Transaction Hash:
Block:
21218034 at Nov-18-2024 11:56:59 PM +UTC
Transaction Fee:
0.0009144573230448 ETH
$2.20
Gas Used:
83,502 Gas / 10.9513224 Gwei
Emitted Events:
| 475 |
Yearn V3 Vault.Transfer( sender=[Sender] 0xab8c43e0c7358b92b32816c2250aa3cdbb35555a, receiver=0x0000000000000000000000000000000000000000, value=140003615625967536350 )
|
| 476 |
DebtToken.Transfer( from=[Receiver] Yearn V3 Vault, to=[Sender] 0xab8c43e0c7358b92b32816c2250aa3cdbb35555a, value=140003615625967536350 )
|
| 477 |
Yearn V3 Vault.Withdraw( sender=[Sender] 0xab8c43e0c7358b92b32816c2250aa3cdbb35555a, receiver=[Sender] 0xab8c43e0c7358b92b32816c2250aa3cdbb35555a, owner=[Sender] 0xab8c43e0c7358b92b32816c2250aa3cdbb35555a, assets=140003615625967536350, shares=140003615625967536350 )
|
Account State Difference:
| Address | Before | After | State Difference | ||
|---|---|---|---|---|---|
| 0x04AeBe2e...c4B48DD13 | |||||
| 0x4591DBfF...3669fBB28 | |||||
|
0x95222290...5CC4BAfe5
Miner
| (beaverbuild) | 10.883131441978077534 Eth | 10.883137642836597534 Eth | 0.00000620085852 | |
| 0xab8c43e0...dbB35555A |
0.029419270588229381 Eth
Nonce: 572
|
0.028504813265184581 Eth
Nonce: 573
| 0.0009144573230448 |
Execution Trace
Yearn.redeem( shares=140003615625967536350, receiver=0xab8c43e0c7358B92B32816C2250AA3cdbB35555A, owner=0xab8c43e0c7358B92B32816C2250AA3cdbB35555A, max_loss=1 ) => ( 140003615625967536350 )
Yearn.redeem( shares=140003615625967536350, receiver=0xab8c43e0c7358B92B32816C2250AA3cdbB35555A, owner=0xab8c43e0c7358B92B32816C2250AA3cdbB35555A, max_loss=1 ) => ( 140003615625967536350 )
-
Null: 0x000...004.STATICCALL( )
-
DebtToken.transfer( recipient=0xab8c43e0c7358B92B32816C2250AA3cdbB35555A, amount=140003615625967536350 ) => ( True )
File 1 of 2: Yearn V3 Vault
File 2 of 2: DebtToken
# @version 0.3.7
"""
@title Yearn V3 Vault
@license GNU AGPLv3
@author yearn.finance
@notice
The Yearn VaultV3 is designed as an non-opinionated system to distribute funds of
depositors for a specific `asset` into different opportunities (aka Strategies)
and manage accounting in a robust way.
Depositors receive shares (aka vaults tokens) proportional to their deposit amount.
Vault tokens are yield-bearing and can be redeemed at any time to get back deposit
plus any yield generated.
Addresses that are given different permissioned roles by the `role_manager`
are then able to allocate funds as they best see fit to different strategies
and adjust the strategies and allocations as needed, as well as reporting realized
profits or losses.
Strategies are any ERC-4626 compliant contracts that use the same underlying `asset`
as the vault. The vault provides no assurances as to the safety of any strategy
and it is the responsibility of those that hold the corresponding roles to choose
and fund strategies that best fit their desired specifications.
Those holding vault tokens are able to redeem the tokens for the corresponding
amount of underlying asset based on any reported profits or losses since their
initial deposit.
The vault is built to be customized by the management to be able to fit their
specific desired needs Including the customization of strategies, accountants,
ownership etc.
"""
from vyper.interfaces import ERC20
from vyper.interfaces import ERC20Detailed
# INTERFACES #
interface IStrategy:
def asset() -> address: view
def balanceOf(owner: address) -> uint256: view
def maxDeposit(receiver: address) -> uint256: view
def redeem(shares: uint256, receiver: address, owner: address) -> uint256: nonpayable
def deposit(assets: uint256, receiver: address) -> uint256: nonpayable
def totalAssets() -> (uint256): view
def convertToAssets(shares: uint256) -> uint256: view
def convertToShares(assets: uint256) -> uint256: view
def previewWithdraw(assets: uint256) -> uint256: view
def maxRedeem(owner: address) -> uint256: view
interface IAccountant:
def report(strategy: address, gain: uint256, loss: uint256) -> (uint256, uint256): nonpayable
interface IDepositLimitModule:
def available_deposit_limit(receiver: address) -> uint256: view
interface IWithdrawLimitModule:
def available_withdraw_limit(owner: address, max_loss: uint256, strategies: DynArray[address, MAX_QUEUE]) -> uint256: view
interface IFactory:
def protocol_fee_config() -> (uint16, address): view
# EVENTS #
# ERC4626 EVENTS
event Deposit:
sender: indexed(address)
owner: indexed(address)
assets: uint256
shares: uint256
event Withdraw:
sender: indexed(address)
receiver: indexed(address)
owner: indexed(address)
assets: uint256
shares: uint256
# ERC20 EVENTS
event Transfer:
sender: indexed(address)
receiver: indexed(address)
value: uint256
event Approval:
owner: indexed(address)
spender: indexed(address)
value: uint256
# STRATEGY EVENTS
event StrategyChanged:
strategy: indexed(address)
change_type: indexed(StrategyChangeType)
event StrategyReported:
strategy: indexed(address)
gain: uint256
loss: uint256
current_debt: uint256
protocol_fees: uint256
total_fees: uint256
total_refunds: uint256
# DEBT MANAGEMENT EVENTS
event DebtUpdated:
strategy: indexed(address)
current_debt: uint256
new_debt: uint256
# ROLE UPDATES
event RoleSet:
account: indexed(address)
role: indexed(Roles)
event RoleStatusChanged:
role: indexed(Roles)
status: indexed(RoleStatusChange)
# STORAGE MANAGEMENT EVENTS
event UpdateRoleManager:
role_manager: indexed(address)
event UpdateAccountant:
accountant: indexed(address)
event UpdateDepositLimitModule:
deposit_limit_module: indexed(address)
event UpdateWithdrawLimitModule:
withdraw_limit_module: indexed(address)
event UpdateDefaultQueue:
new_default_queue: DynArray[address, MAX_QUEUE]
event UpdateUseDefaultQueue:
use_default_queue: bool
event UpdatedMaxDebtForStrategy:
sender: indexed(address)
strategy: indexed(address)
new_debt: uint256
event UpdateDepositLimit:
deposit_limit: uint256
event UpdateMinimumTotalIdle:
minimum_total_idle: uint256
event UpdateProfitMaxUnlockTime:
profit_max_unlock_time: uint256
event DebtPurchased:
strategy: indexed(address)
amount: uint256
event Shutdown:
pass
# STRUCTS #
struct StrategyParams:
# Timestamp when the strategy was added.
activation: uint256
# Timestamp of the strategies last report.
last_report: uint256
# The current assets the strategy holds.
current_debt: uint256
# The max assets the strategy can hold.
max_debt: uint256
# CONSTANTS #
# The max length the withdrawal queue can be.
MAX_QUEUE: constant(uint256) = 10
# 100% in Basis Points.
MAX_BPS: constant(uint256) = 10_000
# Extended for profit locking calculations.
MAX_BPS_EXTENDED: constant(uint256) = 1_000_000_000_000
# The version of this vault.
API_VERSION: constant(String[28]) = "3.0.1"
# ENUMS #
# Each permissioned function has its own Role.
# Roles can be combined in any combination or all kept separate.
# Follows python Enum patterns so the first Enum == 1 and doubles each time.
enum Roles:
ADD_STRATEGY_MANAGER # Can add strategies to the vault.
REVOKE_STRATEGY_MANAGER # Can remove strategies from the vault.
FORCE_REVOKE_MANAGER # Can force remove a strategy causing a loss.
ACCOUNTANT_MANAGER # Can set the accountant that assess fees.
QUEUE_MANAGER # Can set the default withdrawal queue.
REPORTING_MANAGER # Calls report for strategies.
DEBT_MANAGER # Adds and removes debt from strategies.
MAX_DEBT_MANAGER # Can set the max debt for a strategy.
DEPOSIT_LIMIT_MANAGER # Sets deposit limit and module for the vault.
WITHDRAW_LIMIT_MANAGER # Sets the withdraw limit module.
MINIMUM_IDLE_MANAGER # Sets the minimum total idle the vault should keep.
PROFIT_UNLOCK_MANAGER # Sets the profit_max_unlock_time.
DEBT_PURCHASER # Can purchase bad debt from the vault.
EMERGENCY_MANAGER # Can shutdown vault in an emergency.
enum StrategyChangeType:
ADDED
REVOKED
enum Rounding:
ROUND_DOWN
ROUND_UP
enum RoleStatusChange:
OPENED
CLOSED
# IMMUTABLE #
# Underlying token used by the vault.
ASSET: immutable(ERC20)
# Based off the `asset` decimals.
DECIMALS: immutable(uint256)
# Deployer contract used to retrieve the protocol fee config.
FACTORY: public(immutable(address))
# STORAGE #
# HashMap that records all the strategies that are allowed to receive assets from the vault.
strategies: public(HashMap[address, StrategyParams])
# The current default withdrawal queue.
default_queue: public(DynArray[address, MAX_QUEUE])
# Should the vault use the default_queue regardless whats passed in.
use_default_queue: public(bool)
# ERC20 - amount of shares per account
balance_of: HashMap[address, uint256]
# ERC20 - owner -> (spender -> amount)
allowance: public(HashMap[address, HashMap[address, uint256]])
# Total amount of shares that are currently minted including those locked.
# NOTE: To get the ERC20 compliant version user totalSupply().
total_supply: public(uint256)
# Total amount of assets that has been deposited in strategies.
total_debt: uint256
# Current assets held in the vault contract. Replacing balanceOf(this) to avoid price_per_share manipulation.
total_idle: uint256
# Minimum amount of assets that should be kept in the vault contract to allow for fast, cheap redeems.
minimum_total_idle: public(uint256)
# Maximum amount of tokens that the vault can accept. If totalAssets > deposit_limit, deposits will revert.
deposit_limit: public(uint256)
# Contract that charges fees and can give refunds.
accountant: public(address)
# Contract to control the deposit limit.
deposit_limit_module: public(address)
# Contract to control the withdraw limit.
withdraw_limit_module: public(address)
# HashMap mapping addresses to their roles
roles: public(HashMap[address, Roles])
# HashMap mapping roles to their permissioned state. If false, the role is not open to the public.
open_roles: public(HashMap[Roles, bool])
# Address that can add and remove roles to addresses.
role_manager: public(address)
# Temporary variable to store the address of the next role_manager until the role is accepted.
future_role_manager: public(address)
# ERC20 - name of the vaults token.
name: public(String[64])
# ERC20 - symbol of the vaults token.
symbol: public(String[32])
# State of the vault - if set to true, only withdrawals will be available. It can't be reverted.
shutdown: bool
# The amount of time profits will unlock over.
profit_max_unlock_time: uint256
# The timestamp of when the current unlocking period ends.
full_profit_unlock_date: uint256
# The per second rate at which profit will unlock.
profit_unlocking_rate: uint256
# Last timestamp of the most recent profitable report.
last_profit_update: uint256
# `nonces` track `permit` approvals with signature.
nonces: public(HashMap[address, uint256])
DOMAIN_TYPE_HASH: constant(bytes32) = keccak256('EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)')
PERMIT_TYPE_HASH: constant(bytes32) = keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)")
# Constructor
@external
def __init__(
asset: ERC20,
name: String[64],
symbol: String[32],
role_manager: address,
profit_max_unlock_time: uint256
):
"""
@notice
The constructor for the vault. Sets the asset, name, symbol, and role manager.
@param asset
The address of the asset that the vault will accept.
@param name
The name of the vault token.
@param symbol
The symbol of the vault token.
@param role_manager
The address that can add and remove roles to addresses
@param profit_max_unlock_time
The amount of time that the profit will be locked for
"""
ASSET = asset
DECIMALS = convert(ERC20Detailed(asset.address).decimals(), uint256)
assert DECIMALS < 256 # dev: see VVE-2020-0001
FACTORY = msg.sender
# Must be less than one year for report cycles
assert profit_max_unlock_time <= 31_556_952 # dev: profit unlock time too long
self.profit_max_unlock_time = profit_max_unlock_time
self.name = name
self.symbol = symbol
self.role_manager = role_manager
## SHARE MANAGEMENT ##
## ERC20 ##
@internal
def _spend_allowance(owner: address, spender: address, amount: uint256):
# Unlimited approval does nothing (saves an SSTORE)
current_allowance: uint256 = self.allowance[owner][spender]
if (current_allowance < max_value(uint256)):
assert current_allowance >= amount, "insufficient allowance"
self._approve(owner, spender, unsafe_sub(current_allowance, amount))
@internal
def _transfer(sender: address, receiver: address, amount: uint256):
sender_balance: uint256 = self.balance_of[sender]
assert sender_balance >= amount, "insufficient funds"
self.balance_of[sender] = unsafe_sub(sender_balance, amount)
self.balance_of[receiver] = unsafe_add(self.balance_of[receiver], amount)
log Transfer(sender, receiver, amount)
@internal
def _transfer_from(sender: address, receiver: address, amount: uint256) -> bool:
self._spend_allowance(sender, msg.sender, amount)
self._transfer(sender, receiver, amount)
return True
@internal
def _approve(owner: address, spender: address, amount: uint256) -> bool:
self.allowance[owner][spender] = amount
log Approval(owner, spender, amount)
return True
@internal
def _increase_allowance(owner: address, spender: address, amount: uint256) -> bool:
new_allowance: uint256 = self.allowance[owner][spender] + amount
self.allowance[owner][spender] = new_allowance
log Approval(owner, spender, new_allowance)
return True
@internal
def _decrease_allowance(owner: address, spender: address, amount: uint256) -> bool:
new_allowance: uint256 = self.allowance[owner][spender] - amount
self.allowance[owner][spender] = new_allowance
log Approval(owner, spender, new_allowance)
return True
@internal
def _permit(
owner: address,
spender: address,
amount: uint256,
deadline: uint256,
v: uint8,
r: bytes32,
s: bytes32
) -> bool:
assert owner != empty(address), "invalid owner"
assert deadline >= block.timestamp, "permit expired"
nonce: uint256 = self.nonces[owner]
digest: bytes32 = keccak256(
concat(
b'\x19\x01',
self.domain_separator(),
keccak256(
concat(
PERMIT_TYPE_HASH,
convert(owner, bytes32),
convert(spender, bytes32),
convert(amount, bytes32),
convert(nonce, bytes32),
convert(deadline, bytes32),
)
)
)
)
assert ecrecover(
digest, convert(v, uint256), convert(r, uint256), convert(s, uint256)
) == owner, "invalid signature"
self.allowance[owner][spender] = amount
self.nonces[owner] = nonce + 1
log Approval(owner, spender, amount)
return True
@internal
def _burn_shares(shares: uint256, owner: address):
self.balance_of[owner] -= shares
self.total_supply = unsafe_sub(self.total_supply, shares)
log Transfer(owner, empty(address), shares)
@view
@internal
def _unlocked_shares() -> uint256:
"""
Returns the amount of shares that have been unlocked.
To avoid sudden price_per_share spikes, profits must be processed
through an unlocking period. The mechanism involves shares to be
minted to the vault which are unlocked gradually over time. Shares
that have been locked are gradually unlocked over profit_max_unlock_time.
