Transaction Hash:
Block:
22854032 at Jul-05-2025 03:52:47 PM +UTC
Transaction Fee:
0.00029879145485118 ETH
$0.77
Gas Used:
201,510 Gas / 1.482762418 Gwei
Emitted Events:
| 139 |
TransparentUpgradeableProxy.0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef( 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef, 0x0000000000000000000000005cb1316c8374b57a8dc01d59abddb03151a086d4, 0x000000000000000000000000e1b4d34e8754600962cd944b535180bd758e6c2e, 0000000000000000000000000000000000000000000000000007d0e36a818000 )
|
| 140 |
TransparentUpgradeableProxy.0xf60d67b14614c8984f880fd3b3bc7ddc3c2913656340f454bf0c7431152bbda6( 0xf60d67b14614c8984f880fd3b3bc7ddc3c2913656340f454bf0c7431152bbda6, 0000000000000000000000005cb1316c8374b57a8dc01d59abddb03151a086d4, 0000000000000000000000005cb1316c8374b57a8dc01d59abddb03151a086d4, 0000000000000000000000000000000000000000000000000007d0e36a818000, 0000000000000000000000000000000000000000000000000007b6f03f0ffe72, 0000000000000000000000000000000000000000000000000000000000000000, 00000000000000000000000000000000000000000000000000000000000007e9, 0000000000000000000000000000000000000000000000000000000000000007, 0000000000000000000000000000000000000000000000000000000000000007 )
|
Account State Difference:
| Address | Before | After | State Difference | ||
|---|---|---|---|---|---|
| 0x5CB1316C...151A086d4 |
0.002606254659113623 Eth
Nonce: 1
|
0.002307463204262443 Eth
Nonce: 2
| 0.00029879145485118 | ||
|
0xdadB0d80...24f783711
Miner
| (BuilderNet) | 29.345072165728972999 Eth | 29.345273675728972999 Eth | 0.00020151 | |
| 0xe1B4d34E...d758E6c2e |
Execution Trace
TransparentUpgradeableProxy.7d41c86e( )
TransparentUpgradeableProxy.7d41c86e( )
LendingPool.requestRedeem( shares=2200000000000000, receiverAddr=0x5CB1316C8374b57a8dc01D59aBddB03151A086d4, holderAddr=0x5CB1316C8374b57a8dc01D59aBddB03151A086d4 ) => ( assets=2171467803393650, claimableEpoch=1751900400 )
TransparentUpgradeableProxy.requestRedeem[LendingPool (ln:2827)]
_registerRedeemRequest[LendingPool (ln:2840)]_claim[LendingPool (ln:2845)]
File 1 of 4: TransparentUpgradeableProxy
File 2 of 4: LendingPool
File 3 of 4: TransparentUpgradeableProxy
File 4 of 4: RSETH
// SPDX-License-Identifier: BUSL-1.1
pragma solidity >= 0.8.26;
// OpenZeppelin Contracts v4.4.1 (proxy/transparent/ProxyAdmin.sol)
// OpenZeppelin Contracts (last updated v4.7.0) (proxy/transparent/TransparentUpgradeableProxy.sol)
// OpenZeppelin Contracts (last updated v4.7.0) (proxy/ERC1967/ERC1967Proxy.sol)
// OpenZeppelin Contracts (last updated v4.6.0) (proxy/Proxy.sol)
/**
* @dev This abstract contract provides a fallback function that delegates all calls to another contract using the EVM
* instruction `delegatecall`. We refer to the second contract as the _implementation_ behind the proxy, and it has to
* be specified by overriding the virtual {_implementation} function.
*
* Additionally, delegation to the implementation can be triggered manually through the {_fallback} function, or to a
* different contract through the {_delegate} function.
*
* The success and return data of the delegated call will be returned back to the caller of the proxy.
*/
abstract contract Proxy {
/**
* @dev Delegates the current call to `implementation`.
*
* This function does not return to its internal call site, it will return directly to the external caller.
*/
function _delegate(address implementation) internal virtual {
assembly {
// Copy msg.data. We take full control of memory in this inline assembly
// block because it will not return to Solidity code. We overwrite the
// Solidity scratch pad at memory position 0.
calldatacopy(0, 0, calldatasize())
// Call the implementation.
// out and outsize are 0 because we don't know the size yet.
let result := delegatecall(gas(), implementation, 0, calldatasize(), 0, 0)
// Copy the returned data.
returndatacopy(0, 0, returndatasize())
switch result
// delegatecall returns 0 on error.
case 0 {
revert(0, returndatasize())
}
default {
return(0, returndatasize())
}
}
}
/**
* @dev This is a virtual function that should be overridden so it returns the address to which the fallback function
* and {_fallback} should delegate.
*/
function _implementation() internal view virtual returns (address);
/**
* @dev Delegates the current call to the address returned by `_implementation()`.
*
* This function does not return to its internal call site, it will return directly to the external caller.
*/
function _fallback() internal virtual {
_beforeFallback();
_delegate(_implementation());
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if no other
* function in the contract matches the call data.
*/
fallback() external payable virtual {
_fallback();
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if call data
* is empty.
*/
receive() external payable virtual {
_fallback();
}
/**
* @dev Hook that is called before falling back to the implementation. Can happen as part of a manual `_fallback`
* call, or as part of the Solidity `fallback` or `receive` functions.
*
* If overridden should call `super._beforeFallback()`.
*/
function _beforeFallback() internal virtual {}
}
// OpenZeppelin Contracts (last updated v4.5.0) (proxy/ERC1967/ERC1967Upgrade.sol)
// OpenZeppelin Contracts v4.4.1 (proxy/beacon/IBeacon.sol)
/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/
interface IBeacon {
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {BeaconProxy} will check that this address is a contract.
*/
function implementation() external view returns (address);
}
// OpenZeppelin Contracts (last updated v4.5.0) (interfaces/draft-IERC1822.sol)
/**
* @dev ERC1822: Universal Upgradeable Proxy Standard (UUPS) documents a method for upgradeability through a simplified
* proxy whose upgrades are fully controlled by the current implementation.
*/
interface IERC1822Proxiable {
/**
* @dev Returns the storage slot that the proxiable contract assumes is being used to store the implementation
* address.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy.
*/
function proxiableUUID() external view returns (bytes32);
}
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
// OpenZeppelin Contracts (last updated v4.7.0) (utils/StorageSlot.sol)
// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```solidity
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, `uint256`._
* _Available since v4.9 for `string`, `bytes`._
*/
library StorageSlot {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
struct StringSlot {
string value;
}
struct BytesSlot {
bytes value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` with member `value` located at `slot`.
*/
function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` representation of the string storage pointer `store`.
*/
function getStringSlot(string storage store) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
/**
* @dev Returns an `BytesSlot` with member `value` located at `slot`.
*/
function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.
*/
function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
}
/**
* @dev This abstract contract provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots.
*
* _Available since v4.1._
*/
abstract contract ERC1967Upgrade {
// This is the keccak-256 hash of "eip1967.proxy.rollback" subtracted by 1
bytes32 private constant _ROLLBACK_SLOT = 0x4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd9143;
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Emitted when the implementation is upgraded.
*/
event Upgraded(address indexed implementation);
/**
* @dev Returns the current implementation address.
*/
function _getImplementation() internal view returns (address) {
return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/
function _setImplementation(address newImplementation) private {
require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
}
/**
* @dev Perform implementation upgrade
*
* Emits an {Upgraded} event.
*/
function _upgradeTo(address newImplementation) internal {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Perform implementation upgrade with additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCall(address newImplementation, bytes memory data, bool forceCall) internal {
_upgradeTo(newImplementation);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(newImplementation, data);
}
}
/**
* @dev Perform implementation upgrade with security checks for UUPS proxies, and additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCallUUPS(address newImplementation, bytes memory data, bool forceCall) internal {
// Upgrades from old implementations will perform a rollback test. This test requires the new
// implementation to upgrade back to the old, non-ERC1822 compliant, implementation. Removing
// this special case will break upgrade paths from old UUPS implementation to new ones.
if (StorageSlot.getBooleanSlot(_ROLLBACK_SLOT).value) {
_setImplementation(newImplementation);
} else {
try IERC1822Proxiable(newImplementation).proxiableUUID() returns (bytes32 slot) {
require(slot == _IMPLEMENTATION_SLOT, "ERC1967Upgrade: unsupported proxiableUUID");
} catch {
revert("ERC1967Upgrade: new implementation is not UUPS");
}
_upgradeToAndCall(newImplementation, data, forceCall);
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Emitted when the admin account has changed.
*/
event AdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Returns the current admin.
*/
function _getAdmin() internal view returns (address) {
return StorageSlot.getAddressSlot(_ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 admin slot.
*/
function _setAdmin(address newAdmin) private {
require(newAdmin != address(0), "ERC1967: new admin is the zero address");
StorageSlot.getAddressSlot(_ADMIN_SLOT).value = newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*/
function _changeAdmin(address newAdmin) internal {
emit AdminChanged(_getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is bytes32(uint256(keccak256('eip1967.proxy.beacon')) - 1)) and is validated in the constructor.
*/
bytes32 internal constant _BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Emitted when the beacon is upgraded.
*/
event BeaconUpgraded(address indexed beacon);
/**
* @dev Returns the current beacon.
*/
function _getBeacon() internal view returns (address) {
return StorageSlot.getAddressSlot(_BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the EIP1967 beacon slot.
*/
function _setBeacon(address newBeacon) private {
require(Address.isContract(newBeacon), "ERC1967: new beacon is not a contract");
require(
Address.isContract(IBeacon(newBeacon).implementation()),
"ERC1967: beacon implementation is not a contract"
);
StorageSlot.getAddressSlot(_BEACON_SLOT).value = newBeacon;
}
/**
* @dev Perform beacon upgrade with additional setup call. Note: This upgrades the address of the beacon, it does
* not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that).
*
* Emits a {BeaconUpgraded} event.
*/
function _upgradeBeaconToAndCall(address newBeacon, bytes memory data, bool forceCall) internal {
_setBeacon(newBeacon);
emit BeaconUpgraded(newBeacon);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(IBeacon(newBeacon).implementation(), data);
}
}
}
/**
* @dev This contract implements an upgradeable proxy. It is upgradeable because calls are delegated to an
* implementation address that can be changed. This address is stored in storage in the location specified by
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967], so that it doesn't conflict with the storage layout of the
* implementation behind the proxy.
*/
contract ERC1967Proxy is Proxy, ERC1967Upgrade {
/**
* @dev Initializes the upgradeable proxy with an initial implementation specified by `_logic`.
*
* If `_data` is nonempty, it's used as data in a delegate call to `_logic`. This will typically be an encoded
* function call, and allows initializing the storage of the proxy like a Solidity constructor.
*/
constructor(address _logic, bytes memory _data) payable {
_upgradeToAndCall(_logic, _data, false);
}
/**
* @dev Returns the current implementation address.
*/
function _implementation() internal view virtual override returns (address impl) {
return ERC1967Upgrade._getImplementation();
}
}
/**
* @dev This contract implements a proxy that is upgradeable by an admin.
*
* To avoid https://medium.com/nomic-labs-blog/malicious-backdoors-in-ethereum-proxies-62629adf3357[proxy selector
* clashing], which can potentially be used in an attack, this contract uses the
* https://blog.openzeppelin.com/the-transparent-proxy-pattern/[transparent proxy pattern]. This pattern implies two
* things that go hand in hand:
*
* 1. If any account other than the admin calls the proxy, the call will be forwarded to the implementation, even if
* that call matches one of the admin functions exposed by the proxy itself.
* 2. If the admin calls the proxy, it can access the admin functions, but its calls will never be forwarded to the
* implementation. If the admin tries to call a function on the implementation it will fail with an error that says
* "admin cannot fallback to proxy target".
*
* These properties mean that the admin account can only be used for admin actions like upgrading the proxy or changing
* the admin, so it's best if it's a dedicated account that is not used for anything else. This will avoid headaches due
* to sudden errors when trying to call a function from the proxy implementation.
*
* Our recommendation is for the dedicated account to be an instance of the {ProxyAdmin} contract. If set up this way,
* you should think of the `ProxyAdmin` instance as the real administrative interface of your proxy.
*/
contract TransparentUpgradeableProxy is ERC1967Proxy {
/**
* @dev Initializes an upgradeable proxy managed by `_admin`, backed by the implementation at `_logic`, and
* optionally initialized with `_data` as explained in {ERC1967Proxy-constructor}.
*/
constructor(address _logic, address admin_, bytes memory _data) payable ERC1967Proxy(_logic, _data) {
_changeAdmin(admin_);
}
/**
* @dev Modifier used internally that will delegate the call to the implementation unless the sender is the admin.
*/
modifier ifAdmin() {
if (msg.sender == _getAdmin()) {
_;
} else {
_fallback();
}
}
/**
* @dev Returns the current admin.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyAdmin}.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`
*/
function admin() external payable ifAdmin returns (address admin_) {
_requireZeroValue();
admin_ = _getAdmin();
}
/**
* @dev Returns the current implementation.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyImplementation}.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc`
*/
function implementation() external payable ifAdmin returns (address implementation_) {
_requireZeroValue();
implementation_ = _implementation();
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-changeProxyAdmin}.
*/
function changeAdmin(address newAdmin) external payable virtual ifAdmin {
_requireZeroValue();
_changeAdmin(newAdmin);
}
/**
* @dev Upgrade the implementation of the proxy.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-upgrade}.
*/
function upgradeTo(address newImplementation) external payable ifAdmin {
_requireZeroValue();
_upgradeToAndCall(newImplementation, bytes(""), false);
}
/**
* @dev Upgrade the implementation of the proxy, and then call a function from the new implementation as specified
* by `data`, which should be an encoded function call. This is useful to initialize new storage variables in the
* proxied contract.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-upgradeAndCall}.
*/
function upgradeToAndCall(address newImplementation, bytes calldata data) external payable ifAdmin {
_upgradeToAndCall(newImplementation, data, true);
}
/**
* @dev Returns the current admin.
*/
function _admin() internal view virtual returns (address) {
return _getAdmin();
}
/**
* @dev Makes sure the admin cannot access the fallback function. See {Proxy-_beforeFallback}.
*/
function _beforeFallback() internal virtual override {
require(msg.sender != _getAdmin(), "TransparentUpgradeableProxy: admin cannot fallback to proxy target");
super._beforeFallback();
}
/**
* @dev To keep this contract fully transparent, all `ifAdmin` functions must be payable. This helper is here to
* emulate some proxy functions being non-payable while still allowing value to pass through.
*/
function _requireZeroValue() private {
require(msg.value == 0);
}
}
// OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol)
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
/**
* @dev This is an auxiliary contract meant to be assigned as the admin of a {TransparentUpgradeableProxy}. For an
* explanation of why you would want to use this see the documentation for {TransparentUpgradeableProxy}.
*/
contract ProxyAdmin is Ownable {
/**
* @dev Returns the current implementation of `proxy`.
*
* Requirements:
*
* - This contract must be the admin of `proxy`.
*/
function getProxyImplementation(TransparentUpgradeableProxy proxy) public view virtual returns (address) {
// We need to manually run the static call since the getter cannot be flagged as view
// bytes4(keccak256("implementation()")) == 0x5c60da1b
(bool success, bytes memory returndata) = address(proxy).staticcall(hex"5c60da1b");
require(success);
return abi.decode(returndata, (address));
}
/**
* @dev Returns the current admin of `proxy`.
