Contract Name:
RewardToken
Contract Source Code:
// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity ^0.8.0;
import {ERC20WrapperLocked} from "../implementation/ERC20WrapperLocked.sol";
/// @title RewardToken
/// @custom:security-contact [email protected]
/// @author Euler Labs (https://www.eulerlabs.com/)
/// @notice A wrapper for locked ERC20 tokens that can be withdrawn as per the lock schedule.
/// @dev This contract implements a specific unlock schedule for reward tokens. Tokens are unlocked over a 180-day
/// period. 20% is unlocked immediately, and the remaining 80% unlocks linearly over 6 months, reaching full unlock at
/// maturity. The linear unlock starts LOCK_NORMALIZATION_FACTOR after the lock is created.
contract RewardToken is ERC20WrapperLocked {
/// @notice Constructor for RewardToken
/// @param _evc Address of the Ethereum Vault Connector
/// @param _owner Address of the contract owner
/// @param _receiver Address of the receiver
/// @param _underlying Address of the underlying ERC20 token
/// @param _name Name of the reward token
/// @param _symbol Symbol of the reward token
constructor(
address _evc,
address _owner,
address _receiver,
address _underlying,
string memory _name,
string memory _symbol
) ERC20WrapperLocked(_evc, _owner, _receiver, _underlying, _name, _symbol) {}
/// @notice Calculates the share of tokens that can be unlocked based on the lock timestamp
/// @param lockTimestamp The timestamp when the tokens were locked
/// @return The share of tokens that can be freely unlocked (in basis points)
function _calculateUnlockShare(uint256 lockTimestamp) internal view virtual override returns (uint256) {
if (lockTimestamp > block.timestamp) return 0;
unchecked {
uint256 timeElapsed = block.timestamp - lockTimestamp;
if (timeElapsed <= LOCK_NORMALIZATION_FACTOR) {
return 0.2e18;
} else if (timeElapsed >= 180 days) {
return SCALE;
} else {
return
(timeElapsed - LOCK_NORMALIZATION_FACTOR) * 0.8e18 / (180 days - LOCK_NORMALIZATION_FACTOR) + 0.2e18;
}
}
}
}
// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity ^0.8.0;
import {ERC20Wrapper, ERC20, IERC20, SafeERC20} from "openzeppelin-contracts/token/ERC20/extensions/ERC20Wrapper.sol";
import {Ownable, Context} from "openzeppelin-contracts/access/Ownable.sol";
import {EnumerableMap} from "openzeppelin-contracts/utils/structs/EnumerableMap.sol";
import {EVCUtil} from "ethereum-vault-connector/utils/EVCUtil.sol";
/// @title ERC20WrapperLocked
/// @custom:security-contact [email protected]
/// @author Euler Labs (https://www.eulerlabs.com/)
/// @notice A wrapper for locked ERC20 tokens that can be withdrawn as per the lock schedule.
/// @dev Regular wrapping (`depositFor`), unwrapping (`withdrawTo`) are only supported for whitelisted callers with
/// an ADMIN whitelist status. Regular ERC20 `transfer` and `transferFrom` are only supported between two whitelisted
/// accounts. Under other circumstances, conditions apply; look at the `_update` function. If the account balance is
/// non-whitelisted, their tokens can only be withdrawn as per the lock schedule and the remainder of the amount is
/// transferred to the receiver address configured. If the account has a DISTRIBUTOR whitelist status, their tokens
/// cannot be unwrapped by them, but in order to be unwrapped, they can only be transferred to the account that is not
/// whitelisted and become a subject to the locking schedule or transferred to the account with an ADMIN whitelist
/// status. A whitelisted account can always degrade their whitelist status and become a subject to the locking
/// schedule.
/// @dev Avoid giving an ADMIN whitelist status to untrusted addresses. They can be used by non-whitelisted accounts and
/// accounts with the DISTRIBUTOR whitelist status to avoid the lock schedule.
/// @dev Avoid giving approvals to untrusted spenders. If approved by both a whitelisted account and a non-whitelisted
/// account, they can reset the non-whitelisted account's lock schedule.
/// @dev The wrapped token is assumed to be well behaved, including not rebasing, not attempting to re-enter this
/// wrapper contract, and not presenting any other weird behavior.
abstract contract ERC20WrapperLocked is EVCUtil, Ownable, ERC20Wrapper {
using EnumerableMap for EnumerableMap.UintToUintMap;
using SafeERC20 for IERC20;
/// @notice The factor used to normalize lock timestamps to daily intervals
/// @dev This constant is used to round down timestamps to the nearest day when creating locks
uint256 internal constant LOCK_NORMALIZATION_FACTOR = 1 days;
/// @notice Scaling factor for percentage calculations
uint256 internal constant SCALE = 1e18;
/// @notice Constant representing no whitelist status
uint256 public constant WHITELIST_STATUS_NONE = 0;
/// @notice Constant representing admin whitelist status
uint256 public constant WHITELIST_STATUS_ADMIN = 1;
/// @notice Constant representing distributor whitelist status
uint256 public constant WHITELIST_STATUS_DISTRIBUTOR = 2;
/// @notice Address that will receive the remainder of the tokens after the lock schedule is applied. If zero
/// address, the remainder of the tokens will be sent to the owner.
address public remainderReceiver;
/// @notice Mapping to store whitelist status of an addresses
mapping(address => uint256) public whitelistStatus;
/// @notice Mapping to store locked token amount for each address and normalized lock timestamp
mapping(address => EnumerableMap.UintToUintMap) internal lockedAmounts;
/// @notice Emitted when the remainder receiver address is set or changed
/// @param remainderReceiver The address of the new remainder receiver
event RemainderReceiverSet(address indexed remainderReceiver);
/// @notice Emitted when an account's whitelist status changes
/// @param account The address of the account
/// @param status The new whitelist status
event WhitelistStatusSet(address indexed account, uint256 status);
/// @notice Emitted when a new lock is created for an account
/// @param account The address of the account for which the lock was created
/// @param lockTimestamp The normalized timestamp of the created lock
event LockCreated(address indexed account, uint256 lockTimestamp);
/// @notice Emitted when a lock is removed for an account
/// @param account The address of the account for which the lock was removed
/// @param lockTimestamp The normalized timestamp of the removed lock
event LockRemoved(address indexed account, uint256 lockTimestamp);
/// @notice Error thrown when an invalid whitelist status is provided
error InvalidWhitelistStatus();
/// @notice Thrown when the remainder loss is not allowed but the calculated remainder amount is non-zero
error RemainderLossNotAllowed();
/// @notice Modifier to restrict function access to the whitelisted addresses
/// @param account The address to check for whitelist status
modifier onlyWhitelisted(address account) {
if (whitelistStatus[account] == WHITELIST_STATUS_NONE) revert NotAuthorized();
_;
}
/// @notice Modifier to restrict function access to the whitelisted ADMIN addresses
/// @param account The address to check for whitelist status
modifier onlyWhitelistedAdmin(address account) {
if (whitelistStatus[account] != WHITELIST_STATUS_ADMIN) revert NotAuthorized();
_;
}
/// @notice Constructor for ERC20WrapperLocked
/// @param _evc Address of the Ethereum Vault Connector
/// @param _owner Address of the contract owner
/// @param _remainderReceiver Address that will receive the remainder of the tokens after the lock schedule is
/// applied. If zero address, the remainder of the tokens will be sent to the owner.
/// @param _underlying Address of the underlying ERC20 token
/// @param _name Name of the wrapper token
/// @param _symbol Symbol of the wrapper token
constructor(
address _evc,
address _owner,
address _remainderReceiver,
address _underlying,
string memory _name,
string memory _symbol
) EVCUtil(_evc) Ownable(_owner) ERC20Wrapper(IERC20(_underlying)) ERC20(_name, _symbol) {
remainderReceiver = _remainderReceiver;
emit RemainderReceiverSet(_remainderReceiver);
}
/// @notice Disables the ability to renounce ownership of the contract
function renounceOwnership() public pure override {
revert NotAuthorized();
}
/// @notice Transfers ownership of the contract to a new account (`newOwner`). Can only be called by the current
/// owner.
/// @param newOwner The address of the new owner
function transferOwnership(address newOwner) public virtual override onlyEVCAccountOwner {
super.transferOwnership(newOwner);
}
/// @notice Sets a new remainder receiver address
/// @param _remainderReceiver The address of the new remainder receiver. If zero address, the remainder of the
/// tokens
function setRemainderReceiver(address _remainderReceiver) public onlyEVCAccountOwner onlyOwner {
if (remainderReceiver != _remainderReceiver) {
remainderReceiver = _remainderReceiver;
emit RemainderReceiverSet(_remainderReceiver);
}
}
/// @notice Sets the whitelist status for a specified account
/// @param account The address to set the whitelist status for
/// @param status The new whitelist status to set
function setWhitelistStatus(address account, uint256 status) public onlyEVCAccountOwner onlyOwner {
if (whitelistStatus[account] != status) _setWhitelistStatus(account, status);
}
/// @notice Allows a whitelisted account to degrade its own whitelist status
/// @param status The new whitelist status to set
function setWhitelistStatus(uint256 status) public onlyWhitelisted(_msgSender()) {
address account = _msgSender();
if (whitelistStatus[account] != status) {
if (status == WHITELIST_STATUS_ADMIN) {
revert NotAuthorized();
} else {
_setWhitelistStatus(account, status);
}
}
}
/// @notice Deposits tokens for a specified account
/// @param account The address to deposit tokens for
/// @param amount The amount of tokens to deposit
/// @return bool indicating success of the deposit
function depositFor(address account, uint256 amount)
public
virtual
override
onlyWhitelistedAdmin(_msgSender())
returns (bool)
{
return super.depositFor(account, amount);
}
/// @notice Withdraws tokens to a specified account
/// @param account The address to withdraw tokens to
/// @param amount The amount of tokens to withdraw
/// @return bool indicating success of the withdrawal
function withdrawTo(address account, uint256 amount)
public
virtual
override
onlyWhitelistedAdmin(_msgSender())
returns (bool)
{
return super.withdrawTo(account, amount);
}
/// @notice Transfers tokens to a specified address
/// @param to The address to transfer tokens to
/// @param amount The amount of tokens to transfer
/// @return bool indicating success of the transfer
function transfer(address to, uint256 amount) public virtual override returns (bool) {
return super.transfer(to, amount);
}
/// @notice Transfers tokens from one address to another
/// @param from The address to transfer tokens from
/// @param to The address to transfer tokens to
/// @param amount The amount of tokens to transfer
/// @return bool indicating success of the transfer
function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {
return super.transferFrom(from, to, amount);
}
/// @notice Withdraws tokens to a specified account based on a specific normalized lock timestamp as per the lock
/// schedule. The remainder of the tokens are transferred to the receiver address configured.
/// @param account The address to receive the withdrawn tokens
/// @param lockTimestamp The normalized lock timestamp to withdraw tokens for
/// @param allowRemainderLoss If true, is it allowed for the remainder of the tokens to be transferred to the
/// receiver address configured as per the lock schedule. If false and the calculated remainder amount is non-zero,
/// the withdrawal will revert.
/// @return bool indicating success of the withdrawal
function withdrawToByLockTimestamp(address account, uint256 lockTimestamp, bool allowRemainderLoss)
public
virtual
returns (bool)
{
uint256[] memory lockTimestamps = new uint256[](1);
lockTimestamps[0] = lockTimestamp;
return withdrawToByLockTimestamps(account, lockTimestamps, allowRemainderLoss);
}
/// @notice Withdraws tokens to a specified account based on multiple normalized lock timestamps as per the lock
/// schedule.
/// The remainder of the tokens are transferred to the receiver address configured.
/// @param account The address to receive the withdrawn tokens
/// @param lockTimestamps An array of normalized lock timestamps to withdraw tokens for
/// @param allowRemainderLoss If true, is it allowed for the remainder of the tokens to be transferred to the
/// receiver address configured as per the lock schedule. If false and the calculated remainder amount is non-zero,
/// the withdrawal will revert.
