Address Contract Partially Verified
Address
0x075193D36693DA7BA3Bb709cF63bEf070BA04D94
Balance
0.000326668 ETH ($0.68)
Nonce
1
Code Size
965 bytes
Creator
0xa39E03C2...073C at tx 0x5fee6c0b...709326
Proxy
EIP-1967 Proxy Implementation: 0xd75CEF99...751E
Indexed Transactions
0
Contract Bytecode
965 bytes
0x60806040526004361061001d575f3560e01c8063ead30dd414610027575b61002561003a565b005b6100256100353660046102be565b61004c565b61004a610045610089565b6100c0565b565b5f610055610089565b6001600160a01b03161461007b5760405162dc149f60e41b815260040160405180910390fd5b61008582826100de565b5050565b5f6100bb7f360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc546001600160a01b031690565b905090565b365f5f375f5f365f845af43d5f5f3e8080156100da573d5ff35b3d5ffd5b6100e782610138565b6040516001600160a01b038316907fbc7cd75a20ee27fd9adebab32041f755214dbc6bffa90cc0225b39da2e5c2d3b905f90a28051156101305761012b82826101b3565b505050565b610085610254565b806001600160a01b03163b5f0361017257604051634c9c8ce360e01b81526001600160a01b03821660048201526024015b60405180910390fd5b7f360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc80546001600160a01b0319166001600160a01b0392909216919091179055565b60605f6101c08484610273565b90508080156101e157505f3d11806101e157505f846001600160a01b03163b115b156101f6576101ee610286565b91505061024e565b801561022057604051639996b31560e01b81526001600160a01b0385166004820152602401610169565b3d156102335761022e61029f565b61024c565b60405163d6bda27560e01b815260040160405180910390fd5b505b92915050565b341561004a5760405163b398979f60e01b815260040160405180910390fd5b5f5f5f835160208501865af49392505050565b6040513d81523d5f602083013e3d602001810160405290565b6040513d5f823e3d81fd5b634e487b7160e01b5f52604160045260245ffd5b5f5f604083850312156102cf575f5ffd5b82356001600160a01b03811681146102e5575f5ffd5b9150602083013567ffffffffffffffff811115610300575f5ffd5b8301601f81018513610310575f5ffd5b803567ffffffffffffffff81111561032a5761032a6102aa565b604051601f8201601f19908116603f0116810167ffffffffffffffff81118282101715610359576103596102aa565b604052818152828201602001871015610370575f5ffd5b816020840160208301375f60208383010152809350505050925092905056fea26469706673582212206f85aeb6447c1f52f995e0b44afa8d6b4776aa50746e8ead050d5464991fca5964736f6c634300081e0033
Verified Source Code Partial Match
Compiler: v0.8.30+commit.73712a01
EVM: cancun
Optimization: Yes (200 runs)
ILayerZeroComposer.sol 25 lines
// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
/**
* @title ILayerZeroComposer
*/
interface ILayerZeroComposer {
/**
* @notice Composes a LayerZero message from an OApp.
* @dev To ensure non-reentrancy, implementers of this interface MUST assert msg.sender is the corresponding EndpointV2 contract (i.e., onlyEndpointV2).
* @param _from The address initiating the composition, typically the OApp where the lzReceive was called.
* @param _guid The unique identifier for the corresponding LayerZero src/dst tx.
* @param _message The composed message payload in bytes. NOT necessarily the same payload passed via lzReceive.
* @param _executor The address of the executor for the composed message.
* @param _extraData Additional arbitrary data in bytes passed by the entity who executes the lzCompose.
