Transaction Hash:
Block:
12314485 at Apr-26-2021 07:06:10 AM +UTC
Transaction Fee:
0.004546042 ETH
$11.12
Gas Used:
98,827 Gas / 46 Gwei
Emitted Events:
| 252 |
BPool.0xb02f0b7300000000000000000000000000000000000000000000000000000000( 0xb02f0b7300000000000000000000000000000000000000000000000000000000, 0x000000000000000000000000355fad7c6885bb8baed57974626c4b881445eef1, 0000000000000000000000000000000000000000000000000000000000000020, 00000000000000000000000000000000000000000000000000000000000000a4, b02f0b7300000000000000000000000000000000000000000001b9b88be1628b, b64e1a7a00000000000000000000000000000000000000000000000000000000, 0000004000000000000000000000000000000000000000000000000000000000, 0000000200000000000000000000000000000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000 )
|
| 253 |
BPool.Transfer( src=[Sender] 0x355fad7c6885bb8baed57974626c4b881445eef1, dst=[Receiver] BPool, amt=2085967899300869327166074 )
|
| 254 |
BPool.Transfer( src=[Receiver] BPool, dst=BFactory, amt=0 )
|
| 255 |
BPool.Transfer( src=[Receiver] BPool, dst=0x0000000000000000000000000000000000000000, amt=2085967899300869327166074 )
|
| 256 |
BPool.LOG_EXIT( caller=[Sender] 0x355fad7c6885bb8baed57974626c4b881445eef1, tokenOut=InitializableAdminUpgradeabilityProxy, tokenAmountOut=208972321397392579154854 )
|
| 257 |
InitializableAdminUpgradeabilityProxy.0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef( 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef, 0x00000000000000000000000096248f6305d04c4842df1abba3714036226bf3fb, 0x000000000000000000000000355fad7c6885bb8baed57974626c4b881445eef1, 000000000000000000000000000000000000000000002c406988b81e3a1ad3a6 )
|
| 258 |
BPool.LOG_EXIT( caller=[Sender] 0x355fad7c6885bb8baed57974626c4b881445eef1, tokenOut=Dai, tokenAmountOut=4365492289025709305324 )
|
| 259 |
Dai.Transfer( src=[Receiver] BPool, dst=[Sender] 0x355fad7c6885bb8baed57974626c4b881445eef1, wad=4365492289025709305324 )
|
Account State Difference:
| Address | Before | After | State Difference | ||
|---|---|---|---|---|---|
| 0x355faD7C...81445EEF1 |
3.930033168513271283 Eth
Nonce: 135
|
3.925487126513271283 Eth
Nonce: 136
| 0.004546042 | ||
| 0x6B175474...495271d0F | |||||
| 0x71C526e5...387413656 | |||||
|
0x829BD824...93333A830
Miner
| (F2Pool Old) | 3,517.491198582527079519 Eth | 3,517.495744624527079519 Eth | 0.004546042 | |
| 0x96248F63...6226bf3Fb |
Execution Trace
BPool.exitPool( poolAmountIn=2085967899300869327166074, minAmountsOut=[0, 0] )
BPool.exitPool( poolAmountIn=2085967899300869327166074, minAmountsOut=[0, 0] )
File 1 of 5: BPool
File 2 of 5: BFactory
File 3 of 5: InitializableAdminUpgradeabilityProxy
File 4 of 5: Dai
File 5 of 5: CoverERC20
{"BColor.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is distributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\ncontract BColor {\n function getColor()\n external view\n returns (bytes32);\n}\n\ncontract BBronze is BColor {\n function getColor()\n external view\n returns (bytes32) {\n return bytes32(\"BRONZE\");\n }\n}\n"},"BConst.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is distributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\nimport \"./BColor.sol\";\n\ncontract BConst is BBronze {\n uint public constant BONE = 10**18;\n\n uint public constant MIN_BOUND_TOKENS = 2;\n uint public constant MAX_BOUND_TOKENS = 8;\n\n uint public constant MIN_FEE = BONE / 10**6;\n uint public constant MAX_FEE = BONE / 10;\n uint public constant EXIT_FEE = 0;\n\n uint public constant MIN_WEIGHT = BONE;\n uint public constant MAX_WEIGHT = BONE * 50;\n uint public constant MAX_TOTAL_WEIGHT = BONE * 50;\n uint public constant MIN_BALANCE = BONE / 10**12;\n\n uint public constant INIT_POOL_SUPPLY = BONE * 100;\n\n uint public constant MIN_BPOW_BASE = 1 wei;\n uint public constant MAX_BPOW_BASE = (2 * BONE) - 1 wei;\n uint public constant BPOW_PRECISION = BONE / 10**10;\n\n uint public constant MAX_IN_RATIO = BONE / 2;\n uint public constant MAX_OUT_RATIO = (BONE / 3) + 1 wei;\n}\n"},"BMath.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is distributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\nimport \"./BNum.sol\";\n\ncontract BMath is BBronze, BConst, BNum {\n /**********************************************************************************************\n // calcSpotPrice //\n // sP = spotPrice //\n // bI = tokenBalanceIn ( bI / wI ) 1 //\n // bO = tokenBalanceOut sP = ----------- * ---------- //\n // wI = tokenWeightIn ( bO / wO ) ( 1 - sF ) //\n // wO = tokenWeightOut //\n // sF = swapFee //\n **********************************************************************************************/\n function calcSpotPrice(\n uint tokenBalanceIn,\n uint tokenWeightIn,\n uint tokenBalanceOut,\n uint tokenWeightOut,\n uint swapFee\n )\n public pure\n returns (uint spotPrice)\n {\n uint numer = bdiv(tokenBalanceIn, tokenWeightIn);\n uint denom = bdiv(tokenBalanceOut, tokenWeightOut);\n uint ratio = bdiv(numer, denom);\n uint scale = bdiv(BONE, bsub(BONE, swapFee));\n return (spotPrice = bmul(ratio, scale));\n }\n\n /**********************************************************************************************\n // calcOutGivenIn //\n // aO = tokenAmountOut //\n // bO = tokenBalanceOut //\n // bI = tokenBalanceIn / / bI \\ (wI / wO) \\ //\n // aI = tokenAmountIn aO = bO * | 1 - | -------------------------- | ^ | //\n // wI = tokenWeightIn \\ \\ ( bI + ( aI * ( 1 - sF )) / / //\n // wO = tokenWeightOut //\n // sF = swapFee //\n **********************************************************************************************/\n function calcOutGivenIn(\n uint tokenBalanceIn,\n uint tokenWeightIn,\n uint tokenBalanceOut,\n uint tokenWeightOut,\n uint tokenAmountIn,\n uint swapFee\n )\n public pure\n returns (uint tokenAmountOut)\n {\n uint weightRatio = bdiv(tokenWeightIn, tokenWeightOut);\n uint adjustedIn = bsub(BONE, swapFee);\n adjustedIn = bmul(tokenAmountIn, adjustedIn);\n uint y = bdiv(tokenBalanceIn, badd(tokenBalanceIn, adjustedIn));\n uint foo = bpow(y, weightRatio);\n uint bar = bsub(BONE, foo);\n tokenAmountOut = bmul(tokenBalanceOut, bar);\n return tokenAmountOut;\n }\n\n /**********************************************************************************************\n // calcInGivenOut //\n // aI = tokenAmountIn //\n // bO = tokenBalanceOut / / bO \\ (wO / wI) \\ //\n // bI = tokenBalanceIn bI * | | ------------ | ^ - 1 | //\n // aO = tokenAmountOut aI = \\ \\ ( bO - aO ) / / //\n // wI = tokenWeightIn -------------------------------------------- //\n // wO = tokenWeightOut ( 1 - sF ) //\n // sF = swapFee //\n **********************************************************************************************/\n function calcInGivenOut(\n uint tokenBalanceIn,\n uint tokenWeightIn,\n uint tokenBalanceOut,\n uint tokenWeightOut,\n uint tokenAmountOut,\n uint swapFee\n )\n public pure\n returns (uint tokenAmountIn)\n {\n uint weightRatio = bdiv(tokenWeightOut, tokenWeightIn);\n uint diff = bsub(tokenBalanceOut, tokenAmountOut);\n uint y = bdiv(tokenBalanceOut, diff);\n uint foo = bpow(y, weightRatio);\n foo = bsub(foo, BONE);\n tokenAmountIn = bsub(BONE, swapFee);\n tokenAmountIn = bdiv(bmul(tokenBalanceIn, foo), tokenAmountIn);\n return tokenAmountIn;\n }\n\n /**********************************************************************************************\n // calcPoolOutGivenSingleIn //\n // pAo = poolAmountOut / \\ //\n // tAi = tokenAmountIn /// / // wI \\ \\\\ \\ wI \\ //\n // wI = tokenWeightIn //| tAi *| 1 - || 1 - -- | * sF || + tBi \\ -- \\ //\n // tW = totalWeight pAo=|| \\ \\ \\\\ tW / // | ^ tW | * pS - pS //\n // tBi = tokenBalanceIn \\\\ ------------------------------------- / / //\n // pS = poolSupply \\\\ tBi / / //\n // sF = swapFee \\ / //\n **********************************************************************************************/\n function calcPoolOutGivenSingleIn(\n uint tokenBalanceIn,\n uint tokenWeightIn,\n uint poolSupply,\n uint totalWeight,\n uint tokenAmountIn,\n uint swapFee\n )\n public pure\n returns (uint poolAmountOut)\n {\n // Charge the trading fee for the proportion of tokenAi\n /// which is implicitly traded to the other pool tokens.\n // That proportion is (1- weightTokenIn)\n // tokenAiAfterFee = tAi * (1 - (1-weightTi) * poolFee);\n uint normalizedWeight = bdiv(tokenWeightIn, totalWeight);\n uint zaz = bmul(bsub(BONE, normalizedWeight), swapFee); \n uint tokenAmountInAfterFee = bmul(tokenAmountIn, bsub(BONE, zaz));\n\n uint newTokenBalanceIn = badd(tokenBalanceIn, tokenAmountInAfterFee);\n uint tokenInRatio = bdiv(newTokenBalanceIn, tokenBalanceIn);\n\n // uint newPoolSupply = (ratioTi ^ weightTi) * poolSupply;\n uint poolRatio = bpow(tokenInRatio, normalizedWeight);\n uint newPoolSupply = bmul(poolRatio, poolSupply);\n poolAmountOut = bsub(newPoolSupply, poolSupply);\n return poolAmountOut;\n }\n\n /**********************************************************************************************\n // calcSingleInGivenPoolOut //\n // tAi = tokenAmountIn //(pS + pAo)\\ / 1 \\\\ //\n // pS = poolSupply || --------- | ^ | --------- || * bI - bI //\n // pAo = poolAmountOut \\\\ pS / \\(wI / tW)// //\n // bI = balanceIn tAi = -------------------------------------------- //\n // wI = weightIn / wI \\ //\n // tW = totalWeight | 1 - ---- | * sF //\n // sF = swapFee \\ tW / //\n **********************************************************************************************/\n function calcSingleInGivenPoolOut(\n uint tokenBalanceIn,\n uint tokenWeightIn,\n uint poolSupply,\n uint totalWeight,\n uint poolAmountOut,\n uint swapFee\n )\n public pure\n returns (uint tokenAmountIn)\n {\n uint normalizedWeight = bdiv(tokenWeightIn, totalWeight);\n uint newPoolSupply = badd(poolSupply, poolAmountOut);\n uint poolRatio = bdiv(newPoolSupply, poolSupply);\n \n //uint newBalTi = poolRatio^(1/weightTi) * balTi;\n uint boo = bdiv(BONE, normalizedWeight); \n uint tokenInRatio = bpow(poolRatio, boo);\n uint newTokenBalanceIn = bmul(tokenInRatio, tokenBalanceIn);\n uint tokenAmountInAfterFee = bsub(newTokenBalanceIn, tokenBalanceIn);\n // Do reverse order of fees charged in joinswap_ExternAmountIn, this way \n // ``` pAo == joinswap_ExternAmountIn(Ti, joinswap_PoolAmountOut(pAo, Ti)) ```\n //uint tAi = tAiAfterFee / (1 - (1-weightTi) * swapFee) ;\n uint zar = bmul(bsub(BONE, normalizedWeight), swapFee);\n tokenAmountIn = bdiv(tokenAmountInAfterFee, bsub(BONE, zar));\n return tokenAmountIn;\n }\n\n /**********************************************************************************************\n // calcSingleOutGivenPoolIn //\n // tAo = tokenAmountOut / / \\\\ //\n // bO = tokenBalanceOut / // pS - (pAi * (1 - eF)) \\ / 1 \\ \\\\ //\n // pAi = poolAmountIn | bO - || ----------------------- | ^ | --------- | * b0 || //\n // ps = poolSupply \\ \\\\ pS / \\(wO / tW)/ // //\n // wI = tokenWeightIn tAo = \\ \\ // //\n // tW = totalWeight / / wO \\ \\ //\n // sF = swapFee * | 1 - | 1 - ---- | * sF | //\n // eF = exitFee \\ \\ tW / / //\n **********************************************************************************************/\n function calcSingleOutGivenPoolIn(\n uint tokenBalanceOut,\n uint tokenWeightOut,\n uint poolSupply,\n uint totalWeight,\n uint poolAmountIn,\n uint swapFee\n )\n public pure\n returns (uint tokenAmountOut)\n {\n uint normalizedWeight = bdiv(tokenWeightOut, totalWeight);\n // charge exit fee on the pool token side\n // pAiAfterExitFee = pAi*(1-exitFee)\n uint poolAmountInAfterExitFee = bmul(poolAmountIn, bsub(BONE, EXIT_FEE));\n uint newPoolSupply = bsub(poolSupply, poolAmountInAfterExitFee);\n uint poolRatio = bdiv(newPoolSupply, poolSupply);\n \n // newBalTo = poolRatio^(1/weightTo) * balTo;\n uint tokenOutRatio = bpow(poolRatio, bdiv(BONE, normalizedWeight));\n uint newTokenBalanceOut = bmul(tokenOutRatio, tokenBalanceOut);\n\n uint tokenAmountOutBeforeSwapFee = bsub(tokenBalanceOut, newTokenBalanceOut);\n\n // charge swap fee on the output token side \n //uint tAo = tAoBeforeSwapFee * (1 - (1-weightTo) * swapFee)\n uint zaz = bmul(bsub(BONE, normalizedWeight), swapFee); \n tokenAmountOut = bmul(tokenAmountOutBeforeSwapFee, bsub(BONE, zaz));\n return tokenAmountOut;\n }\n\n /**********************************************************************************************\n // calcPoolInGivenSingleOut //\n // pAi = poolAmountIn // / tAo \\\\ / wO \\ \\ //\n // bO = tokenBalanceOut // | bO - -------------------------- |\\ | ---- | \\ //\n // tAo = tokenAmountOut pS - || \\ 1 - ((1 - (tO / tW)) * sF)/ | ^ \\ tW / * pS | //\n // ps = poolSupply \\\\ -----------------------------------/ / //\n // wO = tokenWeightOut pAi = \\\\ bO / / //\n // tW = totalWeight ------------------------------------------------------------- //\n // sF = swapFee ( 1 - eF ) //\n // eF = exitFee //\n **********************************************************************************************/\n function calcPoolInGivenSingleOut(\n uint tokenBalanceOut,\n uint tokenWeightOut,\n uint poolSupply,\n uint totalWeight,\n uint tokenAmountOut,\n uint swapFee\n )\n public pure\n returns (uint poolAmountIn)\n {\n\n // charge swap fee on the output token side \n uint normalizedWeight = bdiv(tokenWeightOut, totalWeight);\n //uint tAoBeforeSwapFee = tAo / (1 - (1-weightTo) * swapFee) ;\n uint zoo = bsub(BONE, normalizedWeight);\n uint zar = bmul(zoo, swapFee); \n uint tokenAmountOutBeforeSwapFee = bdiv(tokenAmountOut, bsub(BONE, zar));\n\n uint newTokenBalanceOut = bsub(tokenBalanceOut, tokenAmountOutBeforeSwapFee);\n uint tokenOutRatio = bdiv(newTokenBalanceOut, tokenBalanceOut);\n\n //uint newPoolSupply = (ratioTo ^ weightTo) * poolSupply;\n uint poolRatio = bpow(tokenOutRatio, normalizedWeight);\n uint newPoolSupply = bmul(poolRatio, poolSupply);\n uint poolAmountInAfterExitFee = bsub(poolSupply, newPoolSupply);\n\n // charge exit fee on the pool token side\n // pAi = pAiAfterExitFee/(1-exitFee)\n poolAmountIn = bdiv(poolAmountInAfterExitFee, bsub(BONE, EXIT_FEE));\n return poolAmountIn;\n }\n\n\n}\n"},"BNum.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is distributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\nimport \"./BConst.sol\";\n\ncontract BNum is BConst {\n\n function btoi(uint a)\n internal pure \n returns (uint)\n {\n return a / BONE;\n }\n\n function bfloor(uint a)\n internal pure\n returns (uint)\n {\n return btoi(a) * BONE;\n }\n\n function badd(uint a, uint b)\n internal pure\n returns (uint)\n {\n uint c = a + b;\n require(c \u003e= a, \"ERR_ADD_OVERFLOW\");\n return c;\n }\n\n function bsub(uint a, uint b)\n internal pure\n returns (uint)\n {\n (uint c, bool flag) = bsubSign(a, b);\n require(!flag, \"ERR_SUB_UNDERFLOW\");\n return c;\n }\n\n function bsubSign(uint a, uint b)\n internal pure\n returns (uint, bool)\n {\n if (a \u003e= b) {\n return (a - b, false);\n } else {\n return (b - a, true);\n }\n }\n\n function bmul(uint a, uint b)\n internal pure\n returns (uint)\n {\n uint c0 = a * b;\n require(a == 0 || c0 / a == b, \"ERR_MUL_OVERFLOW\");\n uint c1 = c0 + (BONE / 2);\n require(c1 \u003e= c0, \"ERR_MUL_OVERFLOW\");\n uint c2 = c1 / BONE;\n return c2;\n }\n\n function bdiv(uint a, uint b)\n internal pure\n returns (uint)\n {\n require(b != 0, \"ERR_DIV_ZERO\");\n uint c0 = a * BONE;\n require(a == 0 || c0 / a == BONE, \"ERR_DIV_INTERNAL\"); // bmul overflow\n uint c1 = c0 + (b / 2);\n require(c1 \u003e= c0, \"ERR_DIV_INTERNAL\"); // badd require\n uint c2 = c1 / b;\n return c2;\n }\n\n // DSMath.wpow\n function bpowi(uint a, uint n)\n internal pure\n returns (uint)\n {\n uint z = n % 2 != 0 ? a : BONE;\n\n for (n /= 2; n != 0; n /= 2) {\n a = bmul(a, a);\n\n if (n % 2 != 0) {\n z = bmul(z, a);\n }\n }\n return z;\n }\n\n // Compute b^(e.w) by splitting it into (b^e)*(b^0.w).\n // Use `bpowi` for `b^e` and `bpowK` for k iterations\n // of approximation of b^0.w\n function bpow(uint base, uint exp)\n internal pure\n returns (uint)\n {\n require(base \u003e= MIN_BPOW_BASE, \"ERR_BPOW_BASE_TOO_LOW\");\n require(base \u003c= MAX_BPOW_BASE, \"ERR_BPOW_BASE_TOO_HIGH\");\n\n uint whole = bfloor(exp); \n uint remain = bsub(exp, whole);\n\n uint wholePow = bpowi(base, btoi(whole));\n\n if (remain == 0) {\n return wholePow;\n }\n\n uint partialResult = bpowApprox(base, remain, BPOW_PRECISION);\n return bmul(wholePow, partialResult);\n }\n\n function bpowApprox(uint base, uint exp, uint precision)\n internal pure\n returns (uint)\n {\n // term 0:\n uint a = exp;\n (uint x, bool xneg) = bsubSign(base, BONE);\n uint term = BONE;\n uint sum = term;\n bool negative = false;\n\n\n // term(k) = numer / denom \n // = (product(a - i - 1, i=1--\u003ek) * x^k) / (k!)\n // each iteration, multiply previous term by (a-(k-1)) * x / k\n // continue until term is less than precision\n for (uint i = 1; term \u003e= precision; i++) {\n uint bigK = i * BONE;\n (uint c, bool cneg) = bsubSign(a, bsub(bigK, BONE));\n term = bmul(term, bmul(c, x));\n term = bdiv(term, bigK);\n if (term == 0) break;\n\n if (xneg) negative = !negative;\n if (cneg) negative = !negative;\n if (negative) {\n sum = bsub(sum, term);\n } else {\n sum = badd(sum, term);\n }\n }\n\n return sum;\n }\n\n}\n"},"BPool.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is distributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\nimport \"./BToken.sol\";\nimport \"./BMath.sol\";\n\ncontract BPool is BBronze, BToken, BMath {\n\n struct Record {\n bool bound; // is token bound to pool\n uint index; // private\n uint denorm; // denormalized weight\n uint balance;\n }\n\n event LOG_SWAP(\n address indexed caller,\n address indexed tokenIn,\n address indexed tokenOut,\n uint256 tokenAmountIn,\n uint256 tokenAmountOut\n );\n\n event LOG_JOIN(\n address indexed caller,\n address indexed tokenIn,\n uint256 tokenAmountIn\n );\n\n event LOG_EXIT(\n address indexed caller,\n address indexed tokenOut,\n uint256 tokenAmountOut\n );\n\n event LOG_CALL(\n bytes4 indexed sig,\n address indexed caller,\n bytes data\n ) anonymous;\n\n modifier _logs_() {\n emit LOG_CALL(msg.sig, msg.sender, msg.data);\n _;\n }\n\n modifier _lock_() {\n require(!_mutex, \"ERR_REENTRY\");\n _mutex = true;\n _;\n _mutex = false;\n }\n\n modifier _viewlock_() {\n require(!