{"indexed":false,"internalType":"address","name":"ownerOfStake","type":"address"}],"name":"Claimed","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"uint256","name":"newShares","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"stakeId","type":"uint256"},{"indexed":true,"internalType":"address","name":"ownerOfStake","type":"address"}],"name":"CompoundedRewards","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"enum ShaolinStaking.POOLS","name":"pool","type":"uint8"},{"indexed":true,"internalType":"uint256","name":"amount","type":"uint256"}],"name":"Distributed","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"previousOwner","type":"address"},{"indexed":true,"internalType":"address","name":"newOwner","type":"address"}],"name":"OwnershipTransferStarted","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"previousOwner","type":"address"},{"indexed":true,"internalType":"address","name":"newOwner","type":"address"}],"name":"OwnershipTransferred","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"oldAdmin","type":"address"},{"indexed":true,"internalType":"address","name":"newAdmin","type":"address"}],"name":"SlippageAdminChanged","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"pool","type":"address"},{"indexed":true,"internalType":"uint224","name":"newSlippage","type":"uint224"},{"indexed":true,"internalType":"uint32","name":"newLookback","type":"uint32"}],"name":"SlippageConfigChanged","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"staker","type":"address"},{"indexed":true,"internalType":"uint256","name":"shaolin","type":"uint256"},{"indexed":true,"internalType":"uint152","name":"id","type":"uint152"},{"indexed":false,"internalType":"uint256","name":"_shares","type":"uint256"},{"indexed":false,"internalType":"uint32","name":"duration","type":"uint32"}],"name":"Staked","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"from","type":"address"},{"indexed":true,"internalType":"address","name":"to","type":"address"},{"indexed":true,"internalType":"uint256","name":"tokenId","type":"uint256"}],"name":"Transfer","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"uint256","name":"shares","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"shaolinAmountReceived","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"_tokenId","type":"uint256"},{"indexed":false,"internalType":"address","name":"recepient","type":"address"}],"name":"Unstaked","type":"event"},{"inputs":[],"name":"MAX_DURATION","outputs":[{"internalType":"uint32","name":"","type":"uint32"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"MIN_DURATION","outputs":[{"internalType":"uint32","name":"","type":"uint32"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"acceptOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"to","type":"address"},{"internalType":"uint256","name":"tokenId","type":"uint256"}],"name":"approve","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"owner","type":"address"}],"name":"balanceOf","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256[]","name":"_ids","type":"uint256[]"},{"internalType":"address","name":"_receiver","type":"address"}],"name":"batchClaim","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256[]","name":"_ids","type":"uint256[]"}],"name":"batchClaimableAmount","outputs":[{"internalType":"uint256","name":"toClaim","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256[]","name":"_ids","type":"uint256[]"},{"internalType":"address","name":"_receiver","type":"address"}],"name":"batchUnstake","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"_new","type":"address"}],"name":"changeSlippageAdmin","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"pool","type":"address"},{"internalType":"uint224","name":"_newSlippage","type":"uint224"},{"internalType":"uint32","name":"_newLookBack","type":"uint32"}],"name":"changeSlippageConfig","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"_tokenId","type":"uint256"},{"internalType":"address","name":"_receiver","type":"address"}],"name":"claim","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"_id","type":"uint256"},{"internalType":"uint256","name":"_amountShaolinMin","type":"uint256"},{"internalType":"uint32","name":"_deadline","type":"uint32"}],"name":"compoundRewards","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"_amount","type":"uint256"},{"internalType":"uint32","name":"_duration","type":"uint32"}],"name":"convertShaolinToShares","outputs":[{"internalType":"uint256","name":"shares","type":"uint256"}],"stateMutability":"pure","type":"function"},{"inputs":[{"internalType":"uint256","name":"_amount","type":"uint256"}],"name":"distribute","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"enum ShaolinStaking.POOLS","name":"_pool","type":"uint8"},{"internalType":"uint256","name":"_amount","type":"uint256"}],"name":"distributeToSpecificPool","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"tokenId","type":"uint256"}],"name":"getApproved","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"tokenIn","type":"address"},{"internalType":"address","name":"tokenOut","type":"address"},{"internalType":"uint24","name":"poolTier","type":"uint24"},{"internalType":"uint256","name":"amount","type":"uint256"}],"name":"getTwapAmount","outputs":[{"internalType":"uint256","name":"twapAmount","type":"uint256"},{"internalType":"uint224","name":"slippage","type":"uint224"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"owner","type":"address"},{"internalType":"address","name":"operator","type":"address"}],"name":"isApprovedForAll","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"_tokenId","type":"uint256"},{"internalType":"address","name":"_spender","type":"address"}],"name":"isApprovedOrOwner","outputs":[],"stateMutability":"view","type":"function"},{"inputs":[],"name":"lastDistributedDay","outputs":[{"internalType":"uint32","name":"","type":"uint32"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"name","outputs":[{"internalType":"string","name":"","type":"string"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"owner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"tokenId","type":"uint256"}],"name":"ownerOf","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"pendingOwner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"renounceOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"rewardPerShare","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"from","type":"address"},{"internalType":"address","name":"to","type":"address"},{"internalType":"uint256","name":"tokenId","type":"uint256"}],"name":"safeTransferFrom","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"from","type":"address"},{"internalType":"address","name":"to","type":"address"},{"internalType":"uint256","name":"tokenId","type":"uint256"},{"internalType":"bytes","name":"data","type":"bytes"}],"name":"safeTransferFrom","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"operator","type":"address"},{"internalType":"bool","name":"approved","type":"bool"}],"name":"setApprovalForAll","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"shaolin","outputs":[{"internalType":"contract Shaolin","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"slippageAdmin","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"pool","type":"address"}],"name":"slippageConfigs","outputs":[{"internalType":"uint224","name":"slippage","type":"uint224"},{"internalType":"uint32","name":"twapLookback","type":"uint32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint32","name":"_duration","type":"uint32"},{"internalType":"uint256","name":"_shaolinAmount","type":"uint256"}],"name":"stake","outputs":[{"internalType":"uint96","name":"_tokenId","type":"uint96"},{"internalType":"uint256","name":"shares","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"startTimestamp","outputs":[{"internalType":"uint32","name":"","type":"uint32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes4","name":"interfaceId","type":"bytes4"}],"name":"supportsInterface","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"symbol","outputs":[{"internalType":"string","name":"","type":"string"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"enum ShaolinStaking.POOLS","name":"","type":"uint8"}],"name":"toDistribute","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"_user","type":"address"},{"internalType":"bool","name":"_value","type":"bool"}],"name":"toggleBlackListed","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"tokenId","outputs":[{"internalType":"uint96","name":"","type":"uint96"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"tokenId","type":"uint256"}],"name":"tokenURI","outputs":[{"internalType":"string","name":"","type":"string"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"totalShares","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"from","type":"address"},{"internalType":"address","name":"to","type":"address"},{"internalType":"uint256","name":"tokenId","type":"uint256"}],"name":"transferFrom","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"newOwner","type":"address"}],"name":"transferOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"uniswapV3Router","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"_tokenId","type":"uint256"},{"internalType":"address","name":"_receiver","type":"address"}],"name":"unstake","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"updateRewardsIfNecessary","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"id","type":"uint256"}],"name":"userRecords","outputs":[{"internalType":"uint256","name":"shares","type":"uint256"},{"internalType":"uint256","name":"lockedShaolin","type":"uint256"},{"internalType":"uint256","name":"rewardDebt","type":"uint256"},{"internalType":"uint32","name":"endTime","type":"uint32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"}],"name":"userShares","outputs":[{"internalType":"uint256","name":"totalShares","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"v3Factory","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"weth","outputs":[{"internalType":"contract IWETH9","name":"","type":"address"}],"stateMutability":"view","type":"function"}]Contract Creation Code
