Transaction Hash:
Block:
18814788 at Dec-18-2023 06:55:23 PM +UTC
Transaction Fee:
0.008448457198623222 ETH
$20.69
Gas Used:
138,479 Gas / 61.008941418 Gwei
Emitted Events:
| 187 |
GenesisNft.Transfer( from=0x28c0647db1ae7bec8108ed5ec20ed6e48b74c792, to=[Sender] 0x704757c3ea3023ecc5273accd54d95b2db2c25ec, tokenId=127 )
|
| 188 |
ERC1967Proxy.0x1d5e12b51dee5e4d34434576c3fb99714a85f57b0fd546ada4b0bddd736d12b2( 0x1d5e12b51dee5e4d34434576c3fb99714a85f57b0fd546ada4b0bddd736d12b2, df97682f19e8054be5f1134cffec740ff150af4ba71e1f21b4799368f91e6f53, 000000000000000000007f0028c0647db1ae7bec8108ed5ec20ed6e48b74c792, 0000000000c698c0faf1c000df284759f3689ee82a42c9565003ed0c44444444 )
|
Account State Difference:
| Address | Before | After | State Difference | ||
|---|---|---|---|---|---|
| 0x28c0647d...48b74c792 | 0.066443768703790556 Eth | 0.122343768703790556 Eth | 0.0559 | ||
| 0x704757C3...2DB2C25ec |
0.079664218324101223 Eth
Nonce: 1528
|
0.015315761125478001 Eth
Nonce: 1529
| 0.064348457198623222 | ||
|
0x95222290...5CC4BAfe5
Miner
| (beaverbuild) | 6.622196678290290836 Eth | 6.622473636290290836 Eth | 0.000276958 | |
| 0xb2ecfE4E...e2410CEA5 | (Blur.io: Marketplace 3) | ||||
| 0xdf284759...C44444444 |
Execution Trace
ETH 0.0559
ERC1967Proxy.70bce2d6( )
ETH 0.0559
BlurExchangeV2.takeAskSingle( )-
Null: 0x000...001.94d03a40( ) -
Null: 0x000...001.71d81a33( ) Delegate.transfer( taker=0x704757C3EA3023ECC5273AccD54D95b2DB2C25ec, orderType=0, transfers=, length=1 ) => ( successful=[true] )-
GenesisNft.safeTransferFrom( from=0x28c0647db1Ae7Bec8108ED5ec20Ed6e48b74c792, to=0x704757C3EA3023ECC5273AccD54D95b2DB2C25ec, tokenId=127 )
-
- ETH 0.0559
0x28c0647db1ae7bec8108ed5ec20ed6e48b74c792.CALL( )
-
takeAskSingle[BlurExchangeV2 (ln:155)]
_takeAskSingle[BlurExchangeV2 (ln:164)]Fees[BlurExchangeV2 (ln:232)]_validateOrderAndListing[BlurExchangeV2 (ln:236)]InvalidOrder[BlurExchangeV2 (ln:237)]_initializeSingleExecution[BlurExchangeV2 (ln:240)]_insertNonfungibleTransfer[BlurExchangeV2 (ln:544)]
_executeNonfungibleTransfers[BlurExchangeV2 (ln:253)]TokenTransferFailed[BlurExchangeV2 (ln:255)]_computeFees[BlurExchangeV2 (ln:263)]InsufficientFunds[BlurExchangeV2 (ln:267)]_transferETH[BlurExchangeV2 (ln:271)]_transferETH[BlurExchangeV2 (ln:272)]_transferETH[BlurExchangeV2 (ln:273)]_transferETH[BlurExchangeV2 (ln:275)]_emitExecutionEvent[BlurExchangeV2 (ln:277)]_transferETH[BlurExchangeV2 (ln:279)]
_hashCalldata[BlurExchangeV2 (ln:162)]
File 1 of 4: ERC1967Proxy
File 2 of 4: GenesisNft
File 3 of 4: BlurExchangeV2
File 4 of 4: Delegate
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/ERC1967/ERC1967Proxy.sol)
pragma solidity 0.8.17;
import "lib/openzeppelin-contracts/contracts/proxy/Proxy.sol";
import "lib/openzeppelin-contracts/contracts/proxy/ERC1967/ERC1967Upgrade.sol";
/**
* @dev This contract implements an upgradeable proxy. It is upgradeable because calls are delegated to an
* implementation address that can be changed. This address is stored in storage in the location specified by
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967], so that it doesn't conflict with the storage layout of the
* implementation behind the proxy.
*/
contract ERC1967Proxy is Proxy, ERC1967Upgrade {
/**
* @dev Initializes the upgradeable proxy with an initial implementation specified by `_logic`.
*
* If `_data` is nonempty, it's used as data in a delegate call to `_logic`. This will typically be an encoded
* function call, and allows initializating the storage of the proxy like a Solidity constructor.
*/
constructor(address _logic, bytes memory _data) payable {
assert(_IMPLEMENTATION_SLOT == bytes32(uint256(keccak256("eip1967.proxy.implementation")) - 1));
_upgradeToAndCall(_logic, _data, false);
}
/**
* @dev Returns the current implementation address.
*/
function _implementation() internal view virtual override returns (address impl) {
return ERC1967Upgrade._getImplementation();
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (proxy/Proxy.sol)
pragma solidity ^0.8.0;
/**
* @dev This abstract contract provides a fallback function that delegates all calls to another contract using the EVM
* instruction `delegatecall`. We refer to the second contract as the _implementation_ behind the proxy, and it has to
* be specified by overriding the virtual {_implementation} function.
*
* Additionally, delegation to the implementation can be triggered manually through the {_fallback} function, or to a
* different contract through the {_delegate} function.
*
* The success and return data of the delegated call will be returned back to the caller of the proxy.
*/
abstract contract Proxy {
/**
* @dev Delegates the current call to `implementation`.
*
* This function does not return to its internal call site, it will return directly to the external caller.
*/
function _delegate(address implementation) internal virtual {
assembly {
// Copy msg.data. We take full control of memory in this inline assembly
// block because it will not return to Solidity code. We overwrite the
// Solidity scratch pad at memory position 0.
calldatacopy(0, 0, calldatasize())
// Call the implementation.
// out and outsize are 0 because we don't know the size yet.
let result := delegatecall(gas(), implementation, 0, calldatasize(), 0, 0)
// Copy the returned data.
returndatacopy(0, 0, returndatasize())
switch result
// delegatecall returns 0 on error.
case 0 {
revert(0, returndatasize())
}
default {
return(0, returndatasize())
}
}
}
/**
* @dev This is a virtual function that should be overridden so it returns the address to which the fallback function
* and {_fallback} should delegate.
*/
function _implementation() internal view virtual returns (address);
/**
* @dev Delegates the current call to the address returned by `_implementation()`.
*
* This function does not return to its internal call site, it will return directly to the external caller.
*/
function _fallback() internal virtual {
_beforeFallback();
_delegate(_implementation());
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if no other
* function in the contract matches the call data.
*/
fallback() external payable virtual {
_fallback();
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if call data
* is empty.
*/
receive() external payable virtual {
_fallback();
}
/**
* @dev Hook that is called before falling back to the implementation. Can happen as part of a manual `_fallback`
* call, or as part of the Solidity `fallback` or `receive` functions.
*
* If overridden should call `super._beforeFallback()`.
*/
function _beforeFallback() internal virtual {}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.3) (proxy/ERC1967/ERC1967Upgrade.sol)
pragma solidity ^0.8.2;
import "../beacon/IBeacon.sol";
import "../../interfaces/IERC1967.sol";
import "../../interfaces/draft-IERC1822.sol";
import "../../utils/Address.sol";
import "../../utils/StorageSlot.sol";
/**
* @dev This abstract contract provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots.
*
* _Available since v4.1._
*/
abstract contract ERC1967Upgrade is IERC1967 {
// This is the keccak-256 hash of "eip1967.proxy.rollback" subtracted by 1
bytes32 private constant _ROLLBACK_SLOT = 0x4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd9143;
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Returns the current implementation address.
*/
function _getImplementation() internal view returns (address) {
return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/
function _setImplementation(address newImplementation) private {
require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
}
/**
* @dev Perform implementation upgrade
*
* Emits an {Upgraded} event.
*/
function _upgradeTo(address newImplementation) internal {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Perform implementation upgrade with additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCall(address newImplementation, bytes memory data, bool forceCall) internal {
_upgradeTo(newImplementation);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(newImplementation, data);
}
}
/**
* @dev Perform implementation upgrade with security checks for UUPS proxies, and additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCallUUPS(address newImplementation, bytes memory data, bool forceCall) internal {
// Upgrades from old implementations will perform a rollback test. This test requires the new
// implementation to upgrade back to the old, non-ERC1822 compliant, implementation. Removing
// this special case will break upgrade paths from old UUPS implementation to new ones.
if (StorageSlot.getBooleanSlot(_ROLLBACK_SLOT).value) {
_setImplementation(newImplementation);
} else {
try IERC1822Proxiable(newImplementation).proxiableUUID() returns (bytes32 slot) {
require(slot == _IMPLEMENTATION_SLOT, "ERC1967Upgrade: unsupported proxiableUUID");
} catch {
revert("ERC1967Upgrade: new implementation is not UUPS");
}
_upgradeToAndCall(newImplementation, data, forceCall);
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Returns the current admin.
*/
function _getAdmin() internal view returns (address) {
return StorageSlot.getAddressSlot(_ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 admin slot.
*/
function _setAdmin(address newAdmin) private {
require(newAdmin != address(0), "ERC1967: new admin is the zero address");
StorageSlot.getAddressSlot(_ADMIN_SLOT).value = newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*/
function _changeAdmin(address newAdmin) internal {
emit AdminChanged(_getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is bytes32(uint256(keccak256('eip1967.proxy.beacon')) - 1)) and is validated in the constructor.
*/
bytes32 internal constant _BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Returns the current beacon.
*/
function _getBeacon() internal view returns (address) {
return StorageSlot.getAddressSlot(_BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the EIP1967 beacon slot.
*/
function _setBeacon(address newBeacon) private {
require(Address.isContract(newBeacon), "ERC1967: new beacon is not a contract");
require(
Address.isContract(IBeacon(newBeacon).implementation()),
"ERC1967: beacon implementation is not a contract"
);
StorageSlot.getAddressSlot(_BEACON_SLOT).value = newBeacon;
}
/**
* @dev Perform beacon upgrade with additional setup call. Note: This upgrades the address of the beacon, it does
* not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that).
*
* Emits a {BeaconUpgraded} event.
*/
function _upgradeBeaconToAndCall(address newBeacon, bytes memory data, bool forceCall) internal {
_setBeacon(newBeacon);
emit BeaconUpgraded(newBeacon);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(IBeacon(newBeacon).implementation(), data);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/beacon/IBeacon.sol)
pragma solidity ^0.8.0;
/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/
interface IBeacon {
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {BeaconProxy} will check that this address is a contract.
*/
function implementation() external view returns (address);
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/**
* @dev ERC-1967: Proxy Storage Slots. This interface contains the events defined in the ERC.
*
* _Available since v4.8.3._
*/
interface IERC1967 {
/**
* @dev Emitted when the implementation is upgraded.
*/
event Upgraded(address indexed implementation);
/**
* @dev Emitted when the admin account has changed.
*/
event AdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Emitted when the beacon is changed.
*/
event BeaconUpgraded(address indexed beacon);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (interfaces/draft-IERC1822.sol)
pragma solidity ^0.8.0;
/**
* @dev ERC1822: Universal Upgradeable Proxy Standard (UUPS) documents a method for upgradeability through a simplified
* proxy whose upgrades are fully controlled by the current implementation.
*/
interface IERC1822Proxiable {
/**
* @dev Returns the storage slot that the proxiable contract assumes is being used to store the implementation
* address.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy.
*/
function proxiableUUID() external view returns (bytes32);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (utils/StorageSlot.sol)
// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.
pragma solidity ^0.8.0;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```solidity
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, `uint256`._
* _Available since v4.9 for `string`, `bytes`._
*/
library StorageSlot {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
struct StringSlot {
string value;
}
struct BytesSlot {
bytes value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` with member `value` located at `slot`.
*/
function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` representation of the string storage pointer `store`.
*/
function getStringSlot(string storage store) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
/**
* @dev Returns an `BytesSlot` with member `value` located at `slot`.
*/
function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.
*/
function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
}
File 2 of 4: GenesisNft
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (interfaces/IERC165.sol)
pragma solidity ^0.8.0;
import "../utils/introspection/IERC165.sol";
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (interfaces/IERC20.sol)
pragma solidity ^0.8.0;
import "../token/ERC20/IERC20.sol";
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (interfaces/IERC4906.sol)
pragma solidity ^0.8.0;
import "./IERC165.sol";
import "./IERC721.sol";
/// @title EIP-721 Metadata Update Extension
interface IERC4906 is IERC165, IERC721 {
/// @dev This event emits when the metadata of a token is changed.
/// So that the third-party platforms such as NFT market could
/// timely update the images and related attributes of the NFT.
event MetadataUpdate(uint256 _tokenId);
/// @dev This event emits when the metadata of a range of tokens is changed.
/// So that the third-party platforms such as NFT market could
/// timely update the images and related attributes of the NFTs.
event BatchMetadataUpdate(uint256 _fromTokenId, uint256 _toTokenId);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (interfaces/IERC5267.sol)
pragma solidity ^0.8.0;
interface IERC5267 {
/**
* @dev MAY be emitted to signal that the domain could have changed.
*/
event EIP712DomainChanged();
/**
* @dev returns the fields and values that describe the domain separator used by this contract for EIP-712
* signature.
*/
function eip712Domain()
external
view
returns (
bytes1 fields,
string memory name,
string memory version,
uint256 chainId,
address verifyingContract,
bytes32 salt,
uint256[] memory extensions
);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (interfaces/IERC721.sol)
pragma solidity ^0.8.0;
import "../token/ERC721/IERC721.sol";
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 amount) external returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC721/ERC721.sol)
pragma solidity ^0.8.0;
import "./IERC721.sol";
import "./IERC721Receiver.sol";
import "./extensions/IERC721Metadata.sol";
import "../../utils/Address.sol";
import "../../utils/Context.sol";
import "../../utils/Strings.sol";
import "../../utils/introspection/ERC165.sol";
/**
* @dev Implementation of https://eips.ethereum.org/EIPS/eip-721[ERC721] Non-Fungible Token Standard, including
* the Metadata extension, but not including the Enumerable extension, which is available separately as
* {ERC721Enumerable}.
*/
contract ERC721 is Context, ERC165, IERC721, IERC721Metadata {
using Address for address;
using Strings for uint256;
// Token name
string private _name;
// Token symbol
string private _symbol;
// Mapping from token ID to owner address
mapping(uint256 => address) private _owners;
// Mapping owner address to token count
mapping(address => uint256) private _balances;
// Mapping from token ID to approved address
mapping(uint256 => address) private _tokenApprovals;
// Mapping from owner to operator approvals
mapping(address => mapping(address => bool)) private _operatorApprovals;
/**
* @dev Initializes the contract by setting a `name` and a `symbol` to the token collection.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual override(ERC165, IERC165) returns (bool) {
return
interfaceId == type(IERC721).interfaceId ||
interfaceId == type(IERC721Metadata).interfaceId ||
super.supportsInterface(interfaceId);
}
/**
* @dev See {IERC721-balanceOf}.
*/
function balanceOf(address owner) public view virtual override returns (uint256) {
require(owner != address(0), "ERC721: address zero is not a valid owner");
return _balances[owner];
}
/**
* @dev See {IERC721-ownerOf}.
*/
function ownerOf(uint256 tokenId) public view virtual override returns (address) {
address owner = _ownerOf(tokenId);
require(owner != address(0), "ERC721: invalid token ID");
return owner;
}
/**
* @dev See {IERC721Metadata-name}.
*/
function name() public view virtual override returns (string memory) {
return _name;
}
/**
* @dev See {IERC721Metadata-symbol}.
*/
function symbol() public view virtual override returns (string memory) {
return _symbol;
}
/**
* @dev See {IERC721Metadata-tokenURI}.
*/
function tokenURI(uint256 tokenId) public view virtual override returns (string memory) {
_requireMinted(tokenId);
string memory baseURI = _baseURI();
return bytes(baseURI).length > 0 ? string(abi.encodePacked(baseURI, tokenId.toString())) : "";
}
/**
* @dev Base URI for computing {tokenURI}. If set, the resulting URI for each
* token will be the concatenation of the `baseURI` and the `tokenId`. Empty
* by default, can be overridden in child contracts.
*/
function _baseURI() internal view virtual returns (string memory) {
return "";
}
/**
* @dev See {IERC721-approve}.
*/
function approve(address to, uint256 tokenId) public virtual override {
address owner = ERC721.ownerOf(tokenId);
require(to != owner, "ERC721: approval to current owner");
require(
_msgSender() == owner || isApprovedForAll(owner, _msgSender()),
"ERC721: approve caller is not token owner or approved for all"
);
_approve(to, tokenId);
}
/**
* @dev See {IERC721-getApproved}.
*/
function getApproved(uint256 tokenId) public view virtual override returns (address) {
_requireMinted(tokenId);
return _tokenApprovals[tokenId];
}
/**
* @dev See {IERC721-setApprovalForAll}.
*/
function setApprovalForAll(address operator, bool approved) public virtual override {
_setApprovalForAll(_msgSender(), operator, approved);
}
/**
* @dev See {IERC721-isApprovedForAll}.
*/
function isApprovedForAll(address owner, address operator) public view virtual override returns (bool) {
return _operatorApprovals[owner][operator];
}
/**
* @dev See {IERC721-transferFrom}.
*/
function transferFrom(address from, address to, uint256 tokenId) public virtual override {
//solhint-disable-next-line max-line-length
require(_isApprovedOrOwner(_msgSender(), tokenId), "ERC721: caller is not token owner or approved");
_transfer(from, to, tokenId);
}
/**
* @dev See {IERC721-safeTransferFrom}.
*/
function safeTransferFrom(address from, address to, uint256 tokenId) public virtual override {
safeTransferFrom(from, to, tokenId, "");
}
/**
* @dev See {IERC721-safeTransferFrom}.
*/
function safeTransferFrom(address from, address to, uint256 tokenId, bytes memory data) public virtual override {
require(_isApprovedOrOwner(_msgSender(), tokenId), "ERC721: caller is not token owner or approved");
_safeTransfer(from, to, tokenId, data);
}
/**
* @dev Safely transfers `tokenId` token from `from` to `to`, checking first that contract recipients
* are aware of the ERC721 protocol to prevent tokens from being forever locked.
*
* `data` is additional data, it has no specified format and it is sent in call to `to`.
*
* This internal function is equivalent to {safeTransferFrom}, and can be used to e.g.
* implement alternative mechanisms to perform token transfer, such as signature-based.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must exist and be owned by `from`.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer.
*
* Emits a {Transfer} event.
*/
function _safeTransfer(address from, address to, uint256 tokenId, bytes memory data) internal virtual {
_transfer(from, to, tokenId);
require(_checkOnERC721Received(from, to, tokenId, data), "ERC721: transfer to non ERC721Receiver implementer");
}
/**
* @dev Returns the owner of the `tokenId`. Does NOT revert if token doesn't exist
*/
function _ownerOf(uint256 tokenId) internal view virtual returns (address) {
return _owners[tokenId];
}
/**
* @dev Returns whether `tokenId` exists.
*
* Tokens can be managed by their owner or approved accounts via {approve} or {setApprovalForAll}.
*
* Tokens start existing when they are minted (`_mint`),
* and stop existing when they are burned (`_burn`).
*/
function _exists(uint256 tokenId) internal view virtual returns (bool) {
return _ownerOf(tokenId) != address(0);
}
/**
* @dev Returns whether `spender` is allowed to manage `tokenId`.
*
* Requirements:
*
* - `tokenId` must exist.
*/
function _isApprovedOrOwner(address spender, uint256 tokenId) internal view virtual returns (bool) {
address owner = ERC721.ownerOf(tokenId);
return (spender == owner || isApprovedForAll(owner, spender) || getApproved(tokenId) == spender);
}
/**
* @dev Safely mints `tokenId` and transfers it to `to`.
*
* Requirements:
*
* - `tokenId` must not exist.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer.
*
* Emits a {Transfer} event.
*/
function _safeMint(address to, uint256 tokenId) internal virtual {
_safeMint(to, tokenId, "");
}
/**
* @dev Same as {xref-ERC721-_safeMint-address-uint256-}[`_safeMint`], with an additional `data` parameter which is
* forwarded in {IERC721Receiver-onERC721Received} to contract recipients.
*/
function _safeMint(address to, uint256 tokenId, bytes memory data) internal virtual {
_mint(to, tokenId);
require(
_checkOnERC721Received(address(0), to, tokenId, data),
"ERC721: transfer to non ERC721Receiver implementer"
);
}
/**
* @dev Mints `tokenId` and transfers it to `to`.
*
* WARNING: Usage of this method is discouraged, use {_safeMint} whenever possible
*
* Requirements:
*
* - `tokenId` must not exist.
* - `to` cannot be the zero address.
*
* Emits a {Transfer} event.
*/
function _mint(address to, uint256 tokenId) internal virtual {
require(to != address(0), "ERC721: mint to the zero address");
require(!_exists(tokenId), "ERC721: token already minted");
_beforeTokenTransfer(address(0), to, tokenId, 1);
// Check that tokenId was not minted by `_beforeTokenTransfer` hook
require(!_exists(tokenId), "ERC721: token already minted");
unchecked {
// Will not overflow unless all 2**256 token ids are minted to the same owner.
// Given that tokens are minted one by one, it is impossible in practice that
// this ever happens. Might change if we allow batch minting.
// The ERC fails to describe this case.
_balances[to] += 1;
}
_owners[tokenId] = to;
emit Transfer(address(0), to, tokenId);
_afterTokenTransfer(address(0), to, tokenId, 1);
}
/**
* @dev Destroys `tokenId`.
* The approval is cleared when the token is burned.
* This is an internal function that does not check if the sender is authorized to operate on the token.
*
* Requirements:
*
* - `tokenId` must exist.
*
* Emits a {Transfer} event.
*/
function _burn(uint256 tokenId) internal virtual {
address owner = ERC721.ownerOf(tokenId);
_beforeTokenTransfer(owner, address(0), tokenId, 1);
// Update ownership in case tokenId was transferred by `_beforeTokenTransfer` hook
owner = ERC721.ownerOf(tokenId);
// Clear approvals
delete _tokenApprovals[tokenId];
unchecked {
// Cannot overflow, as that would require more tokens to be burned/transferred
// out than the owner initially received through minting and transferring in.
_balances[owner] -= 1;
}
delete _owners[tokenId];
emit Transfer(owner, address(0), tokenId);
_afterTokenTransfer(owner, address(0), tokenId, 1);
}
/**
* @dev Transfers `tokenId` from `from` to `to`.
* As opposed to {transferFrom}, this imposes no restrictions on msg.sender.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - `tokenId` token must be owned by `from`.
*
* Emits a {Transfer} event.
*/
function _transfer(address from, address to, uint256 tokenId) internal virtual {
require(ERC721.ownerOf(tokenId) == from, "ERC721: transfer from incorrect owner");
require(to != address(0), "ERC721: transfer to the zero address");
_beforeTokenTransfer(from, to, tokenId, 1);
// Check that tokenId was not transferred by `_beforeTokenTransfer` hook
require(ERC721.ownerOf(tokenId) == from, "ERC721: transfer from incorrect owner");
// Clear approvals from the previous owner
delete _tokenApprovals[tokenId];
unchecked {
// `_balances[from]` cannot overflow for the same reason as described in `_burn`:
// `from`'s balance is the number of token held, which is at least one before the current
// transfer.
// `_balances[to]` could overflow in the conditions described in `_mint`. That would require
// all 2**256 token ids to be minted, which in practice is impossible.
_balances[from] -= 1;
_balances[to] += 1;
}
_owners[tokenId] = to;
emit Transfer(from, to, tokenId);
_afterTokenTransfer(from, to, tokenId, 1);
}
/**
* @dev Approve `to` to operate on `tokenId`
*
* Emits an {Approval} event.
*/
function _approve(address to, uint256 tokenId) internal virtual {
_tokenApprovals[tokenId] = to;
emit Approval(ERC721.ownerOf(tokenId), to, tokenId);
}
/**
* @dev Approve `operator` to operate on all of `owner` tokens
*
* Emits an {ApprovalForAll} event.
*/
function _setApprovalForAll(address owner, address operator, bool approved) internal virtual {
require(owner != operator, "ERC721: approve to caller");
_operatorApprovals[owner][operator] = approved;
emit ApprovalForAll(owner, operator, approved);
}
/**
* @dev Reverts if the `tokenId` has not been minted yet.
*/
function _requireMinted(uint256 tokenId) internal view virtual {
require(_exists(tokenId), "ERC721: invalid token ID");
}
/**
* @dev Internal function to invoke {IERC721Receiver-onERC721Received} on a target address.
* The call is not executed if the target address is not a contract.
*
* @param from address representing the previous owner of the given token ID
* @param to target address that will receive the tokens
* @param tokenId uint256 ID of the token to be transferred
* @param data bytes optional data to send along with the call
* @return bool whether the call correctly returned the expected magic value
*/
function _checkOnERC721Received(
address from,
address to,
uint256 tokenId,
bytes memory data
) private returns (bool) {
if (to.isContract()) {
try IERC721Receiver(to).onERC721Received(_msgSender(), from, tokenId, data) returns (bytes4 retval) {
return retval == IERC721Receiver.onERC721Received.selector;
} catch (bytes memory reason) {
if (reason.length == 0) {
revert("ERC721: transfer to non ERC721Receiver implementer");
} else {
/// @solidity memory-safe-assembly
assembly {
revert(add(32, reason), mload(reason))
}
}
}
} else {
return true;
}
}
/**
* @dev Hook that is called before any token transfer. This includes minting and burning. If {ERC721Consecutive} is
* used, the hook may be called as part of a consecutive (batch) mint, as indicated by `batchSize` greater than 1.
*
* Calling conditions:
*
* - When `from` and `to` are both non-zero, ``from``'s tokens will be transferred to `to`.
* - When `from` is zero, the tokens will be minted for `to`.
* - When `to` is zero, ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
* - `batchSize` is non-zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(address from, address to, uint256 firstTokenId, uint256 batchSize) internal virtual {}
/**
* @dev Hook that is called after any token transfer. This includes minting and burning. If {ERC721Consecutive} is
* used, the hook may be called as part of a consecutive (batch) mint, as indicated by `batchSize` greater than 1.
*
* Calling conditions:
*
* - When `from` and `to` are both non-zero, ``from``'s tokens were transferred to `to`.
* - When `from` is zero, the tokens were minted for `to`.
* - When `to` is zero, ``from``'s tokens were burned.
* - `from` and `to` are never both zero.
* - `batchSize` is non-zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _afterTokenTransfer(address from, address to, uint256 firstTokenId, uint256 batchSize) internal virtual {}
/**
* @dev Unsafe write access to the balances, used by extensions that "mint" tokens using an {ownerOf} override.
*
* WARNING: Anyone calling this MUST ensure that the balances remain consistent with the ownership. The invariant
* being that for any address `a` the value returned by `balanceOf(a)` must be equal to the number of tokens such
* that `ownerOf(tokenId)` is `a`.
*/
// solhint-disable-next-line func-name-mixedcase
function __unsafe_increaseBalance(address account, uint256 amount) internal {
_balances[account] += amount;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC721/extensions/IERC721Metadata.sol)
pragma solidity ^0.8.0;
import "../IERC721.sol";
/**
* @title ERC-721 Non-Fungible Token Standard, optional metadata extension
* @dev See https://eips.ethereum.org/EIPS/eip-721
*/
interface IERC721Metadata is IERC721 {
/**
* @dev Returns the token collection name.
*/
function name() external view returns (string memory);
/**
* @dev Returns the token collection symbol.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the Uniform Resource Identifier (URI) for `tokenId` token.
*/
function tokenURI(uint256 tokenId) external view returns (string memory);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC721/IERC721.sol)
pragma solidity ^0.8.0;
import "../../utils/introspection/IERC165.sol";
/**
* @dev Required interface of an ERC721 compliant contract.
