Transaction Hash:
Block:
22854030 at Jul-05-2025 03:52:23 PM +UTC
Transaction Fee:
0.000067154161242324 ETH
$0.17
Gas Used:
110,708 Gas / 0.606588153 Gwei
Emitted Events:
| 427 |
TetherToken.Transfer( from=[Receiver] WalletSimple, to=0x5713bD0B2F25aca78B21b708dBa66D07e306682D, value=145325000 )
|
Account State Difference:
| Address | Before | After | State Difference | ||
|---|---|---|---|---|---|
| 0x3db76cc3...3147826f8 | |||||
| 0x5ACaf7C0...0cB3b054f |
0.891079231037441627 Eth
Nonce: 137818
|
0.891012076876199303 Eth
Nonce: 137819
| 0.000067154161242324 | ||
|
0x95222290...5CC4BAfe5
Miner
| (beaverbuild) | 19.336241597046276926 Eth | 19.336255601608276926 Eth | 0.000014004562 | |
| 0xdAC17F95...13D831ec7 |
Execution Trace
WalletSimple.sendMultiSigToken( toAddress=0x5713bD0B2F25aca78B21b708dBa66D07e306682D, value=145325000, tokenContractAddress=0xdAC17F958D2ee523a2206206994597C13D831ec7, expireTime=1752335538, sequenceId=111533, signature=0x83B30665F5A8ED239CF9E53ED9CFC18CB95E1BB9493CF57CDE7666C9E62AF96220074BC2451A35BC56D416E78587CEB225DC94C4C1A9F84797BA0CC58FB7E3401B )
WalletSimple.sendMultiSigToken( toAddress=0x5713bD0B2F25aca78B21b708dBa66D07e306682D, value=145325000, tokenContractAddress=0xdAC17F958D2ee523a2206206994597C13D831ec7, expireTime=1752335538, sequenceId=111533, signature=0x83B30665F5A8ED239CF9E53ED9CFC18CB95E1BB9493CF57CDE7666C9E62AF96220074BC2451A35BC56D416E78587CEB225DC94C4C1A9F84797BA0CC58FB7E3401B )-
Null: 0x000...001.4c8ac55f( ) -
TetherToken.transfer( _to=0x5713bD0B2F25aca78B21b708dBa66D07e306682D, _value=145325000 )
-
File 1 of 3: WalletSimple
File 2 of 3: TetherToken
File 3 of 3: WalletSimple
{"ERC20Interface.sol":{"content":"// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.7.5;\n\n/**\n * Contract that exposes the needed erc20 token functions\n */\n\nabstract contract ERC20Interface {\n // Send _value amount of tokens to address _to\n function transfer(address _to, uint256 _value)\n public\n virtual\n returns (bool success);\n\n // Get the account balance of another account with address _owner\n function balanceOf(address _owner)\n public\n virtual\n view\n returns (uint256 balance);\n}\n"},"Forwarder.sol":{"content":"// SPDX-License-Identifier: Apache-2.0\npragma solidity 0.7.5;\nimport \u0027./TransferHelper.sol\u0027;\nimport \u0027./ERC20Interface.sol\u0027;\n\n/**\n * Contract that will forward any incoming Ether to the creator of the contract\n *\n */\ncontract Forwarder {\n // Address to which any funds sent to this contract will be forwarded\n address public parentAddress;\n event ForwarderDeposited(address from, uint256 value, bytes data);\n\n /**\n * Initialize the contract, and sets the destination address to that of the creator\n */\n function init(address _parentAddress) external onlyUninitialized {\n parentAddress = _parentAddress;\n uint256 value = address(this).balance;\n\n if (value == 0) {\n return;\n }\n\n (bool success, ) = parentAddress.call{ value: value }(\u0027\u0027);\n require(success, \u0027Flush failed\u0027);\n // NOTE: since we are forwarding on initialization,\n // we don\u0027t have the context of the original sender.\n // We still emit an event about the forwarding but set\n // the sender to the forwarder itself\n emit ForwarderDeposited(address(this), value, msg.data);\n }\n\n /**\n * Modifier that will execute internal code block only if the sender is the parent address\n */\n modifier onlyParent {\n require(msg.sender == parentAddress, \u0027Only Parent\u0027);\n _;\n }\n\n /**\n * Modifier that will execute internal code block only if the contract has not been initialized yet\n */\n modifier onlyUninitialized {\n require(parentAddress == address(0x0), \u0027Already initialized\u0027);\n _;\n }\n\n /**\n * Default function; Gets called when data is sent but does not match any other function\n */\n fallback() external payable {\n flush();\n }\n\n /**\n * Default function; Gets called when Ether is deposited with no data, and forwards it to the parent address\n */\n receive() external payable {\n flush();\n }\n\n /**\n * Execute a token transfer of the full balance from the forwarder token to the parent address\n * @param tokenContractAddress the address of the erc20 token contract\n */\n function flushTokens(address tokenContractAddress) external onlyParent {\n ERC20Interface instance = ERC20Interface(tokenContractAddress);\n address forwarderAddress = address(this);\n uint256 forwarderBalance = instance.balanceOf(forwarderAddress);\n if (forwarderBalance == 0) {\n return;\n }\n\n TransferHelper.safeTransfer(\n tokenContractAddress,\n parentAddress,\n forwarderBalance\n );\n }\n\n /**\n * Flush the entire balance of the contract to the parent address.\n */\n function flush() public {\n uint256 value = address(this).balance;\n\n if (value == 0) {\n return;\n }\n\n (bool success, ) = parentAddress.call{ value: value }(\u0027\u0027);\n require(success, \u0027Flush failed\u0027);\n emit ForwarderDeposited(msg.sender, value, msg.data);\n }\n}\n"},"TransferHelper.sol":{"content":"// SPDX-License-Identifier: Apache-2.0\n\npragma solidity \u003e=0.7.5;\n\n// helper methods for interacting with ERC20 tokens and sending ETH that do not consistently return true/false\nlibrary TransferHelper {\n function safeApprove(\n address token,\n address to,\n uint256 value\n ) internal {\n // bytes4(keccak256(bytes(\u0027approve(address,uint256)\u0027)));\n (bool success, bytes memory data) = token.call(abi.encodeWithSelector(0x095ea7b3, to, value));\n require(\n success \u0026\u0026 (data.length == 0 || abi.decode(data, (bool))),\n \u0027TransferHelper::safeApprove: approve failed\u0027\n );\n }\n\n function safeTransfer(\n address token,\n address to,\n uint256 value\n ) internal {\n // bytes4(keccak256(bytes(\u0027transfer(address,uint256)\u0027)));\n (bool success, bytes memory data) = token.call(abi.encodeWithSelector(0xa9059cbb, to, value));\n require(\n success \u0026\u0026 (data.length == 0 || abi.decode(data, (bool))),\n \u0027TransferHelper::safeTransfer: transfer failed\u0027\n );\n }\n\n function safeTransferFrom(\n address token,\n address from,\n address to,\n uint256 value\n ) internal {\n // bytes4(keccak256(bytes(\u0027transferFrom(address,address,uint256)\u0027)));\n (bool success, bytes memory data) = token.call(abi.encodeWithSelector(0x23b872dd, from, to, value));\n require(\n success \u0026\u0026 (data.length == 0 || abi.decode(data, (bool))),\n \u0027TransferHelper::transferFrom: transferFrom failed\u0027\n );\n }\n\n function safeTransferETH(address to, uint256 value) internal {\n (bool success, ) = to.call{value: value}(new bytes(0));\n require(success, \u0027TransferHelper::safeTransferETH: ETH transfer failed\u0027);\n }\n}\n"},"WalletSimple.sol":{"content":"// SPDX-License-Identifier: Apache-2.0\npragma solidity 0.7.5;\nimport \u0027./TransferHelper.sol\u0027;\nimport \u0027./Forwarder.sol\u0027;\nimport \u0027./ERC20Interface.sol\u0027;\n\n/**\n *\n * WalletSimple\n * ============\n *\n * Basic multi-signer wallet designed for use in a co-signing environment where 2 signatures are required to move funds.\n * Typically used in a 2-of-3 signing configuration. Uses ecrecover to allow for 2 signatures in a single transaction.