*/
function lzCompose(
address _from,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) external payable;
}
ILayerZeroEndpointV2.sol 89 lines
// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
import { IMessageLibManager } from "./IMessageLibManager.sol";
import { IMessagingComposer } from "./IMessagingComposer.sol";
import { IMessagingChannel } from "./IMessagingChannel.sol";
import { IMessagingContext } from "./IMessagingContext.sol";
struct MessagingParams {
uint32 dstEid;
bytes32 receiver;
bytes message;
bytes options;
bool payInLzToken;
}
struct MessagingReceipt {
bytes32 guid;
uint64 nonce;
MessagingFee fee;
}
struct MessagingFee {
uint256 nativeFee;
uint256 lzTokenFee;
}
struct Origin {
uint32 srcEid;
bytes32 sender;
uint64 nonce;
}
interface ILayerZeroEndpointV2 is IMessageLibManager, IMessagingComposer, IMessagingChannel, IMessagingContext {
event PacketSent(bytes encodedPayload, bytes options, address sendLibrary);
event PacketVerified(Origin origin, address receiver, bytes32 payloadHash);
event PacketDelivered(Origin origin, address receiver);
event LzReceiveAlert(
address indexed receiver,
address indexed executor,
Origin origin,
bytes32 guid,
uint256 gas,
uint256 value,
bytes message,
bytes extraData,
bytes reason
);
event LzTokenSet(address token);
event DelegateSet(address sender, address delegate);
function quote(MessagingParams calldata _params, address _sender) external view returns (MessagingFee memory);
function send(
MessagingParams calldata _params,
address _refundAddress
) external payable returns (MessagingReceipt memory);
function verify(Origin calldata _origin, address _receiver, bytes32 _payloadHash) external;
function verifiable(Origin calldata _origin, address _receiver) external view returns (bool);
function initializable(Origin calldata _origin, address _receiver) external view returns (bool);
function lzReceive(
Origin calldata _origin,
address _receiver,
bytes32 _guid,
bytes calldata _message,
bytes calldata _extraData
) external payable;
// oapp can burn messages partially by calling this function with its own business logic if messages are verified in order
function clear(address _oapp, Origin calldata _origin, bytes32 _guid, bytes calldata _message) external;
function setLzToken(address _lzToken) external;
function lzToken() external view returns (address);
function nativeToken() external view returns (address);
function setDelegate(address _delegate) external;
}
ILayerZeroReceiver.sol 19 lines
// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
import { Origin } from "./ILayerZeroEndpointV2.sol";
interface ILayerZeroReceiver {
function allowInitializePath(Origin calldata _origin) external view returns (bool);
function nextNonce(uint32 _eid, bytes32 _sender) external view returns (uint64);
function lzReceive(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) external payable;
}
IMessageLib.sol 26 lines
// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
import { IERC165 } from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
import { SetConfigParam } from "./IMessageLibManager.sol";
enum MessageLibType {
Send,
Receive,
SendAndReceive
}
interface IMessageLib is IERC165 {
function setConfig(address _oapp, SetConfigParam[] calldata _config) external;
function getConfig(uint32 _eid, address _oapp, uint32 _configType) external view returns (bytes memory config);
function isSupportedEid(uint32 _eid) external view returns (bool);
// message libs of same major version are compatible
function version() external view returns (uint64 major, uint8 minor, uint8 endpointVersion);
function messageLibType() external view returns (MessageLibType);
}
IMessageLibManager.sol 70 lines
// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
struct SetConfigParam {
uint32 eid;
uint32 configType;
bytes config;
}
interface IMessageLibManager {
struct Timeout {
address lib;
uint256 expiry;
}
event LibraryRegistered(address newLib);
event DefaultSendLibrarySet(uint32 eid, address newLib);
event DefaultReceiveLibrarySet(uint32 eid, address newLib);
event DefaultReceiveLibraryTimeoutSet(uint32 eid, address oldLib, uint256 expiry);
event SendLibrarySet(address sender, uint32 eid, address newLib);
event ReceiveLibrarySet(address receiver, uint32 eid, address newLib);
event ReceiveLibraryTimeoutSet(address receiver, uint32 eid, address oldLib, uint256 timeout);
function registerLibrary(address _lib) external;
function isRegisteredLibrary(address _lib) external view returns (bool);
function getRegisteredLibraries() external view returns (address[] memory);
function setDefaultSendLibrary(uint32 _eid, address _newLib) external;
function defaultSendLibrary(uint32 _eid) external view returns (address);
function setDefaultReceiveLibrary(uint32 _eid, address _newLib, uint256 _gracePeriod) external;