*
* Requirements:
*
* - This contract must be the admin of `proxy`.
*/
function getProxyAdmin(TransparentUpgradeableProxy proxy) public view virtual returns (address) {
// We need to manually run the static call since the getter cannot be flagged as view
// bytes4(keccak256("admin()")) == 0xf851a440
(bool success, bytes memory returndata) = address(proxy).staticcall(hex"f851a440");
require(success);
return abi.decode(returndata, (address));
}
/**
* @dev Changes the admin of `proxy` to `newAdmin`.
*
* Requirements:
*
* - This contract must be the current admin of `proxy`.
*/
function changeProxyAdmin(TransparentUpgradeableProxy proxy, address newAdmin) public virtual onlyOwner {
proxy.changeAdmin(newAdmin);
}
/**
* @dev Upgrades `proxy` to `implementation`. See {TransparentUpgradeableProxy-upgradeTo}.
*
* Requirements:
*
* - This contract must be the admin of `proxy`.
*/
function upgrade(TransparentUpgradeableProxy proxy, address implementation) public virtual onlyOwner {
proxy.upgradeTo(implementation);
}
/**
* @dev Upgrades `proxy` to `implementation` and calls a function on the new implementation. See
* {TransparentUpgradeableProxy-upgradeToAndCall}.
*
* Requirements:
*
* - This contract must be the admin of `proxy`.
*/
function upgradeAndCall(
TransparentUpgradeableProxy proxy,
address implementation,
bytes memory data
) public payable virtual onlyOwner {
proxy.upgradeToAndCall{value: msg.value}(implementation, data);
}
}
// OpenZeppelin Contracts (last updated v4.8.0) (security/ReentrancyGuard.sol)
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant _NOT_ENTERED = 1;
uint256 private constant _ENTERED = 2;
uint256 private _status;
constructor() {
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be _NOT_ENTERED
require(_status != _ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
/**
* @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
* `nonReentrant` function in the call stack.
*/
function _reentrancyGuardEntered() internal view returns (bool) {
return _status == _ENTERED;
}
}
/**
* @title Represents a factory of transparent proxies.
*/
contract ProxyFactory is ReentrancyGuard, Ownable {
constructor(address ownerAddr) {
_transferOwnership(ownerAddr);
}
/**
* @notice This event is triggered when a new proxy is deployed.
* @param adminAddress The address of the proxy admin.
* @param proxyAddress The address of the transparent proxy.
*/
event OnProxyDeployed (address adminAddress, address proxyAddress);
/**
* @notice Deploys a transparent proxy.
* @dev This function can be called by the owner only.
* @param adminSalt The salt of the Proxy Admin
* @param proxySalt The salt of the Transparent Proxy
* @param implementationAddr The implementation address
* @param proxyOwnerAddr The owner of the Proxy Admin
* @param initData The initialization data
* @return The address of the Proxy Admin contract.
* @return The address of the transparent proxy.
*/
function deploy (
bytes32 adminSalt,
bytes32 proxySalt,
address implementationAddr,
address proxyOwnerAddr,
bytes memory initData
) external nonReentrant onlyOwner returns (address, address) {
// Basic check of input parameters
require(adminSalt != bytes32(0), "Admin salt required");
require(proxySalt != bytes32(0), "Proxy salt required");
require(implementationAddr != address(0) && implementationAddr != address(this), "Invalid logic address");
// Get the predictable address of both the proxy and the proxy admin
(address adminContractAddr, address proxyContractAddr) = getDeploymentAddress(adminSalt, proxySalt, implementationAddr, initData);
// Make sure the contract addresses above were not taken
require(adminContractAddr.code.length == 0, "Admin address already taken");
require(proxyContractAddr.code.length == 0, "Proxy address already taken");
// Deploy the proxy admin
ProxyAdmin adminInstance = (new ProxyAdmin){salt: adminSalt}();
require(address(adminInstance) == adminContractAddr, "Admin deploy failed");
// Deploy the transparent proxy
TransparentUpgradeableProxy proxy = (new TransparentUpgradeableProxy){salt: proxySalt}(implementationAddr, address(adminInstance), initData);
require(address(proxy) == proxyContractAddr, "Proxy deploy failed");
// Transfer ownership of the Proxy Admin
adminInstance.transferOwnership(proxyOwnerAddr);
emit OnProxyDeployed(address(adminInstance), address(proxy));
return (adminContractAddr, proxyContractAddr);
}
/**
* @notice Calculates the deployment address of the proxy specified.
* @param adminSalt The salt of the Proxy Admin
* @param proxySalt The salt of the Transparent Proxy
* @param implementationAddr The implementation address
* @param initData The initialization data
* @return adminContractAddr The address of the proxy admin
* @return proxyContractAddr The address of the transparent proxy
*/
function getDeploymentAddress (bytes32 adminSalt, bytes32 proxySalt, address implementationAddr, bytes memory initData) public view returns (address adminContractAddr, address proxyContractAddr) {
adminContractAddr = address(uint160(uint256(
keccak256(abi.encodePacked(bytes1(0xff), address(this), adminSalt, keccak256(type(ProxyAdmin).creationCode)))
)));
proxyContractAddr = address(uint160(uint256(
keccak256(abi.encodePacked(bytes1(0xff), address(this), proxySalt, keccak256(
abi.encodePacked(type(TransparentUpgradeableProxy).creationCode, abi.encode(implementationAddr, adminContractAddr, initData))
)))
)));
}
}File 2 of 4: LendingPool
// SPDX-License-Identifier: BUSL-1.1
pragma solidity >= 0.8.26;
struct LoanDeploymentParams {
uint256 fundingPeriodInSeconds;
uint256 newPaymentIntervalInSeconds;
uint256 newLoanAmountInPrincipalTokens;
uint256 originationFeePercent2Decimals;
uint256 newAprWithTwoDecimals;
uint256 initialCollateralRatioWith2Decimals;
uint256 maintenanceCollateralRatioWith2Decimals;
uint256 lateInterestFee;
uint256 latePrincipalFee;
uint256 expiryInfo;
string loanTypeInfo;
address lenderAddr;
address borrowerAddr;
address newCollateralToken;
address newPrincipalToken;
address feesManagerAddr;
address priceOracleAddress;
address feesCollectorAddress;
address categoryFeesAdress;
bool allowSeizeCollateral;
}
struct LoanRecord {
address lenderAddr;
address borrowerAddr;
address principalTokenAddr;
address collateralTokenAddr;
uint256 loanAmount;
uint256 initialApr;
uint256 paymentInterval;
}
struct FeeData {
address feeTokenAddr; // The token address. This is used when the offset is not available (offset = 0).
uint256 feeTokenOffset; // The offset of the token, if any.
uint256 amountOffset; // The offset of the amount.
uint256 feeWithTwoDecimals; // The applicable fee, expressed with 2 decimal places.
}
struct CallCheck {
uint8 checkType;
address contractAddr;
uint256 numericVal;
address contractAddr2;
uint256 numericVal2;
}
struct ModuleFee {
address tokenAddress;
uint256 dstAmount;
uint256 dstPercent;
}
struct ModuleResponse {
uint256[] targetCallValues;
address[] targetAddresses;
bytes[] targetPayloads;
CallCheck[] checks;
ModuleFee[] feesBefore;
ModuleFee[] feesAfter;
}
interface IPermissionlessLoansDeployer {
/**
* @notice Triggers when a new loan is deployed.
* @param loanAddr The address of the newly deployed loan.
* @param lenderAddr The lender.
* @param borrowerAddr The borrower.
*/
event PermissionlessLoanDeployed(address indexed loanAddr, address indexed lenderAddr, address indexed borrowerAddr);
function deployLoan(LoanDeploymentParams calldata loanParams) external returns (address);
}
interface IHookableLender {
function notifyLoanClosed() external;
function notifyLoanMatured() external;
function notifyPrincipalRepayment(uint256 effectiveLoanAmount, uint256 principalRepaid) external;
}
// ---------------------------------------------------------------
// States of a loan
// ---------------------------------------------------------------
uint8 constant LOAN_PREAPPROVED = 1; // The loan was pre-approved by the lender
uint8 constant LOAN_FUNDING_REQUIRED = 2; // The loan was accepted by the borrower. Waiting for the lender to fund the loan.
uint8 constant LOAN_FUNDED = 3; // The loan was funded.
uint8 constant LOAN_ACTIVE = 4; // The loan is active.
uint8 constant LOAN_CANCELLED = 5; // The lender failed to fund the loan and the borrower claimed their collateral.
uint8 constant LOAN_MATURED = 6; // The loan matured. It was liquidated by the lender.
uint8 constant LOAN_CLOSED = 7; // The loan was closed normally.
interface IPeerToPeerOpenTermLoan {
// Functions available to the lender only
function fundLoan() external;
function callLoan(uint256 callbackPeriodInSeconds, uint256 gracePeriodInSeconds) external;
function liquidate() external;
function proposeNewApr(uint256 newAprWithTwoDecimals) external;
function changeOracle(address newOracle) external;
function changeLateFees(uint256 lateInterestFeeWithTwoDecimals, uint256 latePrincipalFeeWithTwoDecimals) external;
function changeMaintenanceCollateralRatio(uint256 maintenanceCollateralRatioWith2Decimals) external;
function seizeCollateral(uint256 amount) external;
function returnCollateral(uint256 depositAmount) external;
// Functions available to the borrower only
function acceptApr() external;
function borrowerCommitment() external;
function claimCollateral() external;
function repay(uint256 paymentAmount) external;
function repayInterests() external;
function repayPrincipal(uint256 paymentAmount) external;
// The minimum views of a loan
function lender() external view returns (address);
function borrower() external view returns (address);
function principalToken() external view returns (address);
function collateralToken() external view returns (address);
function loanState() external view returns (uint8);
function currentApr() external view returns (uint256);
function effectiveLoanAmount() external view returns (uint256);
function getCollateralRequirements() external view returns (uint256 initialCollateralAmount, uint256 maintenanceCollateralAmount);
function getDebt() external view returns (
uint256 currentBillingCycle,
uint256 cyclesSinceLastAprUpdate,
uint256 interestOwed,
uint256 applicableLateFee,
uint256 minPaymentAmount,
uint256 maxPaymentAmount
);
}
abstract contract BaseOwnable {
address internal _owner;
/**
* @notice Triggers when contract ownership changes.
* @param previousOwner The previous owner of the contract.
* @param newOwner The new owner of the contract.
*/
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
require(msg.sender == _owner, "Caller is not the owner");
_;
}
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
library DateUtils {
// The number of seconds per day
uint256 internal constant SECONDS_PER_DAY = 24 * 60 * 60;
// The number of seconds per hour
uint256 internal constant SECONDS_PER_HOUR = 60 * 60;
// The number of seconds per minute
uint256 internal constant SECONDS_PER_MINUTE = 60;
// The offset from 01/01/1970
int256 internal constant OFFSET19700101 = 2440588;
function timestampToDate(uint256 ts) internal pure returns (uint256 year, uint256 month, uint256 day) {
(year, month, day) = _daysToDate(ts / SECONDS_PER_DAY);
}
function timestampToDateTime(uint256 timestamp) internal pure returns (uint256 year, uint256 month, uint256 day, uint256 hour, uint256 minute, uint256 second) {
(year, month, day) = _daysToDate(timestamp / SECONDS_PER_DAY);
uint256 secs = timestamp % SECONDS_PER_DAY;
hour = secs / SECONDS_PER_HOUR;
secs = secs % SECONDS_PER_HOUR;
minute = secs / SECONDS_PER_MINUTE;
second = secs % SECONDS_PER_MINUTE;
}
function timestampFromDateTime(uint256 year, uint256 month, uint256 day, uint256 hour, uint256 minute, uint256 second) internal pure returns (uint256 timestamp) {
timestamp = _daysFromDate(year, month, day) * SECONDS_PER_DAY + hour * SECONDS_PER_HOUR + minute * SECONDS_PER_MINUTE + second;
}
/**
* @notice Calculate year/month/day from the number of days since 1970/01/01 using the date conversion algorithm from http://aa.usno.navy.mil/faq/docs/JD_Formula.php and adding the offset 2440588 so that 1970/01/01 is day 0
* @dev Taken from https://github.com/bokkypoobah/BokkyPooBahsDateTimeLibrary/blob/master/contracts/BokkyPooBahsDateTimeLibrary.sol
* @param _days The year
* @return year The year
* @return month The month
* @return day The day
*/
function _daysToDate (uint256 _days) internal pure returns (uint256 year, uint256 month, uint256 day) {
int256 __days = int256(_days);
int256 x = __days + 68569 + OFFSET19700101;
int256 n = 4 * x / 146097;
x = x - (146097 * n + 3) / 4;
int256 _year = 4000 * (x + 1) / 1461001;
x = x - 1461 * _year / 4 + 31;
int256 _month = 80 * x / 2447;
int256 _day = x - 2447 * _month / 80;
x = _month / 11;
_month = _month + 2 - 12 * x;
_year = 100 * (n - 49) + _year + x;
year = uint256(_year);
month = uint256(_month);
day = uint256(_day);
}
/**
* @notice Calculates the number of days from 1970/01/01 to year/month/day using the date conversion algorithm from http://aa.usno.navy.mil/faq/docs/JD_Formula.php and subtracting the offset 2440588 so that 1970/01/01 is day 0
* @dev Taken from https://github.com/bokkypoobah/BokkyPooBahsDateTimeLibrary/blob/master/contracts/BokkyPooBahsDateTimeLibrary.sol
* @param year The year
* @param month The month
* @param day The day
* @return _days Returns the number of days
*/
function _daysFromDate (uint256 year, uint256 month, uint256 day) internal pure returns (uint256 _days) {
require(year >= 1970, "Error");
int256 _year = int256(year);
int256 _month = int256(month);
int256 _day = int256(day);
int256 __days = _day
- 32075
+ 1461 * (_year + 4800 + (_month - 14) / 12) / 4
+ 367 * (_month - 2 - (_month - 14) / 12 * 12) / 12
- 3 * ((_year + 4900 + (_month - 14) / 12) / 100) / 4
- OFFSET19700101;
_days = uint256(__days);
}
}
// OpenZeppelin Contracts (last updated v4.7.0) (utils/math/Math.sol)
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library MathUpgradeable {
enum Rounding {
Down, // Toward negative infinity
Up, // Toward infinity
Zero // Toward zero
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds up instead
* of rounding down.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
* with further edits by Uniswap Labs also under MIT license.
*/
function mulDiv(
uint256 x,
uint256 y,
uint256 denominator
) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod0 := mul(x, y)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
require(denominator > prod1);
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.
// See https://cs.stackexchange.com/q/138556/92363.