_mutex, \"ERR_REENTRY\");\n _;\n }\n\n bool private _mutex;\n\n address private _factory; // BFactory address to push token exitFee to\n address private _controller; // has CONTROL role\n bool private _publicSwap; // true if PUBLIC can call SWAP functions\n\n // `setSwapFee` and `finalize` require CONTROL\n // `finalize` sets `PUBLIC can SWAP`, `PUBLIC can JOIN`\n uint private _swapFee;\n bool private _finalized;\n\n address[] private _tokens;\n mapping(address=\u003eRecord) private _records;\n uint private _totalWeight;\n\n constructor() public {\n _controller = msg.sender;\n _factory = msg.sender;\n _swapFee = MIN_FEE;\n _publicSwap = false;\n _finalized = false;\n }\n\n function isPublicSwap()\n external view\n returns (bool)\n {\n return _publicSwap;\n }\n\n function isFinalized()\n external view\n returns (bool)\n {\n return _finalized;\n }\n\n function isBound(address t)\n external view\n returns (bool)\n {\n return _records[t].bound;\n }\n\n function getNumTokens()\n external view\n returns (uint) \n {\n return _tokens.length;\n }\n\n function getCurrentTokens()\n external view _viewlock_\n returns (address[] memory tokens)\n {\n return _tokens;\n }\n\n function getFinalTokens()\n external view\n _viewlock_\n returns (address[] memory tokens)\n {\n require(_finalized, \"ERR_NOT_FINALIZED\");\n return _tokens;\n }\n\n function getDenormalizedWeight(address token)\n external view\n _viewlock_\n returns (uint)\n {\n\n require(_records[token].bound, \"ERR_NOT_BOUND\");\n return _records[token].denorm;\n }\n\n function getTotalDenormalizedWeight()\n external view\n _viewlock_\n returns (uint)\n {\n return _totalWeight;\n }\n\n function getNormalizedWeight(address token)\n external view\n _viewlock_\n returns (uint)\n {\n\n require(_records[token].bound, \"ERR_NOT_BOUND\");\n uint denorm = _records[token].denorm;\n return bdiv(denorm, _totalWeight);\n }\n\n function getBalance(address token)\n external view\n _viewlock_\n returns (uint)\n {\n\n require(_records[token].bound, \"ERR_NOT_BOUND\");\n return _records[token].balance;\n }\n\n function getSwapFee()\n external view\n _viewlock_\n returns (uint)\n {\n return _swapFee;\n }\n\n function getController()\n external view\n _viewlock_\n returns (address)\n {\n return _controller;\n }\n\n function setSwapFee(uint swapFee)\n external\n _logs_\n _lock_\n { \n require(!_finalized, \"ERR_IS_FINALIZED\");\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n require(swapFee \u003e= MIN_FEE, \"ERR_MIN_FEE\");\n require(swapFee \u003c= MAX_FEE, \"ERR_MAX_FEE\");\n _swapFee = swapFee;\n }\n\n function setController(address manager)\n external\n _logs_\n _lock_\n {\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n _controller = manager;\n }\n\n function setPublicSwap(bool public_)\n external\n _logs_\n _lock_\n {\n require(!_finalized, \"ERR_IS_FINALIZED\");\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n _publicSwap = public_;\n }\n\n function finalize()\n external\n _logs_\n _lock_\n {\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n require(!_finalized, \"ERR_IS_FINALIZED\");\n require(_tokens.length \u003e= MIN_BOUND_TOKENS, \"ERR_MIN_TOKENS\");\n\n _finalized = true;\n _publicSwap = true;\n\n _mintPoolShare(INIT_POOL_SUPPLY);\n _pushPoolShare(msg.sender, INIT_POOL_SUPPLY);\n }\n\n\n function bind(address token, uint balance, uint denorm)\n external\n _logs_\n // _lock_ Bind does not lock because it jumps to `rebind`, which does\n {\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n require(!_records[token].bound, \"ERR_IS_BOUND\");\n require(!_finalized, \"ERR_IS_FINALIZED\");\n\n require(_tokens.length \u003c MAX_BOUND_TOKENS, \"ERR_MAX_TOKENS\");\n\n _records[token] = Record({\n bound: true,\n index: _tokens.length,\n denorm: 0, // balance and denorm will be validated\n balance: 0 // and set by `rebind`\n });\n _tokens.push(token);\n rebind(token, balance, denorm);\n }\n\n function rebind(address token, uint balance, uint denorm)\n public\n _logs_\n _lock_\n {\n\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n require(_records[token].bound, \"ERR_NOT_BOUND\");\n require(!_finalized, \"ERR_IS_FINALIZED\");\n\n require(denorm \u003e= MIN_WEIGHT, \"ERR_MIN_WEIGHT\");\n require(denorm \u003c= MAX_WEIGHT, \"ERR_MAX_WEIGHT\");\n require(balance \u003e= MIN_BALANCE, \"ERR_MIN_BALANCE\");\n\n // Adjust the denorm and totalWeight\n uint oldWeight = _records[token].denorm;\n if (denorm \u003e oldWeight) {\n _totalWeight = badd(_totalWeight, bsub(denorm, oldWeight));\n require(_totalWeight \u003c= MAX_TOTAL_WEIGHT, \"ERR_MAX_TOTAL_WEIGHT\");\n } else if (denorm \u003c oldWeight) {\n _totalWeight = bsub(_totalWeight, bsub(oldWeight, denorm));\n } \n _records[token].denorm = denorm;\n\n // Adjust the balance record and actual token balance\n uint oldBalance = _records[token].balance;\n _records[token].balance = balance;\n if (balance \u003e oldBalance) {\n _pullUnderlying(token, msg.sender, bsub(balance, oldBalance));\n } else if (balance \u003c oldBalance) {\n // In this case liquidity is being withdrawn, so charge EXIT_FEE\n uint tokenBalanceWithdrawn = bsub(oldBalance, balance);\n uint tokenExitFee = bmul(tokenBalanceWithdrawn, EXIT_FEE);\n _pushUnderlying(token, msg.sender, bsub(tokenBalanceWithdrawn, tokenExitFee));\n _pushUnderlying(token, _factory, tokenExitFee);\n }\n }\n\n function unbind(address token)\n external\n _logs_\n _lock_\n {\n\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n require(_records[token].bound, \"ERR_NOT_BOUND\");\n require(!_finalized, \"ERR_IS_FINALIZED\");\n\n uint tokenBalance = _records[token].balance;\n uint tokenExitFee = bmul(tokenBalance, EXIT_FEE);\n\n _totalWeight = bsub(_totalWeight, _records[token].denorm);\n\n // Swap the token-to-unbind with the last token,\n // then delete the last token\n uint index = _records[token].index;\n uint last = _tokens.length - 1;\n _tokens[index] = _tokens[last];\n _records[_tokens[index]].index = index;\n _tokens.pop();\n _records[token] = Record({\n bound: false,\n index: 0,\n denorm: 0,\n balance: 0\n });\n\n _pushUnderlying(token, msg.sender, bsub(tokenBalance, tokenExitFee));\n _pushUnderlying(token, _factory, tokenExitFee);\n }\n\n // Absorb any tokens that have been sent to this contract into the pool\n function gulp(address token)\n external\n _logs_\n _lock_\n {\n require(_records[token].bound, \"ERR_NOT_BOUND\");\n _records[token].balance = IERC20(token).balanceOf(address(this));\n }\n\n function getSpotPrice(address tokenIn, address tokenOut)\n external view\n _viewlock_\n returns (uint spotPrice)\n {\n require(_records[tokenIn].bound, \"ERR_NOT_BOUND\");\n require(_records[tokenOut].bound, \"ERR_NOT_BOUND\");\n Record storage inRecord = _records[tokenIn];\n Record storage outRecord = _records[tokenOut];\n return calcSpotPrice(inRecord.balance, inRecord.denorm, outRecord.balance, outRecord.denorm, _swapFee);\n }\n\n function getSpotPriceSansFee(address tokenIn, address tokenOut)\n external view\n _viewlock_\n returns (uint spotPrice)\n {\n require(_records[tokenIn].bound, \"ERR_NOT_BOUND\");\n require(_records[tokenOut].bound, \"ERR_NOT_BOUND\");\n Record storage inRecord = _records[tokenIn];\n Record storage outRecord = _records[tokenOut];\n return calcSpotPrice(inRecord.balance, inRecord.denorm, outRecord.balance, outRecord.denorm, 0);\n }\n\n function joinPool(uint poolAmountOut, uint[] calldata maxAmountsIn)\n external\n _logs_\n _lock_\n {\n require(_finalized, \"ERR_NOT_FINALIZED\");\n\n uint poolTotal = totalSupply();\n uint ratio = bdiv(poolAmountOut, poolTotal);\n require(ratio != 0, \"ERR_MATH_APPROX\");\n\n for (uint i = 0; i \u003c _tokens.length; i++) {\n address t = _tokens[i];\n uint bal = _records[t].balance;\n uint tokenAmountIn = bmul(ratio, bal);\n require(tokenAmountIn != 0, \"ERR_MATH_APPROX\");\n require(tokenAmountIn \u003c= maxAmountsIn[i], \"ERR_LIMIT_IN\");\n _records[t].balance = badd(_records[t].balance, tokenAmountIn);\n emit LOG_JOIN(msg.sender, t, tokenAmountIn);\n _pullUnderlying(t, msg.sender, tokenAmountIn);\n }\n _mintPoolShare(poolAmountOut);\n _pushPoolShare(msg.sender, poolAmountOut);\n }\n\n function exitPool(uint poolAmountIn, uint[] calldata minAmountsOut)\n external\n _logs_\n _lock_\n {\n require(_finalized, \"ERR_NOT_FINALIZED\");\n\n uint poolTotal = totalSupply();\n uint exitFee = bmul(poolAmountIn, EXIT_FEE);\n uint pAiAfterExitFee = bsub(poolAmountIn, exitFee);\n uint ratio = bdiv(pAiAfterExitFee, poolTotal);\n require(ratio != 0, \"ERR_MATH_APPROX\");\n\n _pullPoolShare(msg.sender, poolAmountIn);\n _pushPoolShare(_factory, exitFee);\n _burnPoolShare(pAiAfterExitFee);\n\n for (uint i = 0; i \u003c _tokens.length; i++) {\n address t = _tokens[i];\n uint bal = _records[t].balance;\n uint tokenAmountOut = bmul(ratio, bal);\n require(tokenAmountOut != 0, \"ERR_MATH_APPROX\");\n require(tokenAmountOut \u003e= minAmountsOut[i], \"ERR_LIMIT_OUT\");\n _records[t].balance = bsub(_records[t].balance, tokenAmountOut);\n emit LOG_EXIT(msg.sender, t, tokenAmountOut);\n _pushUnderlying(t, msg.sender, tokenAmountOut);\n }\n\n }\n\n\n function swapExactAmountIn(\n address tokenIn,\n uint tokenAmountIn,\n address tokenOut,\n uint minAmountOut,\n uint maxPrice\n )\n external\n _logs_\n _lock_\n returns (uint tokenAmountOut, uint spotPriceAfter)\n {\n\n require(_records[tokenIn].bound, \"ERR_NOT_BOUND\");\n require(_records[tokenOut].bound, \"ERR_NOT_BOUND\");\n require(_publicSwap, \"ERR_SWAP_NOT_PUBLIC\");\n\n Record storage inRecord = _records[address(tokenIn)];\n Record storage outRecord = _records[address(tokenOut)];\n\n require(tokenAmountIn \u003c= bmul(inRecord.balance, MAX_IN_RATIO), \"ERR_MAX_IN_RATIO\");\n\n uint spotPriceBefore = calcSpotPrice(\n inRecord.balance,\n inRecord.denorm,\n outRecord.balance,\n outRecord.denorm,\n _swapFee\n );\n require(spotPriceBefore \u003c= maxPrice, \"ERR_BAD_LIMIT_PRICE\");\n\n tokenAmountOut = calcOutGivenIn(\n inRecord.balance,\n inRecord.denorm,\n outRecord.balance,\n outRecord.denorm,\n tokenAmountIn,\n _swapFee\n );\n require(tokenAmountOut \u003e= minAmountOut, \"ERR_LIMIT_OUT\");\n\n inRecord.balance = badd(inRecord.balance, tokenAmountIn);\n outRecord.balance = bsub(outRecord.balance, tokenAmountOut);\n\n spotPriceAfter = calcSpotPrice(\n inRecord.balance,\n inRecord.denorm,\n outRecord.balance,\n outRecord.denorm,\n _swapFee\n );\n require(spotPriceAfter \u003e= spotPriceBefore, \"ERR_MATH_APPROX\"); \n require(spotPriceAfter \u003c= maxPrice, \"ERR_LIMIT_PRICE\");\n require(spotPriceBefore \u003c= bdiv(tokenAmountIn, tokenAmountOut), \"ERR_MATH_APPROX\");\n\n emit LOG_SWAP(msg.sender, tokenIn, tokenOut, tokenAmountIn, tokenAmountOut);\n\n _pullUnderlying(tokenIn, msg.sender, tokenAmountIn);\n _pushUnderlying(tokenOut, msg.sender, tokenAmountOut);\n\n return (tokenAmountOut, spotPriceAfter);\n }\n\n function swapExactAmountOut(\n address tokenIn,\n uint maxAmountIn,\n address tokenOut,\n uint tokenAmountOut,\n uint maxPrice\n )\n external\n _logs_\n _lock_ \n returns (uint tokenAmountIn, uint spotPriceAfter)\n {\n require(_records[tokenIn].bound, \"ERR_NOT_BOUND\");\n require(_records[tokenOut].bound, \"ERR_NOT_BOUND\");\n require(_publicSwap, \"ERR_SWAP_NOT_PUBLIC\");\n\n Record storage inRecord = _records[address(tokenIn)];\n Record storage outRecord = _records[address(tokenOut)];\n\n require(tokenAmountOut \u003c= bmul(outRecord.balance, MAX_OUT_RATIO), \"ERR_MAX_OUT_RATIO\");\n\n uint spotPriceBefore = calcSpotPrice(\n inRecord.balance,\n inRecord.denorm,\n outRecord.balance,\n outRecord.denorm,\n _swapFee\n );\n require(spotPriceBefore \u003c= maxPrice, \"ERR_BAD_LIMIT_PRICE\");\n\n tokenAmountIn = calcInGivenOut(\n inRecord.balance,\n inRecord.denorm,\n outRecord.balance,\n outRecord.denorm,\n tokenAmountOut,\n _swapFee\n );\n require(tokenAmountIn \u003c= maxAmountIn, \"ERR_LIMIT_IN\");\n\n inRecord.balance = badd(inRecord.balance, tokenAmountIn);\n outRecord.balance = bsub(outRecord.balance, tokenAmountOut);\n\n spotPriceAfter = calcSpotPrice(\n inRecord.balance,\n inRecord.denorm,\n outRecord.balance,\n outRecord.denorm,\n _swapFee\n );\n require(spotPriceAfter \u003e= spotPriceBefore, \"ERR_MATH_APPROX\");\n require(spotPriceAfter \u003c= maxPrice, \"ERR_LIMIT_PRICE\");\n require(spotPriceBefore \u003c= bdiv(tokenAmountIn, tokenAmountOut), \"ERR_MATH_APPROX\");\n\n emit LOG_SWAP(msg.sender, tokenIn, tokenOut, tokenAmountIn, tokenAmountOut);\n\n _pullUnderlying(tokenIn, msg.sender, tokenAmountIn);\n _pushUnderlying(tokenOut, msg.sender, tokenAmountOut);\n\n return (tokenAmountIn, spotPriceAfter);\n }\n\n\n function joinswapExternAmountIn(address tokenIn, uint tokenAmountIn, uint minPoolAmountOut)\n external\n _logs_\n _lock_\n returns (uint poolAmountOut)\n\n { \n require(_finalized, \"ERR_NOT_FINALIZED\");\n require(_records[tokenIn].bound, \"ERR_NOT_BOUND\");\n require(tokenAmountIn \u003c= bmul(_records[tokenIn].balance, MAX_IN_RATIO), \"ERR_MAX_IN_RATIO\");\n\n Record storage inRecord = _records[tokenIn];\n\n poolAmountOut = calcPoolOutGivenSingleIn(\n inRecord.balance,\n inRecord.denorm,\n _totalSupply,\n _totalWeight,\n tokenAmountIn,\n _swapFee\n );\n\n require(poolAmountOut \u003e= minPoolAmountOut, \"ERR_LIMIT_OUT\");\n\n inRecord.balance = badd(inRecord.balance, tokenAmountIn);\n\n emit LOG_JOIN(msg.sender, tokenIn, tokenAmountIn);\n\n _mintPoolShare(poolAmountOut);\n _pushPoolShare(msg.sender, poolAmountOut);\n _pullUnderlying(tokenIn, msg.sender, tokenAmountIn);\n\n return poolAmountOut;\n }\n\n function joinswapPoolAmountOut(address tokenIn, uint poolAmountOut, uint maxAmountIn)\n external\n _logs_\n _lock_\n returns (uint tokenAmountIn)\n {\n require(_finalized, \"ERR_NOT_FINALIZED\");\n require(_records[tokenIn].bound, \"ERR_NOT_BOUND\");\n\n Record storage inRecord = _records[tokenIn];\n\n tokenAmountIn = calcSingleInGivenPoolOut(\n inRecord.balance,\n inRecord.denorm,\n _totalSupply,\n _totalWeight,\n poolAmountOut,\n _swapFee\n );\n\n require(tokenAmountIn != 0, \"ERR_MATH_APPROX\");\n require(tokenAmountIn \u003c= maxAmountIn, \"ERR_LIMIT_IN\");\n \n require(tokenAmountIn \u003c= bmul(_records[tokenIn].balance, MAX_IN_RATIO), \"ERR_MAX_IN_RATIO\");\n\n inRecord.balance = badd(inRecord.balance, tokenAmountIn);\n\n emit LOG_JOIN(msg.sender, tokenIn, tokenAmountIn);\n\n _mintPoolShare(poolAmountOut);\n _pushPoolShare(msg.sender, poolAmountOut);\n _pullUnderlying(tokenIn, msg.sender, tokenAmountIn);\n\n return tokenAmountIn;\n }\n\n function exitswapPoolAmountIn(address tokenOut, uint poolAmountIn, uint minAmountOut)\n external\n _logs_\n _lock_\n returns (uint tokenAmountOut)\n {\n require(_finalized, \"ERR_NOT_FINALIZED\");\n require(_records[tokenOut].bound, \"ERR_NOT_BOUND\");\n\n Record storage outRecord = _records[tokenOut];\n\n tokenAmountOut = calcSingleOutGivenPoolIn(\n outRecord.balance,\n outRecord.denorm,\n _totalSupply,\n _totalWeight,\n poolAmountIn,\n _swapFee\n );\n\n require(tokenAmountOut \u003e= minAmountOut, \"ERR_LIMIT_OUT\");\n \n require(tokenAmountOut \u003c= bmul(_records[tokenOut].balance, MAX_OUT_RATIO), \"ERR_MAX_OUT_RATIO\");\n\n outRecord.balance = bsub(outRecord.balance, tokenAmountOut);\n\n uint exitFee = bmul(poolAmountIn, EXIT_FEE);\n\n emit LOG_EXIT(msg.sender, tokenOut, tokenAmountOut);\n\n _pullPoolShare(msg.sender, poolAmountIn);\n _burnPoolShare(bsub(poolAmountIn, exitFee));\n _pushPoolShare(_factory, exitFee);\n _pushUnderlying(tokenOut, msg.sender, tokenAmountOut);\n\n return tokenAmountOut;\n }\n\n function exitswapExternAmountOut(address tokenOut, uint tokenAmountOut, uint maxPoolAmountIn)\n external\n _logs_\n _lock_\n returns (uint poolAmountIn)\n {\n require(_finalized, \"ERR_NOT_FINALIZED\");\n require(_records[tokenOut].bound, \"ERR_NOT_BOUND\");\n require(tokenAmountOut \u003c= bmul(_records[tokenOut].balance, MAX_OUT_RATIO), \"ERR_MAX_OUT_RATIO\");\n\n Record storage outRecord = _records[tokenOut];\n\n poolAmountIn = calcPoolInGivenSingleOut(\n outRecord.balance,\n outRecord.denorm,\n _totalSupply,\n _totalWeight,\n tokenAmountOut,\n _swapFee\n );\n\n require(poolAmountIn != 0, \"ERR_MATH_APPROX\");\n require(poolAmountIn \u003c= maxPoolAmountIn, \"ERR_LIMIT_IN\");\n\n outRecord.balance = bsub(outRecord.balance, tokenAmountOut);\n\n uint exitFee = bmul(poolAmountIn, EXIT_FEE);\n\n emit LOG_EXIT(msg.sender, tokenOut, tokenAmountOut);\n\n _pullPoolShare(msg.sender, poolAmountIn);\n _burnPoolShare(bsub(poolAmountIn, exitFee));\n _pushPoolShare(_factory, exitFee);\n _pushUnderlying(tokenOut, msg.sender, tokenAmountOut); \n\n return poolAmountIn;\n }\n\n\n // ==\n // \u0027Underlying\u0027 token-manipulation functions make external calls but are NOT locked\n // You must `_lock_` or otherwise ensure reentry-safety\n\n function _pullUnderlying(address erc20, address from, uint amount)\n internal\n {\n bool xfer = IERC20(erc20).transferFrom(from, address(this), amount);\n require(xfer, \"ERR_ERC20_FALSE\");\n }\n\n function _pushUnderlying(address erc20, address to, uint amount)\n internal\n {\n bool xfer = IERC20(erc20).transfer(to, amount);\n require(xfer, \"ERR_ERC20_FALSE\");\n }\n\n function _pullPoolShare(address from, uint amount)\n internal\n {\n _pull(from, amount);\n }\n\n function _pushPoolShare(address to, uint amount)\n internal\n {\n _push(to, amount);\n }\n\n function _mintPoolShare(uint amount)\n internal\n {\n _mint(amount);\n }\n\n function _burnPoolShare(uint amount)\n internal\n {\n _burn(amount);\n }\n\n}\n"},"BToken.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is distributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\nimport \"./BNum.sol\";\n\n// Highly opinionated token implementation\n\ninterface IERC20 {\n event Approval(address indexed src, address indexed dst, uint amt);\n event Transfer(address indexed src, address indexed dst, uint amt);\n\n function totalSupply() external view returns (uint);\n function balanceOf(address whom) external view returns (uint);\n function allowance(address src, address dst) external view returns (uint);\n\n function approve(address dst, uint amt) external returns (bool);\n function transfer(address dst, uint amt) external returns (bool);\n function transferFrom(\n address src, address dst, uint amt\n ) external returns (bool);\n}\n\ncontract BTokenBase is BNum {\n\n mapping(address =\u003e uint) internal _balance;\n mapping(address =\u003e mapping(address=\u003euint)) internal _allowance;\n uint internal _totalSupply;\n\n event Approval(address indexed src, address indexed dst, uint amt);\n event Transfer(address indexed src, address indexed dst, uint amt);\n\n function _mint(uint amt) internal {\n _balance[address(this)] = badd(_balance[address(this)], amt);\n _totalSupply = badd(_totalSupply, amt);\n emit Transfer(address(0), address(this), amt);\n }\n\n function _burn(uint amt) internal {\n require(_balance[address(this)] \u003e= amt, \"ERR_INSUFFICIENT_BAL\");\n _balance[address(this)] = bsub(_balance[address(this)], amt);\n _totalSupply = bsub(_totalSupply, amt);\n emit Transfer(address(this), address(0), amt);\n }\n\n function _move(address src, address dst, uint amt) internal {\n require(_balance[src] \u003e= amt, \"ERR_INSUFFICIENT_BAL\");\n _balance[src] = bsub(_balance[src], amt);\n _balance[dst] = badd(_balance[dst], amt);\n emit Transfer(src, dst, amt);\n }\n\n function _push(address to, uint amt) internal {\n _move(address(this), to, amt);\n }\n\n function _pull(address from, uint amt) internal {\n _move(from, address(this), amt);\n }\n}\n\ncontract BToken is BTokenBase, IERC20 {\n\n string private _name = \"Balancer Pool Token\";\n string private _symbol = \"BPT\";\n uint8 private _decimals = 18;\n\n function name() public view returns (string memory) {\n return _name;\n }\n\n function symbol() public view returns (string memory) {\n return _symbol;\n }\n\n function decimals() public view returns(uint8) {\n return _decimals;\n }\n\n function allowance(address src, address dst) external view returns (uint) {\n return _allowance[src][dst];\n }\n\n function balanceOf(address whom) external view returns (uint) {\n return _balance[whom];\n }\n\n function totalSupply() public view returns (uint) {\n return _totalSupply;\n }\n\n function approve(address dst, uint amt) external returns (bool) {\n _allowance[msg.sender][dst] = amt;\n emit Approval(msg.sender, dst, amt);\n return true;\n }\n\n function increaseApproval(address dst, uint amt) external returns (bool) {\n _allowance[msg.sender][dst] = badd(_allowance[msg.sender][dst], amt);\n emit Approval(msg.sender, dst, _allowance[msg.sender][dst]);\n return true;\n }\n\n function decreaseApproval(address dst, uint amt) external returns (bool) {\n uint oldValue = _allowance[msg.sender][dst];\n if (amt \u003e oldValue) {\n _allowance[msg.sender][dst] = 0;\n } else {\n _allowance[msg.sender][dst] = bsub(oldValue, amt);\n }\n emit Approval(msg.sender, dst, _allowance[msg.sender][dst]);\n return true;\n }\n\n function transfer(address dst, uint amt) external returns (bool) {\n _move(msg.sender, dst, amt);\n return true;\n }\n\n function transferFrom(address src, address dst, uint amt) external returns (bool) {\n require(msg.sender == src || amt \u003c= _allowance[src][msg.sender], \"ERR_BTOKEN_BAD_CALLER\");\n _move(src, dst, amt);\n if (msg.sender != src \u0026\u0026 _allowance[src][msg.sender] != uint256(-1)) {\n _allowance[src][msg.sender] = bsub(_allowance[src][msg.sender], amt);\n emit Approval(msg.sender, dst, _allowance[src][msg.sender]);\n }\n return true;\n }\n}\n"}}File 2 of 5: BFactory