*/
interface IERC721 is IERC165 {
/**
* @dev Emitted when `tokenId` token is transferred from `from` to `to`.
*/
event Transfer(address indexed from, address indexed to, uint256 indexed tokenId);
/**
* @dev Emitted when `owner` enables `approved` to manage the `tokenId` token.
*/
event Approval(address indexed owner, address indexed approved, uint256 indexed tokenId);
/**
* @dev Emitted when `owner` enables or disables (`approved`) `operator` to manage all of its assets.
*/
event ApprovalForAll(address indexed owner, address indexed operator, bool approved);
/**
* @dev Returns the number of tokens in ``owner``'s account.
*/
function balanceOf(address owner) external view returns (uint256 balance);
/**
* @dev Returns the owner of the `tokenId` token.
*
* Requirements:
*
* - `tokenId` must exist.
*/
function ownerOf(uint256 tokenId) external view returns (address owner);
/**
* @dev Safely transfers `tokenId` token from `from` to `to`.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must exist and be owned by `from`.
* - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer.
*
* Emits a {Transfer} event.
*/
function safeTransferFrom(address from, address to, uint256 tokenId, bytes calldata data) external;
/**
* @dev Safely transfers `tokenId` token from `from` to `to`, checking first that contract recipients
* are aware of the ERC721 protocol to prevent tokens from being forever locked.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must exist and be owned by `from`.
* - If the caller is not `from`, it must have been allowed to move this token by either {approve} or {setApprovalForAll}.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer.
*
* Emits a {Transfer} event.
*/
function safeTransferFrom(address from, address to, uint256 tokenId) external;
/**
* @dev Transfers `tokenId` token from `from` to `to`.
*
* WARNING: Note that the caller is responsible to confirm that the recipient is capable of receiving ERC721
* or else they may be permanently lost. Usage of {safeTransferFrom} prevents loss, though the caller must
* understand this adds an external call which potentially creates a reentrancy vulnerability.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must be owned by `from`.
* - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 tokenId) external;
/**
* @dev Gives permission to `to` to transfer `tokenId` token to another account.
* The approval is cleared when the token is transferred.
*
* Only a single account can be approved at a time, so approving the zero address clears previous approvals.
*
* Requirements:
*
* - The caller must own the token or be an approved operator.
* - `tokenId` must exist.
*
* Emits an {Approval} event.
*/
function approve(address to, uint256 tokenId) external;
/**
* @dev Approve or remove `operator` as an operator for the caller.
* Operators can call {transferFrom} or {safeTransferFrom} for any token owned by the caller.
*
* Requirements:
*
* - The `operator` cannot be the caller.
*
* Emits an {ApprovalForAll} event.
*/
function setApprovalForAll(address operator, bool approved) external;
/**
* @dev Returns the account approved for `tokenId` token.
*
* Requirements:
*
* - `tokenId` must exist.
*/
function getApproved(uint256 tokenId) external view returns (address operator);
/**
* @dev Returns if the `operator` is allowed to manage all of the assets of `owner`.
*
* See {setApprovalForAll}
*/
function isApprovedForAll(address owner, address operator) external view returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC721/IERC721Receiver.sol)
pragma solidity ^0.8.0;
/**
* @title ERC721 token receiver interface
* @dev Interface for any contract that wants to support safeTransfers
* from ERC721 asset contracts.
*/
interface IERC721Receiver {
/**
* @dev Whenever an {IERC721} `tokenId` token is transferred to this contract via {IERC721-safeTransferFrom}
* by `operator` from `from`, this function is called.
*
* It must return its Solidity selector to confirm the token transfer.
* If any other value is returned or the interface is not implemented by the recipient, the transfer will be reverted.
*
* The selector can be obtained in Solidity with `IERC721Receiver.onERC721Received.selector`.
*/
function onERC721Received(
address operator,
address from,
uint256 tokenId,
bytes calldata data
) external returns (bytes4);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/cryptography/ECDSA.sol)
pragma solidity ^0.8.0;
import "../Strings.sol";
/**
* @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
*
* These functions can be used to verify that a message was signed by the holder
* of the private keys of a given address.
*/
library ECDSA {
enum RecoverError {
NoError,
InvalidSignature,
InvalidSignatureLength,
InvalidSignatureS,
InvalidSignatureV // Deprecated in v4.8
}
function _throwError(RecoverError error) private pure {
if (error == RecoverError.NoError) {
return; // no error: do nothing
} else if (error == RecoverError.InvalidSignature) {
revert("ECDSA: invalid signature");
} else if (error == RecoverError.InvalidSignatureLength) {
revert("ECDSA: invalid signature length");
} else if (error == RecoverError.InvalidSignatureS) {
revert("ECDSA: invalid signature 's' value");
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature` or error string. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*
* Documentation for signature generation:
* - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
* - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError) {
if (signature.length == 65) {
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them
// currently is to use assembly.
/// @solidity memory-safe-assembly
assembly {
r := mload(add(signature, 0x20))
s := mload(add(signature, 0x40))
v := byte(0, mload(add(signature, 0x60)))
}
return tryRecover(hash, v, r, s);
} else {
return (address(0), RecoverError.InvalidSignatureLength);
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature`. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*/
function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, signature);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
*
* See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address, RecoverError) {
bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
uint8 v = uint8((uint256(vs) >> 255) + 27);
return tryRecover(hash, v, r, s);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
*
* _Available since v4.2._
*/
function recover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, r, vs);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `v`,
* `r` and `s` signature fields separately.
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal pure returns (address, RecoverError) {
// EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
// unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
// the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most
// signatures from current libraries generate a unique signature with an s-value in the lower half order.
//
// If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
// with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
// vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
// these malleable signatures as well.
if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
return (address(0), RecoverError.InvalidSignatureS);
}
// If the signature is valid (and not malleable), return the signer address
address signer = ecrecover(hash, v, r, s);
if (signer == address(0)) {
return (address(0), RecoverError.InvalidSignature);
}
return (signer, RecoverError.NoError);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `v`,
* `r` and `s` signature fields separately.
*/
function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, v, r, s);
_throwError(error);
return recovered;
}
/**
* @dev Returns an Ethereum Signed Message, created from a `hash`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32 message) {
// 32 is the length in bytes of hash,
// enforced by the type signature above
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, "\\x19Ethereum Signed Message:\
32")
mstore(0x1c, hash)
message := keccak256(0x00, 0x3c)
}
}
/**
* @dev Returns an Ethereum Signed Message, created from `s`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\\x19Ethereum Signed Message:\
", Strings.toString(s.length), s));
}
/**
* @dev Returns an Ethereum Signed Typed Data, created from a
* `domainSeparator` and a `structHash`. This produces hash corresponding
* to the one signed with the
* https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]
* JSON-RPC method as part of EIP-712.
*
* See {recover}.
*/
function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32 data) {
/// @solidity memory-safe-assembly
assembly {
let ptr := mload(0x40)
mstore(ptr, "\\x19\\x01")
mstore(add(ptr, 0x02), domainSeparator)
mstore(add(ptr, 0x22), structHash)
data := keccak256(ptr, 0x42)
}
}
/**
* @dev Returns an Ethereum Signed Data with intended validator, created from a
* `validator` and `data` according to the version 0 of EIP-191.
*
* See {recover}.
*/
function toDataWithIntendedValidatorHash(address validator, bytes memory data) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\\x19\\x00", validator, data));
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/cryptography/EIP712.sol)
pragma solidity ^0.8.8;
import "./ECDSA.sol";
import "../ShortStrings.sol";
import "../../interfaces/IERC5267.sol";
/**
* @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data.
*
* The encoding specified in the EIP is very generic, and such a generic implementation in Solidity is not feasible,
* thus this contract does not implement the encoding itself. Protocols need to implement the type-specific encoding
* they need in their contracts using a combination of `abi.encode` and `keccak256`.
*
* This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding
* scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA
* ({_hashTypedDataV4}).
*
* The implementation of the domain separator was designed to be as efficient as possible while still properly updating
* the chain id to protect against replay attacks on an eventual fork of the chain.
*
* NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method
* https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask].
*
* NOTE: In the upgradeable version of this contract, the cached values will correspond to the address, and the domain
* separator of the implementation contract. This will cause the `_domainSeparatorV4` function to always rebuild the
* separator from the immutable values, which is cheaper than accessing a cached version in cold storage.
*
* _Available since v3.4._
*
* @custom:oz-upgrades-unsafe-allow state-variable-immutable state-variable-assignment
*/
abstract contract EIP712 is IERC5267 {
using ShortStrings for *;
bytes32 private constant _TYPE_HASH =
keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)");
// Cache the domain separator as an immutable value, but also store the chain id that it corresponds to, in order to
// invalidate the cached domain separator if the chain id changes.
bytes32 private immutable _cachedDomainSeparator;
uint256 private immutable _cachedChainId;
address private immutable _cachedThis;
bytes32 private immutable _hashedName;
bytes32 private immutable _hashedVersion;
ShortString private immutable _name;
ShortString private immutable _version;
string private _nameFallback;
string private _versionFallback;
/**
* @dev Initializes the domain separator and parameter caches.
*
* The meaning of `name` and `version` is specified in
* https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]:
*
* - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol.
* - `version`: the current major version of the signing domain.
*
* NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart
* contract upgrade].
*/
constructor(string memory name, string memory version) {
_name = name.toShortStringWithFallback(_nameFallback);
_version = version.toShortStringWithFallback(_versionFallback);
_hashedName = keccak256(bytes(name));
_hashedVersion = keccak256(bytes(version));
_cachedChainId = block.chainid;
_cachedDomainSeparator = _buildDomainSeparator();
_cachedThis = address(this);
}
/**
* @dev Returns the domain separator for the current chain.
*/
function _domainSeparatorV4() internal view returns (bytes32) {
if (address(this) == _cachedThis && block.chainid == _cachedChainId) {
return _cachedDomainSeparator;
} else {
return _buildDomainSeparator();
}
}
function _buildDomainSeparator() private view returns (bytes32) {
return keccak256(abi.encode(_TYPE_HASH, _hashedName, _hashedVersion, block.chainid, address(this)));
}
/**
* @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this
* function returns the hash of the fully encoded EIP712 message for this domain.
*
* This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example:
*
* ```solidity
* bytes32 digest = _hashTypedDataV4(keccak256(abi.encode(
* keccak256("Mail(address to,string contents)"),
* mailTo,
* keccak256(bytes(mailContents))
* )));
* address signer = ECDSA.recover(digest, signature);
* ```
*/
function _hashTypedDataV4(bytes32 structHash) internal view virtual returns (bytes32) {
return ECDSA.toTypedDataHash(_domainSeparatorV4(), structHash);
}
/**
* @dev See {EIP-5267}.
*
* _Available since v4.9._
*/
function eip712Domain()
public
view
virtual
override
returns (
bytes1 fields,
string memory name,
string memory version,
uint256 chainId,
address verifyingContract,
bytes32 salt,
uint256[] memory extensions
)
{
return (
hex"0f", // 01111
_name.toStringWithFallback(_nameFallback),
_version.toStringWithFallback(_versionFallback),
block.chainid,
address(this),
bytes32(0),
new uint256[](0)
);
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/ERC165.sol)
pragma solidity ^0.8.0;
import "./IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*
* Alternatively, {ERC165Storage} provides an easier to use but more expensive implementation.
*/
abstract contract ERC165 is IERC165 {
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/IERC165.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/math/Math.sol)
pragma solidity ^0.8.0;
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
enum Rounding {
Down, // Toward negative infinity
Up, // Toward infinity
Zero // Toward zero
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds up instead
* of rounding down.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
* with further edits by Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod0 := mul(x, y)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
require(denominator > prod1, "Math: mulDiv overflow");
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.
// See https://cs.stackexchange.com/q/138556/92363.
// Does not overflow because the denominator cannot be zero at this stage in the function.
uint256 twos = denominator & (~denominator + 1);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works
// in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (rounding == Rounding.Up && 10 ** result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256, rounded down, of a positive value.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (rounding == Rounding.Up && 1 << (result << 3) < value ? 1 : 0);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/SignedMath.sol)
pragma solidity ^0.8.0;
/**
* @dev Standard signed math utilities missing in the Solidity language.
*/
library SignedMath {
/**
* @dev Returns the largest of two signed numbers.
*/
function max(int256 a, int256 b) internal pure returns (int256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two signed numbers.
*/
function min(int256 a, int256 b) internal pure returns (int256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two signed numbers without overflow.
* The result is rounded towards zero.
*/
function average(int256 a, int256 b) internal pure returns (int256) {
// Formula from the book "Hacker's Delight"
int256 x = (a & b) + ((a ^ b) >> 1);
return x + (int256(uint256(x) >> 255) & (a ^ b));
}
/**
* @dev Returns the absolute unsigned value of a signed value.
*/
function abs(int256 n) internal pure returns (uint256) {
unchecked {
// must be unchecked in order to support `n = type(int256).min`
return uint256(n >= 0 ? n : -n);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/ShortStrings.sol)
pragma solidity ^0.8.8;
import "./StorageSlot.sol";
// | string | 0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
// | length | 0x BB |
type ShortString is bytes32;
/**
* @dev This library provides functions to convert short memory strings
* into a `ShortString` type that can be used as an immutable variable.
*
* Strings of arbitrary length can be optimized using this library if
* they are short enough (up to 31 bytes) by packing them with their
* length (1 byte) in a single EVM word (32 bytes). Additionally, a
* fallback mechanism can be used for every other case.
*
* Usage example:
*
* ```solidity
* contract Named {
* using ShortStrings for *;
*
* ShortString private immutable _name;
* string private _nameFallback;
*
* constructor(string memory contractName) {
* _name = contractName.toShortStringWithFallback(_nameFallback);
* }
*
* function name() external view returns (string memory) {
* return _name.toStringWithFallback(_nameFallback);
* }
* }
* ```
*/
library ShortStrings {
// Used as an identifier for strings longer than 31 bytes.
bytes32 private constant _FALLBACK_SENTINEL = 0x00000000000000000000000000000000000000000000000000000000000000FF;
error StringTooLong(string str);
error InvalidShortString();
/**
* @dev Encode a string of at most 31 chars into a `ShortString`.
*
* This will trigger a `StringTooLong` error is the input string is too long.
*/
function toShortString(string memory str) internal pure returns (ShortString) {
bytes memory bstr = bytes(str);
if (bstr.length > 31) {
revert StringTooLong(str);
}
return ShortString.wrap(bytes32(uint256(bytes32(bstr)) | bstr.length));
}
/**
* @dev Decode a `ShortString` back to a "normal" string.
*/
function toString(ShortString sstr) internal pure returns (string memory) {
uint256 len = byteLength(sstr);
// using `new string(len)` would work locally but is not memory safe.
string memory str = new string(32);
/// @solidity memory-safe-assembly
assembly {
mstore(str, len)
mstore(add(str, 0x20), sstr)
}
return str;
}
/**
* @dev Return the length of a `ShortString`.
*/
function byteLength(ShortString sstr) internal pure returns (uint256) {
uint256 result = uint256(ShortString.unwrap(sstr)) & 0xFF;
if (result > 31) {
revert InvalidShortString();
}
return result;
}
/**
* @dev Encode a string into a `ShortString`, or write it to storage if it is too long.
*/
function toShortStringWithFallback(string memory value, string storage store) internal returns (ShortString) {
if (bytes(value).length < 32) {
return toShortString(value);
} else {
StorageSlot.getStringSlot(store).value = value;
return ShortString.wrap(_FALLBACK_SENTINEL);
}
}
/**
* @dev Decode a string that was encoded to `ShortString` or written to storage using {setWithFallback}.
*/
function toStringWithFallback(ShortString value, string storage store) internal pure returns (string memory) {
if (ShortString.unwrap(value) != _FALLBACK_SENTINEL) {
return toString(value);
} else {
return store;
}
}
/**
* @dev Return the length of a string that was encoded to `ShortString` or written to storage using {setWithFallback}.
*
* WARNING: This will return the "byte length" of the string. This may not reflect the actual length in terms of
* actual characters as the UTF-8 encoding of a single character can span over multiple bytes.
*/
function byteLengthWithFallback(ShortString value, string storage store) internal view returns (uint256) {
if (ShortString.unwrap(value) != _FALLBACK_SENTINEL) {
return byteLength(value);
} else {
return bytes(store).length;
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/StorageSlot.sol)
// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.
pragma solidity ^0.8.0;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```solidity
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, `uint256`._
* _Available since v4.9 for `string`, `bytes`._
*/
library StorageSlot {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
struct StringSlot {
string value;
}
struct BytesSlot {
bytes value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` with member `value` located at `slot`.
*/
function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` representation of the string storage pointer `store`.
*/
function getStringSlot(string storage store) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
/**
* @dev Returns an `BytesSlot` with member `value` located at `slot`.
*/
function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.
*/
function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Strings.sol)
pragma solidity ^0.8.0;
import "./math/Math.sol";
import "./math/SignedMath.sol";
/**
* @dev String operations.
*/
library Strings {
bytes16 private constant _SYMBOLS = "0123456789abcdef";
uint8 private constant _ADDRESS_LENGTH = 20;
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/
function toString(uint256 value) internal pure returns (string memory) {
unchecked {
uint256 length = Math.log10(value) + 1;
string memory buffer = new string(length);
uint256 ptr;
/// @solidity memory-safe-assembly
assembly {
ptr := add(buffer, add(32, length))
}
while (true) {
ptr--;
/// @solidity memory-safe-assembly
assembly {
mstore8(ptr, byte(mod(value, 10), _SYMBOLS))
}
value /= 10;
if (value == 0) break;
}
return buffer;
}
}
/**
* @dev Converts a `int256` to its ASCII `string` decimal representation.
*/
function toString(int256 value) internal pure returns (string memory) {
return string(abi.encodePacked(value < 0 ? "-" : "", toString(SignedMath.abs(value))));
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/
function toHexString(uint256 value) internal pure returns (string memory) {
unchecked {
return toHexString(value, Math.log256(value) + 1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
bytes memory buffer = new bytes(2 * length + 2);
buffer[0] = "0";
buffer[1] = "x";
for (uint256 i = 2 * length + 1; i > 1; --i) {
buffer[i] = _SYMBOLS[value & 0xf];
value >>= 4;
}
require(value == 0, "Strings: hex length insufficient");
return string(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation.
*/
function toHexString(address addr) internal pure returns (string memory) {
return toHexString(uint256(uint160(addr)), _ADDRESS_LENGTH);
}
/**
* @dev Returns true if the two strings are equal.
*/
function equal(string memory a, string memory b) internal pure returns (bool) {
return keccak256(bytes(a)) == keccak256(bytes(b));
}
}
// SPDX-License-Identifier: MIT
pragma solidity >=0.6.0;
/// @title Base64
/// @author Brecht Devos - <[email protected]>
/// @notice Provides functions for encoding/decoding base64
library Base64 {
string internal constant TABLE_ENCODE = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
bytes internal constant TABLE_DECODE = hex"0000000000000000000000000000000000000000000000000000000000000000"
hex"00000000000000000000003e0000003f3435363738393a3b3c3d000000000000"
hex"00000102030405060708090a0b0c0d0e0f101112131415161718190000000000"
hex"001a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132330000000000";
function encode(bytes memory data) internal pure returns (string memory) {
if (data.length == 0) return '';
// load the table into memory
string memory table = TABLE_ENCODE;
// multiply by 4/3 rounded up
uint256 encodedLen = 4 * ((data.length + 2) / 3);
// add some extra buffer at the end required for the writing
string memory result = new string(encodedLen + 32);
assembly {
// set the actual output length
mstore(result, encodedLen)
// prepare the lookup table
let tablePtr := add(table, 1)
// input ptr
let dataPtr := data
let endPtr := add(dataPtr, mload(data))
// result ptr, jump over length
let resultPtr := add(result, 32)
// run over the input, 3 bytes at a time
for {} lt(dataPtr, endPtr) {}
{
// read 3 bytes
dataPtr := add(dataPtr, 3)
let input := mload(dataPtr)
// write 4 characters
mstore8(resultPtr, mload(add(tablePtr, and(shr(18, input), 0x3F))))
resultPtr := add(resultPtr, 1)
mstore8(resultPtr, mload(add(tablePtr, and(shr(12, input), 0x3F))))
resultPtr := add(resultPtr, 1)
mstore8(resultPtr, mload(add(tablePtr, and(shr( 6, input), 0x3F))))
resultPtr := add(resultPtr, 1)
mstore8(resultPtr, mload(add(tablePtr, and( input, 0x3F))))
resultPtr := add(resultPtr, 1)
}
// padding with '='
switch mod(mload(data), 3)
case 1 { mstore(sub(resultPtr, 2), shl(240, 0x3d3d)) }
case 2 { mstore(sub(resultPtr, 1), shl(248, 0x3d)) }
}
return result;
}
function decode(string memory _data) internal pure returns (bytes memory) {
bytes memory data = bytes(_data);
if (data.length == 0) return new bytes(0);
require(data.length % 4 == 0, "invalid base64 decoder input");
// load the table into memory
bytes memory table = TABLE_DECODE;
// every 4 characters represent 3 bytes
uint256 decodedLen = (data.length / 4) * 3;
// add some extra buffer at the end required for the writing
bytes memory result = new bytes(decodedLen + 32);
assembly {
// padding with '='
let lastBytes := mload(add(data, mload(data)))
if eq(and(lastBytes, 0xFF), 0x3d) {
decodedLen := sub(decodedLen, 1)
if eq(and(lastBytes, 0xFFFF), 0x3d3d) {
decodedLen := sub(decodedLen, 1)
}
}
// set the actual output length
mstore(result, decodedLen)
// prepare the lookup table
let tablePtr := add(table, 1)
// input ptr
let dataPtr := data
let endPtr := add(dataPtr, mload(data))
// result ptr, jump over length
let resultPtr := add(result, 32)
// run over the input, 4 characters at a time
for {} lt(dataPtr, endPtr) {}
{
// read 4 characters
dataPtr := add(dataPtr, 4)
let input := mload(dataPtr)
// write 3 bytes
let output := add(
add(
shl(18, and(mload(add(tablePtr, and(shr(24, input), 0xFF))), 0xFF)),
shl(12, and(mload(add(tablePtr, and(shr(16, input), 0xFF))), 0xFF))),
add(
shl( 6, and(mload(add(tablePtr, and(shr( 8, input), 0xFF))), 0xFF)),
and(mload(add(tablePtr, and( input , 0xFF))), 0xFF)
)
)
mstore(resultPtr, shl(232, output))
resultPtr := add(resultPtr, 3)
}
}
return result;
}
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.22;
interface ITokenDistribution {
function setTotalClaimed(address wallet, uint256 totalClaimed) external;
function claimedTokens(address _account) external view returns (uint256);
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.22;
interface IWorkToken {
function mint(address to, uint256 amount) external;
function transfer(address to, uint256 amount) external returns (bool);
function transferFrom(address from, address to, uint256 amount) external returns (bool);
function balanceOf(address account) external returns (uint256);
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.22;
import "@openzeppelin/contracts/token/ERC721/ERC721.sol";
import "@openzeppelin/contracts/access/Ownable.sol";
import "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
import "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
import "@openzeppelin/contracts/interfaces/IERC4906.sol";
import "@openzeppelin/contracts/interfaces/IERC20.sol";
import "./GenesisNftData.sol";
import "./../interface/ITokenDistribution.sol";
import "./../interface/IWorkToken.sol";
error StartTimeInvalid();
error InitHasCompleted();
error RewarderRoleNotPresent();
error AccountMintedPreviously();
error SignatureInvalid();
error NftMintUnavailable();
error MintTypeInvalid();
error NftNotOwned();
error NftLocked(uint256 lockedTill);
error NftNotExists();
error UnstakeAmountNotAllowed();
error AllowanceExceeded(uint256 allowance);
error TransferFailed();
error ArrayLengthMismatch();
error LockPeriodInvalid();
error StakeAtMintMaxExceeded();
contract GenesisNft is ERC721, Ownable, EIP712, IERC4906 {
GenesisNftData private immutable nftData;
ITokenDistribution private immutable tokenDistribution;
IWorkToken private immutable token;
uint256 private constant NFT_MAX_LOCK_PERIOD = 550 days;
uint256 private constant NFT_MAX_AMOUNT = 999;
uint256 private constant MAX_LEVEL = 80;
uint256 public constant BASE_STAKE = 50;
uint256 private constant TYPE_GUAR = 0;
uint256 private constant TYPE_FCFS = 1;
uint256 private constant TYPE_INV = 2;
uint256 public constant DAILY_STAKING_ALLOWANCE = 294;
uint256 private constant COUNT_GUAR = 400;
uint256 private constant COUNT_FCFS = 150;
uint256 private constant COUNT_INV = 449;
uint256 private constant ONE_E18 = 10 ** 18;
uint256 private constant TOTAL_STAKE_AT_MINT_MAX = 24000000 * ONE_E18;
uint128 public startTime;
uint16 public nftIdCounter;
uint8 public initCompleted;
string private imageFolder = "ipfs://QmdXcctk5G1rkqFuqsEAVhoKxJ6tMoV1fjqYRXri3VY47b/";
address public voucherSigner;
mapping(address => bool) public accountMinted;
mapping(address => bool) public isRewarder;
mapping(uint256 => NftTotalMonth) public monthlyTotal;
struct NftTotalMonth {
uint32 totalShares;
uint128 totalStaked;
uint128 minimumStaked;
}
mapping(uint256 => NftInfo) public nft;
struct NftInfo {
uint16 tier;
uint16 voucherId;
uint64 lockPeriod;
uint128 stakedAtMint;
bytes32 encodedAttributes;
mapping(uint256 => NftInfoMonth) monthly;
}
struct NftInfoMonth {
uint16 shares;
uint8 hasWithdrawn;
uint128 staked;
uint128 minimumStaked;
}
event Stake(uint256 indexed tokenId, uint256 amount);
event Unstake(uint256 indexed tokenId, uint256 amount);
event Evolve(uint256 indexed tokenId, uint256 tier);
event Destroy(uint256 indexed tokenId);
event InitCompleted();
event IpfsFolderChanged(string indexed ipfsFolder);
event VoucherSignerSet(address indexed voucherSigner);
event RewarderSet(address indexed rewarder, bool isRewarder);
event StartTimeSet(uint256 indexed startTime);
event RemainingToTreasuryMinted(uint256 indexed amount);
/**
* @notice Deploying the NFT contract and sets the Admin role and references Erc20 Token, TokenDistribution and NftData contracts.
* @dev Requires the Erc20Token, TokenDistribution and NftData contracts to be deployed first and they addresses set to the constants.
* @param _nftName The name of the nft, which will be Work X Genesis NFT in this case.
* @param _nftSymbol The symbol of the nft, which will be Work X Genesis NFT in this case.
* @param _workTokenAddress The address of the $WORK token contract (ERC20).
* @param _tokenDistributionAddress The TokenDistribution address that will be used to mint tokens and update the claimed amount.
* @param _nftDataAddress The address of the NftData contract that will be used to get the data for the nft, like how many tokens are needed for each level.
* @param _voucherSigner The address of account that is authorized to sign NFT minting vouchers.
**/
constructor(
string memory _nftName,
string memory _nftSymbol,
address _workTokenAddress,
address _tokenDistributionAddress,
address _nftDataAddress,
address _voucherSigner
) ERC721(_nftName, _nftSymbol) EIP712(_nftName, "1.0.0") {
if (
_workTokenAddress == address(0) ||
_tokenDistributionAddress == address(0) ||
_nftDataAddress == address(0) ||
_voucherSigner == address(0)
) {
revert AddressInvalid();
}
token = IWorkToken(_workTokenAddress);
tokenDistribution = ITokenDistribution(_tokenDistributionAddress);
nftData = GenesisNftData(_nftDataAddress);
voucherSigner = _voucherSigner;
startTime = uint128(block.timestamp + 22 days);
}
/**
* @notice Combine ERC721 with ERC4906
**/
function supportsInterface(bytes4 interfaceId) public view virtual override(IERC165, ERC721) returns (bool) {
return interfaceId == bytes4(0x49064906) || super.supportsInterface(interfaceId);
}
/****
**** ONLY OWNER
****/
/**
* @notice Sets the IPFS folder where the NFT images are stored.