// Does not overflow because the denominator cannot be zero at this stage in the function.
uint256 twos = denominator & (~denominator + 1);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works
// in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(
uint256 x,
uint256 y,
uint256 denominator,
Rounding rounding
) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10**64) {
value /= 10**64;
result += 64;
}
if (value >= 10**32) {
value /= 10**32;
result += 32;
}
if (value >= 10**16) {
value /= 10**16;
result += 16;
}
if (value >= 10**8) {
value /= 10**8;
result += 8;
}
if (value >= 10**4) {
value /= 10**4;
result += 4;
}
if (value >= 10**2) {
value /= 10**2;
result += 2;
}
if (value >= 10**1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (rounding == Rounding.Up && 10**result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256, rounded down, of a positive value.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (rounding == Rounding.Up && 1 << (result << 3) < value ? 1 : 0);
}
}
}
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/utils/SafeERC20.sol)
// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 amount) external returns (bool);
}
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Permit.sol)
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(IERC20 token, address spender, uint256 value) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
require(
(value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 newAllowance = token.allowance(address(this), spender) + value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
uint256 newAllowance = oldAllowance - value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
}
function safePermit(
IERC20Permit token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal {
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length > 0) {
// Return data is optional
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}
/**
* @dev Interface of the ERC4626 "Tokenized Vault Standard", as defined in
* https://eips.ethereum.org/EIPS/eip-4626[ERC-4626].
*
* _Available since v4.7._
*/
interface IERC4626 {
/// @notice Triggers when an account deposits funds in the contract
event Deposit(address indexed sender, address indexed owner, uint256 assets, uint256 shares);
event Withdraw(
address indexed sender,
address indexed receiver,
address indexed owner,
uint256 assets,
uint256 shares
);
/**
* @dev Returns the address of the underlying token used for the Vault for accounting, depositing, and withdrawing.
*
* - MUST be an ERC-20 token contract.
* - MUST NOT revert.
*/
function asset() external view returns (address assetTokenAddress);
/**
* @dev Returns the total amount of the underlying asset that is “managed” by Vault.
*
* - SHOULD include any compounding that occurs from yield.
* - MUST be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT revert.
*/
function totalAssets() external view returns (uint256 totalManagedAssets);
/**
* @dev Returns the amount of shares that the Vault would exchange for the amount of assets provided, in an ideal
* scenario where all the conditions are met.
*
* - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT show any variations depending on the caller.
* - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
* - MUST NOT revert.
*
* NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
* “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
* from.
*/
function convertToShares(uint256 assets) external view returns (uint256 shares);
/**
* @dev Returns the amount of assets that the Vault would exchange for the amount of shares provided, in an ideal
* scenario where all the conditions are met.
*
* - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT show any variations depending on the caller.
* - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
* - MUST NOT revert.
*
* NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
* “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
* from.
*/
function convertToAssets(uint256 shares) external view returns (uint256 assets);
/**
* @dev Returns the maximum amount of the underlying asset that can be deposited into the Vault for the receiver,
* through a deposit call.
*
* - MUST return a limited value if receiver is subject to some deposit limit.
* - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of assets that may be deposited.
* - MUST NOT revert.
*/
function maxDeposit(address receiver) external view returns (uint256 maxAssets);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their deposit at the current block, given
* current on-chain conditions.
*
* - MUST return as close to and no more than the exact amount of Vault shares that would be minted in a deposit
* call in the same transaction. I.e. deposit should return the same or more shares as previewDeposit if called
* in the same transaction.
* - MUST NOT account for deposit limits like those returned from maxDeposit and should always act as though the
* deposit would be accepted, regardless if the user has enough tokens approved, etc.
* - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToShares and previewDeposit SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by depositing.
*/
function previewDeposit(uint256 assets) external view returns (uint256 shares);
/**
* @dev Mints shares Vault shares to receiver by depositing exactly amount of underlying tokens.
*
* - MUST emit the Deposit event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* deposit execution, and are accounted for during deposit.
* - MUST revert if all of assets cannot be deposited (due to deposit limit being reached, slippage, the user not
* approving enough underlying tokens to the Vault contract, etc).
*
* NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
*/
function deposit(uint256 assets, address receiver) external returns (uint256 shares);
/**
* @dev Returns the maximum amount of the Vault shares that can be minted for the receiver, through a mint call.
* - MUST return a limited value if receiver is subject to some mint limit.
* - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of shares that may be minted.
* - MUST NOT revert.
*/
function maxMint(address receiver) external view returns (uint256 maxShares);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their mint at the current block, given
* current on-chain conditions.
*
* - MUST return as close to and no fewer than the exact amount of assets that would be deposited in a mint call
* in the same transaction. I.e. mint should return the same or fewer assets as previewMint if called in the
* same transaction.
* - MUST NOT account for mint limits like those returned from maxMint and should always act as though the mint
* would be accepted, regardless if the user has enough tokens approved, etc.
* - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToAssets and previewMint SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by minting.
*/
function previewMint(uint256 shares) external view returns (uint256 assets);
/**
* @dev Mints exactly shares Vault shares to receiver by depositing amount of underlying tokens.
*
* - MUST emit the Deposit event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the mint
* execution, and are accounted for during mint.
* - MUST revert if all of shares cannot be minted (due to deposit limit being reached, slippage, the user not
* approving enough underlying tokens to the Vault contract, etc).
*
* NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
*/
function mint(uint256 shares, address receiver) external returns (uint256 assets);
/**
* @dev Returns the maximum amount of the underlying asset that can be withdrawn from the owner balance in the
* Vault, through a withdraw call.
*
* - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
* - MUST NOT revert.
*/
function maxWithdraw(address owner) external view returns (uint256 maxAssets);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their withdrawal at the current block,
* given current on-chain conditions.
*
* - MUST return as close to and no fewer than the exact amount of Vault shares that would be burned in a withdraw
* call in the same transaction. I.e. withdraw should return the same or fewer shares as previewWithdraw if
* called
* in the same transaction.
* - MUST NOT account for withdrawal limits like those returned from maxWithdraw and should always act as though
* the withdrawal would be accepted, regardless if the user has enough shares, etc.
* - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToShares and previewWithdraw SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by depositing.
*/
function previewWithdraw(uint256 assets) external view returns (uint256 shares);
/**
* @dev Burns shares from owner and sends exactly assets of underlying tokens to receiver.
*
* - MUST emit the Withdraw event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* withdraw execution, and are accounted for during withdraw.
* - MUST revert if all of assets cannot be withdrawn (due to withdrawal limit being reached, slippage, the owner
* not having enough shares, etc).
*
* Note that some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
* Those methods should be performed separately.
*/
function withdraw(
uint256 assets,
address receiver,
address owner
) external returns (uint256 shares);
/**
* @dev Returns the maximum amount of Vault shares that can be redeemed from the owner balance in the Vault,
* through a redeem call.
*
* - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
* - MUST return balanceOf(owner) if owner is not subject to any withdrawal limit or timelock.
* - MUST NOT revert.
*/
function maxRedeem(address owner) external view returns (uint256 maxShares);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their redeemption at the current block,
* given current on-chain conditions.
*
* - MUST return as close to and no more than the exact amount of assets that would be withdrawn in a redeem call
* in the same transaction. I.e. redeem should return the same or more assets as previewRedeem if called in the
* same transaction.
* - MUST NOT account for redemption limits like those returned from maxRedeem and should always act as though the
* redemption would be accepted, regardless if the user has enough shares, etc.
* - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToAssets and previewRedeem SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by redeeming.
*/
function previewRedeem(uint256 shares) external view returns (uint256 assets);
/**
* @dev Burns exactly shares from owner and sends assets of underlying tokens to receiver.
*
* - MUST emit the Withdraw event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* redeem execution, and are accounted for during redeem.
* - MUST revert if all of shares cannot be redeemed (due to withdrawal limit being reached, slippage, the owner
* not having enough shares, etc).
*
* NOTE: some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
* Those methods should be performed separately.
*/
function redeem(
uint256 shares,
address receiver,
address owner
) external returns (uint256 assets);
}
// OpenZeppelin Contracts (last updated v4.8.0) (proxy/utils/Initializable.sol)
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Indicates that the contract has been initialized.
* @custom:oz-retyped-from bool
*/
uint8 private _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool private _initializing;
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint8 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that functions marked with `initializer` can be nested in the context of a
* constructor.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
bool isTopLevelCall = !_initializing;
require(
(isTopLevelCall && _initialized < 1) || (!Address.isContract(address(this)) && _initialized == 1),
"Initializable: contract is already initialized"
);
_initialized = 1;
if (isTopLevelCall) {
_initializing = true;
}
_;
if (isTopLevelCall) {
_initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: setting the version to 255 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint8 version) {
require(!_initializing && _initialized < version, "Initializable: contract is already initialized");
_initialized = version;
_initializing = true;
_;
_initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
require(_initializing, "Initializable: contract is not initializing");
_;
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
require(!_initializing, "Initializable: contract is initializing");
if (_initialized != type(uint8).max) {
_initialized = type(uint8).max;
emit Initialized(type(uint8).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint8) {
return _initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _initializing;
}
}
/**
* @title Base reentrancy guard. This is constructor-less implementation for both proxies and standalone contracts.
*/
abstract contract BaseReentrancyGuard {
uint256 internal constant _REENTRANCY_NOT_ENTERED = 1;
uint256 internal constant _REENTRANCY_ENTERED = 2;
uint256 internal _reentrancyStatus;
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be _NOT_ENTERED
require(_reentrancyStatus != _REENTRANCY_ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_reentrancyStatus = _REENTRANCY_ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_reentrancyStatus = _REENTRANCY_NOT_ENTERED;
}
/*
/// @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a `nonReentrant` function in the call stack.
function _reentrancyGuardEntered() internal view returns (bool) {
return _reentrancyStatus == _REENTRANCY_ENTERED;
}
*/
}
/**
* @title Tokenizes a liability per EIP-20.
* @dev The liability is upgradeable per EIP-1967. Reentrancy checks in place.
*/
abstract contract BaseUpgradeableERC20 is IERC20, Initializable, BaseReentrancyGuard {
/// @notice The decimal places of the token.
uint8 public decimals;
/// @notice The token symbol.
string public symbol;
/// @notice The descriptive name of the token.
string public name;
/// @dev The total circulating supply of the token
uint256 internal _totalSupply;
/// @dev The maximum circulating supply of the token, if any. Set to zero if there is no max limit.
uint256 internal _maxSupply;
/// @dev The balance of each holder
mapping(address => uint256) internal _balances;
/// @dev The allowance of each spender, which is set by each owner
mapping(address => mapping(address => uint256)) internal _allowances;
/**
* @notice This event is triggered when the maximum limit for minting tokens is updated.
* @param prevValue The previous limit
* @param newValue The new limit
*/
event OnMaxSupplyChanged(uint256 prevValue, uint256 newValue);
// --------------------------------------------------------------------------
// Modifiers
// --------------------------------------------------------------------------
/**
* @notice Indicates if this contract implementation was initialized at the proxy
* @dev Throws if the contract was not initialized
*/
modifier onlyIfInitialized() {
require(_getInitializedVersion() != type(uint8).max, "Contract not initialized yet");
_;
}
// --------------------------------------------------------------------------
// ERC-20 interface implementation
// --------------------------------------------------------------------------
/**
* @notice Transfers a given amount tokens to the address specified.
* @param to The address to transfer to.
* @param value The amount to be transferred.
* @return Returns true in case of success.
*/
function transfer(address to, uint256 value) external override onlyIfInitialized nonReentrant returns (bool) {
return _executeErc20Transfer(msg.sender, to, value);
}
/**
* @notice Transfer tokens from one address to another.
* @dev Note that while this function emits an Approval event, this is not required as per the specification,
* and other compliant implementations may not emit the event.
* @param from address The address which you want to send tokens from
* @param to address The address which you want to transfer to
* @param value uint256 the amount of tokens to be transferred
* @return Returns true in case of success.
*/
function transferFrom(address from, address to, uint256 value) external override onlyIfInitialized nonReentrant returns (bool) {
uint256 currentAllowance = _allowances[from][msg.sender];
require(currentAllowance >= value, "Amount exceeds allowance");
require (_executeErc20Transfer(from, to, value), "Failed to execute transferFrom");
_approveSpender(from, msg.sender, currentAllowance - value);
return true;
}
/**
* @notice Approve the passed address to spend the specified amount of tokens on behalf of msg.sender.
* @dev Beware that changing an allowance with this method brings the risk that someone may use both the old
* and the new allowance by unfortunate transaction ordering.
* One possible solution to mitigate this race condition is to first reduce the spender's allowance to 0
* and set the desired value afterwards: https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @return Returns true in case of success.
*/
function approve(address spender, uint256 value) external override onlyIfInitialized nonReentrant returns (bool) {
_approveSpender(msg.sender, spender, value);
return true;
}
/**
* @notice Gets the current version of the token.
* @return uint8 The current version of the contract.
*/
function getInitializedVersion() external view onlyIfInitialized returns (uint8) {
return _getInitializedVersion();
}
/**
* @notice Gets the total circulating supply of tokens
* @return uint256 The total circulating supply of tokens
*/
function totalSupply() external view override onlyIfInitialized returns (uint256) {
return _totalSupply;
}
/**
* @notice Gets the balance of the address specified.
* @param addr The address to query the balance of.
* @return uint256 An uint256 representing the amount owned by the passed address.
*/
function balanceOf(address addr) external view override onlyIfInitialized returns (uint256) {
return _balances[addr];
}
/**
* @notice Function to check the amount of tokens that an owner allowed to a spender.
* @param ownerAddr address The address which owns the funds.
* @param spenderAddr address The address which will spend the funds.
* @return uint256 A uint256 specifying the amount of tokens still available for the spender.
*/
function allowance(address ownerAddr, address spenderAddr) external view override onlyIfInitialized returns (uint256) {
return _allowances[ownerAddr][spenderAddr];
}
/**
* @notice Gets the maximum token supply.
* @return uint256 The maximum token supply.
*/
function maxSupply() external view onlyIfInitialized returns (uint256) {
return _maxSupply;
}
// --------------------------------------------------------------------------
// Implementation functions
// --------------------------------------------------------------------------
function _executeErc20Transfer(address from, address to, uint256 value) internal virtual returns (bool) {
// Checks
require(to != address(0), "non-zero address required");
require(from != address(0), "non-zero sender required");
require(value > 0, "Amount cannot be zero");
require(_balances[from] >= value, "Amount exceeds sender balance");
// State changes
_balances[from] = _balances[from] - value;
_balances[to] = _balances[to] + value;
// Emit the event per ERC-20
emit Transfer(from, to, value);
return true;
}
function _approveSpender(address ownerAddr, address spender, uint256 value) internal virtual {
require(spender != address(0), "non-zero spender required");
require(ownerAddr != address(0), "non-zero owner required");
// State changes
_allowances[ownerAddr][spender] = value;
// Emit the event
emit Approval(ownerAddr, spender, value);
}
function _spendAllowance (address ownerAddr, address spenderAddr, uint256 amount) internal virtual {
uint256 currentAllowance = _allowances[ownerAddr][spenderAddr];
if (currentAllowance != type(uint256).max) {
require(currentAllowance >= amount, "ERC20: insufficient allowance");
_approveSpender(ownerAddr, spenderAddr, currentAllowance - amount);
}
}
function _mintErc20(address addr, uint256 amount) internal virtual {
require(amount > 0, "Invalid amount");
require(_canMint(amount), "Max supply limit reached");
_totalSupply += amount;
_balances[addr] += amount;
emit Transfer(address(0), addr, amount);
}
function _burnErc20(address addr, uint256 amount) internal virtual {
require(amount > 0, "Invalid amount");
require(_balances[addr] >= amount, "Burn amount exceeds balance");
_balances[addr] -= amount;
_totalSupply -= amount;
emit Transfer(addr, address(0), amount);
}
function _setMaxSupply(uint256 newValue) internal virtual {
require(newValue > 0 && newValue > _totalSupply, "Invalid max supply");
uint256 prevValue = _maxSupply;
_maxSupply = newValue;
emit OnMaxSupplyChanged(prevValue, newValue);
}
// Indicates if we can issue/mint the number of tokens specified.
function _canMint(uint256 amount) internal view virtual returns (bool) {
return _maxSupply - _totalSupply >= amount;
}
}
/**
* @title Represents a liquidity pool. The pool works per ERC-4626 standard. The pool can be paused.