"""
_full_profit_unlock_date: uint256 = self.full_profit_unlock_date
unlocked_shares: uint256 = 0
if _full_profit_unlock_date > block.timestamp:
# If we have not fully unlocked, we need to calculate how much has been.
unlocked_shares = self.profit_unlocking_rate * (block.timestamp - self.last_profit_update) / MAX_BPS_EXTENDED
elif _full_profit_unlock_date != 0:
# All shares have been unlocked
unlocked_shares = self.balance_of[self]
return unlocked_shares
@view
@internal
def _total_supply() -> uint256:
# Need to account for the shares issued to the vault that have unlocked.
return self.total_supply - self._unlocked_shares()
@internal
def _burn_unlocked_shares():
"""
Burns shares that have been unlocked since last update.
In case the full unlocking period has passed, it stops the unlocking.
"""
# Get the amount of shares that have unlocked
unlocked_shares: uint256 = self._unlocked_shares()
# IF 0 there's nothing to do.
if unlocked_shares == 0:
return
# Only do an SSTORE if necessary
if self.full_profit_unlock_date > block.timestamp:
self.last_profit_update = block.timestamp
# Burn the shares unlocked.
self._burn_shares(unlocked_shares, self)
@view
@internal
def _total_assets() -> uint256:
"""
Total amount of assets that are in the vault and in the strategies.
"""
return self.total_idle + self.total_debt
@view
@internal
def _convert_to_assets(shares: uint256, rounding: Rounding) -> uint256:
"""
assets = shares * (total_assets / total_supply) --- (== price_per_share * shares)
"""
if shares == max_value(uint256) or shares == 0:
return shares
total_supply: uint256 = self._total_supply()
# if total_supply is 0, price_per_share is 1
if total_supply == 0:
return shares
numerator: uint256 = shares * self._total_assets()
amount: uint256 = numerator / total_supply
if rounding == Rounding.ROUND_UP and numerator % total_supply != 0:
amount += 1
return amount
@view
@internal
def _convert_to_shares(assets: uint256, rounding: Rounding) -> uint256:
"""
shares = amount * (total_supply / total_assets) --- (== amount / price_per_share)
"""
if assets == max_value(uint256) or assets == 0:
return assets
total_supply: uint256 = self._total_supply()
total_assets: uint256 = self._total_assets()
if total_assets == 0:
# if total_assets and total_supply is 0, price_per_share is 1
if total_supply == 0:
return assets
else:
# Else if total_supply > 0 price_per_share is 0
return 0
numerator: uint256 = assets * total_supply
shares: uint256 = numerator / total_assets
if rounding == Rounding.ROUND_UP and numerator % total_assets != 0:
shares += 1
return shares
@internal
def _erc20_safe_approve(token: address, spender: address, amount: uint256):
# Used only to approve tokens that are not the type managed by this Vault.
# Used to handle non-compliant tokens like USDT
assert ERC20(token).approve(spender, amount, default_return_value=True), "approval failed"
@internal
def _erc20_safe_transfer_from(token: address, sender: address, receiver: address, amount: uint256):
# Used only to transfer tokens that are not the type managed by this Vault.
# Used to handle non-compliant tokens like USDT
assert ERC20(token).transferFrom(sender, receiver, amount, default_return_value=True), "transfer failed"
@internal
def _erc20_safe_transfer(token: address, receiver: address, amount: uint256):
# Used only to send tokens that are not the type managed by this Vault.
# Used to handle non-compliant tokens like USDT
assert ERC20(token).transfer(receiver, amount, default_return_value=True), "transfer failed"
@internal
def _issue_shares(shares: uint256, recipient: address):
self.balance_of[recipient] = unsafe_add(self.balance_of[recipient], shares)
self.total_supply += shares
log Transfer(empty(address), recipient, shares)
@internal
def _issue_shares_for_amount(amount: uint256, recipient: address) -> uint256:
"""
Issues shares that are worth 'amount' in the underlying token (asset).
WARNING: this takes into account that any new assets have been summed
to total_assets (otherwise pps will go down).
"""
total_supply: uint256 = self._total_supply()
total_assets: uint256 = self._total_assets()
new_shares: uint256 = 0
# If no supply PPS = 1.
if total_supply == 0:
new_shares = amount
elif total_assets > amount:
new_shares = amount * total_supply / (total_assets - amount)
else:
# If total_supply > 0 but amount = totalAssets we want to revert because
# after first deposit, getting here would mean that the rest of the shares
# would be diluted to a price_per_share of 0. Issuing shares would then mean
# either the new depositor or the previous depositors will loose money.
assert total_assets > amount, "amount too high"
# We don't make the function revert
if new_shares == 0:
return 0
self._issue_shares(new_shares, recipient)
return new_shares
## ERC4626 ##
@view
@internal
def _max_deposit(receiver: address) -> uint256:
if receiver in [empty(address), self]:
return 0
# If there is a deposit limit module set use that.
deposit_limit_module: address = self.deposit_limit_module
if deposit_limit_module != empty(address):
return IDepositLimitModule(deposit_limit_module).available_deposit_limit(receiver)
# Else use the standard flow.
_total_assets: uint256 = self._total_assets()
_deposit_limit: uint256 = self.deposit_limit
if (_total_assets >= _deposit_limit):
return 0
return unsafe_sub(_deposit_limit, _total_assets)
@view
@internal
def _max_withdraw(
owner: address,
max_loss: uint256,
strategies: DynArray[address, MAX_QUEUE]
) -> uint256:
"""
@dev Returns the max amount of `asset` an `owner` can withdraw.
This will do a full simulation of the withdraw in order to determine
how much is currently liquid and if the `max_loss` would allow for the
tx to not revert.
This will track any expected loss to check if the tx will revert, but
not account for it in the amount returned since it is unrealised and
therefore will not be accounted for in the conversion rates.
i.e. If we have 100 debt and 10 of unrealised loss, the max we can get
out is 90, but a user of the vault will need to call withdraw with 100
in order to get the full 90 out.
"""
# Get the max amount for the owner if fully liquid.
max_assets: uint256 = self._convert_to_assets(self.balance_of[owner], Rounding.ROUND_DOWN)
# If there is a withdraw limit module use that.
withdraw_limit_module: address = self.withdraw_limit_module
if withdraw_limit_module != empty(address):
return min(
# Use the min between the returned value and the max.
# Means the limit module doesn't need to account for balances or conversions.
IWithdrawLimitModule(withdraw_limit_module).available_withdraw_limit(owner, max_loss, strategies),
max_assets
)
# See if we have enough idle to service the withdraw.
current_idle: uint256 = self.total_idle
if max_assets > current_idle:
# Track how much we can pull.
have: uint256 = current_idle
loss: uint256 = 0
# Cache the default queue.
_strategies: DynArray[address, MAX_QUEUE] = self.default_queue
# If a custom queue was passed, and we don't force the default queue.
if len(strategies) != 0 and not self.use_default_queue:
# Use the custom queue.
_strategies = strategies
for strategy in _strategies:
# Can't use an invalid strategy.
assert self.strategies[strategy].activation != 0, "inactive strategy"
# Get the maximum amount the vault would withdraw from the strategy.
to_withdraw: uint256 = min(
# What we still need for the full withdraw.
max_assets - have,
# The current debt the strategy has.
self.strategies[strategy].current_debt
)
# Get any unrealised loss for the strategy.
unrealised_loss: uint256 = self._assess_share_of_unrealised_losses(strategy, to_withdraw)
# See if any limit is enforced by the strategy.
strategy_limit: uint256 = IStrategy(strategy).convertToAssets(
IStrategy(strategy).maxRedeem(self)
)
# Adjust accordingly if there is a max withdraw limit.
if strategy_limit < to_withdraw - unrealised_loss:
# lower unrealised loss to the proportional to the limit.
unrealised_loss = unrealised_loss * strategy_limit / to_withdraw
# Still count the unrealised loss as withdrawable.
to_withdraw = strategy_limit + unrealised_loss
# If 0 move on to the next strategy.
if to_withdraw == 0:
continue
# If there would be a loss with a non-maximum `max_loss` value.
if unrealised_loss > 0 and max_loss < MAX_BPS:
# Check if the loss is greater than the allowed range.
if loss + unrealised_loss > (have + to_withdraw) * max_loss / MAX_BPS:
# If so use the amounts up till now.
break
# Add to what we can pull.
have += to_withdraw
# If we have all we need break.
if have >= max_assets:
break
# Add any unrealised loss to the total
loss += unrealised_loss
# Update the max after going through the queue.
# In case we broke early or exhausted the queue.
max_assets = have
return max_assets
@internal
def _deposit(sender: address, recipient: address, assets: uint256) -> uint256:
"""
Used for `deposit` calls to transfer the amount of `asset` to the vault,
issue the corresponding shares to the `recipient` and update all needed
vault accounting.
"""
assert self.shutdown == False # dev: shutdown
assert assets <= self._max_deposit(recipient), "exceed deposit limit"
# Transfer the tokens to the vault first.
self._erc20_safe_transfer_from(ASSET.address, msg.sender, self, assets)
# Record the change in total assets.
self.total_idle += assets
# Issue the corresponding shares for assets.
shares: uint256 = self._issue_shares_for_amount(assets, recipient)
assert shares > 0, "cannot mint zero"
log Deposit(sender, recipient, assets, shares)
return shares
@internal
def _mint(sender: address, recipient: address, shares: uint256) -> uint256:
"""
Used for `mint` calls to issue the corresponding shares to the `recipient`,
transfer the amount of `asset` to the vault, and update all needed vault
accounting.
"""
assert self.shutdown == False # dev: shutdown
# Get corresponding amount of assets.
assets: uint256 = self._convert_to_assets(shares, Rounding.ROUND_UP)
assert assets > 0, "cannot deposit zero"
assert assets <= self._max_deposit(recipient), "exceed deposit limit"
# Transfer the tokens to the vault first.
self._erc20_safe_transfer_from(ASSET.address, msg.sender, self, assets)
# Record the change in total assets.
self.total_idle += assets
# Issue the corresponding shares for assets.
self._issue_shares(shares, recipient)
log Deposit(sender, recipient, assets, shares)
return assets
@view
@internal
def _assess_share_of_unrealised_losses(strategy: address, assets_needed: uint256) -> uint256:
"""
Returns the share of losses that a user would take if withdrawing from this strategy
e.g. if the strategy has unrealised losses for 10% of its current debt and the user
wants to withdraw 1000 tokens, the losses that he will take are 100 token
"""
# Minimum of how much debt the debt should be worth.
strategy_current_debt: uint256 = self.strategies[strategy].current_debt
# The actual amount that the debt is currently worth.
vault_shares: uint256 = IStrategy(strategy).balanceOf(self)
strategy_assets: uint256 = IStrategy(strategy).convertToAssets(vault_shares)
# If no losses, return 0
if strategy_assets >= strategy_current_debt or strategy_current_debt == 0:
return 0
# Users will withdraw assets_to_withdraw divided by loss ratio (strategy_assets / strategy_current_debt - 1),
# but will only receive assets_to_withdraw.
# NOTE: If there are unrealised losses, the user will take his share.
numerator: uint256 = assets_needed * strategy_assets
losses_user_share: uint256 = assets_needed - numerator / strategy_current_debt
# Always round up.
if numerator % strategy_current_debt != 0:
losses_user_share += 1
return losses_user_share
@internal
def _withdraw_from_strategy(strategy: address, assets_to_withdraw: uint256):
"""
This takes the amount denominated in asset and performs a {redeem}
with the corresponding amount of shares.
We use {redeem} to natively take on losses without additional non-4626 standard parameters.
"""
# Need to get shares since we use redeem to be able to take on losses.
shares_to_redeem: uint256 = min(
# Use previewWithdraw since it should round up.
IStrategy(strategy).previewWithdraw(assets_to_withdraw),
# And check against our actual balance.
IStrategy(strategy).balanceOf(self)
)
# Redeem the shares.
IStrategy(strategy).redeem(shares_to_redeem, self, self)
@internal
def _redeem(
sender: address,
receiver: address,
owner: address,
assets: uint256,
shares_to_burn: uint256,
max_loss: uint256,
strategies: DynArray[address, MAX_QUEUE]
) -> uint256:
"""
This will attempt to free up the full amount of assets equivalent to
`shares_to_burn` and transfer them to the `receiver`. If the vault does
not have enough idle funds it will go through any strategies provided by
either the withdrawer or the queue_manager to free up enough funds to
service the request.
The vault will attempt to account for any unrealized losses taken on from
strategies since their respective last reports.
Any losses realized during the withdraw from a strategy will be passed on
to the user that is redeeming their vault shares.
"""
assert receiver != empty(address), "ZERO ADDRESS"
assert max_loss <= MAX_BPS, "max loss"
# If there is a withdraw limit module, check the max.
if self.withdraw_limit_module != empty(address):
assert assets <= self._max_withdraw(owner, max_loss, strategies), "exceed withdraw limit"
shares: uint256 = shares_to_burn
shares_balance: uint256 = self.balance_of[owner]
assert shares > 0, "no shares to redeem"
assert shares_balance >= shares, "insufficient shares to redeem"
if sender != owner:
self._spend_allowance(owner, sender, shares_to_burn)
# The amount of the underlying token to withdraw.
requested_assets: uint256 = assets
# load to memory to save gas
curr_total_idle: uint256 = self.total_idle
# If there are not enough assets in the Vault contract, we try to free
# funds from strategies.
if requested_assets > curr_total_idle:
# Cache the default queue.
_strategies: DynArray[address, MAX_QUEUE] = self.default_queue
# If a custom queue was passed, and we don't force the default queue.
if len(strategies) != 0 and not self.use_default_queue:
# Use the custom queue.
_strategies = strategies
# load to memory to save gas
curr_total_debt: uint256 = self.total_debt
# Withdraw from strategies only what idle doesn't cover.
# `assets_needed` is the total amount we need to fill the request.
assets_needed: uint256 = unsafe_sub(requested_assets, curr_total_idle)
# `assets_to_withdraw` is the amount to request from the current strategy.
assets_to_withdraw: uint256 = 0
# To compare against real withdrawals from strategies
previous_balance: uint256 = ASSET.balanceOf(self)
for strategy in _strategies:
# Make sure we have a valid strategy.
assert self.strategies[strategy].activation != 0, "inactive strategy"
# How much should the strategy have.
current_debt: uint256 = self.strategies[strategy].current_debt
# What is the max amount to withdraw from this strategy.
assets_to_withdraw = min(assets_needed, current_debt)
# Cache max_withdraw now for use if unrealized loss > 0
# Use maxRedeem and convert since we use redeem.
max_withdraw: uint256 = IStrategy(strategy).convertToAssets(
IStrategy(strategy).maxRedeem(self)
)
