Transaction Hash:
Block:
20736616 at Sep-12-2024 07:27:47 PM +UTC
Transaction Fee:
0.000374582375014328 ETH
$0.91
Gas Used:
42,094 Gas / 8.898711812 Gwei
Emitted Events:
| 307 |
MLTToken.Approval( owner=[Sender] 0x4c24f850b6d1ebbff0a6457a465ba673011f9ecf, spender=[Receiver] TokenBurner, value=0 )
|
| 308 |
MLTToken.Transfer( from=[Sender] 0x4c24f850b6d1ebbff0a6457a465ba673011f9ecf, to=[Receiver] TokenBurner, value=336476283021215000000 )
|
| 309 |
TokenBurner.TokensBurned( user=[Sender] 0x4c24f850b6d1ebbff0a6457a465ba673011f9ecf, amount=336476283021215000000, mintlayerAddress=mtc1q9l4sqw8zrnnsrdqqsjlmtfajdzslf7qzc0fxj77 )
|
Account State Difference:
| Address | Before | After | State Difference | ||
|---|---|---|---|---|---|
| 0x05995648...E1a434Cc6 | |||||
|
0x4838B106...B0BAD5f97
Miner
| (Titan Builder) | 5.79565997939299711 Eth | 5.79573919188219711 Eth | 0.0000792124892 | |
| 0x4C24f850...3011f9ECF |
0.00735915826673085 Eth
Nonce: 331
|
0.006984575891716522 Eth
Nonce: 332
| 0.000374582375014328 |
Execution Trace
TokenBurner.burnTokens( _amount=336476283021215000000, _mintlayerAddress=mtc1q9l4sqw8zrnnsrdqqsjlmtfajdzslf7qzc0fxj77 )
-
MLTToken.transferFrom( from=0x4C24f850B6D1ebBFF0A6457a465Ba673011f9ECF, to=0xe03Aed8dFA6200292A2585918F656E2345ea283F, amount=336476283021215000000 ) => ( True )
burnTokens[TokenBurner (ln:21)]
isValidMintlayerAddress[TokenBurner (ln:23)]transferFrom[TokenBurner (ln:25)]TokensBurned[TokenBurner (ln:28)]
File 1 of 2: TokenBurner
File 2 of 2: MLTToken
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
contract TokenBurner {
IERC20 public token;
event TokensBurned(address indexed user, uint256 amount, string mintlayerAddress);
constructor() {
token = IERC20(0x059956483753947536204e89bfaD909E1a434Cc6);
}
function isValidMintlayerAddress(string memory _mintlayerAddress) public pure returns (bool) {
bytes memory b = bytes(_mintlayerAddress);
if (b.length < 42 || b.length > 46) {
return false;
}
// Checking if it starts with "mtc1q"
if (b[0] != 'm' || b[1] != 't' || b[2] != 'c' || b[3] != '1') {
return false;
}
return true;
}
function burnTokens(uint256 _amount, string memory _mintlayerAddress) public {
require(_amount > 0, "Amount must be greater than 0");
require(isValidMintlayerAddress(_mintlayerAddress), "Invalid Mintlayer address");
// Transferring tokens to the contract
require(token.transferFrom(msg.sender, address(this), _amount), "Transfer failed");
// Emitting event
emit TokensBurned(msg.sender, _amount, _mintlayerAddress);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}
File 2 of 2: MLTToken
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.0;
import "./IERC20.sol";
import "./extensions/IERC20Metadata.sol";
import "../../utils/Context.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20 is Context, IERC20, IERC20Metadata {
mapping(address => uint256) private _balances;
mapping(address => mapping(address => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* The default value of {decimals} is 18. To select a different value for
* {decimals} you should overload it.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual override returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual override returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless this function is
* overridden;
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual override returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address to, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_transfer(owner, to, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual override returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_approve(owner, spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
* - the caller must have allowance for ``from``'s tokens of at least
* `amount`.