*/
abstract contract BaseUpgradeableERC4626 is IERC4626, BaseUpgradeableERC20 {
using MathUpgradeable for uint256;
/// @notice Indicates whether deposits are paused or not.
bool public depositsPaused;
/// @notice Indicates whether withdrawals are paused or not.
bool public withdrawalsPaused;
/// @dev The underlying asset of the pool
IERC20 internal _underlyingAsset;
/// @dev The address of the fees collector, if any.
address public feesCollector;
/// @notice The maximum deposit amount.
uint256 public maxDepositAmount;
/// @notice The maximum withdrawal amount.
uint256 public maxWithdrawalAmount;
/// @notice The fee to apply when an account withdraws funds from the pool.
uint256 public withdrawalFee;
/**
* @notice Triggers when deposits/withdrawals are paused or resumed.
* @param bDepositsPaused The new state for deposits
* @param bWithdrawalsPaused The new state for withdrawals
*/
event DepositWithdrawalStatusChanged(bool bDepositsPaused, bool bWithdrawalsPaused);
// ---------------------------------------------------------------
// Modifiers
// ---------------------------------------------------------------
modifier ifConfigured() {
require(address(_underlyingAsset) != address(0), "Not configured");
_;
}
modifier ifNotConfigured() {
require(address(_underlyingAsset) == address(0), "Already configured");
_;
}
modifier ifDepositsNotPaused() {
require(!depositsPaused, "Deposits paused");
_;
}
modifier ifWithdrawalsNotPaused() {
require(!withdrawalsPaused, "Withdrawals paused");
_;
}
// --------------------------------------------------------------------------
// ERC-4626 interface implementation
// --------------------------------------------------------------------------
/**
* @notice Deposits funds in the pool. Issues LP tokens in exchange for the deposit.
* @dev Throws if the deposit limit is reached.
* @param assets The deposit amount, expressed in underlying tokens. For example: USDC, DAI, etc.
* @param receiver The address that will receive the LP tokens. It is usually the same as a the sender.
* @return shares The number of LP tokens issued to the receiving address specified.
*/
function deposit(
uint256 assets,
address receiver
) external override nonReentrant ifConfigured ifDepositsNotPaused returns (uint256 shares) {
require(receiver != address(0) && receiver != address(this), "Invalid receiver");
require(assets > 0, "Assets amount required");
require(assets <= maxDeposit(receiver), "Deposit limit reached");
shares = previewDeposit(assets);
require(shares > 0, "Shares amount required");
_deposit(msg.sender, receiver, assets, shares);
}
/**
* @notice Issues a specific amount of LP tokens to the receiver specified.
* @dev Throws if the deposit limit is reached regardless of how many LP tokens you want to mint.
* @param shares The amount of LP tokens to mint.
* @param receiver The address of the receiver. It is usually the same as a the sender.
* @return assets The amount of underlying assets per current ratio
*/
function mint(
uint256 shares,
address receiver
) external override nonReentrant ifConfigured ifDepositsNotPaused returns (uint256 assets) {
require(receiver != address(0) && receiver != address(this), "Invalid receiver");
require(shares > 0, "Shares amount required");
require(shares <= maxMint(receiver), "ERC4626: mint more than max");
assets = previewMint(shares);
require(assets <= maxDeposit(receiver), "Deposit limit reached");
_deposit(msg.sender, receiver, assets, shares);
}
/**
* @notice Gets the underlying asset of the pool.
* @return address The address of the asset.
*/
function asset() external view override onlyIfInitialized returns (address) {
return address(_underlyingAsset);
}
/**
* @notice Gets the total assets amount managed by the pool.
* @return uint256 The assets amount.
*/
function totalAssets() external view virtual override ifConfigured returns (uint256) {
return _getTotalAssets();
}
function previewDeposit(uint256 assets) public view virtual override ifConfigured returns (uint256) {
return _convertToShares(assets, MathUpgradeable.Rounding.Down);
}
function previewMint(uint256 shares) public view virtual override ifConfigured returns (uint256) {
return _convertToAssets(shares, MathUpgradeable.Rounding.Up);
}
function previewWithdraw(uint256 assets) public view virtual override ifConfigured returns (uint256) {
return _convertToShares(assets, MathUpgradeable.Rounding.Up);
}
function previewRedeem(uint256 shares) public view virtual override ifConfigured returns (uint256 assets) {
(, assets) = _previewRedeemWithFees(shares);
}
function convertToShares(uint256 assets) public view virtual override ifConfigured returns (uint256) {
return _convertToShares(assets, MathUpgradeable.Rounding.Down);
}
function convertToAssets(uint256 shares) public view virtual override ifConfigured returns (uint256) {
return _convertToAssets(shares, MathUpgradeable.Rounding.Down);
}
function maxDeposit(address) public view virtual override ifConfigured returns (uint256) {
return _isVaultHealthy() ? maxDepositAmount : 0;
}
function maxMint(address) public view virtual override ifConfigured returns (uint256) {
return _maxSupply;
}
function maxWithdraw(address holderAddr) public view virtual override ifConfigured returns (uint256) {
return _convertToAssets(_balances[holderAddr], MathUpgradeable.Rounding.Down);
}
function maxRedeem(address holderAddr) public view virtual override ifConfigured returns (uint256) {
return _balances[holderAddr];
}
// --------------------------------------------------------------------------
// Implementation functions
// --------------------------------------------------------------------------
function _deposit(
address callerAddr,
address receiverAddr,
uint256 assets,
uint256 shares
) internal virtual {
// If _asset is ERC777, `transferFrom` can trigger a reenterancy BEFORE the transfer happens through the
// `tokensToSend` hook. On the other hand, the `tokenReceived` hook, that is triggered after the transfer,
// calls the vault, which is assumed not malicious.
//
// Conclusion: we need to do the transfer before we mint so that any reentrancy would happen before the
// assets are transferred and before the shares are minted, which is a valid state.
// slither-disable-next-line reentrancy-no-eth
uint256 expectedBalanceAfterTransfer = assets + _underlyingAsset.balanceOf(address(this));
SafeERC20.safeTransferFrom(_underlyingAsset, callerAddr, address(this), assets);
require(_underlyingAsset.balanceOf(address(this)) == expectedBalanceAfterTransfer, "Balance check failed");
// Issue (mint) LP tokens to the receiver
_mintErc20(receiverAddr, shares);
// Log the ERC-4626 event
emit Deposit(callerAddr, receiverAddr, assets, shares);
}
function _updateIssuanceLimits(
uint256 newMaxDepositAmount,
uint256 newMaxWithdrawalAmount,
uint256 newMaxTokenSupply
) internal virtual {
require(newMaxDepositAmount > 0, "Invalid deposit limit");
require(newMaxWithdrawalAmount > 0, "Invalid withdrawal limit");
_setMaxSupply(newMaxTokenSupply);
maxDepositAmount = newMaxDepositAmount;
maxWithdrawalAmount = newMaxWithdrawalAmount;
}
function _setPause(bool bPauseDeposits, bool bPauseWithdrawals) internal virtual {
depositsPaused = bPauseDeposits;
withdrawalsPaused = bPauseWithdrawals;
emit DepositWithdrawalStatusChanged(depositsPaused, withdrawalsPaused);
}
// --------------------------------------------------------------------------
// Inner views
// --------------------------------------------------------------------------
function _getTotalAssets() internal view virtual returns (uint256);
function _isVaultHealthy() internal view virtual returns (bool) {
return _totalSupply == 0 || _getTotalAssets() > 0;
}
// Internal conversion function (from assets to shares) to apply when the vault is empty.
function _initialConvertToShares(uint256 assets, MathUpgradeable.Rounding) internal view virtual returns (uint256 shares) {
return assets;
}
// Internal conversion function (from shares to assets) to apply when the vault is empty.
function _initialConvertToAssets(uint256 shares, MathUpgradeable.Rounding) internal view virtual returns (uint256) {
return shares;
}
// Internal conversion function (from assets to shares) with support for rounding direction.
// Will revert if assets > 0, totalSupply > 0 and totalAssets = 0.
// That corresponds to a case where any asset would represent an infinite amount of shares.
function _convertToShares(uint256 assets, MathUpgradeable.Rounding rounding) internal view virtual returns (uint256) {
return (assets == 0 || _totalSupply == 0) ? _initialConvertToShares(assets, rounding) : assets.mulDiv(_totalSupply, _getTotalAssets(), rounding);
}
// Internal conversion function (from shares to assets) with support for rounding direction.
function _convertToAssets(uint256 shares, MathUpgradeable.Rounding rounding) internal view virtual returns (uint256) {
return (_totalSupply == 0) ? _initialConvertToAssets(shares, rounding) : shares.mulDiv(_getTotalAssets(), _totalSupply, rounding);
}
function _previewRedeemWithFees(uint256 shares) internal view returns (uint256 assetsAmount, uint256 assetsAfterFee) {
assetsAmount = _convertToAssets(shares, MathUpgradeable.Rounding.Down);
assetsAfterFee = assetsAmount;
uint256 applicableFee = 0;
if (withdrawalFee > 0) {
applicableFee = withdrawalFee * assetsAmount / 1e4;
assetsAfterFee = assetsAmount - applicableFee;
}
return (assetsAmount, assetsAfterFee);
}
}
/**
* @title Represents a liquidity pool in which withdrawals can be time-locked or instantaneous.
* @dev The liquidity pool accepts deposits in a single token only, per ERC-4626.
*/
abstract contract TimelockedERC4626 is BaseUpgradeableERC4626 {
/// @dev A reasonable time-window for manipulating the block timestamp as a miner.
uint256 constant internal _TIMESTAMP_MANIPULATION_WINDOW = 5 minutes;
struct RedeemSummary {
uint256 shares; // The number of shares to burn.
uint256 assets; // The asset amount that was claimable at redemption time per current token price.
}
/// @notice The hour at which withdrawals are processed. It ranges from 0 to 23.
uint8 public liquidationHour;
/// @notice The duration of the time-lock for withdrawals.
uint256 public lagDuration;
/// @notice The total number of shares that need to be burned.
uint256 public globalLiabilityShares;
/// @notice The total amount of collectable fees, at any point in time.
uint256 public totalCollectableFees;
/// @dev The liability (forecast) that needs to be fulfilled at a given point in time
mapping (bytes32 => RedeemSummary) internal _dailyRequirement;
/// @dev The list of addresses that can claim funds at a given point in time
mapping (bytes32 => address[]) internal _uniqueReceiversPerCluster;
/// @dev The index of each unique receiver per cluster
mapping (bytes32 => mapping(address => uint256)) internal _receiverIndexes;
/// @dev The amount of underlying tokens that can be claimed by a given address at a specific point in time
mapping (bytes32 => mapping(address => uint256)) internal _receiverAmounts;
/// @dev The number of shares that can be burned by a given address at a specific point in time
mapping (bytes32 => mapping(address => uint256)) internal _burnableAmounts;
mapping (bytes32 => mapping(address => uint256)) internal _feeAmountsByReceiver;
/**
* @notice This event is triggered when a holder requests a withdrawal.
* @param ownerAddr The address of the holder.
* @param receiverAddr The address of the receiver.
* @param shares The amount of shares (LP tokens) to burn.
* @param assets The amount of underlying assets to transfer.
* @param fee The fee applied to the withdrawal.
* @param year The year component of the scheduled date.
* @param month The month component of the scheduled date.
* @param day The day component of the scheduled date.
*/
event WithdrawalRequested (address ownerAddr, address receiverAddr, uint256 shares, uint256 assets, uint256 fee, uint256 year, uint256 month, uint256 day);
// ----------------------------------------
// ERC-4626 endpoint overrides
// ----------------------------------------
function withdraw(
uint256,
address,
address
) external override pure returns (uint256) {
// Revert the call to ERC4626.withdraw(args) in order to stay compatible with the ERC-4626 standard.
// Per ERC-4626 spec (https://eips.ethereum.org/EIPS/eip-4626):
// - MUST revert if all of assets cannot be withdrawn (due to withdrawal limit being reached, slippage, the owner not having enough shares, etc).
// - Note that some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
// Those methods should be performed separately.
revert("Withdrawal request required");
// We could enqueue a withdrawal request from this endpoint, but it wouldn't compatible with the ERC-4626 standard.
// Likewise, we could process the funds for the receiver sppecified but -again- it wouldn't compatible with the ERC-4626 standard.
// Hence the tx revert. Provided we revert in all cases, the function becomes pure.
}
function redeem(
uint256,
address,
address
) external override pure returns (uint256) {
// Revert the call to ERC4626.redeem(args) in order to stay compatible with the ERC-4626 standard.
// Per ERC-4626 spec (https://eips.ethereum.org/EIPS/eip-4626):
// - MUST revert if all of assets cannot be withdrawn (due to withdrawal limit being reached, slippage, the owner not having enough shares, etc).
// - Note that some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
// Those methods should be performed separately.
revert("Withdrawal request required");
// We could enqueue a withdrawal request from this endpoint, but it wouldn't compatible with the ERC-4626 standard.
// Likewise, we could process the funds for the receiver sppecified but -again- it wouldn't compatible with the ERC-4626 standard.
// Hence the tx revert. Provided we revert in all cases, the function becomes pure.
}
// ----------------------------------------
// Views
// ----------------------------------------
/**
* @notice Gets the date at which your withdrawal request can be claimed.
* @return year The year.
* @return month The month.
* @return day The day.
* @return claimableEpoch The Unix epoch at which your withdrawal request can be claimed.
*/
function getWithdrawalEpoch() external view ifConfigured returns (
uint256 year,
uint256 month,
uint256 day,
uint256 claimableEpoch
) {
(year, month, day) = DateUtils.timestampToDate(block.timestamp + _TIMESTAMP_MANIPULATION_WINDOW + lagDuration);
claimableEpoch = DateUtils.timestampFromDateTime(year, month, day, liquidationHour, 0, 0);
}
/**
* @notice Gets the funding requirement of the date specified.
* @dev This is a forecast on the amount of assets that need to be available at the pool on the date specified.
* @param year The year.
* @param month The month.
* @param day The day.
* @return shares The number of shares (LP tokens) that will be burned on the date specified.
* @return assets The amount of assets that will be transferred on the date specified.
*/
function getRequirementByDate(
uint256 year,
uint256 month,
uint256 day
) external view onlyIfInitialized returns (uint256 shares, uint256 assets) {
bytes32 dailyCluster = keccak256(abi.encode(year, month, day));
shares = _dailyRequirement[dailyCluster].shares;
assets = _dailyRequirement[dailyCluster].assets;
}
/**
* @notice Gets the asset amount that can be claimed by a receiver at the date specified.
* @dev This is a forecast on the amount of assets that can be claimed by a given party on the date specified.
* @param year The year.
* @param month The month.