# CHECK FOR UNREALISED LOSSES
# If unrealised losses > 0, then the user will take the proportional share
# and realize it (required to avoid users withdrawing from lossy strategies).
# NOTE: strategies need to manage the fact that realising part of the loss can
# mean the realisation of 100% of the loss!! (i.e. if for withdrawing 10% of the
# strategy it needs to unwind the whole position, generated losses might be bigger)
unrealised_losses_share: uint256 = self._assess_share_of_unrealised_losses(strategy, assets_to_withdraw)
if unrealised_losses_share > 0:
# If max withdraw is limiting the amount to pull, we need to adjust the portion of
# the unrealized loss the user should take.
if max_withdraw < assets_to_withdraw - unrealised_losses_share:
# How much would we want to withdraw
wanted: uint256 = assets_to_withdraw - unrealised_losses_share
# Get the proportion of unrealised comparing what we want vs. what we can get
unrealised_losses_share = unrealised_losses_share * max_withdraw / wanted
# Adjust assets_to_withdraw so all future calculations work correctly
assets_to_withdraw = max_withdraw + unrealised_losses_share
# User now "needs" less assets to be unlocked (as he took some as losses)
assets_to_withdraw -= unrealised_losses_share
requested_assets -= unrealised_losses_share
# NOTE: done here instead of waiting for regular update of these values
# because it's a rare case (so we can save minor amounts of gas)
assets_needed -= unrealised_losses_share
curr_total_debt -= unrealised_losses_share
# If max withdraw is 0 and unrealised loss is still > 0 then the strategy likely
# realized a 100% loss and we will need to realize that loss before moving on.
if max_withdraw == 0 and unrealised_losses_share > 0:
# Adjust the strategy debt accordingly.
new_debt: uint256 = current_debt - unrealised_losses_share
# Update strategies storage
self.strategies[strategy].current_debt = new_debt
# Log the debt update
log DebtUpdated(strategy, current_debt, new_debt)
# Adjust based on the max withdraw of the strategy.
assets_to_withdraw = min(assets_to_withdraw, max_withdraw)
# Can't withdraw 0.
if assets_to_withdraw == 0:
continue
# WITHDRAW FROM STRATEGY
self._withdraw_from_strategy(strategy, assets_to_withdraw)
post_balance: uint256 = ASSET.balanceOf(self)
# Always check withdrawn against the real amounts.
withdrawn: uint256 = post_balance - previous_balance
loss: uint256 = 0
# Check if we redeemed too much.
if withdrawn > assets_to_withdraw:
# Make sure we don't underflow in debt updates.
if withdrawn > current_debt:
# Can't withdraw more than our debt.
assets_to_withdraw = current_debt
else:
# Add the extra to how much we withdrew.
assets_to_withdraw += (unsafe_sub(withdrawn, assets_to_withdraw))
# If we have not received what we expected, we consider the difference a loss.
elif withdrawn < assets_to_withdraw:
loss = unsafe_sub(assets_to_withdraw, withdrawn)
# NOTE: strategy's debt decreases by the full amount but the total idle increases
# by the actual amount only (as the difference is considered lost).
curr_total_idle += (assets_to_withdraw - loss)
requested_assets -= loss
curr_total_debt -= assets_to_withdraw
# Vault will reduce debt because the unrealised loss has been taken by user
new_debt: uint256 = current_debt - (assets_to_withdraw + unrealised_losses_share)
# Update strategies storage
self.strategies[strategy].current_debt = new_debt
# Log the debt update
log DebtUpdated(strategy, current_debt, new_debt)
# Break if we have enough total idle to serve initial request.
if requested_assets <= curr_total_idle:
break
# We update the previous_balance variable here to save gas in next iteration.
previous_balance = post_balance
# Reduce what we still need. Safe to use assets_to_withdraw
# here since it has been checked against requested_assets
assets_needed -= assets_to_withdraw
# If we exhaust the queue and still have insufficient total idle, revert.
assert curr_total_idle >= requested_assets, "insufficient assets in vault"
# Commit memory to storage.
self.total_debt = curr_total_debt
# Check if there is a loss and a non-default value was set.
if assets > requested_assets and max_loss < MAX_BPS:
# Assure the loss is within the allowed range.
assert assets - requested_assets <= assets * max_loss / MAX_BPS, "too much loss"
# First burn the corresponding shares from the redeemer.
self._burn_shares(shares, owner)
# Commit memory to storage.
self.total_idle = curr_total_idle - requested_assets
# Transfer the requested amount to the receiver.
self._erc20_safe_transfer(ASSET.address, receiver, requested_assets)
log Withdraw(sender, receiver, owner, requested_assets, shares)
return requested_assets
## STRATEGY MANAGEMENT ##
@internal
def _add_strategy(new_strategy: address):
assert new_strategy not in [self, empty(address)], "strategy cannot be zero address"
assert IStrategy(new_strategy).asset() == ASSET.address, "invalid asset"
assert self.strategies[new_strategy].activation == 0, "strategy already active"
# Add the new strategy to the mapping.
self.strategies[new_strategy] = StrategyParams({
activation: block.timestamp,
last_report: block.timestamp,
current_debt: 0,
max_debt: 0
})
# If the default queue has space, add the strategy.
if len(self.default_queue) < MAX_QUEUE:
self.default_queue.append(new_strategy)
log StrategyChanged(new_strategy, StrategyChangeType.ADDED)
@internal
def _revoke_strategy(strategy: address, force: bool=False):
assert self.strategies[strategy].activation != 0, "strategy not active"
# If force revoking a strategy, it will cause a loss.
loss: uint256 = 0
if self.strategies[strategy].current_debt != 0:
assert force, "strategy has debt"
# Vault realizes the full loss of outstanding debt.
loss = self.strategies[strategy].current_debt
# Adjust total vault debt.
self.total_debt -= loss
log StrategyReported(strategy, 0, loss, 0, 0, 0, 0)
# Set strategy params all back to 0 (WARNING: it can be re-added).
self.strategies[strategy] = StrategyParams({
activation: 0,
last_report: 0,
current_debt: 0,
max_debt: 0
})
# Remove strategy if it is in the default queue.
new_queue: DynArray[address, MAX_QUEUE] = []
for _strategy in self.default_queue:
# Add all strategies to the new queue besides the one revoked.
if _strategy != strategy:
new_queue.append(_strategy)
# Set the default queue to our updated queue.
self.default_queue = new_queue
log StrategyChanged(strategy, StrategyChangeType.REVOKED)
# DEBT MANAGEMENT #
@internal
def _update_debt(strategy: address, target_debt: uint256) -> uint256:
"""
The vault will re-balance the debt vs target debt. Target debt must be
smaller or equal to strategy's max_debt. This function will compare the
current debt with the target debt and will take funds or deposit new
funds to the strategy.
The strategy can require a maximum amount of funds that it wants to receive
to invest. The strategy can also reject freeing funds if they are locked.
"""
# How much we want the strategy to have.
new_debt: uint256 = target_debt
# How much the strategy currently has.
current_debt: uint256 = self.strategies[strategy].current_debt
# If the vault is shutdown we can only pull funds.
if self.shutdown:
new_debt = 0
assert new_debt != current_debt, "new debt equals current debt"
if current_debt > new_debt:
# Reduce debt.
assets_to_withdraw: uint256 = unsafe_sub(current_debt, new_debt)
# Ensure we always have minimum_total_idle when updating debt.
minimum_total_idle: uint256 = self.minimum_total_idle
total_idle: uint256 = self.total_idle
# Respect minimum total idle in vault
if total_idle + assets_to_withdraw < minimum_total_idle:
assets_to_withdraw = unsafe_sub(minimum_total_idle, total_idle)
# Cant withdraw more than the strategy has.
if assets_to_withdraw > current_debt:
assets_to_withdraw = current_debt
# Check how much we are able to withdraw.
# Use maxRedeem and convert since we use redeem.
withdrawable: uint256 = IStrategy(strategy).convertToAssets(
IStrategy(strategy).maxRedeem(self)
)
assert withdrawable != 0, "nothing to withdraw"
# If insufficient withdrawable, withdraw what we can.
if withdrawable < assets_to_withdraw:
assets_to_withdraw = withdrawable
# If there are unrealised losses we don't let the vault reduce its debt until there is a new report
unrealised_losses_share: uint256 = self._assess_share_of_unrealised_losses(strategy, assets_to_withdraw)
assert unrealised_losses_share == 0, "strategy has unrealised losses"
# Always check the actual amount withdrawn.
pre_balance: uint256 = ASSET.balanceOf(self)
self._withdraw_from_strategy(strategy, assets_to_withdraw)
post_balance: uint256 = ASSET.balanceOf(self)
# making sure we are changing idle according to the real result no matter what.
# We pull funds with {redeem} so there can be losses or rounding differences.
withdrawn: uint256 = min(post_balance - pre_balance, current_debt)
# If we got too much make sure not to increase PPS.
if withdrawn > assets_to_withdraw:
assets_to_withdraw = withdrawn
# Update storage.
self.total_idle += withdrawn # actual amount we got.
# Amount we tried to withdraw in case of losses
self.total_debt -= assets_to_withdraw
new_debt = current_debt - assets_to_withdraw
else:
# We are increasing the strategies debt
# Revert if target_debt cannot be achieved due to configured max_debt for given strategy
assert new_debt <= self.strategies[strategy].max_debt, "target debt higher than max debt"
# Vault is increasing debt with the strategy by sending more funds.
max_deposit: uint256 = IStrategy(strategy).maxDeposit(self)
assert max_deposit != 0, "nothing to deposit"
# Deposit the difference between desired and current.
assets_to_deposit: uint256 = new_debt - current_debt
if assets_to_deposit > max_deposit:
# Deposit as much as possible.
assets_to_deposit = max_deposit
# Ensure we always have minimum_total_idle when updating debt.
minimum_total_idle: uint256 = self.minimum_total_idle
total_idle: uint256 = self.total_idle
assert total_idle > minimum_total_idle, "no funds to deposit"
available_idle: uint256 = unsafe_sub(total_idle, minimum_total_idle)
# If insufficient funds to deposit, transfer only what is free.
if assets_to_deposit > available_idle:
assets_to_deposit = available_idle
# Can't Deposit 0.
if assets_to_deposit > 0:
# Approve the strategy to pull only what we are giving it.
self._erc20_safe_approve(ASSET.address, strategy, assets_to_deposit)
# Always update based on actual amounts deposited.
pre_balance: uint256 = ASSET.balanceOf(self)
IStrategy(strategy).deposit(assets_to_deposit, self)
post_balance: uint256 = ASSET.balanceOf(self)
# Make sure our approval is always back to 0.
self._erc20_safe_approve(ASSET.address, strategy, 0)
# Making sure we are changing according to the real result no
# matter what. This will spend more gas but makes it more robust.
assets_to_deposit = pre_balance - post_balance
# Update storage.
self.total_idle -= assets_to_deposit
self.total_debt += assets_to_deposit
new_debt = current_debt + assets_to_deposit
# Commit memory to storage.
self.strategies[strategy].current_debt = new_debt
log DebtUpdated(strategy, current_debt, new_debt)
return new_debt
## ACCOUNTING MANAGEMENT ##
@internal
def _process_report(strategy: address) -> (uint256, uint256):
"""
Processing a report means comparing the debt that the strategy has taken
with the current amount of funds it is reporting. If the strategy owes
less than it currently has, it means it has had a profit, else (assets < debt)
it has had a loss.
Different strategies might choose different reporting strategies: pessimistic,
only realised P&L, ... The best way to report depends on the strategy.
The profit will be distributed following a smooth curve over the vaults
profit_max_unlock_time seconds. Losses will be taken immediately, first from the
profit buffer (avoiding an impact in pps), then will reduce pps.
Any applicable fees are charged and distributed during the report as well
to the specified recipients.
"""
# Make sure we have a valid strategy.
assert self.strategies[strategy].activation != 0, "inactive strategy"
# Burn shares that have been unlocked since the last update
self._burn_unlocked_shares()
# Vault assesses profits using 4626 compliant interface.
# NOTE: It is important that a strategies `convertToAssets` implementation
# cannot be manipulated or else the vault could report incorrect gains/losses.
strategy_shares: uint256 = IStrategy(strategy).balanceOf(self)
# How much the vaults position is worth.
total_assets: uint256 = IStrategy(strategy).convertToAssets(strategy_shares)
# How much the vault had deposited to the strategy.
current_debt: uint256 = self.strategies[strategy].current_debt
gain: uint256 = 0
loss: uint256 = 0
# Compare reported assets vs. the current debt.
if total_assets > current_debt:
# We have a gain.
gain = unsafe_sub(total_assets, current_debt)
else:
# We have a loss.
loss = unsafe_sub(current_debt, total_assets)
# For Accountant fee assessment.
total_fees: uint256 = 0
total_refunds: uint256 = 0
# For Protocol fee assessment.
protocol_fees: uint256 = 0
protocol_fee_recipient: address = empty(address)
accountant: address = self.accountant
# If accountant is not set, fees and refunds remain unchanged.
if accountant != empty(address):
total_fees, total_refunds = IAccountant(accountant).report(strategy, gain, loss)
# Protocol fees will be 0 if accountant fees are 0.
if total_fees > 0:
protocol_fee_bps: uint16 = 0
# Get the config for this vault.
protocol_fee_bps, protocol_fee_recipient = IFactory(FACTORY).protocol_fee_config()
if(protocol_fee_bps > 0):
# Protocol fees are a percent of the fees the accountant is charging.
protocol_fees = total_fees * convert(protocol_fee_bps, uint256) / MAX_BPS
# `shares_to_burn` is derived from amounts that would reduce the vaults PPS.
# NOTE: this needs to be done before any pps changes
shares_to_burn: uint256 = 0
accountant_fees_shares: uint256 = 0
protocol_fees_shares: uint256 = 0
# Only need to burn shares if there is a loss or fees.
if loss + total_fees > 0:
# The amount of shares we will want to burn to offset losses and fees.
shares_to_burn += self._convert_to_shares(loss + total_fees, Rounding.ROUND_UP)
# Vault calculates the amount of shares to mint as fees before changing totalAssets / totalSupply.
if total_fees > 0:
# Accountant fees are total fees - protocol fees.
accountant_fees_shares = self._convert_to_shares(total_fees - protocol_fees, Rounding.ROUND_DOWN)
if protocol_fees > 0:
protocol_fees_shares = self._convert_to_shares(protocol_fees, Rounding.ROUND_DOWN)
# Shares to lock is any amounts that would otherwise increase the vaults PPS.
newly_locked_shares: uint256 = 0
if total_refunds > 0:
# Make sure we have enough approval and enough asset to pull.
total_refunds = min(total_refunds, min(ASSET.balanceOf(accountant), ASSET.allowance(accountant, self)))
# Transfer the refunded amount of asset to the vault.
self._erc20_safe_transfer_from(ASSET.address, accountant, self, total_refunds)
# Update storage to increase total assets.
self.total_idle += total_refunds
# Record any reported gains.
if gain > 0:
# NOTE: this will increase total_assets
self.strategies[strategy].current_debt += gain
self.total_debt += gain
profit_max_unlock_time: uint256 = self.profit_max_unlock_time
# Mint anything we are locking to the vault.
if gain + total_refunds > 0 and profit_max_unlock_time != 0:
newly_locked_shares = self._issue_shares_for_amount(gain + total_refunds, self)
# Strategy is reporting a loss
if loss > 0:
self.strategies[strategy].current_debt -= loss
self.total_debt -= loss
# NOTE: should be precise (no new unlocked shares due to above's burn of shares)
# newly_locked_shares have already been minted / transferred to the vault, so they need to be subtracted
# no risk of underflow because they have just been minted.
previously_locked_shares: uint256 = self.balance_of[self] - newly_locked_shares
# Now that pps has updated, we can burn the shares we intended to burn as a result of losses/fees.
# NOTE: If a value reduction (losses / fees) has occurred, prioritize burning locked profit to avoid
# negative impact on price per share. Price per share is reduced only if losses exceed locked value.
if shares_to_burn > 0:
# Cant burn more than the vault owns.
shares_to_burn = min(shares_to_burn, previously_locked_shares + newly_locked_shares)
self._burn_shares(shares_to_burn, self)
# We burn first the newly locked shares, then the previously locked shares.
shares_not_to_lock: uint256 = min(shares_to_burn, newly_locked_shares)
# Reduce the amounts to lock by how much we burned
newly_locked_shares -= shares_not_to_lock
previously_locked_shares -= (shares_to_burn - shares_not_to_lock)
# Issue shares for fees that were calculated above if applicable.
if accountant_fees_shares > 0:
self._issue_shares(accountant_fees_shares, accountant)
if protocol_fees_shares > 0:
self._issue_shares(protocol_fees_shares, protocol_fee_recipient)
# Update unlocking rate and time to fully unlocked.
total_locked_shares: uint256 = previously_locked_shares + newly_locked_shares
if total_locked_shares > 0:
previously_locked_time: uint256 = 0
_full_profit_unlock_date: uint256 = self.full_profit_unlock_date
# Check if we need to account for shares still unlocking.
if _full_profit_unlock_date > block.timestamp:
# There will only be previously locked shares if time remains.
# We calculate this here since it will not occur every time we lock shares.
previously_locked_time = previously_locked_shares * (_full_profit_unlock_date - block.timestamp)
# new_profit_locking_period is a weighted average between the remaining time of the previously locked shares and the profit_max_unlock_time
new_profit_locking_period: uint256 = (previously_locked_time + newly_locked_shares * profit_max_unlock_time) / total_locked_shares
# Calculate how many shares unlock per second.
self.profit_unlocking_rate = total_locked_shares * MAX_BPS_EXTENDED / new_profit_locking_period
# Calculate how long until the full amount of shares is unlocked.
self.full_profit_unlock_date = block.timestamp + new_profit_locking_period
# Update the last profitable report timestamp.
self.last_profit_update = block.timestamp
else:
# NOTE: only setting this to 0 will turn in the desired effect, no need
# to update last_profit_update or full_profit_unlock_date
self.profit_unlocking_rate = 0
# Record the report of profit timestamp.
self.strategies[strategy].last_report = block.timestamp
# We have to recalculate the fees paid for cases with an overall loss.
log StrategyReported(
strategy,
gain,
loss,
self.strategies[strategy].current_debt,
self._convert_to_assets(protocol_fees_shares, Rounding.ROUND_DOWN),
self._convert_to_assets(protocol_fees_shares + accountant_fees_shares, Rounding.ROUND_DOWN),
total_refunds
)
return (gain, loss)
# SETTERS #
@external
def set_accountant(new_accountant: address):
"""
@notice Set the new accountant address.