*/
function transferFrom(
address from,
address to,
uint256 amount
) public virtual override returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, amount);
_transfer(from, to, amount);
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, allowance(owner, spender) + addedValue);
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
address owner = _msgSender();
uint256 currentAllowance = allowance(owner, spender);
require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
unchecked {
_approve(owner, spender, currentAllowance - subtractedValue);
}
return true;
}
/**
* @dev Moves `amount` of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
*/
function _transfer(
address from,
address to,
uint256 amount
) internal virtual {
require(from != address(0), "ERC20: transfer from the zero address");
require(to != address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(from, to, amount);
uint256 fromBalance = _balances[from];
require(fromBalance >= amount, "ERC20: transfer amount exceeds balance");
unchecked {
_balances[from] = fromBalance - amount;
// Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by
// decrementing then incrementing.
_balances[to] += amount;
}
emit Transfer(from, to, amount);
_afterTokenTransfer(from, to, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply += amount;
unchecked {
// Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
_balances[account] += amount;
}
emit Transfer(address(0), account, amount);
_afterTokenTransfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
uint256 accountBalance = _balances[account];
require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
unchecked {
_balances[account] = accountBalance - amount;
// Overflow not possible: amount <= accountBalance <= totalSupply.
_totalSupply -= amount;
}
emit Transfer(account, address(0), amount);
_afterTokenTransfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(
address owner,
address spender,
uint256 amount
) internal virtual {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `amount`.
*
* Does not update the allowance amount in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Might emit an {Approval} event.
*/
function _spendAllowance(
address owner,
address spender,
uint256 amount
) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
require(currentAllowance >= amount, "ERC20: insufficient allowance");
unchecked {
_approve(owner, spender, currentAllowance - amount);
}
}
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* has been transferred to `to`.
* - when `from` is zero, `amount` tokens have been minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens have been burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _afterTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*
* _Available since v4.1._
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(
address from,
address to,
uint256 amount
) external returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/MerkleProof.sol)
pragma solidity ^0.8.0;
/**
* @dev These functions deal with verification of Merkle Tree proofs.
*
* The tree and the proofs can be generated using our
* https://github.com/OpenZeppelin/merkle-tree[JavaScript library].
* You will find a quickstart guide in the readme.
*
* WARNING: You should avoid using leaf values that are 64 bytes long prior to
* hashing, or use a hash function other than keccak256 for hashing leaves.
* This is because the concatenation of a sorted pair of internal nodes in
* the merkle tree could be reinterpreted as a leaf value.
* OpenZeppelin's JavaScript library generates merkle trees that are safe
* against this attack out of the box.
*/
library MerkleProof {
/**
* @dev Returns true if a `leaf` can be proved to be a part of a Merkle tree
* defined by `root`. For this, a `proof` must be provided, containing
* sibling hashes on the branch from the leaf to the root of the tree. Each
* pair of leaves and each pair of pre-images are assumed to be sorted.
*/
function verify(
bytes32[] memory proof,
bytes32 root,
bytes32 leaf
) internal pure returns (bool) {
return processProof(proof, leaf) == root;
}
/**
* @dev Calldata version of {verify}
*
* _Available since v4.7._
*/
function verifyCalldata(
bytes32[] calldata proof,
bytes32 root,
bytes32 leaf
) internal pure returns (bool) {
return processProofCalldata(proof, leaf) == root;
}
/**
* @dev Returns the rebuilt hash obtained by traversing a Merkle tree up
* from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt
* hash matches the root of the tree. When processing the proof, the pairs
* of leafs & pre-images are assumed to be sorted.
*
* _Available since v4.4._
*/
function processProof(bytes32[] memory proof, bytes32 leaf) internal pure returns (bytes32) {
bytes32 computedHash = leaf;
for (uint256 i = 0; i < proof.length; i++) {
computedHash = _hashPair(computedHash, proof[i]);
}
return computedHash;
}
/**
* @dev Calldata version of {processProof}
*
* _Available since v4.7._
*/
function processProofCalldata(bytes32[] calldata proof, bytes32 leaf) internal pure returns (bytes32) {
bytes32 computedHash = leaf;
for (uint256 i = 0; i < proof.length; i++) {
computedHash = _hashPair(computedHash, proof[i]);
}
return computedHash;
}
/**
* @dev Returns true if the `leaves` can be simultaneously proven to be a part of a merkle tree defined by
* `root`, according to `proof` and `proofFlags` as described in {processMultiProof}.