\n *\n * The first signature is created on the operation hash (see Data Formats) and passed to sendMultiSig/sendMultiSigToken\n * The signer is determined by verifyMultiSig().\n *\n * The second signature is created by the submitter of the transaction and determined by msg.signer.\n *\n * Data Formats\n * ============\n *\n * The signature is created with ethereumjs-util.ecsign(operationHash).\n * Like the eth_sign RPC call, it packs the values as a 65-byte array of [r, s, v].\n * Unlike eth_sign, the message is not prefixed.\n *\n * The operationHash the result of keccak256(prefix, toAddress, value, data, expireTime).\n * For ether transactions, `prefix` is \"ETHER\".\n * For token transaction, `prefix` is \"ERC20\" and `data` is the tokenContractAddress.\n *\n *\n */\ncontract WalletSimple {\n // Events\n event Deposited(address from, uint256 value, bytes data);\n event SafeModeActivated(address msgSender);\n event Transacted(\n address msgSender, // Address of the sender of the message initiating the transaction\n address otherSigner, // Address of the signer (second signature) used to initiate the transaction\n bytes32 operation, // Operation hash (see Data Formats)\n address toAddress, // The address the transaction was sent to\n uint256 value, // Amount of Wei sent to the address\n bytes data // Data sent when invoking the transaction\n );\n\n event BatchTransfer(address sender, address recipient, uint256 value);\n // this event shows the other signer and the operation hash that they signed\n // specific batch transfer events are emitted in Batcher\n event BatchTransacted(\n address msgSender, // Address of the sender of the message initiating the transaction\n address otherSigner, // Address of the signer (second signature) used to initiate the transaction\n bytes32 operation // Operation hash (see Data Formats)\n );\n\n // Public fields\n mapping(address =\u003e bool) public signers; // The addresses that can co-sign transactions on the wallet\n bool public safeMode = false; // When active, wallet may only send to signer addresses\n bool public initialized = false; // True if the contract has been initialized\n\n // Internal fields\n uint256 private constant MAX_SEQUENCE_ID_INCREASE = 10000;\n uint256 constant SEQUENCE_ID_WINDOW_SIZE = 10;\n uint256[SEQUENCE_ID_WINDOW_SIZE] recentSequenceIds;\n\n /**\n * Set up a simple multi-sig wallet by specifying the signers allowed to be used on this wallet.\n * 2 signers will be required to send a transaction from this wallet.\n * Note: The sender is NOT automatically added to the list of signers.\n * Signers CANNOT be changed once they are set\n *\n * @param allowedSigners An array of signers on the wallet\n */\n function init(address[] calldata allowedSigners) external onlyUninitialized {\n require(allowedSigners.length == 3, \u0027Invalid number of signers\u0027);\n\n for (uint8 i = 0; i \u003c allowedSigners.length; i++) {\n require(allowedSigners[i] != address(0), \u0027Invalid signer\u0027);\n signers[allowedSigners[i]] = true;\n }\n initialized = true;\n }\n\n /**\n * Get the network identifier that signers must sign over\n * This provides protection signatures being replayed on other chains\n * This must be a virtual function because chain-specific contracts will need\n * to override with their own network ids. It also can\u0027t be a field\n * to allow this contract to be used by proxy with delegatecall, which will\n * not pick up on state variables\n */\n function getNetworkId() internal virtual pure returns (string memory) {\n return \u0027ETHER\u0027;\n }\n\n /**\n * Get the network identifier that signers must sign over for token transfers\n * This provides protection signatures being replayed on other chains\n * This must be a virtual function because chain-specific contracts will need\n * to override with their own network ids. It also can\u0027t be a field\n * to allow this contract to be used by proxy with delegatecall, which will\n * not pick up on state variables\n */\n function getTokenNetworkId() internal virtual pure returns (string memory) {\n return \u0027ERC20\u0027;\n }\n\n /**\n * Get the network identifier that signers must sign over for batch transfers\n * This provides protection signatures being replayed on other chains\n * This must be a virtual function because chain-specific contracts will need\n * to override with their own network ids. It also can\u0027t be a field\n * to allow this contract to be used by proxy with delegatecall, which will\n * not pick up on state variables\n */\n function getBatchNetworkId() internal virtual pure returns (string memory) {\n return \u0027ETHER-Batch\u0027;\n }\n\n /**\n * Determine if an address is a signer on this wallet\n * @param signer address to check\n * returns boolean indicating whether address is signer or not\n */\n function isSigner(address signer) public view returns (bool) {\n return signers[signer];\n }\n\n /**\n * Modifier that will execute internal code block only if the sender is an authorized signer on this wallet\n */\n modifier onlySigner {\n require(isSigner(msg.sender), \u0027Non-signer in onlySigner method\u0027);\n _;\n }\n\n /**\n * Modifier that will execute internal code block only if the contract has not been initialized yet\n */\n modifier onlyUninitialized {\n require(!initialized, \u0027Contract already initialized\u0027);\n _;\n }\n\n /**\n * Gets called when a transaction is received with data that does not match any other method\n */\n fallback() external payable {\n if (msg.value \u003e 0) {\n // Fire deposited event if we are receiving funds\n Deposited(msg.sender, msg.value, msg.data);\n }\n }\n\n /**\n * Gets called when a transaction is received with ether and no data\n */\n receive() external payable {\n if (msg.value \u003e 0) {\n // Fire deposited event if we are receiving funds\n Deposited(msg.sender, msg.value, msg.data);\n }\n }\n\n /**\n * Execute a multi-signature transaction from this wallet using 2 signers: one from msg.sender and the other from ecrecover.\n * Sequence IDs are numbers starting from 1. They are used to prevent replay attacks and may not be repeated.\n *\n * @param toAddress the destination address to send an outgoing transaction\n * @param value the amount in Wei to be sent\n * @param data the data to send to the toAddress when invoking the transaction\n * @param expireTime the number of seconds since 1970 for which this transaction is valid\n * @param sequenceId the unique sequence id obtainable from getNextSequenceId\n * @param signature see Data Formats\n */\n function sendMultiSig(\n address toAddress,\n uint256 value,\n bytes calldata data,\n uint256 expireTime,\n uint256 sequenceId,\n bytes calldata signature\n ) external onlySigner {\n // Verify the other signer\n bytes32 operationHash = keccak256(\n abi.encodePacked(\n getNetworkId(),\n toAddress,\n value,\n data,\n expireTime,\n sequenceId\n )\n );\n\n address otherSigner = verifyMultiSig(\n toAddress,\n operationHash,\n signature,\n expireTime,\n sequenceId\n );\n\n // Success, send the transaction\n (bool success, ) = toAddress.call{ value: value }(data);\n require(success, \u0027Call execution failed\u0027);\n\n emit Transacted(\n msg.sender,\n otherSigner,\n operationHash,\n toAddress,\n value,\n data\n );\n }\n\n /**\n * Execute a batched multi-signature transaction from this wallet using 2 signers: one from msg.sender and the other from ecrecover.