610120604052348015610010575f5ffd5b5060405161442938038061442983398101604081905261002f916101d6565b808060400151604051806040016040528060078152602001665374616b696e6760c81b8152506040518060400160405280600381526020016253544b60e81b815250815f908161007f9190610311565b50600161008c8282610311565b5050506001600160a01b0381166100bc57604051631e4fbdf760e01b81525f600482015260240160405180910390fd5b6100c58161013a565b5080516001600160a01b039081166080526020820151811660a052604090910151600880549183166001600160a01b031990921691909117905563ffffffff90941660c05250908216610100521660e052600c805463ffffffff60601b19166c010000000000000000000000001790556103cb565b600780546001600160a01b031916905561015381610156565b50565b600680546001600160a01b038381166001600160a01b0319831681179093556040519116919082907f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0905f90a35050565b80516001600160a01b03811681146101bd575f5ffd5b919050565b634e487b7160e01b5f52604160045260245ffd5b5f5f5f5f84860360c08112156101ea575f5ffd5b855163ffffffff811681146101fd575f5ffd5b945061020b602087016101a7565b9350610219604087016101a7565b92506060605f198201121561022c575f5ffd5b50604051606081016001600160401b038111828210171561024f5761024f6101c2565b60405261025e606087016101a7565b815261026c608087016101a7565b602082015261027d60a087016101a7565b6040820152939692955090935050565b600181811c908216806102a157607f821691505b6020821081036102bf57634e487b7160e01b5f52602260045260245ffd5b50919050565b601f82111561030c57805f5260205f20601f840160051c810160208510156102ea5750805b601f840160051c820191505b81811015610309575f81556001016102f6565b50505b505050565b81516001600160401b0381111561032a5761032a6101c2565b61033e81610338845461028d565b846102c5565b6020601f821160018114610370575f83156103595750848201515b5f19600385901b1c1916600184901b178455610309565b5f84815260208120601f198516915b8281101561039f578785015182556020948501946001909201910161037f565b50848210156103bc57868401515f19600387901b60f8161c191681555b50505050600190811b01905550565b60805160a05160c05160e05161010051613fcd61045c5f395f81816107cb01528181610f75015281816111af01526114a101525f818161042c01528181610a540152818161148001528181611d300152611e9401525f818161076301528181611aab0152611af801525f818161054a01526115b001525f81816103e90152818161218f01526122cd0152613fcd5ff3fe608060405234801561000f575f5ffd5b50600436106102cb575f3560e01c80637ec6840f1161017b578063c87b56dd116100e4578063e30c39781161009e578063ed50298611610079578063ed50298614610798578063f2fde38b146107a0578063f6c4c9c1146107b3578063fa0b7de7146107c6575f5ffd5b8063e30c39781461074d578063e6fd48bc1461075e578063e985e9c514610785575f5ffd5b8063c87b56dd1461066a578063ca1c95b41461067d578063d1837eca14610690578063ddd5e1b2146106c0578063de69b3aa146106d3578063e121ce41146106f2575f5ffd5b80639f47f048116101355780639f47f04814610609578063a22cb4651461061c578063b1724b461461062f578063b6a6d1771461063a578063b88d4fde14610644578063c1168dad14610657575f5ffd5b80637ec6840f1461056c5780638381e1821461059e5780638da5cb5b146105b157806391c05b0b146105c257806395591c9b146105d557806395d89b4114610601575f5ffd5b80633a98ef39116102375780636352211e116101f1578063715018a6116101cc578063715018a614610522578063745f60601461052a57806379ba50971461053d5780637c887c5914610545575f5ffd5b80636352211e146104dd57806367b92272146104f057806370a082311461050f575f5ffd5b80633a98ef391461041e5780633fc8cef31461042757806342842e0e1461044e578063446a2ec814610461578063457c7afa1461046a578063612f3fbe1461047d575f5ffd5b806317d70f7c1161028857806317d70f7c1461037257806319b29a9f1461039d57806323b872dd146103be5780632ae6ad11146103d15780632c76d7a6146103e45780633a237aa01461040b575f5ffd5b806301ffc9a7146102cf57806306fdde03146102f7578063081812fc1461030c578063095ea7b314610337578063109abc2d1461034c57806315e7f5f71461035f575b5f5ffd5b6102e26102dd3660046132c3565b6107ed565b60405190151581526020015b60405180910390f35b6102ff61083e565b6040516102ee919061332b565b61031f61031a36600461333d565b6108cd565b6040516001600160a01b0390911681526020016102ee565b61034a610345366004613368565b6108f4565b005b61034a61035a3660046133da565b610903565b61034a61036d36600461343a565b61093d565b600c54610385906001600160601b031681565b6040516001600160601b0390911681526020016102ee565b6103b06103ab366004613482565b61096f565b6040519081526020016102ee565b61034a6103cc3660046134a5565b6109ad565b61034a6103df3660046134f6565b610a35565b61031f7f000000000000000000000000000000000000000000000000000000000000000081565b60085461031f906001600160a01b031681565b6103b0600a5481565b61031f7f000000000000000000000000000000000000000000000000000000000000000081565b61034a61045c3660046134a5565b610ac8565b6103b0600b5481565b61034a610478366004613510565b610ae7565b6104b761048b36600461333d565b600e6020525f908152604090208054600182015460028301546003909301549192909163ffffffff1684565b6040805194855260208501939093529183015263ffffffff1660608201526080016102ee565b61031f6104eb36600461333d565b610b55565b6103b06104fe36600461352b565b600d6020525f908152604090205481565b6103b061051d366004613510565b610b5f565b61034a610ba4565b6103b0610538366004613544565b610bb7565b61034a610d3d565b61031f7f000000000000000000000000000000000000000000000000000000000000000081565b61057f61057a366004613583565b610d81565b604080516001600160601b0390931683526020830191909152016102ee565b61034a6105ac36600461359f565b611004565b6006546001600160a01b031661031f565b61034a6105d036600461333d565b61122d565b600c546105ec90600160601b900463ffffffff1681565b60405163ffffffff90911681526020016102ee565b6102ff611240565b61034a6106173660046135c2565b61124f565b61034a61062a36600461343a565b61135b565b6105ec6301e1338081565b6105ec6274040081565b61034a61065236600461364f565b611366565b61034a6106653660046133da565b61137e565b6102ff61067836600461333d565b6113b2565b61034a61068b366004613711565b611422565b6106a361069e36600461373c565b6115a8565b604080519283526001600160e01b039091166020830152016102ee565b61034a6106ce36600461359f565b6116f1565b6103b06106e1366004613510565b600f6020525f908152604090205481565b610729610700366004613510565b60096020525f90815260409020546001600160e01b03811690600160e01b900463ffffffff1682565b604080516001600160e01b03909316835263ffffffff9091166020830152016102ee565b6007546001600160a01b031661031f565b6105ec7f000000000000000000000000000000000000000000000000000000000000000081565b6102e2610793366004613791565b611719565b61034a611746565b61034a6107ae366004613510565b611817565b61034a6107c136600461359f565b611888565b61031f7f000000000000000000000000000000000000000000000000000000000000000081565b5f6001600160e01b031982166380ac58cd60e01b148061081d57506001600160e01b03198216635b5e139f60e01b145b8061083857506301ffc9a760e01b6001600160e01b03198316145b92915050565b60605f805461084c906137bd565b80601f0160208091040260200160405190810160405280929190818152602001828054610878906137bd565b80156108c35780601f1061089a576101008083540402835291602001916108c3565b820191905f5260205f20905b8154815290600101906020018083116108a657829003601f168201915b5050505050905090565b5f6108d78261189b565b505f828152600460205260409020546001600160a01b0316610838565b6108ff8282336118d3565b5050565b5f5b828110156109375761092f848483818110610922576109226137f5565b90506020020135836116f1565b600101610905565b50505050565b6109456118e0565b6001600160a01b03919091165f908152601060205260409020805460ff1916911515919091179055565b8161099c8161099784627404006301e1338066b1a2bc2ec50000670de0b6b3a764000061190d565b611960565b6109a6908261381d565b9392505050565b6001600160a01b0382166109db57604051633250574960e11b81525f60048201526024015b60405180910390fd5b5f6109e783833361198b565b9050836001600160a01b0316816001600160a01b031614610937576040516364283d7b60e01b81526001600160a01b03808616600483015260248201849052821660448201526064016109d2565b80610a3f816119e7565b610a47611746565b610a7c6001600160a01b037f000000000000000000000000000000000000000000000000000000000000000016333085611a07565b81600d5f856001811115610a9257610a92613830565b6001811115610aa357610aa3613830565b81526020019081526020015f205f828254610abe919061381d565b9091555050505050565b610ae283838360405180602001604052805f815250611366565b505050565b80610af181611a61565b610af96118e0565b6008546040516001600160a01b038085169216907fe29b0c9a6487aafa3c3ceb89f97f492476d5d1b3c03dbbdd4e1c004d8bd83ef4905f90a350600880546001600160a01b0319166001600160a01b0392909216919091179055565b5f6108388261189b565b5f6001600160a01b038216610b89576040516322718ad960e21b81525f60048201526024016109d2565b506001600160a01b03165f9081526003602052604090205490565b610bac6118e0565b610bb55f611a88565b565b5f5f610bc1611aa1565b600b54600c54919250905f90610be690600890600160601b900463ffffffff16613858565b63ffffffff16610bf7600885613858565b63ffffffff161190505f6010600c8054906101000a900463ffffffff16610c1e9190613858565b63ffffffff16610c2f601086613858565b63ffffffff161190508115610c7a57610c6d600d5f805b6001811115610c5757610c57613830565b81526020019081526020015f2054600a54611b92565b610c77908461381d565b92505b8015610c9a57610c8d600d5f6001610c46565b610c97908461381d565b92505b5f5b86811015610d32575f888883818110610cb757610cb76137f5565b602090810292909201355f818152600e845260409081902081516080810183528154808252600183015496820196909652600282015492810183905260039091015463ffffffff1660608201529194509092610d19925090610997908961387f565b610d23908961381d565b97505050806001019050610c9c565b505050505092915050565b60075433906001600160a01b03168114610d755760405163118cdaa760e01b81526001600160a01b03821660048201526024016109d2565b610d7e81611a88565b50565b5f5f82610d8d816119e7565b33610d9781611bdf565b63ffffffff86166274040011801590610dba57506301e1338063ffffffff871611155b8015610dd65750610dce6201518087613892565b63ffffffff16155b610df25760405162829cef60e51b815260040160405180910390fd5b610dfa611746565b600c80545f90610e12906001600160601b03166138b9565b91906101000a8154816001600160601b0302191690836001600160601b0316021790559350610e41858761096f565b92506040518060800160405280848152602001868152602001600b54815260200187610e6a4290565b610e7491906138e3565b63ffffffff9081169091526001600160601b0386165f908152600e602090815