* @param day The day.
* @param receiverAddr The address of the receiver.
* @return uint256 The total amount of assets that can be claimed at a the date specified.
*/
function getClaimableAmountByReceiver(
uint256 year,
uint256 month,
uint256 day,
address receiverAddr
) external view onlyIfInitialized returns (uint256) {
bytes32 dailyCluster = keccak256(abi.encode(year, month, day));
return _receiverAmounts[dailyCluster][receiverAddr];
}
/**
* @notice Gets the total number of shares to burn at the date specified for a given receiver.
* @dev This is a forecast on the amount of assets that can be claimed by a given party on the date specified.
* @param year The year.
* @param month The month.
* @param day The day.
* @param receiverAddr The address of the receiver.
* @return uint256 The total number of shares to burn at the date specified for a given receiver.
*/
function getBurnableAmountByReceiver(
uint256 year,
uint256 month,
uint256 day,
address receiverAddr
) external view onlyIfInitialized returns (uint256) {
bytes32 dailyCluster = keccak256(abi.encode(year, month, day));
return _burnableAmounts[dailyCluster][receiverAddr];
}
/**
* @notice Gets the total number of transactions to run at a given date.
* @param year The year.
* @param month The month.
* @param day The day.
* @return totalTransactions The number of transactions to execute.
* @return executionEpoch The Unix epoch at which these transactions should be submitted to the blockchain.
*/
function getScheduledTransactionsByDate(
uint256 year,
uint256 month,
uint256 day
) external view ifConfigured returns (uint256 totalTransactions, uint256 executionEpoch) {
bytes32 dailyCluster = keccak256(abi.encode(year, month, day));
totalTransactions = _uniqueReceiversPerCluster[dailyCluster].length;
executionEpoch = DateUtils.timestampFromDateTime(year, month, day, liquidationHour, 0, 0);
}
// ----------------------------------------
// Inner functions
// ----------------------------------------
function _registerRedeemRequest(
uint256 shares,
address holderAddr,
address receiverAddr,
address callerAddr
) internal returns (
uint256 claimableEpoch,
uint256 year,
uint256 month,
uint256 day,
uint256 effectiveAssetsAmount
) {
require(receiverAddr != address(0) && receiverAddr != address(this), "Invalid receiver");
require(holderAddr != address(0) && holderAddr != address(this), "Invalid holder");
require(shares > 0, "Shares amount required");
require(_balances[holderAddr] >= shares, "Insufficient shares");
// The number of assets the receiver will get at the current price/ratio, per ERC-4626.
(uint256 assetsAmount, uint256 assetsAfterFee) = _previewRedeemWithFees(shares);
require(assetsAmount <= maxWithdraw(holderAddr), "Withdrawal limit reached");
require(assetsAfterFee > 0, "Amount too low");
// The withdrawal fee to apply
uint256 applicableFee = assetsAmount - assetsAfterFee;
effectiveAssetsAmount = assetsAfterFee;
// The time slot (cluster) of the lagged withdrawal
(year, month, day) = DateUtils.timestampToDate(block.timestamp + _TIMESTAMP_MANIPULATION_WINDOW + lagDuration);
// The hash of the cluster
bytes32 dailyCluster = keccak256(abi.encode(year, month, day));
// The withdrawal will be processed at the following epoch
claimableEpoch = DateUtils.timestampFromDateTime(year, month, day, liquidationHour, 0, 0);
// ERC20 allowance scenario
if (callerAddr != holderAddr) _spendAllowance(holderAddr, callerAddr, shares);
// Transfer the shares from the token holder to this contract.
// We transfer the shares to the liquidity pool in order to avoid fluctuations on the token price.
// Otherwise, burning shares at this point in time would affect the number of assets (liability)
// of future withdrawal requests because the token price would increase.
_executeErc20Transfer(holderAddr, address(this), shares);
// Global metrics
_dailyRequirement[dailyCluster].assets += assetsAmount;
_dailyRequirement[dailyCluster].shares += shares;
globalLiabilityShares += shares;
// Unique receivers by date. We will transfer underlying tokens to this receiver shortly.
if (_receiverAmounts[dailyCluster][receiverAddr] == 0) {
_uniqueReceiversPerCluster[dailyCluster].push(receiverAddr);
_receiverIndexes[dailyCluster][receiverAddr] = _uniqueReceiversPerCluster[dailyCluster].length;
}
// Track the amount of underlying assets we are required to transfer to the receiver address specified.
_receiverAmounts[dailyCluster][receiverAddr] += assetsAfterFee;
_burnableAmounts[dailyCluster][receiverAddr] += shares;
_feeAmountsByReceiver[dailyCluster][receiverAddr] += applicableFee;
emit WithdrawalRequested(holderAddr, receiverAddr, shares, assetsAmount, applicableFee, year, month, day);
}
function _claim(
uint256 year,
uint256 month,
uint256 day,
address receiverAddr
) internal returns (uint256, uint256) {
require(receiverAddr != address(0), "Invalid receiver");
bytes32 dailyCluster = keccak256(abi.encode(year, month, day));
uint256 shares = _burnableAmounts[dailyCluster][receiverAddr];
require(shares > 0, "No shares for receiver");
uint256 receiverIndex = _receiverIndexes[dailyCluster][receiverAddr];
require(receiverIndex > 0, "Invalid receiver index");
uint256 claimableAssets = _receiverAmounts[dailyCluster][receiverAddr];
uint256 assetFee = _feeAmountsByReceiver[dailyCluster][receiverAddr];
if (lagDuration > 0) {
// Make sure withdrawals are processed at the expected epoch only.
require(block.timestamp + _TIMESTAMP_MANIPULATION_WINDOW >= DateUtils.timestampFromDateTime(year, month, day, liquidationHour, 0, 0), "Too early");
}
// Internal state changes (trusted)
_receiverAmounts[dailyCluster][receiverAddr] = 0;
_burnableAmounts[dailyCluster][receiverAddr] = 0;
_feeAmountsByReceiver[dailyCluster][receiverAddr] = 0;
_dailyRequirement[dailyCluster].shares -= shares;
_dailyRequirement[dailyCluster].assets -= (claimableAssets + assetFee);
globalLiabilityShares -= shares;
totalCollectableFees += assetFee;
_deleteReceiver(dailyCluster, receiverAddr);
_burnErc20(address(this), shares);
// Make sure the pool has enough balance to cover withdrawals.
uint256 balanceBefore = IERC20(_underlyingAsset).balanceOf(address(this));
SafeERC20.safeTransfer(_underlyingAsset, receiverAddr, claimableAssets);
// Balance check, provided the external asset is untrusted
require(IERC20(_underlyingAsset).balanceOf(address(this)) >= balanceBefore - claimableAssets, "Balance check failed");
return (shares, claimableAssets);
}
function _deleteReceiver(bytes32 dailyCluster, address addr) private {
uint256 idx = _receiverIndexes[dailyCluster][addr] - 1;
uint256 totalReceiversByDate = _uniqueReceiversPerCluster[dailyCluster].length;
address lastItem = _uniqueReceiversPerCluster[dailyCluster][totalReceiversByDate - 1];
if (addr != lastItem) {
_uniqueReceiversPerCluster[dailyCluster][totalReceiversByDate - 1] = _uniqueReceiversPerCluster[dailyCluster][idx];
_uniqueReceiversPerCluster[dailyCluster][idx] = lastItem;
_receiverIndexes[dailyCluster][lastItem] = idx + 1;
}
_uniqueReceiversPerCluster[dailyCluster].pop();
_receiverIndexes[dailyCluster][addr] = 0;
}
/*
function _deleteReceiver(bytes32 dailyCluster, address addr) private {
uint256 idx = _receiverIndexes[dailyCluster][addr] - 1;
//require(idx < _uniqueReceiversPerCluster[dailyCluster].length, "Invalid receiver index");
require(_uniqueReceiversPerCluster[dailyCluster][idx] == addr, "Address/index mismatch");
uint256 totalReceiversByDate = _uniqueReceiversPerCluster[dailyCluster].length;
address lastItem = _uniqueReceiversPerCluster[dailyCluster][totalReceiversByDate - 1];
if (addr != lastItem) {
_uniqueReceiversPerCluster[dailyCluster][totalReceiversByDate - 1] = _uniqueReceiversPerCluster[dailyCluster][idx];
_uniqueReceiversPerCluster[dailyCluster][idx] = lastItem;
}
_uniqueReceiversPerCluster[dailyCluster].pop();
_receiverIndexes[dailyCluster][addr] = 0;
}
*/
}
/**
* @title Represents an ownable liquidity pool. The pool is compliant with the ERC-4626 standard.
*/
abstract contract OwnableLiquidityPool is TimelockedERC4626, BaseOwnable {
/**
* @notice This event is triggered when the owner runs an emergency withdrawal.
* @param withdrawalAmount The withdrawal amount.
* @param tokenAddr The token address.
* @param destinationAddr The destination address.
*/
event OnEmergencyWithdraw (uint256 withdrawalAmount, address tokenAddr, address destinationAddr);
/**
* @notice Allows the owner of the pool to withdraw the full balance of the token specified.
* @dev Throws if the caller is not the current owner of the pool. If the asset to withdraw is the underlying asset of the pool then this function pauses deposits and withdrawals automatically.
* @param token The token to transfer.
* @param destinationAddr The destination address of the ERC20 transfer.
*/
function emergencyWithdraw(
IERC20 token,
address destinationAddr
) external virtual nonReentrant ifConfigured onlyOwner {
//require(destinationAddr != address(0) && destinationAddr != address(this), "Invalid address");
uint256 currentBalance = token.balanceOf(address(this));
//require(currentBalance > 0, "Insufficient balance");
if (address(token) == address(_underlyingAsset)) {
// Automatically pause deposits and withdrawals in order to prevent fluctuations on the price of the LP token
_setPause(true, true);
}
SafeERC20.safeTransfer(token, destinationAddr, currentBalance);
emit OnEmergencyWithdraw(currentBalance, address(token), destinationAddr);
}
/**
* @notice Gets the owner of the pool.
* @return address The address who owns the pool.
*/
function owner() external view onlyIfInitialized returns (address) {
return _owner;
}
}
/**
* @title Represents an ERC-4626 compliant liquidity pool capable of lending funds on their own.
* @dev This liquidity pool is ownable by definition.
*/
abstract contract AbstractLender is OwnableLiquidityPool {
/// @notice The address of the Loans Operator
address public loansOperator;
// ---------------------------------------------------------------
// Modifiers
// ---------------------------------------------------------------
modifier onlyLoansOperator() {
require(msg.sender == loansOperator, "Loans Operator only");
_;
}
// ---------------------------------------------------------------
// Implementation functions
// ---------------------------------------------------------------
/**
* @notice As a lender, this pool proposes a new APR to the borrower of the loan address specified.
* @param loanAddr The address of the loan.
* @param newAprWithTwoDecimals The APR proposed by this pool, expressed with 2 decimal places.
*/
function proposeNewApr(
address loanAddr,
uint256 newAprWithTwoDecimals
) external nonReentrant ifConfigured onlyLoansOperator {
_ensureValidLoan(loanAddr);
IPeerToPeerOpenTermLoan(loanAddr).proposeNewApr(newAprWithTwoDecimals);
}
/**
* @notice Updates the late fees of the loan specified.
* @param loanAddr The address of the loan.
* @param lateInterestFeeWithTwoDecimals The late interest fee (percentage) with 2 decimal places.
* @param latePrincipalFeeWithTwoDecimals The late principal fee (percentage) with 2 decimal places.
*/
function changeLateFees(
address loanAddr,
uint256 lateInterestFeeWithTwoDecimals,
uint256 latePrincipalFeeWithTwoDecimals
) external nonReentrant ifConfigured onlyLoansOperator {
_ensureValidLoan(loanAddr);
IPeerToPeerOpenTermLoan(loanAddr).changeLateFees(lateInterestFeeWithTwoDecimals, latePrincipalFeeWithTwoDecimals);
}
/**
* @notice Updates the maintenance collateral ratio
* @param loanAddr The address of the loan.
* @param maintenanceCollateralRatioWith2Decimals The maintenance collateral ratio, if applicable.
*/
function changeMaintenanceCollateralRatio(
address loanAddr,
uint256 maintenanceCollateralRatioWith2Decimals
) external nonReentrant ifConfigured onlyLoansOperator {
_ensureValidLoan(loanAddr);
IPeerToPeerOpenTermLoan(loanAddr).changeMaintenanceCollateralRatio(maintenanceCollateralRatioWith2Decimals);
}
/**
* @notice Calls the loan specified.
* @param loanAddr The address of the loan.
* @param callbackPeriodInHours The callback period, measured in hours.
* @param gracePeriodInHours The grace period, measured in hours.
*/
function callLoan(
address loanAddr,
uint256 callbackPeriodInHours,
uint256 gracePeriodInHours
) external nonReentrant ifConfigured onlyLoansOperator {
_ensureValidLoan(loanAddr);
IPeerToPeerOpenTermLoan(loanAddr).callLoan(callbackPeriodInHours, gracePeriodInHours);
}
/**
* @notice Liquidates the loan specified.
* @param loanAddr The address of the loan.
*/
function liquidate(address loanAddr) external ifConfigured onlyLoansOperator {
_ensureValidLoan(loanAddr);
IPeerToPeerOpenTermLoan(loanAddr).liquidate();
}
// ---------------------------------------------------------------
// Virtuals
// ---------------------------------------------------------------
function fundLoan(address loanAddr) external virtual;
function _ensureValidLoan(address loanAddr) internal view virtual;
}
/**
* @title Represents an ERC-4626 lending pool capable of processing hooks on-chain.
* @dev This contract overrides ERC4626.totalAssets() in order to reflect the risk exposure to loans.
*/
abstract contract HookableLender is IHookableLender, AbstractLender {
struct LoanDeploymentRecord {
uint256 effectiveLoanAmount;
uint256 activeDelta;
bool isWhitelisted;
}
// ---------------------------------------------------------------
// Storage layout
// ---------------------------------------------------------------
/// @notice The current risk exposure to loans
uint256 public globalLoansAmount;
/// @dev The current delta of a loan
mapping (address => LoanDeploymentRecord) internal _deployedLoans;
// ---------------------------------------------------------------
// Modifiers
// ---------------------------------------------------------------
modifier onlyKnownLoanContract() {
require(_deployedLoans[msg.sender].isWhitelisted, "Unknown loan");
_;
}
// ---------------------------------------------------------------
// Hooks implementation
// ---------------------------------------------------------------
function notifyLoanMatured() external override nonReentrant ifConfigured onlyKnownLoanContract {
if (_deployedLoans[msg.sender].activeDelta > 0) globalLoansAmount -= _deployedLoans[msg.sender].activeDelta;
_deployedLoans[msg.sender].activeDelta = 0;
}
function notifyLoanClosed() external override nonReentrant ifConfigured onlyKnownLoanContract {
if (_deployedLoans[msg.sender].activeDelta > 0) globalLoansAmount -= _deployedLoans[msg.sender].activeDelta;
_deployedLoans[msg.sender].activeDelta = 0;
}
function notifyPrincipalRepayment(
uint256 effectiveLoanAmount,
uint256 principalRepaid
) external override nonReentrant ifConfigured onlyKnownLoanContract {
uint256 newDelta = (principalRepaid < effectiveLoanAmount) ? effectiveLoanAmount - principalRepaid : 0;
if (_deployedLoans[msg.sender].activeDelta > 0) globalLoansAmount -= _deployedLoans[msg.sender].activeDelta;
_deployedLoans[msg.sender].activeDelta = newDelta;
if (newDelta > 0) globalLoansAmount += newDelta;
}
function _ensureValidLoan(address loanAddr) internal view override {
require(_deployedLoans[loanAddr].isWhitelisted, "Invalid loan contract");
}
// ---------------------------------------------------------------
// ERC-4626 overrides
// ---------------------------------------------------------------
function _getTotalAssets() internal view virtual override returns (uint256) {
// [Liquidity] + [the delta of all ACTIVE loans managed by this pool]
return globalLoansAmount + _underlyingAsset.balanceOf(address(this));
}
}
/**
* @title Represents a base lending pool.