\n * Sequence IDs are numbers starting from 1. They are used to prevent replay attacks and may not be repeated.\n * The recipients and values to send are encoded in two arrays, where for index i, recipients[i] will be sent values[i].\n *\n * @param recipients The list of recipients to send to\n * @param values The list of values to send to\n * @param expireTime the number of seconds since 1970 for which this transaction is valid\n * @param sequenceId the unique sequence id obtainable from getNextSequenceId\n * @param signature see Data Formats\n */\n function sendMultiSigBatch(\n address[] calldata recipients,\n uint256[] calldata values,\n uint256 expireTime,\n uint256 sequenceId,\n bytes calldata signature\n ) external onlySigner {\n require(recipients.length != 0, \u0027Not enough recipients\u0027);\n require(\n recipients.length == values.length,\n \u0027Unequal recipients and values\u0027\n );\n require(recipients.length \u003c 256, \u0027Too many recipients, max 255\u0027);\n\n // Verify the other signer\n bytes32 operationHash = keccak256(\n abi.encodePacked(\n getBatchNetworkId(),\n recipients,\n values,\n expireTime,\n sequenceId\n )\n );\n\n // the first parameter (toAddress) is used to ensure transactions in safe mode only go to a signer\n // if in safe mode, we should use normal sendMultiSig to recover, so this check will always fail if in safe mode\n require(!safeMode, \u0027Batch in safe mode\u0027);\n address otherSigner = verifyMultiSig(\n address(0x0),\n operationHash,\n signature,\n expireTime,\n sequenceId\n );\n\n batchTransfer(recipients, values);\n emit BatchTransacted(msg.sender, otherSigner, operationHash);\n }\n\n /**\n * Transfer funds in a batch to each of recipients\n * @param recipients The list of recipients to send to\n * @param values The list of values to send to recipients.\n * The recipient with index i in recipients array will be sent values[i].\n * Thus, recipients and values must be the same length\n */\n function batchTransfer(\n address[] calldata recipients,\n uint256[] calldata values\n ) internal {\n for (uint256 i = 0; i \u003c recipients.length; i++) {\n require(address(this).balance \u003e= values[i], \u0027Insufficient funds\u0027);\n\n (bool success, ) = recipients[i].call{ value: values[i] }(\u0027\u0027);\n require(success, \u0027Call failed\u0027);\n\n emit BatchTransfer(msg.sender, recipients[i], values[i]);\n }\n }\n\n /**\n * Execute a multi-signature token transfer from this wallet using 2 signers: one from msg.sender and the other from ecrecover.\n * Sequence IDs are numbers starting from 1. They are used to prevent replay attacks and may not be repeated.\n *\n * @param toAddress the destination address to send an outgoing transaction\n * @param value the amount in tokens to be sent\n * @param tokenContractAddress the address of the erc20 token contract\n * @param expireTime the number of seconds since 1970 for which this transaction is valid\n * @param sequenceId the unique sequence id obtainable from getNextSequenceId\n * @param signature see Data Formats\n */\n function sendMultiSigToken(\n address toAddress,\n uint256 value,\n address tokenContractAddress,\n uint256 expireTime,\n uint256 sequenceId,\n bytes calldata signature\n ) external onlySigner {\n // Verify the other signer\n bytes32 operationHash = keccak256(\n abi.encodePacked(\n getTokenNetworkId(),\n toAddress,\n value,\n tokenContractAddress,\n expireTime,\n sequenceId\n )\n );\n\n verifyMultiSig(toAddress, operationHash, signature, expireTime, sequenceId);\n\n TransferHelper.safeTransfer(tokenContractAddress, toAddress, value);\n }\n\n /**\n * Execute a token flush from one of the forwarder addresses. This transfer needs only a single signature and can be done by any signer\n *\n * @param forwarderAddress the address of the forwarder address to flush the tokens from\n * @param tokenContractAddress the address of the erc20 token contract\n */\n function flushForwarderTokens(\n address payable forwarderAddress,\n address tokenContractAddress\n ) external onlySigner {\n Forwarder forwarder = Forwarder(forwarderAddress);\n forwarder.flushTokens(tokenContractAddress);\n }\n\n /**\n * Do common multisig verification for both eth sends and erc20token transfers\n *\n * @param toAddress the destination address to send an outgoing transaction\n * @param operationHash see Data Formats\n * @param signature see Data Formats\n * @param expireTime the number of seconds since 1970 for which this transaction is valid\n * @param sequenceId the unique sequence id obtainable from getNextSequenceId\n * returns address that has created the signature\n */\n function verifyMultiSig(\n address toAddress,\n bytes32 operationHash,\n bytes calldata signature,\n uint256 expireTime,\n uint256 sequenceId\n ) private returns (address) {\n address otherSigner = recoverAddressFromSignature(operationHash, signature);\n\n // Verify if we are in safe mode. In safe mode, the wallet can only send to signers\n require(!safeMode || isSigner(toAddress), \u0027External transfer in safe mode\u0027);\n\n // Verify that the transaction has not expired\n require(expireTime \u003e= block.timestamp, \u0027Transaction expired\u0027);\n\n // Try to insert the sequence ID. Will revert if the sequence id was invalid\n tryInsertSequenceId(sequenceId);\n\n require(isSigner(otherSigner), \u0027Invalid signer\u0027);\n\n require(otherSigner != msg.sender, \u0027Signers cannot be equal\u0027);\n\n return otherSigner;\n }\n\n /**\n * Irrevocably puts contract into safe mode. When in this mode, transactions may only be sent to signing addresses.\n */\n function activateSafeMode() external onlySigner {\n safeMode = true;\n SafeModeActivated(msg.sender);\n }\n\n /**\n * Gets signer\u0027s address using ecrecover\n * @param operationHash see Data Formats\n * @param signature see Data Formats\n * returns address recovered from the signature\n */\n function recoverAddressFromSignature(\n bytes32 operationHash,\n bytes memory signature\n ) private pure returns (address) {\n require(signature.length == 65, \u0027Invalid signature - wrong length\u0027);\n\n // We need to unpack the signature, which is given as an array of 65 bytes (like eth.sign)\n bytes32 r;\n bytes32 s;\n uint8 v;\n\n // solhint-disable-next-line\n assembly {\n r := mload(add(signature, 32))\n s := mload(add(signature, 64))\n v := and(mload(add(signature, 65)), 255)\n }\n if (v \u003c 27) {\n v += 27; // Ethereum versions are 27 or 28 as opposed to 0 or 1 which is submitted by some signing libs\n }\n\n // protect against signature malleability\n // S value must be in the lower half orader\n // reference: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/051d340171a93a3d401aaaea46b4b62fa81e5d7c/contracts/cryptography/ECDSA.sol#L53\n require(\n uint256(s) \u003c=\n 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0,\n \"ECDSA: invalid signature \u0027s\u0027 value\"\n );\n\n // note that this returns 0 if the signature is invalid\n // Since 0x0 can never be a signer, when the recovered signer address\n // is checked against our signer list, that 0x0 will cause an invalid signer failure\n return ecrecover(operationHash, v, r, s);\n }\n\n /**\n * Verify that the sequence id has not been used before and inserts it. Throws if the sequence ID was not accepted.