{"BColor.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is distributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\ncontract BColor {\n function getColor()\n external view\n returns (bytes32);\n}\n\ncontract BBronze is BColor {\n function getColor()\n external view\n returns (bytes32) {\n return bytes32(\"BRONZE\");\n }\n}\n"},"BConst.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is distributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\nimport \"./BColor.sol\";\n\ncontract BConst is BBronze {\n uint public constant BONE = 10**18;\n\n uint public constant MIN_BOUND_TOKENS = 2;\n uint public constant MAX_BOUND_TOKENS = 8;\n\n uint public constant MIN_FEE = BONE / 10**6;\n uint public constant MAX_FEE = BONE / 10;\n uint public constant EXIT_FEE = 0;\n\n uint public constant MIN_WEIGHT = BONE;\n uint public constant MAX_WEIGHT = BONE * 50;\n uint public constant MAX_TOTAL_WEIGHT = BONE * 50;\n uint public constant MIN_BALANCE = BONE / 10**12;\n\n uint public constant INIT_POOL_SUPPLY = BONE * 100;\n\n uint public constant MIN_BPOW_BASE = 1 wei;\n uint public constant MAX_BPOW_BASE = (2 * BONE) - 1 wei;\n uint public constant BPOW_PRECISION = BONE / 10**10;\n\n uint public constant MAX_IN_RATIO = BONE / 2;\n uint public constant MAX_OUT_RATIO = (BONE / 3) + 1 wei;\n}\n"},"BFactory.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is disstributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\n// Builds new BPools, logging their addresses and providing `isBPool(address) -\u003e (bool)`\n\nimport \"./BPool.sol\";\n\ncontract BFactory is BBronze {\n event LOG_NEW_POOL(\n address indexed caller,\n address indexed pool\n );\n\n event LOG_BLABS(\n address indexed caller,\n address indexed blabs\n );\n\n mapping(address=\u003ebool) private _isBPool;\n\n function isBPool(address b)\n external view returns (bool)\n {\n return _isBPool[b];\n }\n\n function newBPool()\n external\n returns (BPool)\n {\n BPool bpool = new BPool();\n _isBPool[address(bpool)] = true;\n emit LOG_NEW_POOL(msg.sender, address(bpool));\n bpool.setController(msg.sender);\n return bpool;\n }\n\n address private _blabs;\n\n constructor() public {\n _blabs = msg.sender;\n }\n\n function getBLabs()\n external view\n returns (address)\n {\n return _blabs;\n }\n\n function setBLabs(address b)\n external\n {\n require(msg.sender == _blabs, \"ERR_NOT_BLABS\");\n emit LOG_BLABS(msg.sender, b);\n _blabs = b;\n }\n\n function collect(BPool pool)\n external \n {\n require(msg.sender == _blabs, \"ERR_NOT_BLABS\");\n uint collected = IERC20(pool).balanceOf(address(this));\n bool xfer = pool.transfer(_blabs, collected);\n require(xfer, \"ERR_ERC20_FAILED\");\n }\n}\n"},"BMath.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is distributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\nimport \"./BNum.sol\";\n\ncontract BMath is BBronze, BConst, BNum {\n /**********************************************************************************************\n // calcSpotPrice //\n // sP = spotPrice //\n // bI = tokenBalanceIn ( bI / wI ) 1 //\n // bO = tokenBalanceOut sP = ----------- * ---------- //\n // wI = tokenWeightIn ( bO / wO ) ( 1 - sF ) //\n // wO = tokenWeightOut //\n // sF = swapFee //\n **********************************************************************************************/\n function calcSpotPrice(\n uint tokenBalanceIn,\n uint tokenWeightIn,\n uint tokenBalanceOut,\n uint tokenWeightOut,\n uint swapFee\n )\n public pure\n returns (uint spotPrice)\n {\n uint numer = bdiv(tokenBalanceIn, tokenWeightIn);\n uint denom = bdiv(tokenBalanceOut, tokenWeightOut);\n uint ratio = bdiv(numer, denom);\n uint scale = bdiv(BONE, bsub(BONE, swapFee));\n return (spotPrice = bmul(ratio, scale));\n }\n\n /**********************************************************************************************\n // calcOutGivenIn //\n // aO = tokenAmountOut //\n // bO = tokenBalanceOut //\n // bI = tokenBalanceIn / / bI \\ (wI / wO) \\ //\n // aI = tokenAmountIn aO = bO * | 1 - | -------------------------- | ^ | //\n // wI = tokenWeightIn \\ \\ ( bI + ( aI * ( 1 - sF )) / / //\n // wO = tokenWeightOut //\n // sF = swapFee //\n **********************************************************************************************/\n function calcOutGivenIn(\n uint tokenBalanceIn,\n uint tokenWeightIn,\n uint tokenBalanceOut,\n uint tokenWeightOut,\n uint tokenAmountIn,\n uint swapFee\n )\n public pure\n returns (uint tokenAmountOut)\n {\n uint weightRatio = bdiv(tokenWeightIn, tokenWeightOut);\n uint adjustedIn = bsub(BONE, swapFee);\n adjustedIn = bmul(tokenAmountIn, adjustedIn);\n uint y = bdiv(tokenBalanceIn, badd(tokenBalanceIn, adjustedIn));\n uint foo = bpow(y, weightRatio);\n uint bar = bsub(BONE, foo);\n tokenAmountOut = bmul(tokenBalanceOut, bar);\n return tokenAmountOut;\n }\n\n /**********************************************************************************************\n // calcInGivenOut //\n // aI = tokenAmountIn //\n // bO = tokenBalanceOut / / bO \\ (wO / wI) \\ //\n // bI = tokenBalanceIn bI * | | ------------ | ^ - 1 | //\n // aO = tokenAmountOut aI = \\ \\ ( bO - aO ) / / //\n // wI = tokenWeightIn -------------------------------------------- //\n // wO = tokenWeightOut ( 1 - sF ) //\n // sF = swapFee //\n **********************************************************************************************/\n function calcInGivenOut(\n uint tokenBalanceIn,\n uint tokenWeightIn,\n uint tokenBalanceOut,\n uint tokenWeightOut,\n uint tokenAmountOut,\n uint swapFee\n )\n public pure\n returns (uint tokenAmountIn)\n {\n uint weightRatio = bdiv(tokenWeightOut, tokenWeightIn);\n uint diff = bsub(tokenBalanceOut, tokenAmountOut);\n uint y = bdiv(tokenBalanceOut, diff);\n uint foo = bpow(y, weightRatio);\n foo = bsub(foo, BONE);\n tokenAmountIn = bsub(BONE, swapFee);\n tokenAmountIn = bdiv(bmul(tokenBalanceIn, foo), tokenAmountIn);\n return tokenAmountIn;\n }\n\n /**********************************************************************************************\n // calcPoolOutGivenSingleIn //\n // pAo = poolAmountOut / \\ //\n // tAi = tokenAmountIn /// / // wI \\ \\\\ \\ wI \\ //\n // wI = tokenWeightIn //| tAi *| 1 - || 1 - -- | * sF || + tBi \\ -- \\ //\n // tW = totalWeight pAo=|| \\ \\ \\\\ tW / // | ^ tW | * pS - pS //\n // tBi = tokenBalanceIn \\\\ ------------------------------------- / / //\n // pS = poolSupply \\\\ tBi / / //\n // sF = swapFee \\ / //\n **********************************************************************************************/\n function calcPoolOutGivenSingleIn(\n uint tokenBalanceIn,\n uint tokenWeightIn,\n uint poolSupply,\n uint totalWeight,\n uint tokenAmountIn,\n uint swapFee\n )\n public pure\n returns (uint poolAmountOut)\n {\n // Charge the trading fee for the proportion of tokenAi\n /// which is implicitly traded to the other pool tokens.\n // That proportion is (1- weightTokenIn)\n // tokenAiAfterFee = tAi * (1 - (1-weightTi) * poolFee);\n uint normalizedWeight = bdiv(tokenWeightIn, totalWeight);\n uint zaz = bmul(bsub(BONE, normalizedWeight), swapFee); \n uint tokenAmountInAfterFee = bmul(tokenAmountIn, bsub(BONE, zaz));\n\n uint newTokenBalanceIn = badd(tokenBalanceIn, tokenAmountInAfterFee);\n uint tokenInRatio = bdiv(newTokenBalanceIn, tokenBalanceIn);\n\n // uint newPoolSupply = (ratioTi ^ weightTi) * poolSupply;\n uint poolRatio = bpow(tokenInRatio, normalizedWeight);\n uint newPoolSupply = bmul(poolRatio, poolSupply);\n poolAmountOut = bsub(newPoolSupply, poolSupply);\n return poolAmountOut;\n }\n\n /**********************************************************************************************\n // calcSingleInGivenPoolOut //\n // tAi = tokenAmountIn //(pS + pAo)\\ / 1 \\\\ //\n // pS = poolSupply || --------- | ^ | --------- || * bI - bI //\n // pAo = poolAmountOut \\\\ pS / \\(wI / tW)// //\n // bI = balanceIn tAi = -------------------------------------------- //\n // wI = weightIn / wI \\ //\n // tW = totalWeight | 1 - ---- | * sF //\n // sF = swapFee \\ tW / //\n **********************************************************************************************/\n function calcSingleInGivenPoolOut(\n uint tokenBalanceIn,\n uint tokenWeightIn,\n uint poolSupply,\n uint totalWeight,\n uint poolAmountOut,\n uint swapFee\n )\n public pure\n returns (uint tokenAmountIn)\n {\n uint normalizedWeight = bdiv(tokenWeightIn, totalWeight);\n uint newPoolSupply = badd(poolSupply, poolAmountOut);\n uint poolRatio = bdiv(newPoolSupply, poolSupply);\n \n //uint newBalTi = poolRatio^(1/weightTi) * balTi;\n uint boo = bdiv(BONE, normalizedWeight); \n uint tokenInRatio = bpow(poolRatio, boo);\n uint newTokenBalanceIn = bmul(tokenInRatio, tokenBalanceIn);\n uint tokenAmountInAfterFee = bsub(newTokenBalanceIn, tokenBalanceIn);\n // Do reverse order of fees charged in joinswap_ExternAmountIn, this way \n // ``` pAo == joinswap_ExternAmountIn(Ti, joinswap_PoolAmountOut(pAo, Ti)) ```\n //uint tAi = tAiAfterFee / (1 - (1-weightTi) * swapFee) ;\n uint zar = bmul(bsub(BONE, normalizedWeight), swapFee);\n tokenAmountIn = bdiv(tokenAmountInAfterFee, bsub(BONE, zar));\n return tokenAmountIn;\n }\n\n /**********************************************************************************************\n // calcSingleOutGivenPoolIn //\n // tAo = tokenAmountOut / / \\\\ //\n // bO = tokenBalanceOut / // pS - (pAi * (1 - eF)) \\ / 1 \\ \\\\ //\n // pAi = poolAmountIn | bO - || ----------------------- | ^ | --------- | * b0 || //\n // ps = poolSupply \\ \\\\ pS / \\(wO / tW)/ // //\n // wI = tokenWeightIn tAo = \\ \\ // //\n // tW = totalWeight / / wO \\ \\ //\n // sF = swapFee * | 1 - | 1 - ---- | * sF | //\n // eF = exitFee \\ \\ tW / / //\n **********************************************************************************************/\n function calcSingleOutGivenPoolIn(\n uint tokenBalanceOut,\n uint tokenWeightOut,\n uint poolSupply,\n uint totalWeight,\n uint poolAmountIn,\n uint swapFee\n )\n public pure\n returns (uint tokenAmountOut)\n {\n uint normalizedWeight = bdiv(tokenWeightOut, totalWeight);\n // charge exit fee on the pool token side\n // pAiAfterExitFee = pAi*(1-exitFee)\n uint poolAmountInAfterExitFee = bmul(poolAmountIn, bsub(BONE, EXIT_FEE));\n uint newPoolSupply = bsub(poolSupply, poolAmountInAfterExitFee);\n uint poolRatio = bdiv(newPoolSupply, poolSupply);\n \n // newBalTo = poolRatio^(1/weightTo) * balTo;\n uint tokenOutRatio = bpow(poolRatio, bdiv(BONE, normalizedWeight));\n uint newTokenBalanceOut = bmul(tokenOutRatio, tokenBalanceOut);\n\n uint tokenAmountOutBeforeSwapFee = bsub(tokenBalanceOut, newTokenBalanceOut);\n\n // charge swap fee on the output token side \n //uint tAo = tAoBeforeSwapFee * (1 - (1-weightTo) * swapFee)\n uint zaz = bmul(bsub(BONE, normalizedWeight), swapFee); \n tokenAmountOut = bmul(tokenAmountOutBeforeSwapFee, bsub(BONE, zaz));\n return tokenAmountOut;\n }\n\n /**********************************************************************************************\n // calcPoolInGivenSingleOut //\n // pAi = poolAmountIn // / tAo \\\\ / wO \\ \\ //\n // bO = tokenBalanceOut // | bO - -------------------------- |\\ | ---- | \\ //\n // tAo = tokenAmountOut pS - || \\ 1 - ((1 - (tO / tW)) * sF)/ | ^ \\ tW / * pS | //\n // ps = poolSupply \\\\ -----------------------------------/ / //\n // wO = tokenWeightOut pAi = \\\\ bO / / //\n // tW = totalWeight ------------------------------------------------------------- //\n // sF = swapFee ( 1 - eF ) //\n // eF = exitFee //\n **********************************************************************************************/\n function calcPoolInGivenSingleOut(\n uint tokenBalanceOut,\n uint tokenWeightOut,\n uint poolSupply,\n uint totalWeight,\n uint tokenAmountOut,\n uint swapFee\n )\n public pure\n returns (uint poolAmountIn)\n {\n\n // charge swap fee on the output token side \n uint normalizedWeight = bdiv(tokenWeightOut, totalWeight);\n //uint tAoBeforeSwapFee = tAo / (1 - (1-weightTo) * swapFee) ;\n uint zoo = bsub(BONE, normalizedWeight);\n uint zar = bmul(zoo, swapFee); \n uint tokenAmountOutBeforeSwapFee = bdiv(tokenAmountOut, bsub(BONE, zar));\n\n uint newTokenBalanceOut = bsub(tokenBalanceOut, tokenAmountOutBeforeSwapFee);\n uint tokenOutRatio = bdiv(newTokenBalanceOut, tokenBalanceOut);\n\n //uint newPoolSupply = (ratioTo ^ weightTo) * poolSupply;\n uint poolRatio = bpow(tokenOutRatio, normalizedWeight);\n uint newPoolSupply = bmul(poolRatio, poolSupply);\n uint poolAmountInAfterExitFee = bsub(poolSupply, newPoolSupply);\n\n // charge exit fee on the pool token side\n // pAi = pAiAfterExitFee/(1-exitFee)\n poolAmountIn = bdiv(poolAmountInAfterExitFee, bsub(BONE, EXIT_FEE));\n return poolAmountIn;\n }\n\n\n}\n"},"BNum.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is distributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\nimport \"./BConst.sol\";\n\ncontract BNum is BConst {\n\n function btoi(uint a)\n internal pure \n returns (uint)\n {\n return a / BONE;\n }\n\n function bfloor(uint a)\n internal pure\n returns (uint)\n {\n return btoi(a) * BONE;\n }\n\n function badd(uint a, uint b)\n internal pure\n returns (uint)\n {\n uint c = a + b;\n require(c \u003e= a, \"ERR_ADD_OVERFLOW\");\n return c;\n }\n\n function bsub(uint a, uint b)\n internal pure\n returns (uint)\n {\n (uint c, bool flag) = bsubSign(a, b);\n require(!flag, \"ERR_SUB_UNDERFLOW\");\n return c;\n }\n\n function bsubSign(uint a, uint b)\n internal pure\n returns (uint, bool)\n {\n if (a \u003e= b) {\n return (a - b, false);\n } else {\n return (b - a, true);\n }\n }\n\n function bmul(uint a, uint b)\n internal pure\n returns (uint)\n {\n uint c0 = a * b;\n require(a == 0 || c0 / a == b, \"ERR_MUL_OVERFLOW\");\n uint c1 = c0 + (BONE / 2);\n require(c1 \u003e= c0, \"ERR_MUL_OVERFLOW\");\n uint c2 = c1 / BONE;\n return c2;\n }\n\n function bdiv(uint a, uint b)\n internal pure\n returns (uint)\n {\n require(b != 0, \"ERR_DIV_ZERO\");\n uint c0 = a * BONE;\n require(a == 0 || c0 / a == BONE, \"ERR_DIV_INTERNAL\"); // bmul overflow\n uint c1 = c0 + (b / 2);\n require(c1 \u003e= c0, \"ERR_DIV_INTERNAL\"); // badd require\n uint c2 = c1 / b;\n return c2;\n }\n\n // DSMath.wpow\n function bpowi(uint a, uint n)\n internal pure\n returns (uint)\n {\n uint z = n % 2 != 0 ? a : BONE;\n\n for (n /= 2; n != 0; n /= 2) {\n a = bmul(a, a);\n\n if (n % 2 != 0) {\n z = bmul(z, a);\n }\n }\n return z;\n }\n\n // Compute b^(e.w) by splitting it into (b^e)*(b^0.w).\n // Use `bpowi` for `b^e` and `bpowK` for k iterations\n // of approximation of b^0.w\n function bpow(uint base, uint exp)\n internal pure\n returns (uint)\n {\n require(base \u003e= MIN_BPOW_BASE, \"ERR_BPOW_BASE_TOO_LOW\");\n require(base \u003c= MAX_BPOW_BASE, \"ERR_BPOW_BASE_TOO_HIGH\");\n\n uint whole = bfloor(exp); \n uint remain = bsub(exp, whole);\n\n uint wholePow = bpowi(base, btoi(whole));\n\n if (remain == 0) {\n return wholePow;\n }\n\n uint partialResult = bpowApprox(base, remain, BPOW_PRECISION);\n return bmul(wholePow, partialResult);\n }\n\n function bpowApprox(uint base, uint exp, uint precision)\n internal pure\n returns (uint)\n {\n // term 0:\n uint a = exp;\n (uint x, bool xneg) = bsubSign(base, BONE);\n uint term = BONE;\n uint sum = term;\n bool negative = false;\n\n\n // term(k) = numer / denom \n // = (product(a - i - 1, i=1--\u003ek) * x^k) / (k!)\n // each iteration, multiply previous term by (a-(k-1)) * x / k\n // continue until term is less than precision\n for (uint i = 1; term \u003e= precision; i++) {\n uint bigK = i * BONE;\n (uint c, bool cneg) = bsubSign(a, bsub(bigK, BONE));\n term = bmul(term, bmul(c, x));\n term = bdiv(term, bigK);\n if (term == 0) break;\n\n if (xneg) negative = !negative;\n if (cneg) negative = !negative;\n if (negative) {\n sum = bsub(sum, term);\n } else {\n sum = badd(sum, term);\n }\n }\n\n return sum;\n }\n\n}\n"},"BPool.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is distributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\nimport \"./BToken.sol\";\nimport \"./BMath.sol\";\n\ncontract BPool is BBronze, BToken, BMath {\n\n struct Record {\n bool bound; // is token bound to pool\n uint index; // private\n uint denorm; // denormalized weight\n uint balance;\n }\n\n event LOG_SWAP(\n address indexed caller,\n address indexed tokenIn,\n address indexed tokenOut,\n uint256 tokenAmountIn,\n uint256 tokenAmountOut\n );\n\n event LOG_JOIN(\n address indexed caller,\n address indexed tokenIn,\n uint256 tokenAmountIn\n );\n\n event LOG_EXIT(\n address indexed caller,\n address indexed tokenOut,\n uint256 tokenAmountOut\n );\n\n event LOG_CALL(\n bytes4 indexed sig,\n address indexed caller,\n bytes data\n ) anonymous;\n\n modifier _logs_() {\n emit LOG_CALL(msg.sig, msg.sender, msg.data);\n _;\n }\n\n modifier _lock_() {\n require(!_mutex, \"ERR_REENTRY\");\n _mutex = true;\n _;\n _mutex = false;\n }\n\n modifier _viewlock_() {\n require(!