* @dev The pool is capable of deploying and funding loans on their own. It is also capable of receiving hooks on-chain.
*/
abstract contract BaseLendingPool is HookableLender {
/// @notice The address of the contract that deploys loans.
address public loansDeployerAddress;
/// @notice The list of all loans deployed by the lending pool
address[] public loansDeployed;
/// @notice Triggers when the lending pool deploys a new loan.
event NewLoanDeployedByPool(address loanAddr, uint256 aprWithTwoDecimals);
/**
* @notice Deploys a new loan on behalf of the Credit Pool. This contract acts as a lender.
* @param loanParams The parameters of the loan to deploy.
* @return address The address of the newly deployed loan.
*/
function deployLoan(
LoanDeploymentParams memory loanParams
) external nonReentrant ifConfigured onlyLoansOperator returns (address) {
loanParams.lenderAddr = address(this);
address loanAddr = IPermissionlessLoansDeployer(loansDeployerAddress).deployLoan(loanParams);
// This should never happen because the loan was deployed via CREATE rather than CREATE2
require(!_deployedLoans[loanAddr].isWhitelisted, "Invalid deployment address");
uint256 effectiveLoanAmount = IPeerToPeerOpenTermLoan(loanAddr).effectiveLoanAmount();
_deployedLoans[loanAddr] = LoanDeploymentRecord({
effectiveLoanAmount: effectiveLoanAmount,
activeDelta: 0,
isWhitelisted: true
});
loansDeployed.push(loanAddr);
emit NewLoanDeployedByPool(loanAddr, loanParams.newAprWithTwoDecimals);
return loanAddr;
}
/**
* @notice Funds the loan deployed at the address specified.
* @dev Throws if the loan was not deployed by this pool.
* @param loanAddr The address of the loan.
*/
function fundLoan(address loanAddr) external override nonReentrant ifConfigured onlyLoansOperator {
// Trusted queries
_ensureValidLoan(loanAddr);
uint256 effectiveLoanAmount = _deployedLoans[loanAddr].effectiveLoanAmount;
// Trusted changes
_deployedLoans[loanAddr].activeDelta = effectiveLoanAmount; // The principal repaid at this point in time is zero
globalLoansAmount += effectiveLoanAmount; // which is "_deployedLoans[loanAddr].activeDelta"
require(IPeerToPeerOpenTermLoan(loanAddr).loanState() == LOAN_FUNDING_REQUIRED, "Invalid loan state");
// Untrusted changes
SafeERC20.safeApprove(_underlyingAsset, loanAddr, effectiveLoanAmount);
IPeerToPeerOpenTermLoan(loanAddr).fundLoan();
SafeERC20.safeApprove(_underlyingAsset, loanAddr, uint256(0));
// Late checks
require(IPeerToPeerOpenTermLoan(loanAddr).loanState() == LOAN_ACTIVE, "Funding check failed");
require(_underlyingAsset.allowance(address(this), loanAddr) == uint256(0), "Allowance check failed");
}
/**
* @notice Collects the fees available in the pool. Fees are sent to the fee collector address.
*/
function collectFees() external nonReentrant ifConfigured onlyOwner {
//require(totalCollectableFees > 0, "No fees to collect");
uint256 feesAmount = totalCollectableFees;
totalCollectableFees = 0;
SafeERC20.safeTransfer(_underlyingAsset, feesCollector, feesAmount);
}
/**
* @notice Gets the total number of loans deployed by the pool.
* @return uint256 The total number of loans deployed by the pool.
*/
function getTotalLoansDeployed() external view returns (uint256) {
return loansDeployed.length;
}
}
/**
* @title Represents a lending pool that is fully compliant with the ERC-4626 standard.
* @dev The lending pool is an address-preserving transparent proxy.
*/
contract LendingPool is BaseLendingPool {
address public constant SETTLEMENT_ACCOUNT = address(0x87ff94bB7709c70c6B2018FED12E4Ce0ABbf30Ce);
mapping (address => bool) public blacklisted;
constructor() {
_disableInitializers();
}
/**
* @notice Proxy initialization function.
* @param newOwner The owner of the lending pool.
* @param erc20Decimals The number of decimals of the LP token issued by this pool, per ERC20.
* @param erc20Symbol The token symbol of this pool, per ERC20.
* @param erc20Name The token name of this pool, per ERC20.
*/
function initialize(
address newOwner,
uint8 erc20Decimals,
string memory erc20Symbol,
string memory erc20Name
) external initializer {
require(newOwner != address(0), "Owner required");
// ERC-20 settings
decimals = erc20Decimals;
symbol = erc20Symbol;
name = erc20Name;
// Pause deposits and withdrawals until the pool gets configured by the authorized party.
depositsPaused = true;
withdrawalsPaused = true;
_owner = newOwner;
}
/**
* @notice Configures the lending pool.
* @dev Throws if the caller is not the owner. Deposits and withdrawals are paused until the pool is configured.
* @param newLagDuration The duration of the timelock. Pass zero if the pool is not time-locked.
* @param newMaxDepositAmount The maximum deposit amount of assets (say USDC) investors are allowed to deposit in the pool.
* @param newMaxWithdrawalAmount The maximum withdrawal amount of the pool, expressed in underlying assets (for example: USDC)
* @param newMaxTokenSupply The maximum supply of LP tokens (liquidity pool tokens)
* @param newUnderlyingAsset The underlying asset of the liquidity pool (for example: USDC).
* @param newLoansOperator The address responsible for managing the loans of the pool.
* @param newLoansDeployerAddress The address of the smart contract you will use for deploying loans on behalf of this pool.
* @param newFeesCollectorAddr The address of the fees collector.
* @param newProcessingHour The hour (UTC) at which all withdrawal requests will be processed. The value ranges from [0..23]
*/
function configurePool(
uint256 newLagDuration,
uint256 newMaxDepositAmount,
uint256 newMaxWithdrawalAmount,
uint256 newMaxTokenSupply,
address newUnderlyingAsset,
address newLoansOperator,
address newLoansDeployerAddress,
address newFeesCollectorAddr,
uint8 newProcessingHour
) external onlyIfInitialized nonReentrant ifNotConfigured onlyOwner {
require(newLoansOperator != address(0), "Operator required");
require(newLoansDeployerAddress != address(0), "Deployer required");
require(newFeesCollectorAddr != address(0), "Collector required");
require(newProcessingHour < 24, "Invalid processing hour"); // Min: 0, Max: 23 (eg: 13 = 1PM)
_underlyingAsset = IERC20(newUnderlyingAsset);
_updateIssuanceLimits(newMaxDepositAmount, newMaxWithdrawalAmount, newMaxTokenSupply);
// Loan management actors
loansOperator = newLoansOperator;
loansDeployerAddress = newLoansDeployerAddress;
feesCollector = newFeesCollectorAddr;
// Timelock settings
lagDuration = newLagDuration;
liquidationHour = newProcessingHour;
// Resume deposits and withdrawals
depositsPaused = false;
withdrawalsPaused = false;
}
/**
* @notice Transfers ownership of the contract to a new account.
* @dev Throws if the caller is not the current owner. Additional constraints apply.
* @param newOwner The new owner of this contract.
*/
function transferOwnership(address newOwner) external onlyIfInitialized nonReentrant onlyOwner {
require(newOwner != address(0) && newOwner != address(this), "Invalid owner");
require(newOwner != loansOperator, "Owner cannot be operator");
require(newOwner != loansDeployerAddress, "Owner cannot be deployer");
_transferOwnership(newOwner);
}
/**
* @notice Updates the issuance and redemption settings of the pool.
* @dev Throws if the caller is not the owner of the pool. Throws if the pool was not configured.
* @param newMaxDepositAmount The maximum deposit amount of assets (say USDC) investors are allowed to deposit in the pool.
* @param newMaxWithdrawalAmount The maximum withdrawal amount of the pool, expressed in underlying assets (for example: USDC)
* @param newMaxTokenSupply The maximum supply of LP tokens (liquidity pool tokens)
*/
function updateIssuanceLimits(
uint256 newMaxDepositAmount,
uint256 newMaxWithdrawalAmount,
uint256 newMaxTokenSupply
) external nonReentrant ifConfigured onlyOwner {
_updateIssuanceLimits(newMaxDepositAmount, newMaxWithdrawalAmount, newMaxTokenSupply);
}
/**
* @notice Pauses/Resumes deposits and/or withdrawals.
* @dev Throws if the caller is not the owner of the pool.
* @param bPauseDeposits Pass "true" to pause deposits. Pass "false" to resume deposits.
* @param bPauseWithdrawals Pass "true" to pause withdrawals. Pass "false" to resume withdrawals.
*/
function pauseDepositsAndWithdrawals(bool bPauseDeposits, bool bPauseWithdrawals) external nonReentrant ifConfigured onlyOwner {
_setPause(bPauseDeposits, bPauseWithdrawals);
}
/**
* @notice Updates the duration of the timelock.
* @dev Setting the timelock to zero will allow to withdraw funds immediately from the pool.
* @param newDuration The duration of the timelock, expressed in seconds. It can be zero.
*/
function updateTimelockDuration(uint256 newDuration) external nonReentrant ifConfigured onlyOwner {
if (newDuration <= lagDuration) require(globalLiabilityShares == 0, "Process claims first");
lagDuration = newDuration;
}
/**
* @notice Updates the fee for withdrawals.
* @param newWithdrawalFee The new fee, expressed with 2 decimal places.
*/
function updateWithdrawalFee(uint256 newWithdrawalFee) external nonReentrant ifConfigured onlyOwner {
require(newWithdrawalFee < 9900, "Fee too high");
require(withdrawalFee != newWithdrawalFee, "Fee already set");
withdrawalFee = newWithdrawalFee;
}
// ----------------------------------------
// Blacklist
// ----------------------------------------
function addToBlacklist(address addr) external nonReentrant ifConfigured onlyOwner {
require(addr != _owner, "Forbidden");
blacklisted[addr] = true;
}
function removeFromBlacklist(address addr) external nonReentrant ifConfigured onlyOwner {
blacklisted[addr] = false;
}
// ----------------------------------------
// Timelocked ERC-4626 features
// ----------------------------------------
/**
* @notice Requests to redeem a given number of shares from the holder specified.
* @dev The respective amount of assets will be made available in X hours from now, where "X" is the lag defined by the owner of the pool.
* @param shares The number of shares to burn.
* @param receiverAddr The address of the receiver.
* @param holderAddr The address of the tokens holder.
* @return assets The amount of assets that can be claimed for this specific withdrawal request.
* @return claimableEpoch The date at which the assets become claimable. This is expressed as a Unix epoch.
*/
function requestRedeem(
uint256 shares,
address receiverAddr,
address holderAddr
) external nonReentrant ifConfigured ifWithdrawalsNotPaused returns (
uint256 assets,
uint256 claimableEpoch
) {
require(!blacklisted[msg.sender] && !blacklisted[receiverAddr] && !blacklisted[holderAddr], "Address blacklisted");
uint256 year;
uint256 month;
uint256 day;
(claimableEpoch, year, month, day, assets) = _registerRedeemRequest(shares, holderAddr, receiverAddr, msg.sender);
// If the pool is not time-locked then transfer the funds immediately.
if (lagDuration == 0) {
claimableEpoch = block.timestamp;
_claim(year, month, day, receiverAddr);
}
}
/**
* @notice Allows any public address to process the scheduled withdrawal requests of the receiver specified.
* @dev Throws if the receiving address is not the legitimate address you registered via "requestRedeem()"
* @param year The year component of the claim. It can be a past date.
* @param month The month component of the claim. It can be a past date.
* @param day The day component of the claim. It can be a past date.
* @param receiverAddr The address of the legitimate receiver of the funds.
* @return uint256 The effective number of shares (LP tokens) that were burnt from the liquidity pool.
* @return uint256 The effective amount of underlying assets that were transfered to the receiver.
*/
function claim(
uint256 year,
uint256 month,
uint256 day,
address receiverAddr
) external nonReentrant ifConfigured ifWithdrawalsNotPaused returns (uint256, uint256) {
require(!blacklisted[msg.sender] && !blacklisted[receiverAddr], "Address blacklisted");
// This function is provided as a fallback.
// If -for any reason- a third party does not process the scheduled withdrawals then the
// legitimate receiver can claim the respective funds on their own.
// Thus as a legitimate receiver you can always claim your funds, even if the processing party fails to honor their promise.
return _claim(year, month, day, receiverAddr);
}
/**
* @notice Processes all of the withdrawal requests scheduled for the date specified.
* @dev Throws if the date is earlier than the liquidation/processing hour.
* @param year The year component of the claim. It can be a past date.
* @param month The month component of the claim. It can be a past date.
* @param day The day component of the claim. It can be a past date.