\n * We collect a window of up to 10 recent sequence ids, and allow any sequence id that is not in the window and\n * greater than the minimum element in the window.\n * @param sequenceId to insert into array of stored ids\n */\n function tryInsertSequenceId(uint256 sequenceId) private onlySigner {\n // Keep a pointer to the lowest value element in the window\n uint256 lowestValueIndex = 0;\n // fetch recentSequenceIds into memory for function context to avoid unnecessary sloads\n uint256[SEQUENCE_ID_WINDOW_SIZE] memory _recentSequenceIds = recentSequenceIds;\n for (uint256 i = 0; i \u003c SEQUENCE_ID_WINDOW_SIZE; i++) {\n require(_recentSequenceIds[i] != sequenceId, \u0027Sequence ID already used\u0027);\n\n if (_recentSequenceIds[i] \u003c _recentSequenceIds[lowestValueIndex]) {\n lowestValueIndex = i;\n }\n }\n\n // The sequence ID being used is lower than the lowest value in the window\n // so we cannot accept it as it may have been used before\n require(\n sequenceId \u003e _recentSequenceIds[lowestValueIndex],\n \u0027Sequence ID below window\u0027\n );\n\n // Block sequence IDs which are much higher than the lowest value\n // This prevents people blocking the contract by using very large sequence IDs quickly\n require(\n sequenceId \u003c=\n (_recentSequenceIds[lowestValueIndex] + MAX_SEQUENCE_ID_INCREASE),\n \u0027Sequence ID above maximum\u0027\n );\n\n recentSequenceIds[lowestValueIndex] = sequenceId;\n }\n\n /**\n * Gets the next available sequence ID for signing when using executeAndConfirm\n * returns the sequenceId one higher than the highest currently stored\n */\n function getNextSequenceId() public view returns (uint256) {\n uint256 highestSequenceId = 0;\n for (uint256 i = 0; i \u003c SEQUENCE_ID_WINDOW_SIZE; i++) {\n if (recentSequenceIds[i] \u003e highestSequenceId) {\n highestSequenceId = recentSequenceIds[i];\n }\n }\n return highestSequenceId + 1;\n }\n}\n"}}File 2 of 3: TetherToken
pragma solidity ^0.4.17;
/**
* @title SafeMath
* @dev Math operations with safety checks that throw on error
*/
library SafeMath {
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
uint256 c = a * b;
assert(c / a == b);
return c;
}
function div(uint256 a, uint256 b) internal pure returns (uint256) {
// assert(b > 0); // Solidity automatically throws when dividing by 0
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
assert(b <= a);
return a - b;
}
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
assert(c >= a);
return c;
}
}
/**
* @title Ownable
* @dev The Ownable contract has an owner address, and provides basic authorization control
* functions, this simplifies the implementation of "user permissions".
*/
contract Ownable {
address public owner;
/**
* @dev The Ownable constructor sets the original `owner` of the contract to the sender
* account.
*/
function Ownable() public {
owner = msg.sender;
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
require(msg.sender == owner);
_;
}
/**
* @dev Allows the current owner to transfer control of the contract to a newOwner.
* @param newOwner The address to transfer ownership to.
*/
function transferOwnership(address newOwner) public onlyOwner {
if (newOwner != address(0)) {
owner = newOwner;
}
}
}
/**
* @title ERC20Basic
* @dev Simpler version of ERC20 interface
* @dev see https://github.com/ethereum/EIPs/issues/20
*/
contract ERC20Basic {
uint public _totalSupply;
function totalSupply() public constant returns (uint);
function balanceOf(address who) public constant returns (uint);
function transfer(address to, uint value) public;
event Transfer(address indexed from, address indexed to, uint value);
}
/**
* @title ERC20 interface
* @dev see https://github.com/ethereum/EIPs/issues/20
*/
contract ERC20 is ERC20Basic {
function allowance(address owner, address spender) public constant returns (uint);
function transferFrom(address from, address to, uint value) public;
function approve(address spender, uint value) public;
event Approval(address indexed owner, address indexed spender, uint value);
}
/**
* @title Basic token
* @dev Basic version of StandardToken, with no allowances.
*/
contract BasicToken is Ownable, ERC20Basic {
using SafeMath for uint;
mapping(address => uint) public balances;
// additional variables for use if transaction fees ever became necessary
uint public basisPointsRate = 0;
uint public maximumFee = 0;
/**
* @dev Fix for the ERC20 short address attack.
*/
modifier onlyPayloadSize(uint size) {
require(!(msg.data.length < size + 4));
_;
}
/**
* @dev transfer token for a specified address
* @param _to The address to transfer to.
* @param _value The amount to be transferred.
*/
function transfer(address _to, uint _value) public onlyPayloadSize(2 * 32) {
uint fee = (_value.mul(basisPointsRate)).div(10000);
if (fee > maximumFee) {
fee = maximumFee;
}
uint sendAmount = _value.sub(fee);
balances[msg.sender] = balances[msg.sender].sub(_value);
balances[_to] = balances[_to].add(sendAmount);
if (fee > 0) {
balances[owner] = balances[owner].add(fee);
Transfer(msg.sender, owner, fee);
}
Transfer(msg.sender, _to, sendAmount);
}
/**
* @dev Gets the balance of the specified address.
* @param _owner The address to query the the balance of.
* @return An uint representing the amount owned by the passed address.
*/
function balanceOf(address _owner) public constant returns (uint balance) {
return balances[_owner];
}
}
/**
* @title Standard ERC20 token
*
* @dev Implementation of the basic standard token.
* @dev https://github.com/ethereum/EIPs/issues/20
* @dev Based oncode by FirstBlood: https://github.com/Firstbloodio/token/blob/master/smart_contract/FirstBloodToken.sol
*/
contract StandardToken is BasicToken, ERC20 {
mapping (address => mapping (address => uint)) public allowed;
uint public constant MAX_UINT = 2**256 - 1;
/**
* @dev Transfer tokens from one address to another
* @param _from address The address which you want to send tokens from
* @param _to address The address which you want to transfer to
* @param _value uint the amount of tokens to be transferred
*/
function transferFrom(address _from, address _to, uint _value) public onlyPayloadSize(3 * 32) {
var _allowance = allowed[_from][msg.sender];
// Check is not needed because sub(_allowance, _value) will already throw if this condition is not met
// if (_value > _allowance) throw;
uint fee = (_value.mul(basisPointsRate)).div(10000);
if (fee > maximumFee) {
fee = maximumFee;
}
if (_allowance < MAX_UINT) {
allowed[_from][msg.sender] = _allowance.sub(_value);
}
uint sendAmount = _value.sub(fee);
balances[_from] = balances[_from].sub(_value);
balances[_to] = balances[_to].add(sendAmount);
if (fee > 0) {
balances[owner] = balances[owner].add(fee);
Transfer(_from, owner, fee);
}
Transfer(_from, _to, sendAmount);
}
/**
* @dev Approve the passed address to spend the specified amount of tokens on behalf of msg.sender.
