Contract Source Code:
pragma solidity ^0.8.20;
import '@uniswap/v2-periphery/contracts/interfaces/IUniswapV2Router02.sol';
import "@uniswap/v2-core/contracts/interfaces/IUniswapV2Factory.sol";
import '@uniswap/v2-core/contracts/interfaces/IUniswapV2Pair.sol';
import '@openzeppelin/contracts/security/ReentrancyGuard.sol';
import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import "./interfaces/IFARM.sol";
/**
*
* .d8888b. d8b 888 .d8888b. d8b
* d88P Y88b Y8P 888 d88P Y88b Y8P
* Y88b. 888 888 888
* "Y888b. 888 88888b.d88b. 88888b. 888 .d88b. 888 888d888 8888b. 888 88888b. .d88b. 888d888 .d88b.
* "Y88b. 888 888 "888 "88b 888 "88b 888 d8P Y8b 888 88888 888P" "88b 888 888 "88b d88""88b 888P" d88P"88b
* "888 888 888 888 888 888 888 888 88888888 888 888 888 .d888888 888 888 888 888 888 888 888 888
* Y88b d88P 888 888 888 888 888 d88P 888 Y8b. Y88b d88P 888 888 888 888 888 888 d8b Y88..88P 888 Y88b 888
* "Y8888P" 888 888 888 888 88888P" 888 "Y8888 "Y8888P88 888 "Y888888 888 888 888 Y8P "Y88P" 888 "Y88888
* 888 888
* 888 Y8b d88P
* 888 "Y88P"
*/
/**
* @title RICE contract
* @dev Extends ERC20. Implements a bonding mechanism and liquidity provisioning
*/
contract RICE is ERC20, ReentrancyGuard {
IUniswapV2Router02 public router;
uint256 public constant PRECISION = 10**18;
uint256 public constant LIQUIDITY_PERCENT = 10;
uint256 public constant TOTAL_SUPPLY = 111_111_111_111_111 * 10**18;
// 20% held for future farming initiatives
uint256 public constant FARM_SUPPLY = (TOTAL_SUPPLY * 20) / 100;
// 40% to be distributed to bonders
uint256 public constant BONDING_SUPPLY = (TOTAL_SUPPLY * 40) / 100;
uint256 public tokensPerSecond;
uint256 public bondingPeriod;
address public uniswapPair;
struct Bond {
uint256 previouslyAllocated;
uint256 amount;
bool claimed;
}
mapping(address => Bond) public bonds;
uint256 public bondingStartTime;
uint256 public bondingEndTime;
uint256 public totalTokensPerBond;
uint256 public lastBondedAt;
uint256 public totalBonded;
address public farm;
bool public liquidityDeployed;
event Bonded(address indexed user, uint256 amount);
event LiquidityAdded(uint256 tokenAmount, uint256 ethAmount);
event EmergencyClaim(address indexed user, uint256 ethAmount);
event Claim(address indexed user, uint256 amount, uint256 ethAmount);
/**
* @dev Constructor function
* Sets up the initial settings for the RICE contract.
* Assigns the farm address
*/
constructor(uint256 _bondingPeriod, address _farm, address _router) ERC20("Simple Grain", "RICE") {
farm = _farm;
bondingPeriod = _bondingPeriod;
router = IUniswapV2Router02(_router);
tokensPerSecond = PRECISION * BONDING_SUPPLY / bondingPeriod;
}
/**
* @notice Gets the total supply of the token.
* @return uint256 The total supply.
*/
function totalSupply() public view virtual override returns (uint256) {
return TOTAL_SUPPLY;
}
/**
* @notice Gets various information about the contract and optionally about a specific user.
* @param user The address of the user for which to get info.
* Pass the zero address to only retrieve contract-wide info.
* @return uint256[5] An array containing:
* - totalBonded: The total amount bonded.
* - bondingStartTime: The start time of bonding.
* - bondingEndTime: The end time of bonding.
* - tokensPerSecond: The rate of token distribution.
* - totalSupply: The total supply of RICE.
* - user's bonded amount (or 0 if user == address(0)).
* - allocatedAmount for the user (or 0 if user == address(0)).
* - claimed indicator for user (1 if claimed, 0 if unclaimed or if user == address(0)).
