Contract Name:
ManagedRatiosOracle
Contract Source Code:
// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.25;
import "../interfaces/oracles/IManagedRatiosOracle.sol";
import "../libraries/external/FullMath.sol";
contract ManagedRatiosOracle is IManagedRatiosOracle {
/// @inheritdoc IManagedRatiosOracle
uint256 public constant Q96 = 2 ** 96;
/// @inheritdoc IManagedRatiosOracle
mapping(address => mapping(bool => bytes)) public vaultToData;
/// @inheritdoc IManagedRatiosOracle
function updateRatios(
address vault,
bool isDeposit,
uint128[] memory ratiosX96
) external override {
IDefaultAccessControl(vault).requireAdmin(msg.sender);
address[] memory tokens = IVault(vault).underlyingTokens();
if (tokens.length != ratiosX96.length) revert InvalidLength();
Data memory data = Data({
tokensHash: keccak256(abi.encode(tokens)),
ratiosX96: ratiosX96
});
uint256 total = 0;
for (uint256 i = 0; i < tokens.length; i++) total += ratiosX96[i];
if (total != Q96) revert InvalidCumulativeRatio();
vaultToData[vault][isDeposit] = abi.encode(data);
emit ManagedRatiosOracleUpdateRatios(vault, isDeposit, ratiosX96);
}
/// @inheritdoc IRatiosOracle
function getTargetRatiosX96(
address vault,
bool isDeposit
) external view override returns (uint128[] memory) {
bytes memory data_ = vaultToData[vault][isDeposit];
if (data_.length == 0) revert InvalidLength();
Data memory data = abi.decode(data_, (Data));
address[] memory tokens = IVault(vault).underlyingTokens();
if (data.tokensHash != keccak256(abi.encode(tokens)))
revert InvalidToken();
return data.ratiosX96;
}
}
// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.25;
import "./IRatiosOracle.sol";
import "../IVault.sol";
import "../utils/IDefaultAccessControl.sol";
/**
* @title IManagedRatiosOracle
* @notice Interface defining a managed ratios oracle, enabling ratio updates and data retrieval.
*/
interface IManagedRatiosOracle is IRatiosOracle {
/// @dev Errors
error Forbidden();
error InvalidCumulativeRatio();
error InvalidLength();
error InvalidToken();
/**
* @notice Structure representing the data for target ratios associated with a vault's tokens.
* @param tokensHash The hash of the vault's tokens, used to validate the token data.
* @param ratiosX96 An array representing the target ratios of each token using 96-bit precision.
*/
struct Data {
bytes32 tokensHash;
uint128[] ratiosX96;
}
/**
* @notice Returns the constant Q96 used for ratio calculations with 96-bit precision.
* @return uint256 The value of Q96 (2^96) for ratio calculations.
*/
function Q96() external view returns (uint256);
/**
* @notice Updates the target ratios for a specific vault.
* @param vault The address of the vault to update the ratios for.
* @param isDeposit A boolean indicating whether the ratios are for a deposit or a withdrawal.
* @param ratiosX96 An array of target ratios for the vault's underlying tokens.
* @dev The cumulative ratio must be exactly `Q96`.
*/
function updateRatios(
address vault,
bool isDeposit,
uint128[] memory ratiosX96
) external;
/**
* @notice Returns the encoded ratio data associated with a specific vault address.
* @param vault The address of the vault to retrieve the data for.
* @param isDeposit A boolean indicating whether the ratios are for a deposit or a withdrawal.
* @return bytes The encoded ratio data.
*/
function vaultToData(
address vault,
bool isDeposit
) external view returns (bytes memory);
/**
* @notice Emitted when ratios are updated for a specific vault in the Managed Ratios Oracle.
* @param vault The address of the vault for which ratios are updated.
* @param isDeposit A boolean indicating whether the ratios are for a deposit or a withdrawal.
* @param ratiosX96 An array of updated ratios expressed in 96-bit precision.
*/
event ManagedRatiosOracleUpdateRatios(
address indexed vault,
bool isDeposit,
uint128[] ratiosX96
);
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.25;
/// @title Contains 512-bit math functions
/// @notice Facilitates multiplication and division that can have overflow of an intermediate value without any loss of precision
/// @dev Handles "phantom overflow" i.e., allows multiplication and division where an intermediate value overflows 256 bits
library FullMath {
/// @notice Calculates floor(a×b÷denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
/// @param a The multiplicand
/// @param b The multiplier
/// @param denominator The divisor
/// @return result The 256-bit result
/// @dev Credit to Remco Bloemen under MIT license https://xn--2-umb.com/21/muldiv
function mulDiv(
uint256 a,
uint256 b,
uint256 denominator
) internal pure returns (uint256 result) {
// diff: original lib works under 0.7.6 with overflows enabled
unchecked {
// 512-bit multiply [prod1 prod0] = a * b
// Compute the product mod 2**256 and mod 2**256 - 1
// then use the Chinese Remainder Theorem to reconstruct
// the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2**256 + prod0
uint256 prod0; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(a, b, not(0))
prod0 := mul(a, b)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division
if (prod1 == 0) {
require(denominator > 0);
assembly {
result := div(prod0, denominator)
}
return result;
}
// Make sure the result is less than 2**256.
// Also prevents denominator == 0
require(denominator > prod1);
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0]
// Compute remainder using mulmod
uint256 remainder;
assembly {
remainder := mulmod(a, b, denominator)
}
// Subtract 256 bit number from 512 bit number
assembly {
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator
// Compute largest power of two divisor of denominator.
// Always >= 1.
// diff: original uint256 twos = -denominator & denominator;
uint256 twos = uint256(-int256(denominator)) & denominator;
// Divide denominator by power of two
assembly {
denominator := div(denominator, twos)
}
// Divide [prod1 prod0] by the factors of two
assembly {
prod0 := div(prod0, twos)
}
// Shift in bits from prod1 into prod0. For this we need
// to flip `twos` such that it is 2**256 / twos.
// If twos is zero, then it becomes one
assembly {
twos := add(div(sub(0, twos), twos), 1)
}
prod0 |= prod1 * twos;
// Invert denominator mod 2**256
// Now that denominator is an odd number, it has an inverse
// modulo 2**256 such that denominator * inv = 1 mod 2**256.
// Compute the inverse by starting with a seed that is correct
// correct for four bits. That is, denominator * inv = 1 mod 2**4
uint256 inv = (3 * denominator) ^ 2;
// Now use Newton-Raphson iteration to improve the precision.
// Thanks to Hensel's lifting lemma, this also works in modular
// arithmetic, doubling the correct bits in each step.
inv *= 2 - denominator * inv; // inverse mod 2**8
inv *= 2 - denominator * inv; // inverse mod 2**16
inv *= 2 - denominator * inv; // inverse mod 2**32
inv *= 2 - denominator * inv; // inverse mod 2**64
inv *= 2 - denominator * inv; // inverse mod 2**128
inv *= 2 - denominator * inv; // inverse mod 2**256
// Because the division is now exact we can divide by multiplying
// with the modular inverse of denominator. This will give us the
// correct result modulo 2**256. Since the precoditions guarantee
// that the outcome is less than 2**256, this is the final result.