* @param _spender The address which will spend the funds.
* @param _value The amount of tokens to be spent.
*/
function approve(address _spender, uint _value) public onlyPayloadSize(2 * 32) {
// To change the approve amount you first have to reduce the addresses`
// allowance to zero by calling `approve(_spender, 0)` if it is not
// already 0 to mitigate the race condition described here:
// https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
require(!((_value != 0) && (allowed[msg.sender][_spender] != 0)));
allowed[msg.sender][_spender] = _value;
Approval(msg.sender, _spender, _value);
}
/**
* @dev Function to check the amount of tokens than an owner allowed to a spender.
* @param _owner address The address which owns the funds.
* @param _spender address The address which will spend the funds.
* @return A uint specifying the amount of tokens still available for the spender.
*/
function allowance(address _owner, address _spender) public constant returns (uint remaining) {
return allowed[_owner][_spender];
}
}
/**
* @title Pausable
* @dev Base contract which allows children to implement an emergency stop mechanism.
*/
contract Pausable is Ownable {
event Pause();
event Unpause();
bool public paused = false;
/**
* @dev Modifier to make a function callable only when the contract is not paused.
*/
modifier whenNotPaused() {
require(!paused);
_;
}
/**
* @dev Modifier to make a function callable only when the contract is paused.
*/
modifier whenPaused() {
require(paused);
_;
}
/**
* @dev called by the owner to pause, triggers stopped state
*/
function pause() onlyOwner whenNotPaused public {
paused = true;
Pause();
}
/**
* @dev called by the owner to unpause, returns to normal state
*/
function unpause() onlyOwner whenPaused public {
paused = false;
Unpause();
}
}
contract BlackList is Ownable, BasicToken {
/////// Getters to allow the same blacklist to be used also by other contracts (including upgraded Tether) ///////
function getBlackListStatus(address _maker) external constant returns (bool) {
return isBlackListed[_maker];
}
function getOwner() external constant returns (address) {
return owner;
}
mapping (address => bool) public isBlackListed;
function addBlackList (address _evilUser) public onlyOwner {
isBlackListed[_evilUser] = true;
AddedBlackList(_evilUser);
}
function removeBlackList (address _clearedUser) public onlyOwner {
isBlackListed[_clearedUser] = false;
RemovedBlackList(_clearedUser);
}
function destroyBlackFunds (address _blackListedUser) public onlyOwner {
require(isBlackListed[_blackListedUser]);
uint dirtyFunds = balanceOf(_blackListedUser);
balances[_blackListedUser] = 0;
_totalSupply -= dirtyFunds;
DestroyedBlackFunds(_blackListedUser, dirtyFunds);
}
event DestroyedBlackFunds(address _blackListedUser, uint _balance);
event AddedBlackList(address _user);
event RemovedBlackList(address _user);
}
contract UpgradedStandardToken is StandardToken{
// those methods are called by the legacy contract
// and they must ensure msg.sender to be the contract address
function transferByLegacy(address from, address to, uint value) public;
function transferFromByLegacy(address sender, address from, address spender, uint value) public;
function approveByLegacy(address from, address spender, uint value) public;
}
contract TetherToken is Pausable, StandardToken, BlackList {
string public name;
string public symbol;
uint public decimals;
address public upgradedAddress;
bool public deprecated;
// The contract can be initialized with a number of tokens
// All the tokens are deposited to the owner address
//
// @param _balance Initial supply of the contract
// @param _name Token Name
// @param _symbol Token symbol
// @param _decimals Token decimals
function TetherToken(uint _initialSupply, string _name, string _symbol, uint _decimals) public {
_totalSupply = _initialSupply;
name = _name;
symbol = _symbol;
decimals = _decimals;
balances[owner] = _initialSupply;
deprecated = false;
}
// Forward ERC20 methods to upgraded contract if this one is deprecated
function transfer(address _to, uint _value) public whenNotPaused {
require(!isBlackListed[msg.sender]);
if (deprecated) {
return UpgradedStandardToken(upgradedAddress).transferByLegacy(msg.sender, _to, _value);
} else {
return super.transfer(_to, _value);
}
}
// Forward ERC20 methods to upgraded contract if this one is deprecated
function transferFrom(address _from, address _to, uint _value) public whenNotPaused {
require(!isBlackListed[_from]);
if (deprecated) {
return UpgradedStandardToken(upgradedAddress).transferFromByLegacy(msg.sender, _from, _to, _value);
} else {
return super.transferFrom(_from, _to, _value);
}
}
// Forward ERC20 methods to upgraded contract if this one is deprecated
function balanceOf(address who) public constant returns (uint) {
if (deprecated) {
return UpgradedStandardToken(upgradedAddress).balanceOf(who);
} else {
return super.balanceOf(who);
}
}
// Forward ERC20 methods to upgraded contract if this one is deprecated
function approve(address _spender, uint _value) public onlyPayloadSize(2 * 32) {
if (deprecated) {
return UpgradedStandardToken(upgradedAddress).approveByLegacy(msg.sender, _spender, _value);
} else {
return super.approve(_spender, _value);
}
}
// Forward ERC20 methods to upgraded contract if this one is deprecated
function allowance(address _owner, address _spender) public constant returns (uint remaining) {
if (deprecated) {
return StandardToken(upgradedAddress).allowance(_owner, _spender);
} else {
return super.allowance(_owner, _spender);
}
}
// deprecate current contract in favour of a new one
function deprecate(address _upgradedAddress) public onlyOwner {
deprecated = true;
upgradedAddress = _upgradedAddress;
Deprecate(_upgradedAddress);
}
// deprecate current contract if favour of a new one
function totalSupply() public constant returns (uint) {
if (deprecated) {
return StandardToken(upgradedAddress).totalSupply();
} else {
return _totalSupply;
}
}
// Issue a new amount of tokens
// these tokens are deposited into the owner address
//
// @param _amount Number of tokens to be issued
function issue(uint amount) public onlyOwner {
require(_totalSupply + amount > _totalSupply);
require(balances[owner] + amount > balances[owner]);
balances[owner] += amount;
_totalSupply += amount;
Issue(amount);
}
// Redeem tokens.
// These tokens are withdrawn from the owner address
// if the balance must be enough to cover the redeem
// or the call will fail.