@param new_accountant The new accountant address.
"""
self._enforce_role(msg.sender, Roles.ACCOUNTANT_MANAGER)
self.accountant = new_accountant
log UpdateAccountant(new_accountant)
@external
def set_default_queue(new_default_queue: DynArray[address, MAX_QUEUE]):
"""
@notice Set the new default queue array.
@dev Will check each strategy to make sure it is active.
@param new_default_queue The new default queue array.
"""
self._enforce_role(msg.sender, Roles.QUEUE_MANAGER)
# Make sure every strategy in the new queue is active.
for strategy in new_default_queue:
assert self.strategies[strategy].activation != 0, "!inactive"
# Save the new queue.
self.default_queue = new_default_queue
log UpdateDefaultQueue(new_default_queue)
@external
def set_use_default_queue(use_default_queue: bool):
"""
@notice Set a new value for `use_default_queue`.
@dev If set `True` the default queue will always be
used no matter whats passed in.
@param use_default_queue new value.
"""
self._enforce_role(msg.sender, Roles.QUEUE_MANAGER)
self.use_default_queue = use_default_queue
log UpdateUseDefaultQueue(use_default_queue)
@external
def set_deposit_limit(deposit_limit: uint256):
"""
@notice Set the new deposit limit.
@dev Can not be changed if a deposit_limit_module
is set or if shutdown.
@param deposit_limit The new deposit limit.
"""
assert self.shutdown == False # Dev: shutdown
self._enforce_role(msg.sender, Roles.DEPOSIT_LIMIT_MANAGER)
assert self.deposit_limit_module == empty(address), "using module"
self.deposit_limit = deposit_limit
log UpdateDepositLimit(deposit_limit)
@external
def set_deposit_limit_module(deposit_limit_module: address):
"""
@notice Set a contract to handle the deposit limit.
@dev The default `deposit_limit` will need to be set to
max uint256 since the module will override it.
@param deposit_limit_module Address of the module.
"""
assert self.shutdown == False # Dev: shutdown
self._enforce_role(msg.sender, Roles.DEPOSIT_LIMIT_MANAGER)
assert self.deposit_limit == max_value(uint256), "using deposit limit"
self.deposit_limit_module = deposit_limit_module
log UpdateDepositLimitModule(deposit_limit_module)
@external
def set_withdraw_limit_module(withdraw_limit_module: address):
"""
@notice Set a contract to handle the withdraw limit.
@dev This will override the default `max_withdraw`.
@param withdraw_limit_module Address of the module.
"""
self._enforce_role(msg.sender, Roles.WITHDRAW_LIMIT_MANAGER)
self.withdraw_limit_module = withdraw_limit_module
log UpdateWithdrawLimitModule(withdraw_limit_module)
@external
def set_minimum_total_idle(minimum_total_idle: uint256):
"""
@notice Set the new minimum total idle.
@param minimum_total_idle The new minimum total idle.
"""
self._enforce_role(msg.sender, Roles.MINIMUM_IDLE_MANAGER)
self.minimum_total_idle = minimum_total_idle
log UpdateMinimumTotalIdle(minimum_total_idle)
@external
def setProfitMaxUnlockTime(new_profit_max_unlock_time: uint256):
"""
@notice Set the new profit max unlock time.
@dev The time is denominated in seconds and must be less than 1 year.
We only need to update locking period if setting to 0,
since the current period will use the old rate and on the next
report it will be reset with the new unlocking time.
Setting to 0 will cause any currently locked profit to instantly
unlock and an immediate increase in the vaults Price Per Share.
@param new_profit_max_unlock_time The new profit max unlock time.
"""
self._enforce_role(msg.sender, Roles.PROFIT_UNLOCK_MANAGER)
# Must be less than one year for report cycles
assert new_profit_max_unlock_time <= 31_556_952, "profit unlock time too long"
# If setting to 0 we need to reset any locked values.
if (new_profit_max_unlock_time == 0):
# Burn any shares the vault still has.
self._burn_shares(self.balance_of[self], self)
# Reset unlocking variables to 0.
self.profit_unlocking_rate = 0
self.full_profit_unlock_date = 0
self.profit_max_unlock_time = new_profit_max_unlock_time
log UpdateProfitMaxUnlockTime(new_profit_max_unlock_time)
# ROLE MANAGEMENT #
@internal
def _enforce_role(account: address, role: Roles):
# Make sure the sender either holds the role or it has been opened.
assert role in self.roles[account] or self.open_roles[role], "not allowed"
@external
def set_role(account: address, role: Roles):
"""
@notice Set the roles for an account.
@dev This will fully override an accounts current roles
so it should include all roles the account should hold.
@param account The account to set the role for.
@param role The roles the account should hold.
"""
assert msg.sender == self.role_manager
self.roles[account] = role
log RoleSet(account, role)
@external
def add_role(account: address, role: Roles):
"""
@notice Add a new role to an address.
@dev This will add a new role to the account
without effecting any of the previously held roles.
@param account The account to add a role to.
@param role The new role to add to account.
"""
assert msg.sender == self.role_manager
self.roles[account] = self.roles[account] | role
log RoleSet(account, self.roles[account])
@external
def remove_role(account: address, role: Roles):
"""
@notice Remove a single role from an account.
@dev This will leave all other roles for the
account unchanged.
@param account The account to remove a Role from.
@param role The Role to remove.
"""
assert msg.sender == self.role_manager
self.roles[account] = self.roles[account] & ~role
log RoleSet(account, self.roles[account])
@external
def set_open_role(role: Roles):
"""
@notice Set a role to be open.
@param role The role to set.
"""
assert msg.sender == self.role_manager
self.open_roles[role] = True
log RoleStatusChanged(role, RoleStatusChange.OPENED)
@external
def close_open_role(role: Roles):
"""
@notice Close a opened role.
@param role The role to close.
"""
assert msg.sender == self.role_manager
self.open_roles[role] = False
log RoleStatusChanged(role, RoleStatusChange.CLOSED)
@external
def transfer_role_manager(role_manager: address):
"""
@notice Step 1 of 2 in order to transfer the
role manager to a new address. This will set
the future_role_manager. Which will then need
to be accepted by the new manager.
@param role_manager The new role manager address.
"""
assert msg.sender == self.role_manager
self.future_role_manager = role_manager
@external
def accept_role_manager():
"""
@notice Accept the role manager transfer.
"""
assert msg.sender == self.future_role_manager
self.role_manager = msg.sender
self.future_role_manager = empty(address)
log UpdateRoleManager(msg.sender)
# VAULT STATUS VIEWS
@view
@external
def isShutdown() -> bool:
"""
@notice Get if the vault is shutdown.
@return Bool representing the shutdown status
"""
return self.shutdown
@view
@external
def unlockedShares() -> uint256:
"""
@notice Get the amount of shares that have been unlocked.
@return The amount of shares that are have been unlocked.
"""
return self._unlocked_shares()
@view
@external
def pricePerShare() -> uint256:
"""
@notice Get the price per share (pps) of the vault.
@dev This value offers limited precision. Integrations that require
exact precision should use convertToAssets or convertToShares instead.
@return The price per share.
"""
return self._convert_to_assets(10 ** DECIMALS, Rounding.ROUND_DOWN)
@view
@external
def get_default_queue() -> DynArray[address, MAX_QUEUE]:
"""
@notice Get the full default queue currently set.
@return The current default withdrawal queue.
"""
return self.default_queue
## REPORTING MANAGEMENT ##
@external
@nonreentrant("lock")
def process_report(strategy: address) -> (uint256, uint256):
"""
@notice Process the report of a strategy.
@param strategy The strategy to process the report for.
@return The gain and loss of the strategy.
"""
self._enforce_role(msg.sender, Roles.REPORTING_MANAGER)
return self._process_report(strategy)
@external
@nonreentrant("lock")
def buy_debt(strategy: address, amount: uint256):
"""
@notice Used for governance to buy bad debt from the vault.
@dev This should only ever be used in an emergency in place
of force revoking a strategy in order to not report a loss.
It allows the DEBT_PURCHASER role to buy the strategies debt
for an equal amount of `asset`.
@param strategy The strategy to buy the debt for
@param amount The amount of debt to buy from the vault.
"""
self._enforce_role(msg.sender, Roles.DEBT_PURCHASER)
assert self.strategies[strategy].activation != 0, "not active"
# Cache the current debt.
current_debt: uint256 = self.strategies[strategy].current_debt
_amount: uint256 = amount
assert current_debt > 0, "nothing to buy"
assert _amount > 0, "nothing to buy with"
if _amount > current_debt:
_amount = current_debt
# We get the proportion of the debt that is being bought and
# transfer the equivalent shares. We assume this is being used
# due to strategy issues so won't rely on its conversion rates.
shares: uint256 = IStrategy(strategy).balanceOf(self) * _amount / current_debt
assert shares > 0, "cannot buy zero"
self._erc20_safe_transfer_from(ASSET.address, msg.sender, self, _amount)
# Lower strategy debt
self.strategies[strategy].current_debt -= _amount
# lower total debt
self.total_debt -= _amount
# Increase total idle
self.total_idle += _amount
# log debt change
log DebtUpdated(strategy, current_debt, current_debt - _amount)
# Transfer the strategies shares out.
self._erc20_safe_transfer(strategy, msg.sender, shares)
log DebtPurchased(strategy, _amount)
## STRATEGY MANAGEMENT ##
@external
def add_strategy(new_strategy: address):
"""
@notice Add a new strategy.
@param new_strategy The new strategy to add.
"""
self._enforce_role(msg.sender, Roles.ADD_STRATEGY_MANAGER)
self._add_strategy(new_strategy)
@external
def revoke_strategy(strategy: address):
"""
@notice Revoke a strategy.
@param strategy The strategy to revoke.
"""
self._enforce_role(msg.sender, Roles.REVOKE_STRATEGY_MANAGER)
self._revoke_strategy(strategy)
@external
def force_revoke_strategy(strategy: address):
"""
@notice Force revoke a strategy.
@dev The vault will remove the strategy and write off any debt left
in it as a loss. This function is a dangerous function as it can force a
strategy to take a loss. All possible assets should be removed from the
strategy first via update_debt. If a strategy is removed erroneously it
can be re-added and the loss will be credited as profit. Fees will apply.
@param strategy The strategy to force revoke.
"""
self._enforce_role(msg.sender, Roles.FORCE_REVOKE_MANAGER)
self._revoke_strategy(strategy, True)
## DEBT MANAGEMENT ##
@external
def update_max_debt_for_strategy(strategy: address, new_max_debt: uint256):
"""
@notice Update the max debt for a strategy.
@param strategy The strategy to update the max debt for.
@param new_max_debt The new max debt for the strategy.
"""
self._enforce_role(msg.sender, Roles.MAX_DEBT_MANAGER)
assert self.strategies[strategy].activation != 0, "inactive strategy"
self.strategies[strategy].max_debt = new_max_debt
log UpdatedMaxDebtForStrategy(msg.sender, strategy, new_max_debt)
@external
@nonreentrant("lock")
def update_debt(strategy: address, target_debt: uint256) -> uint256:
"""
@notice Update the debt for a strategy.
@param strategy The strategy to update the debt for.
@param target_debt The target debt for the strategy.
@return The amount of debt added or removed.
"""
self._enforce_role(msg.sender, Roles.DEBT_MANAGER)
return self._update_debt(strategy, target_debt)
## EMERGENCY MANAGEMENT ##
@external
def shutdown_vault():
"""
@notice Shutdown the vault.
"""
self._enforce_role(msg.sender, Roles.EMERGENCY_MANAGER)
assert self.shutdown == False
# Shutdown the vault.
self.shutdown = True
# Set deposit limit to 0.
if self.deposit_limit_module != empty(address):
self.deposit_limit_module = empty(address)
log UpdateDepositLimitModule(empty(address))
self.deposit_limit = 0
log UpdateDepositLimit(0)
self.roles[msg.sender] = self.roles[msg.sender] | Roles.DEBT_MANAGER
log Shutdown()
## SHARE MANAGEMENT ##
## ERC20 + ERC4626 ##
@external
@nonreentrant("lock")
def deposit(assets: uint256, receiver: address) -> uint256:
"""
@notice Deposit assets into the vault.
@param assets The amount of assets to deposit.
@param receiver The address to receive the shares.
@return The amount of shares minted.
"""
return self._deposit(msg.sender, receiver, assets)
@external
@nonreentrant("lock")
def mint(shares: uint256, receiver: address) -> uint256:
"""
@notice Mint shares for the receiver.
@param shares The amount of shares to mint.
@param receiver The address to receive the shares.
@return The amount of assets deposited.
"""
return self._mint(msg.sender, receiver, shares)
@external
@nonreentrant("lock")
def withdraw(
assets: uint256,
receiver: address,
owner: address,
max_loss: uint256 = 0,
strategies: DynArray[address, MAX_QUEUE] = []
) -> uint256:
"""
@notice Withdraw an amount of asset to `receiver` burning `owner`s shares.
@dev The default behavior is to not allow any loss.
@param assets The amount of asset to withdraw.
@param receiver The address to receive the assets.
@param owner The address who's shares are being burnt.
@param max_loss Optional amount of acceptable loss in Basis Points.
@param strategies Optional array of strategies to withdraw from.
@return The amount of shares actually burnt.
"""
shares: uint256 = self._convert_to_shares(assets, Rounding.ROUND_UP)
self._redeem(msg.sender, receiver, owner, assets, shares, max_loss, strategies)
return shares
@external
@nonreentrant("lock")
def redeem(
shares: uint256,
receiver: address,
owner: address,
max_loss: uint256 = MAX_BPS,
strategies: DynArray[address, MAX_QUEUE] = []
) -> uint256:
"""
@notice Redeems an amount of shares of `owners` shares sending funds to `receiver`.
@dev The default behavior is to allow losses to be realized.
@param shares The amount of shares to burn.
@param receiver The address to receive the assets.
@param owner The address who's shares are being burnt.