/// @return bool indicating success of the withdrawal
function withdrawToByLockTimestamps(address account, uint256[] memory lockTimestamps, bool allowRemainderLoss)
public
virtual
returns (bool)
{
IERC20 asset = underlying();
address sender = _msgSender();
uint256 totalAccountAmount;
uint256 totalRemainderAmount;
for (uint256 i = 0; i < lockTimestamps.length; ++i) {
uint256 lockTimestamp = lockTimestamps[i];
(uint256 accountAmount, uint256 remainderAmount) = getWithdrawAmountsByLockTimestamp(sender, lockTimestamp);
if (lockedAmounts[sender].remove(lockTimestamp)) {
emit LockRemoved(sender, lockTimestamp);
}
totalAccountAmount += accountAmount;
totalRemainderAmount += remainderAmount;
}
_burn(sender, totalAccountAmount + totalRemainderAmount);
asset.safeTransfer(account, totalAccountAmount);
if (totalRemainderAmount != 0) {
if (!allowRemainderLoss) revert RemainderLossNotAllowed();
address receiver = remainderReceiver;
asset.safeTransfer(receiver == address(0) ? owner() : receiver, totalRemainderAmount);
}
return true;
}
/// @notice Calculates the withdraw amounts for a given account and normalized lock timestamp
/// @param account The address of the account to check
/// @param lockTimestamp The normalized lock timestamp to check for withdraw amounts
/// @return accountAmount The amount that can be unlocked and sent to the account
/// @return remainderAmount The amount that will be transferred to the configured receiver address
function getWithdrawAmountsByLockTimestamp(address account, uint256 lockTimestamp)
public
view
virtual
returns (uint256, uint256)
{
(, uint256 amount) = lockedAmounts[account].tryGet(lockTimestamp);
uint256 accountShare = _calculateUnlockShare(lockTimestamp);
uint256 accountAmount = amount * accountShare / SCALE;
uint256 remainderAmount = amount - accountAmount;
return (accountAmount, remainderAmount);
}
/// @notice Gets the number of locked amount entries for an account
/// @param account The address to check
/// @return The number of locked amount entries
function getLockedAmountsLength(address account) public view returns (uint256) {
return lockedAmounts[account].length();
}
/// @notice Gets all the normalized lock timestamps of locked amounts for an account
/// @param account The address to check
/// @return An array of normalized lock timestamps
function getLockedAmountsLockTimestamps(address account) public view returns (uint256[] memory) {
return lockedAmounts[account].keys();
}
/// @notice Gets the locked amount for an account at a specific normalized lock timestamp
/// @param account The address to check
/// @param lockTimestamp The normalized lock timestamp to check
/// @return The locked amount at the specified timestamp
function getLockedAmountByLockTimestamp(address account, uint256 lockTimestamp) public view returns (uint256) {
(, uint256 amount) = lockedAmounts[account].tryGet(lockTimestamp);
return amount;
}
/// @notice Gets all locked amounts for an account
/// @param account The address to check
/// @return Two arrays: normalized lock timestamps and corresponding amounts
function getLockedAmounts(address account) public view returns (uint256[] memory, uint256[] memory) {
EnumerableMap.UintToUintMap storage map = lockedAmounts[account];
uint256[] memory lockTimestamps = map.keys();
uint256[] memory amounts = new uint256[](lockTimestamps.length);
for (uint256 i = 0; i < lockTimestamps.length; i++) {
amounts[i] = map.get(lockTimestamps[i]);
}
return (lockTimestamps, amounts);
}
/// @notice Internal function to update balances
/// @dev Regular ERC20 transfers are only supported between two whitelisted addresses. When the amount is
/// transferred from non-whitelisted address to a whitelisted address, the locked amount entries get subsequently
/// removed starting from the oldest lock, up to the point when the whole requested amount is transferred freely.
/// When the amount is transferred from a whitelisted address to a non-whitelisted address, the amount is locked as
/// per the lock schedule. Transfers from a non-whitelisted address to another non-whitelisted address are not
/// supported and will revert.
/// @param from Address to transfer from
/// @param to Address to transfer to
/// @param amount Amount to transfer
function _update(address from, address to, uint256 amount) internal virtual override {
if (amount != 0) {
bool fromIsWhitelisted = whitelistStatus[from] != WHITELIST_STATUS_NONE;
bool toIsWhitelisted = whitelistStatus[to] != WHITELIST_STATUS_NONE;
if ((from == address(0) || fromIsWhitelisted) && to != address(0) && !toIsWhitelisted) {
// Covers minting and transfers from whitelisted to non-whitelisted
EnumerableMap.UintToUintMap storage map = lockedAmounts[to];
uint256 normalizedTimestamp = _getNormalizedTimestamp();
(, uint256 currentAmount) = map.tryGet(normalizedTimestamp);
if (map.set(normalizedTimestamp, currentAmount + amount)) {
emit LockCreated(to, normalizedTimestamp);
}
} else if (!fromIsWhitelisted && toIsWhitelisted) {
// Covers transfers from non-whitelisted to whitelisted
EnumerableMap.UintToUintMap storage map = lockedAmounts[from];
uint256[] memory lockTimestamps = map.keys();
uint256 unlockedAmount;
for (uint256 i = 0; i < lockTimestamps.length; ++i) {
uint256 lockTimestamp = lockTimestamps[i];
uint256 currentAmount = map.get(lockTimestamp);
if (unlockedAmount + currentAmount > amount) {
uint256 releasedAmount = amount - unlockedAmount;
map.set(lockTimestamp, currentAmount - releasedAmount);
currentAmount = releasedAmount;
} else {
map.remove(lockTimestamp);
emit LockRemoved(from, lockTimestamp);
}
unlockedAmount += currentAmount;
if (unlockedAmount >= amount) break;
}
} else if (from != address(0) && !fromIsWhitelisted && to != address(0) && !toIsWhitelisted) {
// Covers transfers from non-whitelisted to non-whitelisted
revert NotAuthorized();
}
}
// For burning and transfers from whitelisted to whitelisted, no special handling needs to be done.
// `_setWhitelistStatus` ensures that only non-whitelisted accounts can have locked amounts
super._update(from, to, amount);
}
/// @notice Sets the whitelist status for an account
/// @dev If the account is being whitelisted, all locked amounts are removed, resulting in all tokens being
/// unlocked. If the account is being removed from the whitelist, the current account balance is locked. A side
/// effect of this behavior is that the owner (and by extension, approved token spenders) can modify the lock
/// schedule for users. For example, by adding and then removing the account from the whitelist, or by transferring
/// tokens from a non-whitelisted account to a whitelisted account and back, the owner and approved token spenders
/// can reset the unlock schedule for that account. It should be noted that the ability to modify whitelist status
/// and its effects on locks is a core feature of this contract. On the other hand, regular users must be vigilant
/// about which addresses they approve to spend their locked tokens which is not unlike other ERC20 approvals.
/// @param account The address to set the whitelist status for
/// @param status The whitelist status to set
function _setWhitelistStatus(address account, uint256 status) internal {
if (status > WHITELIST_STATUS_DISTRIBUTOR) revert InvalidWhitelistStatus();
if (status == WHITELIST_STATUS_NONE) {
uint256 amount = balanceOf(account);
if (amount != 0) {
uint256 normalizedTimestamp = _getNormalizedTimestamp();
lockedAmounts[account].set(normalizedTimestamp, amount);
emit LockCreated(account, normalizedTimestamp);
}
} else {
EnumerableMap.UintToUintMap storage map = lockedAmounts[account];
uint256[] memory lockTimestamps = map.keys();
for (uint256 i = 0; i < lockTimestamps.length; ++i) {
map.remove(lockTimestamps[i]);
emit LockRemoved(account, lockTimestamps[i]);
}
}
whitelistStatus[account] = status;
emit WhitelistStatusSet(account, status);
}
/// @notice Calculates the share of tokens that can be unlocked based on the lock timestamp
/// @dev This function should be overridden by the child contract to implement the specific unlock schedule
/// @param lockTimestamp The timestamp when the tokens were locked
/// @return The share of tokens that can be freely unlocked (in basis points)
function _calculateUnlockShare(uint256 lockTimestamp) internal view virtual returns (uint256);
/// @notice Internal function to get the normalized timestamp
/// @return The normalized timestamp (rounded down to the nearest day)
function _getNormalizedTimestamp() internal view virtual returns (uint256) {
return block.timestamp - (block.timestamp % LOCK_NORMALIZATION_FACTOR);
}
/// @notice Internal function to get the authenticated message sender
/// @return The address of the authenticated message sender
function _msgSender() internal view override (Context, EVCUtil) returns (address) {
return EVCUtil._msgSender();
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/ERC20Wrapper.sol)
pragma solidity ^0.8.20;
import {IERC20, IERC20Metadata, ERC20} from "../ERC20.sol";
import {SafeERC20} from "../utils/SafeERC20.sol";
/**
* @dev Extension of the ERC-20 token contract to support token wrapping.
*
* Users can deposit and withdraw "underlying tokens" and receive a matching number of "wrapped tokens". This is useful
* in conjunction with other modules. For example, combining this wrapping mechanism with {ERC20Votes} will allow the
* wrapping of an existing "basic" ERC-20 into a governance token.
*
* WARNING: Any mechanism in which the underlying token changes the {balanceOf} of an account without an explicit transfer
* may desynchronize this contract's supply and its underlying balance. Please exercise caution when wrapping tokens that
* may undercollateralize the wrapper (i.e. wrapper's total supply is higher than its underlying balance). See {_recover}
* for recovering value accrued to the wrapper.
*/
abstract contract ERC20Wrapper is ERC20 {
IERC20 private immutable _underlying;
/**
* @dev The underlying token couldn't be wrapped.
*/
error ERC20InvalidUnderlying(address token);
constructor(IERC20 underlyingToken) {
if (underlyingToken == this) {
revert ERC20InvalidUnderlying(address(this));
}
_underlying = underlyingToken;
}
/**
* @dev See {ERC20-decimals}.
*/
function decimals() public view virtual override returns (uint8) {
try IERC20Metadata(address(_underlying)).decimals() returns (uint8 value) {
return value;
} catch {
return super.decimals();
}
}
/**
* @dev Returns the address of the underlying ERC-20 token that is being wrapped.
*/
function underlying() public view returns (IERC20) {
return _underlying;
}
/**
* @dev Allow a user to deposit underlying tokens and mint the corresponding number of wrapped tokens.
*/
function depositFor(address account, uint256 value) public virtual returns (bool) {
address sender = _msgSender();
if (sender == address(this)) {
revert ERC20InvalidSender(address(this));
}
if (account == address(this)) {
revert ERC20InvalidReceiver(account);
}
SafeERC20.safeTransferFrom(_underlying, sender, address(this), value);
_mint(account, value);
return true;
}
/**
* @dev Allow a user to burn a number of wrapped tokens and withdraw the corresponding number of underlying tokens.
*/
function withdrawTo(address account, uint256 value) public virtual returns (bool) {
if (account == address(this)) {
revert ERC20InvalidReceiver(account);
}
_burn(_msgSender(), value);
SafeERC20.safeTransfer(_underlying, account, value);
return true;
}
/**
* @dev Mint wrapped token to cover any underlyingTokens that would have been transferred by mistake or acquired from
* rebasing mechanisms. Internal function that can be exposed with access control if desired.
*/
function _recover(address account) internal virtual returns (uint256) {
uint256 value = _underlying.balanceOf(address(this)) - totalSupply();
_mint(account, value);
return value;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)
pragma solidity ^0.8.20;
import {Context} from "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* The initial owner is set to the address provided by the deployer. This can
* later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
/**
* @dev The caller account is not authorized to perform an operation.
*/
error OwnableUnauthorizedAccount(address account);
/**
* @dev The owner is not a valid owner account. (eg. `address(0)`)
*/
error OwnableInvalidOwner(address owner);
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the address provided by the deployer as the initial owner.