// @param _amount Number of tokens to be issued
function redeem(uint amount) public onlyOwner {
require(_totalSupply >= amount);
require(balances[owner] >= amount);
_totalSupply -= amount;
balances[owner] -= amount;
Redeem(amount);
}
function setParams(uint newBasisPoints, uint newMaxFee) public onlyOwner {
// Ensure transparency by hardcoding limit beyond which fees can never be added
require(newBasisPoints < 20);
require(newMaxFee < 50);
basisPointsRate = newBasisPoints;
maximumFee = newMaxFee.mul(10**decimals);
Params(basisPointsRate, maximumFee);
}
// Called when new token are issued
event Issue(uint amount);
// Called when tokens are redeemed
event Redeem(uint amount);
// Called when contract is deprecated
event Deprecate(address newAddress);
// Called if contract ever adds fees
event Params(uint feeBasisPoints, uint maxFee);
}File 3 of 3: WalletSimple
{"ERC20Interface.sol":{"content":"// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.7.5;\n\n/**\n * Contract that exposes the needed erc20 token functions\n */\n\nabstract contract ERC20Interface {\n // Send _value amount of tokens to address _to\n function transfer(address _to, uint256 _value)\n public\n virtual\n returns (bool success);\n\n // Get the account balance of another account with address _owner\n function balanceOf(address _owner)\n public\n virtual\n view\n returns (uint256 balance);\n}\n"},"Forwarder.sol":{"content":"// SPDX-License-Identifier: Apache-2.0\npragma solidity 0.7.5;\nimport \u0027./TransferHelper.sol\u0027;\nimport \u0027./ERC20Interface.sol\u0027;\n\n/**\n * Contract that will forward any incoming Ether to the creator of the contract\n *\n */\ncontract Forwarder {\n // Address to which any funds sent to this contract will be forwarded\n address public parentAddress;\n event ForwarderDeposited(address from, uint256 value, bytes data);\n\n /**\n * Initialize the contract, and sets the destination address to that of the creator\n */\n function init(address _parentAddress) external onlyUninitialized {\n parentAddress = _parentAddress;\n uint256 value = address(this).balance;\n\n if (value == 0) {\n return;\n }\n\n (bool success, ) = parentAddress.call{ value: value }(\u0027\u0027);\n require(success, \u0027Flush failed\u0027);\n // NOTE: since we are forwarding on initialization,\n // we don\u0027t have the context of the original sender.\n // We still emit an event about the forwarding but set\n // the sender to the forwarder itself\n emit ForwarderDeposited(address(this), value, msg.data);\n }\n\n /**\n * Modifier that will execute internal code block only if the sender is the parent address\n */\n modifier onlyParent {\n require(msg.sender == parentAddress, \u0027Only Parent\u0027);\n _;\n }\n\n /**\n * Modifier that will execute internal code block only if the contract has not been initialized yet\n */\n modifier onlyUninitialized {\n require(parentAddress == address(0x0), \u0027Already initialized\u0027);\n _;\n }\n\n /**\n * Default function; Gets called when data is sent but does not match any other function\n */\n fallback() external payable {\n flush();\n }\n\n /**\n * Default function; Gets called when Ether is deposited with no data, and forwards it to the parent address\n */\n receive() external payable {\n flush();\n }\n\n /**\n * Execute a token transfer of the full balance from the forwarder token to the parent address\n * @param tokenContractAddress the address of the erc20 token contract\n */\n function flushTokens(address tokenContractAddress) external onlyParent {\n ERC20Interface instance = ERC20Interface(tokenContractAddress);\n address forwarderAddress = address(this);\n uint256 forwarderBalance = instance.balanceOf(forwarderAddress);\n if (forwarderBalance == 0) {\n return;\n }\n\n TransferHelper.safeTransfer(\n tokenContractAddress,\n parentAddress,\n forwarderBalance\n );\n }\n\n /**\n * Flush the entire balance of the contract to the parent address.\n */\n function flush() public {\n uint256 value = address(this).balance;\n\n if (value == 0) {\n return;\n }\n\n (bool success, ) = parentAddress.call{ value: value }(\u0027\u0027);\n require(success, \u0027Flush failed\u0027);\n emit ForwarderDeposited(msg.sender, value, msg.data);\n }\n}\n"},"TransferHelper.sol":{"content":"// SPDX-License-Identifier: Apache-2.0\n\npragma solidity \u003e=0.7.5;\n\n// helper methods for interacting with ERC20 tokens and sending ETH that do not consistently return true/false\nlibrary TransferHelper {\n function safeApprove(\n address token,\n address to,\n uint256 value\n ) internal {\n // bytes4(keccak256(bytes(\u0027approve(address,uint256)\u0027)));\n (bool success, bytes memory data) = token.call(abi.encodeWithSelector(0x095ea7b3, to, value));\n require(\n success \u0026\u0026 (data.length == 0 || abi.decode(data, (bool))),\n \u0027TransferHelper::safeApprove: approve failed\u0027\n );\n }\n\n function safeTransfer(\n address token,\n address to,\n uint256 value\n ) internal {\n // bytes4(keccak256(bytes(\u0027transfer(address,uint256)\u0027)));\n (bool success, bytes memory data) = token.call(abi.encodeWithSelector(0xa9059cbb, to, value));\n require(\n success \u0026\u0026 (data.length == 0 || abi.decode(data, (bool))),\n \u0027TransferHelper::safeTransfer: transfer failed\u0027\n );\n }\n\n function safeTransferFrom(\n address token,\n address from,\n address to,\n uint256 value\n ) internal {\n // bytes4(keccak256(bytes(\u0027transferFrom(address,address,uint256)\u0027)));\n (bool success, bytes memory data) = token.call(abi.encodeWithSelector(0x23b872dd, from, to, value));\n require(\n success \u0026\u0026 (data.length == 0 || abi.decode(data, (bool))),\n \u0027TransferHelper::transferFrom: transferFrom failed\u0027\n );\n }\n\n function safeTransferETH(address to, uint256 value) internal {\n (bool success, ) = to.call{value: value}(new bytes(0));\n require(success, \u0027TransferHelper::safeTransferETH: ETH transfer failed\u0027);\n }\n}\n"},"WalletSimple.sol":{"content":"// SPDX-License-Identifier: Apache-2.0\npragma solidity 0.7.5;\nimport \u0027./TransferHelper.sol\u0027;\nimport \u0027./Forwarder.sol\u0027;\nimport \u0027./ERC20Interface.sol\u0027;\n\n/**\n *\n * WalletSimple\n * ============\n *\n * Basic multi-signer wallet designed for use in a co-signing environment where 2 signatures are required to move funds.\n * Typically used in a 2-of-3 signing configuration. Uses ecrecover to allow for 2 signatures in a single transaction.\n *\n * The first signature is created on the operation hash (see Data Formats) and passed to sendMultiSig/sendMultiSigToken\n * The signer is determined by verifyMultiSig().\n *\n * The second signature is created by the submitter of the transaction and determined by msg.signer.\n *\n * Data Formats\n * ============\n *\n * The signature is created with ethereumjs-util.ecsign(operationHash).\n * Like the eth_sign RPC call, it packs the values as a 65-byte array of [r, s, v].\n * Unlike eth_sign, the message is not prefixed.\n *\n * The operationHash the result of keccak256(prefix, toAddress, value, data, expireTime).\n * For ether transactions, `prefix` is \"ETHER\".\n * For token transaction, `prefix` is \"ERC20\" and `data` is the tokenContractAddress.