*/
function getInfo(address user) public view returns (uint256[9] memory) {
uint256[9] memory info;
info[0] = totalBonded;
info[1] = bondingStartTime;
info[2] = bondingEndTime;
info[3] = tokensPerSecond;
info[4] = totalSupply();
info[5] = block.timestamp;
if (user != address(0)) {
info[6] = bonds[user].amount;
info[7] = allocatedAmount(user);
info[8] = bonds[user].claimed ? 1 : 0;
}
return info;
}
/**
* @dev Starts the bonding process by setting start and end times
* This is a private function called when the first bond() call is made
*/
function startBonding() private {
bondingStartTime = block.timestamp;
bondingEndTime = bondingStartTime + bondingPeriod;
}
/**
* @dev Returns time since the start of the bonding period
* @return Time elapsed since bondingStartTime
*/
function timeSinceStart() public view returns (uint256) {
return block.timestamp - bondingStartTime;
}
/**
* @dev Lets a user bond ETH to the contract, beginning the bonding process if not started
* Each user can only bond once, and bonding is not allowed after the bonding period has ended
*/
function bond() public payable nonReentrant {
if (bondingStartTime == 0) startBonding();
require(block.timestamp <= bondingEndTime, "Bonding period has ended");
require(bonds[msg.sender].amount == 0, "Can only bond once");
require(msg.value > 0, "Cannot bond zero eth");
if (lastBondedAt > 0) {
uint256 elapsedTime = block.timestamp - lastBondedAt;
totalTokensPerBond += elapsedTime * tokensPerSecond / totalBonded;
}
bonds[msg.sender] = Bond({
previouslyAllocated: totalTokensPerBond,
amount: msg.value,
claimed: false
});
totalBonded += msg.value;
lastBondedAt = block.timestamp;
emit Bonded(msg.sender, msg.value);
}
/**
* @dev Allows a user to claim their bonded ETH and minted RICE tokens after the bonding period has ended
* Also deploys liquidity if it has not yet been deployed
*/
function claim() external nonReentrant {
if (!liquidityDeployed) deployLiquidity();
Bond storage userBond = bonds[msg.sender];
require(!userBond.claimed, "Already claimed");
userBond.claimed = true;
uint256 amount = allocatedAmount(msg.sender);
uint256 ethAmount = userBond.amount * 90 / 100;
_mint(msg.sender, amount);
payable(msg.sender).transfer(ethAmount);
emit Claim(msg.sender, amount, ethAmount);
}
/**
* @dev Calculates the current allocation period
* @return The current time period for which tokens have been allocated
*/
function currentAllocationPeriod() public view returns (uint256) {
if (bondingEndTime < block.timestamp)
return bondingEndTime - lastBondedAt;
else return block.timestamp - lastBondedAt;
}
/**
* @dev Calculates the amount of tokens allocated to a user
* @param user Address of the user
* @return The amount of tokens allocated to the user
*/
function allocatedAmount(address user) public view returns (uint256) {
// A user's allocated amount is determined by their proportional ownership over each given period.
// Each time a new user bonds, the ownership of all previous bonder's ownership ratio will change,
// thus starting a new period. Giving each period p_i, from p_0 to p_n, each user's allocation can
// be computed as:
//
// allocation(user, p_n) = ownership(user, p_0) * tokensPerPeriod(p_0) + ... + ownership(user, p_n) * tokensPerPeriod(p_n)
//
// where
// ownership(user, p_i) = amountBonded(user, p_i) / totalBonded(p_i)
//
// and
// tokensPerPeriod(p_i) = tokensAllocatedPerSecond * periodLengthInSeconds(p_i)
//
// thus
// allocation(user, p_n) = (amountBonded(user, p_0) / totalBonded(p_0)) * periodLengthInSeconds(p_0) * tokensAllocatedPerSecond + ... +
// (amountBonded(user, p_n) / totalBonded(p_n)) * periodLengthInSeconds(p_n) * tokensAllocatedPerSecond
//
// if we ascribe
// tokensPerBond(p_i) = periodLengthInSeconds(p_i) * tokensAllocatedPerSecond / totalBonded(p_i)
// then
// allocation(user, p_n) = amountBonded(user, p_0) * tokensPerBond(p_0) + ... + amountBonded(user, p_0) * tokensPerBond(p_n)
//
// since we know that amountBonded(user, p_i) only changes once, from zero to amountBonded(user, p_j),
// where p_j is the bonding period started by the user, we can say
// bonds[user].amount = amountBonded(user, p_j)
//
// and
// allocation(user, p_n) = bonds[user].amount * (tokensPerBond(p_j) + ... + tokensPerBond(p_n))
// which, if we say k=j-1, is the same as:
// allocation(user, p_n) = bonds[user].amount * ((tokensPerBond(p_0) + ... + tokensPerBond(p_n)) - (tokensPerBond(p_0) + ... + tokensPerBond(p_k)))
//
// in our code, for each user at the time of bond j, we increment
// totalTokensPerBond += tokensPerBond(p_j)
// and we store
// bonds[user].previouslyAllocated = totalTokensPerBond
//
// then at any moment,
// allocation(user) = bonds[user].amount * (totalTokensPerBond - bonds[user].previouslyAllocated)
//
// Since this only accounts for the first bond, up until the time when a new bond is made, we must also