@param max_loss Optional amount of acceptable loss in Basis Points.
@param strategies Optional array of strategies to withdraw from.
@return The amount of assets actually withdrawn.
"""
assets: uint256 = self._convert_to_assets(shares, Rounding.ROUND_DOWN)
# Always return the actual amount of assets withdrawn.
return self._redeem(msg.sender, receiver, owner, assets, shares, max_loss, strategies)
@external
def approve(spender: address, amount: uint256) -> bool:
"""
@notice Approve an address to spend the vault's shares.
@param spender The address to approve.
@param amount The amount of shares to approve.
@return True if the approval was successful.
"""
return self._approve(msg.sender, spender, amount)
@external
def transfer(receiver: address, amount: uint256) -> bool:
"""
@notice Transfer shares to a receiver.
@param receiver The address to transfer shares to.
@param amount The amount of shares to transfer.
@return True if the transfer was successful.
"""
assert receiver not in [self, empty(address)]
self._transfer(msg.sender, receiver, amount)
return True
@external
def transferFrom(sender: address, receiver: address, amount: uint256) -> bool:
"""
@notice Transfer shares from a sender to a receiver.
@param sender The address to transfer shares from.
@param receiver The address to transfer shares to.
@param amount The amount of shares to transfer.
@return True if the transfer was successful.
"""
assert receiver not in [self, empty(address)]
return self._transfer_from(sender, receiver, amount)
## ERC20+4626 compatibility
@external
def increaseAllowance(spender: address, amount: uint256) -> bool:
"""
@notice Increase the allowance for a spender.
@param spender The address to increase the allowance for.
@param amount The amount to increase the allowance by.
@return True if the increase was successful.
"""
return self._increase_allowance(msg.sender, spender, amount)
@external
def decreaseAllowance(spender: address, amount: uint256) -> bool:
"""
@notice Decrease the allowance for a spender.
@param spender The address to decrease the allowance for.
@param amount The amount to decrease the allowance by.
@return True if the decrease was successful.
"""
return self._decrease_allowance(msg.sender, spender, amount)
@external
def permit(
owner: address,
spender: address,
amount: uint256,
deadline: uint256,
v: uint8,
r: bytes32,
s: bytes32
) -> bool:
"""
@notice Approve an address to spend the vault's shares.
@param owner The address to approve.
@param spender The address to approve.
@param amount The amount of shares to approve.
@param deadline The deadline for the permit.
@param v The v component of the signature.
@param r The r component of the signature.
@param s The s component of the signature.
@return True if the approval was successful.
"""
return self._permit(owner, spender, amount, deadline, v, r, s)
@view
@external
def balanceOf(addr: address) -> uint256:
"""
@notice Get the balance of a user.
@param addr The address to get the balance of.
@return The balance of the user.
"""
if(addr == self):
# If the address is the vault, account for locked shares.
return self.balance_of[addr] - self._unlocked_shares()
return self.balance_of[addr]
@view
@external
def totalSupply() -> uint256:
"""
@notice Get the total supply of shares.
@return The total supply of shares.
"""
return self._total_supply()
@view
@external
def asset() -> address:
"""
@notice Get the address of the asset.
@return The address of the asset.
"""
return ASSET.address
@view
@external
def decimals() -> uint8:
"""
@notice Get the number of decimals of the asset/share.
@return The number of decimals of the asset/share.
"""
return convert(DECIMALS, uint8)
@view
@external
def totalAssets() -> uint256:
"""
@notice Get the total assets held by the vault.
@return The total assets held by the vault.
"""
return self._total_assets()
@view
@external
def totalIdle() -> uint256:
"""
@notice Get the amount of loose `asset` the vault holds.
@return The current total idle.
"""
return self.total_idle
@view
@external
def totalDebt() -> uint256:
"""
@notice Get the the total amount of funds invested
across all strategies.
@return The current total debt.
"""
return self.total_debt
@view
@external
def convertToShares(assets: uint256) -> uint256:
"""
@notice Convert an amount of assets to shares.
@param assets The amount of assets to convert.
@return The amount of shares.
"""
return self._convert_to_shares(assets, Rounding.ROUND_DOWN)
@view
@external
def previewDeposit(assets: uint256) -> uint256:
"""
@notice Preview the amount of shares that would be minted for a deposit.
@param assets The amount of assets to deposit.
@return The amount of shares that would be minted.
"""
return self._convert_to_shares(assets, Rounding.ROUND_DOWN)
@view
@external
def previewMint(shares: uint256) -> uint256:
"""
@notice Preview the amount of assets that would be deposited for a mint.
@param shares The amount of shares to mint.
@return The amount of assets that would be deposited.
"""
return self._convert_to_assets(shares, Rounding.ROUND_UP)
@view
@external
def convertToAssets(shares: uint256) -> uint256:
"""
@notice Convert an amount of shares to assets.
@param shares The amount of shares to convert.
@return The amount of assets.
"""
return self._convert_to_assets(shares, Rounding.ROUND_DOWN)
@view
@external
def maxDeposit(receiver: address) -> uint256:
"""
@notice Get the maximum amount of assets that can be deposited.
@param receiver The address that will receive the shares.
@return The maximum amount of assets that can be deposited.
"""
return self._max_deposit(receiver)
@view
@external
def maxMint(receiver: address) -> uint256:
"""
@notice Get the maximum amount of shares that can be minted.
@param receiver The address that will receive the shares.
@return The maximum amount of shares that can be minted.
"""
max_deposit: uint256 = self._max_deposit(receiver)
return self._convert_to_shares(max_deposit, Rounding.ROUND_DOWN)
@view
@external
def maxWithdraw(
owner: address,
max_loss: uint256 = 0,
strategies: DynArray[address, MAX_QUEUE] = []
) -> uint256:
"""
@notice Get the maximum amount of assets that can be withdrawn.
@dev Complies to normal 4626 interface and takes custom params.
@param owner The address that owns the shares.
@param max_loss Custom max_loss if any.
@param strategies Custom strategies queue if any.
@return The maximum amount of assets that can be withdrawn.
"""
return self._max_withdraw(owner, max_loss, strategies)
@view
@external
def maxRedeem(
owner: address,
max_loss: uint256 = MAX_BPS,
strategies: DynArray[address, MAX_QUEUE] = []
) -> uint256:
"""
@notice Get the maximum amount of shares that can be redeemed.
@dev Complies to normal 4626 interface and takes custom params.
@param owner The address that owns the shares.
@param max_loss Custom max_loss if any.
@param strategies Custom strategies queue if any.
@return The maximum amount of shares that can be redeemed.
"""
return min(
# Convert to shares is rounding up so we check against the full balance.
self._convert_to_shares(self._max_withdraw(owner, max_loss, strategies), Rounding.ROUND_UP),
self.balance_of[owner]
)
@view
@external
def previewWithdraw(assets: uint256) -> uint256:
"""
@notice Preview the amount of shares that would be redeemed for a withdraw.
@param assets The amount of assets to withdraw.
@return The amount of shares that would be redeemed.
"""
return self._convert_to_shares(assets, Rounding.ROUND_UP)
@view
@external
def previewRedeem(shares: uint256) -> uint256:
"""
@notice Preview the amount of assets that would be withdrawn for a redeem.
@param shares The amount of shares to redeem.
@return The amount of assets that would be withdrawn.
"""
return self._convert_to_assets(shares, Rounding.ROUND_DOWN)
@view
@external
def apiVersion() -> String[28]:
"""
@notice Get the API version of the vault.
@return The API version of the vault.
"""
return API_VERSION
@view
@external
def assess_share_of_unrealised_losses(strategy: address, assets_needed: uint256) -> uint256:
"""
@notice Assess the share of unrealised losses that a strategy has.
@param strategy The address of the strategy.
@param assets_needed The amount of assets needed to be withdrawn.
@return The share of unrealised losses that the strategy has.
"""
assert self.strategies[strategy].current_debt >= assets_needed
return self._assess_share_of_unrealised_losses(strategy, assets_needed)
## Profit locking getter functions ##
@view
@external
def profitMaxUnlockTime() -> uint256:
"""
@notice Gets the current time profits are set to unlock over.
@return The current profit max unlock time.
"""
return self.profit_max_unlock_time
@view
@external
def fullProfitUnlockDate() -> uint256:
"""
@notice Gets the timestamp at which all profits will be unlocked.
@return The full profit unlocking timestamp
"""
return self.full_profit_unlock_date
@view
@external
def profitUnlockingRate() -> uint256:
"""
@notice The per second rate at which profits are unlocking.
@dev This is denominated in EXTENDED_BPS decimals.
@return The current profit unlocking rate.
"""
return self.profit_unlocking_rate
@view
@external
def lastProfitUpdate() -> uint256:
"""
@notice The timestamp of the last time shares were locked.
@return The last profit update.
"""
return self.last_profit_update
# eip-1344
@view
@internal
def domain_separator() -> bytes32:
return keccak256(
concat(
DOMAIN_TYPE_HASH,
keccak256(convert("Yearn Vault", Bytes[11])),
keccak256(convert(API_VERSION, Bytes[28])),
convert(chain.id, bytes32),
convert(self, bytes32)
)
)
@view
@external
def DOMAIN_SEPARATOR() -> bytes32:
"""
@notice Get the domain separator.
@return The domain separator.
"""
return self.domain_separator()File 2 of 2: DebtToken
// SPDX-License-Identifier: MIT
pragma solidity 0.8.19;
import { OFT, IERC20, ERC20 } from "OFT.sol";
import { IERC3156FlashBorrower } from "IERC3156FlashBorrower.sol";
import "IPrismaCore.sol";
/**
@title Prisma Debt Token "acUSD"
@notice CDP minted against collateral deposits within `TroveManager`.
This contract has a 1:n relationship with multiple deployments of `TroveManager`,
each of which hold one collateral type which may be used to mint this token.
*/
contract DebtToken is OFT {
string public constant version = "1";
// --- ERC 3156 Data ---
bytes32 private constant _RETURN_VALUE = keccak256("ERC3156FlashBorrower.onFlashLoan");
uint256 public constant FLASH_LOAN_FEE = 9; // 1 = 0.0001%
// --- Data for EIP2612 ---
// keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");
bytes32 public constant permitTypeHash = 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9;
// keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)");
bytes32 private constant _TYPE_HASH = 0x8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f;
// Cache the domain separator as an immutable value, but also store the chain id that it corresponds to, in order to
// invalidate the cached domain separator if the chain id changes.
bytes32 private immutable _CACHED_DOMAIN_SEPARATOR;
uint256 private immutable _CACHED_CHAIN_ID;
bytes32 private immutable _HASHED_NAME;
bytes32 private immutable _HASHED_VERSION;
mapping(address => uint256) private _nonces;
// --- Addresses ---
IPrismaCore private immutable _prismaCore;
address public immutable stabilityPoolAddress;
address public immutable borrowerOperationsAddress;
address public immutable factory;
address public immutable gasPool;
mapping(address => bool) public troveManager;
// Amount of debt to be locked in gas pool on opening troves
uint256 public immutable DEBT_GAS_COMPENSATION;
constructor(
string memory _name,
string memory _symbol,
address _stabilityPoolAddress,
address _borrowerOperationsAddress,
IPrismaCore prismaCore_,
address _layerZeroEndpoint,
address _factory,
address _gasPool,
uint256 _gasCompensation
) OFT(_name, _symbol, _layerZeroEndpoint) {
stabilityPoolAddress = _stabilityPoolAddress;
_prismaCore = prismaCore_;
borrowerOperationsAddress = _borrowerOperationsAddress;
factory = _factory;
gasPool = _gasPool;
DEBT_GAS_COMPENSATION = _gasCompensation;
bytes32 hashedName = keccak256(bytes(_name));
bytes32 hashedVersion = keccak256(bytes(version));
_HASHED_NAME = hashedName;
_HASHED_VERSION = hashedVersion;
_CACHED_CHAIN_ID = block.chainid;
_CACHED_DOMAIN_SEPARATOR = _buildDomainSeparator(_TYPE_HASH, hashedName, hashedVersion);
}
function enableTroveManager(address _troveManager) external {
require(msg.sender == factory, "!Factory");
troveManager[_troveManager] = true;
}
// --- Functions for intra-Prisma calls ---
function mintWithGasCompensation(address _account, uint256 _amount) external returns (bool) {
require(msg.sender == borrowerOperationsAddress);
_mint(_account, _amount);
_mint(gasPool, DEBT_GAS_COMPENSATION);
return true;
}
function burnWithGasCompensation(address _account, uint256 _amount) external returns (bool) {
require(msg.sender == borrowerOperationsAddress);
_burn(_account, _amount);
_burn(gasPool, DEBT_GAS_COMPENSATION);
return true;
}
function mint(address _account, uint256 _amount) external {
require(msg.sender == borrowerOperationsAddress || troveManager[msg.sender], "Debt: Caller not BO/TM");
_mint(_account, _amount);
}
function burn(address _account, uint256 _amount) external {
require(troveManager[msg.sender], "Debt: Caller not TroveManager");
_burn(_account, _amount);
}
function sendToSP(address _sender, uint256 _amount) external {
require(msg.sender == stabilityPoolAddress, "Debt: Caller not StabilityPool");
_transfer(_sender, msg.sender, _amount);
}
function returnFromPool(address _poolAddress, address _receiver, uint256 _amount) external {
require(msg.sender == stabilityPoolAddress || troveManager[msg.sender], "Debt: Caller not TM/SP");
_transfer(_poolAddress, _receiver, _amount);
}
// --- External functions ---
function transfer(address recipient, uint256 amount) public override(IERC20, ERC20) returns (bool) {
_requireValidRecipient(recipient);
return super.transfer(recipient, amount);
}
function transferFrom(
address sender,
address recipient,
uint256 amount
) public override(IERC20, ERC20) returns (bool) {
_requireValidRecipient(recipient);
return super.transferFrom(sender, recipient, amount);
}
// --- ERC 3156 Functions ---
/**
* @dev Returns the maximum amount of tokens available for loan.
* @param token The address of the token that is requested.
* @return The amount of token that can be loaned.
*/
function maxFlashLoan(address token) public view returns (uint256) {
return token == address(this) ? type(uint256).max - totalSupply() : 0;
}
/**
* @dev Returns the fee applied when doing flash loans. This function calls
* the {_flashFee} function which returns the fee applied when doing flash
* loans.
* @param token The token to be flash loaned.
* @param amount The amount of tokens to be loaned.
* @return The fees applied to the corresponding flash loan.
*/
function flashFee(address token, uint256 amount) external view returns (uint256) {
return token == address(this) ? _flashFee(amount) : 0;
}
/**
* @dev Returns the fee applied when doing flash loans. By default this
* implementation has 0 fees. This function can be overloaded to make
* the flash loan mechanism deflationary.
* @param amount The amount of tokens to be loaned.
* @return The fees applied to the corresponding flash loan.
*/
function _flashFee(uint256 amount) internal pure returns (uint256) {
return (amount * FLASH_LOAN_FEE) / 10000;
}
/**
* @dev Performs a flash loan. New tokens are minted and sent to the
* `receiver`, who is required to implement the {IERC3156FlashBorrower}
* interface. By the end of the flash loan, the receiver is expected to own
* amount + fee tokens and have them approved back to the token contract itself so
* they can be burned.
* @param receiver The receiver of the flash loan. Should implement the
* {IERC3156FlashBorrower-onFlashLoan} interface.
* @param token The token to be flash loaned. Only `address(this)` is
* supported.
* @param amount The amount of tokens to be loaned.
* @param data An arbitrary datafield that is passed to the receiver.
* @return `true` if the flash loan was successful.
*/
// This function can reenter, but it doesn't pose a risk because it always preserves the property that the amount
// minted at the beginning is always recovered and burned at the end, or else the entire function will revert.