* @param _folder The folder that will be set.
**/
function setIpfsFolder(string calldata _folder) external onlyOwner {
imageFolder = _folder;
emit IpfsFolderChanged(_folder);
emit BatchMetadataUpdate(0, NFT_MAX_AMOUNT);
}
/**
* @notice Sets initCompleted to 1
* @dev This is used to make sure that the attributes can not be changed after the init is completed.
**/
function setInitCompleted() external onlyOwner {
initCompleted = 1;
emit InitCompleted();
emit BatchMetadataUpdate(0, NFT_MAX_AMOUNT);
}
/**
* @notice Sets the attributes for a batch of NFTs.
* @dev This function can only be called before the init is completed.
* The array of tokenIds and the array of encodedAttributes should be the same length.
* The array of tokenIds should be ordered and contain no gaps
* @param _tokenId The tokenId of the NFT.
* @param _encodedAttributes The 11 NFT attributes encoded in a bytes32.
**/
function setNftAttributes(uint256[] calldata _tokenId, bytes32[] calldata _encodedAttributes) external onlyOwner {
if (_tokenId.length != _encodedAttributes.length || _tokenId.length == 0) {
revert ArrayLengthMismatch();
}
if (initCompleted != 0) {
revert InitHasCompleted();
}
for (uint256 id = 0; id < _tokenId.length; id++) {
nft[_tokenId[id]].encodedAttributes = _encodedAttributes[id];
}
}
/**
* @notice Sets the address of the Voucher Signer.
* @param _voucherSigner Address of the vouchersigner that will be set.
**/
function setVoucherSigner(address _voucherSigner) external onlyOwner {
voucherSigner = _voucherSigner;
emit VoucherSignerSet(_voucherSigner);
}
/**
* @notice Sets or unsets a specific address to be a rewarder, they can add tokens to any NFT bypassing the stakingAllowance.
* @param _rewarder Address of the vouchersigner that will be set.
**/
function setRewarder(address _rewarder, bool _isRewarder) external onlyOwner {
isRewarder[_rewarder] = _isRewarder;
emit RewarderSet(_rewarder, _isRewarder);
}
/**
* @notice Sets the start time of the NFT reward mechanism.
* @param _startTime The new start time.
**/
function setStartTime(uint256 _startTime) external onlyOwner {
_startTime = uint256(uint128(_startTime));
if (startTime <= block.timestamp || _startTime <= block.timestamp) {
revert StartTimeInvalid();
}
startTime = uint128(_startTime);
emit StartTimeSet(_startTime);
}
/**
* @notice After the minting period has ended, the remaining NFT will be minted to the treasury account.
**/
function mintRemainingToTreasury() external onlyOwner {
if (initCompleted != 0) {
revert InitHasCompleted();
}
if (startTime <= block.timestamp) {
revert StartTimeInvalid();
}
for (uint256 i = nftIdCounter; i < NFT_MAX_AMOUNT; i++) {
_mint(msg.sender, i);
}
emit RemainingToTreasuryMinted(NFT_MAX_AMOUNT - nftIdCounter);
nftIdCounter = uint16(NFT_MAX_AMOUNT);
}
/**
* @notice Rescue function to withdraw any ERC20 token mistakenly sent to the contract, except the $WORK token after init has completed.
* @param _tokenAddress Address of the ERC20 token contract.
* @param _amount Amount of the ERC20 token to withdraw.
**/
function withdrawTokens(address _tokenAddress, uint256 _amount) external payable onlyOwner {
if (initCompleted == 0) {
IERC20(_tokenAddress).transfer(msg.sender, _amount);
} else {
if (_tokenAddress != address(token)) {
IERC20(_tokenAddress).transfer(msg.sender, _amount);
} else {
revert InitHasCompleted();
}
}
}
/****
**** EXTERNAL WRITE
****/
/**
* @notice The function mintNft mints the Work X GenesisNft and mints an amount of tokens into the NFT these tokens are locked for a certain amount of time but the NFT is freely tradable.
* A voucher is constructed by Work X backend and only callers with a valid voucher can mint the NFT.
* @dev Before giving out vouchers the tokenDistribution startTime has to be set, otherwise the tokens will not be locked correctly.
* @param _voucherId The id of the voucher that will be used to mint the NFT.
* @param _type The id of the minting type.
* @param _lockPeriod The amount of time that the tokens will be locked in the NFT from the startTime of the distribution contract.
* @param _amountToStake The amount of tokens that will be staked into the minted NFT.
* @param _signature A signature signed by the minter role, to check if a voucher is valid.
**/
function mintNft(
uint256 _voucherId,
uint256 _type,
uint256 _lockPeriod,
uint256 _amountToStake,
bytes calldata _signature
) external {
if (accountMinted[msg.sender]) {
revert AccountMintedPreviously();
}
bytes32 digest = _hashMint(_voucherId, _type, _lockPeriod, msg.sender, _amountToStake);
if (!_verify(digest, _signature, voucherSigner)) {
revert SignatureInvalid();
}
if (_lockPeriod > NFT_MAX_LOCK_PERIOD) {
revert LockPeriodInvalid();
}
uint256 oldCounter = nftIdCounter;
if (_type == TYPE_GUAR) {
if (oldCounter >= COUNT_GUAR) {
revert NftMintUnavailable();
}
} else if (_type == TYPE_FCFS) {
if (oldCounter >= COUNT_GUAR + COUNT_FCFS) {
revert NftMintUnavailable();
}
} else if (_type == TYPE_INV) {
if (oldCounter >= COUNT_GUAR + COUNT_FCFS + COUNT_INV) {
revert NftMintUnavailable();
}
} else {
revert MintTypeInvalid();
}
accountMinted[msg.sender] = true;
if (_amountToStake > 0) {
if (tokenDistribution.claimedTokens(msg.sender) == 0) {
tokenDistribution.setTotalClaimed(msg.sender, _amountToStake);
} else {
_amountToStake = 0;
}
}
uint128 amountToStake = uint128(_amountToStake);
NftInfo storage _nft = nft[oldCounter];
_nft.voucherId = uint16(_voucherId);
_nft.lockPeriod = uint64(_lockPeriod);
_nft.stakedAtMint = amountToStake;
uint256 level = nftData.getLevel(amountToStake);
_nft.tier = uint16(level / 10);
uint256 shares = nftData.shares(level) + BASE_STAKE;
NftInfoMonth memory _info = NftInfoMonth(uint16(shares), 0, amountToStake, amountToStake);
_nft.monthly[0] = _info;
NftTotalMonth memory totalMonthly = monthlyTotal[0];
if (totalMonthly.totalStaked + amountToStake > TOTAL_STAKE_AT_MINT_MAX) {
revert StakeAtMintMaxExceeded();
}
NftTotalMonth memory _monthTotal = NftTotalMonth(
totalMonthly.totalShares + uint32(shares),
uint128(totalMonthly.totalStaked + amountToStake),
uint128(totalMonthly.minimumStaked + amountToStake)
);
monthlyTotal[0] = _monthTotal;
nftIdCounter = uint16(oldCounter + 1);
if (_amountToStake > 0) {
token.mint(address(this), uint256(amountToStake));
}
_safeMint(msg.sender, oldCounter);
}
/**
* @notice The function destroyNft destroys your NFT and gives you back the tokens in that NFT. Your "Piggy bank will be destroyed forever."
* @dev In order to destroy an NFT you need to be the owner, the lockPeriod should have passed.
* Its fine to use the block.timestamp for the comparison because the miner can not manipulate the block.timestamp by a practically significant amount.
* @param _tokenId The id of the NFT that will destroyed.
**/
function destroyNft(uint256 _tokenId) external {
if (msg.sender != ownerOf(_tokenId)) {
revert NftNotOwned();
}
uint64 lockPeriod = nft[_tokenId].lockPeriod;
if (block.timestamp <= lockPeriod + startTime) {
revert NftLocked(lockPeriod + startTime);
}
uint256 currentMonth = getCurrentMonth();
(uint256 stakedAmount, ) = getStaked(_tokenId, currentMonth);
_updateMonthly(_tokenId, false, stakedAmount, currentMonth);
_updateShares(_tokenId, false);
nft[_tokenId].monthly[currentMonth].hasWithdrawn = 1;
_burn(_tokenId);
if (!token.transfer(msg.sender, stakedAmount)) {
revert TransferFailed();
}
emit Destroy(_tokenId);
}
/**
* @notice The stake function stakes an amount of tokens into an NFT.
* @dev The amount that can be staked for a specific tokenId builds up over time. You can only stake up to this allowance and you need to own enough tokens.
* @param _tokenId The id of the nft that will receive the tokens.
* @param _amount The amount of tokens that should be staked.
**/
function stake(uint256 _tokenId, uint256 _amount) external {
_checkAllowance(_tokenId, _amount);
_stake(_tokenId, _amount);
}
/**
* @notice The stakeAndEvolve function stakes tokens and afterwards evolves the NFT to the a higher tier if applicable.
* @param _tokenId The id of the nft that will receive the tokens.
* @param _amount The amount of tokens that should be staked.
**/
function stakeAndEvolve(uint256 _tokenId, uint256 _amount) external {
_checkAllowance(_tokenId, _amount);
_stake(_tokenId, _amount);
_evolveTier(_tokenId);
}
/**
* @notice The reward function stakes an amount of tokens into any NFT, bypassing the stakingAllowance.
* @dev Rewarders can stake tokens into any NFT, which potentially increases its level but does not evolve it to the next tier.
* @param _tokenId The id of the nft that will receive the tokens.
* @param _amount The amount of tokens that will be staked.
**/
function reward(uint256 _tokenId, uint256 _amount) external {
if (!isRewarder[msg.sender]) {
revert RewarderRoleNotPresent();
}
if (!_exists(_tokenId)) {
revert NftNotExists();
}
_stake(_tokenId, _amount);
}
/**
* @notice The unstake function unstakes an amount of tokens from the NFT with a specific tokenId
* @dev You can only unstake tokens after the lockPeriod has passed, and even then you can not unstake more than the minimum amount of tokens that is required to make the NFT level 10 in the current tier.
* If an NFT evolves to the next tier it has to reach level 10 first and only the tokens that are above the minimum amount of tokens required to reach level 10 in the current tier can be unstaked. We call this unstakable amount "Surplus"
* @param _tokenId The id of the NFT that will receive the tokens.
* @param _amount The amount of tokens that will be staked.
**/
function unstake(uint256 _tokenId, uint256 _amount) external {
if (msg.sender != ownerOf(_tokenId)) {
revert NftNotOwned();
}
NftInfo storage _nft = nft[_tokenId];
if (block.timestamp <= _nft.lockPeriod + startTime) {
revert NftLocked(_nft.lockPeriod + startTime);
}
uint256 currentMonth = getCurrentMonth();
(uint256 stakedAmount, ) = getStaked(_tokenId, currentMonth);
uint256 tokensRequiredForMaxLevelInTier = nftData.getTokensRequiredForTier(_nft.tier + 1);
if (tokensRequiredForMaxLevelInTier + _amount > stakedAmount) {
revert UnstakeAmountNotAllowed();
}
_updateMonthly(_tokenId, false, _amount, currentMonth);
nft[_tokenId].monthly[currentMonth].hasWithdrawn = 1;
if (!token.transfer(msg.sender, _amount)) {
revert TransferFailed();
}
emit Unstake(_tokenId, _amount);
}
/**
* @notice Tries to evolve the tier if you are the owner of the NFT.
**/
function evolveTier(uint256 _tokenId) external {
if (msg.sender != ownerOf(_tokenId)) {
revert NftNotOwned();
}
_evolveTier(_tokenId);
}
/****
**** private WRITE
****/
/**
* @notice The _updateShares function updates the shares of an NFT, it needs to calculate the shares amount when an NFT changes level, or tier, or when it is destroyed.
* @dev It calculates the new amount of shares of an nft, and then updates both the total, and NFT specific shares amounts.
* Note that unstaking does never change shares because the level can not decrease, only destroying an NFT does.
* @param _tokenId The id of the NFT of which the shares will be updated.
* @param _isIncreasingShares True if we have to add shares, false if we need to subtract shares.
**/
function _updateShares(uint256 _tokenId, bool _isIncreasingShares) private {
uint256 currentMonth = getCurrentMonth();
uint256 nftSharesOld = getShares(_tokenId, currentMonth);
uint256 totalSharesCurrentMonth = _getTotalShares(currentMonth);
NftTotalMonth storage _nftMonthTotal = monthlyTotal[currentMonth];
NftInfo storage _nft = nft[_tokenId];
NftInfoMonth storage _nftMonthToSet = _nft.monthly[currentMonth];
for (uint256 i = currentMonth + 1; i >= 1; --i) {
NftInfoMonth memory _nftMonth = _nft.monthly[i - 1];
if (_nftMonth.staked > 0 || _nftMonth.hasWithdrawn == 1 || i == 1) {
if (_isIncreasingShares) {
uint256 nftSharesNew = nftData.shares(nftData.getLevelCapped(_nftMonth.staked, _nft.tier)) +
BASE_STAKE;
_nftMonthToSet.shares = uint16(nftSharesNew);
_nftMonthTotal.totalShares = uint32(totalSharesCurrentMonth + nftSharesNew - nftSharesOld);
} else {
_nftMonthToSet.shares = 0;
_nftMonthTotal.totalShares = uint32(totalSharesCurrentMonth - nftSharesOld);
}
break;
}
}
}
/**
* @notice Increases the tier of an NFT.
* @dev It recalculates the tier of an NFT and set it, als the amount of shares is updated as we might jump several tiers/levels at once.
* @param _tokenId The id of the NFT.
**/
function _evolveTier(uint256 _tokenId) private {
(uint256 staked, ) = getStaked(_tokenId, getCurrentMonth());
uint256 tier = nftData.getLevel(staked) / 10;
NftInfo storage _nft = nft[_tokenId];
_nft.tier = uint16(tier);
_updateShares(_tokenId, true);
emit Evolve(_tokenId, tier);
}
/**
* @notice The _stake function stakes an amount of tokens into an NFT of the owner.
* @dev The amount that can be staked for a specific tokenId builds up over time. You can only stake up to this allowance and you need own enough tokens.
* The _updateMonthly function is called to update the monthly totals and the monthly totals of the NFT.
* The _updateShares function is called to update the shares totals and the shares of the NFT.
* The token.transferFrom function is called to transfer the tokens from the sender to the contract.
* @param _tokenId The id of the NFT.
* @param _amount The amount that will be staked.
**/
function _stake(uint256 _tokenId, uint256 _amount) private {
_updateMonthly(_tokenId, true, _amount, getCurrentMonth());
_updateShares(_tokenId, true);
if (!token.transferFrom(msg.sender, address(this), _amount)) {
revert TransferFailed();
}
emit Stake(_tokenId, _amount);
}
/**
* @notice _updateMonthly updates the monthly balance of an NFT, as well as the global totals.
* @dev Important: For - Loop through the previous months and to find the last non-zero value for "nft.monthly" Because you might have tokens in a month, but if you did not stake/unstake in that month, the value for that month will be never set (0).
* @param _tokenId The id of the NFT.
* @param _isIncreasingStake Whether the amount of tokens staked is increasing or decreasing.
* @param _amount The amount of tokens staked.
* @param _amount The month at which we are looking.
**/
function _updateMonthly(uint256 _tokenId, bool _isIncreasingStake, uint256 _amount, uint256 _month) private {
NftInfo storage _nft = nft[_tokenId];
NftInfoMonth storage _nftMonthToSet = _nft.monthly[_month];
NftTotalMonth storage _totalToSet = monthlyTotal[_month];
uint256 _minimumToCheck;
for (uint256 i = _month + 1; i >= 1; --i) {
NftInfoMonth memory _nftMonth = _nft.monthly[i - 1];
if (_nftMonth.staked > 0 || _nftMonth.hasWithdrawn == 1 || i == 1) {
uint256 _minimumDecreased;
if (_isIncreasingStake) {
_nftMonthToSet.staked = _nftMonth.staked + uint128(_amount);
if (i < _month + 1) {
_nftMonthToSet.minimumStaked = _nftMonth.staked;
} else {
_nftMonthToSet.minimumStaked = _nftMonth.minimumStaked;
}
} else {
if (_nftMonth.staked >= _amount) {
uint128 stakedToSet = _nftMonth.staked - uint128(_amount);
_nftMonthToSet.staked = stakedToSet;
_minimumToCheck = i < _month + 1 ? _nftMonth.staked : _nftMonth.minimumStaked;
if (stakedToSet < _minimumToCheck) {
_nftMonthToSet.minimumStaked = stakedToSet;
_minimumDecreased = _minimumToCheck - stakedToSet;
} else {
_nftMonthToSet.minimumStaked = uint128(_minimumToCheck);
}
} else {
revert UnstakeAmountNotAllowed();
}
}
for (uint256 ii = _month + 1; ii >= 1; --ii) {
NftTotalMonth memory _monthlyTotal = monthlyTotal[ii - 1];
if (_monthlyTotal.totalStaked > 0 || ii == 1) {
if (_isIncreasingStake) {
_totalToSet.totalStaked = _monthlyTotal.totalStaked + uint128(_amount);
if (ii < _month + 1) {
_totalToSet.minimumStaked = _monthlyTotal.totalStaked;
}
} else {
if (_monthlyTotal.totalStaked >= _amount) {
_totalToSet.totalStaked = _monthlyTotal.totalStaked - uint128(_amount);
_minimumToCheck = ii < _month + 1
? _monthlyTotal.totalStaked
: _monthlyTotal.minimumStaked;
_totalToSet.minimumStaked = uint128(_minimumToCheck - _minimumDecreased);
} else {
revert UnstakeAmountNotAllowed();
}
}
break;
}
}
break;
}
}
}
/****
**** PUBLIC VIEW
****/
/**
* @notice Get the current month number since the reward period has started.
* @return The current month.
**/
function getCurrentMonth() public view returns (uint256) {
if (block.timestamp < startTime) {
return 0;
} else {
return (block.timestamp - startTime) / 30 days;
}
}
/**
* @notice Get the currently staked and minimumStaked tokens for a specific NFT at a specific month (looping back).
* @param _tokenId The id of the NFT.
* @return stakedAmount The amount of tokens staked in an NFT.
* @return stakedAmountMinimum The amountMinimum of tokens staked in an NFT.s
**/
function getStaked(
uint256 _tokenId,
uint256 _month
) public view returns (uint256 stakedAmount, uint256 stakedAmountMinimum) {
if (!_exists(_tokenId)) {
revert NftNotExists();
}
NftInfo storage _nft = nft[_tokenId];
for (uint256 i = _month + 1; i >= 1; --i) {
NftInfoMonth storage _nftMonth = _nft.monthly[i - 1];
if (_nftMonth.staked > 0 || _nftMonth.hasWithdrawn == 1) {
if (i == _month + 1) {
return (_nftMonth.staked, _nftMonth.minimumStaked);
} else {
return (_nftMonth.staked, _nftMonth.staked);
}
}
}
return (0, 0);
}
/**
* @notice Get the current shares for a specific NFT at a specific month (looping back).
* @dev Loops from the current month back over the previous months to find the last time this NFT has been staked or unstaked
* @param _tokenId The id of the NFT.
* @return The shares of the NFT.
**/
function getShares(uint256 _tokenId, uint256 _month) public view returns (uint256) {
if (!_exists(_tokenId)) {
revert NftNotExists();
}
NftInfo storage _nft = nft[_tokenId];
for (uint256 i = _month + 1; i >= 1; --i) {
NftInfoMonth storage _nftMonth = _nft.monthly[i - 1];
if (_nftMonth.shares > 0 || (_nftMonth.hasWithdrawn == 1 && _nftMonth.staked == 0)) {
return _nftMonth.shares;
}
}
return 0;
}
/**
* @notice This function gets the tokenURI for this NFT.
* @dev The tokenURI is dynamically generated, it will be based on the type and level and many other variables and is then formatted.
* @param _tokenId The id of the NFT.
* @return _tokenUri a string which is the tokenURI of an NFT.
**/
function tokenURI(uint256 _tokenId) public view override returns (string memory _tokenUri) {
if (!_exists(_tokenId)) {
revert NftNotExists();
}
(uint256 staked, , uint256 shares, , , ) = getNftInfo(_tokenId);
uint256 level = nftData.getLevelCapped(staked, nft[_tokenId].tier);
NftInfo storage _nft = nft[_tokenId];
return
nftData.tokenUriTraits(
_tokenId,
level,
_nft.tier,
staked,
shares,
_nft.encodedAttributes,
_nft.lockPeriod + startTime,
initCompleted,
imageFolder
);
}
/****
**** EXTERNAL VIEW
****/
/**
* @notice Aggregates the information of a given NFT.
* @dev This function can be used to get all relevant data at once so that you do not have to do many blockchain calls in sequence.
* @param _tokenId The id of the NFT.
* @return _staked The amount of tokens staked in an NFT.
* @return _stakingAllowance The total amount of tokens you are still allowed to stake.
* @return _shares The shares of the NFT.
* @return _level The level of the NFT.
* @return _tier The tier of the NFT.
* @return _lockPeriod The period the NFT is locked for.
**/
function getNftInfo(
uint256 _tokenId
)
public
view
returns (
uint256 _staked,
uint256 _stakingAllowance,
uint256 _shares,
uint256 _level,
uint256 _tier,
uint256 _lockPeriod
)
{
if (!_exists(_tokenId)) {
revert NftNotExists();
}
NftInfo storage _nft = nft[_tokenId];
uint256 currentMonth = getCurrentMonth();
for (uint256 i = currentMonth + 1; i >= 1; --i) {
NftInfoMonth storage _nftMonth = _nft.monthly[i - 1];
if (_nftMonth.staked > 0 || _nftMonth.hasWithdrawn == 1) {
_staked = _nftMonth.staked;
break;
}
}
for (uint256 i = currentMonth + 1; i >= 1; --i) {
NftInfoMonth storage _nftMonth = _nft.monthly[i - 1];
if (_nftMonth.shares > 0 || (_nftMonth.hasWithdrawn == 1 && _nftMonth.staked == 0)) {
_shares = _nftMonth.shares;
break;
}
}
_stakingAllowance = _getStakingAllowance(_tokenId, _staked);
_tier = _nft.tier;
_level = nftData.getLevelCapped(_staked, _tier);
_lockPeriod = _nft.lockPeriod;
return (_staked, _stakingAllowance, _shares, _level, _tier, _lockPeriod);
}
/**
* @notice Gets the token ids that a wallet owns.
* @dev It loops over the tokenIds array and finds the owners of each id and then returns the array of ids.
* @param _nftOwner The address of the owner.
* @return tokenIds The array of token ids that the owner has.
**/
function getIdsFromWallet(address _nftOwner) external view returns (uint256[] memory tokenIds) {
tokenIds = new uint256[](balanceOf(_nftOwner));
uint256 counter = 0;
for (uint256 i = 1; i <= nftIdCounter; ++i) {
if (_exists(i) && ownerOf(i) == _nftOwner) {
tokenIds[counter] = i;
counter++;
}
}
return tokenIds;
}
/**
* @notice Aggregate function that returns the total shares, total balance and total minimum balance for a specific month.
* @dev The function loops back to prior months if the current month has no data.
* @param _month The specific month.
* @return _totalShares The total shares for that month.
* @return _totalBalance The total staked tokens that month.
* @return _minimumBalance The minimum total staked tokens that month.
**/
function getTotals(
uint256 _month
) external view returns (uint256 _totalShares, uint256 _totalBalance, uint256 _minimumBalance) {
_totalShares = monthlyTotal[_month].totalShares;
_totalBalance = monthlyTotal[_month].totalStaked;
_minimumBalance = monthlyTotal[_month].minimumStaked;
if (_month > 0 && _totalBalance == 0) {
for (uint256 i = _month + 1; i >= 1; --i) {
NftTotalMonth storage _monthlyTotal = monthlyTotal[i - 1];
if (_monthlyTotal.totalStaked > 0 || i <= 1) {
_totalBalance = _monthlyTotal.totalStaked;
_minimumBalance = _monthlyTotal.minimumStaked;
break;
}
}
}
if (_month > 0 && _totalShares == 0) {
for (uint256 i = _month + 1; i >= 1; --i) {
NftTotalMonth storage _monthlyTotal = monthlyTotal[i - 1];
if (_monthlyTotal.totalShares > 0 || i <= 1) {
_totalShares = _monthlyTotal.totalShares;
break;
}
}
}
}
/****
**** private VIEW
****/
/**
* @notice The _checkAllowance function checks if an amount does not go over the staking allowance for a specific NFT.
* @param _tokenId The id of the NFT.
* @param _amount The amount of tokens that should be staked.
**/
function _checkAllowance(uint256 _tokenId, uint256 _amount) private view {
if (msg.sender != ownerOf(_tokenId)) {
revert NftNotOwned();
}
(uint256 stakedAmount, ) = getStaked(_tokenId, getCurrentMonth());
if (nftData.getLevel(stakedAmount) < MAX_LEVEL) {
uint256 allowance = _getStakingAllowance(_tokenId, stakedAmount);
if (_amount > allowance) {
revert AllowanceExceeded(allowance);
}
}
}
/**
* @notice How much tokens you are allowed to stake into a specific tokenId.
* @dev It finds the allowance for the passed time since the startTime and calculates how much tokens you are allowed to stake for each.
* After it checks how much you have staked already this month and subtracts that.
* @param _tokenId The id of the nft for which you want to know the total allowance.
* @return stakingAllowance The total amount of tokens you are currently allowed to stake.
**/
function _getStakingAllowance(uint256 _tokenId, uint256 _staked) private view returns (uint256 stakingAllowance) {
if (startTime > block.timestamp) return 0;
NftInfo storage _nft = nft[_tokenId];
uint256 allowance = (((((block.timestamp - startTime) / 1 days) * DAILY_STAKING_ALLOWANCE) +
DAILY_STAKING_ALLOWANCE) * ONE_E18) + _nft.stakedAtMint;
if (allowance > _staked) {
stakingAllowance = allowance - _staked;
} else {
return 0;
}
}
/**
* @notice Returns the total shares from all NFTs.
* @dev The function loops back to the last month the total shares where updated.
* @param _month The month to look at, and from which to loop back.
* @return sharesTotal The total amount of shares.
**/
function _getTotalShares(uint256 _month) private view returns (uint256 sharesTotal) {
for (uint256 i = _month + 1; i > 0 && sharesTotal == 0; --i) {
sharesTotal = monthlyTotal[i - 1].totalShares;
}
}
/**
* @notice Hashes the data from a voucher that includes the information to mint an NFT.
* @dev This is done according to the EIP-712 standard. So that it is secure and takes into account context information such as chainId and contract address.
* @param _voucherId Id of the Voucher
* @param _type time mint type of the NFT
* @param _lockPeriod time the NFT will remain locked
* @param _account address of the minter
* @param _amountToStake amount of tokens staked directly into the NFT
**/
function _hashMint(
uint256 _voucherId,
uint256 _type,
uint256 _lockPeriod,
address _account,
uint256 _amountToStake
) private view returns (bytes32) {
return
_hashTypedDataV4(
keccak256(
abi.encode(
keccak256(
"NFT(uint256 voucherId,uint256 type,uint256 lockPeriod,address account,uint256 amountToStake)"
),
_voucherId,
_type,
_lockPeriod,
_account,
_amountToStake
)
)
);
}
/**
* @notice Checks with a digest and a signature if the account that signed the digest matches the voucherSigner.
* @param _digest The digest that is checked, this is the hash of messages that included the the typed data.
* @param _signature The signature that is checked, this is the signature of the person that signed the digest.
* @return a bool that is true if the account that signed the digest matches the voucherSigner.