260408083208551815591850151600183015584015160028201556060909301516003909301805463ffffffff191693909216929092179055600a8054859290610ede90849061381d565b9091555050335f908152600f602052604081208054859290610f0190849061381d565b90915550506040805184815263ffffffff881660208201526001600160601b03861691879133917f207b496e2079bdcc047c0b60534f96e8fb9a9bb55a1d1ff3826598beefdff447910160405180910390a46040516323b872dd60e01b8152336004820152306024820152604481018690527f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316906323b872dd906064016020604051808303815f875af1158015610fc3573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610fe791906138ff565b50610ffb33856001600160601b0316611c26565b50509250929050565b8061100e81611a61565b82611018816119e7565b5f848152600e60209081526040808320815160808101835281548082526001830154948201949094526002820154928101929092526003015463ffffffff166060820152910361107b5760405163621f7f3560e01b815260040160405180910390fd5b4263ffffffff16816060015163ffffffff1611156110ac57604051632cae2d0160e01b815260040160405180910390fd5b6110b68533611888565b5f6110c086610b55565b90506110cc8686611c87565b60208083015183515f898152600e909352604083208381556001810184905560028101849055600301805463ffffffff19169055600a80549293919283929061111690849061387f565b90915550506001600160a01b0383165f908152600f60205260408120805483929061114290849061387f565b90915550506040516001600160a01b03881681528890839083907fe58f1bc928f89a539038781e3855b3646edb6dacfabffbc4f320f272e6bb4d6c9060200160405180910390a460405163a9059cbb60e01b81526001600160a01b038881166004830152602482018490527f0000000000000000000000000000000000000000000000000000000000000000169063a9059cbb906044016020604051808303815f875af11580156111f5573d5f5f3e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061121991906138ff565b5061122388611da1565b5050505050505050565b80611237816119e7565b6108ff82611dd9565b60606001805461084c906137bd565b8063ffffffff1661125f816119e7565b611267611ebc565b60148263ffffffff16111561128f576040516330c067a960e01b815260040160405180910390fd5b670de0b6b3a76400006001600160e01b03841611156112c1576040516338fd8f3960e21b815260040160405180910390fd5b8163ffffffff16836001600160e01b0316856001600160a01b03167f6b866971e730de54469a032413d79dc0037a7da3f92641b3a839ecc013a9c73e60405160405180910390a4506040805180820182526001600160e01b03938416815263ffffffff92831660208083019182526001600160a01b039096165f90815260099096529190942093519051909116600160e01b029116179055565b6108ff338383611efc565b6113718484846109ad565b6109373385858585611f9a565b5f5b82811015610937576113aa84848381811061139d5761139d6137f5565b9050602002013583611004565b600101611380565b60606113bd8261189b565b505f6113d360408051602081019091525f815290565b90505f8151116113f15760405180602001604052805f8152506109a6565b806113fb846120c1565b60405160200161140c92919061391a565b6040516020818303038152906040529392505050565b8061142c81612151565b61143584610b55565b61143e81611bdf565b611446611746565b6114508533611888565b5f858152600e6020526040812080546002820154600b5492939261147892916109979161387f565b90505f6114cb7f00000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000848a6127108b612178565b9050600b54836002018190555080836001015f8282546114eb919061381d565b90915550508254819084905f9061150390849061381d565b909155505f905061151389610b55565b6001600160a01b0381165f908152600f602052604081208054929350849290919061153f90849061381d565b9250508190555081600a5f828254611557919061381d565b90915550611566905089610b55565b6001600160a01b031689837f7542c67f9118a1e6b89a5e2750b90049d08653d93c1815f27a66954c5afd845660405160405180910390a4505050505050505050565b5f5f5f6115df7f00000000000000000000000000000000000000000000000000000000000000006115da89898961235a565b6123c4565b6001600160a01b0381165f908152600960209081526040918290208251808401909352546001600160e01b0381168352600160e01b900463ffffffff169082018190529192509015801561163b575080516001600160e01b0316155b1561167e5760405180604001604052806702c68af0bb140000670de0b6b3a76400006116679190613948565b67ffffffffffffffff168152600f60209091015290505b5f8160200151603c6116909190613968565b90505f61169c846124aa565b90508163ffffffff168163ffffffff1610156116b6578091505b5f6116c18584612658565b5090505f6116ce82612887565b8551975090506116e0818a8e8e612ba2565b975050505050505094509492505050565b806116fb81611a61565b82611705816119e7565b61170f8433611888565b6109378484611c87565b6001600160a01b039182165f90815260056020908152604080832093909416825291909152205460ff1690565b600a545f0361175157565b5f61175a611aa1565b90505f6008600c8054906101000a900463ffffffff1661177a9190613858565b63ffffffff1661178b600884613858565b63ffffffff161190505f6010600c8054906101000a900463ffffffff166117b29190613858565b63ffffffff166117c3601085613858565b63ffffffff1611905081156117dd576117dd5f600d612c86565b80156117ef576117ef6001600d612c86565b5050600c805463ffffffff909216600160601b0263ffffffff60601b19909216919091179055565b61181f6118e0565b600780546001600160a01b0383166001600160a01b031990911681179091556118506006546001600160a01b031690565b6001600160a01b03167f38d16b8cac22d99fc7c124b9cd0de2d3fa1faef420bfe791d8c362d765e2270060405160405180910390a350565b6108ff61189483610b55565b8284612d98565b5f818152600260205260408120546001600160a01b03168061083857604051637e27328960e01b8152600481018490526024016109d2565b610ae28383836001612dfc565b6006546001600160a01b03163314610bb55760405163118cdaa760e01b81523360048201526024016109d2565b5f611918858561398e565b63ffffffff16611928848461387f565b611932878961398e565b63ffffffff1661194291906139aa565b61194c91906139c1565b611956908461381d565b9695505050505050565b5f815f1904831182021561197b5763c4c5d7f55f526004601cfd5b50670de0b6b3a764000091020490565b5f828152600260205260408120546001600160a01b03168015806119b657506001600160a01b038516155b6119d357604051630296227f60e01b815260040160405180910390fd5b6119de858585612f00565b95945050505050565b805f03610d7e57604051635a53a6e960e01b815260040160405180910390fd5b604080516001600160a01b0385811660248301528416604482015260648082018490528251808303909101815260849091019091526020810180516001600160e01b03166323b872dd60e01b179052610937908590612ff2565b6001600160a01b038116610d7e576040516359c662df60e11b815260040160405180910390fd5b600780546001600160a01b0319169055610d7e8161305e565b5f4263ffffffff167f000000000000000000000000000000000000000000000000000000000000000063ffffffff161115611adc5750600190565b735dcd2315a462f0046641b2118e106fbb47d133d363e091ed9f7f0000000000000000000000000000000000000000000000000000000000000000426040516001600160e01b031960e085901b16815263ffffffff928316600482015291166024820152604401602060405180830381865af4158015611b5e573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190611b8291906139d4565b611b8d9060016138e3565b905090565b5f7812725dd1d243aba0e75fe645cc4873f9e65afe688c928e1f218311670de0b6b3a764000002158202611bcd5763bcbede655f526004601cfd5b50670de0b6b3a7640000919091020490565b6001600160a01b0381165f90815260106020526040902054819060ff16156108ff57604051637628816760e01b81526001600160a01b0390911660048201526024016109d2565b6001600160a01b038216611c4f57604051633250574960e11b81525f60048201526024016109d2565b5f611c5b83835f61198b565b90506001600160a01b03811615610ae2576040516339e3563760e11b81525f60048201526024016109d2565b5f828152600e60205260409020611c9c611746565b5f611cb6825f01548360020154600b54610997919061387f565b600b546002840181905590915081857fee0b8b0781df81efd732b637fff3a1f3ab388d58bcfe3547eb43bed7ee111695611cef82610b55565b6040516001600160a01b03909116815260200160405180910390a460405163a9059cbb60e01b81526001600160a01b038481166004830152602482018390527f0000000000000000000000000000000000000000000000000000000000000000169063a9059cbb906044016020604051808303815f875af1158015611d76573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190611d9a91906138ff565b5050505050565b5f611dad5f835f61198b565b90506001600160a01b0381166108ff57604051637e27328960e01b8152600481018390526024016109d2565b611de1611746565b611df3816706f05b59d3b20000611960565b5f808052600d6020527f81955a0a11e65eac625c29e8882660bae4e165a75d72780094acae8ece9a29ee8054909190611e2d90849061381d565b90915550611e459050816706f05b59d3b20000611960565b60015f908152600d6020527ffd54ff1ed53f34a900b24c5ba64f85761163b5d82d98a47b9bd80e45466993c58054909190611e8190849061381d565b90915550610d7e90506001600160a01b037f000000000000000000000000000000000000000000000000000000000000000016333084611a07565b6008546001600160a01b0316331480611edf57506006546001600160a01b031633145b610bb5576040516371dd489b60e11b815260040160405180910390fd5b6001600160a01b038216611f2e57604051630b61174360e31b81526001600160a01b03831660048201526024016109d2565b6001600160a01b038381165f81815260056020908152604080832094871680845294825291829020805460ff191686151590811790915591519182527f17307eab39ab6107e8899845ad3d59bd9653f200f220920489ca2b5937696c31910160405180910390a3505050565b6001600160a01b0383163b15611d9a57604051630a85bd0160e11b81526001600160a01b0384169063150b7a0290611fdc9088908890879087906004016139ef565b6020604051808303815f875af1925050508015612016575060408051601f3d908101601f1916820190925261201391810190613a21565b60015b61207d573d808015612043576040519150601f19603f3d011682016040523d82523d5f602084013e612048565b606091505b5080515f0361207557604051633250574960e11b81526001600160a01b03851660048201526024016109d2565b805181602001fd5b6001600160e01b03198116630a85bd0160e11b146120b957604051633250574960e11b81526001600160a01b03851660048201526024016109d2565b505050505050565b60605f6120cd836130af565b60010190505f8167ffffffffffffffff8111156120ec576120ec61360a565b6040519080825280601f01601f191660200182016040528015612116576020820181803683370190505b5090508181016020015b5f19016f181899199a1a9b1b9c1cb0b131b232b360811b600a86061a8153600a850494508461212057509392505050565b8063ffffffff16421115610d7e57604051630407b05b60e31b815260040160405180910390fd5b60405163095ea7b360e01b81526001600160a01b037f000000000000000000000000000000000000000000000000000000000000000081166004830152602482018690525f919088169063095ea7b3906044016020604051808303815f875af11580156121e7573d5f5f3e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061220b91906138ff565b506040516bffffffffffffffffffffffff19606089811b821660208401526001600160e81b031960e887901b16603484015288