// slither-disable-next-line reentrancy-no-eth
function flashLoan(
IERC3156FlashBorrower receiver,
address token,
uint256 amount,
bytes calldata data
) external returns (bool) {
require(token == address(this), "ERC20FlashMint: wrong token");
require(amount <= maxFlashLoan(token), "ERC20FlashMint: amount exceeds maxFlashLoan");
uint256 fee = _flashFee(amount);
_mint(address(receiver), amount);
require(
receiver.onFlashLoan(msg.sender, token, amount, fee, data) == _RETURN_VALUE,
"ERC20FlashMint: invalid return value"
);
_spendAllowance(address(receiver), address(this), amount + fee);
_burn(address(receiver), amount);
_transfer(address(receiver), _prismaCore.feeReceiver(), fee);
return true;
}
// --- EIP 2612 Functionality ---
function domainSeparator() public view returns (bytes32) {
if (block.chainid == _CACHED_CHAIN_ID) {
return _CACHED_DOMAIN_SEPARATOR;
} else {
return _buildDomainSeparator(_TYPE_HASH, _HASHED_NAME, _HASHED_VERSION);
}
}
function permit(
address owner,
address spender,
uint256 amount,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external {
require(deadline >= block.timestamp, "Debt: expired deadline");
bytes32 digest = keccak256(
abi.encodePacked(
"\\x19\\x01",
domainSeparator(),
keccak256(abi.encode(permitTypeHash, owner, spender, amount, _nonces[owner]++, deadline))
)
);
address recoveredAddress = ecrecover(digest, v, r, s);
require(recoveredAddress == owner, "Debt: invalid signature");
_approve(owner, spender, amount);
}
function nonces(address owner) external view returns (uint256) {
// FOR EIP 2612
return _nonces[owner];
}
// --- Internal operations ---
function _buildDomainSeparator(bytes32 typeHash, bytes32 name_, bytes32 version_) private view returns (bytes32) {
return keccak256(abi.encode(typeHash, name_, version_, block.chainid, address(this)));
}
// --- 'require' functions ---
function _requireValidRecipient(address _recipient) internal view {
require(
_recipient != address(0) && _recipient != address(this),
"Debt: Cannot transfer tokens directly to the Debt token contract or the zero address"
);
require(
_recipient != stabilityPoolAddress && !troveManager[_recipient] && _recipient != borrowerOperationsAddress,
"Debt: Cannot transfer tokens directly to the StabilityPool, TroveManager or BorrowerOps"
);
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "ERC20.sol";
import "IERC165.sol";
import "IOFT.sol";
import "OFTCore.sol";
// override decimal() function is needed
contract OFT is OFTCore, ERC20, IOFT {
constructor(string memory _name, string memory _symbol, address _lzEndpoint) ERC20(_name, _symbol) OFTCore(_lzEndpoint) {}
function supportsInterface(bytes4 interfaceId) public view virtual override(OFTCore, IERC165) returns (bool) {
return interfaceId == type(IOFT).interfaceId || interfaceId == type(IERC20).interfaceId || super.supportsInterface(interfaceId);
}
function token() public view virtual override returns (address) {
return address(this);
}
function circulatingSupply() public view virtual override returns (uint) {
return totalSupply();
}
function _debitFrom(address _from, uint16, bytes memory, uint _amount) internal virtual override returns(uint) {
address spender = _msgSender();
if (_from != spender) _spendAllowance(_from, spender, _amount);
_burn(_from, _amount);
return _amount;
}
function _creditTo(uint16, address _toAddress, uint _amount) internal virtual override returns(uint) {
_mint(_toAddress, _amount);
return _amount;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.0;
import "IERC20.sol";
import "IERC20Metadata.sol";
import "Context.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20 is Context, IERC20, IERC20Metadata {
mapping(address => uint256) private _balances;
mapping(address => mapping(address => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* The default value of {decimals} is 18. To select a different value for
* {decimals} you should overload it.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual override returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual override returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless this function is
* overridden;
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual override returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address to, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_transfer(owner, to, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual override returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_approve(owner, spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
* - the caller must have allowance for ``from``'s tokens of at least
* `amount`.
*/
function transferFrom(
address from,
address to,
uint256 amount
) public virtual override returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, amount);
_transfer(from, to, amount);
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, allowance(owner, spender) + addedValue);
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
address owner = _msgSender();
uint256 currentAllowance = allowance(owner, spender);
require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
unchecked {
_approve(owner, spender, currentAllowance - subtractedValue);
}
return true;
}
/**
* @dev Moves `amount` of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
*/
function _transfer(
address from,
address to,
uint256 amount
) internal virtual {
require(from != address(0), "ERC20: transfer from the zero address");
require(to != address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(from, to, amount);
uint256 fromBalance = _balances[from];
require(fromBalance >= amount, "ERC20: transfer amount exceeds balance");
unchecked {
_balances[from] = fromBalance - amount;
// Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by
// decrementing then incrementing.
_balances[to] += amount;
}
emit Transfer(from, to, amount);
_afterTokenTransfer(from, to, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply += amount;
unchecked {
// Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
_balances[account] += amount;
}
emit Transfer(address(0), account, amount);
_afterTokenTransfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
uint256 accountBalance = _balances[account];
require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
unchecked {
_balances[account] = accountBalance - amount;
// Overflow not possible: amount <= accountBalance <= totalSupply.
_totalSupply -= amount;
}
emit Transfer(account, address(0), amount);
_afterTokenTransfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(
address owner,
address spender,
uint256 amount
) internal virtual {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `amount`.
*
* Does not update the allowance amount in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Might emit an {Approval} event.
*/
function _spendAllowance(
address owner,
address spender,
uint256 amount
) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
require(currentAllowance >= amount, "ERC20: insufficient allowance");
unchecked {
_approve(owner, spender, currentAllowance - amount);
}
}
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* has been transferred to `to`.
* - when `from` is zero, `amount` tokens have been minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens have been burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _afterTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(
address from,
address to,
uint256 amount
) external returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.0;
import "IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*
* _Available since v4.1._
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/IERC165.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
// SPDX-License-Identifier: MIT
pragma solidity >=0.5.0;
import "IOFTCore.sol";
import "IERC20.sol";
/**
* @dev Interface of the OFT standard
*/
interface IOFT is IOFTCore, IERC20 {
}
// SPDX-License-Identifier: MIT
pragma solidity >=0.5.0;
import "IERC165.sol";
/**
* @dev Interface of the IOFT core standard
*/
interface IOFTCore is IERC165 {
/**
* @dev estimate send token `_tokenId` to (`_dstChainId`, `_toAddress`)
* _dstChainId - L0 defined chain id to send tokens too
* _toAddress - dynamic bytes array which contains the address to whom you are sending tokens to on the dstChain
* _amount - amount of the tokens to transfer
* _useZro - indicates to use zro to pay L0 fees
* _adapterParam - flexible bytes array to indicate messaging adapter services in L0
*/
function estimateSendFee(uint16 _dstChainId, bytes calldata _toAddress, uint _amount, bool _useZro, bytes calldata _adapterParams) external view returns (uint nativeFee, uint zroFee);
/**
* @dev send `_amount` amount of token to (`_dstChainId`, `_toAddress`) from `_from`
* `_from` the owner of token
* `_dstChainId` the destination chain identifier
* `_toAddress` can be any size depending on the `dstChainId`.
* `_amount` the quantity of tokens in wei
* `_refundAddress` the address LayerZero refunds if too much message fee is sent
* `_zroPaymentAddress` set to address(0x0) if not paying in ZRO (LayerZero Token)
* `_adapterParams` is a flexible bytes array to indicate messaging adapter services
*/
function sendFrom(address _from, uint16 _dstChainId, bytes calldata _toAddress, uint _amount, address payable _refundAddress, address _zroPaymentAddress, bytes calldata _adapterParams) external payable;
/**
* @dev returns the circulating amount of tokens on current chain
*/
function circulatingSupply() external view returns (uint);
/**
* @dev returns the address of the ERC20 token
*/
function token() external view returns (address);
/**
* @dev Emitted when `_amount` tokens are moved from the `_sender` to (`_dstChainId`, `_toAddress`)
* `_nonce` is the outbound nonce
*/
event SendToChain(uint16 indexed _dstChainId, address indexed _from, bytes _toAddress, uint _amount);
/**
* @dev Emitted when `_amount` tokens are received from `_srcChainId` into the `_toAddress` on the local chain.
* `_nonce` is the inbound nonce.
*/
event ReceiveFromChain(uint16 indexed _srcChainId, address indexed _to, uint _amount);
event SetUseCustomAdapterParams(bool _useCustomAdapterParams);
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "NonblockingLzApp.sol";
import "IOFTCore.sol";
import "ERC165.sol";
abstract contract OFTCore is NonblockingLzApp, ERC165, IOFTCore {
using BytesLib for bytes;
uint public constant NO_EXTRA_GAS = 0;
// packet type
uint16 public constant PT_SEND = 0;
bool public useCustomAdapterParams;
constructor(address _lzEndpoint) NonblockingLzApp(_lzEndpoint) {}
function supportsInterface(bytes4 interfaceId) public view virtual override(ERC165, IERC165) returns (bool) {
return interfaceId == type(IOFTCore).interfaceId || super.supportsInterface(interfaceId);
}
function estimateSendFee(uint16 _dstChainId, bytes calldata _toAddress, uint _amount, bool _useZro, bytes calldata _adapterParams) public view virtual override returns (uint nativeFee, uint zroFee) {
// mock the payload for sendFrom()
bytes memory payload = abi.encode(PT_SEND, _toAddress, _amount);
return lzEndpoint.estimateFees(_dstChainId, address(this), payload, _useZro, _adapterParams);
}
function sendFrom(address _from, uint16 _dstChainId, bytes calldata _toAddress, uint _amount, address payable _refundAddress, address _zroPaymentAddress, bytes calldata _adapterParams) public payable virtual override {
_send(_from, _dstChainId, _toAddress, _amount, _refundAddress, _zroPaymentAddress, _adapterParams);
}
function setUseCustomAdapterParams(bool _useCustomAdapterParams) public virtual onlyOwner {
useCustomAdapterParams = _useCustomAdapterParams;
emit SetUseCustomAdapterParams(_useCustomAdapterParams);
}
function _nonblockingLzReceive(uint16 _srcChainId, bytes memory _srcAddress, uint64 _nonce, bytes memory _payload) internal virtual override {
uint16 packetType;
assembly {
packetType := mload(add(_payload, 32))
}
if (packetType == PT_SEND) {
_sendAck(_srcChainId, _srcAddress, _nonce, _payload);
} else {
revert("OFTCore: unknown packet type");
}
}
function _send(address _from, uint16 _dstChainId, bytes memory _toAddress, uint _amount, address payable _refundAddress, address _zroPaymentAddress, bytes memory _adapterParams) internal virtual {
_checkAdapterParams(_dstChainId, PT_SEND, _adapterParams, NO_EXTRA_GAS);
uint amount = _debitFrom(_from, _dstChainId, _toAddress, _amount);
bytes memory lzPayload = abi.encode(PT_SEND, _toAddress, amount);
_lzSend(_dstChainId, lzPayload, _refundAddress, _zroPaymentAddress, _adapterParams, msg.value);
emit SendToChain(_dstChainId, _from, _toAddress, amount);
}
function _sendAck(uint16 _srcChainId, bytes memory, uint64, bytes memory _payload) internal virtual {
(, bytes memory toAddressBytes, uint amount) = abi.decode(_payload, (uint16, bytes, uint));
address to = toAddressBytes.toAddress(0);
amount = _creditTo(_srcChainId, to, amount);
emit ReceiveFromChain(_srcChainId, to, amount);
}
function _checkAdapterParams(uint16 _dstChainId, uint16 _pkType, bytes memory _adapterParams, uint _extraGas) internal virtual {
if (useCustomAdapterParams) {
_checkGasLimit(_dstChainId, _pkType, _adapterParams, _extraGas);
} else {
require(_adapterParams.length == 0, "OFTCore: _adapterParams must be empty.");
}
}
function _debitFrom(address _from, uint16 _dstChainId, bytes memory _toAddress, uint _amount) internal virtual returns(uint);
function _creditTo(uint16 _srcChainId, address _toAddress, uint _amount) internal virtual returns(uint);
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "LzApp.sol";
import "ExcessivelySafeCall.sol";
/*
* the default LayerZero messaging behaviour is blocking, i.e. any failed message will block the channel
* this abstract class try-catch all fail messages and store locally for future retry. hence, non-blocking
* NOTE: if the srcAddress is not configured properly, it will still block the message pathway from (srcChainId, srcAddress)
*/
abstract contract NonblockingLzApp is LzApp {
using ExcessivelySafeCall for address;
constructor(address _endpoint) LzApp(_endpoint) {}
mapping(uint16 => mapping(bytes => mapping(uint64 => bytes32))) public failedMessages;
event MessageFailed(uint16 _srcChainId, bytes _srcAddress, uint64 _nonce, bytes _payload, bytes _reason);
event RetryMessageSuccess(uint16 _srcChainId, bytes _srcAddress, uint64 _nonce, bytes32 _payloadHash);
// overriding the virtual function in LzReceiver
function _blockingLzReceive(uint16 _srcChainId, bytes memory _srcAddress, uint64 _nonce, bytes memory _payload) internal virtual override {
(bool success, bytes memory reason) = address(this).excessivelySafeCall(gasleft(), 150, abi.encodeWithSelector(this.nonblockingLzReceive.selector, _srcChainId, _srcAddress, _nonce, _payload));
// try-catch all errors/exceptions
if (!success) {
_storeFailedMessage(_srcChainId, _srcAddress, _nonce, _payload, reason);
}
}
function _storeFailedMessage(uint16 _srcChainId, bytes memory _srcAddress, uint64 _nonce, bytes memory _payload, bytes memory _reason) internal virtual {
failedMessages[_srcChainId][_srcAddress][_nonce] = keccak256(_payload);
emit MessageFailed(_srcChainId, _srcAddress, _nonce, _payload, _reason);
}
function nonblockingLzReceive(uint16 _srcChainId, bytes calldata _srcAddress, uint64 _nonce, bytes calldata _payload) public virtual {
// only internal transaction
require(_msgSender() == address(this), "NonblockingLzApp: caller must be LzApp");
_nonblockingLzReceive(_srcChainId, _srcAddress, _nonce, _payload);
}
//@notice override this function
function _nonblockingLzReceive(uint16 _srcChainId, bytes memory _srcAddress, uint64 _nonce, bytes memory _payload) internal virtual;
function retryMessage(uint16 _srcChainId, bytes calldata _srcAddress, uint64 _nonce, bytes calldata _payload) public payable virtual {
// assert there is message to retry
bytes32 payloadHash = failedMessages[_srcChainId][_srcAddress][_nonce];
require(payloadHash != bytes32(0), "NonblockingLzApp: no stored message");
require(keccak256(_payload) == payloadHash, "NonblockingLzApp: invalid payload");
// clear the stored message
failedMessages[_srcChainId][_srcAddress][_nonce] = bytes32(0);
// execute the message. revert if it fails again
_nonblockingLzReceive(_srcChainId, _srcAddress, _nonce, _payload);
emit RetryMessageSuccess(_srcChainId, _srcAddress, _nonce, payloadHash);
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "Ownable.sol";
import "ILayerZeroReceiver.sol";
import "ILayerZeroUserApplicationConfig.sol";
import "ILayerZeroEndpoint.sol";
import "BytesLib.sol";
/*
* a generic LzReceiver implementation
*/
abstract contract LzApp is Ownable, ILayerZeroReceiver, ILayerZeroUserApplicationConfig {
using BytesLib for bytes;
// ua can not send payload larger than this by default, but it can be changed by the ua owner
uint constant public DEFAULT_PAYLOAD_SIZE_LIMIT = 10000;
ILayerZeroEndpoint public immutable lzEndpoint;
mapping(uint16 => bytes) public trustedRemoteLookup;
mapping(uint16 => mapping(uint16 => uint)) public minDstGasLookup;
mapping(uint16 => uint) public payloadSizeLimitLookup;
address public precrime;
event SetPrecrime(address precrime);
event SetTrustedRemote(uint16 _remoteChainId, bytes _path);
event SetTrustedRemoteAddress(uint16 _remoteChainId, bytes _remoteAddress);
event SetMinDstGas(uint16 _dstChainId, uint16 _type, uint _minDstGas);
constructor(address _endpoint) {
lzEndpoint = ILayerZeroEndpoint(_endpoint);
}
function lzReceive(uint16 _srcChainId, bytes calldata _srcAddress, uint64 _nonce, bytes calldata _payload) public virtual override {
// lzReceive must be called by the endpoint for security
require(_msgSender() == address(lzEndpoint), "LzApp: invalid endpoint caller");
bytes memory trustedRemote = trustedRemoteLookup[_srcChainId];
// if will still block the message pathway from (srcChainId, srcAddress). should not receive message from untrusted remote.