*/
constructor(address initialOwner) {
if (initialOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(initialOwner);
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
if (owner() != _msgSender()) {
revert OwnableUnauthorizedAccount(_msgSender());
}
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
if (newOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/structs/EnumerableMap.sol)
// This file was procedurally generated from scripts/generate/templates/EnumerableMap.js.
pragma solidity ^0.8.20;
import {EnumerableSet} from "./EnumerableSet.sol";
/**
* @dev Library for managing an enumerable variant of Solidity's
* https://solidity.readthedocs.io/en/latest/types.html#mapping-types[`mapping`]
* type.
*
* Maps have the following properties:
*
* - Entries are added, removed, and checked for existence in constant time
* (O(1)).
* - Entries are enumerated in O(n). No guarantees are made on the ordering.
*
* ```solidity
* contract Example {
* // Add the library methods
* using EnumerableMap for EnumerableMap.UintToAddressMap;
*
* // Declare a set state variable
* EnumerableMap.UintToAddressMap private myMap;
* }
* ```
*
* The following map types are supported:
*
* - `uint256 -> address` (`UintToAddressMap`) since v3.0.0
* - `address -> uint256` (`AddressToUintMap`) since v4.6.0
* - `bytes32 -> bytes32` (`Bytes32ToBytes32Map`) since v4.6.0
* - `uint256 -> uint256` (`UintToUintMap`) since v4.7.0
* - `bytes32 -> uint256` (`Bytes32ToUintMap`) since v4.7.0
* - `uint256 -> bytes32` (`UintToBytes32Map`) since v5.1.0
* - `address -> address` (`AddressToAddressMap`) since v5.1.0
* - `address -> bytes32` (`AddressToBytes32Map`) since v5.1.0
* - `bytes32 -> address` (`Bytes32ToAddressMap`) since v5.1.0
*
* [WARNING]
* ====
* Trying to delete such a structure from storage will likely result in data corruption, rendering the structure
* unusable.
* See https://github.com/ethereum/solidity/pull/11843[ethereum/solidity#11843] for more info.
*
* In order to clean an EnumerableMap, you can either remove all elements one by one or create a fresh instance using an
* array of EnumerableMap.
* ====
*/
library EnumerableMap {
using EnumerableSet for EnumerableSet.Bytes32Set;
// To implement this library for multiple types with as little code repetition as possible, we write it in
// terms of a generic Map type with bytes32 keys and values. The Map implementation uses private functions,
// and user-facing implementations such as `UintToAddressMap` are just wrappers around the underlying Map.
// This means that we can only create new EnumerableMaps for types that fit in bytes32.
/**
* @dev Query for a nonexistent map key.
*/
error EnumerableMapNonexistentKey(bytes32 key);
struct Bytes32ToBytes32Map {
// Storage of keys
EnumerableSet.Bytes32Set _keys;
mapping(bytes32 key => bytes32) _values;
}
/**
* @dev Adds a key-value pair to a map, or updates the value for an existing
* key. O(1).
*
* Returns true if the key was added to the map, that is if it was not
* already present.
*/
function set(Bytes32ToBytes32Map storage map, bytes32 key, bytes32 value) internal returns (bool) {
map._values[key] = value;
return map._keys.add(key);
}
/**
* @dev Removes a key-value pair from a map. O(1).
*
* Returns true if the key was removed from the map, that is if it was present.
*/
function remove(Bytes32ToBytes32Map storage map, bytes32 key) internal returns (bool) {
delete map._values[key];
return map._keys.remove(key);
}
/**
* @dev Returns true if the key is in the map. O(1).
*/
function contains(Bytes32ToBytes32Map storage map, bytes32 key) internal view returns (bool) {
return map._keys.contains(key);
}
/**
* @dev Returns the number of key-value pairs in the map. O(1).
*/
function length(Bytes32ToBytes32Map storage map) internal view returns (uint256) {
return map._keys.length();
}
/**
* @dev Returns the key-value pair stored at position `index` in the map. O(1).
*
* Note that there are no guarantees on the ordering of entries inside the
* array, and it may change when more entries are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(Bytes32ToBytes32Map storage map, uint256 index) internal view returns (bytes32, bytes32) {
bytes32 key = map._keys.at(index);
return (key, map._values[key]);
}
/**
* @dev Tries to returns the value associated with `key`. O(1).
* Does not revert if `key` is not in the map.
*/
function tryGet(Bytes32ToBytes32Map storage map, bytes32 key) internal view returns (bool, bytes32) {
bytes32 value = map._values[key];
if (value == bytes32(0)) {
return (contains(map, key), bytes32(0));
} else {
return (true, value);
}
}
/**
* @dev Returns the value associated with `key`. O(1).
*
* Requirements:
*
* - `key` must be in the map.
*/
function get(Bytes32ToBytes32Map storage map, bytes32 key) internal view returns (bytes32) {
bytes32 value = map._values[key];
if (value == 0 && !contains(map, key)) {
revert EnumerableMapNonexistentKey(key);
}
return value;
}
/**
* @dev Return the an array containing all the keys
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the map grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function keys(Bytes32ToBytes32Map storage map) internal view returns (bytes32[] memory) {
return map._keys.values();
}
// UintToUintMap
struct UintToUintMap {
Bytes32ToBytes32Map _inner;
}
/**
* @dev Adds a key-value pair to a map, or updates the value for an existing
* key. O(1).
*
* Returns true if the key was added to the map, that is if it was not
* already present.
*/
function set(UintToUintMap storage map, uint256 key, uint256 value) internal returns (bool) {
return set(map._inner, bytes32(key), bytes32(value));
}
/**
* @dev Removes a value from a map. O(1).
*
* Returns true if the key was removed from the map, that is if it was present.
*/
function remove(UintToUintMap storage map, uint256 key) internal returns (bool) {
return remove(map._inner, bytes32(key));
}
/**
* @dev Returns true if the key is in the map. O(1).
*/
function contains(UintToUintMap storage map, uint256 key) internal view returns (bool) {
return contains(map._inner, bytes32(key));
}
/**
* @dev Returns the number of elements in the map. O(1).
*/
function length(UintToUintMap storage map) internal view returns (uint256) {
return length(map._inner);
}
/**
* @dev Returns the element stored at position `index` in the map. O(1).
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(UintToUintMap storage map, uint256 index) internal view returns (uint256, uint256) {
(bytes32 key, bytes32 value) = at(map._inner, index);
return (uint256(key), uint256(value));
}
/**
* @dev Tries to returns the value associated with `key`. O(1).
* Does not revert if `key` is not in the map.
*/
function tryGet(UintToUintMap storage map, uint256 key) internal view returns (bool, uint256) {
(bool success, bytes32 value) = tryGet(map._inner, bytes32(key));
return (success, uint256(value));
}
/**
* @dev Returns the value associated with `key`. O(1).
*
* Requirements:
*
* - `key` must be in the map.
*/
function get(UintToUintMap storage map, uint256 key) internal view returns (uint256) {
return uint256(get(map._inner, bytes32(key)));
}
/**
* @dev Return the an array containing all the keys
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the map grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function keys(UintToUintMap storage map) internal view returns (uint256[] memory) {
bytes32[] memory store = keys(map._inner);
uint256[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// UintToAddressMap
struct UintToAddressMap {
Bytes32ToBytes32Map _inner;
}
/**
* @dev Adds a key-value pair to a map, or updates the value for an existing
* key. O(1).
*
* Returns true if the key was added to the map, that is if it was not
* already present.
*/
function set(UintToAddressMap storage map, uint256 key, address value) internal returns (bool) {
return set(map._inner, bytes32(key), bytes32(uint256(uint160(value))));
}
/**
* @dev Removes a value from a map. O(1).
*
* Returns true if the key was removed from the map, that is if it was present.
*/
function remove(UintToAddressMap storage map, uint256 key) internal returns (bool) {
return remove(map._inner, bytes32(key));
}
/**
* @dev Returns true if the key is in the map. O(1).
*/
function contains(UintToAddressMap storage map, uint256 key) internal view returns (bool) {
return contains(map._inner, bytes32(key));
}
/**
* @dev Returns the number of elements in the map. O(1).
*/
function length(UintToAddressMap storage map) internal view returns (uint256) {
return length(map._inner);
}
/**
* @dev Returns the element stored at position `index` in the map. O(1).
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(UintToAddressMap storage map, uint256 index) internal view returns (uint256, address) {
(bytes32 key, bytes32 value) = at(map._inner, index);
return (uint256(key), address(uint160(uint256(value))));
}
/**
* @dev Tries to returns the value associated with `key`. O(1).
* Does not revert if `key` is not in the map.
*/
function tryGet(UintToAddressMap storage map, uint256 key) internal view returns (bool, address) {
(bool success, bytes32 value) = tryGet(map._inner, bytes32(key));
return (success, address(uint160(uint256(value))));
}
/**
* @dev Returns the value associated with `key`. O(1).
*
* Requirements:
*
* - `key` must be in the map.
*/
function get(UintToAddressMap storage map, uint256 key) internal view returns (address) {
return address(uint160(uint256(get(map._inner, bytes32(key)))));
}
/**
* @dev Return the an array containing all the keys
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the map grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function keys(UintToAddressMap storage map) internal view returns (uint256[] memory) {
bytes32[] memory store = keys(map._inner);
uint256[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// UintToBytes32Map
struct UintToBytes32Map {
Bytes32ToBytes32Map _inner;
}
/**
* @dev Adds a key-value pair to a map, or updates the value for an existing
* key. O(1).
*
* Returns true if the key was added to the map, that is if it was not
* already present.
*/
function set(UintToBytes32Map storage map, uint256 key, bytes32 value) internal returns (bool) {
return set(map._inner, bytes32(key), value);
}
/**
* @dev Removes a value from a map. O(1).
*
* Returns true if the key was removed from the map, that is if it was present.
*/
function remove(UintToBytes32Map storage map, uint256 key) internal returns (bool) {
return remove(map._inner, bytes32(key));
}
/**
* @dev Returns true if the key is in the map. O(1).
*/
function contains(UintToBytes32Map storage map, uint256 key) internal view returns (bool) {
return contains(map._inner, bytes32(key));
}
/**
* @dev Returns the number of elements in the map. O(1).
*/
function length(UintToBytes32Map storage map) internal view returns (uint256) {
return length(map._inner);
}
/**
* @dev Returns the element stored at position `index` in the map. O(1).
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(UintToBytes32Map storage map, uint256 index) internal view returns (uint256, bytes32) {
(bytes32 key, bytes32 value) = at(map._inner, index);
return (uint256(key), value);
}
/**
* @dev Tries to returns the value associated with `key`. O(1).
* Does not revert if `key` is not in the map.
*/
function tryGet(UintToBytes32Map storage map, uint256 key) internal view returns (bool, bytes32) {
(bool success, bytes32 value) = tryGet(map._inner, bytes32(key));
return (success, value);
}
/**
* @dev Returns the value associated with `key`. O(1).
*
* Requirements:
*
* - `key` must be in the map.
*/
function get(UintToBytes32Map storage map, uint256 key) internal view returns (bytes32) {
return get(map._inner, bytes32(key));
}
/**
* @dev Return the an array containing all the keys
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the map grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function keys(UintToBytes32Map storage map) internal view returns (uint256[] memory) {
bytes32[] memory store = keys(map._inner);
uint256[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// AddressToUintMap
struct AddressToUintMap {
Bytes32ToBytes32Map _inner;
}
/**
* @dev Adds a key-value pair to a map, or updates the value for an existing
* key. O(1).
*
* Returns true if the key was added to the map, that is if it was not
* already present.
*/
function set(AddressToUintMap storage map, address key, uint256 value) internal returns (bool) {
return set(map._inner, bytes32(uint256(uint160(key))), bytes32(value));
}
/**
* @dev Removes a value from a map. O(1).
*
* Returns true if the key was removed from the map, that is if it was present.
*/
function remove(AddressToUintMap storage map, address key) internal returns (bool) {
return remove(map._inner, bytes32(uint256(uint160(key))));
}
/**
* @dev Returns true if the key is in the map. O(1).