901b1660378201525f90604b0160405160208183030381529060405290505f5f61226a8a8a888b6115a8565b915091505f875f1461227c578761228f565b61228f83836001600160e01b0316611960565b6040805160a08101825286815230602082015263ffffffff891681830152606081018c905260808101839052905163c04b8d5960e01b8152919250907f00000000000000000000000000000000000000000000000000000000000000006001600160a01b03169063c04b8d599061230a908490600401613a3c565b6020604051808303815f875af1158015612326573d5f5f3e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061234a9190613a93565b9c9b505050505050505050505050565b604080516060810182525f8082526020820181905291810191909152826001600160a01b0316846001600160a01b03161115612394579192915b50604080516060810182526001600160a01b03948516815292909316602083015262ffffff169181019190915290565b5f81602001516001600160a01b0316825f01516001600160a01b0316106123e9575f5ffd5b815160208084015160408086015181516001600160a01b0395861681860152949092168482015262ffffff90911660608085019190915281518085038201815260808501909252815191909201206001600160f81b031960a08401529085901b6bffffffffffffffffffffffff191660a183015260b58201527fe34f199b19b2b4f47f68442619d555527d244f78a3297ea89325f843f87b8b5460d582015260f50160408051601f1981840301815291905280516020909101209392505050565b5f5f5f836001600160a01b0316633850c7bd6040518163ffffffff1660e01b815260040160e060405180830381865afa1580156124e9573d5f5f3e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061250d9190613abb565b5050509350935050505f8161ffff161161254e5760405162461bcd60e51b81526020600482015260026024820152614e4960f01b60448201526064016109d2565b5f806001600160a01b03861663252c09d78461256b876001613b53565b6125759190613b6d565b6040516001600160e01b031960e084901b16815261ffff9091166004820152602401608060405180830381865afa1580156125b2573d5f5f3e3d5ffd5b505050506040513d601f19601f820116820180604052508101906125d69190613ba1565b9350505091508061264e5760405163252c09d760e01b81525f60048201526001600160a01b0387169063252c09d790602401608060405180830381865afa158015612623573d5f5f3e3d5ffd5b505050506040513d601f19601f820116820180604052508101906126479190613ba1565b5091935050505b611956824261398e565b5f5f8263ffffffff165f036126945760405162461bcd60e51b8152602060048201526002602482015261042560f41b60448201526064016109d2565b6040805160028082526060820183525f9260208301908036833701905050905083815f815181106126c7576126c76137f5565b602002602001019063ffffffff16908163ffffffff16815250505f816001815181106126f5576126f56137f5565b602002602001019063ffffffff16908163ffffffff16815250505f5f866001600160a01b031663883bdbfd846040518263ffffffff1660e01b815260040161273d9190613bf9565b5f60405180830381865afa158015612757573d5f5f3e3d5ffd5b505050506040513d5f823e601f3d908101601f1916820160405261277e9190810190613cd7565b915091505f825f81518110612795576127956137f5565b6020026020010151836001815181106127b0576127b06137f5565b60200260200101516127c29190613d9c565b90505f825f815181106127d7576127d76137f5565b6020026020010151836001815181106127f2576127f26137f5565b602090810291909101015103905063ffffffff88166128118184613dc9565b97505f8360060b128015612830575061282a8184613e05565b60060b15155b15612843578761283f81613e26565b9850505b63ffffffff8916640100000000600160c01b03602084901b1661286d6001600160a01b0383613e47565b6128779190613e78565b9750505050505050509250929050565b5f5f5f8360020b1261289c578260020b6128a3565b8260020b5f035b9050620d89e88111156128c9576040516315e4079d60e11b815260040160405180910390fd5b5f816001165f036128de57600160801b6128f0565b6ffffcb933bd6fad37aa2d162d1a5940015b70ffffffffffffffffffffffffffffffffff1690506002821615612924576ffff97272373d413259a46990580e213a0260801c5b6004821615612943576ffff2e50f5f656932ef12357cf3c7fdcc0260801c5b6008821615612962576fffe5caca7e10e4e61c3624eaa0941cd00260801c5b6010821615612981576fffcb9843d60f6159c9db58835c9266440260801c5b60208216156129a0576fff973b41fa98c081472e6896dfb254c00260801c5b60408216156129bf576fff2ea16466c96a3843ec78b326b528610260801c5b60808216156129de576ffe5dee046a99a2a811c461f1969c30530260801c5b6101008216156129fe576ffcbe86c7900a88aedcffc83b479aa3a40260801c5b610200821615612a1e576ff987a7253ac413176f2b074cf7815e540260801c5b610400821615612a3e576ff3392b0822b70005940c7a398e4b70f30260801c5b610800821615612a5e576fe7159475a2c29b7443b29c7fa6e889d90260801c5b611000821615612a7e576fd097f3bdfd2022b8845ad8f792aa58250260801c5b612000821615612a9e576fa9f746462d870fdf8a65dc1f90e061e50260801c5b614000821615612abe576f70d869a156d2a1b890bb3df62baf32f70260801c5b618000821615612ade576f31be135f97d08fd981231505542fcfa60260801c5b62010000821615612aff576f09aa508b5b7a84e1c677de54f3e99bc90260801c5b62020000821615612b1f576e5d6af8dedb81196699c329225ee6040260801c5b62040000821615612b3e576d2216e584f5fa1ea926041bedfe980260801c5b62080000821615612b5b576b048a170391f7dc42444e8fa20260801c5b5f8460020b1315612b7a57805f1981612b7657612b76613844565b0490505b640100000000810615612b8e576001612b90565b5f5b60ff16602082901c0192505050919050565b5f6fffffffffffffffffffffffffffffffff6001600160a01b03861611612c1e575f612bd860026001600160a01b038816613f89565b9050826001600160a01b0316846001600160a01b031610612c0757612c02600160c01b8683613186565b612c16565b612c168186600160c01b613186565b915050612c7e565b5f612c3c6001600160a01b0387168068010000000000000000613186565b9050826001600160a01b0316846001600160a01b031610612c6b57612c66600160801b8683613186565b612c7a565b612c7a8186600160801b613186565b9150505b949350505050565b805f836001811115612c9a57612c9a613830565b6001811115612cab57612cab613830565b81526020019081526020015f20545f03612cc3575050565b612cda815f846001811115610c4657610c46613830565b600b5f828254612cea919061381d565b909155508190505f836001811115612d0457612d04613830565b6001811115612d1557612d15613830565b81526020019081526020015f2054826001811115612d3557612d35613830565b6040517f6561e54c14520a1109ca3c094be574addf898e575c0712103c2278cf3c31f1a3905f90a35f600d5f846001811115612d7357612d73613830565b6001811115612d8457612d84613830565b815260208101919091526040015f20555050565b612da383838361323c565b610ae2576001600160a01b038316612dd157604051637e27328960e01b8152600481018290526024016109d2565b60405163177e802f60e01b81526001600160a01b0383166004820152602481018290526044016109d2565b8080612e1057506001600160a01b03821615155b15612ed1575f612e1f8461189b565b90506001600160a01b03831615801590612e4b5750826001600160a01b0316816001600160a01b031614155b8015612e5e5750612e5c8184611719565b155b15612e875760405163a9fbf51f60e01b81526001600160a01b03841660048201526024016109d2565b8115612ecf5783856001600160a01b0316826001600160a01b03167f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b92560405160405180910390a45b505b50505f90815260046020526040902080546001600160a01b0319166001600160a01b0392909216919091179055565b5f828152600260205260408120546001600160a01b0390811690831615612f2c57612f2c818486612d98565b6001600160a01b03811615612f6657612f475f855f5f612dfc565b6001600160a01b0381165f90815260036020526040902080545f190190555b6001600160a01b03851615612f94576001600160a01b0385165f908152600360205260409020805460010190555b5f8481526002602052604080822080546001600160a01b0319166001600160a01b0389811691821790925591518793918516917fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef91a4949350505050565b5f5f60205f8451602086015f885af180613011576040513d5f823e3d81fd5b50505f513d91508115613028578060011415613035565b6001600160a01b0384163b155b1561093757604051635274afe760e01b81526001600160a01b03851660048201526024016109d2565b600680546001600160a01b038381166001600160a01b0319831681179093556040519116919082907f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0905f90a35050565b5f8072184f03e93ff9f4daa797ed6e38ed64bf6a1f0160401b83106130ed5772184f03e93ff9f4daa797ed6e38ed64bf6a1f0160401b830492506040015b6d04ee2d6d415b85acef81000000008310613119576d04ee2d6d415b85acef8100000000830492506020015b662386f26fc10000831061313757662386f26fc10000830492506010015b6305f5e100831061314f576305f5e100830492506008015b612710831061316357612710830492506004015b60648310613175576064830492506002015b600a83106108385760010192915050565b5f838302815f1985870982811083820303915050805f036131ba578382816131b0576131b0613844565b04925050506109a6565b8084116131d1576131d1600385150260111861329d565b5f848688095f868103871696879004966002600389028118808a02820302808a02820302808a02820302808a02820302808a02820302808a02909103029181900381900460010186841190950394909402919094039290920491909117919091029150509392505050565b5f6001600160a01b03831615801590612c7e5750826001600160a01b0316846001600160a01b0316148061327557506132758484611719565b80612c7e5750505f908152600460205260409020546001600160a01b03908116911614919050565b634e487b715f52806020526024601cfd5b6001600160e01b031981168114610d7e575f5ffd5b5f602082840312156132d3575f5ffd5b81356109a6816132ae565b5f5b838110156132f85781810151838201526020016132e0565b50505f910152565b5f81518084526133178160208601602086016132de565b601f01601f19169290920160200192915050565b602081525f6109a66020830184613300565b5f6020828403121561334d575f5ffd5b5035919050565b6001600160a01b0381168114610d7e575f5ffd5b5f5f60408385031215613379575f5ffd5b823561338481613354565b946020939093013593505050565b5f5f83601f8401126133a2575f5ffd5b50813567ffffffffffffffff8111156133b9575f5ffd5b6020830191508360208260051b85010111156133d3575f5ffd5b9250929050565b5f5f5f604084860312156133ec575f5ffd5b833567ffffffffffffffff811115613402575f5ffd5b61340e86828701613392565b909450925050602084013561342281613354565b809150509250925092565b8015158114610d7e575f5ffd5b5f5f6040838503121561344b575f5ffd5b823561345681613354565b915060208301356134668161342d565b809150509250929050565b63ffffffff81168114610d7e575f5ffd5b5f5f60408385031215613493575f5ffd5b82359150602083013561346681613471565b5f5f5f606084860312156134b7575f5ffd5b83356134c281613354565b925060208401356134d281613354565b929592945050506040919091013590565b8035600281106134f1575f5ffd5b919050565b5f5f60408385031215613507575f5ffd5b613384836134e3565b5f60208284031215613520575f5ffd5b81356109a681613354565b5f6020828403121561353b575f5ffd5b6109a6826134e3565b5f5f60208385031215613555575f5ffd5b823567ffffffffffffffff81111561356b575f5ffd5b61357785828601613392565b90969095509350505050565b5f5f60408385031215613594575f5ffd5b823561338481613471565b5f5f604083850312156135b0575f5ffd5b82359