*
* CAUTION: Not all merkle trees admit multiproofs. See {processMultiProof} for details.
*
* _Available since v4.7._
*/
function multiProofVerify(
bytes32[] memory proof,
bool[] memory proofFlags,
bytes32 root,
bytes32[] memory leaves
) internal pure returns (bool) {
return processMultiProof(proof, proofFlags, leaves) == root;
}
/**
* @dev Calldata version of {multiProofVerify}
*
* CAUTION: Not all merkle trees admit multiproofs. See {processMultiProof} for details.
*
* _Available since v4.7._
*/
function multiProofVerifyCalldata(
bytes32[] calldata proof,
bool[] calldata proofFlags,
bytes32 root,
bytes32[] memory leaves
) internal pure returns (bool) {
return processMultiProofCalldata(proof, proofFlags, leaves) == root;
}
/**
* @dev Returns the root of a tree reconstructed from `leaves` and sibling nodes in `proof`. The reconstruction
* proceeds by incrementally reconstructing all inner nodes by combining a leaf/inner node with either another
* leaf/inner node or a proof sibling node, depending on whether each `proofFlags` item is true or false
* respectively.
*
* CAUTION: Not all merkle trees admit multiproofs. To use multiproofs, it is sufficient to ensure that: 1) the tree
* is complete (but not necessarily perfect), 2) the leaves to be proven are in the opposite order they are in the
* tree (i.e., as seen from right to left starting at the deepest layer and continuing at the next layer).
*
* _Available since v4.7._
*/
function processMultiProof(
bytes32[] memory proof,
bool[] memory proofFlags,
bytes32[] memory leaves
) internal pure returns (bytes32 merkleRoot) {
// This function rebuild the root hash by traversing the tree up from the leaves. The root is rebuilt by
// consuming and producing values on a queue. The queue starts with the `leaves` array, then goes onto the
// `hashes` array. At the end of the process, the last hash in the `hashes` array should contain the root of
// the merkle tree.
uint256 leavesLen = leaves.length;
uint256 totalHashes = proofFlags.length;
// Check proof validity.
require(leavesLen + proof.length - 1 == totalHashes, "MerkleProof: invalid multiproof");
// The xxxPos values are "pointers" to the next value to consume in each array. All accesses are done using
// `xxx[xxxPos++]`, which return the current value and increment the pointer, thus mimicking a queue's "pop".
bytes32[] memory hashes = new bytes32[](totalHashes);
uint256 leafPos = 0;
uint256 hashPos = 0;
uint256 proofPos = 0;
// At each step, we compute the next hash using two values:
// - a value from the "main queue". If not all leaves have been consumed, we get the next leaf, otherwise we
// get the next hash.
// - depending on the flag, either another value for the "main queue" (merging branches) or an element from the
// `proof` array.
for (uint256 i = 0; i < totalHashes; i++) {
bytes32 a = leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++];
bytes32 b = proofFlags[i] ? leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++] : proof[proofPos++];
hashes[i] = _hashPair(a, b);
}
if (totalHashes > 0) {
return hashes[totalHashes - 1];
} else if (leavesLen > 0) {
return leaves[0];
} else {
return proof[0];
}
}
/**
* @dev Calldata version of {processMultiProof}.
*
* CAUTION: Not all merkle trees admit multiproofs. See {processMultiProof} for details.