*/
function contains(AddressToUintMap storage map, address key) internal view returns (bool) {
return contains(map._inner, bytes32(uint256(uint160(key))));
}
/**
* @dev Returns the number of elements in the map. O(1).
*/
function length(AddressToUintMap storage map) internal view returns (uint256) {
return length(map._inner);
}
/**
* @dev Returns the element stored at position `index` in the map. O(1).
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(AddressToUintMap storage map, uint256 index) internal view returns (address, uint256) {
(bytes32 key, bytes32 value) = at(map._inner, index);
return (address(uint160(uint256(key))), uint256(value));
}
/**
* @dev Tries to returns the value associated with `key`. O(1).
* Does not revert if `key` is not in the map.
*/
function tryGet(AddressToUintMap storage map, address key) internal view returns (bool, uint256) {
(bool success, bytes32 value) = tryGet(map._inner, bytes32(uint256(uint160(key))));
return (success, uint256(value));
}
/**
* @dev Returns the value associated with `key`. O(1).
*
* Requirements:
*
* - `key` must be in the map.
*/
function get(AddressToUintMap storage map, address key) internal view returns (uint256) {
return uint256(get(map._inner, bytes32(uint256(uint160(key)))));
}
/**
* @dev Return the an array containing all the keys
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the map grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function keys(AddressToUintMap storage map) internal view returns (address[] memory) {
bytes32[] memory store = keys(map._inner);
address[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// AddressToAddressMap
struct AddressToAddressMap {
Bytes32ToBytes32Map _inner;
}
/**
* @dev Adds a key-value pair to a map, or updates the value for an existing
* key. O(1).
*
* Returns true if the key was added to the map, that is if it was not
* already present.
*/
function set(AddressToAddressMap storage map, address key, address value) internal returns (bool) {
return set(map._inner, bytes32(uint256(uint160(key))), bytes32(uint256(uint160(value))));
}
/**
* @dev Removes a value from a map. O(1).
*
* Returns true if the key was removed from the map, that is if it was present.
*/
function remove(AddressToAddressMap storage map, address key) internal returns (bool) {
return remove(map._inner, bytes32(uint256(uint160(key))));
}
/**
* @dev Returns true if the key is in the map. O(1).
*/
function contains(AddressToAddressMap storage map, address key) internal view returns (bool) {
return contains(map._inner, bytes32(uint256(uint160(key))));
}
/**
* @dev Returns the number of elements in the map. O(1).
*/
function length(AddressToAddressMap storage map) internal view returns (uint256) {
return length(map._inner);
}
/**
* @dev Returns the element stored at position `index` in the map. O(1).
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(AddressToAddressMap storage map, uint256 index) internal view returns (address, address) {
(bytes32 key, bytes32 value) = at(map._inner, index);
return (address(uint160(uint256(key))), address(uint160(uint256(value))));
}
/**
* @dev Tries to returns the value associated with `key`. O(1).
* Does not revert if `key` is not in the map.
*/
function tryGet(AddressToAddressMap storage map, address key) internal view returns (bool, address) {
(bool success, bytes32 value) = tryGet(map._inner, bytes32(uint256(uint160(key))));
return (success, address(uint160(uint256(value))));
}
/**
* @dev Returns the value associated with `key`. O(1).
*
* Requirements:
*
* - `key` must be in the map.
*/
function get(AddressToAddressMap storage map, address key) internal view returns (address) {
return address(uint160(uint256(get(map._inner, bytes32(uint256(uint160(key)))))));
}
/**
* @dev Return the an array containing all the keys
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the map grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function keys(AddressToAddressMap storage map) internal view returns (address[] memory) {
bytes32[] memory store = keys(map._inner);
address[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// AddressToBytes32Map
struct AddressToBytes32Map {
Bytes32ToBytes32Map _inner;
}
/**
* @dev Adds a key-value pair to a map, or updates the value for an existing
* key. O(1).
*
* Returns true if the key was added to the map, that is if it was not
* already present.
*/
function set(AddressToBytes32Map storage map, address key, bytes32 value) internal returns (bool) {
return set(map._inner, bytes32(uint256(uint160(key))), value);
}
/**
* @dev Removes a value from a map. O(1).
*
* Returns true if the key was removed from the map, that is if it was present.
*/
function remove(AddressToBytes32Map storage map, address key) internal returns (bool) {
return remove(map._inner, bytes32(uint256(uint160(key))));
}
/**
* @dev Returns true if the key is in the map. O(1).
*/
function contains(AddressToBytes32Map storage map, address key) internal view returns (bool) {
return contains(map._inner, bytes32(uint256(uint160(key))));
}
/**
* @dev Returns the number of elements in the map. O(1).
*/
function length(AddressToBytes32Map storage map) internal view returns (uint256) {
return length(map._inner);
}
/**
* @dev Returns the element stored at position `index` in the map. O(1).
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(AddressToBytes32Map storage map, uint256 index) internal view returns (address, bytes32) {
(bytes32 key, bytes32 value) = at(map._inner, index);
return (address(uint160(uint256(key))), value);
}
/**
* @dev Tries to returns the value associated with `key`. O(1).
* Does not revert if `key` is not in the map.
*/
function tryGet(AddressToBytes32Map storage map, address key) internal view returns (bool, bytes32) {
(bool success, bytes32 value) = tryGet(map._inner, bytes32(uint256(uint160(key))));
return (success, value);
}
/**
* @dev Returns the value associated with `key`. O(1).
*
* Requirements:
*
* - `key` must be in the map.
*/
function get(AddressToBytes32Map storage map, address key) internal view returns (bytes32) {
return get(map._inner, bytes32(uint256(uint160(key))));
}
/**
* @dev Return the an array containing all the keys
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the map grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function keys(AddressToBytes32Map storage map) internal view returns (address[] memory) {
bytes32[] memory store = keys(map._inner);
address[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// Bytes32ToUintMap
struct Bytes32ToUintMap {
Bytes32ToBytes32Map _inner;
}
/**
* @dev Adds a key-value pair to a map, or updates the value for an existing
* key. O(1).
*
* Returns true if the key was added to the map, that is if it was not
* already present.
*/
function set(Bytes32ToUintMap storage map, bytes32 key, uint256 value) internal returns (bool) {
return set(map._inner, key, bytes32(value));
}
/**
* @dev Removes a value from a map. O(1).
*
* Returns true if the key was removed from the map, that is if it was present.
*/
function remove(Bytes32ToUintMap storage map, bytes32 key) internal returns (bool) {
return remove(map._inner, key);
}
/**
* @dev Returns true if the key is in the map. O(1).
*/
function contains(Bytes32ToUintMap storage map, bytes32 key) internal view returns (bool) {
return contains(map._inner, key);
}
/**
* @dev Returns the number of elements in the map. O(1).
*/
function length(Bytes32ToUintMap storage map) internal view returns (uint256) {
return length(map._inner);
}
/**
* @dev Returns the element stored at position `index` in the map. O(1).
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(Bytes32ToUintMap storage map, uint256 index) internal view returns (bytes32, uint256) {
(bytes32 key, bytes32 value) = at(map._inner, index);
return (key, uint256(value));
}
/**
* @dev Tries to returns the value associated with `key`. O(1).
* Does not revert if `key` is not in the map.
*/
function tryGet(Bytes32ToUintMap storage map, bytes32 key) internal view returns (bool, uint256) {
(bool success, bytes32 value) = tryGet(map._inner, key);
return (success, uint256(value));
}
/**
* @dev Returns the value associated with `key`. O(1).
*
* Requirements:
*
* - `key` must be in the map.
*/
function get(Bytes32ToUintMap storage map, bytes32 key) internal view returns (uint256) {
return uint256(get(map._inner, key));
}
/**
* @dev Return the an array containing all the keys
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the map grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function keys(Bytes32ToUintMap storage map) internal view returns (bytes32[] memory) {
bytes32[] memory store = keys(map._inner);
bytes32[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// Bytes32ToAddressMap
struct Bytes32ToAddressMap {
Bytes32ToBytes32Map _inner;
}
/**
* @dev Adds a key-value pair to a map, or updates the value for an existing
* key. O(1).
*
* Returns true if the key was added to the map, that is if it was not
* already present.
*/
function set(Bytes32ToAddressMap storage map, bytes32 key, address value) internal returns (bool) {
return set(map._inner, key, bytes32(uint256(uint160(value))));
}
/**
* @dev Removes a value from a map. O(1).
*
* Returns true if the key was removed from the map, that is if it was present.
*/
function remove(Bytes32ToAddressMap storage map, bytes32 key) internal returns (bool) {
return remove(map._inner, key);
}
/**
* @dev Returns true if the key is in the map. O(1).
*/
function contains(Bytes32ToAddressMap storage map, bytes32 key) internal view returns (bool) {
return contains(map._inner, key);
}
/**
* @dev Returns the number of elements in the map. O(1).
*/
function length(Bytes32ToAddressMap storage map) internal view returns (uint256) {
return length(map._inner);
}
/**
* @dev Returns the element stored at position `index` in the map. O(1).
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(Bytes32ToAddressMap storage map, uint256 index) internal view returns (bytes32, address) {
(bytes32 key, bytes32 value) = at(map._inner, index);
return (key, address(uint160(uint256(value))));
}
/**
* @dev Tries to returns the value associated with `key`. O(1).
* Does not revert if `key` is not in the map.
*/
function tryGet(Bytes32ToAddressMap storage map, bytes32 key) internal view returns (bool, address) {
(bool success, bytes32 value) = tryGet(map._inner, key);
return (success, address(uint160(uint256(value))));
}
/**
* @dev Returns the value associated with `key`. O(1).
*
* Requirements:
*
* - `key` must be in the map.
*/
function get(Bytes32ToAddressMap storage map, bytes32 key) internal view returns (address) {
return address(uint160(uint256(get(map._inner, key))));
}
/**
* @dev Return the an array containing all the keys
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the map grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function keys(Bytes32ToAddressMap storage map) internal view returns (bytes32[] memory) {
bytes32[] memory store = keys(map._inner);
bytes32[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import {IEVC} from "../interfaces/IEthereumVaultConnector.sol";
import {ExecutionContext, EC} from "../ExecutionContext.sol";
/// @title EVCUtil
/// @custom:security-contact [email protected]
/// @author Euler Labs (https://www.eulerlabs.com/)
/// @notice This contract is an abstract base contract for interacting with the Ethereum Vault Connector (EVC).
/// It provides utility functions for authenticating the callers in the context of the EVC, a pattern for enforcing the
/// contracts to be called through the EVC.
abstract contract EVCUtil {
using ExecutionContext for EC;
uint160 internal constant ACCOUNT_ID_OFFSET = 8;
IEVC internal immutable evc;
error EVC_InvalidAddress();
error NotAuthorized();
error ControllerDisabled();
constructor(address _evc) {
if (_evc == address(0)) revert EVC_InvalidAddress();
evc = IEVC(_evc);
}
/// @notice Returns the address of the Ethereum Vault Connector (EVC) used by this contract.
/// @return The address of the EVC contract.
function EVC() external view virtual returns (address) {
return address(evc);
}
/// @notice Ensures that the msg.sender is the EVC by using the EVC callback functionality if necessary.
/// @dev Optional to use for functions requiring account and vault status checks to enforce predictable behavior.
/// @dev If this modifier used in conjuction with any other modifier, it must appear as the first (outermost)
/// modifier of the function.
modifier callThroughEVC() virtual {
_callThroughEVC();
_;
}
/// @notice Ensures that the caller is the EVC in the appropriate context.
/// @dev Should be used for checkAccountStatus and checkVaultStatus functions.
modifier onlyEVCWithChecksInProgress() virtual {
_onlyEVCWithChecksInProgress();
_;
}
/// @notice Ensures a standard authentication path on the EVC.
/// @dev This modifier checks if the caller is the EVC and if so, verifies the execution context.
/// It reverts if the operator is authenticated, control collateral is in progress, or checks are in progress.