// We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inv;
return result;
}
}
/// @notice Calculates ceil(a×b÷denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
/// @param a The multiplicand
/// @param b The multiplier
/// @param denominator The divisor
/// @return result The 256-bit result
function mulDivRoundingUp(
uint256 a,
uint256 b,
uint256 denominator
) internal pure returns (uint256 result) {
// diff: original lib works under 0.7.6 with overflows enabled
unchecked {
result = mulDiv(a, b, denominator);
if (mulmod(a, b, denominator) > 0) {
require(result < type(uint256).max);
result++;
}
}
}
}
// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.25;
/**
* @title IRatiosOracle
* @notice Interface for a ratios oracle, providing the target allocation ratios for a vault.
*/
interface IRatiosOracle {
/**
* @notice Retrieves the target allocation ratios (using 96-bit precision) for a specific vault's tokens.
* @param vault The address of the vault requesting the ratios.
* @param isDeposit A boolean indicating whether the ratios are for a deposit or a withdrawal.
* @return ratiosX96 An array representing the target ratios for each token, expressed in 96-bit precision.
* @dev The array of ratios should align with the underlying tokens associated with the vault.
* Reverts if the ratios cannot be provided due to missing or mismatched data.
*/
function getTargetRatiosX96(
address vault,
bool isDeposit
) external view returns (uint128[] memory ratiosX96);
}
// SPDX-License-Identifier: BSL-1.1
pragma solidity 0.8.25;
import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
import "@openzeppelin/contracts/utils/Arrays.sol";
import "./modules/ITvlModule.sol";
import "./validators/IValidator.sol";
import "./oracles/IPriceOracle.sol";
import "./oracles/IRatiosOracle.sol";
import "./utils/IDepositCallback.sol";
import "./utils/IWithdrawalCallback.sol";
import "./IVaultConfigurator.sol";
/**
* @title IVault
* @notice Interface defining core methods, constants, and errors for vault contracts.
* Includes events, data structures, functions, and permissions required for managing the vault.
* @dev Main contract of the system managing interactions between users, administrators, and operators.
* System parameters are set within the corresponding contract - VaultConfigurator.
* Upon deposit, LP tokens are issued to users based on asset valuation by oracles.
* Deposits are made through the deposit function, where a deposit can only be made in underlyingTokens and
* only at the specified ratiosOracle ratio. Deposits can be paused by setting the isDepositLocked flag.
*
* Withdrawals can occur through two scenarios:
* - Regular withdrawal via the registerWithdrawal function and emergency withdrawal via the emergencyWithdraw function.
* In a regular withdrawal, the user registers a withdrawal request, after which the operator must perform a series of operations
* to ensure there are enough underlyingTokens on the vault's balance to fulfill the user's request. Subsequently, the operator must call
* the processWithdrawals function. If a user's request is not processed within the emergencyWithdrawalDelay period, the user can perform an emergency withdrawal.
* Note! In this case, the user may receive less funds than entitled by the system, as this function only handles ERC20 tokens in the system.
* Therefore, if the system has a base asset that is not represented as an ERC20 token, the corresponding portion of the funds will be lost by the user.
*
* It is assumed that the main system management will occur through calls to delegateModules via delegateCalls on behalf of the operator.
* For this to be possible, certain conditions must be met:
* - From the validator's perspective, two conditions must be met:
* 1. The caller must have the right to call the delegateCall function with the corresponding data parameter.
* 2. The contract itself must be able to call the function on the delegateModule with the specified data.
* - From the configurator's perspective, the called module must have the appropriate approval - isDelegateModuleApproved.
*
* If external calls need to be made, the externalCall function is used, for the execution of which a similar set of properties exists:
* - From the validator's perspective, two conditions must be met:
* 1. The caller must have the right to call the externalCall function with the corresponding data parameter.
* 2. The contract itself must be able to call the function on the external contract with the specified data.
* - From the configurator's perspective, the called contract must NOT have isDelegateModuleApproved permission.
*
* Vault also has the functionality of adding and removing underlyingTokens, as well as tvlModules.
* For this purpose, the following functions are available, which can only be called by the vault's admin:
* - addToken
* - removeToken
* - addTvlModule
* - removeTvlModule
* Upon calling removeToken, it is checked that the underlyingTvl function for the specified token returns a zero value. Otherwise, the function reverts with a NonZeroValue error.
* It is important to note that there is no such check when calling removeTvlModule, so when updating parameters, sequential execution of a transaction to remove the old and add the new tvlModule is implied.
*/
interface IVault is IERC20 {
/// @dev Errors
error Deadline();
error InvalidState();
error InvalidLength();
error InvalidToken();
error NonZeroValue();
error ValueZero();
error InsufficientLpAmount();
error InsufficientAmount();
error LimitOverflow();
error AlreadyAdded();
/// @notice Struct representing a user's withdrawal request.
struct WithdrawalRequest {
address to;
uint256 lpAmount;
bytes32 tokensHash; // keccak256 hash of the tokens array at the moment of request
uint256[] minAmounts;
uint256 deadline;
uint256 timestamp;
}
/// @notice Struct representing the current state used for processing withdrawals.
struct ProcessWithdrawalsStack {
address[] tokens;
uint128[] ratiosX96;
uint256[] erc20Balances;
uint256 totalSupply;
uint256 totalValue;
uint256 ratiosX96Value;
uint256 timestamp;
uint256 feeD9;
bytes32 tokensHash; // keccak256 hash of the tokens array at the moment of the call
}
/// @notice 2^96, used for fixed-point arithmetic
function Q96() external view returns (uint256);
/// @notice Multiplier of 1e9
function D9() external view returns (uint256);
/// @notice Returns the vault's configurator, which handles permissions and configuration settings.
/// @return IVaultConfigurator The address of the configurator contract.
function configurator() external view returns (IVaultConfigurator);
/// @notice Returns the withdrawal request of a given user.
/// @param user The address of the user.
/// @return request The withdrawal request associated with the user.
function withdrawalRequest(
address user
) external view returns (WithdrawalRequest memory request);
/// @return count The number of users with pending withdrawal requests.
function pendingWithdrawersCount() external view returns (uint256 count);
/// @notice Returns an array of addresses with pending withdrawal requests.
/// @return users An array of addresses with pending withdrawal requests.
function pendingWithdrawers()
external
view
returns (address[] memory users);
/// @notice Returns an array of addresses with pending withdrawal requests.
/// @param limit The maximum number of users to return.
/// @param offset The number of users to skip before returning.
/// @return users An array of addresses with pending withdrawal requests.
function pendingWithdrawers(
uint256 limit,
uint256 offset
) external view returns (address[] memory users);
/// @notice Returns an array of underlying tokens of the vault.
/// @return underlyinigTokens_ An array of underlying token addresses.
function underlyingTokens()
external
view
returns (address[] memory underlyinigTokens_);
/// @notice Checks if a token is an underlying token of the vault.
/// @return isUnderlyingToken_ true if the token is an underlying token of the vault.
function isUnderlyingToken(
address token
) external view returns (bool isUnderlyingToken_);
/// @notice Returns an array of addresses of all TVL modules.
/// @return tvlModules_ An array of TVL module addresses.
function tvlModules() external view returns (address[] memory tvlModules_);
/// @notice Calculates and returns the total value locked (TVL) of the underlying tokens.
/// @return tokens An array of underlying token addresses.
/// @return amounts An array of the amounts of each underlying token in the TVL.
function underlyingTvl()
external
view
returns (address[] memory tokens, uint256[] memory amounts);
/// @notice Calculates and returns the base TVL (Total Value Locked) across all tokens in the vault.
/// @return tokens An array of token addresses.
/// @return amounts An array of the amounts of each token in the base TVL.
function baseTvl()
external
view
returns (address[] memory tokens, uint256[] memory amounts);
/// @notice Adds a new token to the list of underlying tokens in the vault.