// add the tokens from the currentAllocation period, which is the number of seconds between lastBondedAt
// and min(bondingEndTime, block.timestamp), multiplied by tokensPerSecond and the user's ownership ratio
if (totalBonded == 0) return 0;
uint256 currentAllocation = currentAllocationPeriod() * tokensPerSecond * bonds[user].amount / totalBonded;
uint256 previousAllocation = bonds[user].amount * (totalTokensPerBond - bonds[user].previouslyAllocated);
return (previousAllocation + currentAllocation) / PRECISION;
}
/**
* @dev Adds liquidity to the Uniswap pool after the bonding period has ended
* Liquidity is added with the remaining bonded ETH and newly minted RICE tokens
*/
function deployLiquidity() private {
require(block.timestamp > bondingEndTime, "Bonding period is not over yet");
require(!liquidityDeployed, "liquidity has already been deployed");
liquidityDeployed = true;
uint256 liquidityEthAmount = totalBonded * LIQUIDITY_PERCENT / 100;
uint256 tokensToDeploy = TOTAL_SUPPLY - FARM_SUPPLY - BONDING_SUPPLY;
_mint(address(this), tokensToDeploy);
_approve(address(this), address(router), tokensToDeploy);
router.addLiquidityETH{value: liquidityEthAmount}(
address(this), tokensToDeploy,
0, 0, address(0), block.timestamp
);
_mint(farm, FARM_SUPPLY);
address weth = router.WETH();
IUniswapV2Factory factory = IUniswapV2Factory(router.factory());
uniswapPair = factory.getPair(address(this), weth);
if (uniswapPair == address(0))
uniswapPair = factory.createPair(address(this), weth);
IFARM(farm).activateRewards(uniswapPair, weth, address(router));
emit LiquidityAdded(tokensToDeploy, liquidityEthAmount);
}
/**
* @dev Returns the full amount of deposited ETH to the user along with zero RICE tokens.
* This function can only be used in the extremely unlikely emergency scenario where
* liquidity is not deployed within 24 hours of the bonding period ending. As written,
* it should be impossible for this function to ever be used; however, if something
* unforeseen fails within the external liquidity deployment contract, this emergency
* function will protect against a state where bonded Ethereum is locked forever.
*/
function emergencyClaim() public nonReentrant {
require(block.timestamp > bondingEndTime + (1 days), "emergency claim not allowed until 1 day after the bonding period ends");
require(!liquidityDeployed, "liquidity has been deployed succesfully, emergency claim will never be possible");
Bond storage userBond = bonds[msg.sender];
require(!userBond.claimed, "Already claimed");
userBond.claimed = true;
uint256 ethAmount = userBond.amount;
payable(msg.sender).transfer(ethAmount);
emit EmergencyClaim(msg.sender, ethAmount);
}
}
pragma solidity ^0.8.20;
interface IFARM {
function activateRewards(address _uniswapPair, address _weth, address _router) external;
}
pragma solidity >=0.6.2;
import './IUniswapV2Router01.sol';
interface IUniswapV2Router02 is IUniswapV2Router01 {
function removeLiquidityETHSupportingFeeOnTransferTokens(
address token,
uint liquidity,
uint amountTokenMin,
uint amountETHMin,
address to,
uint deadline
) external returns (uint amountETH);
function removeLiquidityETHWithPermitSupportingFeeOnTransferTokens(
address token,
uint liquidity,
uint amountTokenMin,
uint amountETHMin,
address to,
uint deadline,
bool approveMax, uint8 v, bytes32 r, bytes32 s
) external returns (uint amountETH);
function swapExactTokensForTokensSupportingFeeOnTransferTokens(
uint amountIn,
uint amountOutMin,
address[] calldata path,
address to,
uint deadline
) external;
function swapExactETHForTokensSupportingFeeOnTransferTokens(
uint amountOutMin,
address[] calldata path,
address to,
uint deadline
) external payable;
function swapExactTokensForETHSupportingFeeOnTransferTokens(
uint amountIn,
uint amountOutMin,
address[] calldata path,
address to,
uint deadline
) external;
}
pragma solidity >=0.6.2;
interface IUniswapV2Router01 {
function factory() external pure returns (address);
function WETH() external pure returns (address);
function addLiquidity(
address tokenA,
address tokenB,
uint amountADesired,
uint amountBDesired,
uint amountAMin,
uint amountBMin,
address to,
uint deadline
) external returns (uint amountA, uint amountB, uint liquidity);
function addLiquidityETH(
address token,
uint amountTokenDesired,
uint amountTokenMin,
uint amountETHMin,
address to,
uint deadline
) external payable returns (uint amountToken, uint amountETH, uint liquidity);
function removeLiquidity(
address tokenA,
address tokenB,
uint liquidity,
uint amountAMin,
uint amountBMin,
address to,
uint deadline
) external returns (uint amountA, uint amountB);
function removeLiquidityETH(
address token,
uint liquidity,
uint amountTokenMin,
uint amountETHMin,
address to,
uint deadline
) external returns (uint amountToken, uint amountETH);