**/
function _verify(bytes32 _digest, bytes memory _signature, address _voucherSigner) private pure returns (bool) {
return ECDSA.recover(_digest, _signature) == _voucherSigner;
}
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.22;
contract GenesisNftAttributes {
bytes32[2] public gender = [bytes32("Male"), bytes32("Female")];
bytes32[7] public body = [
bytes32("Brown"),
bytes32("Yellow"),
bytes32("White"),
bytes32("Tan"),
bytes32("Caramel"),
bytes32("Red"),
bytes32("Black")
];
bytes32[10] public profession = [
bytes32("Founder"),
bytes32("Sales"),
bytes32("Web3 Hacker"),
bytes32("Graphics Designer"),
bytes32("Tester"),
bytes32("Community Moderator"),
bytes32("Investor"),
bytes32("Marketeer"),
bytes32("Influencer"),
bytes32("Security Researcher")
];
bytes32[21] public accessories = [
bytes32("None"),
bytes32("Airpods Pro"),
bytes32("Airpods"),
bytes32("Earbud"),
bytes32("Earring Blue"),
bytes32("Earring Gold"),
bytes32("Earring Green"),
bytes32("Earring Pink"),
bytes32("Earring Red"),
bytes32("Earring Silver-Blue"),
bytes32("Earring Silver-Pink"),
bytes32("Earring Silver"),
bytes32("Glasses Black"),
bytes32("Glasses Blue"),
bytes32("Glasses Bordeaux"),
bytes32("Glasses Gold"),
bytes32("Glasses Pink"),
bytes32("Google Glass"),
bytes32("Mardi Mask"),
bytes32("Sennheiser"),
bytes32("Vision Pro")
];
bytes32[52] public background = [
bytes32("3D Printer"),
bytes32("Airplane Business Class"),
bytes32("Atelier"),
bytes32("Beach"),
bytes32("Blockchain Schematics"),
bytes32("Cabin In The Woods"),
bytes32("Co-working Space"),
bytes32("Coffeeshop"),
bytes32("Community Meetup"),
bytes32("Conference Booth"),
bytes32("Flip-over Board with Diagrams"),
bytes32("Garden Office"),
bytes32("Grand Conference"),
bytes32("Hackathon"),
bytes32("Hacker Desk"),
bytes32("Home Office"),
bytes32("Hotel Conference Room"),
bytes32("Hotel Lobby"),
bytes32("Library"),
bytes32("Linear Behongo"),
bytes32("Linear Crazy Orange"),
bytes32("Linear Earthly"),
bytes32("Linear Endless River"),
bytes32("Linear Hersheys"),
bytes32("Linear Metalic Toad"),
bytes32("Linear Predawn"),
bytes32("Linear Purple Bliss"),
bytes32("Linear Red Mist"),
bytes32("Linear Shore"),
bytes32("Meeting Room"),
bytes32("Mobile Office"),
bytes32("Modern Office Space"),
bytes32("Monitoring Room"),
bytes32("Office Desk"),
bytes32("Open Office Space"),
bytes32("Park"),
bytes32("Radial Aqua"),
bytes32("Radial Blue"),
bytes32("Radial Gold"),
bytes32("Radial Green"),
bytes32("Radial Grey"),
bytes32("Radial Mint"),
bytes32("Radial Pink"),
bytes32("Radial Purple"),
bytes32("Radial Red"),
bytes32("Radial Yellow"),
bytes32("Rooftop Terrace"),
bytes32("Sales Presentation"),
bytes32("Sunny Desk"),
bytes32("Trading Desk"),
bytes32("University Campus"),
bytes32("Yacht")
];
bytes32[19] public eyes = [
bytes32("Amber Blue"),
bytes32("Amber Grey"),
bytes32("Amber"),
bytes32("Blue"),
bytes32("Bright Green"),
bytes32("Brown"),
bytes32("Dark Green"),
bytes32("Deep Blue"),
bytes32("Deep Brown"),
bytes32("Deep Green"),
bytes32("Gold"),
bytes32("Green-Brown"),
bytes32("Green-Blue"),
bytes32("Green"),
bytes32("Grey"),
bytes32("Hazel"),
bytes32("Sea Blue"),
bytes32("Starlake"),
bytes32("Steel-Blue")
];
bytes32[34] public hair = [
bytes32("Black Hat"),
bytes32("Black"),
bytes32("Blonde Light"),
bytes32("Blonde Long"),
bytes32("Blonde Short"),
bytes32("Blonde"),
bytes32("Brown"),
bytes32("Cap Green"),
bytes32("Cap Grey"),
bytes32("Cap Hodl"),
bytes32("Cap Hype"),
bytes32("Cap KOL Green"),
bytes32("Cap KOL Pink"),
bytes32("Cap Orange"),
bytes32("Cap Pink"),
bytes32("Cap Red"),
bytes32("Cap Swag"),
bytes32("Cap Work X"),
bytes32("Dark Brown"),
bytes32("Grey"),
bytes32("Headphones"),
bytes32("Light Brown"),
bytes32("Light Orange"),
bytes32("Orange"),
bytes32("Pencil"),
bytes32("Purple"),
bytes32("Red Hat"),
bytes32("Red Long"),
bytes32("Red"),
bytes32("White Hat"),
bytes32("Anonymous"),
bytes32("Fire"),
bytes32("White"),
bytes32("VR Glasses")
];
bytes32[7] public mouth = [
bytes32("Full"),
bytes32("Neutral"),
bytes32("Slight Smile"),
bytes32("Smile"),
bytes32("Thin Smile"),
bytes32("Thin"),
bytes32("Wide Smile")
];
bytes32[8] public complexion = [
bytes32("Blush Light"),
bytes32("Blush Strong"),
bytes32("Clear"),
bytes32("Freckles Light"),
bytes32("Freckles Strong"),
bytes32("Beauty Spot Cheek"),
bytes32("Beauty Spot Eye"),
bytes32("Beauty Spot Lip")
];
bytes32[40] public item = [
bytes32("None"),
bytes32("A/B Testing"),
bytes32("Announcement Of An Announcement"),
bytes32("Briefcase Open"),
bytes32("Briefcase With Money"),
bytes32("Briefcase"),
bytes32("Bug Swatter"),
bytes32("Calendar"),
bytes32("Coding Laptop"),
bytes32("Compass"),
bytes32("Credit Card"),
bytes32("e-Reader"),
bytes32("Email Flow"),
bytes32("Floating Heart Icons"),
bytes32("Handshake"),
bytes32("Hearts Magnet"),
bytes32("Key"),
bytes32("Ledger"),
bytes32("Magnifying Glass"),
bytes32("Matrix Laptop"),
bytes32("Mechanical Keyboard"),
bytes32("Megaphone"),
bytes32("Merchandise Box"),
bytes32("Money Bag"),
bytes32("Money Plant Pots"),
bytes32("NDA Documents"),
bytes32("News Raises 20 Mil"),
bytes32("Pear Tablet"),
bytes32("Remote Control"),
bytes32("Satelite Dish"),
bytes32("Shield"),
bytes32("Stack of Flyers"),
bytes32("Stickered Tablet"),
bytes32("Tweet Flow"),
bytes32("Vlog Ring"),
bytes32("Warning Sign"),
bytes32("Writing Tablet"),
bytes32("Mardi Mask"),
bytes32("Pencil"),
bytes32("VR Glasses")
];
bytes32[92] public clothes = [
bytes32("Business Suit"),
bytes32("Cardigan Blue"),
bytes32("Cardigan Purple"),
bytes32("Chambray Shirt"),
bytes32("Corduroy Jacket"),
bytes32("Crewneck Sweater Blue"),
bytes32("Crewneck Sweater Grey"),
bytes32("Crewneck Sweater Orange"),
bytes32("Denim Jacket Blue"),
bytes32("Denim Jacket Red"),
bytes32("Fitted Blazer"),
bytes32("Graphic Tee"),
bytes32("Jacket With Hoodie Blue"),
bytes32("Jacket With Hoodie Green"),
bytes32("Jacket With Hoodie Red"),
bytes32("Party Suit"),
bytes32("Pullover Red"),
bytes32("Pullover Tropical"),
bytes32("Shirt Blue Lines"),
bytes32("Shirt Flannel"),
bytes32("Shirt Green"),
bytes32("Shirt Hawai"),
bytes32("Shirt Orange Lines"),
bytes32("Shirt Purple Logo"),
bytes32("Shirt Red"),
bytes32("Shirt White"),
bytes32("Shirt With Braces Light"),
bytes32("Shirt With Braces Robust"),
bytes32("Shirt With Tie Blue"),
bytes32("Shirt With Tie Logo"),
bytes32("Shirt With Tie White"),
bytes32("Turtleneck Sweater"),
bytes32("V-neck Sweater"),
bytes32("Zip-up Hoodie Blue"),
bytes32("Zip-up Hoodie Brown"),
bytes32("Zip-up Hoodie Gold"),
bytes32("Button Down Shirt With Necklace"),
bytes32("Button Down Shirt"),
bytes32("Cardigan On Pink Shirt"),
bytes32("Cardigan On Red Shirt"),
bytes32("Chambrey Shirt Grey"),
bytes32("Chambrey Shirt Light Blue"),
bytes32("Chambrey Shirt Logo"),
bytes32("Crewneck Sweater Green"),
bytes32("Crewneck Sweater Grey"),
bytes32("Denim Jacket Hoodie"),
bytes32("Denim Jacket"),
bytes32("Fitted Blazer High"),
bytes32("Fitted Blazer Logo"),
bytes32("Fitted Blazer Necklace"),
bytes32("Fitted Blazer"),
bytes32("Graphic Tee Ape"),
bytes32("Graphic Tee Eye"),
bytes32("Henley Shirt Robust"),
bytes32("Henley Shirt Smooth"),
bytes32("Hoodie Green"),
bytes32("Hoodie Purple"),
bytes32("Hoodie Robust"),
bytes32("Knit Cardigan Necklace"),
bytes32("Knit Cardigan Robust"),
bytes32("Knit Cardigan Smooth"),
bytes32("Pencil Skirt Brown"),
bytes32("Pencil Skirt Logo"),
bytes32("Pencil Skirt Necklace"),
bytes32("Pencil Skirt White"),
bytes32("Pullover Vest"),
bytes32("Satin Blouse Necklace"),
bytes32("Satin Blouse Open"),
bytes32("Satin Blouse Purple"),
bytes32("Satin Blouse Smooth"),
bytes32("Shirt With Braces Necklace"),
bytes32("Shirt With Braces"),
bytes32("Silk Blouse Grey"),
bytes32("Silk Blouse Open"),
bytes32("Sweatshirt Grey"),
bytes32("Sweatshirt Necklace"),
bytes32("Sweatshirt White"),
bytes32("Turtleneck Sweater"),
bytes32("V Neck Sweater Blue"),
bytes32("V Neck Sweater Necklace"),
bytes32("V Neck Sweater Red"),
bytes32("Velvet Blazer Bordeaux"),
bytes32("Velvet Blazer Necklace"),
bytes32("Velvet Blazer Robust"),
bytes32("Velvet Blazer Smooth"),
bytes32("Wide Leg Pantsuit Necklace"),
bytes32("Wide Leg Pantsuit Robust"),
bytes32("Wide Leg Pantsuit Smooth"),
bytes32("Zip-up Jacket Blue"),
bytes32("Zip-up Jacket Gold"),
bytes32("Zip-up Jacket Loose"),
bytes32("Zip-up Jacket Robust")
];
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.22;
import "@openzeppelin/contracts/utils/Strings.sol";
import "base64-sol/base64.sol";
import "./GenesisNftAttributes.sol";
error AddressInvalid();
error LevelInvalid();
contract GenesisNftData {
GenesisNftAttributes public immutable attributes;
uint256 private constant ONE_E18 = 10 ** 18;
uint256 private constant FOUR_E18 = 4 * 10 ** 18;
uint256 private constant MAX_LEVEL = 80;
/**
* @notice The formula is: (175 + level * 2.5) * ( 3 + floor(level / 10))
* This formula should be run and accumulated for each level up to the current level and then divided by 4 to fit into a uint16
*/
uint16[MAX_LEVEL] private levels = [
131,
264,
399,
535,
674,
814,
957,
1101,
1247,
1395,
1595,
1797,
2002,
2209,
2419,
2631,
2846,
3063,
3283,
3505,
3786,
4070,
4357,
4647,
4941,
5237,
5537,
5840,
6146,
6455,
6830,
7208,
7590,
7976,
8366,
8759,
9156,
9557,
9962,
10370,
10851,
11336,
11826,
12319,
12818,
13320,
13828,
14339,
14855,
15375,
15975,
16579,
17189,
17803,
18423,
19047,
19677,
20311,
20951,
21595,
22326,
23062,
23804,
24551,
25305,
26063,
26828,
27598,
28374,
29155,
30030,
30910,
31797,
32690,
33590,
34495,
35407,
36325,
37250,
38180
];
/**
* @notice The formula is: (level * 12 + levelCost) / 500
*/
uint16[81] public shares = [
1,
2,
3,
4,
5,
7,
8,
9,
10,
11,
13,
15,
16,
18,
20,
21,
23,
25,
27,
28,
31,
33,
35,
38,
40,
43,
45,
47,
50,
52,
55,
58,
61,
65,
68,
71,
74,
77,
81,
84,
88,
92,
96,
100,
104,
108,
112,
116,
120,
124,
129,
134,
139,
144,
149,
154,
159,
164,
169,
174,
180,
186,
192,
198,
204,
210,
216,
222,
229,
235,
242,
249,
256,
263,
270,
278,
285,
292,
300,
307,
320
];
constructor(address _attributesAddress) {
if (_attributesAddress == address(0)) {
revert AddressInvalid();
}
attributes = GenesisNftAttributes(_attributesAddress);
}
/**
* @notice Returns the level of the NFT based on the amount of tokens staked.
* @dev Splits 80 into 4 seconds of 20, then splits 20 into 4 sections of 5, then loops over the remaining 5 to find the correct level from the XP array.
* @param _staked The amount of tokens staked.
* @return The level of the NFT.
**/
function getLevel(uint256 _staked) public view returns (uint256) {
for (uint256 s1 = 1; s1 <= 4; ++s1) {
if (_staked < uint256(levels[s1 * 20 - 1]) * FOUR_E18) {
for (uint256 s2 = 1; s2 <= 4; ++s2) {
if (_staked <= uint256(levels[(s1 - 1) * 20 + (s2) * 5 - 1]) * FOUR_E18) {
uint256 ls = (s1 - 1) * 20 + (s2 - 1) * 5;
for (uint256 level = ls; level <= ls + 4; ++level) {
if (_staked < uint256(levels[level]) * FOUR_E18) {
return level;
}
}
}
}
}
}
return MAX_LEVEL;
}
/**
* @notice Returns the level of the NFT based on the amount of tokens staked capped by the tier.
* @dev Gets the level using getLevel, but then caps it based on the tier as the level does not increase if the tier is not evolved.
* @param _staked The amount of tokens staked.
* @param _tier The tier of the NFT.
* @return The level of the NFT.
**/
function getLevelCapped(uint256 _staked, uint256 _tier) external view returns (uint256) {
uint256 level = getLevel(_staked);
if ((_tier + 1) * 10 < level) {
return (_tier + 1) * 10;
}
return level;
}
/**
* @notice Returns the amount of tokens required to reach a specific level.
* @dev Gets the tokens from the level array and multiplies it by 4e18.
* @param _level The level to get the tokens required for.
* @return The amount of tokens required to reach the level.
**/
function getTokensRequiredForLevel(uint256 _level) external view returns (uint256) {
if (_level < 1) {
return 0;
} else if (_level > MAX_LEVEL) {
revert LevelInvalid();
}
return levels[_level - 1] * FOUR_E18;
}
/**
* @notice Returns the amount of tokens required to reach a specific tier.
* @dev Gets the tokens required for the specified tier from the level array and multiplies it by 4e18.
* @param _tier The tier to get the tokens required to reach it for.
* @return The amount of tokens required to reach the tier.
**/
function getTokensRequiredForTier(uint256 _tier) external view returns (uint256) {
if (_tier == 0) {
return 0;
}
if (_tier * 10 <= levels.length) {
return levels[(_tier * 10) - 1] * FOUR_E18;
} else {
return levels[levels.length - 1] * FOUR_E18;
}
}
/**
* @notice splits a bytes into an array of uint8's.
* @param _b The bytes to split.
* @return _res The array of uint8s's.
**/
function splitBytes(bytes memory _b) public pure returns (uint8[11] memory _res) {
for (uint256 i = 0; i < 11; i++) {
_res[i] = uint8(bytes1(_b[i]));
}
}
/**
* @notice Converts bytes32 to a string.
* @param _bytes32 The bytes to convert.
* @return The string representation of the bytes32.
**/
function bytes32ToString(bytes32 _bytes32) public pure returns (string memory) {
uint8 i = 0;
while (i < 32 && _bytes32[i] != 0) {
i++;
}
bytes memory bytesArray = new bytes(i);
for (i = 0; i < 32 && _bytes32[i] != 0; i++) {
bytesArray[i] = _bytes32[i];
}
return string(bytesArray);
}
/**
* @notice Decodes the attributes from the encoded attributes bytes32.
* @param _encodedAttributes The encoded attributes bytes.
* @return _attributes The array of attributes.
**/
function decodeAttributes(
bytes32 _encodedAttributes,
uint256 _initCompleted
) public view returns (string[11] memory _attributes) {
if (_initCompleted > 0) {
uint8[11] memory i = splitBytes(abi.encode(_encodedAttributes));
_attributes[0] = bytes32ToString(attributes.gender(i[0]));
_attributes[1] = bytes32ToString(attributes.body(i[1]));
_attributes[2] = bytes32ToString(attributes.profession(i[2]));
_attributes[3] = bytes32ToString(attributes.accessories(i[3]));
_attributes[4] = bytes32ToString(attributes.background(i[4]));
_attributes[5] = bytes32ToString(attributes.eyes(i[5]));
_attributes[6] = bytes32ToString(attributes.hair(i[6]));
_attributes[7] = bytes32ToString(attributes.mouth(i[7]));
_attributes[8] = bytes32ToString(attributes.complexion(i[8]));
_attributes[9] = bytes32ToString(attributes.item(i[9]));
_attributes[10] = bytes32ToString(attributes.clothes(i[10]));
} else {
_attributes = ["?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?"];
}
}
/**
* @notice Returns the token URI for the Genesis NFT.
* @dev Returns the token URI for the Genesis NFT.
* @param _level The level of the NFT.
* @param _tier The tier of the NFT.
* @param _staked The amount of tokens staked.
* @param _shares The amount of shares.
* @param _encodedAttributes The encoded attributes string.
* @param _unlockTime The unlock time of the NFT.
* @param _initCompleted Weather the initialization of the NFT has completed.
* @param _imageUri The image URI of the NFT.
* @return The token URI for the Genesis NFT.
**/
function tokenUriTraits(
uint256 _tokenId,
uint256 _level,
uint256 _tier,
uint256 _staked,
uint256 _shares,
bytes32 _encodedAttributes,
uint256 _unlockTime,
uint256 _initCompleted,
string calldata _imageUri
) external view returns (string memory) {
return
string(
abi.encodePacked(
"data:application/json;base64,",
Base64.encode(
bytes(
abi.encodePacked(
part1(_tokenId, _level, _tier, _staked, _imageUri, _initCompleted),
part2(_encodedAttributes, _initCompleted, _shares, _unlockTime)
)
)
)
)
);
}
function part1(
uint256 _tokenId,
uint256 _level,
uint256 _tier,
uint256 _staked,
string calldata _imageUri,
uint256 _initCompleted
) private pure returns (string memory) {
string memory img = _getImageUri(_tokenId, _imageUri, _initCompleted);
return
string(
abi.encodePacked(
'{"name":"Work X Genesis #',
Strings.toString(_tokenId),
'", "description":"This Work X Genesis NFT was obtained by being an early Work X adopter."',
img,
',"attributes": [{"trait_type":"Level","value":',
Strings.toString(_level),
'},{"trait_type":"Tier","value":',
Strings.toString(_tier),
'},{"trait_type":"$WORK Staked","value":',
Strings.toString(_staked / ONE_E18)
)
);
}
function part2(
bytes32 _encodedAttributes,
uint256 _initCompleted,
uint256 _shares,
uint256 _unlockTime
) private view returns (string memory) {
string[11] memory attr = decodeAttributes(_encodedAttributes, _initCompleted);
string memory p1 = string(
abi.encodePacked(
'},{"trait_type":"Gender","value":"',
attr[0],
'"},{"trait_type":"Body","value":"',
attr[1],
'"},{"trait_type":"Profession","value":"',
attr[2],
'"},{"trait_type":"Accessories","value":"',
attr[3],
'"},{"trait_type":"Background","value":"',
attr[4],
'"},{"trait_type":"Eyes","value":"',
attr[5]
)
);
string memory p2 = string(
abi.encodePacked(
'"},{"trait_type":"Hair","value":"',
attr[6],
'"},{"trait_type":"Mouth","value":"',
attr[7],
'"},{"trait_type":"Complexion","value":"',
attr[8],
'"},{"trait_type":"Item","value":"',
attr[9],
'"},{"trait_type":"Clothes","value":"',
attr[10]
)
);
string memory p3 = string(
abi.encodePacked(
'"},{"display_type": "boost_number", "trait_type": "Shares","value":',
Strings.toString(_shares),
'},{"display_type": "date", "trait_type": "Tokens Unlock","value":',
Strings.toString(_unlockTime),
"}]}"
)
);
return string(abi.encodePacked(p1, p2, p3));
}
function _getImageUri(
uint256 _tokenId,
string calldata _image,
uint256 _initCompleted
) private pure returns (string memory img) {
if (_initCompleted > 0) {
img = string.concat(',"image":"', _image, Strings.toString(_tokenId), '.png"');
} else {
img = ',"image": "https://content.workx.io/video/Work-X-Lockup.mp4"';
}
}
}
File 3 of 4: BlurExchangeV2
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import { Ownable2StepUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/Ownable2StepUpgradeable.sol";
import { UUPSUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/proxy/utils/UUPSUpgradeable.sol";
import { Executor } from "./Executor.sol";
import "./lib/Constants.sol";
import {
TakeAsk,
TakeBid,
TakeAskSingle,
TakeBidSingle,
Order,
Exchange,
Fees,
FeeRate,
AssetType,
OrderType,
Transfer,
FungibleTransfers,
StateUpdate,
AtomicExecution,
Cancel,
Listing
} from "./lib/Structs.sol";
import { IBlurExchangeV2 } from "./interfaces/IBlurExchangeV2.sol";
import { ReentrancyGuardUpgradeable } from "./lib/ReentrancyGuardUpgradeable.sol";
contract BlurExchangeV2 is
IBlurExchangeV2,
Ownable2StepUpgradeable,
UUPSUpgradeable,
ReentrancyGuardUpgradeable,
Executor
{
address public governor;
// required by the OZ UUPS module
function _authorizeUpgrade(address) internal override onlyOwner {}
constructor(address delegate, address pool, address proxy) Executor(delegate, pool, proxy) {
_disableInitializers();
}
function initialize() external initializer {
__UUPSUpgradeable_init();
__Ownable_init();
__Reentrancy_init();
verifyDomain();
}
modifier onlyGovernor() {
if (msg.sender != governor) {
revert Unauthorized();
}
_;
}
/**
* @notice Governor only function to set the protocol fee rate and recipient
* @param recipient Protocol fee recipient
* @param rate Protocol fee rate
*/
function setProtocolFee(address recipient, uint16 rate) external onlyGovernor {
if (rate > _MAX_PROTOCOL_FEE_RATE) {
revert ProtocolFeeTooHigh();
}
protocolFee = FeeRate(recipient, rate);
emit NewProtocolFee(recipient, rate);
}
/**
* @notice Admin only function to set the governor of the exchange
* @param _governor Address of governor to set
*/
function setGovernor(address _governor) external onlyOwner {
governor = _governor;
emit NewGovernor(_governor);
}
/**
* @notice Admin only function to grant or revoke the approval of an oracle
* @param oracle Address to set approval of
* @param approved If the oracle should be approved or not
*/
function setOracle(address oracle, bool approved) external onlyOwner {
if (approved) {
oracles[oracle] = 1;
} else {
oracles[oracle] = 0;
}
emit SetOracle(oracle, approved);
}
/**
* @notice Admin only function to set the block range
* @param _blockRange Block range that oracle signatures are valid for
*/
function setBlockRange(uint256 _blockRange) external onlyOwner {
blockRange = _blockRange;
emit NewBlockRange(_blockRange);
}
/**
* @notice Cancel listings by recording their fulfillment
* @param cancels List of cancels to execute
*/
function cancelTrades(Cancel[] memory cancels) external {
uint256 cancelsLength = cancels.length;
for (uint256 i; i < cancelsLength; ) {
Cancel memory cancel = cancels[i];
amountTaken[msg.sender][cancel.hash][cancel.index] += cancel.amount;
emit CancelTrade(msg.sender, cancel.hash, cancel.index, cancel.amount);
unchecked {
++i;
}
}
}
/**
* @notice Cancels all orders by incrementing caller nonce
*/
function incrementNonce() external {
emit NonceIncremented(msg.sender, ++nonces[msg.sender]);
}
/*//////////////////////////////////////////////////////////////
EXECUTION WRAPPERS
//////////////////////////////////////////////////////////////*/
/**
* @notice Wrapper of _takeAsk that verifies an oracle signature of the calldata before executing
* @param inputs Inputs for _takeAsk
* @param oracleSignature Oracle signature of inputs
*/
function takeAsk(
TakeAsk memory inputs,
bytes calldata oracleSignature
)
public
payable
nonReentrant
verifyOracleSignature(_hashCalldata(msg.sender), oracleSignature)
{
_takeAsk(
inputs.orders,
inputs.exchanges,
inputs.takerFee,
inputs.signatures,
inputs.tokenRecipient
);
}
/**
* @notice Wrapper of _takeBid that verifies an oracle signature of the calldata before executing
* @param inputs Inputs for _takeBid
* @param oracleSignature Oracle signature of inputs
*/
function takeBid(
TakeBid memory inputs,
bytes calldata oracleSignature
) public verifyOracleSignature(_hashCalldata(msg.sender), oracleSignature) {
_takeBid(inputs.orders, inputs.exchanges, inputs.takerFee, inputs.signatures);
}
/**
* @notice Wrapper of _takeAskSingle that verifies an oracle signature of the calldata before executing
* @param inputs Inputs for _takeAskSingle
* @param oracleSignature Oracle signature of inputs
*/
function takeAskSingle(
TakeAskSingle memory inputs,
bytes calldata oracleSignature
)
public
payable
nonReentrant
verifyOracleSignature(_hashCalldata(msg.sender), oracleSignature)
{
_takeAskSingle(
inputs.order,
inputs.exchange,
inputs.takerFee,
inputs.signature,
inputs.tokenRecipient
);
}
/**
* @notice Wrapper of _takeBidSingle that verifies an oracle signature of the calldata before executing
* @param inputs Inputs for _takeBidSingle
* @param oracleSignature Oracle signature of inputs
*/
function takeBidSingle(
TakeBidSingle memory inputs,
bytes calldata oracleSignature
) external verifyOracleSignature(_hashCalldata(msg.sender), oracleSignature) {
_takeBidSingle(inputs.order, inputs.exchange, inputs.takerFee, inputs.signature);
}
/*//////////////////////////////////////////////////////////////
EXECUTION POOL WRAPPERS
//////////////////////////////////////////////////////////////*/
/**
* @notice Wrapper of takeAskSingle that withdraws ETH from the caller's pool balance prior to executing
* @param inputs Inputs for takeAskSingle
* @param oracleSignature Oracle signature of inputs
* @param amountToWithdraw Amount of ETH to withdraw from the pool
*/
function takeAskSinglePool(
TakeAskSingle memory inputs,
bytes calldata oracleSignature,
uint256 amountToWithdraw
) external payable {
_withdrawFromPool(msg.sender, amountToWithdraw);
takeAskSingle(inputs, oracleSignature);
}
/**
* @notice Wrapper of takeAsk that withdraws ETH from the caller's pool balance prior to executing
* @param inputs Inputs for takeAsk
* @param oracleSignature Oracle signature of inputs
* @param amountToWithdraw Amount of ETH to withdraw from the pool
*/
function takeAskPool(
TakeAsk memory inputs,
bytes calldata oracleSignature,
uint256 amountToWithdraw
) external payable {
_withdrawFromPool(msg.sender, amountToWithdraw);
takeAsk(inputs, oracleSignature);
}
/*//////////////////////////////////////////////////////////////
EXECUTION FUNCTIONS
//////////////////////////////////////////////////////////////*/
/**
* @notice Take a single ask
* @param order Order of listing to fulfill
* @param exchange Exchange struct indicating the listing to take and the parameters to match it with
* @param takerFee Taker fee to be taken
* @param signature Order signature
* @param tokenRecipient Address to receive the token transfer
*/
function _takeAskSingle(
Order memory order,
Exchange memory exchange,
FeeRate memory takerFee,
bytes memory signature,
address tokenRecipient
) internal {
Fees memory fees = Fees(protocolFee, takerFee);
Listing memory listing = exchange.listing;
uint256 takerAmount = exchange.taker.amount;
/* Validate the order and listing, revert if not. */
if (!_validateOrderAndListing(order, OrderType.ASK, exchange, signature, fees)) {
revert InvalidOrder();
}
/* Create single execution batch and insert the transfer. */
bytes memory executionBatch = _initializeSingleExecution(
order,
OrderType.ASK,
listing.tokenId,
takerAmount,
tokenRecipient
);
/* Set the fulfillment of the order. */
unchecked {
amountTaken[order.trader][bytes32(order.salt)][listing.index] += takerAmount;
}
/* Execute the token transfers, revert if not successful. */
{
bool[] memory successfulTransfers = _executeNonfungibleTransfers(executionBatch, 1);
if (!successfulTransfers[0]) {
revert TokenTransferFailed();
}
}
(
uint256 totalPrice,
uint256 protocolFeeAmount,
uint256 makerFeeAmount,
uint256 takerFeeAmount
) = _computeFees(listing.price, takerAmount, order.makerFee, fees);
/* If there are insufficient funds to cover the price with the fees, revert. */
unchecked {
if (address(this).balance < totalPrice + takerFeeAmount) {
revert InsufficientFunds();
}
}
/* Execute ETH transfers. */
_transferETH(fees.protocolFee.recipient, protocolFeeAmount);
_transferETH(fees.takerFee.recipient, takerFeeAmount);
_transferETH(order.makerFee.recipient, makerFeeAmount);
unchecked {
_transferETH(order.trader, totalPrice - makerFeeAmount - protocolFeeAmount);
}
_emitExecutionEvent(executionBatch, order, listing.index, totalPrice, fees, OrderType.ASK);
/* Return dust. */
_transferETH(msg.sender, address(this).balance);
}
/**
* @notice Take a single bid
* @param order Order of listing to fulfill
* @param exchange Exchange struct indicating the listing to take and the parameters to match it with
* @param takerFee Taker fee to be taken
* @param signature Order signature
*/
function _takeBidSingle(
Order memory order,
Exchange memory exchange,
FeeRate memory takerFee,
bytes memory signature
) internal {
Fees memory fees = Fees(protocolFee, takerFee);
Listing memory listing = exchange.listing;
uint256 takerAmount = exchange.taker.amount;
/* Validate the order and listing, revert if not. */
if (!_validateOrderAndListing(order, OrderType.BID, exchange, signature, fees)) {
revert InvalidOrder();
}
/* Create single execution batch and insert the transfer. */
bytes memory executionBatch = _initializeSingleExecution(
order,
OrderType.BID,
exchange.taker.tokenId,
takerAmount,
msg.sender
);
/* Execute the token transfers, revert if not successful. */
{
bool[] memory successfulTransfers = _executeNonfungibleTransfers(executionBatch, 1);
if (!successfulTransfers[0]) {
revert TokenTransferFailed();
}
}
(
uint256 totalPrice,
uint256 protocolFeeAmount,
uint256 makerFeeAmount,
uint256 takerFeeAmount
) = _computeFees(listing.price, takerAmount, order.makerFee, fees);
/* Execute pool transfers and set the fulfillment of the order. */
address trader = order.trader;
_transferPool(trader, order.makerFee.recipient, makerFeeAmount);
_transferPool(trader, fees.takerFee.recipient, takerFeeAmount);
_transferPool(trader, fees.protocolFee.recipient, protocolFeeAmount);
unchecked {
_transferPool(trader, msg.sender, totalPrice - takerFeeAmount - protocolFeeAmount);
amountTaken[trader][bytes32(order.salt)][listing.index] += exchange.taker.amount;
}
_emitExecutionEvent(executionBatch, order, listing.index, totalPrice, fees, OrderType.BID);
}
/**
* @notice Take multiple asks; efficiently verifying and executing the transfers in bulk
* @param orders List of orders
* @param exchanges List of exchanges indicating the listing to take and the parameters to match it with
* @param takerFee Taker fee to be taken on each exchange
* @param signatures Bytes array of order signatures
* @param tokenRecipient Address to receive the tokens purchased
*/
function _takeAsk(
Order[] memory orders,
Exchange[] memory exchanges,
FeeRate memory takerFee,
bytes memory signatures,
address tokenRecipient
) internal {
Fees memory fees = Fees(protocolFee, takerFee);
/**
* Validate all the orders potentially used in the execution and
* initialize the arrays for pending fulfillments.