/// It reverts if the authenticated account owner is known and it is not the account owner.
/// @dev It assumes that if the caller is not the EVC, the caller is the account owner.
/// @dev This modifier must not be used on functions utilized by liquidation flows, i.e. transfer or withdraw.
/// @dev This modifier must not be used on checkAccountStatus and checkVaultStatus functions.
/// @dev This modifier can be used on access controlled functions to prevent non-standard authentication paths on
/// the EVC.
modifier onlyEVCAccountOwner() virtual {
_onlyEVCAccountOwner();
_;
}
/// @notice Checks whether the specified account and the other account have the same owner.
/// @dev The function is used to check whether one account is authorized to perform operations on behalf of the
/// other. Accounts are considered to have a common owner if they share the first 19 bytes of their address.
/// @param account The address of the account that is being checked.
/// @param otherAccount The address of the other account that is being checked.
/// @return A boolean flag that indicates whether the accounts have the same owner.
function _haveCommonOwner(address account, address otherAccount) internal pure returns (bool) {
bool result;
assembly {
result := lt(xor(account, otherAccount), 0x100)
}
return result;
}
/// @notice Returns the address prefix of the specified account.
/// @dev The address prefix is the first 19 bytes of the account address.
/// @param account The address of the account whose address prefix is being retrieved.
/// @return A bytes19 value that represents the address prefix of the account.
function _getAddressPrefix(address account) internal pure returns (bytes19) {
return bytes19(uint152(uint160(account) >> ACCOUNT_ID_OFFSET));
}
/// @notice Retrieves the message sender in the context of the EVC.
/// @dev This function returns the account on behalf of which the current operation is being performed, which is
/// either msg.sender or the account authenticated by the EVC.
/// @return The address of the message sender.
function _msgSender() internal view virtual returns (address) {
address sender = msg.sender;
if (sender == address(evc)) {
(sender,) = evc.getCurrentOnBehalfOfAccount(address(0));
}
return sender;
}
/// @notice Retrieves the message sender in the context of the EVC for a borrow operation.
/// @dev This function returns the account on behalf of which the current operation is being performed, which is
/// either msg.sender or the account authenticated by the EVC. This function reverts if this contract is not enabled
/// as a controller for the account on behalf of which the operation is being executed.
/// @return The address of the message sender.
function _msgSenderForBorrow() internal view virtual returns (address) {
address sender = msg.sender;
bool controllerEnabled;
if (sender == address(evc)) {
(sender, controllerEnabled) = evc.getCurrentOnBehalfOfAccount(address(this));
} else {
controllerEnabled = evc.isControllerEnabled(sender, address(this));
}
if (!controllerEnabled) {
revert ControllerDisabled();
}
return sender;
}
/// @notice Calls the current external function through the EVC.
/// @dev This function is used to route the current call through the EVC if it's not already coming from the EVC. It
/// makes the EVC set the execution context and call back this contract with unchanged calldata. msg.sender is used
/// as the onBehalfOfAccount.
/// @dev This function shall only be used by the callThroughEVC modifier.
function _callThroughEVC() internal {
address _evc = address(evc);
if (msg.sender == _evc) return;
assembly {
mstore(0, 0x1f8b521500000000000000000000000000000000000000000000000000000000) // EVC.call selector
mstore(4, address()) // EVC.call 1st argument - address(this)
mstore(36, caller()) // EVC.call 2nd argument - msg.sender
mstore(68, callvalue()) // EVC.call 3rd argument - msg.value
mstore(100, 128) // EVC.call 4th argument - msg.data, offset to the start of encoding - 128 bytes
mstore(132, calldatasize()) // msg.data length
calldatacopy(164, 0, calldatasize()) // original calldata
// abi encoded bytes array should be zero padded so its length is a multiple of 32
// store zero word after msg.data bytes and round up calldatasize to nearest multiple of 32
mstore(add(164, calldatasize()), 0)
let result := call(gas(), _evc, callvalue(), 0, add(164, and(add(calldatasize(), 31), not(31))), 0, 0)
returndatacopy(0, 0, returndatasize())
switch result
case 0 { revert(0, returndatasize()) }
default { return(64, sub(returndatasize(), 64)) } // strip bytes encoding from call return
}
}
/// @notice Ensures that the function is called only by the EVC during the checks phase
/// @dev Reverts if the caller is not the EVC or if checks are not in progress.
function _onlyEVCWithChecksInProgress() internal view {
if (msg.sender != address(evc) || !evc.areChecksInProgress()) {
revert NotAuthorized();
}
}
/// @notice Ensures that the function is called only by the EVC account owner
/// @dev This function checks if the caller is the EVC and if so, verifies that the execution context is not in a
/// special state (operator authenticated, collateral control in progress, or checks in progress). If the owner was
/// already registered on the EVC, it verifies that the onBehalfOfAccount is the owner.
/// @dev Reverts if the caller is not the EVC or if the execution context is in a special state.
function _onlyEVCAccountOwner() internal view {
if (msg.sender == address(evc)) {
EC ec = EC.wrap(evc.getRawExecutionContext());
if (ec.isOperatorAuthenticated() || ec.isControlCollateralInProgress() || ec.areChecksInProgress()) {
revert NotAuthorized();
}
address onBehalfOfAccount = ec.getOnBehalfOfAccount();
address owner = evc.getAccountOwner(onBehalfOfAccount);
if (owner != address(0) && owner != onBehalfOfAccount) {
revert NotAuthorized();
}
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "./IERC20.sol";
import {IERC20Metadata} from "./extensions/IERC20Metadata.sol";
import {Context} from "../../utils/Context.sol";
import {IERC20Errors} from "../../interfaces/draft-IERC6093.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* The default value of {decimals} is 18. To change this, you should override
* this function so it returns a different value.
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC-20
* applications.
*/
abstract contract ERC20 is Context, IERC20, IERC20Metadata, IERC20Errors {
mapping(address account => uint256) private _balances;
mapping(address account => mapping(address spender => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the default value returned by this function, unless
* it's overridden.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `value`.
*/
function transfer(address to, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_transfer(owner, to, value);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `value` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, value);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Skips emitting an {Approval} event indicating an allowance update. This is not
* required by the ERC. See {xref-ERC20-_approve-address-address-uint256-bool-}[_approve].
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `value`.
* - the caller must have allowance for ``from``'s tokens of at least
* `value`.
*/
function transferFrom(address from, address to, uint256 value) public virtual returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, value);
_transfer(from, to, value);
return true;
}
/**
* @dev Moves a `value` amount of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _transfer(address from, address to, uint256 value) internal {
if (from == address(0)) {
revert ERC20InvalidSender(address(0));
}
if (to == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(from, to, value);
}
/**
* @dev Transfers a `value` amount of tokens from `from` to `to`, or alternatively mints (or burns) if `from`
* (or `to`) is the zero address. All customizations to transfers, mints, and burns should be done by overriding
* this function.
*
* Emits a {Transfer} event.
*/
function _update(address from, address to, uint256 value) internal virtual {
if (from == address(0)) {
// Overflow check required: The rest of the code assumes that totalSupply never overflows
_totalSupply += value;
} else {
uint256 fromBalance = _balances[from];
if (fromBalance < value) {
revert ERC20InsufficientBalance(from, fromBalance, value);
}
unchecked {
// Overflow not possible: value <= fromBalance <= totalSupply.
_balances[from] = fromBalance - value;
}
}
if (to == address(0)) {
unchecked {
// Overflow not possible: value <= totalSupply or value <= fromBalance <= totalSupply.
_totalSupply -= value;
}
} else {
unchecked {
// Overflow not possible: balance + value is at most totalSupply, which we know fits into a uint256.
_balances[to] += value;
}
}
emit Transfer(from, to, value);
}
/**
* @dev Creates a `value` amount of tokens and assigns them to `account`, by transferring it from address(0).
* Relies on the `_update` mechanism
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _mint(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(address(0), account, value);
}
/**
* @dev Destroys a `value` amount of tokens from `account`, lowering the total supply.
* Relies on the `_update` mechanism.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead
*/
function _burn(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidSender(address(0));
}
_update(account, address(0), value);
}
/**
* @dev Sets `value` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*
* Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
*/
function _approve(address owner, address spender, uint256 value) internal {
_approve(owner, spender, value, true);
}
/**
* @dev Variant of {_approve} with an optional flag to enable or disable the {Approval} event.
*
* By default (when calling {_approve}) the flag is set to true. On the other hand, approval changes made by
* `_spendAllowance` during the `transferFrom` operation set the flag to false. This saves gas by not emitting any
* `Approval` event during `transferFrom` operations.
*
* Anyone who wishes to continue emitting `Approval` events on the`transferFrom` operation can force the flag to
* true using the following override:
*
* ```solidity
* function _approve(address owner, address spender, uint256 value, bool) internal virtual override {
* super._approve(owner, spender, value, true);
* }
* ```
*
* Requirements are the same as {_approve}.
*/
function _approve(address owner, address spender, uint256 value, bool emitEvent) internal virtual {
if (owner == address(0)) {
revert ERC20InvalidApprover(address(0));
}
if (spender == address(0)) {
revert ERC20InvalidSpender(address(0));
}
_allowances[owner][spender] = value;
if (emitEvent) {
emit Approval(owner, spender, value);
}
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `value`.
*
* Does not update the allowance value in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Does not emit an {Approval} event.
*/
function _spendAllowance(address owner, address spender, uint256 value) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
if (currentAllowance < value) {
revert ERC20InsufficientAllowance(spender, currentAllowance, value);
}
unchecked {
_approve(owner, spender, currentAllowance - value, false);
}
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
import {IERC1363} from "../../../interfaces/IERC1363.sol";
import {Address} from "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC-20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
/**
* @dev An operation with an ERC-20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value));
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeCall(token.approve, (spender, 0)));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Performs an {ERC1363} transferAndCall, with a fallback to the simple {ERC20} transfer if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
safeTransfer(token, to, value);
} else if (!token.transferAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} transferFromAndCall, with a fallback to the simple {ERC20} transferFrom if the target
* has no code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferFromAndCallRelaxed(
IERC1363 token,
address from,
address to,
uint256 value,
bytes memory data
) internal {
if (to.code.length == 0) {
safeTransferFrom(token, from, to, value);
} else if (!token.transferFromAndCall(from, to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} approveAndCall, with a fallback to the simple {ERC20} approve if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* NOTE: When the recipient address (`to`) has no code (i.e. is an EOA), this function behaves as {forceApprove}.
* Opposedly, when the recipient address (`to`) has code, this function only attempts to call {ERC1363-approveAndCall}
* once without retrying, and relies on the returned value to be true.
*
* Reverts if the returned value is other than `true`.
*/
function approveAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
forceApprove(token, to, value);
} else if (!token.approveAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data);
if (returndata.length != 0 && !abi.decode(returndata, (bool))) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false
// and not revert is the subcall reverts.
(bool success, bytes memory returndata) = address(token).call(data);
return success && (returndata.length == 0 || abi.decode(returndata, (bool))) && address(token).code.length > 0;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/structs/EnumerableSet.sol)
// This file was procedurally generated from scripts/generate/templates/EnumerableSet.js.
pragma solidity ^0.8.20;
/**
* @dev Library for managing
* https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive
* types.
*
* Sets have the following properties:
*
* - Elements are added, removed, and checked for existence in constant time
* (O(1)).
* - Elements are enumerated in O(n). No guarantees are made on the ordering.
*
* ```solidity
* contract Example {
* // Add the library methods
* using EnumerableSet for EnumerableSet.AddressSet;
*
* // Declare a set state variable
* EnumerableSet.AddressSet private mySet;
* }
* ```
*
* As of v3.3.0, sets of type `bytes32` (`Bytes32Set`), `address` (`AddressSet`)
* and `uint256` (`UintSet`) are supported.
*
* [WARNING]
* ====
* Trying to delete such a structure from storage will likely result in data corruption, rendering the structure
* unusable.