function defaultReceiveLibrary(uint32 _eid) external view returns (address);
function setDefaultReceiveLibraryTimeout(uint32 _eid, address _lib, uint256 _expiry) external;
function defaultReceiveLibraryTimeout(uint32 _eid) external view returns (address lib, uint256 expiry);
function isSupportedEid(uint32 _eid) external view returns (bool);
function isValidReceiveLibrary(address _receiver, uint32 _eid, address _lib) external view returns (bool);
/// ------------------- OApp interfaces -------------------
function setSendLibrary(address _oapp, uint32 _eid, address _newLib) external;
function getSendLibrary(address _sender, uint32 _eid) external view returns (address lib);
function isDefaultSendLibrary(address _sender, uint32 _eid) external view returns (bool);
function setReceiveLibrary(address _oapp, uint32 _eid, address _newLib, uint256 _gracePeriod) external;
function getReceiveLibrary(address _receiver, uint32 _eid) external view returns (address lib, bool isDefault);
function setReceiveLibraryTimeout(address _oapp, uint32 _eid, address _lib, uint256 _expiry) external;
function receiveLibraryTimeout(address _receiver, uint32 _eid) external view returns (address lib, uint256 expiry);
function setConfig(address _oapp, address _lib, SetConfigParam[] calldata _params) external;
function getConfig(
address _oapp,
address _lib,
uint32 _eid,
uint32 _configType
) external view returns (bytes memory config);
}
IMessagingChannel.sol 34 lines
// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
interface IMessagingChannel {
event InboundNonceSkipped(uint32 srcEid, bytes32 sender, address receiver, uint64 nonce);
event PacketNilified(uint32 srcEid, bytes32 sender, address receiver, uint64 nonce, bytes32 payloadHash);
event PacketBurnt(uint32 srcEid, bytes32 sender, address receiver, uint64 nonce, bytes32 payloadHash);
function eid() external view returns (uint32);
// this is an emergency function if a message cannot be verified for some reasons
// required to provide _nextNonce to avoid race condition
function skip(address _oapp, uint32 _srcEid, bytes32 _sender, uint64 _nonce) external;
function nilify(address _oapp, uint32 _srcEid, bytes32 _sender, uint64 _nonce, bytes32 _payloadHash) external;
function burn(address _oapp, uint32 _srcEid, bytes32 _sender, uint64 _nonce, bytes32 _payloadHash) external;
function nextGuid(address _sender, uint32 _dstEid, bytes32 _receiver) external view returns (bytes32);
function inboundNonce(address _receiver, uint32 _srcEid, bytes32 _sender) external view returns (uint64);
function outboundNonce(address _sender, uint32 _dstEid, bytes32 _receiver) external view returns (uint64);
function inboundPayloadHash(
address _receiver,
uint32 _srcEid,
bytes32 _sender,
uint64 _nonce
) external view returns (bytes32);
function lazyInboundNonce(address _receiver, uint32 _srcEid, bytes32 _sender) external view returns (uint64);
}
IMessagingComposer.sol 38 lines
// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
interface IMessagingComposer {
event ComposeSent(address from, address to, bytes32 guid, uint16 index, bytes message);
event ComposeDelivered(address from, address to, bytes32 guid, uint16 index);
event LzComposeAlert(
address indexed from,
address indexed to,
address indexed executor,
bytes32 guid,
uint16 index,
uint256 gas,
uint256 value,
bytes message,
bytes extraData,
bytes reason
);
function composeQueue(
address _from,
address _to,
bytes32 _guid,
uint16 _index
) external view returns (bytes32 messageHash);
function sendCompose(address _to, bytes32 _guid, uint16 _index, bytes calldata _message) external;
function lzCompose(
address _from,
address _to,
bytes32 _guid,
uint16 _index,
bytes calldata _message,
bytes calldata _extraData
) external payable;
}
IMessagingContext.sol 9 lines
// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
interface IMessagingContext {
function isSendingMessage() external view returns (bool);
function getSendContext() external view returns (uint32 dstEid, address sender);
}
ISendLib.sol 36 lines
// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0;
import { MessagingFee } from "./ILayerZeroEndpointV2.sol";
import { IMessageLib } from "./IMessageLib.sol";
struct Packet {
uint64 nonce;
uint32 srcEid;
address sender;
uint32 dstEid;
bytes32 receiver;
bytes32 guid;
bytes message;
}
interface ISendLib is IMessageLib {
function send(
Packet calldata _packet,
bytes calldata _options,
bool _payInLzToken
) external returns (MessagingFee memory, bytes memory encodedPacket);
function quote(
Packet calldata _packet,
bytes calldata _options,
bool _payInLzToken
) external view returns (MessagingFee memory);
function setTreasury(address _treasury) external;
function withdrawFee(address _to, uint256 _amount) external;
function withdrawLzTokenFee(address _lzToken, address _to, uint256 _amount) external;