*
* _Available since v4.7._
*/
function processMultiProofCalldata(
bytes32[] calldata proof,
bool[] calldata proofFlags,
bytes32[] memory leaves
) internal pure returns (bytes32 merkleRoot) {
// This function rebuild the root hash by traversing the tree up from the leaves. The root is rebuilt by
// consuming and producing values on a queue. The queue starts with the `leaves` array, then goes onto the
// `hashes` array. At the end of the process, the last hash in the `hashes` array should contain the root of
// the merkle tree.
uint256 leavesLen = leaves.length;
uint256 totalHashes = proofFlags.length;
// Check proof validity.
require(leavesLen + proof.length - 1 == totalHashes, "MerkleProof: invalid multiproof");
// The xxxPos values are "pointers" to the next value to consume in each array. All accesses are done using
// `xxx[xxxPos++]`, which return the current value and increment the pointer, thus mimicking a queue's "pop".
bytes32[] memory hashes = new bytes32[](totalHashes);
uint256 leafPos = 0;
uint256 hashPos = 0;
uint256 proofPos = 0;
// At each step, we compute the next hash using two values:
// - a value from the "main queue". If not all leaves have been consumed, we get the next leaf, otherwise we
// get the next hash.
// - depending on the flag, either another value for the "main queue" (merging branches) or an element from the
// `proof` array.
for (uint256 i = 0; i < totalHashes; i++) {
bytes32 a = leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++];
bytes32 b = proofFlags[i] ? leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++] : proof[proofPos++];
hashes[i] = _hashPair(a, b);
}
if (totalHashes > 0) {
return hashes[totalHashes - 1];
} else if (leavesLen > 0) {
return leaves[0];
} else {
return proof[0];
}
}
function _hashPair(bytes32 a, bytes32 b) private pure returns (bytes32) {
return a < b ? _efficientHash(a, b) : _efficientHash(b, a);
}
function _efficientHash(bytes32 a, bytes32 b) private pure returns (bytes32 value) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, a)
mstore(0x20, b)
value := keccak256(0x00, 0x40)
}
}
}
/// SPDX-License-Identifier: MIT
pragma solidity 0.8.0;
import '@openzeppelin/contracts/token/ERC20/ERC20.sol';
import '@openzeppelin/contracts/utils/cryptography/MerkleProof.sol';
contract MLTToken is ERC20 {
\t/********
\t* INDEX *
\t*********/
\t// 1. Type declarations.
\t// 2. Constants and variables.
\t// 3. Mappings.
\t// 4. Modifiers.
\t// 5. Events.
\t// 6. Functions.
\t/***********************
\t* 1. TYPE DECLARATIONS *
\t************************/
\tstruct VestingData {
\t\taddress beneficiary;
\t\tuint256 amount;
\t\tuint256 cliff;
\t\tbytes32[] proof;
\t}
\tstruct Allocation {
\t\tuint256 unlocking;
\t\tuint256[] monthly;
\t\tuint256[] months;
\t\tuint256 cliff;
\t}
\t/*****************************
\t* 2. CONSTANTS AND VARIABLES *
\t******************************/
\tuint256 public VESTING_START_TIMESTAMP;
\t/// @dev of URIs for all the Merkle trees added to the contract.
\tstring[] public rootURIs;
\t/**************
\t* 3. MAPPINGS *
\t***************/
\t/**
\t * Mapping of URIs to IPFS storing the data of a vestingTree.
\t * root => URI (IPFS)
\t**/
\tmapping(bytes32 => string) public mapRootURIs;
\t/**
\t * @dev Record of user withdrawals by cliff.
\t * leaf = keccak256(abi.encodePacked(beneficiary, amount, cliff))
\t * leaf => claimed
\t**/
\tmapping(bytes32 => bool) public vestingClaimed;
\t/**
\t * @dev Total balance of vesting tree by root hash
\t * Root hash => balance
\t**/
\tmapping(bytes32 => uint256) public balanceByRootHash;
\t/**
\t * @dev Root hash record of valid vesting trees
\t * Root hash => valid
\t**/
\tmapping(bytes32 => bool) public rootWhitelist;
\t/**
\t * @dev Treasurer mapping. A treasurer is an address which has the possibility of generating
\t * new TGE with the tokens that are assigned to it at the time of contract deployment.