150602083013561346681613354565b5f5f5f606084860312156135d4575f5ffd5b83356135df81613354565b925060208401356001600160e01b03811681146135fa575f5ffd5b9150604084013561342281613471565b634e487b7160e01b5f52604160045260245ffd5b604051601f8201601f1916810167ffffffffffffffff811182821017156136475761364761360a565b604052919050565b5f5f5f5f60808587031215613662575f5ffd5b843561366d81613354565b9350602085013561367d81613354565b925060408501359150606085013567ffffffffffffffff81111561369f575f5ffd5b8501601f810187136136af575f5ffd5b803567ffffffffffffffff8111156136c9576136c961360a565b6136dc601f8201601f191660200161361e565b8181528860208385010111156136f0575f5ffd5b816020840160208301375f6020838301015280935050505092959194509250565b5f5f5f60608486031215613723575f5ffd5b8335925060208401359150604084013561342281613471565b5f5f5f5f6080858703121561374f575f5ffd5b843561375a81613354565b9350602085013561376a81613354565b9250604085013562ffffff81168114613781575f5ffd5b9396929550929360600135925050565b5f5f604083850312156137a2575f5ffd5b82356137ad81613354565b9150602083013561346681613354565b600181811c908216806137d157607f821691505b6020821081036137ef57634e487b7160e01b5f52602260045260245ffd5b50919050565b634e487b7160e01b5f52603260045260245ffd5b634e487b7160e01b5f52601160045260245ffd5b8082018082111561083857610838613809565b634e487b7160e01b5f52602160045260245ffd5b634e487b7160e01b5f52601260045260245ffd5b5f63ffffffff83168061386d5761386d613844565b8063ffffffff84160491505092915050565b8181038181111561083857610838613809565b5f63ffffffff8316806138a7576138a7613844565b8063ffffffff84160691505092915050565b5f6001600160601b0382166001600160601b0381036138da576138da613809565b60010192915050565b63ffffffff818116838216019081111561083857610838613809565b5f6020828403121561390f575f5ffd5b81516109a68161342d565b5f835161392b8184602088016132de565b83519083019061393f8183602088016132de565b01949350505050565b67ffffffffffffffff828116828216039081111561083857610838613809565b63ffffffff818116838216029081169081811461398757613987613809565b5092915050565b63ffffffff828116828216039081111561083857610838613809565b808202811582820484141761083857610838613809565b5f826139cf576139cf613844565b500490565b5f602082840312156139e4575f5ffd5b81516109a681613471565b6001600160a01b03858116825284166020820152604081018390526080606082018190525f9061195690830184613300565b5f60208284031215613a31575f5ffd5b81516109a6816132ae565b602081525f825160a06020840152613a5760c0840182613300565b905060018060a01b0360208501511660408401526040840151606084015260608401516080840152608084015160a08401528091505092915050565b5f60208284031215613aa3575f5ffd5b5051919050565b805161ffff811681146134f1575f5ffd5b5f5f5f5f5f5f5f60e0888a031215613ad1575f5ffd5b8751613adc81613354565b8097505060208801518060020b8114613af3575f5ffd5b9550613b0160408901613aaa565b9450613b0f60608901613aaa565b9350613b1d60808901613aaa565b925060a088015160ff81168114613b32575f5ffd5b60c0890151909250613b438161342d565b8091505092959891949750929550565b61ffff818116838216019081111561083857610838613809565b5f61ffff831680613b8057613b80613844565b8061ffff84160691505092915050565b8051600681900b81146134f1575f5ffd5b5f5f5f5f60808587031215613bb4575f5ffd5b8451613bbf81613471565b9350613bcd60208601613b90565b92506040850151613bdd81613354565b6060860151909250613bee8161342d565b939692955090935050565b602080825282518282018190525f918401906040840190835b81811015613c3657835163ffffffff16835260209384019390920191600101613c12565b509095945050505050565b5f67ffffffffffffffff821115613c5a57613c5a61360a565b5060051b60200190565b5f82601f830112613c73575f5ffd5b8151613c86613c8182613c41565b61361e565b8082825260208201915060208360051b860101925085831115613ca7575f5ffd5b602085015b83811015613ccd578051613cbf81613354565b835260209283019201613cac565b5095945050505050565b5f5f60408385031215613ce8575f5ffd5b825167ffffffffffffffff811115613cfe575f5ffd5b8301601f81018513613d0e575f5ffd5b8051613d1c613c8182613c41565b8082825260208201915060208360051b850101925087831115613d3d575f5ffd5b6020840193505b82841015613d6657613d5584613b90565b825260209384019390910190613d44565b80955050505050602083015167ffffffffffffffff811115613d86575f5ffd5b613d9285828601613c64565b9150509250929050565b600682810b9082900b03667fffffffffffff198112667fffffffffffff8213171561083857610838613809565b5f8160060b8360060b80613ddf57613ddf613844565b667fffffffffffff1982145f1982141615613dfc57613dfc613809565b90059392505050565b5f8260060b80613e1757613e17613844565b808360060b0791505092915050565b5f8160020b627fffff198103613e3e57613e3e613809565b5f190192915050565b6001600160c01b03818116838216818102909216918183048114821517613e7057613e70613809565b505092915050565b5f6001600160c01b03831680613e9057613e90613844565b6001600160c01b03929092169190910492915050565b6001815b6001841115613ee157808504811115613ec557613ec5613809565b6001841615613ed357908102905b60019390931c928002613eaa565b935093915050565b5f82613ef757506001610838565b81613f0357505f610838565b8160018114613f195760028114613f2357613f3f565b6001915050610838565b60ff841115613f3457613f34613809565b50506001821b610838565b5060208310610133831016604e8410600b8410161715613f62575081810a610838565b613f6e5f198484613ea6565b805f1904821115613f8157613f81613809565b029392505050565b5f6109a660ff841683613ee956fea264697066735822122016ba797b731c92ecbb98842a19baa3c750c87a9c6f336b5ad9b5844b151f6fa264736f6c634300081b003300000000000000000000000000000000000000000000000000000000679e6120000000000000000000000000af0db65b7296c02ab043f5cb17300c8ee949f247000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc2000000000000000000000000e592427a0aece92de3edee1f18e0157c058615640000000000000000000000001f98431c8ad98523631ae4a59f267346ea31f9840000000000000000000000005da227386e0fd73329fe3923394913eca3a624f7
Deployed Bytecode
0x608060405234801561000f575f5ffd5b50600436106102cb575f3560e01c80637ec6840f1161017b578063c87b56dd116100e4578063e30c39781161009e578063ed50298611610079578063ed50298614610798578063f2fde38b146107a0578063f6c4c9c1146107b3578063fa0b7de7146107c6575f5ffd5b8063e30c39781461074d578063e6fd48bc1461075e578063e985e9c514610785575f5ffd5b8063c87b56dd1461066a578063ca1c95b41461067d578063d1837eca14610690578063ddd5e1b2146106c0578063de69b3aa146106d3578063e121ce41146106f2575f5ffd5b80639f47f048116101355780639f47f04814610609578063a22cb4651461061c578063b1724b461461062f578063b6a6d1771461063a578063b88d4fde14610644578063c1168dad14610657575f5ffd5b80637ec6840f1461056c5780638381e1821461059e5780638da5cb5b146105b157806391c05b0b146105c257806395591c9b146105d557806395d89b4114610601575f5ffd5b80633a98ef39116102375780636352211e116101f1578063715018a6116101cc578063715018a614610522578063745f60601461052a57806379ba50971461053d5780637c887c5914610545575f5ffd5b80636352211e146104dd57806367b92272146104f057806370a082311461050f575f5ffd5b80633a98ef391461041e5780633fc8cef31461042757806342842e0e1461044e578063446a2ec814610461578063457c7afa1461046a578063612f3fbe1461047d575f5ffd5b806317d70f7c1161028857806317d70f7c1461037257806319b29a9f1461039d57806323b872dd146103be5780632ae6ad11146103d15780632c76d7a6146103e45780633a237aa01461040b575f5ffd5b806301ffc9a7146102cf57806306fdde03146102f7578063081812fc1461030c578063095ea7b314610337578063109abc2d1461034c57806315e7f5f71461035f575b5f5ffd5b6102e26102dd3660046132c3565b6107ed565b60405190151581526020015b60405180910390f35b6102ff61083e565b6040516102ee919061332b565b61031f61031a36600461333d565b6108cd565b6040516001600160a01b0390911681526020016102ee565b61034a610345366004613368565b6108f4565b005b61034a61035a3660046133da565b610903565b61034a61036d36600461343a565b61093d565b600c54610385906001600160601b031681565b6040516001600160601b0390911681526020016102ee565b6103b06103ab366004613482565b61096f565b6040519081526020016102ee565b61034a6103cc3660046134a5565b6109ad565b61034a6103df3660046134f6565b610a35565b61031f7f000000000000000000000000e592427a0aece92de3edee1f18e0157c0586156481565b60085461031f906001600160a01b031681565b6103b0600a5481565b61031f7f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc281565b61034a61045c3660046134a5565b610ac8565b6103b0600b5481565b61034a610478366004613510565b610ae7565b6104b761048b36600461333d565b600e6020525f908152604090208054600182015460028301546003909301549192909163ffffffff1684565b6040805194855260208501939093529183015263ffffffff1660608201526080016102ee565b61031f6104eb36600461333d565b610b55565b6103b06104fe36600461352b565b600d6020525f908152604090205481565b6103b061051d366004613510565b610b5f565b61034a610ba4565b6103b0610538366004613544565b610bb7565b61034a610d3d565b61031f7f0000000000000000000000001f98431c8ad98523631ae4a59f267346ea31f98481565b61057f61057a366004613583565b610d81565b604080516001600160601b0390931683526020830191909152016102ee565b61034a6105ac36600461359f565b611004565b6006546001600160a01b031661031f565b61034a6105d036600461333d565b61122d565b600c546105ec90600160601b900463ffffffff1681565b60405163ffffffff90911681526020016102ee565b6102ff611240565b61034a6106173660046135c2565b61124f565b61034a61062a36600461343a565b61135b565b6105ec6301e1338081565b6105ec6274040081565b61034a61065236600461364f565b611366565b61034a6106653660046133da565b61137e565b6102ff61067836600461333d565b6113b2565b61034a61068b366004613711565b611422565b6106a361069e36600461373c565b6115a8565b604080519283526001600160e01b039091166020830152016102ee565b61034a6106ce36600461359f565b6116f1565b6103b06106e1366004613510565b600f6020525f908152604090205481565b610729610700366004613510565b60096020525f90815260409020546001600160e01b03811690600160e01b900463ffffffff1682565b604080516001600160e01b03909316835263ffffffff9091166020830152016102ee565b6007546001600160a01b031661031f565b6105ec7f00000000000000000000000000000000000000000000000000000000679e612081565b6102e2610793366004613791565b611719565b61034a611746565b61034a6107ae366004613510565b611817565b61034a6107c136600461359f565b611888565b61031f7f000000000000000000000000af0db65b7296c02ab043f5cb17300c8ee949f24781565b5f6001600160e01b031982166380ac58cd60e01b148061081d57506001600160e01b03198216635b5e139f60e01b145b8061083857506301ffc9a760e01b6001600160e01b03198316145b92915050565b60605f805461084c906137bd565b80601f0160208091040260200160405190810160405280929190818152602001828054610878906137bd565b80156108c35780601f1061089