\n *\n *\n */\ncontract WalletSimple {\n // Events\n event Deposited(address from, uint256 value, bytes data);\n event SafeModeActivated(address msgSender);\n event Transacted(\n address msgSender, // Address of the sender of the message initiating the transaction\n address otherSigner, // Address of the signer (second signature) used to initiate the transaction\n bytes32 operation, // Operation hash (see Data Formats)\n address toAddress, // The address the transaction was sent to\n uint256 value, // Amount of Wei sent to the address\n bytes data // Data sent when invoking the transaction\n );\n\n event BatchTransfer(address sender, address recipient, uint256 value);\n // this event shows the other signer and the operation hash that they signed\n // specific batch transfer events are emitted in Batcher\n event BatchTransacted(\n address msgSender, // Address of the sender of the message initiating the transaction\n address otherSigner, // Address of the signer (second signature) used to initiate the transaction\n bytes32 operation // Operation hash (see Data Formats)\n );\n\n // Public fields\n mapping(address =\u003e bool) public signers; // The addresses that can co-sign transactions on the wallet\n bool public safeMode = false; // When active, wallet may only send to signer addresses\n bool public initialized = false; // True if the contract has been initialized\n\n // Internal fields\n uint256 private constant MAX_SEQUENCE_ID_INCREASE = 10000;\n uint256 constant SEQUENCE_ID_WINDOW_SIZE = 10;\n uint256[SEQUENCE_ID_WINDOW_SIZE] recentSequenceIds;\n\n /**\n * Set up a simple multi-sig wallet by specifying the signers allowed to be used on this wallet.\n * 2 signers will be required to send a transaction from this wallet.\n * Note: The sender is NOT automatically added to the list of signers.\n * Signers CANNOT be changed once they are set\n *\n * @param allowedSigners An array of signers on the wallet\n */\n function init(address[] calldata allowedSigners) external onlyUninitialized {\n require(allowedSigners.length == 3, \u0027Invalid number of signers\u0027);\n\n for (uint8 i = 0; i \u003c allowedSigners.length; i++) {\n require(allowedSigners[i] != address(0), \u0027Invalid signer\u0027);\n signers[allowedSigners[i]] = true;\n }\n initialized = true;\n }\n\n /**\n * Get the network identifier that signers must sign over\n * This provides protection signatures being replayed on other chains\n * This must be a virtual function because chain-specific contracts will need\n * to override with their own network ids. It also can\u0027t be a field\n * to allow this contract to be used by proxy with delegatecall, which will\n * not pick up on state variables\n */\n function getNetworkId() internal virtual pure returns (string memory) {\n return \u0027ETHER\u0027;\n }\n\n /**\n * Get the network identifier that signers must sign over for token transfers\n * This provides protection signatures being replayed on other chains\n * This must be a virtual function because chain-specific contracts will need\n * to override with their own network ids. It also can\u0027t be a field\n * to allow this contract to be used by proxy with delegatecall, which will\n * not pick up on state variables\n */\n function getTokenNetworkId() internal virtual pure returns (string memory) {\n return \u0027ERC20\u0027;\n }\n\n /**\n * Get the network identifier that signers must sign over for batch transfers\n * This provides protection signatures being replayed on other chains\n * This must be a virtual function because chain-specific contracts will need\n * to override with their own network ids. It also can\u0027t be a field\n * to allow this contract to be used by proxy with delegatecall, which will\n * not pick up on state variables\n */\n function getBatchNetworkId() internal virtual pure returns (string memory) {\n return \u0027ETHER-Batch\u0027;\n }\n\n /**\n * Determine if an address is a signer on this wallet\n * @param signer address to check\n * returns boolean indicating whether address is signer or not\n */\n function isSigner(address signer) public view returns (bool) {\n return signers[signer];\n }\n\n /**\n * Modifier that will execute internal code block only if the sender is an authorized signer on this wallet\n */\n modifier onlySigner {\n require(isSigner(msg.sender), \u0027Non-signer in onlySigner method\u0027);\n _;\n }\n\n /**\n * Modifier that will execute internal code block only if the contract has not been initialized yet\n */\n modifier onlyUninitialized {\n require(!initialized, \u0027Contract already initialized\u0027);\n _;\n }\n\n /**\n * Gets called when a transaction is received with data that does not match any other method\n */\n fallback() external payable {\n if (msg.value \u003e 0) {\n // Fire deposited event if we are receiving funds\n Deposited(msg.sender, msg.value, msg.data);\n }\n }\n\n /**\n * Gets called when a transaction is received with ether and no data\n */\n receive() external payable {\n if (msg.value \u003e 0) {\n // Fire deposited event if we are receiving funds\n Deposited(msg.sender, msg.value, msg.data);\n }\n }\n\n /**\n * Execute a multi-signature transaction from this wallet using 2 signers: one from msg.sender and the other from ecrecover.\n * Sequence IDs are numbers starting from 1. They are used to prevent replay attacks and may not be repeated.\n *\n * @param toAddress the destination address to send an outgoing transaction\n * @param value the amount in Wei to be sent\n * @param data the data to send to the toAddress when invoking the transaction\n * @param expireTime the number of seconds since 1970 for which this transaction is valid\n * @param sequenceId the unique sequence id obtainable from getNextSequenceId\n * @param signature see Data Formats\n */\n function sendMultiSig(\n address toAddress,\n uint256 value,\n bytes calldata data,\n uint256 expireTime,\n uint256 sequenceId,\n bytes calldata signature\n ) external onlySigner {\n // Verify the other signer\n bytes32 operationHash = keccak256(\n abi.encodePacked(\n getNetworkId(),\n toAddress,\n value,\n data,\n expireTime,\n sequenceId\n )\n );\n\n address otherSigner = verifyMultiSig(\n toAddress,\n operationHash,\n signature,\n expireTime,\n sequenceId\n );\n\n // Success, send the transaction\n (bool success, ) = toAddress.call{ value: value }(data);\n require(success, \u0027Call execution failed\u0027);\n\n emit Transacted(\n msg.sender,\n otherSigner,\n operationHash,\n toAddress,\n value,\n data\n );\n }\n\n /**\n * Execute a batched multi-signature transaction from this wallet using 2 signers: one from msg.sender and the other from ecrecover.\n * Sequence IDs are numbers starting from 1. They are used to prevent replay attacks and may not be repeated.\n * The recipients and values to send are encoded in two arrays, where for index i, recipients[i] will be sent values[i].\n *\n * @param recipients The list of recipients to send to\n * @param values The list of values to send to\n * @param expireTime the number of seconds since 1970 for which this transaction is valid\n * @param sequenceId the unique sequence id obtainable from getNextSequenceId\n * @param signature see Data Formats\n */\n function sendMultiSigBatch(\n address[] calldata recipients,\n uint256[] calldata values,\n uint256 expireTime,\n uint256 sequenceId,\n bytes calldata signature\n ) external onlySigner {\n require(recipients.length != 0, \u0027Not enough recipients\u0027);\n require(\n recipients.length == values.length,\n \u0027Unequal recipients and values\u0027\n );\n require(recipients.length \u003c 256, \u0027Too many recipients, max 255\u0027);\n\n // Verify the other signer\n bytes32 operationHash = keccak256(\n abi.encodePacked(\n getBatchNetworkId(),\n recipients,\n values,\n expireTime,\n sequenceId\n )\n );\n\n // the first parameter (toAddress) is used to ensure transactions in safe mode only go to a signer\n // if in safe mode, we should use normal sendMultiSig to recover, so this check will always fail if in safe mode\n require(!safeMode, \u0027Batch in safe mode\u0027);\n address otherSigner = verifyMultiSig(\n address(0x0),\n operationHash,\n signature,\n expireTime,\n sequenceId\n );\n\n batchTransfer(recipients, values);\n emit BatchTransacted(msg.sender, otherSigner, operationHash);\n }\n\n /**\n * Transfer funds in a batch to each of recipients\n * @param recipients The list of recipients to send to\n * @param values The list of values to send to recipients.