function removeLiquidityWithPermit(
address tokenA,
address tokenB,
uint liquidity,
uint amountAMin,
uint amountBMin,
address to,
uint deadline,
bool approveMax, uint8 v, bytes32 r, bytes32 s
) external returns (uint amountA, uint amountB);
function removeLiquidityETHWithPermit(
address token,
uint liquidity,
uint amountTokenMin,
uint amountETHMin,
address to,
uint deadline,
bool approveMax, uint8 v, bytes32 r, bytes32 s
) external returns (uint amountToken, uint amountETH);
function swapExactTokensForTokens(
uint amountIn,
uint amountOutMin,
address[] calldata path,
address to,
uint deadline
) external returns (uint[] memory amounts);
function swapTokensForExactTokens(
uint amountOut,
uint amountInMax,
address[] calldata path,
address to,
uint deadline
) external returns (uint[] memory amounts);
function swapExactETHForTokens(uint amountOutMin, address[] calldata path, address to, uint deadline)
external
payable
returns (uint[] memory amounts);
function swapTokensForExactETH(uint amountOut, uint amountInMax, address[] calldata path, address to, uint deadline)
external
returns (uint[] memory amounts);
function swapExactTokensForETH(uint amountIn, uint amountOutMin, address[] calldata path, address to, uint deadline)
external
returns (uint[] memory amounts);
function swapETHForExactTokens(uint amountOut, address[] calldata path, address to, uint deadline)
external
payable
returns (uint[] memory amounts);
function quote(uint amountA, uint reserveA, uint reserveB) external pure returns (uint amountB);
function getAmountOut(uint amountIn, uint reserveIn, uint reserveOut) external pure returns (uint amountOut);
function getAmountIn(uint amountOut, uint reserveIn, uint reserveOut) external pure returns (uint amountIn);
function getAmountsOut(uint amountIn, address[] calldata path) external view returns (uint[] memory amounts);
function getAmountsIn(uint amountOut, address[] calldata path) external view returns (uint[] memory amounts);
}
pragma solidity >=0.5.0;
interface IUniswapV2Pair {
event Approval(address indexed owner, address indexed spender, uint value);
event Transfer(address indexed from, address indexed to, uint value);
function name() external pure returns (string memory);
function symbol() external pure returns (string memory);
function decimals() external pure returns (uint8);
function totalSupply() external view returns (uint);
function balanceOf(address owner) external view returns (uint);
function allowance(address owner, address spender) external view returns (uint);
function approve(address spender, uint value) external returns (bool);
function transfer(address to, uint value) external returns (bool);
function transferFrom(address from, address to, uint value) external returns (bool);
function DOMAIN_SEPARATOR() external view returns (bytes32);
function PERMIT_TYPEHASH() external pure returns (bytes32);
function nonces(address owner) external view returns (uint);
function permit(address owner, address spender, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external;
event Mint(address indexed sender, uint amount0, uint amount1);
event Burn(address indexed sender, uint amount0, uint amount1, address indexed to);
event Swap(
address indexed sender,
uint amount0In,
uint amount1In,
uint amount0Out,
uint amount1Out,
address indexed to
);
event Sync(uint112 reserve0, uint112 reserve1);
function MINIMUM_LIQUIDITY() external pure returns (uint);
function factory() external view returns (address);
function token0() external view returns (address);
function token1() external view returns (address);
function getReserves() external view returns (uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast);
function price0CumulativeLast() external view returns (uint);
function price1CumulativeLast() external view returns (uint);
function kLast() external view returns (uint);
function mint(address to) external returns (uint liquidity);
function burn(address to) external returns (uint amount0, uint amount1);
function swap(uint amount0Out, uint amount1Out, address to, bytes calldata data) external;
function skim(address to) external;
function sync() external;
function initialize(address, address) external;
}
pragma solidity >=0.5.0;
interface IUniswapV2Factory {
event PairCreated(address indexed token0, address indexed token1, address pair, uint);
function feeTo() external view returns (address);
function feeToSetter() external view returns (address);
function getPair(address tokenA, address tokenB) external view returns (address pair);
function allPairs(uint) external view returns (address pair);
function allPairsLength() external view returns (uint);
function createPair(address tokenA, address tokenB) external returns (address pair);
function setFeeTo(address) external;
function setFeeToSetter(address) external;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*