* See https://github.com/ethereum/solidity/pull/11843[ethereum/solidity#11843] for more info.
*
* In order to clean an EnumerableSet, you can either remove all elements one by one or create a fresh instance using an
* array of EnumerableSet.
* ====
*/
library EnumerableSet {
// To implement this library for multiple types with as little code
// repetition as possible, we write it in terms of a generic Set type with
// bytes32 values.
// The Set implementation uses private functions, and user-facing
// implementations (such as AddressSet) are just wrappers around the
// underlying Set.
// This means that we can only create new EnumerableSets for types that fit
// in bytes32.
struct Set {
// Storage of set values
bytes32[] _values;
// Position is the index of the value in the `values` array plus 1.
// Position 0 is used to mean a value is not in the set.
mapping(bytes32 value => uint256) _positions;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function _add(Set storage set, bytes32 value) private returns (bool) {
if (!_contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes
// and use 0 as a sentinel value
set._positions[value] = set._values.length;
return true;
} else {
return false;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function _remove(Set storage set, bytes32 value) private returns (bool) {
// We cache the value's position to prevent multiple reads from the same storage slot
uint256 position = set._positions[value];
if (position != 0) {
// Equivalent to contains(set, value)
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in
// the array, and then remove the last element (sometimes called as 'swap and pop').
// This modifies the order of the array, as noted in {at}.
uint256 valueIndex = position - 1;
uint256 lastIndex = set._values.length - 1;
if (valueIndex != lastIndex) {
bytes32 lastValue = set._values[lastIndex];
// Move the lastValue to the index where the value to delete is
set._values[valueIndex] = lastValue;
// Update the tracked position of the lastValue (that was just moved)
set._positions[lastValue] = position;
}
// Delete the slot where the moved value was stored
set._values.pop();
// Delete the tracked position for the deleted slot
delete set._positions[value];
return true;
} else {
return false;
}
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function _contains(Set storage set, bytes32 value) private view returns (bool) {
return set._positions[value] != 0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/
function _length(Set storage set) private view returns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function _at(Set storage set, uint256 index) private view returns (bytes32) {
return set._values[index];
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function _values(Set storage set) private view returns (bytes32[] memory) {
return set._values;
}
// Bytes32Set
struct Bytes32Set {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(Bytes32Set storage set, bytes32 value) internal returns (bool) {
return _add(set._inner, value);
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(Bytes32Set storage set, bytes32 value) internal returns (bool) {
return _remove(set._inner, value);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(Bytes32Set storage set, bytes32 value) internal view returns (bool) {
return _contains(set._inner, value);
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(Bytes32Set storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(Bytes32Set storage set, uint256 index) internal view returns (bytes32) {
return _at(set._inner, index);
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(Bytes32Set storage set) internal view returns (bytes32[] memory) {
bytes32[] memory store = _values(set._inner);
bytes32[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// AddressSet
struct AddressSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(AddressSet storage set, address value) internal returns (bool) {
return _add(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(AddressSet storage set, address value) internal returns (bool) {
return _remove(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(AddressSet storage set, address value) internal view returns (bool) {
return _contains(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(AddressSet storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(AddressSet storage set, uint256 index) internal view returns (address) {
return address(uint160(uint256(_at(set._inner, index))));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(AddressSet storage set) internal view returns (address[] memory) {
bytes32[] memory store = _values(set._inner);
address[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
// UintSet
struct UintSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(UintSet storage set, uint256 value) internal returns (bool) {
return _add(set._inner, bytes32(value));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(UintSet storage set, uint256 value) internal returns (bool) {
return _remove(set._inner, bytes32(value));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(UintSet storage set, uint256 value) internal view returns (bool) {
return _contains(set._inner, bytes32(value));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(UintSet storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(UintSet storage set, uint256 index) internal view returns (uint256) {
return uint256(_at(set._inner, index));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(UintSet storage set) internal view returns (uint256[] memory) {
bytes32[] memory store = _values(set._inner);
uint256[] memory result;
/// @solidity memory-safe-assembly
assembly {
result := store
}
return result;
}
}
// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.8.0;
/// @title IEVC
/// @custom:security-contact [email protected]
/// @author Euler Labs (https://www.eulerlabs.com/)
/// @notice This interface defines the methods for the Ethereum Vault Connector.
interface IEVC {
/// @notice A struct representing a batch item.
/// @dev Each batch item represents a single operation to be performed within a checks deferred context.
struct BatchItem {
/// @notice The target contract to be called.
address targetContract;
/// @notice The account on behalf of which the operation is to be performed. msg.sender must be authorized to
/// act on behalf of this account. Must be address(0) if the target contract is the EVC itself.
address onBehalfOfAccount;
/// @notice The amount of value to be forwarded with the call. If the value is type(uint256).max, the whole
/// balance of the EVC contract will be forwarded. Must be 0 if the target contract is the EVC itself.
uint256 value;
/// @notice The encoded data which is called on the target contract.
bytes data;
}
/// @notice A struct representing the result of a batch item operation.
/// @dev Used only for simulation purposes.
struct BatchItemResult {
/// @notice A boolean indicating whether the operation was successful.
bool success;
/// @notice The result of the operation.
bytes result;
}
/// @notice A struct representing the result of the account or vault status check.
/// @dev Used only for simulation purposes.
struct StatusCheckResult {
/// @notice The address of the account or vault for which the check was performed.
address checkedAddress;
/// @notice A boolean indicating whether the status of the account or vault is valid.
bool isValid;
/// @notice The result of the check.
bytes result;
}
/// @notice Returns current raw execution context.
/// @dev When checks in progress, on behalf of account is always address(0).
/// @return context Current raw execution context.
function getRawExecutionContext() external view returns (uint256 context);
/// @notice Returns an account on behalf of which the operation is being executed at the moment and whether the
/// controllerToCheck is an enabled controller for that account.
/// @dev This function should only be used by external smart contracts if msg.sender is the EVC. Otherwise, the
/// account address returned must not be trusted.
/// @dev When checks in progress, on behalf of account is always address(0). When address is zero, the function
/// reverts to protect the consumer from ever relying on the on behalf of account address which is in its default
/// state.
/// @param controllerToCheck The address of the controller for which it is checked whether it is an enabled
/// controller for the account on behalf of which the operation is being executed at the moment.
/// @return onBehalfOfAccount An account that has been authenticated and on behalf of which the operation is being
/// executed at the moment.
/// @return controllerEnabled A boolean value that indicates whether controllerToCheck is an enabled controller for
/// the account on behalf of which the operation is being executed at the moment. Always false if controllerToCheck
/// is address(0).
function getCurrentOnBehalfOfAccount(address controllerToCheck)
external
view
returns (address onBehalfOfAccount, bool controllerEnabled);
/// @notice Checks if checks are deferred.
/// @return A boolean indicating whether checks are deferred.
function areChecksDeferred() external view returns (bool);
/// @notice Checks if checks are in progress.
/// @return A boolean indicating whether checks are in progress.
function areChecksInProgress() external view returns (bool);
/// @notice Checks if control collateral is in progress.
/// @return A boolean indicating whether control collateral is in progress.
function isControlCollateralInProgress() external view returns (bool);
/// @notice Checks if an operator is authenticated.
/// @return A boolean indicating whether an operator is authenticated.
function isOperatorAuthenticated() external view returns (bool);
/// @notice Checks if a simulation is in progress.
/// @return A boolean indicating whether a simulation is in progress.
function isSimulationInProgress() external view returns (bool);
/// @notice Checks whether the specified account and the other account have the same owner.
/// @dev The function is used to check whether one account is authorized to perform operations on behalf of the
/// other. Accounts are considered to have a common owner if they share the first 19 bytes of their address.
/// @param account The address of the account that is being checked.
/// @param otherAccount The address of the other account that is being checked.
/// @return A boolean flag that indicates whether the accounts have the same owner.
function haveCommonOwner(address account, address otherAccount) external pure returns (bool);
/// @notice Returns the address prefix of the specified account.
/// @dev The address prefix is the first 19 bytes of the account address.
/// @param account The address of the account whose address prefix is being retrieved.
/// @return A bytes19 value that represents the address prefix of the account.
function getAddressPrefix(address account) external pure returns (bytes19);
/// @notice Returns the owner for the specified account.
/// @dev The function returns address(0) if the owner is not registered. Registration of the owner happens on the
/// initial
/// interaction with the EVC that requires authentication of an owner.
/// @param account The address of the account whose owner is being retrieved.
/// @return owner The address of the account owner. An account owner is an EOA/smart contract which address matches
/// the first 19 bytes of the account address.
function getAccountOwner(address account) external view returns (address);
/// @notice Checks if lockdown mode is enabled for a given address prefix.
/// @param addressPrefix The address prefix to check for lockdown mode status.
/// @return A boolean indicating whether lockdown mode is enabled.
function isLockdownMode(bytes19 addressPrefix) external view returns (bool);
/// @notice Checks if permit functionality is disabled for a given address prefix.
/// @param addressPrefix The address prefix to check for permit functionality status.
/// @return A boolean indicating whether permit functionality is disabled.
function isPermitDisabledMode(bytes19 addressPrefix) external view returns (bool);
/// @notice Returns the current nonce for a given address prefix and nonce namespace.
/// @dev Each nonce namespace provides 256 bit nonce that has to be used sequentially. There's no requirement to use
/// all the nonces for a given nonce namespace before moving to the next one which allows to use permit messages in
/// a non-sequential manner.
/// @param addressPrefix The address prefix for which the nonce is being retrieved.
/// @param nonceNamespace The nonce namespace for which the nonce is being retrieved.
/// @return nonce The current nonce for the given address prefix and nonce namespace.
function getNonce(bytes19 addressPrefix, uint256 nonceNamespace) external view returns (uint256 nonce);
/// @notice Returns the bit field for a given address prefix and operator.
/// @dev The bit field is used to store information about authorized operators for a given address prefix. Each bit
/// in the bit field corresponds to one account belonging to the same owner. If the bit is set, the operator is
/// authorized for the account.
/// @param addressPrefix The address prefix for which the bit field is being retrieved.
/// @param operator The address of the operator for which the bit field is being retrieved.
/// @return operatorBitField The bit field for the given address prefix and operator. The bit field defines which
/// accounts the operator is authorized for. It is a 256-position binary array like 0...010...0, marking the account
/// positionally in a uint256. The position in the bit field corresponds to the account ID (0-255), where 0 is the
/// owner account's ID.
function getOperator(bytes19 addressPrefix, address operator) external view returns (uint256 operatorBitField);
/// @notice Returns whether a given operator has been authorized for a given account.
/// @param account The address of the account whose operator is being checked.
/// @param operator The address of the operator that is being checked.
/// @return authorized A boolean value that indicates whether the operator is authorized for the account.
function isAccountOperatorAuthorized(address account, address operator) external view returns (bool authorized);
/// @notice Enables or disables lockdown mode for a given address prefix.
/// @dev This function can only be called by the owner of the address prefix. To disable this mode, the EVC
/// must be called directly. It is not possible to disable this mode by using checks-deferrable call or
/// permit message.
/// @param addressPrefix The address prefix for which the lockdown mode is being set.
/// @param enabled A boolean indicating whether to enable or disable lockdown mode.
function setLockdownMode(bytes19 addressPrefix, bool enabled) external payable;
/// @notice Enables or disables permit functionality for a given address prefix.
/// @dev This function can only be called by the owner of the address prefix. To disable this mode, the EVC
/// must be called directly. It is not possible to disable this mode by using checks-deferrable call or (by
/// definition) permit message. To support permit functionality by default, note that the logic was inverted here. To
/// disable the permit functionality, one must pass true as the second argument. To enable the permit
/// functionality, one must pass false as the second argument.
/// @param addressPrefix The address prefix for which the permit functionality is being set.
/// @param enabled A boolean indicating whether to enable or disable the disable-permit mode.
function setPermitDisabledMode(bytes19 addressPrefix, bool enabled) external payable;
/// @notice Sets the nonce for a given address prefix and nonce namespace.