a576101008083540402835291602001916108c3565b820191905f5260205f20905b8154815290600101906020018083116108a657829003601f168201915b5050505050905090565b5f6108d78261189b565b505f828152600460205260409020546001600160a01b0316610838565b6108ff8282336118d3565b5050565b5f5b828110156109375761092f848483818110610922576109226137f5565b90506020020135836116f1565b600101610905565b50505050565b6109456118e0565b6001600160a01b03919091165f908152601060205260409020805460ff1916911515919091179055565b8161099c8161099784627404006301e1338066b1a2bc2ec50000670de0b6b3a764000061190d565b611960565b6109a6908261381d565b9392505050565b6001600160a01b0382166109db57604051633250574960e11b81525f60048201526024015b60405180910390fd5b5f6109e783833361198b565b9050836001600160a01b0316816001600160a01b031614610937576040516364283d7b60e01b81526001600160a01b03808616600483015260248201849052821660448201526064016109d2565b80610a3f816119e7565b610a47611746565b610a7c6001600160a01b037f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc216333085611a07565b81600d5f856001811115610a9257610a92613830565b6001811115610aa357610aa3613830565b81526020019081526020015f205f828254610abe919061381d565b9091555050505050565b610ae283838360405180602001604052805f815250611366565b505050565b80610af181611a61565b610af96118e0565b6008546040516001600160a01b038085169216907fe29b0c9a6487aafa3c3ceb89f97f492476d5d1b3c03dbbdd4e1c004d8bd83ef4905f90a350600880546001600160a01b0319166001600160a01b0392909216919091179055565b5f6108388261189b565b5f6001600160a01b038216610b89576040516322718ad960e21b81525f60048201526024016109d2565b506001600160a01b03165f9081526003602052604090205490565b610bac6118e0565b610bb55f611a88565b565b5f5f610bc1611aa1565b600b54600c54919250905f90610be690600890600160601b900463ffffffff16613858565b63ffffffff16610bf7600885613858565b63ffffffff161190505f6010600c8054906101000a900463ffffffff16610c1e9190613858565b63ffffffff16610c2f601086613858565b63ffffffff161190508115610c7a57610c6d600d5f805b6001811115610c5757610c57613830565b81526020019081526020015f2054600a54611b92565b610c77908461381d565b92505b8015610c9a57610c8d600d5f6001610c46565b610c97908461381d565b92505b5f5b86811015610d32575f888883818110610cb757610cb76137f5565b602090810292909201355f818152600e845260409081902081516080810183528154808252600183015496820196909652600282015492810183905260039091015463ffffffff1660608201529194509092610d19925090610997908961387f565b610d23908961381d565b97505050806001019050610c9c565b505050505092915050565b60075433906001600160a01b03168114610d755760405163118cdaa760e01b81526001600160a01b03821660048201526024016109d2565b610d7e81611a88565b50565b5f5f82610d8d816119e7565b33610d9781611bdf565b63ffffffff86166274040011801590610dba57506301e1338063ffffffff871611155b8015610dd65750610dce6201518087613892565b63ffffffff16155b610df25760405162829cef60e51b815260040160405180910390fd5b610dfa611746565b600c80545f90610e12906001600160601b03166138b9565b91906101000a8154816001600160601b0302191690836001600160601b0316021790559350610e41858761096f565b92506040518060800160405280848152602001868152602001600b54815260200187610e6a4290565b610e7491906138e3565b63ffffffff9081169091526001600160601b0386165f908152600e602090815260408083208551815591850151600183015584015160028201556060909301516003909301805463ffffffff191693909216929092179055600a8054859290610ede90849061381d565b9091555050335f908152600f602052604081208054859290610f0190849061381d565b90915550506040805184815263ffffffff881660208201526001600160601b03861691879133917f207b496e2079bdcc047c0b60534f96e8fb9a9bb55a1d1ff3826598beefdff447910160405180910390a46040516323b872dd60e01b8152336004820152306024820152604481018690527f000000000000000000000000af0db65b7296c02ab043f5cb17300c8ee949f2476001600160a01b0316906323b872dd906064016020604051808303815f875af1158015610fc3573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610fe791906138ff565b50610ffb33856001600160601b0316611c26565b50509250929050565b8061100e81611a61565b82611018816119e7565b5f848152600e60209081526040808320815160808101835281548082526001830154948201949094526002820154928101929092526003015463ffffffff166060820152910361107b5760405163621f7f3560e01b815260040160405180910390fd5b4263ffffffff16816060015163ffffffff1611156110ac57604051632cae2d0160e01b815260040160405180910390fd5b6110b68533611888565b5f6110c086610b55565b90506110cc8686611c87565b60208083015183515f898152600e909352604083208381556001810184905560028101849055600301805463ffffffff19169055600a80549293919283929061111690849061387f565b90915550506001600160a01b0383165f908152600f60205260408120805483929061114290849061387f565b90915550506040516001600160a01b03881681528890839083907fe58f1bc928f89a539038781e3855b3646edb6dacfabffbc4f320f272e6bb4d6c9060200160405180910390a460405163a9059cbb60e01b81526001600160a01b038881166004830152602482018490527f000000000000000000000000af0db65b7296c02ab043f5cb17300c8ee949f247169063a9059cbb906044016020604051808303815f875af11580156111f5573d5f5f3e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061121991906138ff565b5061122388611da1565b5050505050505050565b80611237816119e7565b6108ff82611dd9565b60606001805461084c906137bd565b8063ffffffff1661125f816119e7565b611267611ebc565b60148263ffffffff16111561128f576040516330c067a960e01b815260040160405180910390fd5b670de0b6b3a76400006001600160e01b03841611156112c1576040516338fd8f3960e21b815260040160405180910390fd5b8163ffffffff16836001600160e01b0316856001600160a01b03167f6b866971e730de54469a032413d79dc0037a7da3f92641b3a839ecc013a9c73e60405160405180910390a4506040805180820182526001600160e01b03938416815263ffffffff92831660208083019182526001600160a01b039096165f90815260099096529190942093519051909116600160e01b029116179055565b6108ff338383611efc565b6113718484846109ad565b6109373385858585611f9a565b5f5b82811015610937576113aa84848381811061139d5761139d6137f5565b9050602002013583611004565b600101611380565b60606113bd8261189b565b505f6113d360408051602081019091525f815290565b90505f8151116113f15760405180602001604052805f8152506109a6565b806113fb846120c1565b60405160200161140c92919061391a565b6040516020818303038152906040529392505050565b8061142c81612151565b61143584610b55565b61143e81611bdf565b611446611746565b6114508533611888565b5f858152600e6020526040812080546002820154600b5492939261147892916109979161387f565b90505f6114cb7f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc27f000000000000000000000000af0db65b7296c02ab043f5cb17300c8ee949f247848a6127108b612178565b9050600b54836002018190555080836001015f8282546114eb919061381d565b90915550508254819084905f9061150390849061381d565b909155505f905061151389610b55565b6001600160a01b0381165f908152600f602052604081208054929350849290919061153f90849061381d565b9250508190555081600a5f828254611557919061381d565b90915550611566905089610b55565b6001600160a01b031689837f7542c67f9118a1e6b89a5e2750b90049d08653d93c1815f27a66954c5afd845660405160405180910390a4505050505050505050565b5f5f5f6115df7f0000000000000000000000001f98431c8ad98523631ae4a59f267346ea31f9846115da89898961235a565b6123c4565b6001600160a01b0381165f908152600960209081526040918290208251808401909352546001600160e01b0381168352600160e01b900463ffffffff169082018190529192509015801561163b575080516001600160e01b0316155b1561167e5760405180604001604052806702c68af0bb140000670de0b6b3a76400006116679190613948565b67ffffffffffffffff168152600f60209091015290505b5f8160200151603c6116909190613968565b90505f61169c846124aa565b90508163ffffffff168163ffffffff1610156116b6578091505b5f6116c18584612658565b5090505f6116ce82612887565b8551975090506116e0818a8e8e612ba2565b975050505050505094509492505050565b806116fb81611a61565b82611705816119e7565b61170f8433611888565b6109378484611c87565b6001600160a01b039182165f90815260056020908152604080832093909416825291909152205460ff1690565b600a545f0361175157565b5f61175a611aa1565b90505f6008600c8054906101000a900463ffffffff1661177a9190613858565b63ffffffff1661178b600884613858565b63ffffffff161190505f6010600c8054906101000a900463ffffffff166117b29190613858565b63ffffffff166117c3601085613858565b63ffffffff1611905081156117dd576117dd5f600d612c86565b80156117ef576117ef6001600d612c86565b5050600c805463ffffffff909216600160601b0263ffffffff60601b19909216919091179055565b61181f6118e0565b600780546001600160a01b0383166001600160a01b031990911681179091556118506006546001600160a01b031690565b6001600160a01b03167f38d16b8cac22d99fc7c124b9cd0de2d3fa1faef420bfe791d8c362d765e2270060405160405180910390a350565b6108ff61189483610b55565b8284612d98565b5f818152600260205260408120546001600160a01b03168061083857604051637e27328960e01b8152600481018490526024016109d2565b610ae28383836001612dfc565b6006546001600160a01b03163314610bb55760405163118cdaa760e01b81523360048201526024016109d2565b5f611918858561398e565b63ffffffff16611928848461387f565b611932878961398e565b63ffffffff1661194291906139aa565b61194c91906139c1565b611956908461381d565b9695505050505050565b5f815f1904831182021561197b5763c4c5d7f55f526004601cfd5b50670de0b6b3a764000091020490565b5f828152600260205260408120546001600160a01b03168015806119b657506001600160a01b038516155b6119d357604051630296227f60e01b815260040160405180910390fd5b6119de858585612f00565b95945050505050565b805f03610d7e57604051635a53a6e960e01b815260040160405180910390fd5b604080516001600160a01b0385811660248301528416604482015260648082018490528251808303909101815260849091019091526020810180516001600160e01b03166323b872dd60e01b179052610937908590612ff2565b6001600160a01b038116610d7e576040516359c662df60e11b815260040160405180910390fd5b600780546001600160a01b0319169055610d7e8161305e565b5f4263ffffffff167f00000000000000000000000000000000000000000000000000000000679e612063ffffffff161115611adc5750600190565b735dcd2315a462f0046641b2118e106fbb47d133d363e091ed9f7f00000000000000000000000000000000000000000000000000000000679e6120426040516001600160e01b031960e085901b16815263ffffffff928316600482015291166024820152604401602060405180830381865af4158015611b5e573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190611b8291906139d4565b611b8d9060016138e3565b905090565b5f7812725dd1d243aba0e75fe645cc4873f9e65afe688c928e1f218311670de0b6b3a764000002158202611bcd5763bcbede655f526004601cfd5b50670de0b6b3a7640000919091020490565b6001600160a01b0381165f90815260106020526040902054819060ff16156108ff