}
AddressCast.sol 41 lines
// SPDX-License-Identifier: LZBL-1.2
pragma solidity ^0.8.20;
library AddressCast {
error AddressCast_InvalidSizeForAddress();
error AddressCast_InvalidAddress();
function toBytes32(bytes calldata _addressBytes) internal pure returns (bytes32 result) {
if (_addressBytes.length > 32) revert AddressCast_InvalidAddress();
result = bytes32(_addressBytes);
unchecked {
uint256 offset = 32 - _addressBytes.length;
result = result >> (offset * 8);
}
}
function toBytes32(address _address) internal pure returns (bytes32 result) {
result = bytes32(uint256(uint160(_address)));
}
function toBytes(bytes32 _addressBytes32, uint256 _size) internal pure returns (bytes memory result) {
if (_size == 0 || _size > 32) revert AddressCast_InvalidSizeForAddress();
result = new bytes(_size);
unchecked {
uint256 offset = 256 - _size * 8;
assembly {
mstore(add(result, 32), shl(offset, _addressBytes32))
}
}
}
function toAddress(bytes32 _addressBytes32) internal pure returns (address result) {
result = address(uint160(uint256(_addressBytes32)));
}
function toAddress(bytes calldata _addressBytes) internal pure returns (address result) {
if (_addressBytes.length != 20) revert AddressCast_InvalidAddress();
result = address(bytes20(_addressBytes));
}
}
PacketV1Codec.sol 108 lines
// SPDX-License-Identifier: LZBL-1.2
pragma solidity ^0.8.20;
import { Packet } from "../../interfaces/ISendLib.sol";
import { AddressCast } from "../../libs/AddressCast.sol";
library PacketV1Codec {
using AddressCast for address;
using AddressCast for bytes32;
uint8 internal constant PACKET_VERSION = 1;
// header (version + nonce + path)
// version
uint256 private constant PACKET_VERSION_OFFSET = 0;
// nonce
uint256 private constant NONCE_OFFSET = 1;
// path
uint256 private constant SRC_EID_OFFSET = 9;
uint256 private constant SENDER_OFFSET = 13;
uint256 private constant DST_EID_OFFSET = 45;
uint256 private constant RECEIVER_OFFSET = 49;
// payload (guid + message)
uint256 private constant GUID_OFFSET = 81; // keccak256(nonce + path)
uint256 private constant MESSAGE_OFFSET = 113;
function encode(Packet memory _packet) internal pure returns (bytes memory encodedPacket) {
encodedPacket = abi.encodePacked(
PACKET_VERSION,
_packet.nonce,
_packet.srcEid,
_packet.sender.toBytes32(),
_packet.dstEid,
_packet.receiver,
_packet.guid,
_packet.message
);
}
function encodePacketHeader(Packet memory _packet) internal pure returns (bytes memory) {
return
abi.encodePacked(
PACKET_VERSION,
_packet.nonce,
_packet.srcEid,
_packet.sender.toBytes32(),
_packet.dstEid,
_packet.receiver
);
}
function encodePayload(Packet memory _packet) internal pure returns (bytes memory) {
return abi.encodePacked(_packet.guid, _packet.message);
}
function header(bytes calldata _packet) internal pure returns (bytes calldata) {
return _packet[0:GUID_OFFSET];
}
function version(bytes calldata _packet) internal pure returns (uint8) {
return uint8(bytes1(_packet[PACKET_VERSION_OFFSET:NONCE_OFFSET]));
}
function nonce(bytes calldata _packet) internal pure returns (uint64) {
return uint64(bytes8(_packet[NONCE_OFFSET:SRC_EID_OFFSET]));
}
function srcEid(bytes calldata _packet) internal pure returns (uint32) {
return uint32(bytes4(_packet[SRC_EID_OFFSET:SENDER_OFFSET]));
}
function sender(bytes calldata _packet) internal pure returns (bytes32) {
return bytes32(_packet[SENDER_OFFSET:DST_EID_OFFSET]);
}
function senderAddressB20(bytes calldata _packet) internal pure returns (address) {
return sender(_packet).toAddress();
}
function dstEid(bytes calldata _packet) internal pure returns (uint32) {
return uint32(bytes4(_packet[DST_EID_OFFSET:RECEIVER_OFFSET]));
}
function receiver(bytes calldata _packet) internal pure returns (bytes32) {
return bytes32(_packet[RECEIVER_OFFSET:GUID_OFFSET]);
}
function receiverB20(bytes calldata _packet) internal pure returns (address) {
return receiver(_packet).toAddress();
}
function guid(bytes calldata _packet) internal pure returns (bytes32) {
return bytes32(_packet[GUID_OFFSET:MESSAGE_OFFSET]);
}
function message(bytes calldata _packet) internal pure returns (bytes calldata) {
return bytes(_packet[MESSAGE_OFFSET:]);
}
function payload(bytes calldata _packet) internal pure returns (bytes calldata) {
return bytes(_packet[GUID_OFFSET:]);
}
function payloadHash(bytes calldata _packet) internal pure returns (bytes32) {
return keccak256(payload(_packet));
}
}
OAppOptionsType3Upgradeable.sol 109 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { OwnableUpgradeable } from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
import { IOAppOptionsType3, EnforcedOptionParam } from "@layerzerolabs/oapp-evm/contracts/oapp/interfaces/IOAppOptionsType3.sol";
/**
* @title OAppOptionsType3
* @dev Abstract contract implementing the IOAppOptionsType3 interface with type 3 options.