require(_srcAddress.length == trustedRemote.length && trustedRemote.length > 0 && keccak256(_srcAddress) == keccak256(trustedRemote), "LzApp: invalid source sending contract");
_blockingLzReceive(_srcChainId, _srcAddress, _nonce, _payload);
}
// abstract function - the default behaviour of LayerZero is blocking. See: NonblockingLzApp if you dont need to enforce ordered messaging
function _blockingLzReceive(uint16 _srcChainId, bytes memory _srcAddress, uint64 _nonce, bytes memory _payload) internal virtual;
function _lzSend(uint16 _dstChainId, bytes memory _payload, address payable _refundAddress, address _zroPaymentAddress, bytes memory _adapterParams, uint _nativeFee) internal virtual {
bytes memory trustedRemote = trustedRemoteLookup[_dstChainId];
require(trustedRemote.length != 0, "LzApp: destination chain is not a trusted source");
_checkPayloadSize(_dstChainId, _payload.length);
lzEndpoint.send{value: _nativeFee}(_dstChainId, trustedRemote, _payload, _refundAddress, _zroPaymentAddress, _adapterParams);
}
function _checkGasLimit(uint16 _dstChainId, uint16 _type, bytes memory _adapterParams, uint _extraGas) internal view virtual {
uint providedGasLimit = _getGasLimit(_adapterParams);
uint minGasLimit = minDstGasLookup[_dstChainId][_type] + _extraGas;
require(minGasLimit > 0, "LzApp: minGasLimit not set");
require(providedGasLimit >= minGasLimit, "LzApp: gas limit is too low");
}
function _getGasLimit(bytes memory _adapterParams) internal pure virtual returns (uint gasLimit) {
require(_adapterParams.length >= 34, "LzApp: invalid adapterParams");
assembly {
gasLimit := mload(add(_adapterParams, 34))
}
}
function _checkPayloadSize(uint16 _dstChainId, uint _payloadSize) internal view virtual {
uint payloadSizeLimit = payloadSizeLimitLookup[_dstChainId];
if (payloadSizeLimit == 0) { // use default if not set
payloadSizeLimit = DEFAULT_PAYLOAD_SIZE_LIMIT;
}
require(_payloadSize <= payloadSizeLimit, "LzApp: payload size is too large");
}
//---------------------------UserApplication config----------------------------------------
function getConfig(uint16 _version, uint16 _chainId, address, uint _configType) external view returns (bytes memory) {
return lzEndpoint.getConfig(_version, _chainId, address(this), _configType);
}
// generic config for LayerZero user Application
function setConfig(uint16 _version, uint16 _chainId, uint _configType, bytes calldata _config) external override onlyOwner {
lzEndpoint.setConfig(_version, _chainId, _configType, _config);
}
function setSendVersion(uint16 _version) external override onlyOwner {
lzEndpoint.setSendVersion(_version);
}
function setReceiveVersion(uint16 _version) external override onlyOwner {
lzEndpoint.setReceiveVersion(_version);
}
function forceResumeReceive(uint16 _srcChainId, bytes calldata _srcAddress) external override onlyOwner {
lzEndpoint.forceResumeReceive(_srcChainId, _srcAddress);
}
// _path = abi.encodePacked(remoteAddress, localAddress)
// this function set the trusted path for the cross-chain communication
function setTrustedRemote(uint16 _srcChainId, bytes calldata _path) external onlyOwner {
trustedRemoteLookup[_srcChainId] = _path;
emit SetTrustedRemote(_srcChainId, _path);
}
function setTrustedRemoteAddress(uint16 _remoteChainId, bytes calldata _remoteAddress) external onlyOwner {
trustedRemoteLookup[_remoteChainId] = abi.encodePacked(_remoteAddress, address(this));
emit SetTrustedRemoteAddress(_remoteChainId, _remoteAddress);
}
function getTrustedRemoteAddress(uint16 _remoteChainId) external view returns (bytes memory) {
bytes memory path = trustedRemoteLookup[_remoteChainId];
require(path.length != 0, "LzApp: no trusted path record");
return path.slice(0, path.length - 20); // the last 20 bytes should be address(this)
}
function setPrecrime(address _precrime) external onlyOwner {
precrime = _precrime;
emit SetPrecrime(_precrime);
}
function setMinDstGas(uint16 _dstChainId, uint16 _packetType, uint _minGas) external onlyOwner {
require(_minGas > 0, "LzApp: invalid minGas");
minDstGasLookup[_dstChainId][_packetType] = _minGas;
emit SetMinDstGas(_dstChainId, _packetType, _minGas);
}
// if the size is 0, it means default size limit
function setPayloadSizeLimit(uint16 _dstChainId, uint _size) external onlyOwner {
payloadSizeLimitLookup[_dstChainId] = _size;
}
//--------------------------- VIEW FUNCTION ----------------------------------------
function isTrustedRemote(uint16 _srcChainId, bytes calldata _srcAddress) external view returns (bool) {
bytes memory trustedSource = trustedRemoteLookup[_srcChainId];
return keccak256(trustedSource) == keccak256(_srcAddress);
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
// SPDX-License-Identifier: MIT
pragma solidity >=0.5.0;
interface ILayerZeroReceiver {
// @notice LayerZero endpoint will invoke this function to deliver the message on the destination
// @param _srcChainId - the source endpoint identifier
// @param _srcAddress - the source sending contract address from the source chain
// @param _nonce - the ordered message nonce
// @param _payload - the signed payload is the UA bytes has encoded to be sent
function lzReceive(uint16 _srcChainId, bytes calldata _srcAddress, uint64 _nonce, bytes calldata _payload) external;
}
// SPDX-License-Identifier: MIT
pragma solidity >=0.5.0;
interface ILayerZeroUserApplicationConfig {
// @notice set the configuration of the LayerZero messaging library of the specified version
// @param _version - messaging library version
// @param _chainId - the chainId for the pending config change
// @param _configType - type of configuration. every messaging library has its own convention.
// @param _config - configuration in the bytes. can encode arbitrary content.
function setConfig(uint16 _version, uint16 _chainId, uint _configType, bytes calldata _config) external;
// @notice set the send() LayerZero messaging library version to _version
// @param _version - new messaging library version
function setSendVersion(uint16 _version) external;
// @notice set the lzReceive() LayerZero messaging library version to _version
// @param _version - new messaging library version
function setReceiveVersion(uint16 _version) external;
// @notice Only when the UA needs to resume the message flow in blocking mode and clear the stored payload
// @param _srcChainId - the chainId of the source chain
// @param _srcAddress - the contract address of the source contract at the source chain
function forceResumeReceive(uint16 _srcChainId, bytes calldata _srcAddress) external;
}
// SPDX-License-Identifier: MIT
pragma solidity >=0.5.0;
import "ILayerZeroUserApplicationConfig.sol";
interface ILayerZeroEndpoint is ILayerZeroUserApplicationConfig {
// @notice send a LayerZero message to the specified address at a LayerZero endpoint.
// @param _dstChainId - the destination chain identifier
// @param _destination - the address on destination chain (in bytes). address length/format may vary by chains
// @param _payload - a custom bytes payload to send to the destination contract
// @param _refundAddress - if the source transaction is cheaper than the amount of value passed, refund the additional amount to this address
// @param _zroPaymentAddress - the address of the ZRO token holder who would pay for the transaction
// @param _adapterParams - parameters for custom functionality. e.g. receive airdropped native gas from the relayer on destination
function send(uint16 _dstChainId, bytes calldata _destination, bytes calldata _payload, address payable _refundAddress, address _zroPaymentAddress, bytes calldata _adapterParams) external payable;
// @notice used by the messaging library to publish verified payload
// @param _srcChainId - the source chain identifier
// @param _srcAddress - the source contract (as bytes) at the source chain
// @param _dstAddress - the address on destination chain
// @param _nonce - the unbound message ordering nonce
// @param _gasLimit - the gas limit for external contract execution
// @param _payload - verified payload to send to the destination contract
function receivePayload(uint16 _srcChainId, bytes calldata _srcAddress, address _dstAddress, uint64 _nonce, uint _gasLimit, bytes calldata _payload) external;
// @notice get the inboundNonce of a lzApp from a source chain which could be EVM or non-EVM chain
// @param _srcChainId - the source chain identifier
// @param _srcAddress - the source chain contract address
function getInboundNonce(uint16 _srcChainId, bytes calldata _srcAddress) external view returns (uint64);
// @notice get the outboundNonce from this source chain which, consequently, is always an EVM
// @param _srcAddress - the source chain contract address
function getOutboundNonce(uint16 _dstChainId, address _srcAddress) external view returns (uint64);
// @notice gets a quote in source native gas, for the amount that send() requires to pay for message delivery
// @param _dstChainId - the destination chain identifier
// @param _userApplication - the user app address on this EVM chain
// @param _payload - the custom message to send over LayerZero
// @param _payInZRO - if false, user app pays the protocol fee in native token
// @param _adapterParam - parameters for the adapter service, e.g. send some dust native token to dstChain
function estimateFees(uint16 _dstChainId, address _userApplication, bytes calldata _payload, bool _payInZRO, bytes calldata _adapterParam) external view returns (uint nativeFee, uint zroFee);
// @notice get this Endpoint's immutable source identifier
function getChainId() external view returns (uint16);
// @notice the interface to retry failed message on this Endpoint destination
// @param _srcChainId - the source chain identifier
// @param _srcAddress - the source chain contract address
// @param _payload - the payload to be retried
function retryPayload(uint16 _srcChainId, bytes calldata _srcAddress, bytes calldata _payload) external;
// @notice query if any STORED payload (message blocking) at the endpoint.
// @param _srcChainId - the source chain identifier
// @param _srcAddress - the source chain contract address
function hasStoredPayload(uint16 _srcChainId, bytes calldata _srcAddress) external view returns (bool);
// @notice query if the _libraryAddress is valid for sending msgs.
// @param _userApplication - the user app address on this EVM chain
function getSendLibraryAddress(address _userApplication) external view returns (address);
// @notice query if the _libraryAddress is valid for receiving msgs.
// @param _userApplication - the user app address on this EVM chain
function getReceiveLibraryAddress(address _userApplication) external view returns (address);
// @notice query if the non-reentrancy guard for send() is on
// @return true if the guard is on. false otherwise
function isSendingPayload() external view returns (bool);
// @notice query if the non-reentrancy guard for receive() is on
// @return true if the guard is on. false otherwise
function isReceivingPayload() external view returns (bool);
// @notice get the configuration of the LayerZero messaging library of the specified version
// @param _version - messaging library version
// @param _chainId - the chainId for the pending config change
// @param _userApplication - the contract address of the user application
// @param _configType - type of configuration. every messaging library has its own convention.
function getConfig(uint16 _version, uint16 _chainId, address _userApplication, uint _configType) external view returns (bytes memory);
// @notice get the send() LayerZero messaging library version
// @param _userApplication - the contract address of the user application
function getSendVersion(address _userApplication) external view returns (uint16);
// @notice get the lzReceive() LayerZero messaging library version
// @param _userApplication - the contract address of the user application
function getReceiveVersion(address _userApplication) external view returns (uint16);
}
// SPDX-License-Identifier: Unlicense
/*
* @title Solidity Bytes Arrays Utils
* @author Gonçalo Sá <[email protected]>
*
* @dev Bytes tightly packed arrays utility library for ethereum contracts written in Solidity.
* The library lets you concatenate, slice and type cast bytes arrays both in memory and storage.
*/
pragma solidity >=0.8.0 <0.9.0;
library BytesLib {
function concat(
bytes memory _preBytes,
bytes memory _postBytes
)
internal
pure
returns (bytes memory)
{
bytes memory tempBytes;
assembly {
// Get a location of some free memory and store it in tempBytes as
// Solidity does for memory variables.
tempBytes := mload(0x40)
// Store the length of the first bytes array at the beginning of
// the memory for tempBytes.
let length := mload(_preBytes)
mstore(tempBytes, length)
// Maintain a memory counter for the current write location in the
// temp bytes array by adding the 32 bytes for the array length to
// the starting location.
let mc := add(tempBytes, 0x20)
// Stop copying when the memory counter reaches the length of the
// first bytes array.
let end := add(mc, length)
for {
// Initialize a copy counter to the start of the _preBytes data,
// 32 bytes into its memory.
let cc := add(_preBytes, 0x20)
} lt(mc, end) {
// Increase both counters by 32 bytes each iteration.
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
// Write the _preBytes data into the tempBytes memory 32 bytes
// at a time.
mstore(mc, mload(cc))
}
// Add the length of _postBytes to the current length of tempBytes
// and store it as the new length in the first 32 bytes of the
// tempBytes memory.
length := mload(_postBytes)
mstore(tempBytes, add(length, mload(tempBytes)))
// Move the memory counter back from a multiple of 0x20 to the
// actual end of the _preBytes data.
mc := end
// Stop copying when the memory counter reaches the new combined
// length of the arrays.
end := add(mc, length)
for {
let cc := add(_postBytes, 0x20)
} lt(mc, end) {
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
mstore(mc, mload(cc))
}
// Update the free-memory pointer by padding our last write location
// to 32 bytes: add 31 bytes to the end of tempBytes to move to the
// next 32 byte block, then round down to the nearest multiple of
// 32. If the sum of the length of the two arrays is zero then add
// one before rounding down to leave a blank 32 bytes (the length block with 0).
mstore(0x40, and(
add(add(end, iszero(add(length, mload(_preBytes)))), 31),
not(31) // Round down to the nearest 32 bytes.
))
}
return tempBytes;
}
function concatStorage(bytes storage _preBytes, bytes memory _postBytes) internal {
assembly {
// Read the first 32 bytes of _preBytes storage, which is the length
// of the array. (We don't need to use the offset into the slot
// because arrays use the entire slot.)
let fslot := sload(_preBytes.slot)
// Arrays of 31 bytes or less have an even value in their slot,
// while longer arrays have an odd value. The actual length is
// the slot divided by two for odd values, and the lowest order
// byte divided by two for even values.
// If the slot is even, bitwise and the slot with 255 and divide by
// two to get the length. If the slot is odd, bitwise and the slot
// with -1 and divide by two.
let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)
let mlength := mload(_postBytes)
let newlength := add(slength, mlength)
// slength can contain both the length and contents of the array
// if length < 32 bytes so let's prepare for that
// v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage
switch add(lt(slength, 32), lt(newlength, 32))
case 2 {
// Since the new array still fits in the slot, we just need to
// update the contents of the slot.