/// @dev Only accessible by an admin.
/// @param token The address of the token to add.
function addToken(address token) external;
/// @notice Removes a token from the list of underlying tokens in the vault.
/// @dev Only accessible by an admin.
/// @param token The address of the token to remove.
function removeToken(address token) external;
/// @notice Adds a new TVL module to the vault.
/// @dev Only accessible by an admin.
/// @param module The address of the TVL module to add.
function addTvlModule(address module) external;
/// @notice Removes an existing TVL module from the vault.
/// @dev Only accessible by an admin.
/// @param module The address of the TVL module to remove.
function removeTvlModule(address module) external;
/// @notice Performs an external call to a given address with specified data.
/// @dev Only operators or admins should call this function. Checks access permissions.
/// @param to The address to which the call will be made.
/// @param data The calldata to use for the external call.
/// @return success Indicates if the call was successful.
/// @return response The response data from the external call.
/// @dev Checks permissions using the validator from the configurator.
function externalCall(
address to,
bytes calldata data
) external returns (bool success, bytes memory response);
/// @notice Executes a delegate call to a specified address with given data.
/// @dev Only operators or admins should call this function. Checks access permissions.
/// @param to The address to which the delegate call will be made.
/// @param data The calldata to use for the delegate call.
/// @return success Indicates if the delegate call was successful.
/// @return response The response data from the delegate call.
/// @dev Checks permissions using the validator from the configurator.
function delegateCall(
address to,
bytes calldata data
) external returns (bool success, bytes memory response);
/// @notice Deposits specified amounts of tokens into the vault in exchange for LP tokens.
/// @dev Only accessible when deposits are unlocked.
/// @param to The address to receive LP tokens.
/// @param amounts An array specifying the amounts for each underlying token.
/// @param minLpAmount The minimum amount of LP tokens to mint.
/// @param deadline The time before which the operation must be completed.
/// @param referralCode The referral code to use for the deposit.
/// @return actualAmounts The actual amounts deposited for each underlying token.
/// @return lpAmount The amount of LP tokens minted.
function deposit(
address to,
uint256[] memory amounts,
uint256 minLpAmount,
uint256 deadline,
uint256 referralCode
) external returns (uint256[] memory actualAmounts, uint256 lpAmount);
/// @notice Handles emergency withdrawals, proportionally withdrawing all tokens in the system (not just the underlying).
/// @dev Transfers tokens based on the user's share of lpAmount / totalSupply.
/// @param minAmounts An array of minimum amounts expected for each underlying token.
/// @param deadline The time before which the operation must be completed.
/// @return actualAmounts The actual amounts withdrawn for each token.
function emergencyWithdraw(
uint256[] memory minAmounts,
uint256 deadline
) external returns (uint256[] memory actualAmounts);
/// @notice Cancels a pending withdrawal request.
function cancelWithdrawalRequest() external;
/// @notice Registers a new withdrawal request, optionally closing previous requests.
/// @param to The address to receive the withdrawn tokens.
/// @param lpAmount The amount of LP tokens to withdraw.
/// @param minAmounts An array specifying minimum amounts for each token.
/// @param deadline The time before which the operation must be completed.
/// @param requestDeadline The deadline before which the request should be fulfilled.
/// @param closePrevious Whether to close a previous request if it exists.
function registerWithdrawal(
address to,
uint256 lpAmount,
uint256[] memory minAmounts,
uint256 deadline,
uint256 requestDeadline,
bool closePrevious
) external;
/// @notice Analyzes a withdrawal request based on the current vault state.
/// @param s The current state stack to use for analysis.
/// @param request The withdrawal request to analyze.
/// @return processingPossible Whether processing is possible based on current vault state.
/// @return withdrawalPossible Whether the withdrawal can be fulfilled.
/// @return expectedAmounts The expected amounts to be withdrawn for each token.
function analyzeRequest(
ProcessWithdrawalsStack memory s,
WithdrawalRequest memory request
)
external
pure
returns (
bool processingPossible,
bool withdrawalPossible,
uint256[] memory expectedAmounts
);
/// @notice Calculates and returns the state stack required for processing withdrawal requests.
/// @return s The state stack with current vault balances and data.
function calculateStack()
external
view
returns (ProcessWithdrawalsStack memory s);
/// @notice Processes multiple withdrawal requests by fulfilling eligible withdrawals.
/// @param users An array of user addresses whose withdrawal requests should be processed.
/// @return statuses An array indicating the status of each user's withdrawal request.
function processWithdrawals(
address[] memory users
) external returns (bool[] memory statuses);
/**
* @notice Emitted when a token is added to the vault.
* @param token The address of the token added.
*/
event TokenAdded(address token);
/**
* @notice Emitted when a token is removed from the vault.
* @param token The address of the token removed.
*/
event TokenRemoved(address token);
/**
* @notice Emitted when a TVL module is added to the vault.
* @param module The address of the TVL module added.
*/
event TvlModuleAdded(address module);
/**
* @notice Emitted when a TVL module is removed from the vault.
* @param module The address of the TVL module removed.
*/
event TvlModuleRemoved(address module);
/**
* @notice Emitted when an external call is made.
* @param to The address of the contract called.
* @param data The calldata of the call.
* @param success The success status of the call.
* @param response The response data of the call.
*/
event ExternalCall(
address indexed to,
bytes data,
bool success,
bytes response
);
/**
* @notice Emitted when a delegate call is made.
* @param to The address of the contract called.
* @param data The calldata of the call.
* @param success The success status of the call.
* @param response The response data of the call.
*/
event DelegateCall(
address indexed to,
bytes data,
bool success,
bytes response
);
/**
* @notice Emitted when a deposit occurs.
* @param to The address where LP tokens are deposited.
* @param amounts The amounts of tokens deposited.
* @param lpAmount The amount of LP tokens minted.
* @param referralCode The referral code used for the deposit.
*/
event Deposit(
address indexed to,
uint256[] amounts,
uint256 lpAmount,
uint256 referralCode
);
/**
* @notice Emitted when a deposit callback occurs.
* @param callback The address of the deposit callback contract.
* @param amounts The amounts of tokens deposited.
* @param lpAmount The amount of LP tokens minted.
*/
event DepositCallback(
address indexed callback,
uint256[] amounts,
uint256 lpAmount
);
/**
* @notice Emitted when a withdrawal request is made.
* @param from The address of the user making the request.
* @param request The details of the withdrawal request.
*/
event WithdrawalRequested(address indexed from, WithdrawalRequest request);
/**
* @notice Emitted when a withdrawal request is canceled.
* @param user The address of the user canceling the request.
* @param origin The origin of the cancellation.
*/
event WithdrawalRequestCanceled(address indexed user, address origin);
/**
* @notice Emitted when an emergency withdrawal occurs.
* @param from The address of the user initiating the emergency withdrawal.
* @param request The details of the withdrawal request.
* @param amounts The actual amounts withdrawn.
*/
event EmergencyWithdrawal(
address indexed from,
WithdrawalRequest request,
uint256[] amounts
);
/**
* @notice Emitted when withdrawals are processed.
* @param users The addresses of the users whose withdrawals are processed.
* @param statuses The statuses of the withdrawal processing.
*/
event WithdrawalsProcessed(address[] users, bool[] statuses);
/**
* @notice Emitted when a withdrawal callback occurs.
* @param callback The address of the withdrawal callback contract.