_mutex, \"ERR_REENTRY\");\n _;\n }\n\n bool private _mutex;\n\n address private _factory; // BFactory address to push token exitFee to\n address private _controller; // has CONTROL role\n bool private _publicSwap; // true if PUBLIC can call SWAP functions\n\n // `setSwapFee` and `finalize` require CONTROL\n // `finalize` sets `PUBLIC can SWAP`, `PUBLIC can JOIN`\n uint private _swapFee;\n bool private _finalized;\n\n address[] private _tokens;\n mapping(address=\u003eRecord) private _records;\n uint private _totalWeight;\n\n constructor() public {\n _controller = msg.sender;\n _factory = msg.sender;\n _swapFee = MIN_FEE;\n _publicSwap = false;\n _finalized = false;\n }\n\n function isPublicSwap()\n external view\n returns (bool)\n {\n return _publicSwap;\n }\n\n function isFinalized()\n external view\n returns (bool)\n {\n return _finalized;\n }\n\n function isBound(address t)\n external view\n returns (bool)\n {\n return _records[t].bound;\n }\n\n function getNumTokens()\n external view\n returns (uint) \n {\n return _tokens.length;\n }\n\n function getCurrentTokens()\n external view _viewlock_\n returns (address[] memory tokens)\n {\n return _tokens;\n }\n\n function getFinalTokens()\n external view\n _viewlock_\n returns (address[] memory tokens)\n {\n require(_finalized, \"ERR_NOT_FINALIZED\");\n return _tokens;\n }\n\n function getDenormalizedWeight(address token)\n external view\n _viewlock_\n returns (uint)\n {\n\n require(_records[token].bound, \"ERR_NOT_BOUND\");\n return _records[token].denorm;\n }\n\n function getTotalDenormalizedWeight()\n external view\n _viewlock_\n returns (uint)\n {\n return _totalWeight;\n }\n\n function getNormalizedWeight(address token)\n external view\n _viewlock_\n returns (uint)\n {\n\n require(_records[token].bound, \"ERR_NOT_BOUND\");\n uint denorm = _records[token].denorm;\n return bdiv(denorm, _totalWeight);\n }\n\n function getBalance(address token)\n external view\n _viewlock_\n returns (uint)\n {\n\n require(_records[token].bound, \"ERR_NOT_BOUND\");\n return _records[token].balance;\n }\n\n function getSwapFee()\n external view\n _viewlock_\n returns (uint)\n {\n return _swapFee;\n }\n\n function getController()\n external view\n _viewlock_\n returns (address)\n {\n return _controller;\n }\n\n function setSwapFee(uint swapFee)\n external\n _logs_\n _lock_\n { \n require(!_finalized, \"ERR_IS_FINALIZED\");\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n require(swapFee \u003e= MIN_FEE, \"ERR_MIN_FEE\");\n require(swapFee \u003c= MAX_FEE, \"ERR_MAX_FEE\");\n _swapFee = swapFee;\n }\n\n function setController(address manager)\n external\n _logs_\n _lock_\n {\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n _controller = manager;\n }\n\n function setPublicSwap(bool public_)\n external\n _logs_\n _lock_\n {\n require(!_finalized, \"ERR_IS_FINALIZED\");\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n _publicSwap = public_;\n }\n\n function finalize()\n external\n _logs_\n _lock_\n {\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n require(!_finalized, \"ERR_IS_FINALIZED\");\n require(_tokens.length \u003e= MIN_BOUND_TOKENS, \"ERR_MIN_TOKENS\");\n\n _finalized = true;\n _publicSwap = true;\n\n _mintPoolShare(INIT_POOL_SUPPLY);\n _pushPoolShare(msg.sender, INIT_POOL_SUPPLY);\n }\n\n\n function bind(address token, uint balance, uint denorm)\n external\n _logs_\n // _lock_ Bind does not lock because it jumps to `rebind`, which does\n {\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n require(!_records[token].bound, \"ERR_IS_BOUND\");\n require(!_finalized, \"ERR_IS_FINALIZED\");\n\n require(_tokens.length \u003c MAX_BOUND_TOKENS, \"ERR_MAX_TOKENS\");\n\n _records[token] = Record({\n bound: true,\n index: _tokens.length,\n denorm: 0, // balance and denorm will be validated\n balance: 0 // and set by `rebind`\n });\n _tokens.push(token);\n rebind(token, balance, denorm);\n }\n\n function rebind(address token, uint balance, uint denorm)\n public\n _logs_\n _lock_\n {\n\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n require(_records[token].bound, \"ERR_NOT_BOUND\");\n require(!_finalized, \"ERR_IS_FINALIZED\");\n\n require(denorm \u003e= MIN_WEIGHT, \"ERR_MIN_WEIGHT\");\n require(denorm \u003c= MAX_WEIGHT, \"ERR_MAX_WEIGHT\");\n require(balance \u003e= MIN_BALANCE, \"ERR_MIN_BALANCE\");\n\n // Adjust the denorm and totalWeight\n uint oldWeight = _records[token].denorm;\n if (denorm \u003e oldWeight) {\n _totalWeight = badd(_totalWeight, bsub(denorm, oldWeight));\n require(_totalWeight \u003c= MAX_TOTAL_WEIGHT, \"ERR_MAX_TOTAL_WEIGHT\");\n } else if (denorm \u003c oldWeight) {\n _totalWeight = bsub(_totalWeight, bsub(oldWeight, denorm));\n } \n _records[token].denorm = denorm;\n\n // Adjust the balance record and actual token balance\n uint oldBalance = _records[token].balance;\n _records[token].balance = balance;\n if (balance \u003e oldBalance) {\n _pullUnderlying(token, msg.sender, bsub(balance, oldBalance));\n } else if (balance \u003c oldBalance) {\n // In this case liquidity is being withdrawn, so charge EXIT_FEE\n uint tokenBalanceWithdrawn = bsub(oldBalance, balance);\n uint tokenExitFee = bmul(tokenBalanceWithdrawn, EXIT_FEE);\n _pushUnderlying(token, msg.sender, bsub(tokenBalanceWithdrawn, tokenExitFee));\n _pushUnderlying(token, _factory, tokenExitFee);\n }\n }\n\n function unbind(address token)\n external\n _logs_\n _lock_\n {\n\n require(msg.sender == _controller, \"ERR_NOT_CONTROLLER\");\n require(_records[token].bound, \"ERR_NOT_BOUND\");\n require(!_finalized, \"ERR_IS_FINALIZED\");\n\n uint tokenBalance = _records[token].balance;\n uint tokenExitFee = bmul(tokenBalance, EXIT_FEE);\n\n _totalWeight = bsub(_totalWeight, _records[token].denorm);\n\n // Swap the token-to-unbind with the last token,\n // then delete the last token\n uint index = _records[token].index;\n uint last = _tokens.length - 1;\n _tokens[index] = _tokens[last];\n _records[_tokens[index]].index = index;\n _tokens.pop();\n _records[token] = Record({\n bound: false,\n index: 0,\n denorm: 0,\n balance: 0\n });\n\n _pushUnderlying(token, msg.sender, bsub(tokenBalance, tokenExitFee));\n _pushUnderlying(token, _factory, tokenExitFee);\n }\n\n // Absorb any tokens that have been sent to this contract into the pool\n function gulp(address token)\n external\n _logs_\n _lock_\n {\n require(_records[token].bound, \"ERR_NOT_BOUND\");\n _records[token].balance = IERC20(token).balanceOf(address(this));\n }\n\n function getSpotPrice(address tokenIn, address tokenOut)\n external view\n _viewlock_\n returns (uint spotPrice)\n {\n require(_records[tokenIn].bound, \"ERR_NOT_BOUND\");\n require(_records[tokenOut].bound, \"ERR_NOT_BOUND\");\n Record storage inRecord = _records[tokenIn];\n Record storage outRecord = _records[tokenOut];\n return calcSpotPrice(inRecord.balance, inRecord.denorm, outRecord.balance, outRecord.denorm, _swapFee);\n }\n\n function getSpotPriceSansFee(address tokenIn, address tokenOut)\n external view\n _viewlock_\n returns (uint spotPrice)\n {\n require(_records[tokenIn].bound, \"ERR_NOT_BOUND\");\n require(_records[tokenOut].bound, \"ERR_NOT_BOUND\");\n Record storage inRecord = _records[tokenIn];\n Record storage outRecord = _records[tokenOut];\n return calcSpotPrice(inRecord.balance, inRecord.denorm, outRecord.balance, outRecord.denorm, 0);\n }\n\n function joinPool(uint poolAmountOut, uint[] calldata maxAmountsIn)\n external\n _logs_\n _lock_\n {\n require(_finalized, \"ERR_NOT_FINALIZED\");\n\n uint poolTotal = totalSupply();\n uint ratio = bdiv(poolAmountOut, poolTotal);\n require(ratio != 0, \"ERR_MATH_APPROX\");\n\n for (uint i = 0; i \u003c _tokens.length; i++) {\n address t = _tokens[i];\n uint bal = _records[t].balance;\n uint tokenAmountIn = bmul(ratio, bal);\n require(tokenAmountIn != 0, \"ERR_MATH_APPROX\");\n require(tokenAmountIn \u003c= maxAmountsIn[i], \"ERR_LIMIT_IN\");\n _records[t].balance = badd(_records[t].balance, tokenAmountIn);\n emit LOG_JOIN(msg.sender, t, tokenAmountIn);\n _pullUnderlying(t, msg.sender, tokenAmountIn);\n }\n _mintPoolShare(poolAmountOut);\n _pushPoolShare(msg.sender, poolAmountOut);\n }\n\n function exitPool(uint poolAmountIn, uint[] calldata minAmountsOut)\n external\n _logs_\n _lock_\n {\n require(_finalized, \"ERR_NOT_FINALIZED\");\n\n uint poolTotal = totalSupply();\n uint exitFee = bmul(poolAmountIn, EXIT_FEE);\n uint pAiAfterExitFee = bsub(poolAmountIn, exitFee);\n uint ratio = bdiv(pAiAfterExitFee, poolTotal);\n require(ratio != 0, \"ERR_MATH_APPROX\");\n\n _pullPoolShare(msg.sender, poolAmountIn);\n _pushPoolShare(_factory, exitFee);\n _burnPoolShare(pAiAfterExitFee);\n\n for (uint i = 0; i \u003c _tokens.length; i++) {\n address t = _tokens[i];\n uint bal = _records[t].balance;\n uint tokenAmountOut = bmul(ratio, bal);\n require(tokenAmountOut != 0, \"ERR_MATH_APPROX\");\n require(tokenAmountOut \u003e= minAmountsOut[i], \"ERR_LIMIT_OUT\");\n _records[t].balance = bsub(_records[t].balance, tokenAmountOut);\n emit LOG_EXIT(msg.sender, t, tokenAmountOut);\n _pushUnderlying(t, msg.sender, tokenAmountOut);\n }\n\n }\n\n\n function swapExactAmountIn(\n address tokenIn,\n uint tokenAmountIn,\n address tokenOut,\n uint minAmountOut,\n uint maxPrice\n )\n external\n _logs_\n _lock_\n returns (uint tokenAmountOut, uint spotPriceAfter)\n {\n\n require(_records[tokenIn].bound, \"ERR_NOT_BOUND\");\n require(_records[tokenOut].bound, \"ERR_NOT_BOUND\");\n require(_publicSwap, \"ERR_SWAP_NOT_PUBLIC\");\n\n Record storage inRecord = _records[address(tokenIn)];\n Record storage outRecord = _records[address(tokenOut)];\n\n require(tokenAmountIn \u003c= bmul(inRecord.balance, MAX_IN_RATIO), \"ERR_MAX_IN_RATIO\");\n\n uint spotPriceBefore = calcSpotPrice(\n inRecord.balance,\n inRecord.denorm,\n outRecord.balance,\n outRecord.denorm,\n _swapFee\n );\n require(spotPriceBefore \u003c= maxPrice, \"ERR_BAD_LIMIT_PRICE\");\n\n tokenAmountOut = calcOutGivenIn(\n inRecord.balance,\n inRecord.denorm,\n outRecord.balance,\n outRecord.denorm,\n tokenAmountIn,\n _swapFee\n );\n require(tokenAmountOut \u003e= minAmountOut, \"ERR_LIMIT_OUT\");\n\n inRecord.balance = badd(inRecord.balance, tokenAmountIn);\n outRecord.balance = bsub(outRecord.balance, tokenAmountOut);\n\n spotPriceAfter = calcSpotPrice(\n inRecord.balance,\n inRecord.denorm,\n outRecord.balance,\n outRecord.denorm,\n _swapFee\n );\n require(spotPriceAfter \u003e= spotPriceBefore, \"ERR_MATH_APPROX\"); \n require(spotPriceAfter \u003c= maxPrice, \"ERR_LIMIT_PRICE\");\n require(spotPriceBefore \u003c= bdiv(tokenAmountIn, tokenAmountOut), \"ERR_MATH_APPROX\");\n\n emit LOG_SWAP(msg.sender, tokenIn, tokenOut, tokenAmountIn, tokenAmountOut);\n\n _pullUnderlying(tokenIn, msg.sender, tokenAmountIn);\n _pushUnderlying(tokenOut, msg.sender, tokenAmountOut);\n\n return (tokenAmountOut, spotPriceAfter);\n }\n\n function swapExactAmountOut(\n address tokenIn,\n uint maxAmountIn,\n address tokenOut,\n uint tokenAmountOut,\n uint maxPrice\n )\n external\n _logs_\n _lock_ \n returns (uint tokenAmountIn, uint spotPriceAfter)\n {\n require(_records[tokenIn].bound, \"ERR_NOT_BOUND\");\n require(_records[tokenOut].bound, \"ERR_NOT_BOUND\");\n require(_publicSwap, \"ERR_SWAP_NOT_PUBLIC\");\n\n Record storage inRecord = _records[address(tokenIn)];\n Record storage outRecord = _records[address(tokenOut)];\n\n require(tokenAmountOut \u003c= bmul(outRecord.balance, MAX_OUT_RATIO), \"ERR_MAX_OUT_RATIO\");\n\n uint spotPriceBefore = calcSpotPrice(\n inRecord.balance,\n inRecord.denorm,\n outRecord.balance,\n outRecord.denorm,\n _swapFee\n );\n require(spotPriceBefore \u003c= maxPrice, \"ERR_BAD_LIMIT_PRICE\");\n\n tokenAmountIn = calcInGivenOut(\n inRecord.balance,\n inRecord.denorm,\n outRecord.balance,\n outRecord.denorm,\n tokenAmountOut,\n _swapFee\n );\n require(tokenAmountIn \u003c= maxAmountIn, \"ERR_LIMIT_IN\");\n\n inRecord.balance = badd(inRecord.balance, tokenAmountIn);\n outRecord.balance = bsub(outRecord.balance, tokenAmountOut);\n\n spotPriceAfter = calcSpotPrice(\n inRecord.balance,\n inRecord.denorm,\n outRecord.balance,\n outRecord.denorm,\n _swapFee\n );\n require(spotPriceAfter \u003e= spotPriceBefore, \"ERR_MATH_APPROX\");\n require(spotPriceAfter \u003c= maxPrice, \"ERR_LIMIT_PRICE\");\n require(spotPriceBefore \u003c= bdiv(tokenAmountIn, tokenAmountOut), \"ERR_MATH_APPROX\");\n\n emit LOG_SWAP(msg.sender, tokenIn, tokenOut, tokenAmountIn, tokenAmountOut);\n\n _pullUnderlying(tokenIn, msg.sender, tokenAmountIn);\n _pushUnderlying(tokenOut, msg.sender, tokenAmountOut);\n\n return (tokenAmountIn, spotPriceAfter);\n }\n\n\n function joinswapExternAmountIn(address tokenIn, uint tokenAmountIn, uint minPoolAmountOut)\n external\n _logs_\n _lock_\n returns (uint poolAmountOut)\n\n { \n require(_finalized, \"ERR_NOT_FINALIZED\");\n require(_records[tokenIn].bound, \"ERR_NOT_BOUND\");\n require(tokenAmountIn \u003c= bmul(_records[tokenIn].balance, MAX_IN_RATIO), \"ERR_MAX_IN_RATIO\");\n\n Record storage inRecord = _records[tokenIn];\n\n poolAmountOut = calcPoolOutGivenSingleIn(\n inRecord.balance,\n inRecord.denorm,\n _totalSupply,\n _totalWeight,\n tokenAmountIn,\n _swapFee\n );\n\n require(poolAmountOut \u003e= minPoolAmountOut, \"ERR_LIMIT_OUT\");\n\n inRecord.balance = badd(inRecord.balance, tokenAmountIn);\n\n emit LOG_JOIN(msg.sender, tokenIn, tokenAmountIn);\n\n _mintPoolShare(poolAmountOut);\n _pushPoolShare(msg.sender, poolAmountOut);\n _pullUnderlying(tokenIn, msg.sender, tokenAmountIn);\n\n return poolAmountOut;\n }\n\n function joinswapPoolAmountOut(address tokenIn, uint poolAmountOut, uint maxAmountIn)\n external\n _logs_\n _lock_\n returns (uint tokenAmountIn)\n {\n require(_finalized, \"ERR_NOT_FINALIZED\");\n require(_records[tokenIn].bound, \"ERR_NOT_BOUND\");\n\n Record storage inRecord = _records[tokenIn];\n\n tokenAmountIn = calcSingleInGivenPoolOut(\n inRecord.balance,\n inRecord.denorm,\n _totalSupply,\n _totalWeight,\n poolAmountOut,\n _swapFee\n );\n\n require(tokenAmountIn != 0, \"ERR_MATH_APPROX\");\n require(tokenAmountIn \u003c= maxAmountIn, \"ERR_LIMIT_IN\");\n \n require(tokenAmountIn \u003c= bmul(_records[tokenIn].balance, MAX_IN_RATIO), \"ERR_MAX_IN_RATIO\");\n\n inRecord.balance = badd(inRecord.balance, tokenAmountIn);\n\n emit LOG_JOIN(msg.sender, tokenIn, tokenAmountIn);\n\n _mintPoolShare(poolAmountOut);\n _pushPoolShare(msg.sender, poolAmountOut);\n _pullUnderlying(tokenIn, msg.sender, tokenAmountIn);\n\n return tokenAmountIn;\n }\n\n function exitswapPoolAmountIn(address tokenOut, uint poolAmountIn, uint minAmountOut)\n external\n _logs_\n _lock_\n returns (uint tokenAmountOut)\n {\n require(_finalized, \"ERR_NOT_FINALIZED\");\n require(_records[tokenOut].bound, \"ERR_NOT_BOUND\");\n\n Record storage outRecord = _records[tokenOut];\n\n tokenAmountOut = calcSingleOutGivenPoolIn(\n outRecord.balance,\n outRecord.denorm,\n _totalSupply,\n _totalWeight,\n poolAmountIn,\n _swapFee\n );\n\n require(tokenAmountOut \u003e= minAmountOut, \"ERR_LIMIT_OUT\");\n \n require(tokenAmountOut \u003c= bmul(_records[tokenOut].balance, MAX_OUT_RATIO), \"ERR_MAX_OUT_RATIO\");\n\n outRecord.balance = bsub(outRecord.balance, tokenAmountOut);\n\n uint exitFee = bmul(poolAmountIn, EXIT_FEE);\n\n emit LOG_EXIT(msg.sender, tokenOut, tokenAmountOut);\n\n _pullPoolShare(msg.sender, poolAmountIn);\n _burnPoolShare(bsub(poolAmountIn, exitFee));\n _pushPoolShare(_factory, exitFee);\n _pushUnderlying(tokenOut, msg.sender, tokenAmountOut);\n\n return tokenAmountOut;\n }\n\n function exitswapExternAmountOut(address tokenOut, uint tokenAmountOut, uint maxPoolAmountIn)\n external\n _logs_\n _lock_\n returns (uint poolAmountIn)\n {\n require(_finalized, \"ERR_NOT_FINALIZED\");\n require(_records[tokenOut].bound, \"ERR_NOT_BOUND\");\n require(tokenAmountOut \u003c= bmul(_records[tokenOut].balance, MAX_OUT_RATIO), \"ERR_MAX_OUT_RATIO\");\n\n Record storage outRecord = _records[tokenOut];\n\n poolAmountIn = calcPoolInGivenSingleOut(\n outRecord.balance,\n outRecord.denorm,\n _totalSupply,\n _totalWeight,\n tokenAmountOut,\n _swapFee\n );\n\n require(poolAmountIn != 0, \"ERR_MATH_APPROX\");\n require(poolAmountIn \u003c= maxPoolAmountIn, \"ERR_LIMIT_IN\");\n\n outRecord.balance = bsub(outRecord.balance, tokenAmountOut);\n\n uint exitFee = bmul(poolAmountIn, EXIT_FEE);\n\n emit LOG_EXIT(msg.sender, tokenOut, tokenAmountOut);\n\n _pullPoolShare(msg.sender, poolAmountIn);\n _burnPoolShare(bsub(poolAmountIn, exitFee));\n _pushPoolShare(_factory, exitFee);\n _pushUnderlying(tokenOut, msg.sender, tokenAmountOut); \n\n return poolAmountIn;\n }\n\n\n // ==\n // \u0027Underlying\u0027 token-manipulation functions make external calls but are NOT locked\n // You must `_lock_` or otherwise ensure reentry-safety\n\n function _pullUnderlying(address erc20, address from, uint amount)\n internal\n {\n bool xfer = IERC20(erc20).transferFrom(from, address(this), amount);\n require(xfer, \"ERR_ERC20_FALSE\");\n }\n\n function _pushUnderlying(address erc20, address to, uint amount)\n internal\n {\n bool xfer = IERC20(erc20).transfer(to, amount);\n require(xfer, \"ERR_ERC20_FALSE\");\n }\n\n function _pullPoolShare(address from, uint amount)\n internal\n {\n _pull(from, amount);\n }\n\n function _pushPoolShare(address to, uint amount)\n internal\n {\n _push(to, amount);\n }\n\n function _mintPoolShare(uint amount)\n internal\n {\n _mint(amount);\n }\n\n function _burnPoolShare(uint amount)\n internal\n {\n _burn(amount);\n }\n\n}\n"},"BToken.sol":{"content":"// This program is free software: you can redistribute it and/or modify\n// it under the terms of the GNU General Public License as published by\n// the Free Software Foundation, either version 3 of the License, or\n// (at your option) any later version.\n\n// This program is distributed in the hope that it will be useful,\n// but WITHOUT ANY WARRANTY; without even the implied warranty of\n// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n// GNU General Public License for more details.\n\n// You should have received a copy of the GNU General Public License\n// along with this program. If not, see \u003chttp://www.gnu.org/licenses/\u003e.\n\npragma solidity 0.5.12;\n\nimport \"./BNum.sol\";\n\n// Highly opinionated token implementation\n\ninterface IERC20 {\n event Approval(address indexed src, address indexed dst, uint amt);\n event Transfer(address indexed src, address indexed dst, uint amt);\n\n function totalSupply() external view returns (uint);\n function balanceOf(address whom) external view returns (uint);\n function allowance(address src, address dst) external view returns (uint);\n\n function approve(address dst, uint amt) external returns (bool);\n function transfer(address dst, uint amt) external returns (bool);\n function transferFrom(\n address src, address dst, uint amt\n ) external returns (bool);\n}\n\ncontract BTokenBase is BNum {\n\n mapping(address =\u003e uint) internal _balance;\n mapping(address =\u003e mapping(address=\u003euint)) internal _allowance;\n uint internal _totalSupply;\n\n event Approval(address indexed src, address indexed dst, uint amt);\n event Transfer(address indexed src, address indexed dst, uint amt);\n\n function _mint(uint amt) internal {\n _balance[address(this)] = badd(_balance[address(this)], amt);\n _totalSupply = badd(_totalSupply, amt);\n emit Transfer(address(0), address(this), amt);\n }\n\n function _burn(uint amt) internal {\n require(_balance[address(this)] \u003e= amt, \"ERR_INSUFFICIENT_BAL\");\n _balance[address(this)] = bsub(_balance[address(this)], amt);\n _totalSupply = bsub(_totalSupply, amt);\n emit Transfer(address(this), address(0), amt);\n }\n\n function _move(address src, address dst, uint amt) internal {\n require(_balance[src] \u003e= amt, \"ERR_INSUFFICIENT_BAL\");\n _balance[src] = bsub(_balance[src], amt);\n _balance[dst] = badd(_balance[dst], amt);\n emit Transfer(src, dst, amt);\n }\n\n function _push(address to, uint amt) internal {\n _move(address(this), to, amt);\n }\n\n function _pull(address from, uint amt) internal {\n _move(from, address(this), amt);\n }\n}\n\ncontract BToken is BTokenBase, IERC20 {\n\n string private _name = \"Balancer Pool Token\";\n string private _symbol = \"BPT\";\n uint8 private _decimals = 18;\n\n function name() public view returns (string memory) {\n return _name;\n }\n\n function symbol() public view returns (string memory) {\n return _symbol;\n }\n\n function decimals() public view returns(uint8) {\n return _decimals;\n }\n\n function allowance(address src, address dst) external view returns (uint) {\n return _allowance[src][dst];\n }\n\n function balanceOf(address whom) external view returns (uint) {\n return _balance[whom];\n }\n\n function totalSupply() public view returns (uint) {\n return _totalSupply;\n }\n\n function approve(address dst, uint amt) external returns (bool) {\n _allowance[msg.sender][dst] = amt;\n emit Approval(msg.sender, dst, amt);\n return true;\n }\n\n function increaseApproval(address dst, uint amt) external returns (bool) {\n _allowance[msg.sender][dst] = badd(_allowance[msg.sender][dst], amt);\n emit Approval(msg.sender, dst, _allowance[msg.sender][dst]);\n return true;\n }\n\n function decreaseApproval(address dst, uint amt) external returns (bool) {\n uint oldValue = _allowance[msg.sender][dst];\n if (amt \u003e oldValue) {\n _allowance[msg.sender][dst] = 0;\n } else {\n _allowance[msg.sender][dst] = bsub(oldValue, amt);\n }\n emit Approval(msg.sender, dst, _allowance[msg.sender][dst]);\n return true;\n }\n\n function transfer(address dst, uint amt) external returns (bool) {\n _move(msg.sender, dst, amt);\n return true;\n }\n\n function transferFrom(address src, address dst, uint amt) external returns (bool) {\n require(msg.sender == src || amt \u003c= _allowance[src][msg.sender], \"ERR_BTOKEN_BAD_CALLER\");\n _move(src, dst, amt);\n if (msg.sender != src \u0026\u0026 _allowance[src][msg.sender] != uint256(-1)) {\n _allowance[src][msg.sender] = bsub(_allowance[src][msg.sender], amt);\n emit Approval(msg.sender, dst, _allowance[src][msg.sender]);\n }\n return true;\n }\n}\n"}}File 3 of 5: InitializableAdminUpgradeabilityProxy
// SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;
import "./utils/SafeMath.sol";
import "./utils/Ownable.sol";
import "./interfaces/IClaimConfig.sol";
import "./interfaces/IProtocol.sol";
/**
* @title Config for ClaimManagement contract
* @author Alan
*/
contract ClaimConfig is IClaimConfig, Ownable {
using SafeMath for uint256;
bool public override allowPartialClaim = true;
address public override auditor;
address public override governance;
address public override treasury;
address public override protocolFactory;
// The max time allowed from filing a claim to a decision made
uint256 public override maxClaimDecisionWindow = 7 days;
uint256 public override baseClaimFee = 10e18;
uint256 public override forceClaimFee = 500e18;
uint256 public override feeMultiplier = 2;
// protocol => claim fee
mapping(address => uint256) private protocolClaimFee;
IERC20 public override feeCurrency = IERC20(0x6B175474E89094C44Da98b954EedeAC495271d0F);
modifier onlyGovernance() {
require(msg.sender == governance, "COVER_CC: !governance");
_;
}
/**
* @notice Set the address of governance
* @dev Governance address cannot be set to owner or 0 address
*/
function setGovernance(address _governance) external override onlyGovernance {
require(_governance != address(0), "COVER_CC: governance cannot be 0");
require(_governance != owner(), "COVER_CC: governance cannot be owner");
governance = _governance;
}
/**
* @notice Set the address of treasury
*/
function setTreasury(address _treasury) external override onlyGovernance {
require(_treasury != address(0), "COVER_CC: treasury cannot be 0");
treasury = _treasury;
}
/**
* @notice Set max time window allowed to decide a claim after filed, requires at least 3 days for voting
*/
function setMaxClaimDecisionWindow(uint256 _newTimeWindow) external override onlyGovernance {
require(_newTimeWindow < 3 days, "COVER_CC: window too short");
maxClaimDecisionWindow = _newTimeWindow;
}
/**
* @notice Set the status and address of auditor
*/
function setAuditor(address _auditor) external override onlyGovernance {
auditor = _auditor;
}
/**
* @notice Set the status of allowing partial claims
*/
function setPartialClaimStatus(bool _allowPartialClaim) external override onlyGovernance {
allowPartialClaim = _allowPartialClaim;
}
/**
* @notice Set fees and currency of filing a claim
* @dev `_forceClaimFee` must be > `_baseClaimFee`
*/
function setFeeAndCurrency(uint256 _baseClaimFee, uint256 _forceClaimFee, address _currency)
external
override
onlyGovernance
{
require(_baseClaimFee > 0, "COVER_CC: baseClaimFee <= 0");
require(_forceClaimFee > _baseClaimFee, "COVER_CC: forceClaimFee <= baseClaimFee");
require(_currency != address(0), "COVER_CC: feeCurrency cannot be 0");
baseClaimFee = _baseClaimFee;
forceClaimFee = _forceClaimFee;
feeCurrency = IERC20(_currency);
}
/**
* @notice Set the fee multiplier to `_multiplier`
* @dev `_multiplier` must be atleast 1
*/
function setFeeMultiplier(uint256 _multiplier) external override onlyGovernance {
require(_multiplier >= 1, "COVER_CC: multiplier < 1");
feeMultiplier = _multiplier;
}
/**
* @notice Get status of auditor voting
* @dev Returns false if `auditor` is 0
* @return status of auditor voting in decideClaim
*/
function isAuditorVoting() public view override returns (bool) {
return auditor != address(0);
}
/**
* @notice Get the claim fee for protocol `_protocol`
* @dev Will return `baseClaimFee` if fee is 0
* @return fee for filing a claim for protocol
*/
function getProtocolClaimFee(address _protocol) public view override returns (uint256) {
return protocolClaimFee[_protocol] == 0 ? baseClaimFee : protocolClaimFee[_protocol];
}
/**
* @notice Get the time window allowed to file after an incident happened
* @dev it is calculated based on the noclaimRedeemDelay of the protocol - (maxClaimDecisionWindow) - 1hour
* @return time window
*/
function getFileClaimWindow(address _protocol) public view override returns (uint256) {
uint256 noclaimRedeemDelay = IProtocol(_protocol).noclaimRedeemDelay();
return noclaimRedeemDelay.sub(maxClaimDecisionWindow).sub(1 hours);
}
/**
* @notice Updates fee for protocol `_protocol` by multiplying current fee by `feeMultiplier`
* @dev protocolClaimFee[protocol] cannot exceed `baseClaimFee`
*/
function _updateProtocolClaimFee(address _protocol) internal {
uint256 newFee = getProtocolClaimFee(_protocol).mul(feeMultiplier);
if (newFee <= forceClaimFee) {
protocolClaimFee[_protocol] = newFee;
}
}
/**
* @notice Resets fee for protocol `_protocol` to `baseClaimFee`
*/
function _resetProtocolClaimFee(address _protocol) internal {
protocolClaimFee[_protocol] = baseClaimFee;
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
*
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
*
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b > 0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b != 0, errorMessage);
return a % b;
}
}// SPDX-License-Identifier: No License
pragma solidity ^0.7.3;
import "../interfaces/IOwnable.sol";
import "./Initializable.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
* @author crypto-pumpkin@github
*
* By initialization, the owner account will be the one that called initializeOwner. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
contract Ownable is Initializable {
address private _owner;
address private _newOwner;
event OwnershipTransferInitiated(address indexed previousOwner, address indexed newOwner);
event OwnershipTransferCompleted(address indexed previousOwner, address indexed newOwner);
/**
* @dev COVER: Initializes the contract setting the deployer as the initial owner.
*/
function initializeOwner() internal initializer {
_owner = msg.sender;
emit OwnershipTransferCompleted(address(0), _owner);
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view returns (address) {
return _owner;
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
require(_owner == msg.sender, "Ownable: caller is not the owner");
_;
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
emit OwnershipTransferInitiated(_owner, newOwner);
_newOwner = newOwner;
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function claimOwnership() public virtual {
require(_newOwner == msg.sender, "Ownable: caller is not the owner");
emit OwnershipTransferCompleted(_owner, _newOwner);
_owner = _newOwner;
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;
import "./IERC20.sol";
/**
* @dev ClaimConfg contract interface. See {ClaimConfig}.
* @author Alan
*/
interface IClaimConfig {
function allowPartialClaim() external view returns (bool);
function auditor() external view returns (address);
function governance() external view returns (address);
function treasury() external view returns (address);
function protocolFactory() external view returns (address);
function maxClaimDecisionWindow() external view returns (uint256);
function baseClaimFee() external view returns (uint256);
function forceClaimFee() external view returns (uint256);
function feeMultiplier() external view returns (uint256);
function feeCurrency() external view returns (IERC20);
function getFileClaimWindow(address _protocol) external view returns (uint256);
// @dev Only callable by governance
function setMaxClaimDecisionWindow(uint256 _newTimeWindow) external;
function setGovernance(address _governance) external;
function setTreasury(address _treasury) external;
function setAuditor(address _auditor) external;
function setPartialClaimStatus(bool _allowPartialClaim) external;
function setFeeAndCurrency(uint256 _baseClaimFee, uint256 _forceClaimFee, address _currency) external;
function setFeeMultiplier(uint256 _multiplier) external;
function isAuditorVoting() external view returns (bool);
function getProtocolClaimFee(address _protocol) external view returns (uint256);
}// SPDX-License-Identifier: No License
pragma solidity ^0.7.3;
/**
* @dev Protocol contract interface. See {Protocol}.
* @author crypto-pumpkin@github
*/
interface IProtocol {
/// @notice emit when a claim against the protocol is accepted
event ClaimAccepted(uint256 newClaimNonce);
function getProtocolDetails()
external view returns (
bytes32 _name,
bool _active,
uint256 _claimNonce,
uint256 _claimRedeemDelay,
uint256 _noclaimRedeemDelay,
address[] memory _collaterals,
uint48[] memory _expirationTimestamps,
address[] memory _allCovers,
address[] memory _allActiveCovers
);
function active() external view returns (bool);
function name() external view returns (bytes32);
function claimNonce() external view returns (uint256);
/// @notice delay # of seconds for redeem with accepted claim, redeemCollateral is not affected
function claimRedeemDelay() external view returns (uint256);
/// @notice delay # of seconds for redeem without accepted claim, redeemCollateral is not affected
function noclaimRedeemDelay() external view returns (uint256);
function activeCovers(uint256 _index) external view returns (address);
function claimDetails(uint256 _claimNonce) external view returns (uint16 _payoutNumerator, uint16 _payoutDenominator, uint48 _incidentTimestamp, uint48 _timestamp);
function collateralStatusMap(address _collateral) external view returns (uint8 _status);
function expirationTimestampMap(uint48 _expirationTimestamp) external view returns (bytes32 _name, uint8 _status);
function coverMap(address _collateral, uint48 _expirationTimestamp) external view returns (address);
function collaterals(uint256 _index) external view returns (address);
function collateralsLength() external view returns (uint256);
function expirationTimestamps(uint256 _index) external view returns (uint48);
function expirationTimestampsLength() external view returns (uint256);
function activeCoversLength() external view returns (uint256);
function claimsLength() external view returns (uint256);
function addCover(address _collateral, uint48 _timestamp, uint256 _amount)
external returns (bool);
/// @notice access restriction - claimManager
function enactClaim(uint16 _payoutNumerator, uint16 _payoutDenominator, uint48 _incidentTimestamp, uint256 _protocolNonce) external returns (bool);
/// @notice access restriction - dev
function setActive(bool _active) external returns (bool);
function updateExpirationTimestamp(uint48 _expirationTimestamp, bytes32 _expirationTimestampName, uint8 _status) external returns (bool);
function updateCollateral(address _collateral, uint8 _status) external returns (bool);
/// @notice access restriction - governance
function updateClaimRedeemDelay(uint256 _claimRedeemDelay) external returns (bool);
function updateNoclaimRedeemDelay(uint256 _noclaimRedeemDelay) external returns (bool);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;
/**
* @title Interface of Ownable
*/
interface IOwnable {
function owner() external view returns (address);
}
// SPDX-License-Identifier: MIT
// solhint-disable-next-line compiler-version
pragma solidity >=0.4.24 <0.8.0;
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since a proxied contract can't have a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {UpgradeableProxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*/
abstract contract Initializable {
/**
* @dev Indicates that the contract has been initialized.
*/
bool private _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool private _initializing;
/**
* @dev Modifier to protect an initializer function from being invoked twice.
*/
modifier initializer() {
require(_initializing || _isConstructor() || !_initialized, "Initializable: contract is already initialized");
bool isTopLevelCall = !_initializing;
if (isTopLevelCall) {
_initializing = true;
_initialized = true;
}
_;
if (isTopLevelCall) {
_initializing = false;
}
}
/// @dev Returns true if and only if the function is running in the constructor
function _isConstructor() private view returns (bool) {
// extcodesize checks the size of the code stored in an address, and
// address returns the current address. Since the code is still not
// deployed when running a constructor, any checks on its code size will
// yield zero, making it an effective way to detect if a contract is
// under construction or not.
address self = address(this);
uint256 cs;
// solhint-disable-next-line no-inline-assembly
assembly { cs := extcodesize(self) }
return cs == 0;
}
}// SPDX-License-Identifier: No License
pragma solidity ^0.7.3;
/**
* @title Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
event Transfer(address indexed from, address indexed to, uint256 value);
event Approval(address indexed owner, address indexed spender, uint256 value);
function symbol() external view returns (string memory);
function balanceOf(address account) external view returns (uint256);
function transfer(address recipient, uint256 amount) external returns (bool);
function approve(address spender, uint256 amount) external returns (bool);
function allowance(address owner, address spender) external view returns (uint256);
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
function totalSupply() external view returns (uint256);
function increaseAllowance(address spender, uint256 addedValue) external returns (bool);
function decreaseAllowance(address spender, uint256 subtractedValue) external returns (bool);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;
pragma experimental ABIEncoderV2;
import "./ClaimConfig.sol";
import "./interfaces/IProtocol.sol";
import "./interfaces/IProtocolFactory.sol";
import "./interfaces/IClaimManagement.sol";
/**
* @title Claim Management for claims filed for a COVER supported protocol
* @author Alan
*/
contract ClaimManagement is IClaimManagement, ClaimConfig {
using SafeMath for uint256;
// protocol => nonce => Claim[]
mapping(address => mapping(uint256 => Claim[])) public override protocolClaims;
modifier onlyApprovedDecider() {
if (isAuditorVoting()) {
require(msg.sender == auditor, "COVER_CM: !auditor");
} else {
require(msg.sender == governance, "COVER_CM: !governance");
}
_;
}
modifier onlyWhenAuditorVoting() {
require(isAuditorVoting(), "COVER_CM: !isAuditorVoting");
_;
}
/**
* @notice Initialize governance and treasury addresses
* @dev Governance address cannot be set to owner address; `_auditor` can be 0.
* @param _governance address: address of the governance account
* @param _auditor address: address of the auditor account
* @param _treasury address: address of the treasury account
* @param _protocolFactory address: address of the protocol factory
*/
constructor(address _governance, address _auditor, address _treasury, address _protocolFactory) {
require(
_governance != msg.sender && _governance != address(0),
"COVER_CC: governance cannot be owner or 0"
);
require(_treasury != address(0), "COVER_CM: treasury cannot be 0");
require(_protocolFactory != address(0), "COVER_CM: protocol factory cannot be 0");
governance = _governance;
auditor = _auditor;
treasury = _treasury;
protocolFactory = _protocolFactory;
initializeOwner();
}
/**
* @notice File a claim for a COVER-supported contract `_protocol`
* by paying the `protocolClaimFee[_protocol]` fee
* @dev `_incidentTimestamp` must be within the past 14 days
* @param _protocol address: contract address of the protocol that COVER supports
* @param _protocolName bytes32: protocol name for `_protocol`
* @param _incidentTimestamp uint48: timestamp of the claim incident
*
* Emits ClaimFiled
*/
function fileClaim(address _protocol, bytes32 _protocolName, uint48 _incidentTimestamp)
external
override
{
require(_protocol != address(0), "COVER_CM: protocol cannot be 0");
require(
_protocol == getAddressFromFactory(_protocolName),
"COVER_CM: invalid protocol address"
);
require(
block.timestamp.sub(_incidentTimestamp) <= getFileClaimWindow(_protocol),
"COVER_CM: block.timestamp - incidentTimestamp > fileClaimWindow"
);
uint256 nonce = getProtocolNonce(_protocol);
uint256 claimFee = getProtocolClaimFee(_protocol);
protocolClaims[_protocol][nonce].push(Claim({
state: ClaimState.Filed,
filedBy: msg.sender,
payoutNumerator: 0,
payoutDenominator: 1,
filedTimestamp: uint48(block.timestamp),
incidentTimestamp: _incidentTimestamp,
decidedTimestamp: 0,
feePaid: claimFee
}));
feeCurrency.transferFrom(msg.sender, address(this), claimFee);
_updateProtocolClaimFee(_protocol);
emit ClaimFiled({
isForced: false,
filedBy: msg.sender,
protocol: _protocol,
incidentTimestamp: _incidentTimestamp,
nonce: nonce,
index: protocolClaims[_protocol][nonce].length - 1,
feePaid: claimFee
});
}
/**
* @notice Force file a claim for a COVER-supported contract `_protocol`
* that bypasses validateClaim by paying the `forceClaimFee` fee
* @dev `_incidentTimestamp` must be within the past 14 days.