\t * address => isTreasurer
\t**/
\tmapping(address => bool) private _treasurers;
\t/***************
\t* 4. MODIFIERS *
\t****************/
\t/**
\t * @dev Throws if root no valid
\t**/
\tmodifier validRoot(bytes32 _root) {
\t\trequire(rootWhitelist[_root], "Root no valid");
\t\t_;
\t}
\t/************
\t* 5. EVENTS *
\t*************/
\tevent AddedRoot(bytes32 indexed root);
\tevent VestedTokenGrant(bytes32 indexed leafHash);
\t/***************
\t* 6. FUNCTIONS *
\t****************/
\t/**
\t * @param name_ Name of ERC20 token
\t * @param symbol_ Symbol of ERC20 token
\t * @param supply_ Supply of ERC20 token
\t * @param uriIPFS_ IPFS URI for the initial vesting tree data.
\t * @param vestingTreeRoot_ Vesting tree root hash
\t * @param vestingStartTimestamp_ Timestamp of vesting start as seconds since the Unix epoch
\t * @param proofBalance_ Proof of total balance
\t * @param treasurers_ Addresses of authorized treasurers
\t **/
\tconstructor(
\t\tstring memory name_,
\t\tstring memory symbol_,
\t\tuint256 supply_,
\t\tstring memory uriIPFS_,
\t\tbytes32 vestingTreeRoot_,
\t\tuint256 vestingStartTimestamp_,
\t\tbytes32[] memory proofBalance_,
\t\taddress[] memory treasurers_
\t) ERC20(name_, symbol_) {
\t\tuint256 supply = supply_ * uint256(10)**decimals();
\t\t/**
\t\t * @dev
\t\t * A validation of the supply registered in the merkle tree is made to verify that it
\t\t * matches the supply that the contract will have and to ensure that sufficient funds
\t\t * are available to comply with all the TGE assignments.
\t\t**/
\t\trequire(
\t\t\tMerkleProof.verify(proofBalance_, vestingTreeRoot_, keccak256(abi.encodePacked(supply))),
\t\t\t'The total supply of the contract does not match that of the merketree'
\t\t);
\t\tfor(uint256 i = 0; i < treasurers_.length; i++) _treasurers[treasurers_[i]] = true;
\t\trootWhitelist[vestingTreeRoot_] = true;
\t\tbalanceByRootHash[vestingTreeRoot_] = supply;
\t\tVESTING_START_TIMESTAMP = vestingStartTimestamp_;
\t\temit AddedRoot(vestingTreeRoot_);
\t\trootURIs.push(uriIPFS_);
\t\tmapRootURIs[vestingTreeRoot_] = uriIPFS_;
\t\t_mint(address(this), supply);
\t}
\t/**
\t * @dev Verify if an address is a treasury address.
\t * @param t_ Address of treasurer.
\t**/
\tfunction isTreasurer(address t_) view public returns(bool) {
\t\treturn _treasurers[t_];
\t}
\t/**
\t * @dev Verify the validity of merkle proof associated with an address.
\t * @param beneficiary_ Address of beneficiary.
\t * @param amount_ Amount vested tokens to be released.
\t * @param cliff_ Lock delay for release.
\t * @param root_ Merkle tree root.
\t * @param proof_ Merkle proof.
\t**/
\tfunction verifyProof(
\t\taddress beneficiary_,
\t\tuint256 amount_,
\t\tuint256 cliff_,
\t\tbytes32 root_,
\t\tbytes32[] calldata proof_
\t) external view returns(bool) {
\t\tif(!rootWhitelist[root_]) return false;
\t\tbytes32 _leaf = keccak256(abi.encodePacked(beneficiary_, amount_, cliff_));
\t\treturn MerkleProof.verify(proof_, root_, _leaf);
\t}
\t/**
\t * @dev Add a new merkle tree hash. Only addresses registered in the initial Merkle tree as
\t * treasurers have the possibility of adding new Merkle trees, and they are only allowed to
\t * add batches of users that belong to the same group (pool) and with the same allocation date.