*/
event WithdrawCallback(address indexed callback);
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.25;
import "@openzeppelin/contracts/access/extensions/IAccessControlEnumerable.sol";
/// @notice This is a default access control with 3 roles:
///
/// - ADMIN: allowed to do anything
/// - ADMIN_DELEGATE: allowed to do anything except assigning ADMIN and ADMIN_DELEGATE roles
/// - OPERATOR: low-privileged role, generally keeper or some other bot
interface IDefaultAccessControl is IAccessControlEnumerable {
error Forbidden();
error AddressZero();
function OPERATOR() external view returns (bytes32);
function ADMIN_ROLE() external view returns (bytes32);
function ADMIN_DELEGATE_ROLE() external view returns (bytes32);
/// @notice Checks that the address is contract admin.
/// @param who Address to check
/// @return `true` if who is admin, `false` otherwise
function isAdmin(address who) external view returns (bool);
/// @notice Checks that the address is contract admin.
/// @param who Address to check
/// @return `true` if who is operator, `false` otherwise
function isOperator(address who) external view returns (bool);
/// @notice Checks that the address is contract admin.
/// @param who Address to check
/// @dev throws Forbbiden() if the sender does not have the admin or admin_delegate role
function requireAdmin(address who) external view;
/// @notice Checks that the address is contract admin.
/// @param who Address to check
/// @dev throws Forbbiden() if the sender has no roles
function requireAtLeastOperator(address who) external view;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "./IERC20.sol";
import {IERC20Metadata} from "./extensions/IERC20Metadata.sol";
import {Context} from "../../utils/Context.sol";
import {IERC20Errors} from "../../interfaces/draft-IERC6093.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* The default value of {decimals} is 18. To change this, you should override
* this function so it returns a different value.
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*/
abstract contract ERC20 is Context, IERC20, IERC20Metadata, IERC20Errors {
mapping(address account => uint256) private _balances;
mapping(address account => mapping(address spender => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the default value returned by this function, unless
* it's overridden.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `value`.
*/
function transfer(address to, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_transfer(owner, to, value);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `value` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, value);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `value`.
* - the caller must have allowance for ``from``'s tokens of at least
* `value`.
*/
function transferFrom(address from, address to, uint256 value) public virtual returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, value);
_transfer(from, to, value);
return true;
}
/**
* @dev Moves a `value` amount of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _transfer(address from, address to, uint256 value) internal {
if (from == address(0)) {
revert ERC20InvalidSender(address(0));
}
if (to == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(from, to, value);
}
/**
* @dev Transfers a `value` amount of tokens from `from` to `to`, or alternatively mints (or burns) if `from`
* (or `to`) is the zero address. All customizations to transfers, mints, and burns should be done by overriding
* this function.
*
* Emits a {Transfer} event.
*/
function _update(address from, address to, uint256 value) internal virtual {
if (from == address(0)) {
// Overflow check required: The rest of the code assumes that totalSupply never overflows
_totalSupply += value;
} else {
uint256 fromBalance = _balances[from];
if (fromBalance < value) {
revert ERC20InsufficientBalance(from, fromBalance, value);
}
unchecked {
// Overflow not possible: value <= fromBalance <= totalSupply.
_balances[from] = fromBalance - value;
}
}
if (to == address(0)) {
unchecked {
// Overflow not possible: value <= totalSupply or value <= fromBalance <= totalSupply.
_totalSupply -= value;
}
} else {
unchecked {
// Overflow not possible: balance + value is at most totalSupply, which we know fits into a uint256.
_balances[to] += value;
}
}
emit Transfer(from, to, value);
}
/**
* @dev Creates a `value` amount of tokens and assigns them to `account`, by transferring it from address(0).
* Relies on the `_update` mechanism
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _mint(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(address(0), account, value);
}
/**
* @dev Destroys a `value` amount of tokens from `account`, lowering the total supply.
* Relies on the `_update` mechanism.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead
*/
function _burn(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidSender(address(0));
}
_update(account, address(0), value);
}
/**
* @dev Sets `value` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*
* Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
*/
function _approve(address owner, address spender, uint256 value) internal {
_approve(owner, spender, value, true);
}
/**
* @dev Variant of {_approve} with an optional flag to enable or disable the {Approval} event.
*
* By default (when calling {_approve}) the flag is set to true. On the other hand, approval changes made by
* `_spendAllowance` during the `transferFrom` operation set the flag to false. This saves gas by not emitting any
* `Approval` event during `transferFrom` operations.
*
* Anyone who wishes to continue emitting `Approval` events on the`transferFrom` operation can force the flag to
* true using the following override:
* ```
* function _approve(address owner, address spender, uint256 value, bool) internal virtual override {
* super._approve(owner, spender, value, true);
* }
* ```
*
* Requirements are the same as {_approve}.
*/
function _approve(address owner, address spender, uint256 value, bool emitEvent) internal virtual {
if (owner == address(0)) {
revert ERC20InvalidApprover(address(0));
}
if (spender == address(0)) {
revert ERC20InvalidSpender(address(0));
}
_allowances[owner][spender] = value;
if (emitEvent) {
emit Approval(owner, spender, value);
}
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `value`.
*
* Does not update the allowance value in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Does not emit an {Approval} event.
*/
function _spendAllowance(address owner, address spender, uint256 value) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
if (currentAllowance < value) {
revert ERC20InsufficientAllowance(spender, currentAllowance, value);
}
unchecked {
_approve(owner, spender, currentAllowance - value, false);
}
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
import {IERC20Permit} from "../extensions/IERC20Permit.sol";
import {Address} from "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
/**
* @dev An operation with an ERC20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value));
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeCall(token.approve, (spender, 0)));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data);
if (returndata.length != 0 && !abi.decode(returndata, (bool))) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false
// and not revert is the subcall reverts.
(bool success, bytes memory returndata) = address(token).call(data);
return success && (returndata.length == 0 || abi.decode(returndata, (bool))) && address(token).code.length > 0;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/ReentrancyGuard.sol)
pragma solidity ^0.8.20;
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant NOT_ENTERED = 1;
uint256 private constant ENTERED = 2;
uint256 private _status;
/**
* @dev Unauthorized reentrant call.
*/
error ReentrancyGuardReentrantCall();
constructor() {
_status = NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be NOT_ENTERED
if (_status == ENTERED) {
revert ReentrancyGuardReentrantCall();
}
// Any calls to nonReentrant after this point will fail
_status = ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = NOT_ENTERED;
}
/**
* @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
* `nonReentrant` function in the call stack.
*/
function _reentrancyGuardEntered() internal view returns (bool) {
return _status == ENTERED;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/Arrays.sol)
pragma solidity ^0.8.20;
import {StorageSlot} from "./StorageSlot.sol";
import {Math} from "./math/Math.sol";
/**
* @dev Collection of functions related to array types.
*/
library Arrays {
using StorageSlot for bytes32;
/**
* @dev Searches a sorted `array` and returns the first index that contains
* a value greater or equal to `element`. If no such index exists (i.e. all
* values in the array are strictly less than `element`), the array length is
* returned. Time complexity O(log n).
*
* `array` is expected to be sorted in ascending order, and to contain no
* repeated elements.