* Only callable when isAuditorVoting is true
* @param _protocol address: contract address of the protocol that COVER supports
* @param _protocolName bytes32: protocol name for `_protocol`
* @param _incidentTimestamp uint48: timestamp of the claim incident
*
* Emits ClaimFiled
*/
function forceFileClaim(address _protocol, bytes32 _protocolName, uint48 _incidentTimestamp)
external
override
onlyWhenAuditorVoting
{
require(_protocol != address(0), "COVER_CM: protocol cannot be 0");
require(
_protocol == getAddressFromFactory(_protocolName),
"COVER_CM: invalid protocol address"
);
require(
block.timestamp.sub(_incidentTimestamp) <= getFileClaimWindow(_protocol),
"COVER_CM: block.timestamp - incidentTimestamp > fileClaimWindow"
);
uint256 nonce = getProtocolNonce(_protocol);
protocolClaims[_protocol][nonce].push(Claim({
state: ClaimState.ForceFiled,
filedBy: msg.sender,
payoutNumerator: 0,
payoutDenominator: 1,
filedTimestamp: uint48(block.timestamp),
incidentTimestamp: _incidentTimestamp,
decidedTimestamp: 0,
feePaid: forceClaimFee
}));
feeCurrency.transferFrom(msg.sender, address(this), forceClaimFee);
emit ClaimFiled({
isForced: true,
filedBy: msg.sender,
protocol: _protocol,
incidentTimestamp: _incidentTimestamp,
nonce: nonce,
index: protocolClaims[_protocol][nonce].length - 1,
feePaid: forceClaimFee
});
}
/**
* @notice Validates whether claim will be passed to approvedDecider to decideClaim
* @dev Only callable if isAuditorVoting is true
* @param _protocol address: contract address of the protocol that COVER supports
* @param _nonce uint256: nonce of the protocol
* @param _index uint256: index of the claim
* @param _claimIsValid bool: true if claim is valid and passed to auditor, false otherwise
*
* Emits ClaimValidated
*/
function validateClaim(address _protocol, uint256 _nonce, uint256 _index, bool _claimIsValid)
external
override
onlyGovernance
onlyWhenAuditorVoting
{
Claim storage claim = protocolClaims[_protocol][_nonce][_index];
require(
_nonce == getProtocolNonce(_protocol),
"COVER_CM: input nonce != protocol nonce"
);
require(claim.state == ClaimState.Filed, "COVER_CM: claim not filed");
if (_claimIsValid) {
claim.state = ClaimState.Validated;
_resetProtocolClaimFee(_protocol);
} else {
claim.state = ClaimState.Invalidated;
claim.decidedTimestamp = uint48(block.timestamp);
feeCurrency.transfer(treasury, claim.feePaid);
}
emit ClaimValidated({
claimIsValid: _claimIsValid,
protocol: _protocol,
nonce: _nonce,
index: _index
});
}
/**
* @notice Decide whether claim for a protocol should be accepted(will payout) or denied
* @dev Only callable by approvedDecider
* @param _protocol address: contract address of the protocol that COVER supports
* @param _nonce uint256: nonce of the protocol
* @param _index uint256: index of the claim
* @param _claimIsAccepted bool: true if claim is accepted and will payout, otherwise false
* @param _payoutNumerator uint256: numerator of percent payout, 0 if _claimIsAccepted = false
* @param _payoutDenominator uint256: denominator of percent payout
*
* Emits ClaimDecided
*/
function decideClaim(
address _protocol,
uint256 _nonce,
uint256 _index,
bool _claimIsAccepted,
uint16 _payoutNumerator,
uint16 _payoutDenominator
)
external
override
onlyApprovedDecider
{
require(
_nonce == getProtocolNonce(_protocol),
"COVER_CM: input nonce != protocol nonce"
);
Claim storage claim = protocolClaims[_protocol][_nonce][_index];
if (isAuditorVoting()) {
require(
claim.state == ClaimState.Validated ||
claim.state == ClaimState.ForceFiled,
"COVER_CM: claim not validated or forceFiled"
);
} else {
require(claim.state == ClaimState.Filed, "COVER_CM: claim not filed");
}
if (_isDecisionWindowPassed(claim)) {
// Max decision claim window passed, claim is default to Denied
_claimIsAccepted = false;
}
if (_claimIsAccepted) {
require(_payoutNumerator > 0, "COVER_CM: claim accepted, but payoutNumerator == 0");
if (allowPartialClaim) {
require(
_payoutNumerator <= _payoutDenominator,
"COVER_CM: payoutNumerator > payoutDenominator"
);
} else {
require(
_payoutNumerator == _payoutDenominator,
"COVER_CM: payoutNumerator != payoutDenominator"
);
}
claim.state = ClaimState.Accepted;
claim.payoutNumerator = _payoutNumerator;
claim.payoutDenominator = _payoutDenominator;
feeCurrency.transfer(claim.filedBy, claim.feePaid);
_resetProtocolClaimFee(_protocol);
IProtocol(_protocol).enactClaim(_payoutNumerator, _payoutDenominator, claim.incidentTimestamp, _nonce);
} else {
require(_payoutNumerator == 0, "COVER_CM: claim denied (default if passed window), but payoutNumerator != 0");
claim.state = ClaimState.Denied;
feeCurrency.transfer(treasury, claim.feePaid);
}
claim.decidedTimestamp = uint48(block.timestamp);
emit ClaimDecided({
claimIsAccepted: _claimIsAccepted,
protocol: _protocol,
nonce: _nonce,
index: _index,
payoutNumerator: _payoutNumerator,
payoutDenominator: _payoutDenominator
});
}
/**
* @notice Get all claims for protocol `_protocol` and nonce `_nonce` in state `_state`
* @param _protocol address: contract address of the protocol that COVER supports
* @param _nonce uint256: nonce of the protocol
* @param _state ClaimState: state of claim
* @return all claims for protocol and nonce in given state
*/
function getAllClaimsByState(address _protocol, uint256 _nonce, ClaimState _state)
external
view
override
returns (Claim[] memory)
{
Claim[] memory allClaims = protocolClaims[_protocol][_nonce];
uint256 count;
Claim[] memory temp = new Claim[](allClaims.length);
for (uint i = 0; i < allClaims.length; i++) {
if (allClaims[i].state == _state) {
temp[count] = allClaims[i];
count++;
}
}
Claim[] memory claimsByState = new Claim[](count);
for (uint i = 0; i < count; i++) {
claimsByState[i] = temp[i];
}
return claimsByState;
}
/**
* @notice Get all claims for protocol `_protocol` and nonce `_nonce`
* @param _protocol address: contract address of the protocol that COVER supports
* @param _nonce uint256: nonce of the protocol
* @return all claims for protocol and nonce
*/
function getAllClaimsByNonce(address _protocol, uint256 _nonce)
external
view
override
returns (Claim[] memory)
{
return protocolClaims[_protocol][_nonce];
}
/**
* @notice Get the protocol address from the protocol factory
* @param _protocolName bytes32: protocol name
* @return address corresponding to the protocol name `_protocolName`
*/
function getAddressFromFactory(bytes32 _protocolName) public view override returns (address) {
return IProtocolFactory(protocolFactory).protocols(_protocolName);
}
/**
* @notice Get the current nonce for protocol `_protocol`
* @param _protocol address: contract address of the protocol that COVER supports
* @return the current nonce for protocol `_protocol`
*/
function getProtocolNonce(address _protocol) public view override returns (uint256) {
return IProtocol(_protocol).claimNonce();
}
/**
* The times passed since the claim was filed has to be less than the max claim decision window
*/
function _isDecisionWindowPassed(Claim memory claim) private view returns (bool) {
return block.timestamp.sub(claim.filedTimestamp) > maxClaimDecisionWindow.sub(1 hours);
}
} // SPDX-License-Identifier: No License
pragma solidity ^0.7.3;
/**
* @dev ProtocolFactory contract interface. See {ProtocolFactory}.
* @author crypto-pumpkin@github
*/
interface IProtocolFactory {
/// @notice emit when a new protocol is supported in COVER
event ProtocolInitiation(address protocolAddress);
function getAllProtocolAddresses() external view returns (address[] memory);
function getRedeemFees() external view returns (uint16 _numerator, uint16 _denominator);
function redeemFeeNumerator() external view returns (uint16);
function redeemFeeDenominator() external view returns (uint16);
function protocolImplementation() external view returns (address);
function coverImplementation() external view returns (address);
function coverERC20Implementation() external view returns (address);
function treasury() external view returns (address);
function governance() external view returns (address);
function claimManager() external view returns (address);
function protocols(bytes32 _protocolName) external view returns (address);
function getProtocolsLength() external view returns (uint256);
function getProtocolNameAndAddress(uint256 _index) external view returns (bytes32, address);
/// @notice return contract address, the contract may not be deployed yet
function getProtocolAddress(bytes32 _name) external view returns (address);
/// @notice return contract address, the contract may not be deployed yet
function getCoverAddress(bytes32 _protocolName, uint48 _timestamp, address _collateral, uint256 _claimNonce) external view returns (address);
/// @notice return contract address, the contract may not be deployed yet
function getCovTokenAddress(bytes32 _protocolName, uint48 _timestamp, address _collateral, uint256 _claimNonce, bool _isClaimCovToken) external view returns (address);
/// @notice access restriction - owner (dev)
/// @dev update this will only affect contracts deployed after
function updateProtocolImplementation(address _newImplementation) external returns (bool);
/// @dev update this will only affect contracts deployed after
function updateCoverImplementation(address _newImplementation) external returns (bool);
/// @dev update this will only affect contracts deployed after
function updateCoverERC20Implementation(address _newImplementation) external returns (bool);
function assignClaimManager(address _address) external returns (bool);
function addProtocol(
bytes32 _name,
bool _active,
address _collateral,
uint48[] calldata _timestamps,
bytes32[] calldata _timestampNames
) external returns (address);
/// @notice access restriction - governance
function updateClaimManager(address _address) external returns (bool);
function updateFees(uint16 _redeemFeeNumerator, uint16 _redeemFeeDenominator) external returns (bool);
function updateGovernance(address _address) external returns (bool);
function updateTreasury(address _address) external returns (bool);
} // SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;
pragma experimental ABIEncoderV2;
/**
* @dev ClaimManagement contract interface. See {ClaimManagement}.
* @author Alan
*/
interface IClaimManagement {
enum ClaimState { Filed, ForceFiled, Validated, Invalidated, Accepted, Denied }
struct Claim {
ClaimState state; // Current state of claim
address filedBy; // Address of user who filed claim
uint16 payoutNumerator; // Numerator of percent to payout
uint16 payoutDenominator; // Denominator of percent to payout
uint48 filedTimestamp; // Timestamp of submitted claim
uint48 incidentTimestamp; // Timestamp of the incident the claim is filed for
uint48 decidedTimestamp; // Timestamp when claim outcome is decided
uint256 feePaid; // Fee paid to file the claim
}
function protocolClaims(address _protocol, uint256 _nonce, uint256 _index) external view returns (
ClaimState state,
address filedBy,
uint16 payoutNumerator,
uint16 payoutDenominator,
uint48 filedTimestamp,
uint48 incidentTimestamp,
uint48 decidedTimestamp,
uint256 feePaid
);
function fileClaim(address _protocol, bytes32 _protocolName, uint48 _incidentTimestamp) external;
function forceFileClaim(address _protocol, bytes32 _protocolName, uint48 _incidentTimestamp) external;
// @dev Only callable by owner when auditor is voting
function validateClaim(address _protocol, uint256 _nonce, uint256 _index, bool _claimIsValid) external;
// @dev Only callable by approved decider
function decideClaim(address _protocol, uint256 _nonce, uint256 _index, bool _claimIsAccepted, uint16 _payoutNumerator, uint16 _payoutDenominator) external;
function getAllClaimsByState(address _protocol, uint256 _nonce, ClaimState _state) external view returns (Claim[] memory);
function getAllClaimsByNonce(address _protocol, uint256 _nonce) external view returns (Claim[] memory);
function getAddressFromFactory(bytes32 _protocolName) external view returns (address);
function getProtocolNonce(address _protocol) external view returns (uint256);
event ClaimFiled(
bool indexed isForced,
address indexed filedBy,
address indexed protocol,
uint48 incidentTimestamp,
uint256 nonce,
uint256 index,
uint256 feePaid
);
event ClaimValidated(
bool indexed claimIsValid,
address indexed protocol,
uint256 nonce,
uint256 index
);
event ClaimDecided(
bool indexed claimIsAccepted,
address indexed protocol,
uint256 nonce,
uint256 index,
uint16 payoutNumerator,
uint16 payoutDenominator
);
}// SPDX-License-Identifier: No License
pragma solidity ^0.7.3;
import "./proxy/InitializableAdminUpgradeabilityProxy.sol";
import "./utils/Address.sol";
import "./utils/Create2.sol";
import "./utils/Ownable.sol";
import "./interfaces/IProtocolFactory.sol";
/**
* @title ProtocolFactory contract
* @author crypto-pumpkin@github
*/
contract ProtocolFactory is IProtocolFactory, Ownable {
bytes4 private constant PROTOCOL_INIT_SIGNITURE = bytes4(keccak256("initialize(bytes32,bool,address,uint48[],bytes32[])"));
uint16 public override redeemFeeNumerator = 10; // 0 to 65,535
uint16 public override redeemFeeDenominator = 10000; // 0 to 65,535
address public override protocolImplementation;
address public override coverImplementation;
address public override coverERC20Implementation;
address public override treasury;
address public override governance;
address public override claimManager;
// not all protocols are active
bytes32[] private protocolNames;
mapping(bytes32 => address) public override protocols;
modifier onlyGovernance() {
require(msg.sender == governance, "COVER: caller not governance");
_;
}
constructor (
address _protocolImplementation,
address _coverImplementation,
address _coverERC20Implementation,
address _governance,
address _treasury
) {
protocolImplementation = _protocolImplementation;
coverImplementation = _coverImplementation;
coverERC20Implementation = _coverERC20Implementation;
governance = _governance;
treasury = _treasury;
initializeOwner();
}
function getAllProtocolAddresses() external view override returns (address[] memory) {
bytes32[] memory protocolNamesCopy = protocolNames;
address[] memory protocolAddresses = new address[](protocolNamesCopy.length);
for (uint i = 0; i < protocolNamesCopy.length; i++) {
protocolAddresses[i] = protocols[protocolNamesCopy[i]];
}
return protocolAddresses;
}
function getRedeemFees() external view override returns (uint16 _numerator, uint16 _denominator) {
return (redeemFeeNumerator, redeemFeeDenominator);
}
function getProtocolsLength() external view override returns (uint256) {
return protocolNames.length;
}
function getProtocolNameAndAddress(uint256 _index)
external view override returns (bytes32, address)
{
bytes32 name = protocolNames[_index];
return (name, protocols[name]);
}
/// @notice return protocol contract address, the contract may not be deployed yet
function getProtocolAddress(bytes32 _name) public view override returns (address) {
return _computeAddress(keccak256(abi.encodePacked(_name)), address(this));
}
/// @notice return cover contract address, the contract may not be deployed yet
function getCoverAddress(
bytes32 _protocolName,
uint48 _timestamp,
address _collateral,
uint256 _claimNonce
)
public view override returns (address)
{
return _computeAddress(
keccak256(abi.encodePacked(_protocolName, _timestamp, _collateral, _claimNonce)),
getProtocolAddress(_protocolName)
);
}
/// @notice return covToken contract address, the contract may not be deployed yet
function getCovTokenAddress(
bytes32 _protocolName,
uint48 _timestamp,
address _collateral,
uint256 _claimNonce,
bool _isClaimCovToken
)
external view override returns (address)
{
return _computeAddress(
keccak256(abi.encodePacked(
_protocolName,
_timestamp,
_collateral,
_claimNonce,
_isClaimCovToken ? "CLAIM" : "NOCLAIM")
),
getCoverAddress(_protocolName, _timestamp, _collateral, _claimNonce)
);
}
/// @dev Emits ProtocolInitiation, add a supported protocol in COVER
function addProtocol(
bytes32 _name,
bool _active,
address _collateral,
uint48[] calldata _timestamps,
bytes32[] calldata _timestampNames
)
external override onlyOwner returns (address)
{
require(protocols[_name] == address(0), "COVER: protocol exists");
require(_timestamps.length == _timestampNames.length, "COVER: timestamp lengths don't match");
protocolNames.push(_name);
bytes memory bytecode = type(InitializableAdminUpgradeabilityProxy).creationCode;
// unique salt required for each protocol, salt + deployer decides contract address
bytes32 salt = keccak256(abi.encodePacked(_name));
address payable proxyAddr = Create2.deploy(0, salt, bytecode);
emit ProtocolInitiation(proxyAddr);
bytes memory initData = abi.encodeWithSelector(PROTOCOL_INIT_SIGNITURE, _name, _active, _collateral, _timestamps, _timestampNames);
// governance will be the admin for the protocol contracts
InitializableAdminUpgradeabilityProxy(proxyAddr).initialize(protocolImplementation, governance, initData);
protocols[_name] = proxyAddr;
return proxyAddr;
}
/// @dev update this will only affect protocols deployed after
function updateProtocolImplementation(address _newImplementation)
external override onlyOwner returns (bool)
{
require(Address.isContract(_newImplementation), "COVER: new implementation is not a contract");
protocolImplementation = _newImplementation;
return true;
}
/// @dev update this will only affect covers of protocols deployed after
function updateCoverImplementation(address _newImplementation)
external override onlyOwner returns (bool)
{
require(Address.isContract(_newImplementation), "COVER: new implementation is not a contract");
coverImplementation = _newImplementation;
return true;
}
/// @dev update this will only affect covTokens of covers of protocols deployed after
function updateCoverERC20Implementation(address _newImplementation)
external override onlyOwner returns (bool)
{
require(Address.isContract(_newImplementation), "COVER: new implementation is not a contract");
coverERC20Implementation = _newImplementation;
return true;
}
function updateFees(
uint16 _redeemFeeNumerator,
uint16 _redeemFeeDenominator
)
external override onlyGovernance returns (bool)
{
require(_redeemFeeDenominator > 0, "COVER: denominator cannot be 0");
redeemFeeNumerator = _redeemFeeNumerator;
redeemFeeDenominator = _redeemFeeDenominator;
return true;
}
/// @dev called once and only by dev to set the claimManager for the first time
function assignClaimManager(address _address)
external override onlyOwner returns (bool)
{
require(_address != address(0), "COVER: address cannot be 0");
require(claimManager == address(0), "COVER: claimManager is assigned");
claimManager = _address;
return true;
}
function updateClaimManager(address _address)
external override onlyGovernance returns (bool)
{
require(_address != address(0), "COVER: address cannot be 0");
claimManager = _address;
return true;
}
function updateGovernance(address _address)
external override onlyGovernance returns (bool)
{
require(_address != address(0), "COVER: address cannot be 0");
require(_address != owner(), "COVER: governance cannot be owner");
governance = _address;
return true;
}
function updateTreasury(address _address)
external override onlyGovernance returns (bool)
{
require(_address != address(0), "COVER: address cannot be 0");
treasury = _address;
return true;
}
function _computeAddress(bytes32 salt, address deployer) private pure returns (address) {
bytes memory bytecode = type(InitializableAdminUpgradeabilityProxy).creationCode;
return Create2.computeAddress(salt, keccak256(bytecode), deployer);
}
}// SPDX-License-Identifier: No License
pragma solidity ^0.7.3;
import './BaseAdminUpgradeabilityProxy.sol';
/**
* @title InitializableAdminUpgradeabilityProxy
* @dev Extends from BaseAdminUpgradeabilityProxy with an initializer for
* initializing the implementation, admin, and init data.
*/
contract InitializableAdminUpgradeabilityProxy is BaseAdminUpgradeabilityProxy {
/**
* Contract initializer.
* @param _logic address of the initial implementation.
* @param _admin Address of the proxy administrator.
* @param _data Data to send as msg.data to the implementation to initialize the proxied contract.
* It should include the signature and the parameters of the function to be called, as described in
* https://solidity.readthedocs.io/en/v0.4.24/abi-spec.html#function-selector-and-argument-encoding.
* This parameter is optional, if no data is given the initialization call to proxied contract will be skipped.
*/
function initialize(address _logic, address _admin, bytes memory _data) public payable {
require(_implementation() == address(0));
assert(IMPLEMENTATION_SLOT == bytes32(uint256(keccak256('eip1967.proxy.implementation')) - 1));
_setImplementation(_logic);
if(_data.length > 0) {
(bool success,) = _logic.delegatecall(_data);
require(success);
}
assert(ADMIN_SLOT == bytes32(uint256(keccak256('eip1967.proxy.admin')) - 1));
_setAdmin(_admin);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/
function isContract(address account) internal view returns (bool) {
// According to EIP-1052, 0x0 is the value returned for not-yet created accounts
// and 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 is returned
// for accounts without code, i.e. `keccak256('')`
bytes32 codehash;
bytes32 accountHash = 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470;
// solhint-disable-next-line no-inline-assembly
assembly { codehash := extcodehash(account) }
return (codehash != accountHash && codehash != 0x0);
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
// solhint-disable-next-line avoid-low-level-calls, avoid-call-value
(bool success, ) = recipient.call{ value: amount }("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain`call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
return _functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value, string memory errorMessage) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
return _functionCallWithValue(target, data, value, errorMessage);
}
function _functionCallWithValue(address target, bytes memory data, uint256 weiValue, string memory errorMessage) private returns (bytes memory) {
require(isContract(target), "Address: call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = target.call{ value: weiValue }(data);
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
// solhint-disable-next-line no-inline-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;
/**
* @dev Helper to make usage of the `CREATE2` EVM opcode easier and safer.
* `CREATE2` can be used to compute in advance the address where a smart
* contract will be deployed, which allows for interesting new mechanisms known
* as 'counterfactual interactions'.
*
* See the https://eips.ethereum.org/EIPS/eip-1014#motivation[EIP] for more
* information.
*/
library Create2 {
/**
* @dev Deploys a contract using `CREATE2`. The address where the contract
* will be deployed can be known in advance via {computeAddress}.
*
* The bytecode for a contract can be obtained from Solidity with
* `type(contractName).creationCode`.
*
* Requirements:
*
* - `bytecode` must not be empty.
* - `salt` must have not been used for `bytecode` already.
* - the factory must have a balance of at least `amount`.
* - if `amount` is non-zero, `bytecode` must have a `payable` constructor.
*/
function deploy(uint256 amount, bytes32 salt, bytes memory bytecode) internal returns (address payable) {
address payable addr;
require(address(this).balance >= amount, "Create2: insufficient balance");
require(bytecode.length != 0, "Create2: bytecode length is zero");
// solhint-disable-next-line no-inline-assembly
assembly {
addr := create2(amount, add(bytecode, 0x20), mload(bytecode), salt)
}
require(addr != address(0), "Create2: Failed on deploy");
return addr;
}
/**
* @dev Returns the address where a contract will be stored if deployed via {deploy}. Any change in the
* `bytecodeHash` or `salt` will result in a new destination address.
*/
function computeAddress(bytes32 salt, bytes32 bytecodeHash) internal view returns (address) {
return computeAddress(salt, bytecodeHash, address(this));
}
/**
* @dev Returns the address where a contract will be stored if deployed via {deploy} from a contract located at
* `deployer`. If `deployer` is this contract's address, returns the same value as {computeAddress}.
*/
function computeAddress(bytes32 salt, bytes32 bytecodeHash, address deployer) internal pure returns (address) {
bytes32 _data = keccak256(
abi.encodePacked(bytes1(0xff), deployer, salt, bytecodeHash)
);
return address(uint256(_data));
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;
import './BaseUpgradeabilityProxy.sol';
/**
* @title BaseAdminUpgradeabilityProxy
* @dev This contract combines an upgradeability proxy with an authorization
* mechanism for administrative tasks.
* All external functions in this contract must be guarded by the
* `ifAdmin` modifier. See ethereum/solidity#3864 for a Solidity
* feature proposal that would enable this to be done automatically.
*/
contract BaseAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
/**
* @dev Emitted when the administration has been transferred.
* @param previousAdmin Address of the previous admin.
* @param newAdmin Address of the new admin.
*/
event AdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Modifier to check whether the `msg.sender` is the admin.