/// @dev This function can only be called by the owner of the address prefix. Each nonce namespace provides a 256
/// bit nonce that has to be used sequentially. There's no requirement to use all the nonces for a given nonce
/// namespace before moving to the next one which allows the use of permit messages in a non-sequential manner. To
/// invalidate signed permit messages, set the nonce for a given nonce namespace accordingly. To invalidate all the
/// permit messages for a given nonce namespace, set the nonce to type(uint).max.
/// @param addressPrefix The address prefix for which the nonce is being set.
/// @param nonceNamespace The nonce namespace for which the nonce is being set.
/// @param nonce The new nonce for the given address prefix and nonce namespace.
function setNonce(bytes19 addressPrefix, uint256 nonceNamespace, uint256 nonce) external payable;
/// @notice Sets the bit field for a given address prefix and operator.
/// @dev This function can only be called by the owner of the address prefix. Each bit in the bit field corresponds
/// to one account belonging to the same owner. If the bit is set, the operator is authorized for the account.
/// @param addressPrefix The address prefix for which the bit field is being set.
/// @param operator The address of the operator for which the bit field is being set. Can neither be the EVC address
/// nor an address belonging to the same address prefix.
/// @param operatorBitField The new bit field for the given address prefix and operator. Reverts if the provided
/// value is equal to the currently stored value.
function setOperator(bytes19 addressPrefix, address operator, uint256 operatorBitField) external payable;
/// @notice Authorizes or deauthorizes an operator for the account.
/// @dev Only the owner or authorized operator of the account can call this function. An operator is an address that
/// can perform actions for an account on behalf of the owner. If it's an operator calling this function, it can
/// only deauthorize itself.
/// @param account The address of the account whose operator is being set or unset.
/// @param operator The address of the operator that is being installed or uninstalled. Can neither be the EVC
/// address nor an address belonging to the same owner as the account.
/// @param authorized A boolean value that indicates whether the operator is being authorized or deauthorized.
/// Reverts if the provided value is equal to the currently stored value.
function setAccountOperator(address account, address operator, bool authorized) external payable;
/// @notice Returns an array of collaterals enabled for an account.
/// @dev A collateral is a vault for which an account's balances are under the control of the currently enabled
/// controller vault.
/// @param account The address of the account whose collaterals are being queried.
/// @return An array of addresses that are enabled collaterals for the account.
function getCollaterals(address account) external view returns (address[] memory);
/// @notice Returns whether a collateral is enabled for an account.
/// @dev A collateral is a vault for which account's balances are under the control of the currently enabled
/// controller vault.
/// @param account The address of the account that is being checked.
/// @param vault The address of the collateral that is being checked.
/// @return A boolean value that indicates whether the vault is an enabled collateral for the account or not.
function isCollateralEnabled(address account, address vault) external view returns (bool);
/// @notice Enables a collateral for an account.
/// @dev A collaterals is a vault for which account's balances are under the control of the currently enabled
/// controller vault. Only the owner or an operator of the account can call this function. Unless it's a duplicate,
/// the collateral is added to the end of the array. There can be at most 10 unique collaterals enabled at a time.
/// Account status checks are performed.
/// @param account The account address for which the collateral is being enabled.
/// @param vault The address being enabled as a collateral.
function enableCollateral(address account, address vault) external payable;
/// @notice Disables a collateral for an account.
/// @dev This function does not preserve the order of collaterals in the array obtained using the getCollaterals
/// function; the order may change. A collateral is a vault for which account’s balances are under the control of
/// the currently enabled controller vault. Only the owner or an operator of the account can call this function.
/// Disabling a collateral might change the order of collaterals in the array obtained using getCollaterals
/// function. Account status checks are performed.
/// @param account The account address for which the collateral is being disabled.
/// @param vault The address of a collateral being disabled.
function disableCollateral(address account, address vault) external payable;
/// @notice Swaps the position of two collaterals so that they appear switched in the array of collaterals for a
/// given account obtained by calling getCollaterals function.
/// @dev A collateral is a vault for which account’s balances are under the control of the currently enabled
/// controller vault. Only the owner or an operator of the account can call this function. The order of collaterals
/// can be changed by specifying the indices of the two collaterals to be swapped. Indices are zero-based and must
/// be in the range of 0 to the number of collaterals minus 1. index1 must be lower than index2. Account status
/// checks are performed.
/// @param account The address of the account for which the collaterals are being reordered.
/// @param index1 The index of the first collateral to be swapped.
/// @param index2 The index of the second collateral to be swapped.
function reorderCollaterals(address account, uint8 index1, uint8 index2) external payable;
/// @notice Returns an array of enabled controllers for an account.
/// @dev A controller is a vault that has been chosen for an account to have special control over the account's
/// balances in enabled collaterals vaults. A user can have multiple controllers during a call execution, but at
/// most one can be selected when the account status check is performed.
/// @param account The address of the account whose controllers are being queried.
/// @return An array of addresses that are the enabled controllers for the account.
function getControllers(address account) external view returns (address[] memory);
/// @notice Returns whether a controller is enabled for an account.
/// @dev A controller is a vault that has been chosen for an account to have special control over account’s
/// balances in the enabled collaterals vaults.
/// @param account The address of the account that is being checked.
/// @param vault The address of the controller that is being checked.
/// @return A boolean value that indicates whether the vault is enabled controller for the account or not.
function isControllerEnabled(address account, address vault) external view returns (bool);
/// @notice Enables a controller for an account.
/// @dev A controller is a vault that has been chosen for an account to have special control over account’s
/// balances in the enabled collaterals vaults. Only the owner or an operator of the account can call this function.
/// Unless it's a duplicate, the controller is added to the end of the array. Transiently, there can be at most 10
/// unique controllers enabled at a time, but at most one can be enabled after the outermost checks-deferrable
/// call concludes. Account status checks are performed.
/// @param account The address for which the controller is being enabled.
/// @param vault The address of the controller being enabled.
function enableController(address account, address vault) external payable;
/// @notice Disables a controller for an account.
/// @dev A controller is a vault that has been chosen for an account to have special control over account’s
/// balances in the enabled collaterals vaults. Only the vault itself can call this function. Disabling a controller
/// might change the order of controllers in the array obtained using getControllers function. Account status checks
/// are performed.
/// @param account The address for which the calling controller is being disabled.
function disableController(address account) external payable;
/// @notice Executes signed arbitrary data by self-calling into the EVC.
/// @dev Low-level call function is used to execute the arbitrary data signed by the owner or the operator on the
/// EVC contract. During that call, EVC becomes msg.sender.
/// @param signer The address signing the permit message (ECDSA) or verifying the permit message signature
/// (ERC-1271). It's also the owner or the operator of all the accounts for which authentication will be needed
/// during the execution of the arbitrary data call.
/// @param sender The address of the msg.sender which is expected to execute the data signed by the signer. If
/// address(0) is passed, the msg.sender is ignored.
/// @param nonceNamespace The nonce namespace for which the nonce is being used.
/// @param nonce The nonce for the given account and nonce namespace. A valid nonce value is considered to be the
/// value currently stored and can take any value between 0 and type(uint256).max - 1.
/// @param deadline The timestamp after which the permit is considered expired.
/// @param value The amount of value to be forwarded with the call. If the value is type(uint256).max, the whole
/// balance of the EVC contract will be forwarded.
/// @param data The encoded data which is self-called on the EVC contract.
/// @param signature The signature of the data signed by the signer.
function permit(
address signer,
address sender,
uint256 nonceNamespace,
uint256 nonce,
uint256 deadline,
uint256 value,
bytes calldata data,
bytes calldata signature
) external payable;
/// @notice Calls into a target contract as per data encoded.
/// @dev This function defers the account and vault status checks (it's a checks-deferrable call). If the outermost
/// call ends, the account and vault status checks are performed.
/// @dev This function can be used to interact with any contract while checks are deferred. If the target contract
/// is msg.sender, msg.sender is called back with the calldata provided and the context set up according to the
/// account provided. If the target contract is not msg.sender, only the owner or the operator of the account
/// provided can call this function.
/// @dev This function can be used to recover the remaining value from the EVC contract.
/// @param targetContract The address of the contract to be called.
/// @param onBehalfOfAccount If the target contract is msg.sender, the address of the account which will be set
/// in the context. It assumes msg.sender has authenticated the account themselves. If the target contract is
/// not msg.sender, the address of the account for which it is checked whether msg.sender is authorized to act
/// on behalf of.
/// @param value The amount of value to be forwarded with the call. If the value is type(uint256).max, the whole
/// balance of the EVC contract will be forwarded.
/// @param data The encoded data which is called on the target contract.
/// @return result The result of the call.
function call(
address targetContract,
address onBehalfOfAccount,
uint256 value,
bytes calldata data
) external payable returns (bytes memory result);
/// @notice For a given account, calls into one of the enabled collateral vaults from the currently enabled
/// controller vault as per data encoded.
/// @dev This function defers the account and vault status checks (it's a checks-deferrable call). If the outermost
/// call ends, the account and vault status checks are performed.
/// @dev This function can be used to interact with any contract while checks are deferred as long as the contract
/// is enabled as a collateral of the account and the msg.sender is the only enabled controller of the account.
/// @param targetCollateral The collateral address to be called.
/// @param onBehalfOfAccount The address of the account for which it is checked whether msg.sender is authorized to
/// act on behalf.
/// @param value The amount of value to be forwarded with the call. If the value is type(uint256).max, the whole
/// balance of the EVC contract will be forwarded.
/// @param data The encoded data which is called on the target collateral.
/// @return result The result of the call.
function controlCollateral(
address targetCollateral,
address onBehalfOfAccount,
uint256 value,
bytes calldata data
) external payable returns (bytes memory result);
/// @notice Executes multiple calls into the target contracts while checks deferred as per batch items provided.
/// @dev This function defers the account and vault status checks (it's a checks-deferrable call). If the outermost
/// call ends, the account and vault status checks are performed.
/// @dev The authentication rules for each batch item are the same as for the call function.
/// @param items An array of batch items to be executed.
function batch(BatchItem[] calldata items) external payable;
/// @notice Executes multiple calls into the target contracts while checks deferred as per batch items provided.
/// @dev This function always reverts as it's only used for simulation purposes. This function cannot be called
/// within a checks-deferrable call.
/// @param items An array of batch items to be executed.
function batchRevert(BatchItem[] calldata items) external payable;
/// @notice Executes multiple calls into the target contracts while checks deferred as per batch items provided.
/// @dev This function does not modify state and should only be used for simulation purposes. This function cannot
/// be called within a checks-deferrable call.
/// @param items An array of batch items to be executed.
/// @return batchItemsResult An array of batch item results for each item.
/// @return accountsStatusCheckResult An array of account status check results for each account.
/// @return vaultsStatusCheckResult An array of vault status check results for each vault.
function batchSimulation(BatchItem[] calldata items)
external
payable
returns (
BatchItemResult[] memory batchItemsResult,
StatusCheckResult[] memory accountsStatusCheckResult,
StatusCheckResult[] memory vaultsStatusCheckResult
);
/// @notice Retrieves the timestamp of the last successful account status check performed for a specific account.
/// @dev This function reverts if the checks are in progress.
/// @dev The account status check is considered to be successful if it calls into the selected controller vault and
/// obtains expected magic value. This timestamp does not change if the account status is considered valid when no
/// controller enabled. When consuming, one might need to ensure that the account status check is not deferred at
/// the moment.
/// @param account The address of the account for which the last status check timestamp is being queried.
/// @return The timestamp of the last status check as a uint256.
function getLastAccountStatusCheckTimestamp(address account) external view returns (uint256);
/// @notice Checks whether the status check is deferred for a given account.
/// @dev This function reverts if the checks are in progress.
/// @param account The address of the account for which it is checked whether the status check is deferred.
/// @return A boolean flag that indicates whether the status check is deferred or not.
function isAccountStatusCheckDeferred(address account) external view returns (bool);
/// @notice Checks the status of an account and reverts if it is not valid.