*/
function findUpperBound(uint256[] storage array, uint256 element) internal view returns (uint256) {
uint256 low = 0;
uint256 high = array.length;
if (high == 0) {
return 0;
}
while (low < high) {
uint256 mid = Math.average(low, high);
// Note that mid will always be strictly less than high (i.e. it will be a valid array index)
// because Math.average rounds towards zero (it does integer division with truncation).
if (unsafeAccess(array, mid).value > element) {
high = mid;
} else {
low = mid + 1;
}
}
// At this point `low` is the exclusive upper bound. We will return the inclusive upper bound.
if (low > 0 && unsafeAccess(array, low - 1).value == element) {
return low - 1;
} else {
return low;
}
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeAccess(address[] storage arr, uint256 pos) internal pure returns (StorageSlot.AddressSlot storage) {
bytes32 slot;
// We use assembly to calculate the storage slot of the element at index `pos` of the dynamic array `arr`
// following https://docs.soliditylang.org/en/v0.8.20/internals/layout_in_storage.html#mappings-and-dynamic-arrays.
/// @solidity memory-safe-assembly
assembly {
mstore(0, arr.slot)
slot := add(keccak256(0, 0x20), pos)
}
return slot.getAddressSlot();
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeAccess(bytes32[] storage arr, uint256 pos) internal pure returns (StorageSlot.Bytes32Slot storage) {
bytes32 slot;
// We use assembly to calculate the storage slot of the element at index `pos` of the dynamic array `arr`
// following https://docs.soliditylang.org/en/v0.8.20/internals/layout_in_storage.html#mappings-and-dynamic-arrays.
/// @solidity memory-safe-assembly
assembly {
mstore(0, arr.slot)
slot := add(keccak256(0, 0x20), pos)
}
return slot.getBytes32Slot();
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeAccess(uint256[] storage arr, uint256 pos) internal pure returns (StorageSlot.Uint256Slot storage) {
bytes32 slot;
// We use assembly to calculate the storage slot of the element at index `pos` of the dynamic array `arr`
// following https://docs.soliditylang.org/en/v0.8.20/internals/layout_in_storage.html#mappings-and-dynamic-arrays.
/// @solidity memory-safe-assembly
assembly {
mstore(0, arr.slot)
slot := add(keccak256(0, 0x20), pos)
}
return slot.getUint256Slot();
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeMemoryAccess(uint256[] memory arr, uint256 pos) internal pure returns (uint256 res) {
assembly {
res := mload(add(add(arr, 0x20), mul(pos, 0x20)))
}
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeMemoryAccess(address[] memory arr, uint256 pos) internal pure returns (address res) {
assembly {
res := mload(add(add(arr, 0x20), mul(pos, 0x20)))
}
}
}
// SPDX-License-Identifier: BSL-1.1
pragma solidity 0.8.25;
/**
* @title ITvlModule
* @notice Interface for a Total Value Locked (TVL) module, providing information about token balances.
*/
interface ITvlModule {
// Structure representing TVL data for a token
struct Data {
address token; // Address of the token
address underlyingToken; // Address of the underlying token
uint256 amount; // Current amount of the token
uint256 underlyingAmount; // Current amount of the underlying token
bool isDebt; // Flag indicating if the token represents debt
}
/**
* @notice Returns Total Value Locked (TVL) data for a specific user.
* @param user The address of the user.
* @return data An array of TVL data for each token held by the user.
*/
function tvl(address user) external view returns (Data[] memory data);
}
// SPDX-License-Identifier: BSL-1.1
pragma solidity 0.8.25;
/**
* @title IValidator
* @notice Interface defining a generic validator for transaction data.
*/
interface IValidator {
/**
* @notice Validates a transaction involving two addresses based on the provided calldata.
* @param from The address initiating the transaction.
* @param to The target address of the transaction.
* @param data The transaction data containing the function selector and any necessary parameters.
* @dev Implementers should validate that the transaction is authorized, properly formatted, and adheres to the required business logic.
* Reverts if the transaction is invalid.
*/
function validate(
address from,
address to,
bytes calldata data
) external view;
}
// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.25;
/**
* @title IPriceOracle
* @notice Interface defining a standard price oracle that provides token prices in 96-bit precision.
*/
interface IPriceOracle {
/**
* @notice Returns the price of a specific token relative to the base token of the given vault, expressed in 96-bit precision.
* @param vault The address of the vault requesting the price.
* @param token The address of the token to calculate the price for.
* @return priceX96_ The price of the token relative to the base token, using 96-bit precision.
* @dev Implementations should ensure prices are accurate and may involve external oracle data.
* Reverts with an appropriate error if the price cannot be provided.
*/
function priceX96(
address vault,
address token
) external view returns (uint256 priceX96_);
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.25;
/**
* @title IDepositCallback
* @notice Interface defining a callback function to handle deposit results.
*/
interface IDepositCallback {
/**
* @notice Handles the callback after a deposit operation has been executed.
* @param actualAmounts An array representing the actual amounts of each token that were deposited.
* @param lpAmount The total amount of LP tokens that were issued as a result of the deposit.
* @dev This function is intended to be implemented by contracts that need to take further action following a deposit.
*/
function depositCallback(
uint256[] memory actualAmounts,
uint256 lpAmount
) external;
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.25;
/**
* @title IWithdrawalCallback
* @notice Interface defining a callback function to handle post-withdrawal actions in processWithdrawals function.
*/
interface IWithdrawalCallback {
/**
* @notice Handles the callback after a withdrawal operation has been executed.
* @dev This function should be implemented to carry out any additional actions required after the withdrawal.
* It does not take any parameters and will be invoked once the withdrawal process is complete.
*/
function withdrawalCallback() external;
}
// SPDX-License-Identifier: BSL-1.1
pragma solidity 0.8.25;
import "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
import "./IVault.sol";
/**
* @title IVaultConfigurator
* @notice Contract defining the configuration and access control for a vault system.
* This interface specifies the parameters for the primary Vault contract,
* facilitating secure configuration updates through a two-stage process: staging and committing, with each parameter update subject to a specified delay.
* The stage function sets the new value and timestamp for the parameter, while the commit function finalizes the update
*
* The delay parameter is expressed in seconds and is defined for each parameter of this contract as follows:
* - baseDelay: the base delay for stage/commit operations
* - depositCallbackDelay: delay for changing the deposit callback contract address
* - withdrawalCallbackDelay: delay for changing the withdrawal callback contract address
* - withdrawalFeeD9Delay: delay for changing the withdrawal fee
* - isDepositLockedDelay: delay for locking deposits
* - areTransfersLockedDelay: delay for locking LP token transfers
* - delegateModuleApprovalDelay: delay for approving delegated modules
* - maximalTotalSupplyDelay: delay for changing the maximum total supply
* - ratiosOracleDelay: delay for changing the ratios oracle address
* - priceOracleDelay: delay for changing the price oracle address
* - validatorDelay: delay for changing the validator address
* - emergencyWithdrawalDelay: delay for withdrawing funds after calling registerWithdrawal
*
* Each of the above parameters has a pair of functions, stage/commit, through which their updates occur. The delay for all these parameters is set to baseDelay.
*
* With the exception of functions for isDepositLocked parameter, all mutable functions of the contract can only be called by the vault's admin.
* Function for isDepositLocked parameter can be called by either the operator or the vault's admin
* to enable faster deposit locking if deemed necessary from the operator/strategy standpoint.
*/
interface IVaultConfigurator {
/// @dev Errors
error AddressZero();
error InvalidDelay();
error InvalidTimestamp();
error InvalidWithdrawalFee();
error InvalidTotalSupply();
/// @notice Struct to represent a staged data change with a delay period.
struct Data {
uint256 value; // Current value
uint256 stagedValue; // Staged value waiting to be committed
uint256 stageTimestamp; // Timestamp of staging
}
/// @notice Returns the maximum allowed delay for any staged data.