57604051637628816760e01b81526001600160a01b0390911660048201526024016109d2565b6001600160a01b038216611c4f57604051633250574960e11b81525f60048201526024016109d2565b5f611c5b83835f61198b565b90506001600160a01b03811615610ae2576040516339e3563760e11b81525f60048201526024016109d2565b5f828152600e60205260409020611c9c611746565b5f611cb6825f01548360020154600b54610997919061387f565b600b546002840181905590915081857fee0b8b0781df81efd732b637fff3a1f3ab388d58bcfe3547eb43bed7ee111695611cef82610b55565b6040516001600160a01b03909116815260200160405180910390a460405163a9059cbb60e01b81526001600160a01b038481166004830152602482018390527f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc2169063a9059cbb906044016020604051808303815f875af1158015611d76573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190611d9a91906138ff565b5050505050565b5f611dad5f835f61198b565b90506001600160a01b0381166108ff57604051637e27328960e01b8152600481018390526024016109d2565b611de1611746565b611df3816706f05b59d3b20000611960565b5f808052600d6020527f81955a0a11e65eac625c29e8882660bae4e165a75d72780094acae8ece9a29ee8054909190611e2d90849061381d565b90915550611e459050816706f05b59d3b20000611960565b60015f908152600d6020527ffd54ff1ed53f34a900b24c5ba64f85761163b5d82d98a47b9bd80e45466993c58054909190611e8190849061381d565b90915550610d7e90506001600160a01b037f000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc216333084611a07565b6008546001600160a01b0316331480611edf57506006546001600160a01b031633145b610bb5576040516371dd489b60e11b815260040160405180910390fd5b6001600160a01b038216611f2e57604051630b61174360e31b81526001600160a01b03831660048201526024016109d2565b6001600160a01b038381165f81815260056020908152604080832094871680845294825291829020805460ff191686151590811790915591519182527f17307eab39ab6107e8899845ad3d59bd9653f200f220920489ca2b5937696c31910160405180910390a3505050565b6001600160a01b0383163b15611d9a57604051630a85bd0160e11b81526001600160a01b0384169063150b7a0290611fdc9088908890879087906004016139ef565b6020604051808303815f875af1925050508015612016575060408051601f3d908101601f1916820190925261201391810190613a21565b60015b61207d573d808015612043576040519150601f19603f3d011682016040523d82523d5f602084013e612048565b606091505b5080515f0361207557604051633250574960e11b81526001600160a01b03851660048201526024016109d2565b805181602001fd5b6001600160e01b03198116630a85bd0160e11b146120b957604051633250574960e11b81526001600160a01b03851660048201526024016109d2565b505050505050565b60605f6120cd836130af565b60010190505f8167ffffffffffffffff8111156120ec576120ec61360a565b6040519080825280601f01601f191660200182016040528015612116576020820181803683370190505b5090508181016020015b5f19016f181899199a1a9b1b9c1cb0b131b232b360811b600a86061a8153600a850494508461212057509392505050565b8063ffffffff16421115610d7e57604051630407b05b60e31b815260040160405180910390fd5b60405163095ea7b360e01b81526001600160a01b037f000000000000000000000000e592427a0aece92de3edee1f18e0157c0586156481166004830152602482018690525f919088169063095ea7b3906044016020604051808303815f875af11580156121e7573d5f5f3e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061220b91906138ff565b506040516bffffffffffffffffffffffff19606089811b821660208401526001600160e81b031960e887901b16603484015288901b1660378201525f90604b0160405160208183030381529060405290505f5f61226a8a8a888b6115a8565b915091505f875f1461227c578761228f565b61228f83836001600160e01b0316611960565b6040805160a08101825286815230602082015263ffffffff891681830152606081018c905260808101839052905163c04b8d5960e01b8152919250907f000000000000000000000000e592427a0aece92de3edee1f18e0157c058615646001600160a01b03169063c04b8d599061230a908490600401613a3c565b6020604051808303815f875af1158015612326573d5f5f3e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061234a9190613a93565b9c9b505050505050505050505050565b604080516060810182525f8082526020820181905291810191909152826001600160a01b0316846001600160a01b03161115612394579192915b50604080516060810182526001600160a01b03948516815292909316602083015262ffffff169181019190915290565b5f81602001516001600160a01b0316825f01516001600160a01b0316106123e9575f5ffd5b815160208084015160408086015181516001600160a01b0395861681860152949092168482015262ffffff90911660608085019190915281518085038201815260808501909252815191909201206001600160f81b031960a08401529085901b6bffffffffffffffffffffffff191660a183015260b58201527fe34f199b19b2b4f47f68442619d555527d244f78a3297ea89325f843f87b8b5460d582015260f50160408051601f1981840301815291905280516020909101209392505050565b5f5f5f836001600160a01b0316633850c7bd6040518163ffffffff1660e01b815260040160e060405180830381865afa1580156124e9573d5f5f3e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061250d9190613abb565b5050509350935050505f8161ffff161161254e5760405162461bcd60e51b81526020600482015260026024820152614e4960f01b60448201526064016109d2565b5f806001600160a01b03861663252c09d78461256b876001613b53565b6125759190613b6d565b6040516001600160e01b031960e084901b16815261ffff9091166004820152602401608060405180830381865afa1580156125b2573d5f5f3e3d5ffd5b505050506040513d601f19601f820116820180604052508101906125d69190613ba1565b9350505091508061264e5760405163252c09d760e01b81525f60048201526001600160a01b0387169063252c09d790602401608060405180830381865afa158015612623573d5f5f3e3d5ffd5b505050506040513d601f19601f820116820180604052508101906126479190613ba1565b5091935050505b611956824261398e565b5f5f8263ffffffff165f036126945760405162461bcd60e51b8152602060048201526002602482015261042560f41b60448201526064016109d2565b6040805160028082526060820183525f9260208301908036833701905050905083815f815181106126c7576126c76137f5565b602002602001019063ffffffff16908163ffffffff16815250505f816001815181106126f5576126f56137f5565b602002602001019063ffffffff16908163ffffffff16815250505f5f866001600160a01b031663883bdbfd846040518263ffffffff1660e01b815260040161273d9190613bf9565b5f60405180830381865afa158015612757573d5f5f3e3d5ffd5b505050506040513d5f823e601f3d908101601f1916820160405261277e9190810190613cd7565b915091505f825f81518110612795576127956137f5565b6020026020010151836001815181106127b0576127b06137f5565b60200260200101516127c29190613d9c565b90505f825f815181106127d7576127d76137f5565b6020026020010151836001815181106127f2576127f26137f5565b602090810291909101015103905063ffffffff88166128118184613dc9565b97505f8360060b128015612830575061282a8184613e05565b60060b15155b15612843578761283f81613e26565b9850505b63ffffffff8916640100000000600160c01b03602084901b1661286d6001600160a01b0383613e47565b6128779190613e78565b9750505050505050509250929050565b5f5f5f8360020b1261289c578260020b6128a3565b8260020b5f035b9050620d89e88111156128c9576040516315e4079d60e11b815260040160405180910390fd5b5f816001165f036128de57600160801b6128f0565b6ffffcb933bd6fad37aa2d162d1a5940015b70ffffffffffffffffffffffffffffffffff1690506002821615612924576ffff97272373d413259a46990580e213a0260801c5b6004821615612943576ffff2e50f5f656932ef12357cf3c7fdcc0260801c5b6008821615612962576fffe5caca7e10e4e61c3624eaa0941cd00260801c5b6010821615612981576fffcb9843d60f6159c9db58835c9266440260801c5b60208216156129a0576fff973b41fa98c081472e6896dfb254c00260801c5b60408216156129bf576fff2ea16466c96a3843ec78b326b528610260801c5b60808216156129de576ffe5dee046a99a2a811c461f1969c30530260801c5b6101008216156129fe576ffcbe86c7900a88aedcffc83b479aa3a40260801c5b610200821615612a1e576ff987a7253ac413176f2b074cf7815e540260801c5b610400821615612a3e576ff3392b0822b70005940c7a398e4b70f30260801c5b610800821615612a5e576fe7159475a2c29b7443b29c7fa6e889d90260801c5b611000821615612a7e576fd097f3bdfd2022b8845ad8f792aa58250260801c5b612000821615612a9e576fa9f746462d870fdf8a65dc1f90e061e50260801c5b614000821615612abe576f70d869a156d2a1b890bb3df62baf32f70260801c5b618000821615612ade576f31be135f97d08fd981231505542fcfa60260801c5b62010000821615612aff576f09aa508b5b7a84e1c677de54f3e99bc90260801c5b62020000821615612b1f576e5d6af8dedb81196699c329225ee6040260801c5b62040000821615612b3e576d2216e584f5fa1ea926041bedfe980260801c5b62080000821615612b5b576b048a170391f7dc42444e8fa20260801c5b5f8460020b1315612b7a57805f1981612b7657612b76613844565b0490505b640100000000810615612b8e576001612b90565b5f5b60ff16602082901c0192505050919050565b5f6fffffffffffffffffffffffffffffffff6001600160a01b03861611612c1e575f612bd860026001600160a01b038816613f89565b9050826001600160a01b0316846001600160a01b031610612c0757612c02600160c01b8683613186565b612c16565b612c168186600160c01b613186565b915050612c7e565b5f612c3c6001600160a01b0387168068010000000000000000613186565b9050826001600160a01b0316846001600160a01b031610612c6b57612c66600160801b8683613186565b612c7a565b612c7a8186600160801b613186565b9150505b949350505050565b805f836001811115612c9a57612c9a613830565b6001811115612cab57612cab613830565b81526020019081526020015f20545f03612cc3575050565b612cda815f846001811115610c4657610c46613830565b600b5f828254612cea919061381d565b909155508190505f836001811115612d0457612d04613830565b6001811115612d1557612d15613830565b81526020019081526020015f2054826001811115612d3557612d35613830565b6040517f6561e54c14520a1109ca3c094be574addf898e575c0712103c2278cf3c31f1a3905f90a35f600d5f846001811115612d7357612d73613830565b6001811115612d8457612d84613830565b815260208101919091526040015f20555050565b612da383838361323c565b610ae2576001600160a01b038316612dd157604051637e27328960e01b8152600481018290526024016109d2565b60405163177e802f60e01b81526001600160a01b0383166004820152602481018290526044016109d2565b8080612e1057506001600160a01b03821615155b15612ed1575f612e1f8461189b565b90506001600160a01b03831615801590612e4b5750826001600160a01b0316816001600160a01b031614155b8015612e5e5750612e5c8184611719565b155b15612e875760405163a9fbf51f60e01b81526001600160a01b03841660048201526024016109d2565b8115612ecf5783856001600160a01b0316826001600160a01b03167f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b92560405160405180910390a45b505b50505f90815260046020526040902080546001600160a01b0319166001600160a01b0392909216919091179055565b5f828152600260205260408120546001600160a01b0390811690831615612f2c57612f2c818486612d98565b6001600160a01b03811615612f6657612f475f855f5f612dfc565b6001600160a01b0381165f90815260036020526040902080545f190190555b6001600160a01b03851615612f94576001600160a01