\n * The recipient with index i in recipients array will be sent values[i].\n * Thus, recipients and values must be the same length\n */\n function batchTransfer(\n address[] calldata recipients,\n uint256[] calldata values\n ) internal {\n for (uint256 i = 0; i \u003c recipients.length; i++) {\n require(address(this).balance \u003e= values[i], \u0027Insufficient funds\u0027);\n\n (bool success, ) = recipients[i].call{ value: values[i] }(\u0027\u0027);\n require(success, \u0027Call failed\u0027);\n\n emit BatchTransfer(msg.sender, recipients[i], values[i]);\n }\n }\n\n /**\n * Execute a multi-signature token transfer from this wallet using 2 signers: one from msg.sender and the other from ecrecover.\n * Sequence IDs are numbers starting from 1. They are used to prevent replay attacks and may not be repeated.\n *\n * @param toAddress the destination address to send an outgoing transaction\n * @param value the amount in tokens to be sent\n * @param tokenContractAddress the address of the erc20 token contract\n * @param expireTime the number of seconds since 1970 for which this transaction is valid\n * @param sequenceId the unique sequence id obtainable from getNextSequenceId\n * @param signature see Data Formats\n */\n function sendMultiSigToken(\n address toAddress,\n uint256 value,\n address tokenContractAddress,\n uint256 expireTime,\n uint256 sequenceId,\n bytes calldata signature\n ) external onlySigner {\n // Verify the other signer\n bytes32 operationHash = keccak256(\n abi.encodePacked(\n getTokenNetworkId(),\n toAddress,\n value,\n tokenContractAddress,\n expireTime,\n sequenceId\n )\n );\n\n verifyMultiSig(toAddress, operationHash, signature, expireTime, sequenceId);\n\n TransferHelper.safeTransfer(tokenContractAddress, toAddress, value);\n }\n\n /**\n * Execute a token flush from one of the forwarder addresses. This transfer needs only a single signature and can be done by any signer\n *\n * @param forwarderAddress the address of the forwarder address to flush the tokens from\n * @param tokenContractAddress the address of the erc20 token contract\n */\n function flushForwarderTokens(\n address payable forwarderAddress,\n address tokenContractAddress\n ) external onlySigner {\n Forwarder forwarder = Forwarder(forwarderAddress);\n forwarder.flushTokens(tokenContractAddress);\n }\n\n /**\n * Do common multisig verification for both eth sends and erc20token transfers\n *\n * @param toAddress the destination address to send an outgoing transaction\n * @param operationHash see Data Formats\n * @param signature see Data Formats\n * @param expireTime the number of seconds since 1970 for which this transaction is valid\n * @param sequenceId the unique sequence id obtainable from getNextSequenceId\n * returns address that has created the signature\n */\n function verifyMultiSig(\n address toAddress,\n bytes32 operationHash,\n bytes calldata signature,\n uint256 expireTime,\n uint256 sequenceId\n ) private returns (address) {\n address otherSigner = recoverAddressFromSignature(operationHash, signature);\n\n // Verify if we are in safe mode. In safe mode, the wallet can only send to signers\n require(!safeMode || isSigner(toAddress), \u0027External transfer in safe mode\u0027);\n\n // Verify that the transaction has not expired\n require(expireTime \u003e= block.timestamp, \u0027Transaction expired\u0027);\n\n // Try to insert the sequence ID. Will revert if the sequence id was invalid\n tryInsertSequenceId(sequenceId);\n\n require(isSigner(otherSigner), \u0027Invalid signer\u0027);\n\n require(otherSigner != msg.sender, \u0027Signers cannot be equal\u0027);\n\n return otherSigner;\n }\n\n /**\n * Irrevocably puts contract into safe mode. When in this mode, transactions may only be sent to signing addresses.\n */\n function activateSafeMode() external onlySigner {\n safeMode = true;\n SafeModeActivated(msg.sender);\n }\n\n /**\n * Gets signer\u0027s address using ecrecover\n * @param operationHash see Data Formats\n * @param signature see Data Formats\n * returns address recovered from the signature\n */\n function recoverAddressFromSignature(\n bytes32 operationHash,\n bytes memory signature\n ) private pure returns (address) {\n require(signature.length == 65, \u0027Invalid signature - wrong length\u0027);\n\n // We need to unpack the signature, which is given as an array of 65 bytes (like eth.sign)\n bytes32 r;\n bytes32 s;\n uint8 v;\n\n // solhint-disable-next-line\n assembly {\n r := mload(add(signature, 32))\n s := mload(add(signature, 64))\n v := and(mload(add(signature, 65)), 255)\n }\n if (v \u003c 27) {\n v += 27; // Ethereum versions are 27 or 28 as opposed to 0 or 1 which is submitted by some signing libs\n }\n\n // protect against signature malleability\n // S value must be in the lower half orader\n // reference: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/051d340171a93a3d401aaaea46b4b62fa81e5d7c/contracts/cryptography/ECDSA.sol#L53\n require(\n uint256(s) \u003c=\n 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0,\n \"ECDSA: invalid signature \u0027s\u0027 value\"\n );\n\n // note that this returns 0 if the signature is invalid\n // Since 0x0 can never be a signer, when the recovered signer address\n // is checked against our signer list, that 0x0 will cause an invalid signer failure\n return ecrecover(operationHash, v, r, s);\n }\n\n /**\n * Verify that the sequence id has not been used before and inserts it. Throws if the sequence ID was not accepted.\n * We collect a window of up to 10 recent sequence ids, and allow any sequence id that is not in the window and\n * greater than the minimum element in the window.\n * @param sequenceId to insert into array of stored ids\n */\n function tryInsertSequenceId(uint256 sequenceId) private onlySigner {\n // Keep a pointer to the lowest value element in the window\n uint256 lowestValueIndex = 0;\n // fetch recentSequenceIds into memory for function context to avoid unnecessary sloads\n uint256[SEQUENCE_ID_WINDOW_SIZE] memory _recentSequenceIds = recentSequenceIds;\n for (uint256 i = 0; i \u003c SEQUENCE_ID_WINDOW_SIZE; i++) {\n require(_recentSequenceIds[i] != sequenceId, \u0027Sequence ID already used\u0027);\n\n if (_recentSequenceIds[i] \u003c _recentSequenceIds[lowestValueIndex]) {\n lowestValueIndex = i;\n }\n }\n\n // The sequence ID being used is lower than the lowest value in the window\n // so we cannot accept it as it may have been used before\n require(\n sequenceId \u003e _recentSequenceIds[lowestValueIndex],\n \u0027Sequence ID below window\u0027\n );\n\n // Block sequence IDs which are much higher than the lowest value\n // This prevents people blocking the contract by using very large sequence IDs quickly\n require(\n sequenceId \u003c=\n (_recentSequenceIds[lowestValueIndex] + MAX_SEQUENCE_ID_INCREASE),\n \u0027Sequence ID above maximum\u0027\n );\n\n recentSequenceIds[lowestValueIndex] = sequenceId;\n }\n\n /**\n * Gets the next available sequence ID for signing when using executeAndConfirm\n * returns the sequenceId one higher than the highest currently stored\n */\n function getNextSequenceId() public view returns (uint256) {\n uint256 highestSequenceId = 0;\n for (uint256 i = 0; i \u003c SEQUENCE_ID_WINDOW_SIZE; i++) {\n if (recentSequenceIds[i] \u003e highestSequenceId) {\n highestSequenceId = recentSequenceIds[i];\n }\n }\n return highestSequenceId + 1;\n }\n}\n"}}