/// @return uint256 The constant `MAX_DELAY` indicating the maximum delay period (365 days).
function MAX_DELAY() external pure returns (uint256);
/// @notice Returns the maximum withdrawal fee allowed.
/// @return uint256 The constant `MAX_WITHDRAWAL_FEE` indicating the maximum withdrawal fee (5%).
function MAX_WITHDRAWAL_FEE() external pure returns (uint256);
/// @notice Returns the address of the vault associated with this configurator.
/// @return address of the vault contract.
function vault() external view returns (address);
///@notice Stages an approval for the specified delegate module.
/// @param module The address of the module to approve.
function stageDelegateModuleApproval(address module) external;
/// @notice Commits the previously staged delegate module approval after the delay period.
/// @param module The address of the module to approve.
function commitDelegateModuleApproval(address module) external;
/// @notice Rolls back any staged delegate module approval.
/// @param module The address of the module to roll back.
function rollbackStagedDelegateModuleApproval(address module) external;
/// @notice @notice Revokes the approval of the specified delegate module.
/// @param module The address of the module to revoke approval from.
function revokeDelegateModuleApproval(address module) external;
/// @notice Returns the base delay value for all staging operations.
/// @return uint256 The base delay value in seconds.
function baseDelay() external view returns (uint256);
/// @notice Checks if the specified delegate module is approved for use.
/// @param module The address of the module to check.
/// @return bool `true` if the module is approved, otherwise `false`.
function isDelegateModuleApproved(
address module
) external view returns (bool);
/// @notice Returns whether deposits are currently locked.
/// @notice operator owned parameter.
/// @return bool `true` if deposits are locked, otherwise `false`.
function isDepositLocked() external view returns (bool);
/// @notice Returns whether LP token transfers are currently locked.
/// @notice admin owned parameter.
/// @return bool `true` if transfers are locked, otherwise `false`.
function areTransfersLocked() external view returns (bool);
/// @notice Returns the maximum total supply of LP tokens allowed.
/// @return uint256 The maximum total supply of LP tokens.
function maximalTotalSupply() external view returns (uint256);
/// @notice Returns the address of the deposit callback contract.
/// @return address The address of the deposit callback contract.
function depositCallback() external view returns (address);
/// @notice Returns the address of the withdrawal callback contract.
/// @return address The address of the withdrawal callback contract.
function withdrawalCallback() external view returns (address);
/// @notice Returns the current withdrawal fee in D9 format.
/// @return uint256 The withdrawal fee, represented as an integer with 9 decimal places.
function withdrawalFeeD9() external view returns (uint256);
/// @notice Returns the delay for committing deposit callback changes.
/// @return uint256 The delay in seconds.
function depositCallbackDelay() external view returns (uint256);
/// @notice Returns the delay for committing withdrawal callback changes.
/// @return uint256 The delay in seconds.
function withdrawalCallbackDelay() external view returns (uint256);
/// @notice Returns the delay for committing withdrawal fee changes.
/// @return uint256 The delay in seconds.
function withdrawalFeeD9Delay() external view returns (uint256);
/// @notice Returns the delay for committing deposit locks.
/// @return uint256 The delay in seconds.
function isDepositLockedDelay() external view returns (uint256);
/// @notice Returns the delay for committing transfers locks.
/// @return uint256 The delay in seconds.
function areTransfersLockedDelay() external view returns (uint256);
/// @notice Returns the delay for committing delegate module approvals.
/// @return uint256 The delay in seconds.
function delegateModuleApprovalDelay() external view returns (uint256);
/// @notice Returns the delay for committing maximum total supply changes.
/// @return uint256 The delay in seconds.
function maximalTotalSupplyDelay() external view returns (uint256);
/// @notice Returns the address of the ratios oracle.
/// @return address The address of the ratios oracle.
function ratiosOracle() external view returns (address);
/// @notice Returns the address of the price oracle.
/// @return address The address of the price oracle.
function priceOracle() external view returns (address);
/// @notice Returns the address of the validator.
/// @return address The address of the validator.
function validator() external view returns (address);
/// @notice Returns the delay for committing validator changes.
/// @return uint256 The delay in seconds.
function validatorDelay() external view returns (uint256);
/// @notice Returns the delay for committing price oracle changes.
/// @return uint256 The delay in seconds.
function priceOracleDelay() external view returns (uint256);
/// @notice Returns the delay for committing ratios oracle changes.
/// @return uint256 The delay in seconds.
function ratiosOracleDelay() external view returns (uint256);
/// @notice Returns the delay required between calling `registerWithdrawal` and being able to perform an emergency withdrawal for that request.
/// @return uint256 The minimum delay time, in seconds, that a user must wait after calling `registerWithdrawal` before executing an emergency withdrawal.
function emergencyWithdrawalDelay() external view returns (uint256);
/// @notice Stages the deposits lock by setting a staged value and timestamp.
function stageDepositsLock() external;
/// @notice Commits the previously staged deposits lock after the delay period.
function commitDepositsLock() external;
/// @notice Rolls back any staged deposits lock.
function rollbackStagedDepositsLock() external;
/// @notice Revokes the current deposits lock, unlocking deposits.
function revokeDepositsLock() external;
/// @notice Stages the transfers lock by setting a staged value and timestamp.
/// @param flag The new value to stage.
function stageTransfersLock(bool flag) external;
/// @notice Commits the previously staged transfers lock after the delay period.
function commitTransfersLock() external;
/// @notice Rolls back any staged transfers lock.
function rollbackStagedTransfersLock() external;
/// @notice Stages the maximum total supply with a staged value and timestamp.
/// @param maximalTotalSupply_ The maximum total supply to stage.
function stageMaximalTotalSupply(uint256 maximalTotalSupply_) external;
/// @notice Commits the previously staged maximum total supply after the delay period.
function commitMaximalTotalSupply() external;
/// @notice Rolls back any staged maximum total supply changes.
function rollbackStagedMaximalTotalSupply() external;
/// @notice Stages a new deposit callback address.
/// @param callback The address of the new deposit callback contract.
function stageDepositCallback(address callback) external;
/// @notice Commits the previously staged deposit callback address after the delay period.
function commitDepositCallback() external;
/// @notice Rolls back any staged deposit callback changes.
function rollbackStagedDepositCallback() external;
/// @notice Stages a new withdrawal callback address.
/// @param callback The address of the new withdrawal callback contract.
function stageWithdrawalCallback(address callback) external;
/// @notice Commits the previously staged withdrawal callback address after the delay period.
function commitWithdrawalCallback() external;
/// @notice Rolls back any staged withdrawal callback changes.
function rollbackStagedWithdrawalCallback() external;
/// @notice Stages a new withdrawal fee in D9 format.
/// @param feeD9 The new withdrawal fee in D9 format.
function stageWithdrawalFeeD9(uint256 feeD9) external;
/// @notice Commits the previously staged withdrawal fee after the delay period.
function commitWithdrawalFeeD9() external;
/// @notice Rolls back any staged withdrawal fee changes.
function rollbackStagedWithdrawalFeeD9() external;
/// @notice Stages a base delay value.
/// @param delay_ The base delay value to stage.
function stageBaseDelay(uint256 delay_) external;
/// @notice Commits the previously staged base delay after the delay period.
function commitBaseDelay() external;
/// @notice Rolls back any staged base delay changes.
function rollbackStagedBaseDelay() external;
/// @notice Stages a delay value for the deposit callback.