\t * @param root_ Merkle tree root of treasurer.
\t * @param newRoot_ New merkle tree root.
\t * @param amount_ Balance that is assigned to new merkle tree.
\t * @param uriIPFS_ IPFS URI for the initial vesting tree data.
\t * @param allocation_ treasurer allocation
\t * @param balanceProof_ Merkle proof of balance.
\t * @param initialAllocationProof_ Merkle proof initial allocation.
\t * @param newAllocationProof_ Merkle proof new allocation.
\t * @param allocationQuantityProof_ Merkle proof allocation quantity.
\t * @param vestingSchedules_ Array of vestingData.
\t**/
\tfunction addRoot(
\t\tbytes32 root_,
\t\tbytes32 newRoot_,
\t\tuint256 amount_,
\t\tstring memory uriIPFS_,
\t\tAllocation memory allocation_,
\t\tbytes32[] memory balanceProof_,
\t\tbytes32[] memory initialAllocationProof_,
\t\tbytes32[] memory newAllocationProof_,
\t\tbytes32[] memory allocationQuantityProof_,
\t\tVestingData[] calldata vestingSchedules_
\t) external validRoot(root_) {
\t\trequire(isTreasurer(msg.sender), 'Caller is not a treasurer');
\t\trequire(MerkleProof.verify(
\t\t\tallocationQuantityProof_,
\t\t\tnewRoot_,
\t\t\tkeccak256(abi.encodePacked('ALLOCATION_QUANTITY', uint256(1)))
\t\t), 'The quantity of the allocation of the new Merkle tree is invalid');
\t\t/// @dev the allocation dates of the treasurer who is adding a new merkle tree must match
\t\t// the one assigned in the original merkle tree
\t\trequire(
\t\t\tMerkleProof.verify(
\t\t\t\tinitialAllocationProof_,
\t\t\t\troot_,
\t\t\t\tkeccak256(abi.encodePacked(
\t\t\t\t\tmsg.sender,
\t\t\t\t\tallocation_.unlocking,
\t\t\t\t\tallocation_.monthly,
\t\t\t\t\tallocation_.months,
\t\t\t\t\tallocation_.cliff
\t\t\t\t))
\t\t\t)
\t\t\t&&
\t\t\tMerkleProof.verify(
\t\t\t\tnewAllocationProof_,
\t\t\t\tnewRoot_,
\t\t\t\tkeccak256(abi.encodePacked(
\t\t\t\t\tmsg.sender,
\t\t\t\t\tallocation_.unlocking,
\t\t\t\t\tallocation_.monthly,
\t\t\t\t\tallocation_.months,
\t\t\t\t\tallocation_.cliff
\t\t\t\t))
\t\t\t),
\t\t\t'Allocation type of the new Merkle tree is invalid'
\t\t);
\t\trequire(
\t\t\tMerkleProof.verify(balanceProof_, newRoot_, keccak256(abi.encodePacked(amount_))),
\t\t\t'The supply sent does not match that of the merketree'
\t\t);
\t\tbytes32 r = root_;
\t\tuint256 balance = 0;
\t\tfor(uint256 i = 0; i < vestingSchedules_.length; i++) {
\t\t\t(
\t\t\t\taddress beneficiary,
\t\t\t\tuint256 amount,
\t\t\t\tuint256 cliff,
\t\t\t\tbytes32[] calldata proof
\t\t\t) = _splitVestingSchedule(vestingSchedules_[i]);
\t\t\trequire(beneficiary == msg.sender, 'You cannot claim tokens from another user');
\t\t\tbytes32 leaf = keccak256(abi.encodePacked(beneficiary, amount, cliff));
\t\t\tif(!vestingClaimed[leaf]) {
\t\t\t\trequire(
\t\t\t\t\tMerkleProof.verify(proof, r, leaf), 'Invalid merkle proof'
\t\t\t\t);
\t\t\t\trequire(balanceByRootHash[r] >= amount, 'Supply is not enough to claim allocation');
\t\t\t\tvestingClaimed[leaf] = true;
\t\t\t\tbalanceByRootHash[r] -= amount;