*/
(bool[] memory validOrders, uint256[][] memory pendingAmountTaken) = _validateOrders(
orders,
OrderType.ASK,
signatures,
fees
);
uint256 exchangesLength = exchanges.length;
/* Initialize the execution batch structs. */
(
bytes memory executionBatch,
FungibleTransfers memory fungibleTransfers
) = _initializeBatch(exchangesLength, OrderType.ASK, tokenRecipient);
Order memory order;
Exchange memory exchange;
uint256 remainingETH = address(this).balance;
for (uint256 i; i < exchangesLength; ) {
exchange = exchanges[i];
order = orders[exchange.index];
/* Check the listing and exchange is valid and its parent order has already been validated. */
if (
_validateListingFromBatch(
order,
OrderType.ASK,
exchange,
validOrders,
pendingAmountTaken
)
) {
/* Insert the transfers into the batch. */
bool inserted;
(remainingETH, inserted) = _insertExecutionAsk(
executionBatch,
fungibleTransfers,
order,
exchange,
fees,
remainingETH
);
if (inserted) {
unchecked {
pendingAmountTaken[exchange.index][exchange.listing.index] += exchange
.taker
.amount;
}
}
}
unchecked {
++i;
}
}
/* Execute all transfers. */
_executeBatchTransfer(executionBatch, fungibleTransfers, fees, OrderType.ASK);
/* Return dust. */
_transferETH(msg.sender, address(this).balance);
}
/**
* @notice Take multiple bids; efficiently verifying and executing the transfers in bulk
* @param orders List of orders
* @param exchanges List of exchanges indicating the listing to take and the parameters to match it with
* @param takerFee Taker fee to be taken on each exchange
* @param signatures Bytes array of order signatures
*/
function _takeBid(
Order[] memory orders,
Exchange[] memory exchanges,
FeeRate memory takerFee,
bytes memory signatures
) internal {
Fees memory fees = Fees(protocolFee, takerFee);
/**
* Validate all the orders potentially used in the execution and
* initialize the arrays for pending fulfillments.
*/
(bool[] memory validOrders, uint256[][] memory pendingAmountTaken) = _validateOrders(
orders,
OrderType.BID,
signatures,
fees
);
uint256 exchangesLength = exchanges.length;
/* Initialize the execution batch structs. */
(
bytes memory executionBatch,
FungibleTransfers memory fungibleTransfers
) = _initializeBatch(exchangesLength, OrderType.BID, msg.sender);
Order memory order;
Exchange memory exchange;
for (uint256 i; i < exchangesLength; ) {
exchange = exchanges[i];
order = orders[exchange.index];
/* Check the listing and exchange is valid and its parent order has already been validated. */
if (
_validateListingFromBatch(
order,
OrderType.BID,
exchange,
validOrders,
pendingAmountTaken
)
) {
/* Insert the transfers into the batch. */
_insertExecutionBid(executionBatch, fungibleTransfers, order, exchange, fees);
/* Record the pending fulfillment. */
unchecked {
pendingAmountTaken[exchange.index][exchange.listing.index] += exchange
.taker
.amount;
}
}
unchecked {
++i;
}
}
/* Execute all transfers. */
_executeBatchTransfer(executionBatch, fungibleTransfers, fees, OrderType.BID);
}
/*//////////////////////////////////////////////////////////////
EXECUTION HELPERS
//////////////////////////////////////////////////////////////*/
/**
* @notice Initialize the ExecutionBatch and FungibleTransfers objects for bulk execution
* @param exchangesLength Number of exchanges
* @param orderType Order type
* @param taker Order taker address
*/
function _initializeBatch(
uint256 exchangesLength,
OrderType orderType,
address taker
)
internal
pure
returns (bytes memory executionBatch, FungibleTransfers memory fungibleTransfers)
{
/* Initialize the batch. Constructing it manually in calldata packing allows for cheaper delegate execution. */
uint256 arrayLength = Transfer_size * exchangesLength + One_word;
uint256 executionBatchLength = ExecutionBatch_base_size + arrayLength;
executionBatch = new bytes(executionBatchLength);
assembly {
let calldataPointer := add(executionBatch, ExecutionBatch_calldata_offset)
mstore(add(calldataPointer, ExecutionBatch_taker_offset), taker)
mstore(add(calldataPointer, ExecutionBatch_orderType_offset), orderType)
mstore(add(calldataPointer, ExecutionBatch_transfers_pointer_offset), ExecutionBatch_transfers_offset) // set the transfers pointer
mstore(add(calldataPointer, ExecutionBatch_transfers_offset), exchangesLength) // set the length of the transfers array
}
/* Initialize the fungible transfers object. */
AtomicExecution[] memory executions = new AtomicExecution[](exchangesLength);
address[] memory feeRecipients = new address[](exchangesLength);
address[] memory makers = new address[](exchangesLength);
uint256[] memory makerTransfers = new uint256[](exchangesLength);
uint256[] memory feeTransfers = new uint256[](exchangesLength);
fungibleTransfers = FungibleTransfers({
totalProtocolFee: 0,
totalSellerTransfer: 0,
totalTakerFee: 0,
feeRecipientId: 0,
feeRecipients: feeRecipients,
makerId: 0,
makers: makers,
feeTransfers: feeTransfers,
makerTransfers: makerTransfers,
executions: executions
});
}
/**
* @notice Initialize the ExecutionBatch object for a single execution
* @param order Order to take a Listing from
* @param orderType Order type
* @param tokenId Token id
* @param amount ERC721/ERC1155 amount
* @param taker Order taker address
*/
function _initializeSingleExecution(
Order memory order,
OrderType orderType,
uint256 tokenId,
uint256 amount,
address taker
) internal pure returns (bytes memory executionBatch) {
/* Initialize the batch. Constructing it manually in calldata packing allows for cheaper delegate execution. */
uint256 arrayLength = Transfer_size + One_word;
uint256 executionBatchLength = ExecutionBatch_base_size + arrayLength;
executionBatch = new bytes(executionBatchLength);
assembly {
let calldataPointer := add(executionBatch, ExecutionBatch_calldata_offset)
mstore(add(calldataPointer, ExecutionBatch_taker_offset), taker)
mstore(add(calldataPointer, ExecutionBatch_orderType_offset), orderType)
mstore(add(calldataPointer, ExecutionBatch_transfers_pointer_offset), ExecutionBatch_transfers_offset) // set the transfers pointer
mstore(add(calldataPointer, ExecutionBatch_transfers_offset), 1) // set the length of the transfers array
}
/* Insert the transfer into the batch. */
_insertNonfungibleTransfer(executionBatch, order, tokenId, amount);
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (access/Ownable2Step.sol)
pragma solidity ^0.8.0;
import "./OwnableUpgradeable.sol";
import "../proxy/utils/Initializable.sol";
/**
* @dev Contract module which provides access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership} and {acceptOwnership}.
*
* This module is used through inheritance. It will make available all functions
* from parent (Ownable).
*/
abstract contract Ownable2StepUpgradeable is Initializable, OwnableUpgradeable {
function __Ownable2Step_init() internal onlyInitializing {
__Ownable_init_unchained();
}
function __Ownable2Step_init_unchained() internal onlyInitializing {
}
address private _pendingOwner;
event OwnershipTransferStarted(address indexed previousOwner, address indexed newOwner);
/**
* @dev Returns the address of the pending owner.
*/
function pendingOwner() public view virtual returns (address) {
return _pendingOwner;
}
/**
* @dev Starts the ownership transfer of the contract to a new account. Replaces the pending transfer if there is one.
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual override onlyOwner {
_pendingOwner = newOwner;
emit OwnershipTransferStarted(owner(), newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`) and deletes any pending owner.
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual override {
delete _pendingOwner;
super._transferOwnership(newOwner);
}
/**
* @dev The new owner accepts the ownership transfer.
*/
function acceptOwnership() external {
address sender = _msgSender();
require(pendingOwner() == sender, "Ownable2Step: caller is not the new owner");
_transferOwnership(sender);
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[49] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (proxy/utils/UUPSUpgradeable.sol)
pragma solidity ^0.8.0;
import "../../interfaces/draft-IERC1822Upgradeable.sol";
import "../ERC1967/ERC1967UpgradeUpgradeable.sol";
import "./Initializable.sol";
/**
* @dev An upgradeability mechanism designed for UUPS proxies. The functions included here can perform an upgrade of an
* {ERC1967Proxy}, when this contract is set as the implementation behind such a proxy.
*
* A security mechanism ensures that an upgrade does not turn off upgradeability accidentally, although this risk is
* reinstated if the upgrade retains upgradeability but removes the security mechanism, e.g. by replacing
* `UUPSUpgradeable` with a custom implementation of upgrades.
*
* The {_authorizeUpgrade} function must be overridden to include access restriction to the upgrade mechanism.
*
* _Available since v4.1._
*/
abstract contract UUPSUpgradeable is Initializable, IERC1822ProxiableUpgradeable, ERC1967UpgradeUpgradeable {
function __UUPSUpgradeable_init() internal onlyInitializing {
}
function __UUPSUpgradeable_init_unchained() internal onlyInitializing {
}
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable state-variable-assignment
address private immutable __self = address(this);
/**
* @dev Check that the execution is being performed through a delegatecall call and that the execution context is
* a proxy contract with an implementation (as defined in ERC1967) pointing to self. This should only be the case
* for UUPS and transparent proxies that are using the current contract as their implementation. Execution of a
* function through ERC1167 minimal proxies (clones) would not normally pass this test, but is not guaranteed to
* fail.
*/
modifier onlyProxy() {
require(address(this) != __self, "Function must be called through delegatecall");
require(_getImplementation() == __self, "Function must be called through active proxy");
_;
}
/**
* @dev Check that the execution is not being performed through a delegate call. This allows a function to be
* callable on the implementing contract but not through proxies.
*/
modifier notDelegated() {
require(address(this) == __self, "UUPSUpgradeable: must not be called through delegatecall");
_;
}
/**
* @dev Implementation of the ERC1822 {proxiableUUID} function. This returns the storage slot used by the
* implementation. It is used to validate the implementation's compatibility when performing an upgrade.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy. This is guaranteed by the `notDelegated` modifier.
*/
function proxiableUUID() external view virtual override notDelegated returns (bytes32) {
return _IMPLEMENTATION_SLOT;
}
/**
* @dev Upgrade the implementation of the proxy to `newImplementation`.
*
* Calls {_authorizeUpgrade}.
*
* Emits an {Upgraded} event.
*/
function upgradeTo(address newImplementation) external virtual onlyProxy {
_authorizeUpgrade(newImplementation);
_upgradeToAndCallUUPS(newImplementation, new bytes(0), false);
}
/**
* @dev Upgrade the implementation of the proxy to `newImplementation`, and subsequently execute the function call
* encoded in `data`.
*
* Calls {_authorizeUpgrade}.
*
* Emits an {Upgraded} event.
*/
function upgradeToAndCall(address newImplementation, bytes memory data) external payable virtual onlyProxy {
_authorizeUpgrade(newImplementation);
_upgradeToAndCallUUPS(newImplementation, data, true);
}
/**
* @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract. Called by
* {upgradeTo} and {upgradeToAndCall}.
*
* Normally, this function will use an xref:access.adoc[access control] modifier such as {Ownable-onlyOwner}.
*
* ```solidity
* function _authorizeUpgrade(address) internal override onlyOwner {}
* ```
*/
function _authorizeUpgrade(address newImplementation) internal virtual;
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import { Validation } from "./Validation.sol";
import "./lib/Constants.sol";
import {
Order,
Exchange,
FungibleTransfers,
StateUpdate,
AtomicExecution,
AssetType,
Fees,
FeeRate,
Listing,
Taker,
Transfer,
OrderType
} from "./lib/Structs.sol";
import { IDelegate } from "./interfaces/IDelegate.sol";
import { IExecutor } from "./interfaces/IExecutor.sol";
abstract contract Executor is IExecutor, Validation {
address private immutable _DELEGATE;
address private immutable _POOL;
constructor(address delegate, address pool, address proxy) Validation(proxy) {
_DELEGATE = delegate;
_POOL = pool;
}
receive() external payable {
if (msg.sender != _POOL) {
revert Unauthorized();
}
}
/**
* @notice Insert a validated ask listing into the batch if there's sufficient ETH to fulfill
* @param executionBatch Execution batch
* @param fungibleTransfers Fungible transfers
* @param order Order of the listing to insert
* @param exchange Exchange containing the listing to insert
* @param fees Protocol and taker fees
* @param remainingETH Available ETH remaining
* @return Available ETH remaining after insertion; if the listing was inserted in the batch
*/
function _insertExecutionAsk(
bytes memory executionBatch,
FungibleTransfers memory fungibleTransfers,
Order memory order,
Exchange memory exchange,
Fees memory fees,
uint256 remainingETH
) internal pure returns (uint256, bool) {
uint256 takerAmount = exchange.taker.amount;
(
uint256 totalPrice,
uint256 protocolFeeAmount,
uint256 makerFeeAmount,
uint256 takerFeeAmount
) = _computeFees(exchange.listing.price, takerAmount, order.makerFee, fees);
/* Only insert the executions if there are sufficient funds to execute. */
if (remainingETH >= totalPrice + takerFeeAmount) {
unchecked {
remainingETH = remainingETH - totalPrice - takerFeeAmount;
}
_setAddresses(fungibleTransfers, order);
uint256 index = _insertNonfungibleTransfer(
executionBatch,
order,
exchange.listing.tokenId,
takerAmount
);
_insertFungibleTransfers(
fungibleTransfers,
takerAmount,
exchange.listing,
bytes32(order.salt),
index,
totalPrice,
protocolFeeAmount,
makerFeeAmount,
takerFeeAmount,
true
);
return (remainingETH, true);
} else {
return (remainingETH, false);
}
}
/**
* @notice Insert a validated bid listing into the batch
* @param executionBatch Execution batch
* @param fungibleTransfers Fungible transfers
* @param order Order of the listing to insert
* @param exchange Exchange containing listing to insert
* @param fees Protocol and taker fees
*/
function _insertExecutionBid(
bytes memory executionBatch,
FungibleTransfers memory fungibleTransfers,
Order memory order,
Exchange memory exchange,
Fees memory fees
) internal pure {
uint256 takerAmount = exchange.taker.amount;
(
uint256 totalPrice,
uint256 protocolFeeAmount,
uint256 makerFeeAmount,
uint256 takerFeeAmount
) = _computeFees(exchange.listing.price, takerAmount, order.makerFee, fees);
_setAddresses(fungibleTransfers, order);
uint256 index = _insertNonfungibleTransfer(
executionBatch,
order,
exchange.taker.tokenId,
takerAmount
);
_insertFungibleTransfers(
fungibleTransfers,
takerAmount,
exchange.listing,
bytes32(order.salt),
index,
totalPrice,
protocolFeeAmount,
makerFeeAmount,
takerFeeAmount,
false
);
}
/**
* @notice Insert the nonfungible transfer into the batch
* @param executionBatch Execution batch
* @param order Order
* @param tokenId Token id
* @param amount Number of token units
* @return transferIndex Index of the transfer
*/
function _insertNonfungibleTransfer(
bytes memory executionBatch,
Order memory order,
uint256 tokenId,
uint256 amount
) internal pure returns (uint256 transferIndex) {
assembly {
let calldataPointer := add(executionBatch, ExecutionBatch_calldata_offset)
transferIndex := mload(add(calldataPointer, ExecutionBatch_length_offset))
let transfersOffset := mload(add(calldataPointer, ExecutionBatch_transfers_pointer_offset))
let transferPointer := add(
add(calldataPointer, add(transfersOffset, One_word)),
mul(transferIndex, Transfer_size)
)
mstore(
add(transferPointer, Transfer_trader_offset),
mload(add(order, Order_trader_offset))
) // set the trader
mstore(add(transferPointer, Transfer_id_offset), tokenId) // set the token id
mstore(
add(transferPointer, Transfer_collection_offset),
mload(add(order, Order_collection_offset))
) // set the collection
mstore(
add(transferPointer, Transfer_assetType_offset),
mload(add(order, Order_assetType_offset))
) // set the asset type
mstore(add(calldataPointer, ExecutionBatch_length_offset), add(transferIndex, 1)) // increment the batch length
if eq(mload(add(order, Order_assetType_offset)), AssetType_ERC1155) {
mstore(add(transferPointer, Transfer_amount_offset), amount) // set the amount (don't need to set for ERC721's)
}
}
}
/**
* @notice Insert the fungible transfers that need to be executed atomically
* @param fungibleTransfers Fungible transfers struct
* @param takerAmount Amount of the listing being taken
* @param listing Listing to execute
* @param orderHash Order hash
* @param index Execution index
* @param totalPrice Total price of the purchased tokens
* @param protocolFeeAmount Computed protocol fee
* @param makerFeeAmount Computed maker fee
* @param takerFeeAmount Computed taker fee
* @param makerIsSeller Is the order maker the seller
*/
function _insertFungibleTransfers(
FungibleTransfers memory fungibleTransfers,
uint256 takerAmount,
Listing memory listing,
bytes32 orderHash,
uint256 index,
uint256 totalPrice,
uint256 protocolFeeAmount,
uint256 makerFeeAmount,
uint256 takerFeeAmount,
bool makerIsSeller
) internal pure {
uint256 makerId = fungibleTransfers.makerId;
fungibleTransfers.executions[index].makerId = makerId;
fungibleTransfers.executions[index].makerFeeRecipientId = fungibleTransfers.feeRecipientId;
fungibleTransfers.executions[index].stateUpdate = StateUpdate({
trader: fungibleTransfers.makers[makerId],
hash: orderHash,
index: listing.index,
value: takerAmount,
maxAmount: listing.amount
});
if (makerIsSeller) {
unchecked {
fungibleTransfers.executions[index].sellerAmount =
totalPrice -
protocolFeeAmount -
makerFeeAmount;
}
} else {
unchecked {
fungibleTransfers.executions[index].sellerAmount =
totalPrice -
protocolFeeAmount -
takerFeeAmount;
}
}
fungibleTransfers.executions[index].makerFeeAmount = makerFeeAmount;
fungibleTransfers.executions[index].takerFeeAmount = takerFeeAmount;
fungibleTransfers.executions[index].protocolFeeAmount = protocolFeeAmount;
}
/**
* @notice Set the addresses of the maker fee recipient and order maker if different than currently being batched
* @param fungibleTransfers Fungible transfers struct
* @param order Parent order of listing being added to the batch
*/
function _setAddresses(
FungibleTransfers memory fungibleTransfers,
Order memory order
) internal pure {
address feeRecipient = order.makerFee.recipient;
uint256 feeRecipientId = fungibleTransfers.feeRecipientId;
address currentFeeRecipient = fungibleTransfers.feeRecipients[feeRecipientId];
if (feeRecipient != currentFeeRecipient) {
if (currentFeeRecipient == address(0)) {
fungibleTransfers.feeRecipients[feeRecipientId] = feeRecipient;
} else {
unchecked {
fungibleTransfers.feeRecipients[++feeRecipientId] = feeRecipient;
}
fungibleTransfers.feeRecipientId = feeRecipientId;
}
}
address trader = order.trader;
uint256 makerId = fungibleTransfers.makerId;
address currentTrader = fungibleTransfers.makers[makerId];
if (trader != currentTrader) {
if (currentTrader == address(0)) {
fungibleTransfers.makers[makerId] = trader;
} else {
unchecked {
fungibleTransfers.makers[++makerId] = trader;
}
fungibleTransfers.makerId = makerId;
}
}
}
/**
* @notice Compute all necessary fees to be taken
* @param pricePerToken Price per token unit
* @param takerAmount Number of token units taken (should only be greater than 1 for ERC1155)
* @param fees Protocol and taker fee set by the transaction
*/
function _computeFees(
uint256 pricePerToken,
uint256 takerAmount,
FeeRate memory makerFee,
Fees memory fees
)
internal
pure
returns (
uint256 totalPrice,
uint256 protocolFeeAmount,
uint256 makerFeeAmount,
uint256 takerFeeAmount
)
{
totalPrice = pricePerToken * takerAmount;
makerFeeAmount = (totalPrice * makerFee.rate) / _BASIS_POINTS;
takerFeeAmount = (totalPrice * fees.takerFee.rate) / _BASIS_POINTS;
protocolFeeAmount = (totalPrice * fees.protocolFee.rate) / _BASIS_POINTS;
}
/*//////////////////////////////////////////////////////////////
EXECUTION FUNCTIONS
//////////////////////////////////////////////////////////////*/
/**
* @notice Execute the transfers by first attempting the nonfungible transfers, for the successful transfers sum the fungible transfers by the recipients and execute
* @param executionBatch Execution batch struct
* @param fungibleTransfers Fungible transfers struct
* @param fees Protocol, maker, taker fees (note: makerFee will be inaccurate at this point in execution)
* @param orderType Order type
*/
function _executeBatchTransfer(
bytes memory executionBatch,
FungibleTransfers memory fungibleTransfers,
Fees memory fees,
OrderType orderType
) internal {
uint256 batchLength;
assembly {
let calldataPointer := add(executionBatch, ExecutionBatch_calldata_offset)
batchLength := mload(add(calldataPointer, ExecutionBatch_length_offset))
}
if (batchLength > 0) {
bool[] memory successfulTransfers = _executeNonfungibleTransfers(
executionBatch,
batchLength
);
uint256 transfersLength = successfulTransfers.length;
for (uint256 i; i < transfersLength; ) {
if (successfulTransfers[i]) {
AtomicExecution memory execution = fungibleTransfers.executions[i];
FeeRate memory makerFee;
uint256 price;
unchecked {
if (orderType == OrderType.ASK) {
fungibleTransfers.makerTransfers[execution.makerId] += execution
.sellerAmount; // amount that needs to be sent *to* the order maker
price =
execution.sellerAmount +
execution.protocolFeeAmount +
execution.makerFeeAmount;
} else {
fungibleTransfers.makerTransfers[execution.makerId] +=
execution.protocolFeeAmount +
execution.makerFeeAmount +
execution.takerFeeAmount +
execution.sellerAmount; // amount that needs to be taken *from* the order maker
price =
execution.sellerAmount +
execution.protocolFeeAmount +
execution.takerFeeAmount;
}
fungibleTransfers.totalSellerTransfer += execution.sellerAmount; // only for bids
fungibleTransfers.totalProtocolFee += execution.protocolFeeAmount;
fungibleTransfers.totalTakerFee += execution.takerFeeAmount;
fungibleTransfers.feeTransfers[execution.makerFeeRecipientId] += execution
.makerFeeAmount;
makerFee = FeeRate(
fungibleTransfers.feeRecipients[execution.makerFeeRecipientId],
uint16((execution.makerFeeAmount * _BASIS_POINTS) / price)
);
}
/* Commit state updates. */
StateUpdate memory stateUpdate = fungibleTransfers.executions[i].stateUpdate;
{
address trader = stateUpdate.trader;
bytes32 hash = stateUpdate.hash;
uint256 index = stateUpdate.index;
uint256 _amountTaken = amountTaken[trader][hash][index];
uint256 newAmountTaken = _amountTaken + stateUpdate.value;
/* Overfulfilled Listings should be caught prior to inserting into the batch, but this check prevents any misuse. */
if (newAmountTaken <= stateUpdate.maxAmount) {
amountTaken[trader][hash][index] = newAmountTaken;
} else {
revert OrderFulfilled();
}
}
_emitExecutionEventFromBatch(
executionBatch,
price,
makerFee,
fees,
stateUpdate,
orderType,
i
);
}
unchecked {
++i;
}
}
if (orderType == OrderType.ASK) {
/* Transfer the payments to the sellers. */
uint256 makersLength = fungibleTransfers.makerId + 1;
for (uint256 i; i < makersLength; ) {
_transferETH(fungibleTransfers.makers[i], fungibleTransfers.makerTransfers[i]);
unchecked {
++i;
}
}
/* Transfer the fees to the fee recipients. */
uint256 feesLength = fungibleTransfers.feeRecipientId + 1;
for (uint256 i; i < feesLength; ) {
_transferETH(
fungibleTransfers.feeRecipients[i],
fungibleTransfers.feeTransfers[i]
);
unchecked {
++i;
}
}
/* Transfer the protocol fees. */
_transferETH(fees.protocolFee.recipient, fungibleTransfers.totalProtocolFee);
/* Transfer the taker fees. */
_transferETH(fees.takerFee.recipient, fungibleTransfers.totalTakerFee);
} else {
/* Take the pool funds from the buyers. */
uint256 makersLength = fungibleTransfers.makerId + 1;
for (uint256 i; i < makersLength; ) {
_transferPool(
fungibleTransfers.makers[i],
address(this),
fungibleTransfers.makerTransfers[i]
);
unchecked {
++i;
}
}
/* Transfer the payment to the seller. */
_transferPool(address(this), msg.sender, fungibleTransfers.totalSellerTransfer);
/* Transfer the fees to the fee recipients. */
uint256 feesLength = fungibleTransfers.feeRecipientId + 1;
for (uint256 i; i < feesLength; ) {
_transferPool(
address(this),
fungibleTransfers.feeRecipients[i],
fungibleTransfers.feeTransfers[i]
);
unchecked {
++i;
}
}
/* Transfer the protocol fees. */
_transferPool(
address(this),
fees.protocolFee.recipient,
fungibleTransfers.totalProtocolFee
);
/* Transfer the taker fees. */
_transferPool(
address(this),
fees.takerFee.recipient,
fungibleTransfers.totalTakerFee
);
}
}
}
/**
* @notice Attempt to execute a series of nonfungible transfers through the delegate; reverts will be skipped
* @param executionBatch Execution batch struct
* @param batchIndex Current available transfer slot in the batch
* @return Array indicating which transfers were successful
*/
function _executeNonfungibleTransfers(
bytes memory executionBatch,
uint256 batchIndex