* _Available since v4.1._
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 amount) external returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.0;
import "./IERC20.sol";
import "./extensions/IERC20Metadata.sol";
import "../../utils/Context.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* The default value of {decimals} is 18. To change this, you should override
* this function so it returns a different value.
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20 is Context, IERC20, IERC20Metadata {
mapping(address => uint256) private _balances;
mapping(address => mapping(address => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual override returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual override returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the default value returned by this function, unless
* it's overridden.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual override returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address to, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_transfer(owner, to, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual override returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_approve(owner, spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
* - the caller must have allowance for ``from``'s tokens of at least
* `amount`.
*/
function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, amount);
_transfer(from, to, amount);
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, allowance(owner, spender) + addedValue);
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
address owner = _msgSender();
uint256 currentAllowance = allowance(owner, spender);
require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
unchecked {
_approve(owner, spender, currentAllowance - subtractedValue);
}
return true;
}
/**
* @dev Moves `amount` of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
*/
function _transfer(address from, address to, uint256 amount) internal virtual {
require(from != address(0), "ERC20: transfer from the zero address");
require(to != address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(from, to, amount);
uint256 fromBalance = _balances[from];
require(fromBalance >= amount, "ERC20: transfer amount exceeds balance");
unchecked {
_balances[from] = fromBalance - amount;
// Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by
// decrementing then incrementing.
_balances[to] += amount;
}
emit Transfer(from, to, amount);
_afterTokenTransfer(from, to, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply += amount;
unchecked {
// Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
_balances[account] += amount;
}
emit Transfer(address(0), account, amount);
_afterTokenTransfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
uint256 accountBalance = _balances[account];
require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
unchecked {
_balances[account] = accountBalance - amount;
// Overflow not possible: amount <= accountBalance <= totalSupply.
_totalSupply -= amount;
}
emit Transfer(account, address(0), amount);
_afterTokenTransfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(address owner, address spender, uint256 amount) internal virtual {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `amount`.
*
* Does not update the allowance amount in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Might emit an {Approval} event.
*/
function _spendAllowance(address owner, address spender, uint256 amount) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
require(currentAllowance >= amount, "ERC20: insufficient allowance");
unchecked {
_approve(owner, spender, currentAllowance - amount);
}
}
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(address from, address to, uint256 amount) internal virtual {}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* has been transferred to `to`.
* - when `from` is zero, `amount` tokens have been minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens have been burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _afterTokenTransfer(address from, address to, uint256 amount) internal virtual {}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (security/ReentrancyGuard.sol)
pragma solidity ^0.8.0;
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant _NOT_ENTERED = 1;
uint256 private constant _ENTERED = 2;
uint256 private _status;
constructor() {
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be _NOT_ENTERED
require(_status != _ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
/**
* @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
* `nonReentrant` function in the call stack.
*/
function _reentrancyGuardEntered() internal view returns (bool) {
return _status == _ENTERED;
}
}