* If it is, it will run the function. Otherwise, it will delegate the call
* to the implementation.
*/
modifier ifAdmin() {
if (msg.sender == _admin()) {
_;
} else {
_fallback();
}
}
/**
* @return The address of the proxy admin.
*/
function admin() external ifAdmin returns (address) {
return _admin();
}
/**
* @return The address of the implementation.
*/
function implementation() external ifAdmin returns (address) {
return _implementation();
}
/**
* @dev Changes the admin of the proxy.
* Only the current admin can call this function.
* @param newAdmin Address to transfer proxy administration to.
*/
function changeAdmin(address newAdmin) external ifAdmin {
require(newAdmin != address(0), "Cannot change the admin of a proxy to the zero address");
emit AdminChanged(_admin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev Upgrade the backing implementation of the proxy.
* Only the admin can call this function.
* @param newImplementation Address of the new implementation.
*/
function upgradeTo(address newImplementation) external ifAdmin {
_upgradeTo(newImplementation);
}
/**
* @dev Upgrade the backing implementation of the proxy and call a function
* on the new implementation.
* This is useful to initialize the proxied contract.
* @param newImplementation Address of the new implementation.
* @param data Data to send as msg.data in the low level call.
* It should include the signature and the parameters of the function to be called, as described in
* https://solidity.readthedocs.io/en/v0.4.24/abi-spec.html#function-selector-and-argument-encoding.
*/
function upgradeToAndCall(address newImplementation, bytes calldata data) payable external ifAdmin {
_upgradeTo(newImplementation);
(bool success,) = newImplementation.delegatecall(data);
require(success);
}
/**
* @return adm The admin slot.
*/
function _admin() internal view returns (address adm) {
bytes32 slot = ADMIN_SLOT;
assembly {
adm := sload(slot)
}
}
/**
* @dev Sets the address of the proxy admin.
* @param newAdmin Address of the new proxy admin.
*/
function _setAdmin(address newAdmin) internal {
bytes32 slot = ADMIN_SLOT;
assembly {
sstore(slot, newAdmin)
}
}
} // SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;
import "../utils/Address.sol";
import "./Proxy.sol";
/**
* @dev This contract implements an upgradeable proxy. It is upgradeable because calls are delegated to an
* implementation address that can be changed. This address is stored in storage in the location specified by
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967], so that it doesn't conflict with the storage layout of the
* implementation behind the proxy.
*
* Upgradeability is only provided internally through {_upgradeTo}. For an externally upgradeable proxy see
* {TransparentUpgradeableProxy}.
*/
contract BaseUpgradeabilityProxy is Proxy {
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
event Upgraded(address indexed implementation);
/**
* @dev Returns the current implementation address.
*/
function _implementation() internal override view returns (address impl) {
bytes32 slot = IMPLEMENTATION_SLOT;
// solhint-disable-next-line no-inline-assembly
assembly {
impl := sload(slot)
}
}
/**
* @dev Upgrades the proxy to a new implementation.
*
* Emits an {Upgraded} event.
*/
function _upgradeTo(address newImplementation) internal {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/
function _setImplementation(address newImplementation) internal {
require(Address.isContract(newImplementation), "UpgradeableProxy: new implementation is not a contract");
bytes32 slot = IMPLEMENTATION_SLOT;
// solhint-disable-next-line no-inline-assembly
assembly {
sstore(slot, newImplementation)
}
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;
/**
* @dev This abstract contract provides a fallback function that delegates all calls to another contract using the EVM
* instruction `delegatecall`. We refer to the second contract as the _implementation_ behind the proxy, and it has to
* be specified by overriding the virtual {_implementation} function.
*
* Additionally, delegation to the implementation can be triggered manually through the {_fallback} function, or to a
* different contract through the {_delegate} function.
*
* The success and return data of the delegated call will be returned back to the caller of the proxy.
*/
abstract contract Proxy {
/**
* @dev Delegates the current call to `implementation`.
*
* This function does not return to its internall call site, it will return directly to the external caller.
*/
function _delegate(address implementation) internal {
// solhint-disable-next-line no-inline-assembly
assembly {
// Copy msg.data. We take full control of memory in this inline assembly
// block because it will not return to Solidity code. We overwrite the
// Solidity scratch pad at memory position 0.
calldatacopy(0, 0, calldatasize())
// Call the implementation.
// out and outsize are 0 because we don't know the size yet.
let result := delegatecall(gas(), implementation, 0, calldatasize(), 0, 0)
// Copy the returned data.
returndatacopy(0, 0, returndatasize())
switch result
// delegatecall returns 0 on error.
case 0 { revert(0, returndatasize()) }
default { return(0, returndatasize()) }
}
}
/**
* @dev This is a virtual function that should be overriden so it returns the address to which the fallback function
* and {_fallback} should delegate.
*/
function _implementation() internal virtual view returns (address);
/**
* @dev Delegates the current call to the address returned by `_implementation()`.
*
* This function does not return to its internall call site, it will return directly to the external caller.
*/
function _fallback() internal {
_beforeFallback();
_delegate(_implementation());
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if no other
* function in the contract matches the call data.
*/
fallback () payable external {
_fallback();
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if call data
* is empty.
*/
receive () payable external {
_fallback();
}
/**
* @dev Hook that is called before falling back to the implementation. Can happen as part of a manual `_fallback`
* call, or as part of the Solidity `fallback` or `receive` functions.
*
* If overriden should call `super._beforeFallback()`.
*/
function _beforeFallback() internal virtual {
}
}// SPDX-License-Identifier: No License
pragma solidity ^0.7.3;
import "./proxy/InitializableAdminUpgradeabilityProxy.sol";
import "./utils/Create2.sol";
import "./utils/Initializable.sol";
import "./utils/Ownable.sol";
import "./utils/SafeMath.sol";
import "./utils/SafeERC20.sol";
import "./utils/ReentrancyGuard.sol";
import "./interfaces/ICover.sol";
import "./interfaces/IERC20.sol";
import "./interfaces/IOwnable.sol";
import "./interfaces/IProtocol.sol";
import "./interfaces/IProtocolFactory.sol";
/**
* @title Protocol contract
* @author crypto-pumpkin@github
*/
contract Protocol is IProtocol, Initializable, ReentrancyGuard, Ownable {
using SafeMath for uint256;
using SafeERC20 for IERC20;
struct ClaimDetails {
uint16 payoutNumerator; // 0 to 65,535
uint16 payoutDenominator; // 0 to 65,535
uint48 incidentTimestamp;
uint48 claimEnactedTimestamp;
}
struct ExpirationTimestampInfo {
bytes32 name;
uint8 status; // 0 never set; 1 active, 2 inactive
}
bytes4 private constant COVER_INIT_SIGNITURE = bytes4(keccak256("initialize(string,uint48,address,uint256)"));
/// @notice only active (true) protocol allows adding more covers
bool public override active;
bytes32 public override name;
// nonce of for the protocol's claim status, it also indicates count of accepted claim in the past
uint256 public override claimNonce;
// delay # of seconds for redeem with accepted claim, redeemCollateral is not affected
uint256 public override claimRedeemDelay;
// delay # of seconds for redeem without accepted claim, redeemCollateral is not affected
uint256 public override noclaimRedeemDelay;
// only active covers, once there is an accepted claim (enactClaim called successfully), this sets to [].
address[] public override activeCovers;
address[] private allCovers;
/// @notice list of every supported expirationTimestamp, all may not be active.
uint48[] public override expirationTimestamps;
/// @notice list of every supported collateral, all may not be active.
address[] public override collaterals;
// [claimNonce] => accepted ClaimDetails
ClaimDetails[] public override claimDetails;
// @notice collateral => status. 0 never set; 1 active, 2 inactive
mapping(address => uint8) public override collateralStatusMap;
mapping(uint48 => ExpirationTimestampInfo) public override expirationTimestampMap;
// collateral => timestamp => coverAddress, most recent cover created for the collateral and timestamp combination
mapping(address => mapping(uint48 => address)) public override coverMap;
modifier onlyActive() {
require(active, "COVER: protocol not active");
_;
}
modifier onlyDev() {
require(msg.sender == _dev(), "COVER: caller not dev");
_;
}
modifier onlyGovernance() {
require(msg.sender == IProtocolFactory(owner()).governance(), "COVER: caller not governance");
_;
}
/// @dev Initialize, called once
function initialize (
bytes32 _protocolName,
bool _active,
address _collateral,
uint48[] calldata _expirationTimestamps,
bytes32[] calldata _expirationTimestampNames
)
external initializer
{
name = _protocolName;
collaterals.push(_collateral);
active = _active;
expirationTimestamps = _expirationTimestamps;
collateralStatusMap[_collateral] = 1;
for (uint i = 0; i < _expirationTimestamps.length; i++) {
if (block.timestamp < _expirationTimestamps[i]) {
expirationTimestampMap[_expirationTimestamps[i]] = ExpirationTimestampInfo(
_expirationTimestampNames[i],
1
);
}
}
// set default delay for redeem
claimRedeemDelay = 2 days;
noclaimRedeemDelay = 10 days;
initializeOwner();
}
function getProtocolDetails()
external view override returns (
bytes32 _name,
bool _active,
uint256 _claimNonce,
uint256 _claimRedeemDelay,
uint256 _noclaimRedeemDelay,
address[] memory _collaterals,
uint48[] memory _expirationTimestamps,
address[] memory _allCovers,
address[] memory _allActiveCovers
)
{
return (
name,
active,
claimNonce,
claimRedeemDelay,
noclaimRedeemDelay,
getCollaterals(),
getExpirationTimestamps(),
getAllCovers(),
getAllActiveCovers()
);
}
function collateralsLength() external view override returns (uint256) {
return collaterals.length;
}
function expirationTimestampsLength() external view override returns (uint256) {
return expirationTimestamps.length;
}
function activeCoversLength() external view override returns (uint256) {
return activeCovers.length;
}
function claimsLength() external view override returns (uint256) {
return claimDetails.length;
}
/**
* @notice add cover for sender
* - transfer collateral from sender to cover contract
* - mint the same amount CLAIM covToken to sender
* - mint the same amount NOCLAIM covToken to sender
*/
function addCover(address _collateral, uint48 _timestamp, uint256 _amount)
external override onlyActive nonReentrant returns (bool)
{
require(_amount > 0, "COVER: amount <= 0");
require(collateralStatusMap[_collateral] == 1, "COVER: invalid collateral");
require(block.timestamp < _timestamp && expirationTimestampMap[_timestamp].status == 1, "COVER: invalid expiration date");
// Validate sender collateral balance is > amount
IERC20 collateral = IERC20(_collateral);
require(collateral.balanceOf(msg.sender) >= _amount, "COVER: amount > collateral balance");
address addr = coverMap[_collateral][_timestamp];
// Deploy new cover contract if not exist or if claim accepted
if (addr == address(0) || ICover(addr).claimNonce() != claimNonce) {
string memory coverName = _generateCoverName(_timestamp, collateral.symbol());
bytes memory bytecode = type(InitializableAdminUpgradeabilityProxy).creationCode;
bytes32 salt = keccak256(abi.encodePacked(name, _timestamp, _collateral, claimNonce));
addr = Create2.deploy(0, salt, bytecode);
bytes memory initData = abi.encodeWithSelector(COVER_INIT_SIGNITURE, coverName, _timestamp, _collateral, claimNonce);
address coverImplementation = IProtocolFactory(owner()).coverImplementation();
InitializableAdminUpgradeabilityProxy(payable(addr)).initialize(
coverImplementation,
IProtocolFactory(owner()).governance(),
initData
);
activeCovers.push(addr);
allCovers.push(addr);
coverMap[_collateral][_timestamp] = addr;
}
// move collateral to the cover contract and mint CovTokens to sender
uint256 coverBalanceBefore = collateral.balanceOf(addr);
collateral.transferFrom(msg.sender, addr, _amount);
uint256 coverBalanceAfter = collateral.balanceOf(addr);
require(coverBalanceAfter > coverBalanceBefore, "COVER: collateral transfer failed");
ICover(addr).mint(coverBalanceAfter.sub(coverBalanceBefore), msg.sender);
return true;
}
/// @notice update status or add new expiration timestamp
function updateExpirationTimestamp(uint48 _expirationTimestamp, bytes32 _expirationTimestampName, uint8 _status) external override onlyDev returns (bool) {
require(block.timestamp < _expirationTimestamp, "COVER: invalid expiration date");
require(_status > 0 && _status < 3, "COVER: status not in (0, 2]");
if (expirationTimestampMap[_expirationTimestamp].status == 0) {
expirationTimestamps.push(_expirationTimestamp);
}
expirationTimestampMap[_expirationTimestamp] = ExpirationTimestampInfo(
_expirationTimestampName,
_status
);
return true;
}
/// @notice update status or add new collateral
function updateCollateral(address _collateral, uint8 _status) external override onlyDev returns (bool) {
require(_collateral != address(0), "COVER: address cannot be 0");
require(_status > 0 && _status < 3, "COVER: status not in (0, 2]");
if (collateralStatusMap[_collateral] == 0) {
collaterals.push(_collateral);
}
collateralStatusMap[_collateral] = _status;
return true;
}
/**
* @dev enact accepted claim, all covers are to be paid out
* - increment claimNonce
* - delete activeCovers list
* - only COVER claim manager can call this function
*
* Emit ClaimAccepted
*/
function enactClaim(
uint16 _payoutNumerator,
uint16 _payoutDenominator,
uint48 _incidentTimestamp,
uint256 _protocolNonce
)
external override returns (bool)
{
require(_protocolNonce == claimNonce, "COVER: nonces do not match");
require(_payoutNumerator <= _payoutDenominator && _payoutNumerator > 0, "COVER: payout % is not in (0%, 100%]");
require(msg.sender == IProtocolFactory(owner()).claimManager(), "COVER: caller not claimManager");
claimNonce = claimNonce.add(1);
delete activeCovers;
claimDetails.push(ClaimDetails(
_payoutNumerator,
_payoutDenominator,
_incidentTimestamp,
uint48(block.timestamp)
));
emit ClaimAccepted(claimNonce);
return true;
}
// update status of protocol, if false, will pause new cover creation
function setActive(bool _active) external override onlyDev returns (bool) {
active = _active;
return true;
}
function updateClaimRedeemDelay(uint256 _claimRedeemDelay)
external override onlyGovernance returns (bool)
{
claimRedeemDelay = _claimRedeemDelay;
return true;
}
function updateNoclaimRedeemDelay(uint256 _noclaimRedeemDelay)
external override onlyGovernance returns (bool)
{
noclaimRedeemDelay = _noclaimRedeemDelay;
return true;
}
function getAllCovers() private view returns (address[] memory) {
return allCovers;
}
function getAllActiveCovers() private view returns (address[] memory) {
return activeCovers;
}
function getCollaterals() private view returns (address[] memory) {
return collaterals;
}
function getExpirationTimestamps() private view returns (uint48[] memory) {
return expirationTimestamps;
}
/// @dev the owner of this contract is ProtocolFactory contract. The owner of ProtocolFactory is dev
function _dev() private view returns (address) {
return IOwnable(owner()).owner();
}
/// @dev generate the cover name. Example: COVER_CURVE_2020_12_31_DAI_0
function _generateCoverName(uint48 _expirationTimestamp, string memory _collateralSymbol)
internal view returns (string memory)
{
return string(abi.encodePacked(
"COVER",
"_",
bytes32ToString(name),
"_",
bytes32ToString(expirationTimestampMap[_expirationTimestamp].name),
"_",
_collateralSymbol,
"_",
uintToString(claimNonce)
));
}
// string helper
function bytes32ToString(bytes32 _bytes32) internal pure returns (string memory) {
uint8 i = 0;
while(i < 32 && _bytes32[i] != 0) {
i++;
}
bytes memory bytesArray = new bytes(i);
for (i = 0; i < 32 && _bytes32[i] != 0; i++) {
bytesArray[i] = _bytes32[i];
}
return string(bytesArray);
}
// string helper
function uintToString(uint256 _i) internal pure returns (string memory _uintAsString) {
if (_i == 0) {
return "0";
}
uint256 j = _i;
uint256 len;
while (j != 0) {
len++;
j /= 10;
}
bytes memory bstr = new bytes(len);
uint256 k = len - 1;
while (_i != 0) {
bstr[k--] = byte(uint8(48 + _i % 10));
_i /= 10;
}
return string(bstr);
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;
import "../interfaces/IERC20.sol";
import "./SafeMath.sol";
import "./Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using SafeMath for uint256;
using Address for address;
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(IERC20 token, address spender, uint256 value) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
// solhint-disable-next-line max-line-length
require((value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 newAllowance = token.allowance(address(this), spender).add(value);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 newAllowance = token.allowance(address(this), spender).sub(value, "SafeERC20: decreased allowance below zero");
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address.functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length > 0) { // Return data is optional
// solhint-disable-next-line max-line-length
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.0;
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant _NOT_ENTERED = 1;
uint256 private constant _ENTERED = 2;
uint256 private _status;
constructor () {
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and make it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
// On the first call to nonReentrant, _notEntered will be true
require(_status != _ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
_;
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
}
// SPDX-License-Identifier: No License
pragma solidity ^0.7.3;
import "./ICoverERC20.sol";
/**
* @title Cover contract interface. See {Cover}.
* @author crypto-pumpkin@github
*/
interface ICover {
event NewCoverERC20(address);
function getCoverDetails()
external view returns (string memory _name, uint48 _expirationTimestamp, address _collateral, uint256 _claimNonce, ICoverERC20 _claimCovToken, ICoverERC20 _noclaimCovToken);
function expirationTimestamp() external view returns (uint48);
function collateral() external view returns (address);
function claimCovToken() external view returns (ICoverERC20);
function noclaimCovToken() external view returns (ICoverERC20);
function name() external view returns (string memory);
function claimNonce() external view returns (uint256);
function redeemClaim() external;
function redeemNoclaim() external;
function redeemCollateral(uint256 _amount) external;
/// @notice access restriction - owner (Protocol)
function mint(uint256 _amount, address _receiver) external;
/// @notice access restriction - dev
function setCovTokenSymbol(string calldata _name) external;
}// SPDX-License-Identifier: No License
pragma solidity ^0.7.3;
import "./IERC20.sol";
/**
* @title CoverERC20 contract interface, implements {IERC20}. See {CoverERC20}.