\t\t\t\tbalance += amount;
\t\t\t\temit VestedTokenGrant(leaf);
\t\t\t}
\t\t}
\t\trequire(!rootWhitelist[newRoot_], 'Root hash already exists');
\t\trequire(amount_ == balance, 'Amount is different from balance');
\t\trootWhitelist[newRoot_] = true;
\t\tbalanceByRootHash[newRoot_] = amount_;
\t\trootURIs.push(uriIPFS_);
\t\tmapRootURIs[newRoot_] = uriIPFS_;
\t\temit AddedRoot(newRoot_);
\t}
\t/**
\t * @dev Release vesting in batches
\t * @param vestingSchedules_ Array of vesting schedule
\t * @param root_ Merkle tree root
\t**/
\tfunction batchReleaseVested(VestingData[] calldata vestingSchedules_, bytes32 root_) external {
\t\tfor(uint256 i = 0; i < vestingSchedules_.length; i++) {
\t\t\t(
\t\t\t\taddress beneficiary,
\t\t\t\tuint256 amount,
\t\t\t\tuint256 cliff,
\t\t\t\tbytes32[] calldata proof
\t\t\t) = _splitVestingSchedule(vestingSchedules_[i]);
\t\t\tbytes32 _leaf = keccak256(abi.encodePacked(beneficiary, amount, cliff));
\t\t\tif(!vestingClaimed[_leaf]) _releaseVested(beneficiary, amount, cliff, root_, proof);
\t\t}
\t}
\t/**
\t * @dev Release vesting associated with an address
\t * @param _beneficiary Address of beneficiary
\t * @param _amount Amount vested tokens to be released
\t * @param _cliff Lock delay for release
\t * @param _root Merkle tree root
\t * @param _proof Merkle proof
\t**/
\tfunction releaseVested(
\t\taddress _beneficiary,
\t\tuint256 _amount,
\t\tuint256 _cliff,
\t\tbytes32 _root,
\t\tbytes32[] calldata _proof
\t) external {
\t\t_releaseVested(_beneficiary, _amount, _cliff, _root, _proof);
\t}
\t/**
\t * @dev Release vesting associated with an address
\t * @param beneficiary_ Address of beneficiary
\t * @param amount_ Amount vested tokens to be released
\t * @param cliff_ Lock delay for release
\t * @param root_ Merkle tree root
\t * @param proof_ Merkle proof
\t**/
\tfunction _releaseVested(
\t\taddress beneficiary_,
\t\tuint256 amount_,
\t\tuint256 cliff_,
\t\tbytes32 root_,
\t\tbytes32[] calldata proof_
\t) internal validRoot(root_) {
\t\tbytes32 leaf = keccak256(abi.encodePacked(beneficiary_, amount_, cliff_));
\t\trequire(
\t\t\tMerkleProof.verify(proof_, root_, leaf), 'Invalid merkle proof'
\t\t);
\t\trequire(!vestingClaimed[leaf], 'Tokens already claimed');
\t\trequire(balanceByRootHash[root_] >= amount_, 'Supply is not enough to claim allocation');
\t\trequire(
\t\t\tblock.timestamp >= VESTING_START_TIMESTAMP + cliff_,
\t\t\t"The release date has not yet arrived"
\t\t);
\t\trequire(!isTreasurer(beneficiary_), "Treasury addresses cannot claim tokens");
\t\tvestingClaimed[leaf] = true;
\t\tbalanceByRootHash[root_] -= amount_;
\t\t_transfer(address(this), beneficiary_, amount_);
\t\temit VestedTokenGrant(leaf);
\t}
\tfunction _splitVestingSchedule(VestingData calldata _user) internal pure returns(
\t\taddress beneficiary,
\t\tuint256 amount,
\t\tuint256 cliff,
\t\tbytes32[] calldata proof
\t) {
\t\treturn (_user.beneficiary, _user.amount, _user.cliff, _user.proof);
\t}
}