/// @dev If checks deferred, the account is added to the set of accounts to be checked at the end of the outermost
/// checks-deferrable call. There can be at most 10 unique accounts added to the set at a time. Account status
/// check is performed by calling into the selected controller vault and passing the array of currently enabled
/// collaterals. If controller is not selected, the account is always considered valid.
/// @param account The address of the account to be checked.
function requireAccountStatusCheck(address account) external payable;
/// @notice Forgives previously deferred account status check.
/// @dev Account address is removed from the set of addresses for which status checks are deferred. This function
/// can only be called by the currently enabled controller of a given account. Depending on the vault
/// implementation, may be needed in the liquidation flow.
/// @param account The address of the account for which the status check is forgiven.
function forgiveAccountStatusCheck(address account) external payable;
/// @notice Checks whether the status check is deferred for a given vault.
/// @dev This function reverts if the checks are in progress.
/// @param vault The address of the vault for which it is checked whether the status check is deferred.
/// @return A boolean flag that indicates whether the status check is deferred or not.
function isVaultStatusCheckDeferred(address vault) external view returns (bool);
/// @notice Checks the status of a vault and reverts if it is not valid.
/// @dev If checks deferred, the vault is added to the set of vaults to be checked at the end of the outermost
/// checks-deferrable call. There can be at most 10 unique vaults added to the set at a time. This function can
/// only be called by the vault itself.
function requireVaultStatusCheck() external payable;
/// @notice Forgives previously deferred vault status check.
/// @dev Vault address is removed from the set of addresses for which status checks are deferred. This function can
/// only be called by the vault itself.
function forgiveVaultStatusCheck() external payable;
/// @notice Checks the status of an account and a vault and reverts if it is not valid.
/// @dev If checks deferred, the account and the vault are added to the respective sets of accounts and vaults to be
/// checked at the end of the outermost checks-deferrable call. Account status check is performed by calling into
/// selected controller vault and passing the array of currently enabled collaterals. If controller is not selected,
/// the account is always considered valid. This function can only be called by the vault itself.
/// @param account The address of the account to be checked.
function requireAccountAndVaultStatusCheck(address account) external payable;
}
// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity ^0.8.0;
type EC is uint256;
/// @title ExecutionContext
/// @custom:security-contact [email protected]
/// @author Euler Labs (https://www.eulerlabs.com/)
/// @notice This library provides functions for managing the execution context in the Ethereum Vault Connector.
/// @dev The execution context is a bit field that stores the following information:
/// @dev - on behalf of account - an account on behalf of which the currently executed operation is being performed
/// @dev - checks deferred flag - used to indicate whether checks are deferred
/// @dev - checks in progress flag - used to indicate that the account/vault status checks are in progress. This flag is
/// used to prevent re-entrancy.
/// @dev - control collateral in progress flag - used to indicate that the control collateral is in progress. This flag
/// is used to prevent re-entrancy.
/// @dev - operator authenticated flag - used to indicate that the currently executed operation is being performed by
/// the account operator
/// @dev - simulation flag - used to indicate that the currently executed batch call is a simulation
/// @dev - stamp - dummy value for optimization purposes
library ExecutionContext {
uint256 internal constant ON_BEHALF_OF_ACCOUNT_MASK =
0x000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;
uint256 internal constant CHECKS_DEFERRED_MASK = 0x0000000000000000000000FF0000000000000000000000000000000000000000;
uint256 internal constant CHECKS_IN_PROGRESS_MASK =
0x00000000000000000000FF000000000000000000000000000000000000000000;
uint256 internal constant CONTROL_COLLATERAL_IN_PROGRESS_LOCK_MASK =
0x000000000000000000FF00000000000000000000000000000000000000000000;
uint256 internal constant OPERATOR_AUTHENTICATED_MASK =
0x0000000000000000FF0000000000000000000000000000000000000000000000;
uint256 internal constant SIMULATION_MASK = 0x00000000000000FF000000000000000000000000000000000000000000000000;
uint256 internal constant STAMP_OFFSET = 200;
// None of the functions below modifies the state. All the functions operate on the copy
// of the execution context and return its modified value as a result. In order to update
// one should use the result of the function call as a new execution context value.
function getOnBehalfOfAccount(EC self) internal pure returns (address result) {
result = address(uint160(EC.unwrap(self) & ON_BEHALF_OF_ACCOUNT_MASK));
}
function setOnBehalfOfAccount(EC self, address account) internal pure returns (EC result) {
result = EC.wrap((EC.unwrap(self) & ~ON_BEHALF_OF_ACCOUNT_MASK) | uint160(account));
}
function areChecksDeferred(EC self) internal pure returns (bool result) {
result = EC.unwrap(self) & CHECKS_DEFERRED_MASK != 0;
}
function setChecksDeferred(EC self) internal pure returns (EC result) {
result = EC.wrap(EC.unwrap(self) | CHECKS_DEFERRED_MASK);
}
function areChecksInProgress(EC self) internal pure returns (bool result) {
result = EC.unwrap(self) & CHECKS_IN_PROGRESS_MASK != 0;
}
function setChecksInProgress(EC self) internal pure returns (EC result) {
result = EC.wrap(EC.unwrap(self) | CHECKS_IN_PROGRESS_MASK);
}
function isControlCollateralInProgress(EC self) internal pure returns (bool result) {
result = EC.unwrap(self) & CONTROL_COLLATERAL_IN_PROGRESS_LOCK_MASK != 0;
}
function setControlCollateralInProgress(EC self) internal pure returns (EC result) {
result = EC.wrap(EC.unwrap(self) | CONTROL_COLLATERAL_IN_PROGRESS_LOCK_MASK);
}
function isOperatorAuthenticated(EC self) internal pure returns (bool result) {
result = EC.unwrap(self) & OPERATOR_AUTHENTICATED_MASK != 0;
}
function setOperatorAuthenticated(EC self) internal pure returns (EC result) {
result = EC.wrap(EC.unwrap(self) | OPERATOR_AUTHENTICATED_MASK);
}
function clearOperatorAuthenticated(EC self) internal pure returns (EC result) {
result = EC.wrap(EC.unwrap(self) & ~OPERATOR_AUTHENTICATED_MASK);
}
function isSimulationInProgress(EC self) internal pure returns (bool result) {
result = EC.unwrap(self) & SIMULATION_MASK != 0;
}
function setSimulationInProgress(EC self) internal pure returns (EC result) {
result = EC.wrap(EC.unwrap(self) | SIMULATION_MASK);
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC-20 standard as defined in the ERC.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC-20 standard.
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/draft-IERC6093.sol)
pragma solidity ^0.8.20;
/**
* @dev Standard ERC-20 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-20 tokens.
*/
interface IERC20Errors {
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
*/
error ERC20InsufficientBalance(address sender, uint256 balance, uint256 needed);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC20InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC20InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `spender`’s `allowance`. Used in transfers.
* @param spender Address that may be allowed to operate on tokens without being their owner.
* @param allowance Amount of tokens a `spender` is allowed to operate with.
* @param needed Minimum amount required to perform a transfer.
*/
error ERC20InsufficientAllowance(address spender, uint256 allowance, uint256 needed);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC20InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `spender` to be approved. Used in approvals.
* @param spender Address that may be allowed to operate on tokens without being their owner.
*/
error ERC20InvalidSpender(address spender);
}
/**
* @dev Standard ERC-721 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-721 tokens.
*/
interface IERC721Errors {
/**
* @dev Indicates that an address can't be an owner. For example, `address(0)` is a forbidden owner in ERC-20.
* Used in balance queries.
* @param owner Address of the current owner of a token.
*/
error ERC721InvalidOwner(address owner);
/**
* @dev Indicates a `tokenId` whose `owner` is the zero address.
* @param tokenId Identifier number of a token.
*/
error ERC721NonexistentToken(uint256 tokenId);
/**
* @dev Indicates an error related to the ownership over a particular token. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param tokenId Identifier number of a token.
* @param owner Address of the current owner of a token.
*/
error ERC721IncorrectOwner(address sender, uint256 tokenId, address owner);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC721InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC721InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param tokenId Identifier number of a token.
*/
error ERC721InsufficientApproval(address operator, uint256 tokenId);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC721InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/
error ERC721InvalidOperator(address operator);
}
/**
* @dev Standard ERC-1155 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-1155 tokens.
*/
interface IERC1155Errors {
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
* @param tokenId Identifier number of a token.
*/
error ERC1155InsufficientBalance(address sender, uint256 balance, uint256 needed, uint256 tokenId);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC1155InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC1155InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param owner Address of the current owner of a token.
*/
error ERC1155MissingApprovalForAll(address operator, address owner);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC1155InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/
error ERC1155InvalidOperator(address operator);
/**
* @dev Indicates an array length mismatch between ids and values in a safeBatchTransferFrom operation.
* Used in batch transfers.
* @param idsLength Length of the array of token identifiers
* @param valuesLength Length of the array of token amounts
*/
error ERC1155InvalidArrayLength(uint256 idsLength, uint256 valuesLength);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC1363.sol)
pragma solidity ^0.8.20;
import {IERC20} from "./IERC20.sol";
import {IERC165} from "./IERC165.sol";
/**
* @title IERC1363
* @dev Interface of the ERC-1363 standard as defined in the https://eips.ethereum.org/EIPS/eip-1363[ERC-1363].
*
* Defines an extension interface for ERC-20 tokens that supports executing code on a recipient contract
* after `transfer` or `transferFrom`, or code on a spender contract after `approve`, in a single transaction.
*/
interface IERC1363 is IERC20, IERC165 {
/*
* Note: the ERC-165 identifier for this interface is 0xb0202a11.
* 0xb0202a11 ===
* bytes4(keccak256('transferAndCall(address,uint256)')) ^
* bytes4(keccak256('transferAndCall(address,uint256,bytes)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256,bytes)')) ^
* bytes4(keccak256('approveAndCall(address,uint256)')) ^
* bytes4(keccak256('approveAndCall(address,uint256,bytes)'))
*/
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @param data Additional data with no specified format, sent in call to `spender`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value, bytes calldata data) external returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/Address.sol)
pragma solidity ^0.8.20;
import {Errors} from "./Errors.sol";
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev There's no code at `target` (it is not a contract).
*/
error AddressEmptyCode(address target);
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
if (address(this).balance < amount) {
revert Errors.InsufficientBalance(address(this).balance, amount);
}
(bool success, ) = recipient.call{value: amount}("");
if (!success) {
revert Errors.FailedCall();
}
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason or custom error, it is bubbled
* up by this function (like regular Solidity function calls). However, if
* the call reverted with no returned reason, this function reverts with a
* {Errors.FailedCall} error.
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
if (address(this).balance < value) {
revert Errors.InsufficientBalance(address(this).balance, value);
}
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target
* was not a contract or bubbling up the revert reason (falling back to {Errors.FailedCall}) in case
* of an unsuccessful call.
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata
) internal view returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
// only check if target is a contract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
if (returndata.length == 0 && target.code.length == 0) {
revert AddressEmptyCode(target);
}
return returndata;
}
}
/**
* @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the
* revert reason or with a default {Errors.FailedCall} error.
*/
function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
return returndata;
}
}
/**
* @dev Reverts with returndata if present. Otherwise reverts with {Errors.FailedCall}.
*/
function _revert(bytes memory returndata) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert Errors.FailedCall();
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../token/ERC20/IERC20.sol";
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "../utils/introspection/IERC165.sol";
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
/**
* @dev Collection of common custom errors used in multiple contracts
*
* IMPORTANT: Backwards compatibility is not guaranteed in future versions of the library.
* It is recommended to avoid relying on the error API for critical functionality.
*/
library Errors {
/**
* @dev The ETH balance of the account is not enough to perform the operation.
*/
error InsufficientBalance(uint256 balance, uint256 needed);
/**
* @dev A call to an address target failed. The target may have reverted.
*/
error FailedCall();
/**
* @dev The deployment failed.
*/
error FailedDeployment();
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/IERC165.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC-165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[ERC].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}