/// @param delay_ The delay value to stage.
function stageDepositCallbackDelay(uint256 delay_) external;
/// @notice Commits the previously staged deposit callback delay after the delay period.
function commitDepositCallbackDelay() external;
/// @notice Rolls back any staged deposit callback delay changes.
function rollbackStagedDepositCallbackDelay() external;
/// @notice Stages a delay value for the withdrawal callback.
/// @param delay_ The delay value to stage.
function stageWithdrawalCallbackDelay(uint256 delay_) external;
/// @notice Commits the previously staged withdrawal callback delay after the delay period.
function commitWithdrawalCallbackDelay() external;
/// @notice Rolls back any staged withdrawal callback delay changes.
function rollbackStagedWithdrawalCallbackDelay() external;
/// @notice Stages a delay value for the withdrawal fee in D9 format.
/// @param delay_ The delay value to stage.
function stageWithdrawalFeeD9Delay(uint256 delay_) external;
/// @notice Commits the previously staged withdrawal fee delay after the delay period.
function commitWithdrawalFeeD9Delay() external;
/// @notice Rolls back any staged withdrawal fee delay changes.
function rollbackStagedWithdrawalFeeD9Delay() external;
/// @notice Stages a delay value for locking deposits.
/// @param delay_ The delay value to stage.
function stageDepositsLockedDelay(uint256 delay_) external;
/// @notice Commits the previously staged deposits lock delay after the delay period.
function commitDepositsLockedDelay() external;
/// @notice Rolls back any staged deposits lock delay changes.
function rollbackStagedDepositsLockedDelay() external;
/// @notice Stages a delay value for locking transfers.
/// @param delay_ The delay value to stage.
function stageTransfersLockedDelay(uint256 delay_) external;
/// @notice Commits the previously staged transfers lock delay after the delay period.
function commitTransfersLockedDelay() external;
/// @notice Rolls back any staged transfers lock delay changes.
function rollbackStagedTransfersLockedDelay() external;
/// @notice Stages a delay value for the delegate module approval.
/// @param delay_ The delay value to stage.
function stageDelegateModuleApprovalDelay(uint256 delay_) external;
/// @notice Commits the previously staged delegate module approval delay after the delay period.
function commitDelegateModuleApprovalDelay() external;
/// @notice Rolls back any staged delegate module approval delay changes.
function rollbackStagedDelegateModuleApprovalDelay() external;
/// @notice Stages a delay value for the maximum total supply.
/// @param delay_ The delay value to stage.
function stageMaximalTotalSupplyDelay(uint256 delay_) external;
/// @notice Commits the previously staged maximum total supply delay after the delay period.
function commitMaximalTotalSupplyDelay() external;
/// @notice Rolls back any staged maximum total supply delay changes.
function rollbackStagedMaximalTotalSupplyDelay() external;
/// @notice Stages a ratios oracle address.
/// @param oracle The address of the new ratios oracle.
function stageRatiosOracle(address oracle) external;
/// @notice Commits the previously staged ratios oracle after the delay period.
function commitRatiosOracle() external;
/// @notice Rolls back any staged ratios oracle changes.
function rollbackStagedRatiosOracle() external;
/// @notice Stages a price oracle address.
/// @param oracle The address of the new price oracle.
function stagePriceOracle(address oracle) external;
/// @notice Commits the previously staged price oracle after the delay period.
function commitPriceOracle() external;
/// @notice Rolls back any staged price oracle changes.
function rollbackStagedPriceOracle() external;
/// @notice Stages a validator address.
/// @param validator_ The address of the new validator.
function stageValidator(address validator_) external;
/// @notice Commits the previously staged validator after the delay period.
function commitValidator() external;
/// @notice Rolls back any staged validator changes.
function rollbackStagedValidator() external;
/// @notice Stages a delay value for the validator.
/// @param delay_ The delay value to stage.
function stageValidatorDelay(uint256 delay_) external;
/// @notice Commits the previously staged validator delay after the delay period.
function commitValidatorDelay() external;
/// @notice Rolls back any staged validator delay changes.
function rollbackStagedValidatorDelay() external;
/// @notice Stages a delay value for the price oracle.
/// @param delay_ The delay value to stage.
function stagePriceOracleDelay(uint256 delay_) external;
/// @notice Commits the previously staged price oracle delay after the delay period.
function commitPriceOracleDelay() external;
/// @notice Rolls back any staged price oracle delay changes.
function rollbackStagedPriceOracleDelay() external;
/// @notice Stages a delay value for the ratios oracle.
/// @param delay_ The delay value to stage.
function stageRatiosOracleDelay(uint256 delay_) external;
/// @notice Commits the previously staged ratios oracle delay after the delay period.
function commitRatiosOracleDelay() external;
/// @notice Rolls back any staged ratios oracle delay changes.
function rollbackStagedRatiosOracleDelay() external;
/// @notice Stages a delay value for emergency withdrawals.
/// @param delay_ The delay value to stage.
function stageEmergencyWithdrawalDelay(uint256 delay_) external;
/// @notice Commits the previously staged emergency withdrawal delay.
function commitEmergencyWithdrawalDelay() external;
/// @notice Rolls back any staged emergency withdrawal delay changes.
function rollbackStagedEmergencyWithdrawalDelay() external;
/// @dev Emitted when a value is staged for future commitment for given slot.
event Stage(
bytes32 indexed slot,
Data indexed data,
uint256 value,
uint256 timestamp
);
/// @dev Emitted when a staged value is committed and updated for given slot.
event Commit(bytes32 indexed slot, Data indexed data, uint256 timestamp);
/// @dev Emitted when a staged value is rolled back without commitment for given slot.
event Rollback(bytes32 indexed slot, Data indexed data, uint256 timestamp);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/extensions/IAccessControlEnumerable.sol)
pragma solidity ^0.8.20;
import {IAccessControl} from "../IAccessControl.sol";
/**
* @dev External interface of AccessControlEnumerable declared to support ERC165 detection.
*/
interface IAccessControlEnumerable is IAccessControl {
/**
* @dev Returns one of the accounts that have `role`. `index` must be a
* value between 0 and {getRoleMemberCount}, non-inclusive.
*
* Role bearers are not sorted in any particular way, and their ordering may
* change at any point.
*
* WARNING: When using {getRoleMember} and {getRoleMemberCount}, make sure
* you perform all queries on the same block. See the following
* https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post]
* for more information.
*/
function getRoleMember(bytes32 role, uint256 index) external view returns (address);
/**
* @dev Returns the number of accounts that have `role`. Can be used
* together with {getRoleMember} to enumerate all bearers of a role.
*/
function getRoleMemberCount(bytes32 role) external view returns (uint256);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/draft-IERC6093.sol)
pragma solidity ^0.8.20;
/**
* @dev Standard ERC20 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC20 tokens.
*/
interface IERC20Errors {
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
*/
error ERC20InsufficientBalance(address sender, uint256 balance, uint256 needed);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC20InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC20InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `spender`’s `allowance`. Used in transfers.
* @param spender Address that may be allowed to operate on tokens without being their owner.
* @param allowance Amount of tokens a `spender` is allowed to operate with.
* @param needed Minimum amount required to perform a transfer.
*/
error ERC20InsufficientAllowance(address spender, uint256 allowance, uint256 needed);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC20InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `spender` to be approved. Used in approvals.
* @param spender Address that may be allowed to operate on tokens without being their owner.
*/
error ERC20InvalidSpender(address spender);
}
/**
* @dev Standard ERC721 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC721 tokens.