// uint256(bytes_storage) = uint256(bytes_storage) + uint256(bytes_memory) + new_length
sstore(
_preBytes.slot,
// all the modifications to the slot are inside this
// next block
add(
// we can just add to the slot contents because the
// bytes we want to change are the LSBs
fslot,
add(
mul(
div(
// load the bytes from memory
mload(add(_postBytes, 0x20)),
// zero all bytes to the right
exp(0x100, sub(32, mlength))
),
// and now shift left the number of bytes to
// leave space for the length in the slot
exp(0x100, sub(32, newlength))
),
// increase length by the double of the memory
// bytes length
mul(mlength, 2)
)
)
)
}
case 1 {
// The stored value fits in the slot, but the combined value
// will exceed it.
// get the keccak hash to get the contents of the array
mstore(0x0, _preBytes.slot)
let sc := add(keccak256(0x0, 0x20), div(slength, 32))
// save new length
sstore(_preBytes.slot, add(mul(newlength, 2), 1))
// The contents of the _postBytes array start 32 bytes into
// the structure. Our first read should obtain the `submod`
// bytes that can fit into the unused space in the last word
// of the stored array. To get this, we read 32 bytes starting
// from `submod`, so the data we read overlaps with the array
// contents by `submod` bytes. Masking the lowest-order
// `submod` bytes allows us to add that value directly to the
// stored value.
let submod := sub(32, slength)
let mc := add(_postBytes, submod)
let end := add(_postBytes, mlength)
let mask := sub(exp(0x100, submod), 1)
sstore(
sc,
add(
and(
fslot,
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00
),
and(mload(mc), mask)
)
)
for {
mc := add(mc, 0x20)
sc := add(sc, 1)
} lt(mc, end) {
sc := add(sc, 1)
mc := add(mc, 0x20)
} {
sstore(sc, mload(mc))
}
mask := exp(0x100, sub(mc, end))
sstore(sc, mul(div(mload(mc), mask), mask))
}
default {
// get the keccak hash to get the contents of the array
mstore(0x0, _preBytes.slot)
// Start copying to the last used word of the stored array.
let sc := add(keccak256(0x0, 0x20), div(slength, 32))
// save new length
sstore(_preBytes.slot, add(mul(newlength, 2), 1))
// Copy over the first `submod` bytes of the new data as in
// case 1 above.
let slengthmod := mod(slength, 32)
let mlengthmod := mod(mlength, 32)
let submod := sub(32, slengthmod)
let mc := add(_postBytes, submod)
let end := add(_postBytes, mlength)
let mask := sub(exp(0x100, submod), 1)
sstore(sc, add(sload(sc), and(mload(mc), mask)))
for {
sc := add(sc, 1)
mc := add(mc, 0x20)
} lt(mc, end) {
sc := add(sc, 1)
mc := add(mc, 0x20)
} {
sstore(sc, mload(mc))
}
mask := exp(0x100, sub(mc, end))
sstore(sc, mul(div(mload(mc), mask), mask))
}
}
}
function slice(
bytes memory _bytes,
uint256 _start,
uint256 _length
)
internal
pure
returns (bytes memory)
{
require(_length + 31 >= _length, "slice_overflow");
require(_bytes.length >= _start + _length, "slice_outOfBounds");
bytes memory tempBytes;
assembly {
switch iszero(_length)
case 0 {
// Get a location of some free memory and store it in tempBytes as
// Solidity does for memory variables.
tempBytes := mload(0x40)
// The first word of the slice result is potentially a partial
// word read from the original array. To read it, we calculate
// the length of that partial word and start copying that many
// bytes into the array. The first word we copy will start with
// data we don't care about, but the last `lengthmod` bytes will
// land at the beginning of the contents of the new array. When
// we're done copying, we overwrite the full first word with
// the actual length of the slice.
let lengthmod := and(_length, 31)
// The multiplication in the next line is necessary
// because when slicing multiples of 32 bytes (lengthmod == 0)
// the following copy loop was copying the origin's length
// and then ending prematurely not copying everything it should.
let mc := add(add(tempBytes, lengthmod), mul(0x20, iszero(lengthmod)))
let end := add(mc, _length)
for {
// The multiplication in the next line has the same exact purpose
// as the one above.
let cc := add(add(add(_bytes, lengthmod), mul(0x20, iszero(lengthmod))), _start)
} lt(mc, end) {
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
mstore(mc, mload(cc))
}
mstore(tempBytes, _length)
//update free-memory pointer
//allocating the array padded to 32 bytes like the compiler does now
mstore(0x40, and(add(mc, 31), not(31)))
}
//if we want a zero-length slice let's just return a zero-length array
default {
tempBytes := mload(0x40)
//zero out the 32 bytes slice we are about to return
//we need to do it because Solidity does not garbage collect
mstore(tempBytes, 0)
mstore(0x40, add(tempBytes, 0x20))
}
}
return tempBytes;
}
function toAddress(bytes memory _bytes, uint256 _start) internal pure returns (address) {
require(_bytes.length >= _start + 20, "toAddress_outOfBounds");
address tempAddress;
assembly {
tempAddress := div(mload(add(add(_bytes, 0x20), _start)), 0x1000000000000000000000000)
}
return tempAddress;
}
function toUint8(bytes memory _bytes, uint256 _start) internal pure returns (uint8) {
require(_bytes.length >= _start + 1 , "toUint8_outOfBounds");
uint8 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x1), _start))
}
return tempUint;
}
function toUint16(bytes memory _bytes, uint256 _start) internal pure returns (uint16) {
require(_bytes.length >= _start + 2, "toUint16_outOfBounds");
uint16 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x2), _start))
}
return tempUint;
}
function toUint32(bytes memory _bytes, uint256 _start) internal pure returns (uint32) {
require(_bytes.length >= _start + 4, "toUint32_outOfBounds");
uint32 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x4), _start))
}
return tempUint;
}
function toUint64(bytes memory _bytes, uint256 _start) internal pure returns (uint64) {
require(_bytes.length >= _start + 8, "toUint64_outOfBounds");
uint64 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x8), _start))
}
return tempUint;
}
function toUint96(bytes memory _bytes, uint256 _start) internal pure returns (uint96) {
require(_bytes.length >= _start + 12, "toUint96_outOfBounds");
uint96 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0xc), _start))
}
return tempUint;
}
function toUint128(bytes memory _bytes, uint256 _start) internal pure returns (uint128) {
require(_bytes.length >= _start + 16, "toUint128_outOfBounds");
uint128 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x10), _start))
}
return tempUint;
}
function toUint256(bytes memory _bytes, uint256 _start) internal pure returns (uint256) {
require(_bytes.length >= _start + 32, "toUint256_outOfBounds");
uint256 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x20), _start))
}
return tempUint;
}
function toBytes32(bytes memory _bytes, uint256 _start) internal pure returns (bytes32) {
require(_bytes.length >= _start + 32, "toBytes32_outOfBounds");
bytes32 tempBytes32;
assembly {
tempBytes32 := mload(add(add(_bytes, 0x20), _start))
}
return tempBytes32;
}
function equal(bytes memory _preBytes, bytes memory _postBytes) internal pure returns (bool) {
bool success = true;
assembly {
let length := mload(_preBytes)
// if lengths don't match the arrays are not equal
switch eq(length, mload(_postBytes))
case 1 {
// cb is a circuit breaker in the for loop since there's
// no said feature for inline assembly loops
// cb = 1 - don't breaker
// cb = 0 - break
let cb := 1
let mc := add(_preBytes, 0x20)
let end := add(mc, length)
for {
let cc := add(_postBytes, 0x20)
// the next line is the loop condition:
// while(uint256(mc < end) + cb == 2)
} eq(add(lt(mc, end), cb), 2) {
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
// if any of these checks fails then arrays are not equal
if iszero(eq(mload(mc), mload(cc))) {
// unsuccess:
success := 0
cb := 0
}
}
}
default {
// unsuccess:
success := 0
}
}
return success;
}
function equalStorage(
bytes storage _preBytes,
bytes memory _postBytes
)
internal
view
returns (bool)
{
bool success = true;
assembly {
// we know _preBytes_offset is 0
let fslot := sload(_preBytes.slot)
// Decode the length of the stored array like in concatStorage().
let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)
let mlength := mload(_postBytes)
// if lengths don't match the arrays are not equal
switch eq(slength, mlength)
case 1 {
// slength can contain both the length and contents of the array
// if length < 32 bytes so let's prepare for that
// v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage
if iszero(iszero(slength)) {
switch lt(slength, 32)
case 1 {
// blank the last byte which is the length
fslot := mul(div(fslot, 0x100), 0x100)
if iszero(eq(fslot, mload(add(_postBytes, 0x20)))) {
// unsuccess:
success := 0
}
}
default {
// cb is a circuit breaker in the for loop since there's
// no said feature for inline assembly loops
// cb = 1 - don't breaker
// cb = 0 - break
let cb := 1
// get the keccak hash to get the contents of the array
mstore(0x0, _preBytes.slot)
let sc := keccak256(0x0, 0x20)
let mc := add(_postBytes, 0x20)
let end := add(mc, mlength)
// the next line is the loop condition:
// while(uint256(mc < end) + cb == 2)
for {} eq(add(lt(mc, end), cb), 2) {
sc := add(sc, 1)
mc := add(mc, 0x20)
} {
if iszero(eq(sload(sc), mload(mc))) {
// unsuccess:
success := 0
cb := 0
}
}
}
}
}
default {
// unsuccess:
success := 0
}
}
return success;
}
}
// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity >=0.7.6;
library ExcessivelySafeCall {
uint256 constant LOW_28_MASK =
0x00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffff;
/// @notice Use when you _really_ really _really_ don't trust the called
/// contract. This prevents the called contract from causing reversion of
/// the caller in as many ways as we can.
/// @dev The main difference between this and a solidity low-level call is
/// that we limit the number of bytes that the callee can cause to be
/// copied to caller memory. This prevents stupid things like malicious
/// contracts returning 10,000,000 bytes causing a local OOG when copying
/// to memory.
/// @param _target The address to call
/// @param _gas The amount of gas to forward to the remote contract
/// @param _maxCopy The maximum number of bytes of returndata to copy
/// to memory.
/// @param _calldata The data to send to the remote contract
/// @return success and returndata, as `.call()`. Returndata is capped to
/// `_maxCopy` bytes.
function excessivelySafeCall(
address _target,
uint256 _gas,
uint16 _maxCopy,
bytes memory _calldata
) internal returns (bool, bytes memory) {
// set up for assembly call
uint256 _toCopy;
bool _success;
bytes memory _returnData = new bytes(_maxCopy);
// dispatch message to recipient
// by assembly calling "handle" function
// we call via assembly to avoid memcopying a very large returndata
// returned by a malicious contract
assembly {
_success := call(
_gas, // gas
_target, // recipient
0, // ether value
add(_calldata, 0x20), // inloc
mload(_calldata), // inlen
0, // outloc
0 // outlen
)
// limit our copy to 256 bytes
_toCopy := returndatasize()
if gt(_toCopy, _maxCopy) {
_toCopy := _maxCopy
}
// Store the length of the copied bytes
mstore(_returnData, _toCopy)
// copy the bytes from returndata[0:_toCopy]
returndatacopy(add(_returnData, 0x20), 0, _toCopy)
}
return (_success, _returnData);
}
/// @notice Use when you _really_ really _really_ don't trust the called
/// contract. This prevents the called contract from causing reversion of
/// the caller in as many ways as we can.
/// @dev The main difference between this and a solidity low-level call is
/// that we limit the number of bytes that the callee can cause to be
/// copied to caller memory. This prevents stupid things like malicious
/// contracts returning 10,000,000 bytes causing a local OOG when copying
/// to memory.
/// @param _target The address to call
/// @param _gas The amount of gas to forward to the remote contract
/// @param _maxCopy The maximum number of bytes of returndata to copy
/// to memory.
/// @param _calldata The data to send to the remote contract
/// @return success and returndata, as `.call()`. Returndata is capped to
/// `_maxCopy` bytes.
function excessivelySafeStaticCall(
address _target,
uint256 _gas,
uint16 _maxCopy,
bytes memory _calldata
) internal view returns (bool, bytes memory) {
// set up for assembly call
uint256 _toCopy;
bool _success;
bytes memory _returnData = new bytes(_maxCopy);
// dispatch message to recipient
// by assembly calling "handle" function
// we call via assembly to avoid memcopying a very large returndata
// returned by a malicious contract
assembly {
_success := staticcall(
_gas, // gas
_target, // recipient
add(_calldata, 0x20), // inloc
mload(_calldata), // inlen
0, // outloc
0 // outlen
)
// limit our copy to 256 bytes
_toCopy := returndatasize()
if gt(_toCopy, _maxCopy) {
_toCopy := _maxCopy
}
// Store the length of the copied bytes
mstore(_returnData, _toCopy)
// copy the bytes from returndata[0:_toCopy]
returndatacopy(add(_returnData, 0x20), 0, _toCopy)
}
return (_success, _returnData);
}
/**
* @notice Swaps function selectors in encoded contract calls
* @dev Allows reuse of encoded calldata for functions with identical
* argument types but different names. It simply swaps out the first 4 bytes
* for the new selector. This function modifies memory in place, and should
* only be used with caution.
* @param _newSelector The new 4-byte selector
* @param _buf The encoded contract args
*/
function swapSelector(bytes4 _newSelector, bytes memory _buf)
internal
pure
{
require(_buf.length >= 4);
uint256 _mask = LOW_28_MASK;
assembly {
// load the first word of
let _word := mload(add(_buf, 0x20))
// mask out the top 4 bytes
// /x
_word := and(_word, _mask)
_word := or(_newSelector, _word)
mstore(add(_buf, 0x20), _word)
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/ERC165.sol)
pragma solidity ^0.8.0;
import "IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*
* Alternatively, {ERC165Storage} provides an easier to use but more expensive implementation.
*/
abstract contract ERC165 is IERC165 {
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (interfaces/IERC3156FlashBorrower.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC3156 FlashBorrower, as defined in
* https://eips.ethereum.org/EIPS/eip-3156[ERC-3156].
*
* _Available since v4.1._
*/
interface IERC3156FlashBorrower {
/**
* @dev Receive a flash loan.
* @param initiator The initiator of the loan.
* @param token The loan currency.
* @param amount The amount of tokens lent.
* @param fee The additional amount of tokens to repay.
* @param data Arbitrary data structure, intended to contain user-defined parameters.
* @return The keccak256 hash of "IERC3156FlashBorrower.onFlashLoan"
*/
function onFlashLoan(
address initiator,
address token,
uint256 amount,
uint256 fee,
bytes calldata data
) external returns (bytes32);
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
interface IPrismaCore {
event FeeReceiverSet(address feeReceiver);
event GuardianSet(address guardian);
event NewOwnerAccepted(address oldOwner, address owner);
event NewOwnerCommitted(address owner, address pendingOwner, uint256 deadline);
event NewOwnerRevoked(address owner, address revokedOwner);
event Paused();
event PriceFeedSet(address priceFeed);
event Unpaused();
function acceptTransferOwnership() external;
function commitTransferOwnership(address newOwner) external;
function revokeTransferOwnership() external;
function setFeeReceiver(address _feeReceiver) external;
function setGuardian(address _guardian) external;
function setPaused(bool _paused) external;
function setPriceFeed(address _priceFeed) external;
function OWNERSHIP_TRANSFER_DELAY() external view returns (uint256);
function feeReceiver() external view returns (address);
function guardian() external view returns (address);
function owner() external view returns (address);
function ownershipTransferDeadline() external view returns (uint256);
function paused() external view returns (bool);
function pendingOwner() external view returns (address);
function priceFeed() external view returns (address);
function startTime() external view returns (uint256);
}