* @param maxLimit The number of transactions to process. The maximum is defined by the function "getScheduledTransactionsByDate()"
*/
function processAllClaimsByDate(
uint256 year,
uint256 month,
uint256 day,
uint256 maxLimit
) external nonReentrant ifConfigured ifWithdrawalsNotPaused {
require(maxLimit > 0, "Limit required");
bytes32 dailyCluster = keccak256(abi.encode(year, month, day));
// Make sure we have pending requests to process.
require(_dailyRequirement[dailyCluster].assets > 0, "Nothing to process");
// Make sure withdrawals are processed at the expected epoch only.
require(block.timestamp + _TIMESTAMP_MANIPULATION_WINDOW >= DateUtils.timestampFromDateTime(year, month, day, liquidationHour, 0, 0), "Too early");
// This is the number of unique ERC20 transfers we will need to make in this transaction
uint256 workSize = (_uniqueReceiversPerCluster[dailyCluster].length > maxLimit) ? maxLimit : _uniqueReceiversPerCluster[dailyCluster].length;
uint256 startingPos = _uniqueReceiversPerCluster[dailyCluster].length;
address[] memory receivers = new address[](workSize);
uint256[] memory amounts = new uint256[](workSize);
uint256 totalFees;
uint256 sharesToBurn;
uint256 assetsToSend;
uint256 x = workSize;
address receiverAddr;
for (uint256 i = startingPos; i > (startingPos - workSize); i--) {
receiverAddr = _uniqueReceiversPerCluster[dailyCluster][i - 1];
x--;
receivers[x] = receiverAddr;
amounts[x] = _receiverAmounts[dailyCluster][receiverAddr];
assetsToSend += amounts[x];
sharesToBurn += _burnableAmounts[dailyCluster][receiverAddr];
totalFees += _feeAmountsByReceiver[dailyCluster][receiverAddr];
_receiverAmounts[dailyCluster][receiverAddr] = 0;
_burnableAmounts[dailyCluster][receiverAddr] = 0;
_feeAmountsByReceiver[dailyCluster][receiverAddr] = 0;
_uniqueReceiversPerCluster[dailyCluster].pop();
_receiverIndexes[dailyCluster][receiverAddr] = 0;
}
globalLiabilityShares -= sharesToBurn;
totalCollectableFees += totalFees;
_dailyRequirement[dailyCluster].assets -= assetsToSend;
_dailyRequirement[dailyCluster].shares -= sharesToBurn;
// Make sure the pool has enough balance to cover withdrawals.
uint256 balanceBefore = IERC20(_underlyingAsset).balanceOf(address(this));
require(balanceBefore >= assetsToSend, "Insufficient balance");
_burnErc20(address(this), sharesToBurn);
address recipientAddr;
// Untrusted external calls
for (uint256 i; i < receivers.length; i++) {
recipientAddr = (blacklisted[receivers[i]]) ? SETTLEMENT_ACCOUNT : receivers[i];
SafeERC20.safeTransfer(_underlyingAsset, recipientAddr, amounts[i]);
}
// Balance check, provided the external asset is untrusted
require(IERC20(_underlyingAsset).balanceOf(address(this)) == balanceBefore - assetsToSend, "Balance check failed");
}
}File 3 of 4: TransparentUpgradeableProxy
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (proxy/transparent/TransparentUpgradeableProxy.sol)
pragma solidity ^0.8.0;
import "../ERC1967/ERC1967Proxy.sol";
/**
* @dev Interface for {TransparentUpgradeableProxy}. In order to implement transparency, {TransparentUpgradeableProxy}
* does not implement this interface directly, and some of its functions are implemented by an internal dispatch
* mechanism. The compiler is unaware that these functions are implemented by {TransparentUpgradeableProxy} and will not
* include them in the ABI so this interface must be used to interact with it.
*/
interface ITransparentUpgradeableProxy is IERC1967 {
function admin() external view returns (address);
function implementation() external view returns (address);
function changeAdmin(address) external;
function upgradeTo(address) external;
function upgradeToAndCall(address, bytes memory) external payable;
}
/**
* @dev This contract implements a proxy that is upgradeable by an admin.
*
* To avoid https://medium.com/nomic-labs-blog/malicious-backdoors-in-ethereum-proxies-62629adf3357[proxy selector
* clashing], which can potentially be used in an attack, this contract uses the
* https://blog.openzeppelin.com/the-transparent-proxy-pattern/[transparent proxy pattern]. This pattern implies two
* things that go hand in hand:
*
* 1. If any account other than the admin calls the proxy, the call will be forwarded to the implementation, even if
* that call matches one of the admin functions exposed by the proxy itself.
* 2. If the admin calls the proxy, it can access the admin functions, but its calls will never be forwarded to the
* implementation. If the admin tries to call a function on the implementation it will fail with an error that says
* "admin cannot fallback to proxy target".
*
* These properties mean that the admin account can only be used for admin actions like upgrading the proxy or changing
* the admin, so it's best if it's a dedicated account that is not used for anything else. This will avoid headaches due
* to sudden errors when trying to call a function from the proxy implementation.
*
* Our recommendation is for the dedicated account to be an instance of the {ProxyAdmin} contract. If set up this way,
* you should think of the `ProxyAdmin` instance as the real administrative interface of your proxy.
*
* NOTE: The real interface of this proxy is that defined in `ITransparentUpgradeableProxy`. This contract does not
* inherit from that interface, and instead the admin functions are implicitly implemented using a custom dispatch
* mechanism in `_fallback`. Consequently, the compiler will not produce an ABI for this contract. This is necessary to
* fully implement transparency without decoding reverts caused by selector clashes between the proxy and the
* implementation.
*
* WARNING: It is not recommended to extend this contract to add additional external functions. If you do so, the compiler
* will not check that there are no selector conflicts, due to the note above. A selector clash between any new function
* and the functions declared in {ITransparentUpgradeableProxy} will be resolved in favor of the new one. This could
* render the admin operations inaccessible, which could prevent upgradeability. Transparency may also be compromised.
*/
contract TransparentUpgradeableProxy is ERC1967Proxy {
/**
* @dev Initializes an upgradeable proxy managed by `_admin`, backed by the implementation at `_logic`, and
* optionally initialized with `_data` as explained in {ERC1967Proxy-constructor}.
*/
constructor(address _logic, address admin_, bytes memory _data) payable ERC1967Proxy(_logic, _data) {
_changeAdmin(admin_);
}
/**
* @dev Modifier used internally that will delegate the call to the implementation unless the sender is the admin.
*
* CAUTION: This modifier is deprecated, as it could cause issues if the modified function has arguments, and the
* implementation provides a function with the same selector.
*/
modifier ifAdmin() {
if (msg.sender == _getAdmin()) {
_;
} else {
_fallback();
}
}
/**
* @dev If caller is the admin process the call internally, otherwise transparently fallback to the proxy behavior
*/
function _fallback() internal virtual override {
if (msg.sender == _getAdmin()) {
bytes memory ret;
bytes4 selector = msg.sig;
if (selector == ITransparentUpgradeableProxy.upgradeTo.selector) {
ret = _dispatchUpgradeTo();
} else if (selector == ITransparentUpgradeableProxy.upgradeToAndCall.selector) {
ret = _dispatchUpgradeToAndCall();
} else if (selector == ITransparentUpgradeableProxy.changeAdmin.selector) {
ret = _dispatchChangeAdmin();
} else if (selector == ITransparentUpgradeableProxy.admin.selector) {
ret = _dispatchAdmin();
} else if (selector == ITransparentUpgradeableProxy.implementation.selector) {
ret = _dispatchImplementation();
} else {
revert("TransparentUpgradeableProxy: admin cannot fallback to proxy target");
}
assembly {
return(add(ret, 0x20), mload(ret))
}
} else {
super._fallback();
}
}
/**
* @dev Returns the current admin.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`
*/
function _dispatchAdmin() private returns (bytes memory) {
_requireZeroValue();
address admin = _getAdmin();
return abi.encode(admin);
}
/**
* @dev Returns the current implementation.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc`
*/
function _dispatchImplementation() private returns (bytes memory) {
_requireZeroValue();
address implementation = _implementation();
return abi.encode(implementation);
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*/
function _dispatchChangeAdmin() private returns (bytes memory) {
_requireZeroValue();
address newAdmin = abi.decode(msg.data[4:], (address));
_changeAdmin(newAdmin);
return "";
}
/**
* @dev Upgrade the implementation of the proxy.
*/
function _dispatchUpgradeTo() private returns (bytes memory) {
_requireZeroValue();
address newImplementation = abi.decode(msg.data[4:], (address));
_upgradeToAndCall(newImplementation, bytes(""), false);
return "";
}
/**
* @dev Upgrade the implementation of the proxy, and then call a function from the new implementation as specified
* by `data`, which should be an encoded function call. This is useful to initialize new storage variables in the
* proxied contract.
*/
function _dispatchUpgradeToAndCall() private returns (bytes memory) {
(address newImplementation, bytes memory data) = abi.decode(msg.data[4:], (address, bytes));
_upgradeToAndCall(newImplementation, data, true);
return "";
}
/**
* @dev Returns the current admin.
*
* CAUTION: This function is deprecated. Use {ERC1967Upgrade-_getAdmin} instead.
*/
function _admin() internal view virtual returns (address) {
return _getAdmin();
}
/**
* @dev To keep this contract fully transparent, all `ifAdmin` functions must be payable. This helper is here to
* emulate some proxy functions being non-payable while still allowing value to pass through.
*/
function _requireZeroValue() private {
require(msg.value == 0);
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (proxy/ERC1967/ERC1967Proxy.sol)
pragma solidity ^0.8.0;
import "../Proxy.sol";
import "./ERC1967Upgrade.sol";
/**
* @dev This contract implements an upgradeable proxy. It is upgradeable because calls are delegated to an
* implementation address that can be changed. This address is stored in storage in the location specified by
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967], so that it doesn't conflict with the storage layout of the
* implementation behind the proxy.
*/
contract ERC1967Proxy is Proxy, ERC1967Upgrade {
/**
* @dev Initializes the upgradeable proxy with an initial implementation specified by `_logic`.
*
* If `_data` is nonempty, it's used as data in a delegate call to `_logic`. This will typically be an encoded
* function call, and allows initializing the storage of the proxy like a Solidity constructor.
*/
constructor(address _logic, bytes memory _data) payable {
_upgradeToAndCall(_logic, _data, false);
}
/**
* @dev Returns the current implementation address.
*/
function _implementation() internal view virtual override returns (address impl) {
return ERC1967Upgrade._getImplementation();
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (proxy/Proxy.sol)
pragma solidity ^0.8.0;
/**
* @dev This abstract contract provides a fallback function that delegates all calls to another contract using the EVM
* instruction `delegatecall`. We refer to the second contract as the _implementation_ behind the proxy, and it has to
* be specified by overriding the virtual {_implementation} function.
*
* Additionally, delegation to the implementation can be triggered manually through the {_fallback} function, or to a
* different contract through the {_delegate} function.
*
* The success and return data of the delegated call will be returned back to the caller of the proxy.
*/
abstract contract Proxy {
/**
* @dev Delegates the current call to `implementation`.
*
* This function does not return to its internal call site, it will return directly to the external caller.
*/
function _delegate(address implementation) internal virtual {
assembly {
// Copy msg.data. We take full control of memory in this inline assembly
// block because it will not return to Solidity code. We overwrite the
// Solidity scratch pad at memory position 0.
calldatacopy(0, 0, calldatasize())
// Call the implementation.
// out and outsize are 0 because we don't know the size yet.
let result := delegatecall(gas(), implementation, 0, calldatasize(), 0, 0)
// Copy the returned data.
returndatacopy(0, 0, returndatasize())
switch result
// delegatecall returns 0 on error.
case 0 {
revert(0, returndatasize())
}
default {
return(0, returndatasize())
}
}
}
/**
* @dev This is a virtual function that should be overridden so it returns the address to which the fallback function
* and {_fallback} should delegate.
*/
function _implementation() internal view virtual returns (address);
/**
* @dev Delegates the current call to the address returned by `_implementation()`.
*
* This function does not return to its internal call site, it will return directly to the external caller.
*/
function _fallback() internal virtual {
_beforeFallback();
_delegate(_implementation());
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if no other
* function in the contract matches the call data.
*/
fallback() external payable virtual {
_fallback();
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if call data
* is empty.
*/
receive() external payable virtual {
_fallback();
}
/**
* @dev Hook that is called before falling back to the implementation. Can happen as part of a manual `_fallback`
* call, or as part of the Solidity `fallback` or `receive` functions.
*
* If overridden should call `super._beforeFallback()`.
*/
function _beforeFallback() internal virtual {}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (proxy/ERC1967/ERC1967Upgrade.sol)
pragma solidity ^0.8.2;
import "../beacon/IBeacon.sol";
import "../../interfaces/IERC1967.sol";
import "../../interfaces/draft-IERC1822.sol";
import "../../utils/Address.sol";
import "../../utils/StorageSlot.sol";
/**
* @dev This abstract contract provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots.
*
* _Available since v4.1._
*/
abstract contract ERC1967Upgrade is IERC1967 {
// This is the keccak-256 hash of "eip1967.proxy.rollback" subtracted by 1
bytes32 private constant _ROLLBACK_SLOT = 0x4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd9143;
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Returns the current implementation address.
*/
function _getImplementation() internal view returns (address) {
return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/
function _setImplementation(address newImplementation) private {
require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
}
/**
* @dev Perform implementation upgrade
*
* Emits an {Upgraded} event.
*/
function _upgradeTo(address newImplementation) internal {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Perform implementation upgrade with additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCall(address newImplementation, bytes memory data, bool forceCall) internal {
_upgradeTo(newImplementation);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(newImplementation, data);
}
}
/**
* @dev Perform implementation upgrade with security checks for UUPS proxies, and additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCallUUPS(address newImplementation, bytes memory data, bool forceCall) internal {
// Upgrades from old implementations will perform a rollback test. This test requires the new
// implementation to upgrade back to the old, non-ERC1822 compliant, implementation. Removing
// this special case will break upgrade paths from old UUPS implementation to new ones.
if (StorageSlot.getBooleanSlot(_ROLLBACK_SLOT).value) {
_setImplementation(newImplementation);
} else {
try IERC1822Proxiable(newImplementation).proxiableUUID() returns (bytes32 slot) {
require(slot == _IMPLEMENTATION_SLOT, "ERC1967Upgrade: unsupported proxiableUUID");
} catch {
revert("ERC1967Upgrade: new implementation is not UUPS");
}
_upgradeToAndCall(newImplementation, data, forceCall);
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Returns the current admin.
*/
function _getAdmin() internal view returns (address) {
return StorageSlot.getAddressSlot(_ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 admin slot.
*/
function _setAdmin(address newAdmin) private {
require(newAdmin != address(0), "ERC1967: new admin is the zero address");
StorageSlot.getAddressSlot(_ADMIN_SLOT).value = newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*/
function _changeAdmin(address newAdmin) internal {
emit AdminChanged(_getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is bytes32(uint256(keccak256('eip1967.proxy.beacon')) - 1)) and is validated in the constructor.
*/
bytes32 internal constant _BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Returns the current beacon.
*/
function _getBeacon() internal view returns (address) {
return StorageSlot.getAddressSlot(_BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the EIP1967 beacon slot.
*/
function _setBeacon(address newBeacon) private {
require(Address.isContract(newBeacon), "ERC1967: new beacon is not a contract");
require(
Address.isContract(IBeacon(newBeacon).implementation()),
"ERC1967: beacon implementation is not a contract"
);
StorageSlot.getAddressSlot(_BEACON_SLOT).value = newBeacon;
}
/**
* @dev Perform beacon upgrade with additional setup call. Note: This upgrades the address of the beacon, it does
* not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that).
*
* Emits a {BeaconUpgraded} event.
*/
function _upgradeBeaconToAndCall(address newBeacon, bytes memory data, bool forceCall) internal {
_setBeacon(newBeacon);
emit BeaconUpgraded(newBeacon);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(IBeacon(newBeacon).implementation(), data);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/beacon/IBeacon.sol)
pragma solidity ^0.8.0;
/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/
interface IBeacon {
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {BeaconProxy} will check that this address is a contract.
*/
function implementation() external view returns (address);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (interfaces/IERC1967.sol)
pragma solidity ^0.8.0;
/**
* @dev ERC-1967: Proxy Storage Slots. This interface contains the events defined in the ERC.
*
* _Available since v4.8.3._
*/
interface IERC1967 {
/**
* @dev Emitted when the implementation is upgraded.
*/
event Upgraded(address indexed implementation);
/**
* @dev Emitted when the admin account has changed.
*/
event AdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Emitted when the beacon is changed.
*/
event BeaconUpgraded(address indexed beacon);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (interfaces/draft-IERC1822.sol)
pragma solidity ^0.8.0;
/**
* @dev ERC1822: Universal Upgradeable Proxy Standard (UUPS) documents a method for upgradeability through a simplified
* proxy whose upgrades are fully controlled by the current implementation.
*/
interface IERC1822Proxiable {
/**
* @dev Returns the storage slot that the proxiable contract assumes is being used to store the implementation
* address.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy.