) internal returns (bool[] memory) {
address delegate = _DELEGATE;
/* Initialize the memory space for the successful transfers array returned from the Delegate call. */
uint256 successfulTransfersPointer;
assembly {
successfulTransfersPointer := mload(Memory_pointer)
/* Need to shift the free memory pointer ahead one word to account for the array pointer returned from the call. */
mstore(Memory_pointer, add(successfulTransfersPointer, One_word))
}
bool[] memory successfulTransfers = new bool[](batchIndex);
assembly {
let size := mload(executionBatch)
let selectorPointer := add(executionBatch, ExecutionBatch_selector_offset)
mstore(selectorPointer, shr(Bytes4_shift, Delegate_transfer_selector))
let success := call(
gas(),
delegate,
0,
add(selectorPointer, Delegate_transfer_calldata_offset),
sub(size, Delegate_transfer_calldata_offset),
successfulTransfersPointer,
add(0x40, mul(batchIndex, One_word))
)
}
return successfulTransfers;
}
/*//////////////////////////////////////////////////////////////
TRANSFER FUNCTIONS
//////////////////////////////////////////////////////////////*/
/**
* @notice Transfer ETH
* @param to Recipient address
* @param amount Amount of ETH to send
*/
function _transferETH(address to, uint256 amount) internal {
if (amount > 0) {
bool success;
assembly {
success := call(gas(), to, amount, 0, 0, 0, 0)
}
if (!success) {
revert ETHTransferFailed();
}
}
}
/**
* @notice Transfer pool funds on behalf of a user
* @param from Sender address
* @param to Recipient address
* @param amount Amount to send
*/
function _transferPool(address from, address to, uint256 amount) internal {
if (amount > 0) {
bool success;
address pool = _POOL;
assembly {
let x := mload(Memory_pointer)
mstore(x, ERC20_transferFrom_selector)
mstore(add(x, ERC20_transferFrom_from_offset), from)
mstore(add(x, ERC20_transferFrom_to_offset), to)
mstore(add(x, ERC20_transferFrom_amount_offset), amount)
success := call(gas(), pool, 0, x, ERC20_transferFrom_size, 0, 0)
}
if (!success) {
revert PoolTransferFailed();
}
}
}
/**
* @notice Deposit ETH to user's pool funds
* @param to Recipient address
* @param amount Amount of ETH to deposit
*/
function _depositPool(address to, uint256 amount) internal {
bool success;
address pool = _POOL;
assembly {
let x := mload(Memory_pointer)
mstore(x, Pool_deposit_selector)
mstore(add(x, Pool_deposit_user_offset), to)
success := call(gas(), pool, amount, x, Pool_deposit_size, 0, 0)
}
if (!success) {
revert PoolDepositFailed();
}
}
/**
* @notice Withdraw ETH from user's pool funds
* @param from Address to withdraw from
* @param amount Amount of ETH to withdraw
*/
function _withdrawFromPool(address from, uint256 amount) internal {
bool success;
address pool = _POOL;
assembly {
let x := mload(Memory_pointer)
mstore(x, Pool_withdrawFrom_selector)
mstore(add(x, Pool_withdrawFrom_from_offset), from)
mstore(add(x, Pool_withdrawFrom_to_offset), address())
mstore(add(x, Pool_withdrawFrom_amount_offset), amount)
success := call(gas(), pool, 0, x, Pool_withdrawFrom_size, 0, 0)
}
if (!success) {
revert PoolWithdrawFromFailed();
}
}
/*//////////////////////////////////////////////////////////////
EVENT EMITTERS
//////////////////////////////////////////////////////////////*/
/**
* @notice Emit Execution event from a single execution
* @param executionBatch Execution batch struct
* @param price Price of the token purchased
* @param fees Protocol, maker, and taker fees taken
* @param stateUpdate Fulfillment to be recorded with a successful execution
* @param orderType Order type
* @param transferIndex Index of the transfer corresponding to the execution
*/
function _emitExecutionEventFromBatch(
bytes memory executionBatch,
uint256 price,
FeeRate memory makerFee,
Fees memory fees,
StateUpdate memory stateUpdate,
OrderType orderType,
uint256 transferIndex
) internal {
Transfer memory transfer;
assembly {
let calldataPointer := add(executionBatch, ExecutionBatch_calldata_offset)
let transfersOffset := mload(add(calldataPointer, ExecutionBatch_transfers_pointer_offset))
transfer := add(
add(calldataPointer, add(transfersOffset, One_word)),
mul(transferIndex, Transfer_size)
)
}
_emitOptimalExecutionEvent(
transfer,
stateUpdate.hash,
stateUpdate.index,
price,
makerFee,
fees,
orderType
);
}
/**
* @notice Emit the Execution event that minimizes the number of bytes in the log
* @param transfer The nft transfer
* @param orderHash Order hash
* @param listingIndex Index of the listing being fulfilled within the order
* @param price Price of the token purchased
* @param makerFee Maker fees taken
* @param fees Protocol, and taker fees taken
* @param orderType Order type
*/
function _emitOptimalExecutionEvent(
Transfer memory transfer,
bytes32 orderHash,
uint256 listingIndex,
uint256 price,
FeeRate memory makerFee,
Fees memory fees,
OrderType orderType
) internal {
if (
// see _insertNonfungibleTransfer; ERC721 transfers don't set the transfer amount,
// so we can assume the transfer amount and not check it
transfer.assetType == AssetType.ERC721 &&
fees.protocolFee.rate == 0 &&
transfer.id < 1 << (11 * 8) &&
listingIndex < 1 << (1 * 8) &&
price < 1 << (11 * 8)
) {
if (makerFee.rate == 0 && fees.takerFee.rate == 0) {
emit Execution721Packed(
orderHash,
packTokenIdListingIndexTrader(transfer.id, listingIndex, transfer.trader),
packTypePriceCollection(orderType, price, transfer.collection)
);
return;
} else if (makerFee.rate == 0) {
emit Execution721TakerFeePacked(
orderHash,
packTokenIdListingIndexTrader(transfer.id, listingIndex, transfer.trader),
packTypePriceCollection(orderType, price, transfer.collection),
packFee(fees.takerFee)
);
return;
} else if (fees.takerFee.rate == 0) {
emit Execution721MakerFeePacked(
orderHash,
packTokenIdListingIndexTrader(transfer.id, listingIndex, transfer.trader),
packTypePriceCollection(orderType, price, transfer.collection),
packFee(makerFee)
);
return;
}
}
emit Execution({
transfer: transfer,
orderHash: orderHash,
listingIndex: listingIndex,
price: price,
makerFee: makerFee,
fees: fees,
orderType: orderType
});
}
/**
* @notice Emit Execution event from a single execution
* @param executionBatch Execution batch struct
* @param order Order being fulfilled
* @param listingIndex Index of the listing being fulfilled within the order
* @param price Price of the token purchased
* @param fees Protocol, and taker fees taken
* @param orderType Order type
*/
function _emitExecutionEvent(
bytes memory executionBatch,
Order memory order,
uint256 listingIndex,
uint256 price,
Fees memory fees,
OrderType orderType
) internal {
Transfer memory transfer;
assembly {
let calldataPointer := add(executionBatch, ExecutionBatch_calldata_offset)
let transfersOffset := mload(add(calldataPointer, ExecutionBatch_transfers_pointer_offset))
transfer := add(calldataPointer, add(transfersOffset, One_word))
}
_emitOptimalExecutionEvent(
transfer,
bytes32(order.salt),
listingIndex,
price,
order.makerFee,
fees,
orderType
);
}
function packTokenIdListingIndexTrader(
uint256 tokenId,
uint256 listingIndex,
address trader
) private pure returns (uint256) {
return (tokenId << (21 * 8)) | (listingIndex << (20 * 8)) | uint160(trader);
}
function packTypePriceCollection(
OrderType orderType,
uint256 price,
address collection
) private pure returns (uint256) {
return (uint256(orderType) << (31 * 8)) | (price << (20 * 8)) | uint160(collection);
}
function packFee(FeeRate memory fee) private pure returns (uint256) {
return (uint256(fee.rate) << (20 * 8)) | uint160(fee.recipient);
}
uint256[50] private __gap;
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
uint256 constant Bytes1_shift = 0xf8;
uint256 constant Bytes4_shift = 0xe0;
uint256 constant Bytes20_shift = 0x60;
uint256 constant One_word = 0x20;
uint256 constant Memory_pointer = 0x40;
uint256 constant AssetType_ERC721 = 0;
uint256 constant AssetType_ERC1155 = 1;
uint256 constant OrderType_ASK = 0;
uint256 constant OrderType_BID = 1;
uint256 constant Pool_withdrawFrom_selector = 0x9555a94200000000000000000000000000000000000000000000000000000000;
uint256 constant Pool_withdrawFrom_from_offset = 0x04;
uint256 constant Pool_withdrawFrom_to_offset = 0x24;
uint256 constant Pool_withdrawFrom_amount_offset = 0x44;
uint256 constant Pool_withdrawFrom_size = 0x64;
uint256 constant Pool_deposit_selector = 0xf340fa0100000000000000000000000000000000000000000000000000000000;
uint256 constant Pool_deposit_user_offset = 0x04;
uint256 constant Pool_deposit_size = 0x24;
uint256 constant ERC20_transferFrom_selector = 0x23b872dd00000000000000000000000000000000000000000000000000000000;
uint256 constant ERC721_safeTransferFrom_selector = 0x42842e0e00000000000000000000000000000000000000000000000000000000;
uint256 constant ERC1155_safeTransferFrom_selector = 0xf242432a00000000000000000000000000000000000000000000000000000000;
uint256 constant ERC20_transferFrom_size = 0x64;
uint256 constant ERC721_safeTransferFrom_size = 0x64;
uint256 constant ERC1155_safeTransferFrom_size = 0xc4;
uint256 constant OracleSignatures_size = 0x59;
uint256 constant OracleSignatures_s_offset = 0x20;
uint256 constant OracleSignatures_v_offset = 0x40;
uint256 constant OracleSignatures_blockNumber_offset = 0x41;
uint256 constant OracleSignatures_oracle_offset = 0x45;
uint256 constant Signatures_size = 0x41;
uint256 constant Signatures_s_offset = 0x20;
uint256 constant Signatures_v_offset = 0x40;
uint256 constant ERC20_transferFrom_from_offset = 0x4;
uint256 constant ERC20_transferFrom_to_offset = 0x24;
uint256 constant ERC20_transferFrom_amount_offset = 0x44;
uint256 constant ERC721_safeTransferFrom_from_offset = 0x4;
uint256 constant ERC721_safeTransferFrom_to_offset = 0x24;
uint256 constant ERC721_safeTransferFrom_id_offset = 0x44;
uint256 constant ERC1155_safeTransferFrom_from_offset = 0x4;
uint256 constant ERC1155_safeTransferFrom_to_offset = 0x24;
uint256 constant ERC1155_safeTransferFrom_id_offset = 0x44;
uint256 constant ERC1155_safeTransferFrom_amount_offset = 0x64;
uint256 constant ERC1155_safeTransferFrom_data_pointer_offset = 0x84;
uint256 constant ERC1155_safeTransferFrom_data_offset = 0xa4;
uint256 constant Delegate_transfer_selector = 0xa1ccb98e00000000000000000000000000000000000000000000000000000000;
uint256 constant Delegate_transfer_calldata_offset = 0x1c;
uint256 constant Order_size = 0x100;
uint256 constant Order_trader_offset = 0x00;
uint256 constant Order_collection_offset = 0x20;
uint256 constant Order_listingsRoot_offset = 0x40;
uint256 constant Order_numberOfListings_offset = 0x60;
uint256 constant Order_expirationTime_offset = 0x80;
uint256 constant Order_assetType_offset = 0xa0;
uint256 constant Order_makerFee_offset = 0xc0;
uint256 constant Order_salt_offset = 0xe0;
uint256 constant Exchange_size = 0x80;
uint256 constant Exchange_askIndex_offset = 0x00;
uint256 constant Exchange_proof_offset = 0x20;
uint256 constant Exchange_maker_offset = 0x40;
uint256 constant Exchange_taker_offset = 0x60;
uint256 constant BidExchange_size = 0x80;
uint256 constant BidExchange_askIndex_offset = 0x00;
uint256 constant BidExchange_proof_offset = 0x20;
uint256 constant BidExchange_maker_offset = 0x40;
uint256 constant BidExchange_taker_offset = 0x60;
uint256 constant Listing_size = 0x80;
uint256 constant Listing_index_offset = 0x00;
uint256 constant Listing_tokenId_offset = 0x20;
uint256 constant Listing_amount_offset = 0x40;
uint256 constant Listing_price_offset = 0x60;
uint256 constant Taker_size = 0x40;
uint256 constant Taker_tokenId_offset = 0x00;
uint256 constant Taker_amount_offset = 0x20;
uint256 constant StateUpdate_size = 0x80;
uint256 constant StateUpdate_salt_offset = 0x20;
uint256 constant StateUpdate_leaf_offset = 0x40;
uint256 constant StateUpdate_value_offset = 0x60;
uint256 constant Transfer_size = 0xa0;
uint256 constant Transfer_trader_offset = 0x00;
uint256 constant Transfer_id_offset = 0x20;
uint256 constant Transfer_amount_offset = 0x40;
uint256 constant Transfer_collection_offset = 0x60;
uint256 constant Transfer_assetType_offset = 0x80;
uint256 constant ExecutionBatch_selector_offset = 0x20;
uint256 constant ExecutionBatch_calldata_offset = 0x40;
uint256 constant ExecutionBatch_base_size = 0xa0; // size of the executionBatch without the flattened dynamic elements
uint256 constant ExecutionBatch_taker_offset = 0x00;
uint256 constant ExecutionBatch_orderType_offset = 0x20;
uint256 constant ExecutionBatch_transfers_pointer_offset = 0x40;
uint256 constant ExecutionBatch_length_offset = 0x60;
uint256 constant ExecutionBatch_transfers_offset = 0x80;
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.17;
struct TakeAsk {
Order[] orders;
Exchange[] exchanges;
FeeRate takerFee;
bytes signatures;
address tokenRecipient;
}
struct TakeAskSingle {
Order order;
Exchange exchange;
FeeRate takerFee;
bytes signature;
address tokenRecipient;
}
struct TakeBid {
Order[] orders;
Exchange[] exchanges;
FeeRate takerFee;
bytes signatures;
}
struct TakeBidSingle {
Order order;
Exchange exchange;
FeeRate takerFee;
bytes signature;
}
enum AssetType {
ERC721,
ERC1155
}
enum OrderType {
ASK,
BID
}
struct Exchange { // Size: 0x80
uint256 index; // 0x00
bytes32[] proof; // 0x20
Listing listing; // 0x40
Taker taker; // 0x60
}
struct Listing { // Size: 0x80
uint256 index; // 0x00
uint256 tokenId; // 0x20
uint256 amount; // 0x40
uint256 price; // 0x60
}
struct Taker { // Size: 0x40
uint256 tokenId; // 0x00
uint256 amount; // 0x20
}
struct Order { // Size: 0x100
address trader; // 0x00
address collection; // 0x20
bytes32 listingsRoot; // 0x40
uint256 numberOfListings; // 0x60
uint256 expirationTime; // 0x80
AssetType assetType; // 0xa0
FeeRate makerFee; // 0xc0
uint256 salt; // 0xe0
}
/*
Reference only; struct is composed manually using calldata formatting in execution
struct ExecutionBatch { // Size: 0x80
address taker; // 0x00
OrderType orderType; // 0x20
Transfer[] transfers; // 0x40
uint256 length; // 0x60
}
*/
struct Transfer { // Size: 0xa0
address trader; // 0x00
uint256 id; // 0x20
uint256 amount; // 0x40
address collection; // 0x60
AssetType assetType; // 0x80
}
struct FungibleTransfers {
uint256 totalProtocolFee;
uint256 totalSellerTransfer;
uint256 totalTakerFee;
uint256 feeRecipientId;
uint256 makerId;
address[] feeRecipients;
address[] makers;
uint256[] makerTransfers;
uint256[] feeTransfers;
AtomicExecution[] executions;
}
struct AtomicExecution { // Size: 0xe0
uint256 makerId; // 0x00
uint256 sellerAmount; // 0x20
uint256 makerFeeRecipientId; // 0x40
uint256 makerFeeAmount; // 0x60
uint256 takerFeeAmount; // 0x80
uint256 protocolFeeAmount; // 0xa0
StateUpdate stateUpdate; // 0xc0
}
struct StateUpdate { // Size: 0xa0
address trader; // 0x00
bytes32 hash; // 0x20
uint256 index; // 0x40
uint256 value; // 0x60
uint256 maxAmount; // 0x80
}
struct Fees { // Size: 0x40
FeeRate protocolFee; // 0x00
FeeRate takerFee; // 0x20
}
struct FeeRate { // Size: 0x40
address recipient; // 0x00
uint16 rate; // 0x20
}
struct Cancel {
bytes32 hash;
uint256 index;
uint256 amount;
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import {
TakeAsk,
TakeBid,
TakeAskSingle,
TakeBidSingle,
Order,
Exchange,
Fees,
FeeRate,
AssetType,
OrderType,
Transfer,
FungibleTransfers,
StateUpdate,
Cancel,
Listing
} from "../lib/Structs.sol";
interface IBlurExchangeV2 {
error InsufficientFunds();
error TokenTransferFailed();
error InvalidOrder();
error ProtocolFeeTooHigh();
event NewProtocolFee(address indexed recipient, uint16 indexed rate);
event NewGovernor(address indexed governor);
event NewBlockRange(uint256 blockRange);
event CancelTrade(address indexed user, bytes32 hash, uint256 index, uint256 amount);
event NonceIncremented(address indexed user, uint256 newNonce);
event SetOracle(address indexed user, bool approved);
function initialize() external;
function setProtocolFee(address recipient, uint16 rate) external;
function setGovernor(address _governor) external;
function setOracle(address oracle, bool approved) external;
function setBlockRange(uint256 _blockRange) external;
function cancelTrades(Cancel[] memory cancels) external;
function incrementNonce() external;
/*//////////////////////////////////////////////////////////////
EXECUTION WRAPPERS
//////////////////////////////////////////////////////////////*/
function takeAsk(TakeAsk memory inputs, bytes calldata oracleSignature) external payable;
function takeBid(TakeBid memory inputs, bytes calldata oracleSignature) external;
function takeAskSingle(TakeAskSingle memory inputs, bytes calldata oracleSignature) external payable;
function takeBidSingle(TakeBidSingle memory inputs, bytes calldata oracleSignature) external;
/*//////////////////////////////////////////////////////////////
EXECUTION POOL WRAPPERS
//////////////////////////////////////////////////////////////*/
function takeAskSinglePool(
TakeAskSingle memory inputs,
bytes calldata oracleSignature,
uint256 amountToWithdraw
) external payable;
function takeAskPool(
TakeAsk memory inputs,
bytes calldata oracleSignature,
uint256 amountToWithdraw
) external payable;
}
// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity 0.8.17;
/// @notice Upgradeable gas optimized reentrancy protection for smart contracts.
/// @author Modified from Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/ReentrancyGuard.sol)
abstract contract ReentrancyGuardUpgradeable {
uint256 private locked;
function __Reentrancy_init() internal {
locked = 1;
}
modifier nonReentrant() virtual {
require(locked == 1, "REENTRANCY");
locked = 2;
_;
locked = 1;
}
uint256[49] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/ContextUpgradeable.sol";
import "../proxy/utils/Initializable.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract OwnableUpgradeable is Initializable, ContextUpgradeable {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
function __Ownable_init() internal onlyInitializing {
__Ownable_init_unchained();
}
function __Ownable_init_unchained() internal onlyInitializing {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[49] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.1) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.2;
import "../../utils/AddressUpgradeable.sol";
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Indicates that the contract has been initialized.
* @custom:oz-retyped-from bool
*/
uint8 private _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool private _initializing;
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint8 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that functions marked with `initializer` can be nested in the context of a
* constructor.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
bool isTopLevelCall = !_initializing;
require(
(isTopLevelCall && _initialized < 1) || (!AddressUpgradeable.isContract(address(this)) && _initialized == 1),
"Initializable: contract is already initialized"
);
_initialized = 1;
if (isTopLevelCall) {
_initializing = true;
}
_;
if (isTopLevelCall) {
_initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: setting the version to 255 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint8 version) {
require(!_initializing && _initialized < version, "Initializable: contract is already initialized");
_initialized = version;
_initializing = true;
_;
_initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
require(_initializing, "Initializable: contract is not initializing");
_;
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
require(!_initializing, "Initializable: contract is initializing");
if (_initialized < type(uint8).max) {
_initialized = type(uint8).max;
emit Initialized(type(uint8).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint8) {
return _initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _initializing;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
import "../proxy/utils/Initializable.sol";
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract ContextUpgradeable is Initializable {
function __Context_init() internal onlyInitializing {
}
function __Context_init_unchained() internal onlyInitializing {
}
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library AddressUpgradeable {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (interfaces/draft-IERC1822.sol)
pragma solidity ^0.8.0;
/**
* @dev ERC1822: Universal Upgradeable Proxy Standard (UUPS) documents a method for upgradeability through a simplified
* proxy whose upgrades are fully controlled by the current implementation.
*/
interface IERC1822ProxiableUpgradeable {
/**
* @dev Returns the storage slot that the proxiable contract assumes is being used to store the implementation
* address.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy.
*/
function proxiableUUID() external view returns (bytes32);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.3) (proxy/ERC1967/ERC1967Upgrade.sol)
pragma solidity ^0.8.2;
import "../beacon/IBeaconUpgradeable.sol";
import "../../interfaces/IERC1967Upgradeable.sol";
import "../../interfaces/draft-IERC1822Upgradeable.sol";
import "../../utils/AddressUpgradeable.sol";
import "../../utils/StorageSlotUpgradeable.sol";
import "../utils/Initializable.sol";
/**
* @dev This abstract contract provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots.
*
* _Available since v4.1._
*
* @custom:oz-upgrades-unsafe-allow delegatecall
*/
abstract contract ERC1967UpgradeUpgradeable is Initializable, IERC1967Upgradeable {
function __ERC1967Upgrade_init() internal onlyInitializing {
}
function __ERC1967Upgrade_init_unchained() internal onlyInitializing {
}
// This is the keccak-256 hash of "eip1967.proxy.rollback" subtracted by 1
bytes32 private constant _ROLLBACK_SLOT = 0x4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd9143;
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Returns the current implementation address.
*/
function _getImplementation() internal view returns (address) {
return StorageSlotUpgradeable.getAddressSlot(_IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/
function _setImplementation(address newImplementation) private {
require(AddressUpgradeable.isContract(newImplementation), "ERC1967: new implementation is not a contract");
StorageSlotUpgradeable.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
}
/**
* @dev Perform implementation upgrade
*
* Emits an {Upgraded} event.
*/
function _upgradeTo(address newImplementation) internal {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Perform implementation upgrade with additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCall(
address newImplementation,
bytes memory data,
bool forceCall
) internal {
_upgradeTo(newImplementation);
if (data.length > 0 || forceCall) {
_functionDelegateCall(newImplementation, data);
}
}
/**
* @dev Perform implementation upgrade with security checks for UUPS proxies, and additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCallUUPS(
address newImplementation,
bytes memory data,
bool forceCall
) internal {
// Upgrades from old implementations will perform a rollback test. This test requires the new
// implementation to upgrade back to the old, non-ERC1822 compliant, implementation. Removing
// this special case will break upgrade paths from old UUPS implementation to new ones.
if (StorageSlotUpgradeable.getBooleanSlot(_ROLLBACK_SLOT).value) {
_setImplementation(newImplementation);
} else {
try IERC1822ProxiableUpgradeable(newImplementation).proxiableUUID() returns (bytes32 slot) {
require(slot == _IMPLEMENTATION_SLOT, "ERC1967Upgrade: unsupported proxiableUUID");
} catch {
revert("ERC1967Upgrade: new implementation is not UUPS");
}
_upgradeToAndCall(newImplementation, data, forceCall);
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Returns the current admin.
*/
function _getAdmin() internal view returns (address) {
return StorageSlotUpgradeable.getAddressSlot(_ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 admin slot.
*/
function _setAdmin(address newAdmin) private {
require(newAdmin != address(0), "ERC1967: new admin is the zero address");
StorageSlotUpgradeable.getAddressSlot(_ADMIN_SLOT).value = newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*/
function _changeAdmin(address newAdmin) internal {
emit AdminChanged(_getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is bytes32(uint256(keccak256('eip1967.proxy.beacon')) - 1)) and is validated in the constructor.
*/
bytes32 internal constant _BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Returns the current beacon.
*/
function _getBeacon() internal view returns (address) {
return StorageSlotUpgradeable.getAddressSlot(_BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the EIP1967 beacon slot.
*/
function _setBeacon(address newBeacon) private {
require(AddressUpgradeable.isContract(newBeacon), "ERC1967: new beacon is not a contract");
require(
AddressUpgradeable.isContract(IBeaconUpgradeable(newBeacon).implementation()),
"ERC1967: beacon implementation is not a contract"
);
StorageSlotUpgradeable.getAddressSlot(_BEACON_SLOT).value = newBeacon;
}
/**
* @dev Perform beacon upgrade with additional setup call. Note: This upgrades the address of the beacon, it does
* not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that).
*
* Emits a {BeaconUpgraded} event.