* @author crypto-pumpkin@github
*/
interface ICoverERC20 is IERC20 {
function burn(uint256 _amount) external returns (bool);
/// @notice access restriction - owner (Cover)
function mint(address _account, uint256 _amount) external returns (bool);
function setSymbol(string calldata _symbol) external returns (bool);
function burnByCover(address _account, uint256 _amount) external returns (bool);
}// SPDX-License-Identifier: No License
pragma solidity ^0.7.3;
import "./proxy/InitializableAdminUpgradeabilityProxy.sol";
import "./utils/Create2.sol";
import "./utils/Initializable.sol";
import "./utils/Ownable.sol";
import "./utils/SafeMath.sol";
import "./utils/SafeERC20.sol";
import "./interfaces/ICover.sol";
import "./interfaces/ICoverERC20.sol";
import "./interfaces/IERC20.sol";
import "./interfaces/IOwnable.sol";
import "./interfaces/IProtocol.sol";
import "./interfaces/IProtocolFactory.sol";
/**
* @title Cover contract
* @author crypto-pumpkin@github
*
* The contract
* - Holds collateral funds
* - Mints and burns CovTokens (CoverERC20)
* - Allows redeem from collateral pool with or without an accepted claim
*/
contract Cover is ICover, Initializable, Ownable {
using SafeMath for uint256;
using SafeERC20 for IERC20;
bytes4 private constant COVERERC20_INIT_SIGNITURE = bytes4(keccak256("initialize(string)"));
uint48 public override expirationTimestamp;
address public override collateral;
ICoverERC20 public override claimCovToken;
ICoverERC20 public override noclaimCovToken;
string public override name;
uint256 public override claimNonce;
modifier onlyNotExpired() {
require(block.timestamp < expirationTimestamp, "COVER: cover expired");
_;
}
/// @dev Initialize, called once
function initialize (
string calldata _name,
uint48 _timestamp,
address _collateral,
uint256 _claimNonce
) public initializer {
name = _name;
expirationTimestamp = _timestamp;
collateral = _collateral;
claimNonce = _claimNonce;
initializeOwner();
claimCovToken = _createCovToken("CLAIM");
noclaimCovToken = _createCovToken("NOCLAIM");
}
function getCoverDetails()
external view override returns (string memory _name, uint48 _expirationTimestamp, address _collateral, uint256 _claimNonce, ICoverERC20 _claimCovToken, ICoverERC20 _noclaimCovToken)
{
return (name, expirationTimestamp, collateral, claimNonce, claimCovToken, noclaimCovToken);
}
/// @notice only owner (covered protocol) can mint, collateral is transfered in Protocol
function mint(uint256 _amount, address _receiver) external override onlyOwner onlyNotExpired {
_noClaimAcceptedCheck(); // save gas than modifier
claimCovToken.mint(_receiver, _amount);
noclaimCovToken.mint(_receiver, _amount);
}
/// @notice redeem CLAIM covToken, only if there is a claim accepted and delayWithClaim period passed
function redeemClaim() external override {
IProtocol protocol = IProtocol(owner());
require(protocol.claimNonce() > claimNonce, "COVER: no claim accepted");
(uint16 _payoutNumerator, uint16 _payoutDenominator, uint48 _incidentTimestamp, uint48 _claimEnactedTimestamp) = _claimDetails();
require(_incidentTimestamp <= expirationTimestamp, "COVER: cover expired before incident");
require(block.timestamp >= uint256(_claimEnactedTimestamp) + protocol.claimRedeemDelay(), "COVER: not ready");
_paySender(
claimCovToken,
uint256(_payoutNumerator),
uint256(_payoutDenominator)
);
}
/**
* @notice redeem NOCLAIM covToken, accept
* - if no claim accepted, cover is expired, and delayWithoutClaim period passed
* - if claim accepted, but payout % < 1, and delayWithClaim period passed
*/
function redeemNoclaim() external override {
IProtocol protocol = IProtocol(owner());
if (protocol.claimNonce() > claimNonce) {
// protocol has an accepted claim
(uint16 _payoutNumerator, uint16 _payoutDenominator, uint48 _incidentTimestamp, uint48 _claimEnactedTimestamp) = _claimDetails();
if (_incidentTimestamp > expirationTimestamp) {
// incident happened after expiration date, redeem back full collateral
require(block.timestamp >= uint256(expirationTimestamp) + protocol.noclaimRedeemDelay(), "COVER: not ready");
_paySender(noclaimCovToken, 1, 1);
} else {
// incident happened before expiration date, pay 1 - payout%
// If claim payout is 100%, nothing is left for NOCLAIM covToken holders
require(_payoutNumerator < _payoutDenominator, "COVER: claim payout 100%");
require(block.timestamp >= uint256(_claimEnactedTimestamp) + protocol.claimRedeemDelay(), "COVER: not ready");
_paySender(
noclaimCovToken,
uint256(_payoutDenominator).sub(uint256(_payoutNumerator)),
uint256(_payoutDenominator)
);
}
} else {
// protocol has no accepted claim
require(block.timestamp >= uint256(expirationTimestamp) + protocol.noclaimRedeemDelay(), "COVER: not ready");
_paySender(noclaimCovToken, 1, 1);
}
}
/// @notice redeem collateral, only when no claim accepted and not expired
function redeemCollateral(uint256 _amount) external override onlyNotExpired {
require(_amount > 0, "COVER: amount is 0");
_noClaimAcceptedCheck(); // save gas than modifier
ICoverERC20 _claimCovToken = claimCovToken; // save gas
ICoverERC20 _noclaimCovToken = noclaimCovToken; // save gas
require(_amount <= _claimCovToken.balanceOf(msg.sender), "COVER: low CLAIM balance");
require(_amount <= _noclaimCovToken.balanceOf(msg.sender), "COVER: low NOCLAIM balance");
_claimCovToken.burnByCover(msg.sender, _amount);
_noclaimCovToken.burnByCover(msg.sender, _amount);
_payCollateral(msg.sender, _amount);
}
/**
* @notice set CovTokenSymbol, will update symbols for both covTokens, only dev account (factory owner)
* For example:
* - COVER_CURVE_2020_12_31_DAI_0
*/
function setCovTokenSymbol(string calldata _name) external override {
require(_dev() == msg.sender, "COVER: not dev");
claimCovToken.setSymbol(string(abi.encodePacked(_name, "_CLAIM")));
noclaimCovToken.setSymbol(string(abi.encodePacked(_name, "_NOCLAIM")));
}
/// @notice the owner of this contract is Protocol contract, the owner of Protocol is ProtocolFactory contract
function _factory() private view returns (address) {
return IOwnable(owner()).owner();
}
// get the claim details for the corresponding nonce from protocol contract
function _claimDetails() private view returns (uint16 _payoutNumerator, uint16 _payoutDenominator, uint48 _incidentTimestamp, uint48 _claimEnactedTimestamp) {
return IProtocol(owner()).claimDetails(claimNonce);
}
/// @notice the owner of ProtocolFactory contract is dev, also see {_factory}
function _dev() private view returns (address) {
return IOwnable(_factory()).owner();
}
/// @notice make sure no claim is accepted
function _noClaimAcceptedCheck() private view {
require(IProtocol(owner()).claimNonce() == claimNonce, "COVER: claim accepted");
}
/// @notice transfer collateral (amount - fee) from this contract to recevier, transfer fee to COVER treasury
function _payCollateral(address _receiver, uint256 _amount) private {
IProtocolFactory factory = IProtocolFactory(_factory());
uint256 redeemFeeNumerator = factory.redeemFeeNumerator();
uint256 redeemFeeDenominator = factory.redeemFeeDenominator();
uint256 fee = _amount.mul(redeemFeeNumerator).div(redeemFeeDenominator);
address treasury = factory.treasury();
IERC20 collateralToken = IERC20(collateral);
collateralToken.transfer(_receiver, _amount.sub(fee));
collateralToken.transfer(treasury, fee);
}
/// @notice burn covToken and pay sender
function _paySender(
ICoverERC20 _covToken,
uint256 _payoutNumerator,
uint256 _payoutDenominator
) private {
require(_payoutNumerator <= _payoutDenominator, "COVER: payout % is > 100%");
require(_payoutNumerator > 0, "COVER: payout % < 0%");
uint256 amount = _covToken.balanceOf(msg.sender);
require(amount > 0, "COVER: low covToken balance");
_covToken.burnByCover(msg.sender, amount);
uint256 payoutAmount = amount.mul(_payoutNumerator).div(_payoutDenominator);
_payCollateral(msg.sender, payoutAmount);
}
/// @dev Emits NewCoverERC20
function _createCovToken(string memory _suffix) private returns (ICoverERC20) {
bytes memory bytecode = type(InitializableAdminUpgradeabilityProxy).creationCode;
bytes32 salt = keccak256(abi.encodePacked(IProtocol(owner()).name(), expirationTimestamp, collateral, claimNonce, _suffix));
address payable proxyAddr = Create2.deploy(0, salt, bytecode);
bytes memory initData = abi.encodeWithSelector(COVERERC20_INIT_SIGNITURE, string(abi.encodePacked(name, "_", _suffix)));
address coverERC20Implementation = IProtocolFactory(_factory()).coverERC20Implementation();
InitializableAdminUpgradeabilityProxy(proxyAddr).initialize(
coverERC20Implementation,
IProtocolFactory(_factory()).governance(),
initData
);
emit NewCoverERC20(proxyAddr);
return ICoverERC20(proxyAddr);
}
}// SPDX-License-Identifier: No License
pragma solidity ^0.7.3;
import "./utils/Initializable.sol";
import "./utils/Ownable.sol";
import "./utils/SafeMath.sol";
import "./interfaces/ICoverERC20.sol";
/**
* @title CoverERC20 implements {ERC20} standards with expended features for COVER
* @author crypto-pumpkin@github
*
* COVER's covToken Features:
* - Has mint and burn by owner (Cover contract) only feature.
* - No limit on the totalSupply.
* - Should only be created from Cover contract. See {Cover}
*/
contract CoverERC20 is ICoverERC20, Initializable, Ownable {
using SafeMath for uint256;
uint8 public constant decimals = 18;
string public constant name = "covToken";
// The symbol of the contract
string public override symbol;
uint256 private _totalSupply;
mapping(address => uint256) private balances;
mapping(address => mapping (address => uint256)) private allowances;
/// @notice Initialize, called once
function initialize (string calldata _symbol) external initializer {
symbol = _symbol;
initializeOwner();
}
/// @notice Standard ERC20 function
function balanceOf(address account) external view override returns (uint256) {
return balances[account];
}
/// @notice Standard ERC20 function
function totalSupply() external view override returns (uint256) {
return _totalSupply;
}
/// @notice Standard ERC20 function
function transfer(address recipient, uint256 amount) external virtual override returns (bool) {
_transfer(msg.sender, recipient, amount);
return true;
}
/// @notice Standard ERC20 function
function allowance(address owner, address spender) external view virtual override returns (uint256) {
return allowances[owner][spender];
}
/// @notice Standard ERC20 function
function approve(address spender, uint256 amount) external virtual override returns (bool) {
_approve(msg.sender, spender, amount);
return true;
}
/// @notice Standard ERC20 function
function transferFrom(address sender, address recipient, uint256 amount)
external virtual override returns (bool)
{
_transfer(sender, recipient, amount);
_approve(sender, msg.sender, allowances[sender][msg.sender].sub(amount, "CoverERC20: transfer amount exceeds allowance"));
return true;
}
/// @notice New ERC20 function
function increaseAllowance(address spender, uint256 addedValue) public virtual override returns (bool) {
_approve(msg.sender, spender, allowances[msg.sender][spender].add(addedValue));
return true;
}
/// @notice New ERC20 function
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual override returns (bool) {
_approve(msg.sender, spender, allowances[msg.sender][spender].sub(subtractedValue, "ERC20: decreased allowance below zero"));
return true;
}
/// @notice COVER specific function
function mint(address _account, uint256 _amount)
external override onlyOwner returns (bool)
{
require(_account != address(0), "CoverERC20: mint to the zero address");
_totalSupply = _totalSupply.add(_amount);
balances[_account] = balances[_account].add(_amount);
emit Transfer(address(0), _account, _amount);
return true;
}
/// @notice COVER specific function
function setSymbol(string calldata _symbol)
external override onlyOwner returns (bool)
{
symbol = _symbol;
return true;
}
/// @notice COVER specific function
function burnByCover(address _account, uint256 _amount) external override onlyOwner returns (bool) {
_burn(_account, _amount);
return true;
}
/// @notice COVER specific function
function burn(uint256 _amount) external override returns (bool) {
_burn(msg.sender, _amount);
return true;
}
function _transfer(address sender, address recipient, uint256 amount) internal {
require(sender != address(0), "CoverERC20: transfer from the zero address");
require(recipient != address(0), "CoverERC20: transfer to the zero address");
balances[sender] = balances[sender].sub(amount, "CoverERC20: transfer amount exceeds balance");
balances[recipient] = balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
function _burn(address account, uint256 amount) internal {
require(account != address(0), "CoverERC20: burn from the zero address");
balances[account] = balances[account].sub(amount, "CoverERC20: burn amount exceeds balance");
_totalSupply = _totalSupply.sub(amount);
emit Transfer(account, address(0), amount);
}
function _approve(address owner, address spender, uint256 amount) internal {
require(owner != address(0), "CoverERC20: approve from the zero address");
require(spender != address(0), "CoverERC20: approve to the zero address");
allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
}
File 4 of 5: Dai
// hevm: flattened sources of /nix/store/8xb41r4qd0cjb63wcrxf1qmfg88p0961-dss-6fd7de0/src/dai.sol
pragma solidity =0.5.12;
////// /nix/store/8xb41r4qd0cjb63wcrxf1qmfg88p0961-dss-6fd7de0/src/lib.sol
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
/* pragma solidity 0.5.12; */
contract LibNote {
event LogNote(
bytes4 indexed sig,
address indexed usr,
bytes32 indexed arg1,
bytes32 indexed arg2,
bytes data
) anonymous;
modifier note {
_;
assembly {
// log an 'anonymous' event with a constant 6 words of calldata
// and four indexed topics: selector, caller, arg1 and arg2
let mark := msize // end of memory ensures zero
mstore(0x40, add(mark, 288)) // update free memory pointer
mstore(mark, 0x20) // bytes type data offset
mstore(add(mark, 0x20), 224) // bytes size (padded)
calldatacopy(add(mark, 0x40), 0, 224) // bytes payload
log4(mark, 288, // calldata
shl(224, shr(224, calldataload(0))), // msg.sig
caller, // msg.sender
calldataload(4), // arg1
calldataload(36) // arg2
)
}
}
}
////// /nix/store/8xb41r4qd0cjb63wcrxf1qmfg88p0961-dss-6fd7de0/src/dai.sol
// Copyright (C) 2017, 2018, 2019 dbrock, rain, mrchico
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.
/* pragma solidity 0.5.12; */
/* import "./lib.sol"; */
contract Dai is LibNote {
// --- Auth ---
mapping (address => uint) public wards;
function rely(address guy) external note auth { wards[guy] = 1; }
function deny(address guy) external note auth { wards[guy] = 0; }
modifier auth {
require(wards[msg.sender] == 1, "Dai/not-authorized");
_;
}
// --- ERC20 Data ---
string public constant name = "Dai Stablecoin";
string public constant symbol = "DAI";
string public constant version = "1";
uint8 public constant decimals = 18;
uint256 public totalSupply;
mapping (address => uint) public balanceOf;
mapping (address => mapping (address => uint)) public allowance;
mapping (address => uint) public nonces;
event Approval(address indexed src, address indexed guy, uint wad);
event Transfer(address indexed src, address indexed dst, uint wad);
// --- Math ---
function add(uint x, uint y) internal pure returns (uint z) {
require((z = x + y) >= x);
}
function sub(uint x, uint y) internal pure returns (uint z) {
require((z = x - y) <= x);
}
// --- EIP712 niceties ---
bytes32 public DOMAIN_SEPARATOR;
// bytes32 public constant PERMIT_TYPEHASH = keccak256("Permit(address holder,address spender,uint256 nonce,uint256 expiry,bool allowed)");
bytes32 public constant PERMIT_TYPEHASH = 0xea2aa0a1be11a07ed86d755c93467f4f82362b452371d1ba94d1715123511acb;
constructor(uint256 chainId_) public {
wards[msg.sender] = 1;
DOMAIN_SEPARATOR = keccak256(abi.encode(
keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"),
keccak256(bytes(name)),
keccak256(bytes(version)),
chainId_,
address(this)
));
}
// --- Token ---
function transfer(address dst, uint wad) external returns (bool) {
return transferFrom(msg.sender, dst, wad);
}
function transferFrom(address src, address dst, uint wad)
public returns (bool)
{
require(balanceOf[src] >= wad, "Dai/insufficient-balance");
if (src != msg.sender && allowance[src][msg.sender] != uint(-1)) {
require(allowance[src][msg.sender] >= wad, "Dai/insufficient-allowance");
allowance[src][msg.sender] = sub(allowance[src][msg.sender], wad);
}
balanceOf[src] = sub(balanceOf[src], wad);
balanceOf[dst] = add(balanceOf[dst], wad);
emit Transfer(src, dst, wad);
return true;
}
function mint(address usr, uint wad) external auth {
balanceOf[usr] = add(balanceOf[usr], wad);
totalSupply = add(totalSupply, wad);
emit Transfer(address(0), usr, wad);
}
function burn(address usr, uint wad) external {
require(balanceOf[usr] >= wad, "Dai/insufficient-balance");
if (usr != msg.sender && allowance[usr][msg.sender] != uint(-1)) {
require(allowance[usr][msg.sender] >= wad, "Dai/insufficient-allowance");
allowance[usr][msg.sender] = sub(allowance[usr][msg.sender], wad);
}
balanceOf[usr] = sub(balanceOf[usr], wad);
totalSupply = sub(totalSupply, wad);
emit Transfer(usr, address(0), wad);
}
function approve(address usr, uint wad) external returns (bool) {
allowance[msg.sender][usr] = wad;
emit Approval(msg.sender, usr, wad);
return true;
}
// --- Alias ---
function push(address usr, uint wad) external {
transferFrom(msg.sender, usr, wad);
}
function pull(address usr, uint wad) external {
transferFrom(usr, msg.sender, wad);
}
function move(address src, address dst, uint wad) external {
transferFrom(src, dst, wad);
}
// --- Approve by signature ---
function permit(address holder, address spender, uint256 nonce, uint256 expiry,
bool allowed, uint8 v, bytes32 r, bytes32 s) external
{
bytes32 digest =
keccak256(abi.encodePacked(
"\x19\x01",
DOMAIN_SEPARATOR,
keccak256(abi.encode(PERMIT_TYPEHASH,
holder,
spender,
nonce,
expiry,
allowed))
));
require(holder != address(0), "Dai/invalid-address-0");
require(holder == ecrecover(digest, v, r, s), "Dai/invalid-permit");
require(expiry == 0 || now <= expiry, "Dai/permit-expired");
require(nonce == nonces[holder]++, "Dai/invalid-nonce");
uint wad = allowed ? uint(-1) : 0;
allowance[holder][spender] = wad;
emit Approval(holder, spender, wad);
}
}File 5 of 5: CoverERC20
// SPDX-License-Identifier
pragma solidity ^0.7.3;
/**
* @title Interface of Ownable
*/
interface IOwnable {
function owner() external view returns (address);
}
// SPDX-License-Identifier
pragma solidity ^0.7.3;
/**
* @title Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
event Transfer(address indexed from, address indexed to, uint256 value);
event Approval(address indexed owner, address indexed spender, uint256 value);
function symbol() external view returns (string memory);
function balanceOf(address account) external view returns (uint256);
function transfer(address recipient, uint256 amount) external returns (bool);
function approve(address spender, uint256 amount) external returns (bool);
function allowance(address owner, address spender) external view returns (uint256);
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
function totalSupply() external view returns (uint256);
function increaseAllowance(address spender, uint256 addedValue) external returns (bool);
function decreaseAllowance(address spender, uint256 subtractedValue) external returns (bool);
}
// SPDX-License-Identifier
pragma solidity ^0.7.3;
/**
* @title CoverERC20 contract interface, implements {IERC20}. See {CoverERC20}.
* @author crypto-pumpkin@github
*/
interface ICoverERC20 is IERC20 {
function burn(uint256 _amount) external returns (bool);
/// @notice access restriction - owner (Cover)
function mint(address _account, uint256 _amount) external returns (bool);
function setSymbol(string calldata _symbol) external returns (bool);
function burnByCover(address _account, uint256 _amount) external returns (bool);
}
// SPDX-License-Identifier
pragma solidity ^0.7.3;
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
*
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
*
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b > 0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b != 0, errorMessage);
return a % b;
}
}
// SPDX-License-Identifier
// solhint-disable-next-line compiler-version
pragma solidity ^0.7.3;
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since a proxied contract can't have a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {UpgradeableProxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*/
abstract contract Initializable {
/**
* @dev Indicates that the contract has been initialized.
*/
bool private _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool private _initializing;
/**
* @dev Modifier to protect an initializer function from being invoked twice.
*/
modifier initializer() {
require(_initializing || _isConstructor() || !_initialized, "Initializable: contract is already initialized");
bool isTopLevelCall = !_initializing;
if (isTopLevelCall) {
_initializing = true;
_initialized = true;
}
_;
if (isTopLevelCall) {
_initializing = false;
}
}
/// @dev Returns true if and only if the function is running in the constructor
function _isConstructor() private view returns (bool) {
// extcodesize checks the size of the code stored in an address, and
// address returns the current address. Since the code is still not
// deployed when running a constructor, any checks on its code size will
// yield zero, making it an effective way to detect if a contract is
// under construction or not.
address self = address(this);
uint256 cs;
// solhint-disable-next-line no-inline-assembly
assembly { cs := extcodesize(self) }
return cs == 0;
}
}
// SPDX-License-Identifier
pragma solidity ^0.7.3;
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
* @author crypto-pumpkin@github
*
* By initialization, the owner account will be the one that called initializeOwner. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
contract Ownable is Initializable {
address private _owner;
address private _newOwner;
event OwnershipTransferInitiated(address indexed previousOwner, address indexed newOwner);
event OwnershipTransferCompleted(address indexed previousOwner, address indexed newOwner);
/**
* @dev COVER: Initializes the contract setting the deployer as the initial owner.
*/
function initializeOwner() internal initializer {
_owner = msg.sender;
emit OwnershipTransferCompleted(address(0), _owner);
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view returns (address) {
return _owner;
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
require(_owner == msg.sender, "Ownable: caller is not the owner");
_;
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
emit OwnershipTransferInitiated(_owner, newOwner);
_newOwner = newOwner;
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function claimOwnership() public virtual {
require(_newOwner == msg.sender, "Ownable: caller is not the owner");
emit OwnershipTransferCompleted(_owner, _newOwner);
_owner = _newOwner;
}
}
// SPDX-License-Identifier
pragma solidity ^0.7.3;
/**
* @title CoverERC20 implements {ERC20} standards with expended features for COVER
* @author crypto-pumpkin@github
*
* COVER's covToken Features:
* - Has mint and burn by owner (Cover contract) only feature.
* - No limit on the totalSupply.
* - Should only be created from Cover contract. See {Cover}
*/
contract CoverERC20 is ICoverERC20, Initializable, Ownable {
using SafeMath for uint256;
uint8 public constant decimals = 18;
string public constant name = "covToken";
// The symbol of the contract
string public override symbol;
uint256 private _totalSupply;
mapping(address => uint256) private balances;
mapping(address => mapping (address => uint256)) private allowances;
/// @notice Initialize, called once
function initialize (string calldata _symbol) external initializer {
symbol = _symbol;
initializeOwner();
}
/// @notice Standard ERC20 function
function balanceOf(address account) external view override returns (uint256) {
return balances[account];
}
/// @notice Standard ERC20 function
function totalSupply() external view override returns (uint256) {
return _totalSupply;
}
/// @notice Standard ERC20 function
function transfer(address recipient, uint256 amount) external virtual override returns (bool) {
_transfer(msg.sender, recipient, amount);
return true;
}
/// @notice Standard ERC20 function
function allowance(address owner, address spender) external view virtual override returns (uint256) {
return allowances[owner][spender];
}
/// @notice Standard ERC20 function
function approve(address spender, uint256 amount) external virtual override returns (bool) {
_approve(msg.sender, spender, amount);
return true;
}
/// @notice Standard ERC20 function
function transferFrom(address sender, address recipient, uint256 amount)
external virtual override returns (bool)
{
_transfer(sender, recipient, amount);
_approve(sender, msg.sender, allowances[sender][msg.sender].sub(amount, "CoverERC20: transfer amount exceeds allowance"));
return true;
}
/// @notice New ERC20 function
function increaseAllowance(address spender, uint256 addedValue) public virtual override returns (bool) {
_approve(msg.sender, spender, allowances[msg.sender][spender].add(addedValue));
return true;
}
/// @notice New ERC20 function
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual override returns (bool) {
_approve(msg.sender, spender, allowances[msg.sender][spender].sub(subtractedValue, "ERC20: decreased allowance below zero"));
return true;
}
/// @notice COVER specific function
function mint(address _account, uint256 _amount)
external override onlyOwner returns (bool)
{
require(_account != address(0), "CoverERC20: mint to the zero address");
_totalSupply = _totalSupply.add(_amount);
balances[_account] = balances[_account].add(_amount);
emit Transfer(address(0), _account, _amount);
return true;
}
/// @notice COVER specific function
function setSymbol(string calldata _symbol)
external override onlyOwner returns (bool)
{
symbol = _symbol;
return true;
}
/// @notice COVER specific function
function burnByCover(address _account, uint256 _amount) external override onlyOwner returns (bool) {
_burn(_account, _amount);
return true;
}
/// @notice COVER specific function
function burn(uint256 _amount) external override returns (bool) {
_burn(msg.sender, _amount);
return true;
}
function _transfer(address sender, address recipient, uint256 amount) internal {
require(sender != address(0), "CoverERC20: transfer from the zero address");
require(recipient != address(0), "CoverERC20: transfer to the zero address");
balances[sender] = balances[sender].sub(amount, "CoverERC20: transfer amount exceeds balance");
balances[recipient] = balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
function _burn(address account, uint256 amount) internal {
require(account != address(0), "CoverERC20: burn from the zero address");
balances[account] = balances[account].sub(amount, "CoverERC20: burn amount exceeds balance");
_totalSupply = _totalSupply.sub(amount);
emit Transfer(account, address(0), amount);
}
function _approve(address owner, address spender, uint256 amount) internal {
require(owner != address(0), "CoverERC20: approve from the zero address");
require(spender != address(0), "CoverERC20: approve to the zero address");
allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
}