*/
abstract contract OAppOptionsType3Upgradeable is IOAppOptionsType3, OwnableUpgradeable {
struct OAppOptionsType3Storage {
// @dev The "msgType" should be defined in the child contract.
mapping(uint32 => mapping(uint16 => bytes)) enforcedOptions;
}
// keccak256(abi.encode(uint256(keccak256("layerzerov2.storage.oappoptionstype3")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant OAPP_OPTIONS_TYPE_3_STORAGE_LOCATION =
0x8d2bda5d9f6ffb5796910376005392955773acee5548d0fcdb10e7c264ea0000;
uint16 internal constant OPTION_TYPE_3 = 3;
function _getOAppOptionsType3Storage() internal pure returns (OAppOptionsType3Storage storage $) {
assembly {
$.slot := OAPP_OPTIONS_TYPE_3_STORAGE_LOCATION
}
}
/**
* @dev Ownable is not initialized here on purpose. It should be initialized in the child contract to
* accommodate the different version of Ownable.
*/
function __OAppOptionsType3_init() internal onlyInitializing {}
function __OAppOptionsType3_init_unchained() internal onlyInitializing {}
function enforcedOptions(uint32 _eid, uint16 _msgType) public view returns (bytes memory) {
OAppOptionsType3Storage storage $ = _getOAppOptionsType3Storage();
return $.enforcedOptions[_eid][_msgType];
}
/**
* @dev Sets the enforced options for specific endpoint and message type combinations.
* @param _enforcedOptions An array of EnforcedOptionParam structures specifying enforced options.
*
* @dev Only the owner/admin of the OApp can call this function.
* @dev Provides a way for the OApp to enforce things like paying for PreCrime, AND/OR minimum dst lzReceive gas amounts etc.
* @dev These enforced options can vary as the potential options/execution on the remote may differ as per the msgType.
* eg. Amount of lzReceive() gas necessary to deliver a lzCompose() message adds overhead you dont want to pay
* if you are only making a standard LayerZero message ie. lzReceive() WITHOUT sendCompose().
*/
function setEnforcedOptions(EnforcedOptionParam[] calldata _enforcedOptions) public virtual onlyOwner {
OAppOptionsType3Storage storage $ = _getOAppOptionsType3Storage();
for (uint256 i = 0; i < _enforcedOptions.length; i++) {
// @dev Enforced options are only available for optionType 3, as type 1 and 2 dont support combining.
_assertOptionsType3(_enforcedOptions[i].options);
$.enforcedOptions[_enforcedOptions[i].eid][_enforcedOptions[i].msgType] = _enforcedOptions[i].options;
}
emit EnforcedOptionSet(_enforcedOptions);
}
/**
* @notice Combines options for a given endpoint and message type.
* @param _eid The endpoint ID.
* @param _msgType The OAPP message type.
* @param _extraOptions Additional options passed by the caller.
* @return options The combination of caller specified options AND enforced options.
*
* @dev If there is an enforced lzReceive option:
* - {gasLimit: 200k, msg.value: 1 ether} AND a caller supplies a lzReceive option: {gasLimit: 100k, msg.value: 0.5 ether}
* - The resulting options will be {gasLimit: 300k, msg.value: 1.5 ether} when the message is executed on the remote lzReceive() function.
* @dev This presence of duplicated options is handled off-chain in the verifier/executor.
*/
function combineOptions(
uint32 _eid,
uint16 _msgType,
bytes calldata _extraOptions
) public view virtual returns (bytes memory) {
OAppOptionsType3Storage storage $ = _getOAppOptionsType3Storage();
bytes memory enforced = $.enforcedOptions[_eid][_msgType];
// No enforced options, pass whatever the caller supplied, even if it's empty or legacy type 1/2 options.
if (enforced.length == 0) return _extraOptions;
// No caller options, return enforced
if (_extraOptions.length == 0) return enforced;
// @dev If caller provided _extraOptions, must be type 3 as its the ONLY type that can be combined.
if (_extraOptions.length >= 2) {
_assertOptionsType3(_extraOptions);
// @dev Remove the first 2 bytes containing the type from the _extraOptions and combine with enforced.
return bytes.concat(enforced, _extraOptions[2:]);
}
// No valid set of options was found.
revert InvalidOptions(_extraOptions);
}
/**
* @dev Internal function to assert that options are of type 3.
* @param _options The options to be checked.
*/
function _assertOptionsType3(bytes calldata _options) internal pure virtual {
uint16 optionsType = uint16(bytes2(_options[0:2]));
if (optionsType != OPTION_TYPE_3) revert InvalidOptions(_options);
}
}
OAppCoreUpgradeable.sol 104 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { OwnableUpgradeable } from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
import { IOAppCore, ILayerZeroEndpointV2 } from "@layerzerolabs/oapp-evm/contracts/oapp/interfaces/IOAppCore.sol";
/**
* @title OAppCore
* @dev Abstract contract implementing the IOAppCore interface with basic OApp configurations.