b0385165f908152600360205260409020805460010190555b5f8481526002602052604080822080546001600160a01b0319166001600160a01b0389811691821790925591518793918516917fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef91a4949350505050565b5f5f60205f8451602086015f885af180613011576040513d5f823e3d81fd5b50505f513d91508115613028578060011415613035565b6001600160a01b0384163b155b1561093757604051635274afe760e01b81526001600160a01b03851660048201526024016109d2565b600680546001600160a01b038381166001600160a01b0319831681179093556040519116919082907f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0905f90a35050565b5f8072184f03e93ff9f4daa797ed6e38ed64bf6a1f0160401b83106130ed5772184f03e93ff9f4daa797ed6e38ed64bf6a1f0160401b830492506040015b6d04ee2d6d415b85acef81000000008310613119576d04ee2d6d415b85acef8100000000830492506020015b662386f26fc10000831061313757662386f26fc10000830492506010015b6305f5e100831061314f576305f5e100830492506008015b612710831061316357612710830492506004015b60648310613175576064830492506002015b600a83106108385760010192915050565b5f838302815f1985870982811083820303915050805f036131ba578382816131b0576131b0613844565b04925050506109a6565b8084116131d1576131d1600385150260111861329d565b5f848688095f868103871696879004966002600389028118808a02820302808a02820302808a02820302808a02820302808a02820302808a02909103029181900381900460010186841190950394909402919094039290920491909117919091029150509392505050565b5f6001600160a01b03831615801590612c7e5750826001600160a01b0316846001600160a01b0316148061327557506132758484611719565b80612c7e5750505f908152600460205260409020546001600160a01b03908116911614919050565b634e487b715f52806020526024601cfd5b6001600160e01b031981168114610d7e575f5ffd5b5f602082840312156132d3575f5ffd5b81356109a6816132ae565b5f5b838110156132f85781810151838201526020016132e0565b50505f910152565b5f81518084526133178160208601602086016132de565b601f01601f19169290920160200192915050565b602081525f6109a66020830184613300565b5f6020828403121561334d575f5ffd5b5035919050565b6001600160a01b0381168114610d7e575f5ffd5b5f5f60408385031215613379575f5ffd5b823561338481613354565b946020939093013593505050565b5f5f83601f8401126133a2575f5ffd5b50813567ffffffffffffffff8111156133b9575f5ffd5b6020830191508360208260051b85010111156133d3575f5ffd5b9250929050565b5f5f5f604084860312156133ec575f5ffd5b833567ffffffffffffffff811115613402575f5ffd5b61340e86828701613392565b909450925050602084013561342281613354565b809150509250925092565b8015158114610d7e575f5ffd5b5f5f6040838503121561344b575f5ffd5b823561345681613354565b915060208301356134668161342d565b809150509250929050565b63ffffffff81168114610d7e575f5ffd5b5f5f60408385031215613493575f5ffd5b82359150602083013561346681613471565b5f5f5f606084860312156134b7575f5ffd5b83356134c281613354565b925060208401356134d281613354565b929592945050506040919091013590565b8035600281106134f1575f5ffd5b919050565b5f5f60408385031215613507575f5ffd5b613384836134e3565b5f60208284031215613520575f5ffd5b81356109a681613354565b5f6020828403121561353b575f5ffd5b6109a6826134e3565b5f5f60208385031215613555575f5ffd5b823567ffffffffffffffff81111561356b575f5ffd5b61357785828601613392565b90969095509350505050565b5f5f60408385031215613594575f5ffd5b823561338481613471565b5f5f604083850312156135b0575f5ffd5b82359150602083013561346681613354565b5f5f5f606084860312156135d4575f5ffd5b83356135df81613354565b925060208401356001600160e01b03811681146135fa575f5ffd5b9150604084013561342281613471565b634e487b7160e01b5f52604160045260245ffd5b604051601f8201601f1916810167ffffffffffffffff811182821017156136475761364761360a565b604052919050565b5f5f5f5f60808587031215613662575f5ffd5b843561366d81613354565b9350602085013561367d81613354565b925060408501359150606085013567ffffffffffffffff81111561369f575f5ffd5b8501601f810187136136af575f5ffd5b803567ffffffffffffffff8111156136c9576136c961360a565b6136dc601f8201601f191660200161361e565b8181528860208385010111156136f0575f5ffd5b816020840160208301375f6020838301015280935050505092959194509250565b5f5f5f60608486031215613723575f5ffd5b8335925060208401359150604084013561342281613471565b5f5f5f5f6080858703121561374f575f5ffd5b843561375a81613354565b9350602085013561376a81613354565b9250604085013562ffffff81168114613781575f5ffd5b9396929550929360600135925050565b5f5f604083850312156137a2575f5ffd5b82356137ad81613354565b9150602083013561346681613354565b600181811c908216806137d157607f821691505b6020821081036137ef57634e487b7160e01b5f52602260045260245ffd5b50919050565b634e487b7160e01b5f52603260045260245ffd5b634e487b7160e01b5f52601160045260245ffd5b8082018082111561083857610838613809565b634e487b7160e01b5f52602160045260245ffd5b634e487b7160e01b5f52601260045260245ffd5b5f63ffffffff83168061386d5761386d613844565b8063ffffffff84160491505092915050565b8181038181111561083857610838613809565b5f63ffffffff8316806138a7576138a7613844565b8063ffffffff84160691505092915050565b5f6001600160601b0382166001600160601b0381036138da576138da613809565b60010192915050565b63ffffffff818116838216019081111561083857610838613809565b5f6020828403121561390f575f5ffd5b81516109a68161342d565b5f835161392b8184602088016132de565b83519083019061393f8183602088016132de565b01949350505050565b67ffffffffffffffff828116828216039081111561083857610838613809565b63ffffffff818116838216029081169081811461398757613987613809565b5092915050565b63ffffffff828116828216039081111561083857610838613809565b808202811582820484141761083857610838613809565b5f826139cf576139cf613844565b500490565b5f602082840312156139e4575f5ffd5b81516109a681613471565b6001600160a01b03858116825284166020820152604081018390526080606082018190525f9061195690830184613300565b5f60208284031215613a31575f5ffd5b81516109a6816132ae565b602081525f825160a06020840152613a5760c0840182613300565b905060018060a01b0360208501511660408401526040840151606084015260608401516080840152608084015160a08401528091505092915050565b5f60208284031215613aa3575f5ffd5b5051919050565b805161ffff811681146134f1575f5ffd5b5f5f5f5f5f5f5f60e0888a031215613ad1575f5ffd5b8751613adc81613354565b8097505060208801518060020b8114613af3575f5ffd5b9550613b0160408901613aaa565b9450613b0f60608901613aaa565b9350613b1d60808901613aaa565b925060a088015160ff81168114613b32575f5ffd5b60c0890151909250613b438161342d565b8091505092959891949750929550565b61ffff818116838216019081111561083857610838613809565b5f61ffff831680613b8057613b80613844565b8061ffff84160691505092915050565b8051600681900b81146134f1575f5ffd5b5f5f5f5f60808587031215613bb4575f5ffd5b8451613bbf81613471565b9350613bcd60208601613b90565b92506040850151613bdd81613354565b6060860151909250613bee8161342d565b939692955090935050565b602080825282518282018190525f918401906040840190835b81811015613c3657835163ffffffff16835260209384019390920191600101613c12565b509095945050505050565b5f67ffffffffffffffff821115613c5a57613c5a61360a565b5060051b60200190565b5f82601f830112613c73575f5ffd5b8151613c86613c8182613c41565b61361e565b8082825260208201915060208360051b860101925085831115613ca7575f5ffd5b602085015b83811015613ccd578051613cbf81613354565b835260209283019201613cac565b5095945050505050565b5f5f60408385031215613ce8575f5ffd5b825167ffffffffffffffff811115613cfe575f5ffd5b8301601f81018513613d0e575f5ffd5b8051613d1c613c8182613c41565b8082825260208201915060208360051b850101925087831115613d3d575f5ffd5b6020840193505b82841015613d6657613d5584613b90565b825260209384019390910190613d44565b80955050505050602083015167ffffffffffffffff811115613d86575f5ffd5b613d9285828601613c64565b9150509250929050565b600682810b9082900b03667fffffffffffff198112667fffffffffffff8213171561083857610838613809565b5f8160060b8360060b80613ddf57613ddf613844565b667fffffffffffff1982145f1982141615613dfc57613dfc613809565b90059392505050565b5f8260060b80613e1757613e17613844565b808360060b0791505092915050565b5f8160020b627fffff198103613e3e57613e3e613809565b5f190192915050565b6001600160c01b03818116838216818102909216918183048114821517613e7057613e70613809565b505092915050565b5f6001600160c01b03831680613e9057613e90613844565b6001600160c01b03929092169190910492915050565b6001815b6001841115613ee157808504811115613ec557613ec5613809565b6001841615613ed357908102905b60019390931c928002613eaa565b935093915050565b5f82613ef757506001610838565b81613f0357505f610838565b8160018114613f195760028114613f2357613f3f565b6001915050610838565b60ff841115613f3457613f34613809565b50506001821b610838565b5060208310610133831016604e8410600b8410161715613f62575081810a610838565b613f6e5f198484613ea6565b805f1904821115613f8157613f81613809565b029392505050565b5f6109a660ff841683613ee956fea264697066735822122016ba797b731c92ecbb98842a19baa3c750c87a9c6f336b5ad9b5844b151f6fa264736f6c634300081b0033
Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)
00000000000000000000000000000000000000000000000000000000679e6120000000000000000000000000af0db65b7296c02ab043f5cb17300c8ee949f247000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc2000000000000000000000000e592427a0aece92de3edee1f18e0157c058615640000000000000000000000001f98431c8ad98523631ae4a59f267346ea31f9840000000000000000000000005da227386e0fd73329fe3923394913eca3a624f7
-----Decoded View---------------
Arg [0] : _startTimestamp (uint32): 1738432800
Arg [1] : _shaolin (address): 0xAF0db65B7296c02ab043F5Cb17300c8EE949F247
Arg [2] : _weth (address): 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2
Arg [3] : _params (tuple): System.Collections.Generic.List`1[Nethereum.ABI.FunctionEncoding.ParameterOutput]
-----Encoded View---------------
6 Constructor Arguments found :
Arg [0] : 00000000000000000000000000000000000000000000000000000000679e6120
Arg [1] : 000000000000000000000000af0db65b7296c02ab043f5cb17300c8ee949f247
Arg [2] : 000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc2
Arg [3] : 000000000000000000000000e592427a0aece92de3edee1f18e0157c05861564
Arg [4] : 0000000000000000000000001f98431c8ad98523631ae4a59f267346ea31f984
Arg [5] : 0000000000000000000000005da227386e0fd73329fe3923394913eca3a624f7
Loading...
Loading
Loading...
Loading
Multichain Portfolio | 31 Chains
| Chain | Token | Portfolio % | Price | Amount | Value |
|---|---|---|---|---|---|
| ETH | 100.00% | $2,290.77 | 1.9186 | $4,395.09 |
Loading...
Loading
[ Download: CSV Export ]
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.