*/
function _upgradeBeaconToAndCall(
address newBeacon,
bytes memory data,
bool forceCall
) internal {
_setBeacon(newBeacon);
emit BeaconUpgraded(newBeacon);
if (data.length > 0 || forceCall) {
_functionDelegateCall(IBeaconUpgradeable(newBeacon).implementation(), data);
}
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function _functionDelegateCall(address target, bytes memory data) private returns (bytes memory) {
require(AddressUpgradeable.isContract(target), "Address: delegate call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = target.delegatecall(data);
return AddressUpgradeable.verifyCallResult(success, returndata, "Address: low-level delegate call failed");
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/beacon/IBeacon.sol)
pragma solidity ^0.8.0;
/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/
interface IBeaconUpgradeable {
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {BeaconProxy} will check that this address is a contract.
*/
function implementation() external view returns (address);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.3) (interfaces/IERC1967.sol)
pragma solidity ^0.8.0;
/**
* @dev ERC-1967: Proxy Storage Slots. This interface contains the events defined in the ERC.
*
* _Available since v4.9._
*/
interface IERC1967Upgradeable {
/**
* @dev Emitted when the implementation is upgraded.
*/
event Upgraded(address indexed implementation);
/**
* @dev Emitted when the admin account has changed.
*/
event AdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Emitted when the beacon is changed.
*/
event BeaconUpgraded(address indexed beacon);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (utils/StorageSlot.sol)
pragma solidity ^0.8.0;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, and `uint256`._
*/
library StorageSlotUpgradeable {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import { MerkleProof } from "lib/openzeppelin-contracts/contracts/utils/cryptography/MerkleProof.sol";
import { Signatures } from "./Signatures.sol";
import { AssetType, Order, Exchange, Listing, OrderType, FeeRate, Fees, Taker } from "./lib/Structs.sol";
import { IValidation } from "./interfaces/IValidation.sol";
abstract contract Validation is IValidation, Signatures {
uint256 internal constant _BASIS_POINTS = 10_000;
uint256 internal constant _MAX_PROTOCOL_FEE_RATE = 250;
FeeRate public protocolFee;
/* amountTaken[user][orderHash][listingIndex] */
mapping(address => mapping(bytes32 => mapping(uint256 => uint256))) public amountTaken;
constructor(address proxy) Signatures(proxy) {}
/**
* @notice Check if an order has expired
* @param order Order to check liveness
* @return Order is live
*/
function _checkLiveness(Order memory order) private view returns (bool) {
return (order.expirationTime > block.timestamp);
}
/**
* @notice Check that the fees to be taken will not overflow the purchase price
* @param makerFee Maker fee amount
* @param fees Protocol and taker fee rates
* @return Fees are valid
*/
function _checkFee(FeeRate memory makerFee, Fees memory fees) private pure returns (bool) {
return makerFee.rate + fees.takerFee.rate + fees.protocolFee.rate <= _BASIS_POINTS;
}
/**
* @notice Validate a list of orders and prepare arrays for recording pending fulfillments
* @param orders List of orders
* @param orderType Order type for all orders
* @param signatures Bytes array of the order signatures
* @param fees Protocol and taker fee rates
*/
function _validateOrders(
Order[] memory orders,
OrderType orderType,
bytes memory signatures,
Fees memory fees
) internal view returns (bool[] memory validOrders, uint256[][] memory pendingAmountTaken) {
uint256 ordersLength = orders.length;
validOrders = new bool[](ordersLength);
pendingAmountTaken = new uint256[][](ordersLength);
for (uint256 i; i < ordersLength; ) {
pendingAmountTaken[i] = new uint256[](orders[i].numberOfListings);
validOrders[i] = _validateOrder(orders[i], orderType, signatures, fees, i);
unchecked {
++i;
}
}
}
/**
* @notice Validate an order
* @param order Order to validate
* @param orderType Order type
* @param signatures Bytes array of order signatures
* @param fees Protocol and taker fee rates
* @param signatureIndex Index of the order signature
* @return Validity of the order
*/
function _validateOrder(
Order memory order,
OrderType orderType,
bytes memory signatures,
Fees memory fees,
uint256 signatureIndex
) internal view returns (bool) {
bytes32 orderHash = hashOrder(order, orderType);
/* After hashing, the salt is no longer needed so we can store the order hash here. */
order.salt = uint256(orderHash);
return _verifyAuthorization(
order.trader,
orderHash,
signatures,
signatureIndex
) &&
_checkLiveness(order) &&
_checkFee(order.makerFee, fees);
}
/**
* @notice Validate a listing (only valid if the order has be prevalidated)
* @dev Validation can be manipulated by inputting the same order twice in the orders array,
* which will effectively bypass the `pendingAmountTaken` check. There is a safety check at the
* execution phase that will revert the transaction if this manipulation overdraws an order.
* @param order Order of the listing
* @param orderType Order type
* @param exchange Exchange containing the listing
* @param validOrders List indicated which orders were validated
* @param pendingAmountTaken Pending fulfillments from the current batch
* @return validListing Validity of the listing
*/
function _validateListingFromBatch(
Order memory order,
OrderType orderType,
Exchange memory exchange,
bool[] memory validOrders,
uint256[][] memory pendingAmountTaken
) internal view returns (bool validListing) {
Listing memory listing = exchange.listing;
uint256 listingIndex = listing.index;
uint256 amountTaken = amountTaken[order.trader][bytes32(order.salt)][listingIndex];
uint256 pendingAmountTaken = pendingAmountTaken[exchange.index][listingIndex];
uint256 takerAmount = exchange.taker.amount;
unchecked {
validListing =
validOrders[exchange.index] &&
_validateListing(order, orderType, exchange) &&
pendingAmountTaken + takerAmount <= type(uint256).max - amountTaken &&
amountTaken + pendingAmountTaken + takerAmount <= listing.amount;
}
}
/**
* @notice Validate a listing and its proposed exchange
* @param order Order of the listing
* @param orderType Order type
* @param exchange Exchange containing the listing
* @return validListing Validity of the listing and its proposed exchange
*/
function _validateListing(
Order memory order,
OrderType orderType,
Exchange memory exchange
) private pure returns (bool validListing) {
Listing memory listing = exchange.listing;
validListing = MerkleProof.verify(exchange.proof, order.listingsRoot, hashListing(listing));
Taker memory taker = exchange.taker;
if (orderType == OrderType.ASK) {
if (order.assetType == AssetType.ERC721) {
validListing = validListing && taker.amount == 1 && listing.amount == 1;
}
validListing = validListing && listing.tokenId == taker.tokenId;
} else {
if (order.assetType == AssetType.ERC721) {
validListing = validListing && taker.amount == 1;
} else {
validListing = validListing && listing.tokenId == taker.tokenId;
}
}
}
/**
* @notice Validate both the listing and it's parent order (only for single executions)
* @param order Order of the listing
* @param orderType Order type
* @param exchange Exchange containing the listing
* @param signature Order signature
* @param fees Protocol and taker fee rates
* @return Validity of the order and listing
*/
function _validateOrderAndListing(
Order memory order,
OrderType orderType,
Exchange memory exchange,
bytes memory signature,
Fees memory fees
) internal view returns (bool) {
Listing memory listing = exchange.listing;
uint256 listingIndex = listing.index;
return
_validateOrder(order, orderType, signature, fees, 0) &&
_validateListing(order, orderType, exchange) &&
amountTaken[order.trader][bytes32(order.salt)][listingIndex] + exchange.taker.amount <=
listing.amount;
}
uint256[49] private __gap;
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import { AssetType, OrderType, Transfer } from "../lib/Structs.sol";
interface IDelegate {
function transfer(
address caller,
OrderType orderType,
Transfer[] calldata transfers,
uint256 length
) external returns (bool[] memory successful);
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import {
Fees,
FeeRate,
Transfer,
OrderType
} from "../lib/Structs.sol";
interface IExecutor {
error ETHTransferFailed();
error PoolTransferFailed();
error PoolWithdrawFromFailed();
error PoolDepositFailed();
error OrderFulfilled();
event Execution(
Transfer transfer,
bytes32 orderHash,
uint256 listingIndex,
uint256 price,
FeeRate makerFee,
Fees fees,
OrderType orderType
);
event Execution721Packed(
bytes32 orderHash,
uint256 tokenIdListingIndexTrader,
uint256 collectionPriceSide
);
event Execution721TakerFeePacked(
bytes32 orderHash,
uint256 tokenIdListingIndexTrader,
uint256 collectionPriceSide,
uint256 takerFeeRecipientRate
);
event Execution721MakerFeePacked(
bytes32 orderHash,
uint256 tokenIdListingIndexTrader,
uint256 collectionPriceSide,
uint256 makerFeeRecipientRate
);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/MerkleProof.sol)
pragma solidity ^0.8.0;
/**
* @dev These functions deal with verification of Merkle Tree proofs.
*
* The tree and the proofs can be generated using our
* https://github.com/OpenZeppelin/merkle-tree[JavaScript library].
* You will find a quickstart guide in the readme.
*
* WARNING: You should avoid using leaf values that are 64 bytes long prior to
* hashing, or use a hash function other than keccak256 for hashing leaves.
* This is because the concatenation of a sorted pair of internal nodes in
* the merkle tree could be reinterpreted as a leaf value.
* OpenZeppelin's JavaScript library generates merkle trees that are safe
* against this attack out of the box.
*/
library MerkleProof {
/**
* @dev Returns true if a `leaf` can be proved to be a part of a Merkle tree
* defined by `root`. For this, a `proof` must be provided, containing
* sibling hashes on the branch from the leaf to the root of the tree. Each
* pair of leaves and each pair of pre-images are assumed to be sorted.
*/
function verify(bytes32[] memory proof, bytes32 root, bytes32 leaf) internal pure returns (bool) {
return processProof(proof, leaf) == root;
}
/**
* @dev Calldata version of {verify}
*
* _Available since v4.7._
*/
function verifyCalldata(bytes32[] calldata proof, bytes32 root, bytes32 leaf) internal pure returns (bool) {
return processProofCalldata(proof, leaf) == root;
}
/**
* @dev Returns the rebuilt hash obtained by traversing a Merkle tree up
* from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt
* hash matches the root of the tree. When processing the proof, the pairs
* of leafs & pre-images are assumed to be sorted.
*
* _Available since v4.4._
*/
function processProof(bytes32[] memory proof, bytes32 leaf) internal pure returns (bytes32) {
bytes32 computedHash = leaf;
for (uint256 i = 0; i < proof.length; i++) {
computedHash = _hashPair(computedHash, proof[i]);
}
return computedHash;
}
/**
* @dev Calldata version of {processProof}
*
* _Available since v4.7._
*/
function processProofCalldata(bytes32[] calldata proof, bytes32 leaf) internal pure returns (bytes32) {
bytes32 computedHash = leaf;
for (uint256 i = 0; i < proof.length; i++) {
computedHash = _hashPair(computedHash, proof[i]);
}
return computedHash;
}
/**
* @dev Returns true if the `leaves` can be simultaneously proven to be a part of a merkle tree defined by
* `root`, according to `proof` and `proofFlags` as described in {processMultiProof}.
*
* CAUTION: Not all merkle trees admit multiproofs. See {processMultiProof} for details.
*
* _Available since v4.7._
*/
function multiProofVerify(
bytes32[] memory proof,
bool[] memory proofFlags,
bytes32 root,
bytes32[] memory leaves
) internal pure returns (bool) {
return processMultiProof(proof, proofFlags, leaves) == root;
}
/**
* @dev Calldata version of {multiProofVerify}
*
* CAUTION: Not all merkle trees admit multiproofs. See {processMultiProof} for details.
*
* _Available since v4.7._
*/
function multiProofVerifyCalldata(
bytes32[] calldata proof,
bool[] calldata proofFlags,
bytes32 root,
bytes32[] memory leaves
) internal pure returns (bool) {
return processMultiProofCalldata(proof, proofFlags, leaves) == root;
}
/**
* @dev Returns the root of a tree reconstructed from `leaves` and sibling nodes in `proof`. The reconstruction
* proceeds by incrementally reconstructing all inner nodes by combining a leaf/inner node with either another
* leaf/inner node or a proof sibling node, depending on whether each `proofFlags` item is true or false
* respectively.
*
* CAUTION: Not all merkle trees admit multiproofs. To use multiproofs, it is sufficient to ensure that: 1) the tree
* is complete (but not necessarily perfect), 2) the leaves to be proven are in the opposite order they are in the
* tree (i.e., as seen from right to left starting at the deepest layer and continuing at the next layer).
*
* _Available since v4.7._
*/
function processMultiProof(
bytes32[] memory proof,
bool[] memory proofFlags,
bytes32[] memory leaves
) internal pure returns (bytes32 merkleRoot) {
// This function rebuilds the root hash by traversing the tree up from the leaves. The root is rebuilt by
// consuming and producing values on a queue. The queue starts with the `leaves` array, then goes onto the
// `hashes` array. At the end of the process, the last hash in the `hashes` array should contain the root of
// the merkle tree.
uint256 leavesLen = leaves.length;
uint256 totalHashes = proofFlags.length;
// Check proof validity.
require(leavesLen + proof.length - 1 == totalHashes, "MerkleProof: invalid multiproof");
// The xxxPos values are "pointers" to the next value to consume in each array. All accesses are done using
// `xxx[xxxPos++]`, which return the current value and increment the pointer, thus mimicking a queue's "pop".
bytes32[] memory hashes = new bytes32[](totalHashes);
uint256 leafPos = 0;
uint256 hashPos = 0;
uint256 proofPos = 0;
// At each step, we compute the next hash using two values:
// - a value from the "main queue". If not all leaves have been consumed, we get the next leaf, otherwise we
// get the next hash.
// - depending on the flag, either another value from the "main queue" (merging branches) or an element from the
// `proof` array.
for (uint256 i = 0; i < totalHashes; i++) {
bytes32 a = leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++];
bytes32 b = proofFlags[i]
? (leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++])
: proof[proofPos++];
hashes[i] = _hashPair(a, b);
}
if (totalHashes > 0) {
unchecked {
return hashes[totalHashes - 1];
}
} else if (leavesLen > 0) {
return leaves[0];
} else {
return proof[0];
}
}
/**
* @dev Calldata version of {processMultiProof}.
*
* CAUTION: Not all merkle trees admit multiproofs. See {processMultiProof} for details.
*
* _Available since v4.7._
*/
function processMultiProofCalldata(
bytes32[] calldata proof,
bool[] calldata proofFlags,
bytes32[] memory leaves
) internal pure returns (bytes32 merkleRoot) {
// This function rebuilds the root hash by traversing the tree up from the leaves. The root is rebuilt by
// consuming and producing values on a queue. The queue starts with the `leaves` array, then goes onto the
// `hashes` array. At the end of the process, the last hash in the `hashes` array should contain the root of
// the merkle tree.
uint256 leavesLen = leaves.length;
uint256 totalHashes = proofFlags.length;
// Check proof validity.
require(leavesLen + proof.length - 1 == totalHashes, "MerkleProof: invalid multiproof");
// The xxxPos values are "pointers" to the next value to consume in each array. All accesses are done using
// `xxx[xxxPos++]`, which return the current value and increment the pointer, thus mimicking a queue's "pop".
bytes32[] memory hashes = new bytes32[](totalHashes);
uint256 leafPos = 0;
uint256 hashPos = 0;
uint256 proofPos = 0;
// At each step, we compute the next hash using two values:
// - a value from the "main queue". If not all leaves have been consumed, we get the next leaf, otherwise we
// get the next hash.
// - depending on the flag, either another value from the "main queue" (merging branches) or an element from the
// `proof` array.
for (uint256 i = 0; i < totalHashes; i++) {
bytes32 a = leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++];
bytes32 b = proofFlags[i]
? (leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++])
: proof[proofPos++];
hashes[i] = _hashPair(a, b);
}
if (totalHashes > 0) {
unchecked {
return hashes[totalHashes - 1];
}
} else if (leavesLen > 0) {
return leaves[0];
} else {
return proof[0];
}
}
function _hashPair(bytes32 a, bytes32 b) private pure returns (bytes32) {
return a < b ? _efficientHash(a, b) : _efficientHash(b, a);
}
function _efficientHash(bytes32 a, bytes32 b) private pure returns (bytes32 value) {
/// @solidity memory-safe-assembly
assembly {
mstore(0x00, a)
mstore(0x20, b)
value := keccak256(0x00, 0x40)
}
}
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import "./lib/Constants.sol";
import {
TakeAsk,
TakeBid,
TakeAskSingle,
TakeBidSingle,
FeeRate,
Order,
OrderType,
AssetType,
Listing
} from "./lib/Structs.sol";
import { ISignatures } from "./interfaces/ISignatures.sol";
abstract contract Signatures is ISignatures {
string private constant _NAME = "Blur Exchange";
string private constant _VERSION = "1.0";
bytes32 private immutable _FEE_RATE_TYPEHASH;
bytes32 private immutable _ORDER_TYPEHASH;
bytes32 private immutable _DOMAIN_SEPARATOR;
mapping(address => uint256) public oracles;
mapping(address => uint256) public nonces;
uint256 public blockRange;
constructor(address proxy) {
(_FEE_RATE_TYPEHASH, _ORDER_TYPEHASH, _DOMAIN_SEPARATOR) = _createTypehashes(proxy);
}
/**
* @notice Verify the domain separator produced during deployment of the implementation matches that of the proxy
*/
function verifyDomain() public view {
bytes32 eip712DomainTypehash = keccak256(
bytes.concat(
"EIP712Domain(",
"string name,",
"string version,",
"uint256 chainId,",
"address verifyingContract",
")"
)
);
bytes32 domainSeparator = _hashDomain(
eip712DomainTypehash,
keccak256(bytes(_NAME)),
keccak256(bytes(_VERSION)),
address(this)
);
if (_DOMAIN_SEPARATOR != domainSeparator) {
revert InvalidDomain();
}
}
/**
* @notice Return version and domain separator
*/
function information() external view returns (string memory version, bytes32 domainSeparator) {
version = _VERSION;
domainSeparator = _DOMAIN_SEPARATOR;
}
/**
* @notice Create a hash of TakeAsk calldata with an approved caller
* @param inputs TakeAsk inputs
* @param _caller Address approved to execute the calldata
* @return Calldata hash
*/
function hashTakeAsk(TakeAsk memory inputs, address _caller) external pure returns (bytes32) {
return _hashCalldata(_caller);
}
/**
* @notice Create a hash of TakeBid calldata with an approved caller
* @param inputs TakeBid inputs
* @param _caller Address approved to execute the calldata
* @return Calldata hash
*/
function hashTakeBid(TakeBid memory inputs, address _caller) external pure returns (bytes32) {
return _hashCalldata(_caller);
}
/**
* @notice Create a hash of TakeAskSingle calldata with an approved caller
* @param inputs TakeAskSingle inputs
* @param _caller Address approved to execute the calldata
* @return Calldata hash
*/
function hashTakeAskSingle(
TakeAskSingle memory inputs,
address _caller
) external pure returns (bytes32) {
return _hashCalldata(_caller);
}
/**
* @notice Create a hash of TakeBidSingle calldata with an approved caller
* @param inputs TakeBidSingle inputs
* @param _caller Address approved to execute the calldata
* @return Calldata hash
*/
function hashTakeBidSingle(
TakeBidSingle memory inputs,
address _caller
) external pure returns (bytes32) {
return _hashCalldata(_caller);
}
/**
* @notice Create an EIP712 hash of an Order
* @dev Includes two additional parameters not in the struct (orderType, nonce)
* @param order Order to hash
* @param orderType OrderType of the Order
* @return Order EIP712 hash
*/
function hashOrder(Order memory order, OrderType orderType) public view returns (bytes32) {
return
keccak256(
abi.encode(
_ORDER_TYPEHASH,
order.trader,
order.collection,
order.listingsRoot,
order.numberOfListings,
order.expirationTime,
order.assetType,
_hashFeeRate(order.makerFee),
order.salt,
orderType,
nonces[order.trader]
)
);
}
/**
* @notice Create a hash of a Listing struct
* @param listing Listing to hash
* @return Listing hash
*/
function hashListing(Listing memory listing) public pure returns (bytes32) {
return keccak256(abi.encode(listing.index, listing.tokenId, listing.amount, listing.price));
}
/**
* @notice Create a hash of calldata with an approved caller
* @param _caller Address approved to execute the calldata
* @return hash Calldata hash
*/
function _hashCalldata(address _caller) internal pure returns (bytes32 hash) {
assembly {
let nextPointer := mload(0x40)
let size := add(sub(nextPointer, 0x80), 0x20)
mstore(nextPointer, _caller)
hash := keccak256(0x80, size)
}
}
/**
* @notice Create an EIP712 hash of a FeeRate struct
* @param feeRate FeeRate to hash
* @return FeeRate EIP712 hash
*/
function _hashFeeRate(FeeRate memory feeRate) private view returns (bytes32) {
return keccak256(abi.encode(_FEE_RATE_TYPEHASH, feeRate.recipient, feeRate.rate));
}
/**
* @notice Create an EIP712 hash to sign
* @param hash Primary EIP712 object hash
* @return EIP712 hash
*/
function _hashToSign(bytes32 hash) private view returns (bytes32) {
return keccak256(bytes.concat(bytes2(0x1901), _DOMAIN_SEPARATOR, hash));
}
/**
* @notice Generate all EIP712 Typehashes
*/
function _createTypehashes(
address proxy
)
private
view
returns (bytes32 feeRateTypehash, bytes32 orderTypehash, bytes32 domainSeparator)
{
bytes32 eip712DomainTypehash = keccak256(
bytes.concat(
"EIP712Domain(",
"string name,",
"string version,",
"uint256 chainId,",
"address verifyingContract",
")"
)
);
bytes memory feeRateTypestring = "FeeRate(address recipient,uint16 rate)";
orderTypehash = keccak256(
bytes.concat(
"Order(",
"address trader,",
"address collection,",
"bytes32 listingsRoot,",
"uint256 numberOfListings,",
"uint256 expirationTime,",
"uint8 assetType,",
"FeeRate makerFee,",
"uint256 salt,",
"uint8 orderType,",
"uint256 nonce",
")",
feeRateTypestring
)
);
feeRateTypehash = keccak256(feeRateTypestring);
domainSeparator = _hashDomain(
eip712DomainTypehash,
keccak256(bytes(_NAME)),
keccak256(bytes(_VERSION)),
proxy
);
}
/**
* @notice Create an EIP712 domain separator
* @param eip712DomainTypehash Typehash of the EIP712Domain struct
* @param nameHash Hash of the contract name
* @param versionHash Hash of the version string
* @param proxy Address of the proxy this implementation will be behind
* @return EIP712Domain hash
*/
function _hashDomain(
bytes32 eip712DomainTypehash,
bytes32 nameHash,
bytes32 versionHash,
address proxy
) private view returns (bytes32) {
return
keccak256(
abi.encode(eip712DomainTypehash, nameHash, versionHash, block.chainid, proxy)
);
}
/**
* @notice Verify EIP712 signature
* @param signer Address of the alleged signer
* @param hash EIP712 hash
* @param signatures Packed bytes array of order signatures
* @param index Index of the signature to verify
* @return authorized Validity of the signature
*/
function _verifyAuthorization(
address signer,
bytes32 hash,
bytes memory signatures,
uint256 index
) internal view returns (bool authorized) {
bytes32 hashToSign = _hashToSign(hash);
bytes32 r;
bytes32 s;
uint8 v;
assembly {
let signatureOffset := add(add(signatures, One_word), mul(Signatures_size, index))
r := mload(signatureOffset)
s := mload(add(signatureOffset, Signatures_s_offset))
v := shr(Bytes1_shift, mload(add(signatureOffset, Signatures_v_offset)))
}
authorized = _verify(signer, hashToSign, v, r, s);
}
modifier verifyOracleSignature(bytes32 hash, bytes calldata oracleSignature) {
bytes32 r;
bytes32 s;
uint8 v;
uint32 blockNumber;
address oracle;
assembly {
let signatureOffset := oracleSignature.offset
r := calldataload(signatureOffset)
s := calldataload(add(signatureOffset, OracleSignatures_s_offset))
v := shr(Bytes1_shift, calldataload(add(signatureOffset, OracleSignatures_v_offset)))
blockNumber := shr(
Bytes4_shift,
calldataload(add(signatureOffset, OracleSignatures_blockNumber_offset))
)
oracle := shr(
Bytes20_shift,
calldataload(add(signatureOffset, OracleSignatures_oracle_offset))
)
}
if (blockNumber + blockRange < block.number) {
revert ExpiredOracleSignature();
}
if (oracles[oracle] == 0) {
revert UnauthorizedOracle();
}
if (!_verify(oracle, keccak256(abi.encodePacked(hash, blockNumber)), v, r, s)) {
revert InvalidOracleSignature();
}
_;
}
/**
* @notice Verify signature of digest
* @param signer Address of expected signer
* @param digest Signature digest
* @param v v parameter
* @param r r parameter
* @param s s parameter
*/
function _verify(
address signer,
bytes32 digest,
uint8 v,
bytes32 r,
bytes32 s
) private pure returns (bool valid) {
address recoveredSigner = ecrecover(digest, v, r, s);
if (recoveredSigner != address(0) && recoveredSigner == signer) {
valid = true;
}
}
uint256[47] private __gap;
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import { FeeRate } from "../lib/Structs.sol";
interface IValidation {
function protocolFee() external view returns (address, uint16);
function amountTaken(address user, bytes32 hash, uint256 listingIndex) external view returns (uint256);
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import {
TakeAsk,
TakeBid,
TakeAskSingle,
TakeBidSingle,
Order,
OrderType,
Listing
} from "../lib/Structs.sol";
interface ISignatures {
error Unauthorized();
error ExpiredOracleSignature();
error UnauthorizedOracle();
error InvalidOracleSignature();
error InvalidDomain();
function oracles(address oracle) external view returns (uint256);
function nonces(address user) external view returns (uint256);
function blockRange() external view returns (uint256);
function verifyDomain() external view;
function information() external view returns (string memory version, bytes32 domainSeparator);
function hashListing(Listing memory listing) external pure returns (bytes32);
function hashOrder(Order memory order, OrderType orderType) external view returns (bytes32);
function hashTakeAsk(TakeAsk memory inputs, address _caller) external pure returns (bytes32);
function hashTakeBid(TakeBid memory inputs, address _caller) external pure returns (bytes32);
function hashTakeAskSingle(TakeAskSingle memory inputs, address _caller) external pure returns (bytes32);
function hashTakeBidSingle(TakeBidSingle memory inputs, address _caller) external pure returns (bytes32);
}
File 4 of 4: Delegate
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import { ERC721 } from "lib/solmate/src/tokens/ERC721.sol";
import { ERC1155 } from "lib/solmate/src/tokens/ERC1155.sol";
import { ERC20 } from "lib/solmate/src/tokens/ERC20.sol";
import "./lib/Constants.sol";
import { AssetType, OrderType, Transfer } from "./lib/Structs.sol";
contract Delegate {
error Unauthorized();
error InvalidLength();
address private immutable _EXCHANGE;
constructor(address exchange) {
_EXCHANGE = exchange;
}
modifier onlyApproved() {
if (msg.sender != _EXCHANGE) {
revert Unauthorized();
}
_;
}
function transfer(
address taker,
OrderType orderType,
Transfer[] calldata transfers,
uint256 length
) external onlyApproved returns (bool[] memory successful) {
if (transfers.length < length) {
revert InvalidLength();
}
successful = new bool[](length);
for (uint256 i; i < length; ) {
assembly {
let calldataPointer := mload(0x40)
let transfersPointer := add(transfers.offset, mul(Transfer_size, i))
let assetType := calldataload(add(transfersPointer, Transfer_assetType_offset))
switch assetType
case 0 {
// AssetType_ERC721
mstore(calldataPointer, ERC721_safeTransferFrom_selector)
switch orderType
case 0 {
// OrderType_ASK; taker is recipient
mstore(add(calldataPointer, ERC721_safeTransferFrom_to_offset), taker)
mstore(
add(calldataPointer, ERC721_safeTransferFrom_from_offset),
calldataload(add(transfersPointer, Transfer_trader_offset))
)
}
case 1 {
// OrderType_BID; taker is sender
mstore(add(calldataPointer, ERC721_safeTransferFrom_from_offset), taker)
mstore(
add(calldataPointer, ERC721_safeTransferFrom_to_offset),
calldataload(add(transfersPointer, Transfer_trader_offset))
)
}
default {
revert(0, 0)
}
mstore(
add(calldataPointer, ERC721_safeTransferFrom_id_offset),
calldataload(add(transfersPointer, Transfer_id_offset))
)
let collection := calldataload(
add(transfersPointer, Transfer_collection_offset)
)
let success := call(
gas(),
collection,
0,
calldataPointer,
ERC721_safeTransferFrom_size,
0,
0
)
mstore(add(add(successful, 0x20), mul(0x20, i)), success)
}
case 1 {
// AssetType_ERC1155
mstore(calldataPointer, ERC1155_safeTransferFrom_selector)
switch orderType
case 0 {
// OrderType_ASK; taker is recipient
mstore(
add(calldataPointer, ERC1155_safeTransferFrom_from_offset),
calldataload(
add(
transfersPointer,
Transfer_trader_offset
)
)
)
mstore(add(calldataPointer, ERC1155_safeTransferFrom_to_offset), taker)
}
case 1 {
// OrderType_BID; taker is sender
mstore(
add(calldataPointer, ERC1155_safeTransferFrom_to_offset),
calldataload(
add(
transfersPointer,
Transfer_trader_offset
)
)
)
mstore(add(calldataPointer, ERC1155_safeTransferFrom_from_offset), taker)
}
default {
revert(0, 0)
}
mstore(add(calldataPointer, ERC1155_safeTransferFrom_data_pointer_offset), 0xa0)
mstore(add(calldataPointer, ERC1155_safeTransferFrom_data_offset), 0)
mstore(
add(calldataPointer, ERC1155_safeTransferFrom_id_offset),
calldataload(
add(transfersPointer, Transfer_id_offset)
)
)
mstore(
add(calldataPointer, ERC1155_safeTransferFrom_amount_offset),
calldataload(
add(
transfersPointer,
Transfer_amount_offset
)
)
)
let collection := calldataload(
add(
transfersPointer,
Transfer_collection_offset
)
)
let success := call(
gas(),
collection,
0,
calldataPointer,
ERC1155_safeTransferFrom_size,
0,
0
)
mstore(add(add(successful, 0x20), mul(0x20, i)), success)
}
default {
revert(0, 0)
}
}
unchecked {
++i;
}
}
}
}
// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity >=0.8.0;
/// @notice Modern, minimalist, and gas efficient ERC-721 implementation.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/tokens/ERC721.sol)
abstract contract ERC721 {
/*//////////////////////////////////////////////////////////////
EVENTS
//////////////////////////////////////////////////////////////*/
event Transfer(address indexed from, address indexed to, uint256 indexed id);
event Approval(address indexed owner, address indexed spender, uint256 indexed id);
event ApprovalForAll(address indexed owner, address indexed operator, bool approved);
/*//////////////////////////////////////////////////////////////
METADATA STORAGE/LOGIC
//////////////////////////////////////////////////////////////*/
string public name;
string public symbol;
function tokenURI(uint256 id) public view virtual returns (string memory);
/*//////////////////////////////////////////////////////////////
ERC721 BALANCE/OWNER STORAGE
//////////////////////////////////////////////////////////////*/
mapping(uint256 => address) internal _ownerOf;
mapping(address => uint256) internal _balanceOf;
function ownerOf(uint256 id) public view virtual returns (address owner) {
require((owner = _ownerOf[id]) != address(0), "NOT_MINTED");
}
function balanceOf(address owner) public view virtual returns (uint256) {
require(owner != address(0), "ZERO_ADDRESS");
return _balanceOf[owner];
}
/*//////////////////////////////////////////////////////////////
ERC721 APPROVAL STORAGE
//////////////////////////////////////////////////////////////*/
mapping(uint256 => address) public getApproved;
mapping(address => mapping(address => bool)) public isApprovedForAll;
/*//////////////////////////////////////////////////////////////
CONSTRUCTOR
//////////////////////////////////////////////////////////////*/
constructor(string memory _name, string memory _symbol) {
name = _name;
symbol = _symbol;
}
/*//////////////////////////////////////////////////////////////
ERC721 LOGIC
//////////////////////////////////////////////////////////////*/
function approve(address spender, uint256 id) public virtual {
address owner = _ownerOf[id];
require(msg.sender == owner || isApprovedForAll[owner][msg.sender], "NOT_AUTHORIZED");
getApproved[id] = spender;
emit Approval(owner, spender, id);
}
function setApprovalForAll(address operator, bool approved) public virtual {
isApprovedForAll[msg.sender][operator] = approved;
emit ApprovalForAll(msg.sender, operator, approved);
}
function transferFrom(
address from,
address to,
uint256 id
) public virtual {
require(from == _ownerOf[id], "WRONG_FROM");
require(to != address(0), "INVALID_RECIPIENT");
require(
msg.sender == from || isApprovedForAll[from][msg.sender] || msg.sender == getApproved[id],
"NOT_AUTHORIZED"
);
// Underflow of the sender's balance is impossible because we check for
// ownership above and the recipient's balance can't realistically overflow.