*/
abstract contract OAppCoreUpgradeable is IOAppCore, OwnableUpgradeable {
struct OAppCoreStorage {
mapping(uint32 => bytes32) peers;
}
// keccak256(abi.encode(uint256(keccak256("layerzerov2.storage.oappcore")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant OAPP_CORE_STORAGE_LOCATION =
0x72ab1bc1039b79dc4724ffca13de82c96834302d3c7e0d4252232d4b2dd8f900;
function _getOAppCoreStorage() internal pure returns (OAppCoreStorage storage $) {
assembly {
$.slot := OAPP_CORE_STORAGE_LOCATION
}
}
// The LayerZero endpoint associated with the given OApp
ILayerZeroEndpointV2 public immutable endpoint;
/**
* @dev Constructor to initialize the OAppCore with the provided endpoint and delegate.
* @param _endpoint The address of the LOCAL Layer Zero endpoint.
*/
constructor(address _endpoint) {
endpoint = ILayerZeroEndpointV2(_endpoint);
}
/**
* @dev Initializes the OAppCore with the provided delegate.
* @param _delegate The delegate capable of making OApp configurations inside of the endpoint.
*
* @dev The delegate typically should be set as the owner of the contract.
* @dev Ownable is not initialized here on purpose. It should be initialized in the child contract to
* accommodate the different version of Ownable.
*/
function __OAppCore_init(address _delegate) internal onlyInitializing {
__OAppCore_init_unchained(_delegate);
}
function __OAppCore_init_unchained(address _delegate) internal onlyInitializing {
if (_delegate == address(0)) revert InvalidDelegate();
endpoint.setDelegate(_delegate);
}
/**
* @notice Returns the peer address (OApp instance) associated with a specific endpoint.
* @param _eid The endpoint ID.
* @return peer The address of the peer associated with the specified endpoint.
*/
function peers(uint32 _eid) public view override returns (bytes32) {
OAppCoreStorage storage $ = _getOAppCoreStorage();
return $.peers[_eid];
}
/**
* @notice Sets the peer address (OApp instance) for a corresponding endpoint.
* @param _eid The endpoint ID.
* @param _peer The address of the peer to be associated with the corresponding endpoint.
*
* @dev Only the owner/admin of the OApp can call this function.
* @dev Indicates that the peer is trusted to send LayerZero messages to this OApp.
* @dev Set this to bytes32(0) to remove the peer address.
* @dev Peer is a bytes32 to accommodate non-evm chains.
*/
function setPeer(uint32 _eid, bytes32 _peer) public virtual onlyOwner {
OAppCoreStorage storage $ = _getOAppCoreStorage();
$.peers[_eid] = _peer;
emit PeerSet(_eid, _peer);
}
/**
* @notice Internal function to get the peer address associated with a specific endpoint; reverts if NOT set.
* ie. the peer is set to bytes32(0).
* @param _eid The endpoint ID.
* @return peer The address of the peer associated with the specified endpoint.
*/
function _getPeerOrRevert(uint32 _eid) internal view virtual returns (bytes32) {
OAppCoreStorage storage $ = _getOAppCoreStorage();
bytes32 peer = $.peers[_eid];
if (peer == bytes32(0)) revert NoPeer(_eid);
return peer;
}
/**
* @notice Sets the delegate address for the OApp.
* @param _delegate The address of the delegate to be set.
*
* @dev Only the owner/admin of the OApp can call this function.
* @dev Provides the ability for a delegate to set configs, on behalf of the OApp, directly on the Endpoint contract.
*/
function setDelegate(address _delegate) public onlyOwner {
endpoint.setDelegate(_delegate);
}
}
OAppReceiverUpgradeable.sol 133 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { IOAppReceiver, Origin } from "@layerzerolabs/oapp-evm/contracts/oapp/interfaces/IOAppReceiver.sol";
import { OAppCoreUpgradeable } from "./OAppCoreUpgradeable.sol";
/**
* @title OAppReceiver
* @dev Abstract contract implementing the ILayerZeroReceiver interface and extending OAppCore for OApp receivers.
*/
abstract contract OAppReceiverUpgradeable is IOAppReceiver, OAppCoreUpgradeable {
// Custom error message for when the caller is not the registered endpoint/
error OnlyEndpoint(address addr);
// @dev The version of the OAppReceiver implementation.
// @dev Version is bumped when changes are made to this contract.
uint64 internal constant RECEIVER_VERSION = 2;
/**
* @param _delegate The delegate capable of making OApp configurations inside of the endpoint.
* @dev Ownable is not initialized here on purpose. It should be initialized in the child contract to
* accommodate the different version of Ownable.