*/
interface IERC721Errors {
/**
* @dev Indicates that an address can't be an owner. For example, `address(0)` is a forbidden owner in EIP-20.
* Used in balance queries.
* @param owner Address of the current owner of a token.
*/
error ERC721InvalidOwner(address owner);
/**
* @dev Indicates a `tokenId` whose `owner` is the zero address.
* @param tokenId Identifier number of a token.
*/
error ERC721NonexistentToken(uint256 tokenId);
/**
* @dev Indicates an error related to the ownership over a particular token. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param tokenId Identifier number of a token.
* @param owner Address of the current owner of a token.
*/
error ERC721IncorrectOwner(address sender, uint256 tokenId, address owner);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC721InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC721InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param tokenId Identifier number of a token.
*/
error ERC721InsufficientApproval(address operator, uint256 tokenId);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC721InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/
error ERC721InvalidOperator(address operator);
}
/**
* @dev Standard ERC1155 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC1155 tokens.
*/
interface IERC1155Errors {
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
* @param tokenId Identifier number of a token.
*/
error ERC1155InsufficientBalance(address sender, uint256 balance, uint256 needed, uint256 tokenId);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC1155InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC1155InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param owner Address of the current owner of a token.
*/
error ERC1155MissingApprovalForAll(address operator, address owner);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC1155InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/
error ERC1155InvalidOperator(address operator);
/**
* @dev Indicates an array length mismatch between ids and values in a safeBatchTransferFrom operation.
* Used in batch transfers.
* @param idsLength Length of the array of token identifiers
* @param valuesLength Length of the array of token amounts
*/
error ERC1155InvalidArrayLength(uint256 idsLength, uint256 valuesLength);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/IERC20Permit.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*
* ==== Security Considerations
*
* There are two important considerations concerning the use of `permit`. The first is that a valid permit signature
* expresses an allowance, and it should not be assumed to convey additional meaning. In particular, it should not be
* considered as an intention to spend the allowance in any specific way. The second is that because permits have
* built-in replay protection and can be submitted by anyone, they can be frontrun. A protocol that uses permits should
* take this into consideration and allow a `permit` call to fail. Combining these two aspects, a pattern that may be
* generally recommended is:
*
* ```solidity
* function doThingWithPermit(..., uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s) public {
* try token.permit(msg.sender, address(this), value, deadline, v, r, s) {} catch {}
* doThing(..., value);
* }
*
* function doThing(..., uint256 value) public {
* token.safeTransferFrom(msg.sender, address(this), value);
* ...
* }
* ```
*
* Observe that: 1) `msg.sender` is used as the owner, leaving no ambiguity as to the signer intent, and 2) the use of
* `try/catch` allows the permit to fail and makes the code tolerant to frontrunning. (See also
* {SafeERC20-safeTransferFrom}).
*
* Additionally, note that smart contract wallets (such as Argent or Safe) are not able to produce permit signatures, so
* contracts should have entry points that don't rely on permit.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*
* CAUTION: See Security Considerations above.
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/Address.sol)
pragma solidity ^0.8.20;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev The ETH balance of the account is not enough to perform the operation.
*/
error AddressInsufficientBalance(address account);
/**
* @dev There's no code at `target` (it is not a contract).
*/
error AddressEmptyCode(address target);
/**
* @dev A call to an address target failed. The target may have reverted.
*/
error FailedInnerCall();
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
if (address(this).balance < amount) {
revert AddressInsufficientBalance(address(this));
}
(bool success, ) = recipient.call{value: amount}("");
if (!success) {
revert FailedInnerCall();
}
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason or custom error, it is bubbled
* up by this function (like regular Solidity function calls). However, if
* the call reverted with no returned reason, this function reverts with a
* {FailedInnerCall} error.
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
if (address(this).balance < value) {
revert AddressInsufficientBalance(address(this));
}
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target
* was not a contract or bubbling up the revert reason (falling back to {FailedInnerCall}) in case of an
* unsuccessful call.
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata
) internal view returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
// only check if target is a contract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
if (returndata.length == 0 && target.code.length == 0) {
revert AddressEmptyCode(target);
}
return returndata;
}
}
/**
* @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the
* revert reason or with a default {FailedInnerCall} error.
*/
function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
return returndata;
}
}
/**
* @dev Reverts with returndata if present. Otherwise reverts with {FailedInnerCall}.
*/
function _revert(bytes memory returndata) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert FailedInnerCall();
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/StorageSlot.sol)
// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.
pragma solidity ^0.8.20;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```solidity
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(newImplementation.code.length > 0);
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*/
library StorageSlot {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
struct StringSlot {
string value;
}
struct BytesSlot {
bytes value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` with member `value` located at `slot`.
*/
function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` representation of the string storage pointer `store`.
*/
function getStringSlot(string storage store) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
/**
* @dev Returns an `BytesSlot` with member `value` located at `slot`.
*/
function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.
*/
function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/math/Math.sol)
pragma solidity ^0.8.20;
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
/**
* @dev Muldiv operation overflow.
*/
error MathOverflowedMulDiv();
enum Rounding {
Floor, // Toward negative infinity
Ceil, // Toward positive infinity
Trunc, // Toward zero
Expand // Away from zero
}
/**
* @dev Returns the addition of two unsigned integers, with an overflow flag.
*/
function tryAdd(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
uint256 c = a + b;
if (c < a) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with an overflow flag.
*/
function trySub(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b > a) return (false, 0);
return (true, a - b);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with an overflow flag.
*/
function tryMul(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) return (true, 0);
uint256 c = a * b;
if (c / a != b) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the division of two unsigned integers, with a division by zero flag.
*/
function tryDiv(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b == 0) return (false, 0);
return (true, a / b);
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a division by zero flag.
*/
function tryMod(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b == 0) return (false, 0);
return (true, a % b);
}
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds towards infinity instead
* of rounding towards zero.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
if (b == 0) {
// Guarantee the same behavior as in a regular Solidity division.
return a / b;
}
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
* denominator == 0.
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
* Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0 = x * y; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
if (denominator <= prod1) {
revert MathOverflowedMulDiv();
}
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator.
// Always >= 1. See https://cs.stackexchange.com/q/138556/92363.
uint256 twos = denominator & (0 - denominator);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
// works in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded
* towards zero.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (unsignedRoundsUp(rounding) && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (unsignedRoundsUp(rounding) && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (unsignedRoundsUp(rounding) && 10 ** result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256 of a positive value rounded towards zero.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (unsignedRoundsUp(rounding) && 1 << (result << 3) < value ? 1 : 0);
}
}
/**
* @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.
*/
function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) {
return uint8(rounding) % 2 == 1;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/IAccessControl.sol)
pragma solidity ^0.8.20;
/**
* @dev External interface of AccessControl declared to support ERC165 detection.
*/
interface IAccessControl {
/**
* @dev The `account` is missing a role.
*/
error AccessControlUnauthorizedAccount(address account, bytes32 neededRole);
/**
* @dev The caller of a function is not the expected one.
*
* NOTE: Don't confuse with {AccessControlUnauthorizedAccount}.
*/
error AccessControlBadConfirmation();
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted signaling this.
*/
event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call, an admin role
* bearer except when using {AccessControl-_setupRole}.
*/
event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/
event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) external view returns (bool);
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {AccessControl-_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) external view returns (bytes32);
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function grantRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function revokeRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*/
function renounceRole(bytes32 role, address callerConfirmation) external;
}