unchecked {
_balanceOf[from]--;
_balanceOf[to]++;
}
_ownerOf[id] = to;
delete getApproved[id];
emit Transfer(from, to, id);
}
function safeTransferFrom(
address from,
address to,
uint256 id
) public virtual {
transferFrom(from, to, id);
require(
to.code.length == 0 ||
ERC721TokenReceiver(to).onERC721Received(msg.sender, from, id, "") ==
ERC721TokenReceiver.onERC721Received.selector,
"UNSAFE_RECIPIENT"
);
}
function safeTransferFrom(
address from,
address to,
uint256 id,
bytes calldata data
) public virtual {
transferFrom(from, to, id);
require(
to.code.length == 0 ||
ERC721TokenReceiver(to).onERC721Received(msg.sender, from, id, data) ==
ERC721TokenReceiver.onERC721Received.selector,
"UNSAFE_RECIPIENT"
);
}
/*//////////////////////////////////////////////////////////////
ERC165 LOGIC
//////////////////////////////////////////////////////////////*/
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return
interfaceId == 0x01ffc9a7 || // ERC165 Interface ID for ERC165
interfaceId == 0x80ac58cd || // ERC165 Interface ID for ERC721
interfaceId == 0x5b5e139f; // ERC165 Interface ID for ERC721Metadata
}
/*//////////////////////////////////////////////////////////////
INTERNAL MINT/BURN LOGIC
//////////////////////////////////////////////////////////////*/
function _mint(address to, uint256 id) internal virtual {
require(to != address(0), "INVALID_RECIPIENT");
require(_ownerOf[id] == address(0), "ALREADY_MINTED");
// Counter overflow is incredibly unrealistic.
unchecked {
_balanceOf[to]++;
}
_ownerOf[id] = to;
emit Transfer(address(0), to, id);
}
function _burn(uint256 id) internal virtual {
address owner = _ownerOf[id];
require(owner != address(0), "NOT_MINTED");
// Ownership check above ensures no underflow.
unchecked {
_balanceOf[owner]--;
}
delete _ownerOf[id];
delete getApproved[id];
emit Transfer(owner, address(0), id);
}
/*//////////////////////////////////////////////////////////////
INTERNAL SAFE MINT LOGIC
//////////////////////////////////////////////////////////////*/
function _safeMint(address to, uint256 id) internal virtual {
_mint(to, id);
require(
to.code.length == 0 ||
ERC721TokenReceiver(to).onERC721Received(msg.sender, address(0), id, "") ==
ERC721TokenReceiver.onERC721Received.selector,
"UNSAFE_RECIPIENT"
);
}
function _safeMint(
address to,
uint256 id,
bytes memory data
) internal virtual {
_mint(to, id);
require(
to.code.length == 0 ||
ERC721TokenReceiver(to).onERC721Received(msg.sender, address(0), id, data) ==
ERC721TokenReceiver.onERC721Received.selector,
"UNSAFE_RECIPIENT"
);
}
}
/// @notice A generic interface for a contract which properly accepts ERC721 tokens.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/tokens/ERC721.sol)
abstract contract ERC721TokenReceiver {
function onERC721Received(
address,
address,
uint256,
bytes calldata
) external virtual returns (bytes4) {
return ERC721TokenReceiver.onERC721Received.selector;
}
}
// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity >=0.8.0;
/// @notice Minimalist and gas efficient standard ERC1155 implementation.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/tokens/ERC1155.sol)
abstract contract ERC1155 {
/*//////////////////////////////////////////////////////////////
EVENTS
//////////////////////////////////////////////////////////////*/
event TransferSingle(
address indexed operator,
address indexed from,
address indexed to,
uint256 id,
uint256 amount
);
event TransferBatch(
address indexed operator,
address indexed from,
address indexed to,
uint256[] ids,
uint256[] amounts
);
event ApprovalForAll(address indexed owner, address indexed operator, bool approved);
event URI(string value, uint256 indexed id);
/*//////////////////////////////////////////////////////////////
ERC1155 STORAGE
//////////////////////////////////////////////////////////////*/
mapping(address => mapping(uint256 => uint256)) public balanceOf;
mapping(address => mapping(address => bool)) public isApprovedForAll;
/*//////////////////////////////////////////////////////////////
METADATA LOGIC
//////////////////////////////////////////////////////////////*/
function uri(uint256 id) public view virtual returns (string memory);
/*//////////////////////////////////////////////////////////////
ERC1155 LOGIC
//////////////////////////////////////////////////////////////*/
function setApprovalForAll(address operator, bool approved) public virtual {
isApprovedForAll[msg.sender][operator] = approved;
emit ApprovalForAll(msg.sender, operator, approved);
}
function safeTransferFrom(
address from,
address to,
uint256 id,
uint256 amount,
bytes calldata data
) public virtual {
require(msg.sender == from || isApprovedForAll[from][msg.sender], "NOT_AUTHORIZED");
balanceOf[from][id] -= amount;
balanceOf[to][id] += amount;
emit TransferSingle(msg.sender, from, to, id, amount);
require(
to.code.length == 0
? to != address(0)
: ERC1155TokenReceiver(to).onERC1155Received(msg.sender, from, id, amount, data) ==
ERC1155TokenReceiver.onERC1155Received.selector,
"UNSAFE_RECIPIENT"
);
}
function safeBatchTransferFrom(
address from,
address to,
uint256[] calldata ids,
uint256[] calldata amounts,
bytes calldata data
) public virtual {
require(ids.length == amounts.length, "LENGTH_MISMATCH");
require(msg.sender == from || isApprovedForAll[from][msg.sender], "NOT_AUTHORIZED");
// Storing these outside the loop saves ~15 gas per iteration.
uint256 id;
uint256 amount;
for (uint256 i = 0; i < ids.length; ) {
id = ids[i];
amount = amounts[i];
balanceOf[from][id] -= amount;
balanceOf[to][id] += amount;
// An array can't have a total length
// larger than the max uint256 value.
unchecked {
++i;
}
}
emit TransferBatch(msg.sender, from, to, ids, amounts);
require(
to.code.length == 0
? to != address(0)
: ERC1155TokenReceiver(to).onERC1155BatchReceived(msg.sender, from, ids, amounts, data) ==
ERC1155TokenReceiver.onERC1155BatchReceived.selector,
"UNSAFE_RECIPIENT"
);
}
function balanceOfBatch(address[] calldata owners, uint256[] calldata ids)
public
view
virtual
returns (uint256[] memory balances)
{
require(owners.length == ids.length, "LENGTH_MISMATCH");
balances = new uint256[](owners.length);
// Unchecked because the only math done is incrementing
// the array index counter which cannot possibly overflow.
unchecked {
for (uint256 i = 0; i < owners.length; ++i) {
balances[i] = balanceOf[owners[i]][ids[i]];
}
}
}
/*//////////////////////////////////////////////////////////////
ERC165 LOGIC
//////////////////////////////////////////////////////////////*/
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return
interfaceId == 0x01ffc9a7 || // ERC165 Interface ID for ERC165
interfaceId == 0xd9b67a26 || // ERC165 Interface ID for ERC1155
interfaceId == 0x0e89341c; // ERC165 Interface ID for ERC1155MetadataURI
}
/*//////////////////////////////////////////////////////////////
INTERNAL MINT/BURN LOGIC
//////////////////////////////////////////////////////////////*/
function _mint(
address to,
uint256 id,
uint256 amount,
bytes memory data
) internal virtual {
balanceOf[to][id] += amount;
emit TransferSingle(msg.sender, address(0), to, id, amount);
require(
to.code.length == 0
? to != address(0)
: ERC1155TokenReceiver(to).onERC1155Received(msg.sender, address(0), id, amount, data) ==
ERC1155TokenReceiver.onERC1155Received.selector,
"UNSAFE_RECIPIENT"
);
}
function _batchMint(
address to,
uint256[] memory ids,
uint256[] memory amounts,
bytes memory data
) internal virtual {
uint256 idsLength = ids.length; // Saves MLOADs.
require(idsLength == amounts.length, "LENGTH_MISMATCH");
for (uint256 i = 0; i < idsLength; ) {
balanceOf[to][ids[i]] += amounts[i];
// An array can't have a total length
// larger than the max uint256 value.
unchecked {
++i;
}
}
emit TransferBatch(msg.sender, address(0), to, ids, amounts);
require(
to.code.length == 0
? to != address(0)
: ERC1155TokenReceiver(to).onERC1155BatchReceived(msg.sender, address(0), ids, amounts, data) ==
ERC1155TokenReceiver.onERC1155BatchReceived.selector,
"UNSAFE_RECIPIENT"
);
}
function _batchBurn(
address from,
uint256[] memory ids,
uint256[] memory amounts
) internal virtual {
uint256 idsLength = ids.length; // Saves MLOADs.
require(idsLength == amounts.length, "LENGTH_MISMATCH");
for (uint256 i = 0; i < idsLength; ) {
balanceOf[from][ids[i]] -= amounts[i];
// An array can't have a total length
// larger than the max uint256 value.
unchecked {
++i;
}
}
emit TransferBatch(msg.sender, from, address(0), ids, amounts);
}
function _burn(
address from,
uint256 id,
uint256 amount
) internal virtual {
balanceOf[from][id] -= amount;
emit TransferSingle(msg.sender, from, address(0), id, amount);
}
}
/// @notice A generic interface for a contract which properly accepts ERC1155 tokens.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/tokens/ERC1155.sol)
abstract contract ERC1155TokenReceiver {
function onERC1155Received(
address,
address,
uint256,
uint256,
bytes calldata
) external virtual returns (bytes4) {
return ERC1155TokenReceiver.onERC1155Received.selector;
}
function onERC1155BatchReceived(
address,
address,
uint256[] calldata,
uint256[] calldata,
bytes calldata
) external virtual returns (bytes4) {
return ERC1155TokenReceiver.onERC1155BatchReceived.selector;
}
}
// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity >=0.8.0;
/// @notice Modern and gas efficient ERC20 + EIP-2612 implementation.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/tokens/ERC20.sol)
/// @author Modified from Uniswap (https://github.com/Uniswap/uniswap-v2-core/blob/master/contracts/UniswapV2ERC20.sol)
/// @dev Do not manually set balances without updating totalSupply, as the sum of all user balances must not exceed it.
abstract contract ERC20 {
/*//////////////////////////////////////////////////////////////
EVENTS
//////////////////////////////////////////////////////////////*/
event Transfer(address indexed from, address indexed to, uint256 amount);
event Approval(address indexed owner, address indexed spender, uint256 amount);
/*//////////////////////////////////////////////////////////////
METADATA STORAGE
//////////////////////////////////////////////////////////////*/
string public name;
string public symbol;
uint8 public immutable decimals;
/*//////////////////////////////////////////////////////////////
ERC20 STORAGE
//////////////////////////////////////////////////////////////*/
uint256 public totalSupply;
mapping(address => uint256) public balanceOf;
mapping(address => mapping(address => uint256)) public allowance;
/*//////////////////////////////////////////////////////////////
EIP-2612 STORAGE
//////////////////////////////////////////////////////////////*/
uint256 internal immutable INITIAL_CHAIN_ID;
bytes32 internal immutable INITIAL_DOMAIN_SEPARATOR;
mapping(address => uint256) public nonces;
/*//////////////////////////////////////////////////////////////
CONSTRUCTOR
//////////////////////////////////////////////////////////////*/
constructor(
string memory _name,
string memory _symbol,
uint8 _decimals
) {
name = _name;
symbol = _symbol;
decimals = _decimals;
INITIAL_CHAIN_ID = block.chainid;
INITIAL_DOMAIN_SEPARATOR = computeDomainSeparator();
}
/*//////////////////////////////////////////////////////////////
ERC20 LOGIC
//////////////////////////////////////////////////////////////*/
function approve(address spender, uint256 amount) public virtual returns (bool) {
allowance[msg.sender][spender] = amount;
emit Approval(msg.sender, spender, amount);
return true;
}
function transfer(address to, uint256 amount) public virtual returns (bool) {
balanceOf[msg.sender] -= amount;
// Cannot overflow because the sum of all user
// balances can't exceed the max uint256 value.
unchecked {
balanceOf[to] += amount;
}
emit Transfer(msg.sender, to, amount);
return true;
}
function transferFrom(
address from,
address to,
uint256 amount
) public virtual returns (bool) {
uint256 allowed = allowance[from][msg.sender]; // Saves gas for limited approvals.
if (allowed != type(uint256).max) allowance[from][msg.sender] = allowed - amount;
balanceOf[from] -= amount;
// Cannot overflow because the sum of all user
// balances can't exceed the max uint256 value.
unchecked {
balanceOf[to] += amount;
}
emit Transfer(from, to, amount);
return true;
}
/*//////////////////////////////////////////////////////////////
EIP-2612 LOGIC
//////////////////////////////////////////////////////////////*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) public virtual {
require(deadline >= block.timestamp, "PERMIT_DEADLINE_EXPIRED");
// Unchecked because the only math done is incrementing
// the owner's nonce which cannot realistically overflow.
unchecked {
address recoveredAddress = ecrecover(
keccak256(
abi.encodePacked(
"\\x19\\x01",
DOMAIN_SEPARATOR(),
keccak256(
abi.encode(
keccak256(
"Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)"
),
owner,
spender,
value,
nonces[owner]++,
deadline
)
)
)
),
v,
r,
s
);
require(recoveredAddress != address(0) && recoveredAddress == owner, "INVALID_SIGNER");
allowance[recoveredAddress][spender] = value;
}
emit Approval(owner, spender, value);
}
function DOMAIN_SEPARATOR() public view virtual returns (bytes32) {
return block.chainid == INITIAL_CHAIN_ID ? INITIAL_DOMAIN_SEPARATOR : computeDomainSeparator();
}
function computeDomainSeparator() internal view virtual returns (bytes32) {
return
keccak256(
abi.encode(
keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"),
keccak256(bytes(name)),
keccak256("1"),
block.chainid,
address(this)
)
);
}
/*//////////////////////////////////////////////////////////////
INTERNAL MINT/BURN LOGIC
//////////////////////////////////////////////////////////////*/
function _mint(address to, uint256 amount) internal virtual {
totalSupply += amount;
// Cannot overflow because the sum of all user
// balances can't exceed the max uint256 value.
unchecked {
balanceOf[to] += amount;
}
emit Transfer(address(0), to, amount);
}
function _burn(address from, uint256 amount) internal virtual {
balanceOf[from] -= amount;
// Cannot underflow because a user's balance
// will never be larger than the total supply.
unchecked {
totalSupply -= amount;
}
emit Transfer(from, address(0), amount);
}
}
// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
uint256 constant Bytes1_shift = 0xf8;
uint256 constant Bytes4_shift = 0xe0;
uint256 constant Bytes20_shift = 0x60;
uint256 constant One_word = 0x20;
uint256 constant Memory_pointer = 0x40;
uint256 constant AssetType_ERC721 = 0;
uint256 constant AssetType_ERC1155 = 1;
uint256 constant OrderType_ASK = 0;
uint256 constant OrderType_BID = 1;
uint256 constant Pool_withdrawFrom_selector = 0x9555a94200000000000000000000000000000000000000000000000000000000;
uint256 constant Pool_withdrawFrom_from_offset = 0x04;
uint256 constant Pool_withdrawFrom_to_offset = 0x24;
uint256 constant Pool_withdrawFrom_amount_offset = 0x44;
uint256 constant Pool_withdrawFrom_size = 0x64;
uint256 constant Pool_deposit_selector = 0xf340fa0100000000000000000000000000000000000000000000000000000000;
uint256 constant Pool_deposit_user_offset = 0x04;
uint256 constant Pool_deposit_size = 0x24;
uint256 constant ERC20_transferFrom_selector = 0x23b872dd00000000000000000000000000000000000000000000000000000000;
uint256 constant ERC721_safeTransferFrom_selector = 0x42842e0e00000000000000000000000000000000000000000000000000000000;
uint256 constant ERC1155_safeTransferFrom_selector = 0xf242432a00000000000000000000000000000000000000000000000000000000;
uint256 constant ERC20_transferFrom_size = 0x64;
uint256 constant ERC721_safeTransferFrom_size = 0x64;
uint256 constant ERC1155_safeTransferFrom_size = 0xc4;
uint256 constant OracleSignatures_size = 0x59;
uint256 constant OracleSignatures_s_offset = 0x20;
uint256 constant OracleSignatures_v_offset = 0x40;
uint256 constant OracleSignatures_blockNumber_offset = 0x41;
uint256 constant OracleSignatures_oracle_offset = 0x45;
uint256 constant Signatures_size = 0x41;
uint256 constant Signatures_s_offset = 0x20;
uint256 constant Signatures_v_offset = 0x40;
uint256 constant ERC20_transferFrom_from_offset = 0x4;
uint256 constant ERC20_transferFrom_to_offset = 0x24;
uint256 constant ERC20_transferFrom_amount_offset = 0x44;
uint256 constant ERC721_safeTransferFrom_from_offset = 0x4;
uint256 constant ERC721_safeTransferFrom_to_offset = 0x24;
uint256 constant ERC721_safeTransferFrom_id_offset = 0x44;
uint256 constant ERC1155_safeTransferFrom_from_offset = 0x4;
uint256 constant ERC1155_safeTransferFrom_to_offset = 0x24;
uint256 constant ERC1155_safeTransferFrom_id_offset = 0x44;
uint256 constant ERC1155_safeTransferFrom_amount_offset = 0x64;
uint256 constant ERC1155_safeTransferFrom_data_pointer_offset = 0x84;
uint256 constant ERC1155_safeTransferFrom_data_offset = 0xa4;
uint256 constant Delegate_transfer_selector = 0xa1ccb98e00000000000000000000000000000000000000000000000000000000;
uint256 constant Delegate_transfer_calldata_offset = 0x1c;
uint256 constant Order_size = 0x100;
uint256 constant Order_trader_offset = 0x00;
uint256 constant Order_collection_offset = 0x20;
uint256 constant Order_listingsRoot_offset = 0x40;
uint256 constant Order_numberOfListings_offset = 0x60;
uint256 constant Order_expirationTime_offset = 0x80;
uint256 constant Order_assetType_offset = 0xa0;
uint256 constant Order_makerFee_offset = 0xc0;
uint256 constant Order_salt_offset = 0xe0;
uint256 constant Exchange_size = 0x80;
uint256 constant Exchange_askIndex_offset = 0x00;
uint256 constant Exchange_proof_offset = 0x20;
uint256 constant Exchange_maker_offset = 0x40;
uint256 constant Exchange_taker_offset = 0x60;
uint256 constant BidExchange_size = 0x80;
uint256 constant BidExchange_askIndex_offset = 0x00;
uint256 constant BidExchange_proof_offset = 0x20;
uint256 constant BidExchange_maker_offset = 0x40;
uint256 constant BidExchange_taker_offset = 0x60;
uint256 constant Listing_size = 0x80;
uint256 constant Listing_index_offset = 0x00;
uint256 constant Listing_tokenId_offset = 0x20;
uint256 constant Listing_amount_offset = 0x40;
uint256 constant Listing_price_offset = 0x60;
uint256 constant Taker_size = 0x40;
uint256 constant Taker_tokenId_offset = 0x00;
uint256 constant Taker_amount_offset = 0x20;
uint256 constant StateUpdate_size = 0x80;
uint256 constant StateUpdate_salt_offset = 0x20;
uint256 constant StateUpdate_leaf_offset = 0x40;
uint256 constant StateUpdate_value_offset = 0x60;
uint256 constant Transfer_size = 0xa0;
uint256 constant Transfer_trader_offset = 0x00;
uint256 constant Transfer_id_offset = 0x20;
uint256 constant Transfer_amount_offset = 0x40;
uint256 constant Transfer_collection_offset = 0x60;
uint256 constant Transfer_assetType_offset = 0x80;
uint256 constant ExecutionBatch_selector_offset = 0x20;
uint256 constant ExecutionBatch_calldata_offset = 0x40;
uint256 constant ExecutionBatch_base_size = 0xa0; // size of the executionBatch without the flattened dynamic elements
uint256 constant ExecutionBatch_taker_offset = 0x00;
uint256 constant ExecutionBatch_orderType_offset = 0x20;
uint256 constant ExecutionBatch_transfers_pointer_offset = 0x40;
uint256 constant ExecutionBatch_length_offset = 0x60;
uint256 constant ExecutionBatch_transfers_offset = 0x80;
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.17;
struct TakeAsk {
Order[] orders;
Exchange[] exchanges;
FeeRate takerFee;
bytes signatures;
address tokenRecipient;
}
struct TakeAskSingle {
Order order;
Exchange exchange;
FeeRate takerFee;
bytes signature;
address tokenRecipient;
}
struct TakeBid {
Order[] orders;
Exchange[] exchanges;
FeeRate takerFee;
bytes signatures;
}
struct TakeBidSingle {
Order order;
Exchange exchange;
FeeRate takerFee;
bytes signature;
}
enum AssetType {
ERC721,
ERC1155
}
enum OrderType {
ASK,
BID
}
struct Exchange { // Size: 0x80
uint256 index; // 0x00
bytes32[] proof; // 0x20
Listing listing; // 0x40
Taker taker; // 0x60
}
struct Listing { // Size: 0x80
uint256 index; // 0x00
uint256 tokenId; // 0x20
uint256 amount; // 0x40
uint256 price; // 0x60
}
struct Taker { // Size: 0x40
uint256 tokenId; // 0x00
uint256 amount; // 0x20
}
struct Order { // Size: 0x100
address trader; // 0x00
address collection; // 0x20
bytes32 listingsRoot; // 0x40
uint256 numberOfListings; // 0x60
uint256 expirationTime; // 0x80
AssetType assetType; // 0xa0
FeeRate makerFee; // 0xc0
uint256 salt; // 0xe0
}
/*
Reference only; struct is composed manually using calldata formatting in execution
struct ExecutionBatch { // Size: 0x80
address taker; // 0x00
OrderType orderType; // 0x20
Transfer[] transfers; // 0x40
uint256 length; // 0x60
}
*/
struct Transfer { // Size: 0xa0
address trader; // 0x00
uint256 id; // 0x20
uint256 amount; // 0x40
address collection; // 0x60
AssetType assetType; // 0x80
}
struct FungibleTransfers {
uint256 totalProtocolFee;
uint256 totalSellerTransfer;
uint256 totalTakerFee;
uint256 feeRecipientId;
uint256 makerId;
address[] feeRecipients;
address[] makers;
uint256[] makerTransfers;
uint256[] feeTransfers;
AtomicExecution[] executions;
}
struct AtomicExecution { // Size: 0xe0
uint256 makerId; // 0x00
uint256 sellerAmount; // 0x20
uint256 makerFeeRecipientId; // 0x40
uint256 makerFeeAmount; // 0x60
uint256 takerFeeAmount; // 0x80
uint256 protocolFeeAmount; // 0xa0
StateUpdate stateUpdate; // 0xc0
}
struct StateUpdate { // Size: 0xa0
address trader; // 0x00
bytes32 hash; // 0x20
uint256 index; // 0x40
uint256 value; // 0x60
uint256 maxAmount; // 0x80
}
struct Fees { // Size: 0x40
FeeRate protocolFee; // 0x00
FeeRate takerFee; // 0x20
}
struct FeeRate { // Size: 0x40
address recipient; // 0x00
uint16 rate; // 0x20
}
struct Cancel {
bytes32 hash;
uint256 index;
uint256 amount;
}