*/
function __OAppReceiver_init(address _delegate) internal onlyInitializing {
__OAppCore_init(_delegate);
}
function __OAppReceiver_init_unchained() internal onlyInitializing {}
/**
* @notice Retrieves the OApp version information.
* @return senderVersion The version of the OAppSender.sol contract.
* @return receiverVersion The version of the OAppReceiver.sol contract.
*
* @dev Providing 0 as the default for OAppSender version. Indicates that the OAppSender is not implemented.
* ie. this is a RECEIVE only OApp.
* @dev If the OApp uses both OAppSender and OAppReceiver, then this needs to be override returning the correct versions.
*/
function oAppVersion() public view virtual returns (uint64 senderVersion, uint64 receiverVersion) {
return (0, RECEIVER_VERSION);
}
/**
* @notice Indicates whether an address is an approved composeMsg sender to the Endpoint.
* @dev _origin The origin information containing the source endpoint and sender address.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address on the src chain.
* - nonce: The nonce of the message.
* @dev _message The lzReceive payload.
* @param _sender The sender address.
* @return isSender Is a valid sender.
*
* @dev Applications can optionally choose to implement separate composeMsg senders that are NOT the bridging layer.
* @dev The default sender IS the OAppReceiver implementer.
*/
function isComposeMsgSender(
Origin calldata /*_origin*/,
bytes calldata /*_message*/,
address _sender
) public view virtual returns (bool) {
return _sender == address(this);
}
/**
* @notice Checks if the path initialization is allowed based on the provided origin.
* @param origin The origin information containing the source endpoint and sender address.
* @return Whether the path has been initialized.
*
* @dev This indicates to the endpoint that the OApp has enabled msgs for this particular path to be received.
* @dev This defaults to assuming if a peer has been set, its initialized.
* Can be overridden by the OApp if there is other logic to determine this.
*/
function allowInitializePath(Origin calldata origin) public view virtual returns (bool) {
return peers(origin.srcEid) == origin.sender;
}
/**
* @notice Retrieves the next nonce for a given source endpoint and sender address.
* @dev _srcEid The source endpoint ID.
* @dev _sender The sender address.
* @return nonce The next nonce.
*
* @dev The path nonce starts from 1. If 0 is returned it means that there is NO nonce ordered enforcement.
* @dev Is required by the off-chain executor to determine the OApp expects msg execution is ordered.
* @dev This is also enforced by the OApp.
* @dev By default this is NOT enabled. ie. nextNonce is hardcoded to return 0.
*/
function nextNonce(uint32, /*_srcEid*/ bytes32 /*_sender*/) public view virtual returns (uint64 nonce) {
return 0;
}
/**
* @dev Entry point for receiving messages or packets from the endpoint.
* @param _origin The origin information containing the source endpoint and sender address.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address on the src chain.
* - nonce: The nonce of the message.
* @param _guid The unique identifier for the received LayerZero message.
* @param _message The payload of the received message.
* @param _executor The address of the executor for the received message.
* @param _extraData Additional arbitrary data provided by the corresponding executor.
*
* @dev Entry point for receiving msg/packet from the LayerZero endpoint.
*/
function lzReceive(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) public payable virtual {
// Ensures that only the endpoint can attempt to lzReceive() messages to this OApp.
if (address(endpoint) != msg.sender) revert OnlyEndpoint(msg.sender);
// Ensure that the sender matches the expected peer for the source endpoint.
if (_getPeerOrRevert(_origin.srcEid) != _origin.sender) revert OnlyPeer(_origin.srcEid, _origin.sender);
// Call the internal OApp implementation of lzReceive.
_lzReceive(_origin, _guid, _message, _executor, _extraData);
}
/**
* @dev Internal function to implement lzReceive logic without needing to copy the basic parameter validation.
*/
function _lzReceive(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) internal virtual;
}
OAppSenderUpgradeable.sol 135 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { SafeERC20, IERC20 } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import { MessagingParams, MessagingFee, MessagingReceipt } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroEndpointV2.sol";
import { OAppCoreUpgradeable } from "./OAppCoreUpgradeable.sol";
/**
* @title OAppSender
* @dev Abstract contract implementing the OAppSender functionality for sending messages to a LayerZero endpoint.
*/
abstract contract OAppSenderUpgradeable is OAppCoreUpgradeable {
using SafeERC20 for IERC20;
// Custom error messages
error NotEnoughNative(uint256 msgValue);
error LzTokenUnavailable();
// @dev The version of the OAppSender implementation.
// @dev Version is bumped when changes are made to this contract.
uint64 internal constant SENDER_VERSION = 1;
/**
* @param _delegate The delegate capable of making OApp configurations inside of the endpoint.
* @dev Ownable is not initialized here on purpose. It should be initialized in the child contract to
* accommodate the different version of Ownable.