*/
function proxiableUUID() external view returns (bytes32);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/StorageSlot.sol)
// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.
pragma solidity ^0.8.0;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```solidity
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, `uint256`._
* _Available since v4.9 for `string`, `bytes`._
*/
library StorageSlot {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
struct StringSlot {
string value;
}
struct BytesSlot {
bytes value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` with member `value` located at `slot`.
*/
function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` representation of the string storage pointer `store`.
*/
function getStringSlot(string storage store) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
/**
* @dev Returns an `BytesSlot` with member `value` located at `slot`.
*/
function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.
*/
function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
}
File 4 of 4: RSETH
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.2;
import "../../utils/AddressUpgradeable.sol";
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Indicates that the contract has been initialized.
* @custom:oz-retyped-from bool
*/
uint8 private _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool private _initializing;
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint8 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that functions marked with `initializer` can be nested in the context of a
* constructor.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
bool isTopLevelCall = !_initializing;
require(
(isTopLevelCall && _initialized < 1) || (!AddressUpgradeable.isContract(address(this)) && _initialized == 1),
"Initializable: contract is already initialized"
);
_initialized = 1;
if (isTopLevelCall) {
_initializing = true;
}
_;
if (isTopLevelCall) {
_initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: setting the version to 255 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint8 version) {
require(!_initializing && _initialized < version, "Initializable: contract is already initialized");
_initialized = version;
_initializing = true;
_;
_initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
require(_initializing, "Initializable: contract is not initializing");
_;
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
require(!_initializing, "Initializable: contract is initializing");
if (_initialized != type(uint8).max) {
_initialized = type(uint8).max;
emit Initialized(type(uint8).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint8) {
return _initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _initializing;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (security/Pausable.sol)
pragma solidity ^0.8.0;
import "../utils/ContextUpgradeable.sol";
import "../proxy/utils/Initializable.sol";
/**
* @dev Contract module which allows children to implement an emergency stop
* mechanism that can be triggered by an authorized account.
*
* This module is used through inheritance. It will make available the
* modifiers `whenNotPaused` and `whenPaused`, which can be applied to
* the functions of your contract. Note that they will not be pausable by
* simply including this module, only once the modifiers are put in place.
*/
abstract contract PausableUpgradeable is Initializable, ContextUpgradeable {
/**
* @dev Emitted when the pause is triggered by `account`.
*/
event Paused(address account);
/**
* @dev Emitted when the pause is lifted by `account`.
*/
event Unpaused(address account);
bool private _paused;
/**
* @dev Initializes the contract in unpaused state.
*/
function __Pausable_init() internal onlyInitializing {
__Pausable_init_unchained();
}
function __Pausable_init_unchained() internal onlyInitializing {
_paused = false;
}
/**
* @dev Modifier to make a function callable only when the contract is not paused.
*
* Requirements:
*
* - The contract must not be paused.
*/
modifier whenNotPaused() {
_requireNotPaused();
_;
}
/**
* @dev Modifier to make a function callable only when the contract is paused.
*
* Requirements:
*
* - The contract must be paused.
*/
modifier whenPaused() {
_requirePaused();
_;
}
/**
* @dev Returns true if the contract is paused, and false otherwise.
*/
function paused() public view virtual returns (bool) {
return _paused;
}
/**
* @dev Throws if the contract is paused.
*/
function _requireNotPaused() internal view virtual {
require(!paused(), "Pausable: paused");
}
/**
* @dev Throws if the contract is not paused.
*/
function _requirePaused() internal view virtual {
require(paused(), "Pausable: not paused");
}
/**
* @dev Triggers stopped state.
*
* Requirements:
*
* - The contract must not be paused.
*/
function _pause() internal virtual whenNotPaused {
_paused = true;
emit Paused(_msgSender());
}
/**
* @dev Returns to normal state.
*
* Requirements:
*
* - The contract must be paused.
*/
function _unpause() internal virtual whenPaused {
_paused = false;
emit Unpaused(_msgSender());
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[49] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.0;
import "./IERC20Upgradeable.sol";
import "./extensions/IERC20MetadataUpgradeable.sol";
import "../../utils/ContextUpgradeable.sol";
import "../../proxy/utils/Initializable.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* The default value of {decimals} is 18. To change this, you should override
* this function so it returns a different value.
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20Upgradeable is Initializable, ContextUpgradeable, IERC20Upgradeable, IERC20MetadataUpgradeable {
mapping(address => uint256) private _balances;
mapping(address => mapping(address => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
function __ERC20_init(string memory name_, string memory symbol_) internal onlyInitializing {
__ERC20_init_unchained(name_, symbol_);
}
function __ERC20_init_unchained(string memory name_, string memory symbol_) internal onlyInitializing {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual override returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual override returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the default value returned by this function, unless
* it's overridden.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual override returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address to, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_transfer(owner, to, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual override returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_approve(owner, spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
* - the caller must have allowance for ``from``'s tokens of at least
* `amount`.
*/
function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, amount);
_transfer(from, to, amount);
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, allowance(owner, spender) + addedValue);
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
address owner = _msgSender();
uint256 currentAllowance = allowance(owner, spender);
require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
unchecked {
_approve(owner, spender, currentAllowance - subtractedValue);
}
return true;
}
/**
* @dev Moves `amount` of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
*/
function _transfer(address from, address to, uint256 amount) internal virtual {
require(from != address(0), "ERC20: transfer from the zero address");
require(to != address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(from, to, amount);
uint256 fromBalance = _balances[from];
require(fromBalance >= amount, "ERC20: transfer amount exceeds balance");
unchecked {
_balances[from] = fromBalance - amount;
// Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by
// decrementing then incrementing.
_balances[to] += amount;
}
emit Transfer(from, to, amount);
_afterTokenTransfer(from, to, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply += amount;
unchecked {
// Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
_balances[account] += amount;
}
emit Transfer(address(0), account, amount);
_afterTokenTransfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
uint256 accountBalance = _balances[account];
require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
unchecked {
_balances[account] = accountBalance - amount;
// Overflow not possible: amount <= accountBalance <= totalSupply.
_totalSupply -= amount;
}
emit Transfer(account, address(0), amount);
_afterTokenTransfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(address owner, address spender, uint256 amount) internal virtual {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `amount`.
*
* Does not update the allowance amount in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Might emit an {Approval} event.
*/
function _spendAllowance(address owner, address spender, uint256 amount) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
require(currentAllowance >= amount, "ERC20: insufficient allowance");
unchecked {
_approve(owner, spender, currentAllowance - amount);
}
}
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(address from, address to, uint256 amount) internal virtual {}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* has been transferred to `to`.
* - when `from` is zero, `amount` tokens have been minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens have been burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _afterTokenTransfer(address from, address to, uint256 amount) internal virtual {}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[45] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.0;
import "../IERC20Upgradeable.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*
* _Available since v4.1._
*/
interface IERC20MetadataUpgradeable is IERC20Upgradeable {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20Upgradeable {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 amount) external returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library AddressUpgradeable {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
import "../proxy/utils/Initializable.sol";
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract ContextUpgradeable is Initializable {
function __Context_init() internal onlyInitializing {
}
function __Context_init_unchained() internal onlyInitializing {
}
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (access/IAccessControl.sol)
pragma solidity ^0.8.0;
/**
* @dev External interface of AccessControl declared to support ERC165 detection.
*/
interface IAccessControl {
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted signaling this.
*
* _Available since v3.1._
*/
event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call, an admin role
* bearer except when using {AccessControl-_setupRole}.
*/
event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/
event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) external view returns (bool);
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {AccessControl-_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) external view returns (bytes32);
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function grantRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function revokeRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `account`.
*/
function renounceRole(bytes32 role, address account) external;
}
// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.21;
interface ILRTConfig {
// Errors
error ValueAlreadyInUse();
error AssetAlreadySupported();
error AssetNotSupported();
error CallerNotLRTConfigAdmin();
error CallerNotLRTConfigManager();
error CallerNotLRTConfigOperator();
error CallerNotLRTConfigAllowedRole(string role);
error CannotUpdateStrategyAsItHasFundsNDCFunds(address ndc, uint256 amount);
error InvalidMaxRewardAmount();
// Events
event SetToken(bytes32 key, address indexed tokenAddr);
event SetContract(bytes32 key, address indexed contractAddr);
event AddedNewSupportedAsset(address indexed asset, uint256 depositLimit);
event RemovedSupportedAsset(address indexed asset);
event AssetDepositLimitUpdate(address indexed asset, uint256 depositLimit);
event AssetStrategyUpdate(address indexed asset, address indexed strategy);
event SetRSETH(address indexed rsETH);
event UpdateMaxRewardAmount(uint256 maxRewardAmount);
// methods
function rsETH() external view returns (address);
function assetStrategy(address asset) external view returns (address);
function isSupportedAsset(address asset) external view returns (bool);
function getLSTToken(bytes32 tokenId) external view returns (address);
function getContract(bytes32 contractId) external view returns (address);
function getSupportedAssetList() external view returns (address[] memory);
function depositLimitByAsset(address asset) external view returns (uint256);
}
// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.21;
import { UtilLib } from "./utils/UtilLib.sol";
import { LRTConfigRoleChecker, ILRTConfig, LRTConstants } from "./utils/LRTConfigRoleChecker.sol";
import { ERC20Upgradeable, Initializable } from "@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol";
import { PausableUpgradeable } from "@openzeppelin/contracts-upgradeable/security/PausableUpgradeable.sol";
/// @title rsETH token Contract
/// @author Stader Labs
/// @notice The ERC20 contract for the rsETH token
contract RSETH is Initializable, LRTConfigRoleChecker, ERC20Upgradeable, PausableUpgradeable {
/// @custom:oz-upgrades-unsafe-allow constructor
constructor() {
_disableInitializers();
}
/// @dev Initializes the contract
/// @param admin Admin address
/// @param lrtConfigAddr LRT config address
function initialize(address admin, address lrtConfigAddr) external initializer {
UtilLib.checkNonZeroAddress(admin);
UtilLib.checkNonZeroAddress(lrtConfigAddr);
__ERC20_init("rsETH", "rsETH");
__Pausable_init();
lrtConfig = ILRTConfig(lrtConfigAddr);
emit UpdatedLRTConfig(lrtConfigAddr);
}
/// @notice Mints rsETH when called by an authorized caller
/// @param to the account to mint to
/// @param amount the amount of rsETH to mint
function mint(address to, uint256 amount) external onlyRole(LRTConstants.MINTER_ROLE) whenNotPaused {
_mint(to, amount);
}
/// @notice Burns rsETH when called by an authorized caller
/// @param account the account to burn from
/// @param amount the amount of rsETH to burn
function burnFrom(address account, uint256 amount) external onlyRole(LRTConstants.BURNER_ROLE) whenNotPaused {
_burn(account, amount);
}
/// @dev Triggers stopped state.
/// @dev Only callable by LRT config manager. Contract must NOT be paused.
function pause() external onlyLRTManager {
_pause();
}
/// @notice Returns to normal state.
/// @dev Only callable by the rsETH admin. Contract must be paused
function unpause() external onlyLRTAdmin {
_unpause();
}
}
// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.21;
import { UtilLib } from "./UtilLib.sol";
import { LRTConstants } from "./LRTConstants.sol";
import { ILRTConfig } from "../interfaces/ILRTConfig.sol";
import { IAccessControl } from "@openzeppelin/contracts/access/IAccessControl.sol";
/// @title LRTConfigRoleChecker - LRT Config Role Checker Contract
/// @notice Handles LRT config role checks
abstract contract LRTConfigRoleChecker {
ILRTConfig public lrtConfig;
// events
event UpdatedLRTConfig(address indexed lrtConfig);
// modifiers
modifier onlyRole(bytes32 role) {
if (!IAccessControl(address(lrtConfig)).hasRole(role, msg.sender)) {
string memory roleStr = string(abi.encodePacked(role));
revert ILRTConfig.CallerNotLRTConfigAllowedRole(roleStr);
}
_;
}
modifier onlyLRTManager() {
if (!IAccessControl(address(lrtConfig)).hasRole(LRTConstants.MANAGER, msg.sender)) {
revert ILRTConfig.CallerNotLRTConfigManager();
}
_;
}
modifier onlyLRTOperator() {
if (!IAccessControl(address(lrtConfig)).hasRole(LRTConstants.OPERATOR_ROLE, msg.sender)) {
revert ILRTConfig.CallerNotLRTConfigOperator();
}
_;
}
modifier onlyLRTAdmin() {
if (!IAccessControl(address(lrtConfig)).hasRole(LRTConstants.DEFAULT_ADMIN_ROLE, msg.sender)) {
revert ILRTConfig.CallerNotLRTConfigAdmin();
}
_;
}
modifier onlySupportedAsset(address asset) {
if (!lrtConfig.isSupportedAsset(asset)) {
revert ILRTConfig.AssetNotSupported();
}
_;
}
// setters
/// @notice Updates the LRT config contract
/// @dev only callable by LRT admin
/// @param lrtConfigAddr the new LRT config contract Address
function updateLRTConfig(address lrtConfigAddr) external virtual onlyLRTAdmin {
if (address(lrtConfig) != address(0)) revert ILRTConfig.ValueAlreadyInUse();
UtilLib.checkNonZeroAddress(lrtConfigAddr);
lrtConfig = ILRTConfig(lrtConfigAddr);
emit UpdatedLRTConfig(lrtConfigAddr);
}
}
// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.21;
library LRTConstants {
//tokens
//rETH token
bytes32 public constant R_ETH_TOKEN = keccak256("R_ETH_TOKEN");
//stETH token
bytes32 public constant ST_ETH_TOKEN = keccak256("ST_ETH_TOKEN");
//cbETH token
bytes32 public constant CB_ETH_TOKEN = keccak256("CB_ETH_TOKEN");
//ETHX token
bytes32 public constant ETHX_TOKEN = keccak256("ETHX_TOKEN");
//contracts
bytes32 public constant LRT_ORACLE = keccak256("LRT_ORACLE");
bytes32 public constant LRT_DEPOSIT_POOL = keccak256("LRT_DEPOSIT_POOL");
bytes32 public constant EIGEN_STRATEGY_MANAGER = keccak256("EIGEN_STRATEGY_MANAGER");
//Roles
bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;
bytes32 public constant MANAGER = keccak256("MANAGER");
bytes32 public constant MINTER_ROLE = keccak256("MINTER_ROLE");
bytes32 public constant BURNER_ROLE = keccak256("BURNER_ROLE");
// updated library variables
bytes32 public constant SFRXETH_TOKEN = keccak256("SFRXETH_TOKEN");
// add new vars below
bytes32 public constant EIGEN_POD_MANAGER = keccak256("EIGEN_POD_MANAGER");
// native ETH as ERC20 for ease of implementation
address public constant ETH_TOKEN = 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;
// Operator Role
bytes32 public constant OPERATOR_ROLE = keccak256("OPERATOR_ROLE");
}
// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.21;
/// @title UtilLib - Utility library
/// @notice Utility functions
library UtilLib {
error ZeroAddressNotAllowed();
/// @dev zero address check modifier
/// @param address_ address to check
function checkNonZeroAddress(address address_) internal pure {
if (address_ == address(0)) revert ZeroAddressNotAllowed();
}
}