*/
function __OAppSender_init(address _delegate) internal onlyInitializing {
__OAppCore_init(_delegate);
}
function __OAppSender_init_unchained() internal onlyInitializing {}
/**
* @notice Retrieves the OApp version information.
* @return senderVersion The version of the OAppSender.sol contract.
* @return receiverVersion The version of the OAppReceiver.sol contract.
*
* @dev Providing 0 as the default for OAppReceiver version. Indicates that the OAppReceiver is not implemented.
* ie. this is a SEND only OApp.
* @dev If the OApp uses both OAppSender and OAppReceiver, then this needs to be override returning the correct versions
*/
function oAppVersion() public view virtual returns (uint64 senderVersion, uint64 receiverVersion) {
return (SENDER_VERSION, 0);
}
/**
* @dev Internal function to interact with the LayerZero EndpointV2.quote() for fee calculation.
* @param _dstEid The destination endpoint ID.
* @param _message The message payload.
* @param _options Additional options for the message.
* @param _payInLzToken Flag indicating whether to pay the fee in LZ tokens.
* @return fee The calculated MessagingFee for the message.
* - nativeFee: The native fee for the message.
* - lzTokenFee: The LZ token fee for the message.
*/
function _quote(
uint32 _dstEid,
bytes memory _message,
bytes memory _options,
bool _payInLzToken
) internal view virtual returns (MessagingFee memory fee) {
return
endpoint.quote(
MessagingParams(_dstEid, _getPeerOrRevert(_dstEid), _message, _options, _payInLzToken),
address(this)
);
}
/**
* @dev Internal function to interact with the LayerZero EndpointV2.send() for sending a message.
* @param _dstEid The destination endpoint ID.
* @param _message The message payload.
* @param _options Additional options for the message.
* @param _fee The calculated LayerZero fee for the message.
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
* @param _refundAddress The address to receive any excess fee values sent to the endpoint.
* @return receipt The receipt for the sent message.
* - guid: The unique identifier for the sent message.
* - nonce: The nonce of the sent message.
* - fee: The LayerZero fee incurred for the message.
*/
function _lzSend(
uint32 _dstEid,
bytes memory _message,
bytes memory _options,
MessagingFee memory _fee,
address _refundAddress
) internal virtual returns (MessagingReceipt memory receipt) {
// @dev Push corresponding fees to the endpoint, any excess is sent back to the _refundAddress from the endpoint.
uint256 messageValue = _payNative(_fee.nativeFee);
if (_fee.lzTokenFee > 0) _payLzToken(_fee.lzTokenFee);
return
// solhint-disable-next-line check-send-result
endpoint.send{ value: messageValue }(
MessagingParams(_dstEid, _getPeerOrRevert(_dstEid), _message, _options, _fee.lzTokenFee > 0),
_refundAddress
);
}
/**
* @dev Internal function to pay the native fee associated with the message.
* @param _nativeFee The native fee to be paid.
* @return nativeFee The amount of native currency paid.
*
* @dev If the OApp needs to initiate MULTIPLE LayerZero messages in a single transaction,
* this will need to be overridden because msg.value would contain multiple lzFees.
* @dev Should be overridden in the event the LayerZero endpoint requires a different native currency.
* @dev Some EVMs use an ERC20 as a method for paying transactions/gasFees.
* @dev The endpoint is EITHER/OR, ie. it will NOT support both types of native payment at a time.
*/
function _payNative(uint256 _nativeFee) internal virtual returns (uint256 nativeFee) {
if (msg.value != _nativeFee) revert NotEnoughNative(msg.value);
return _nativeFee;
}
/**
* @dev Internal function to pay the LZ token fee associated with the message.
* @param _lzTokenFee The LZ token fee to be paid.
*
* @dev If the caller is trying to pay in the specified lzToken, then the lzTokenFee is passed to the endpoint.
* @dev Any excess sent, is passed back to the specified _refundAddress in the _lzSend().
*/
function _payLzToken(uint256 _lzTokenFee) internal virtual {
// @dev Cannot cache the token because it is not immutable in the endpoint.
address lzToken = endpoint.lzToken();
if (lzToken == address(0)) revert LzTokenUnavailable();
// Pay LZ token fee by sending tokens to the endpoint.
IERC20(lzToken).safeTransferFrom(msg.sender, address(endpoint), _lzTokenFee);
}
}
OAppUpgradeable.sol 54 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
// @dev Import the 'MessagingFee' and 'MessagingReceipt' so it's exposed to OApp implementers
// solhint-disable-next-line no-unused-import
import { OAppSenderUpgradeable, MessagingFee, MessagingReceipt } from "./OAppSenderUpgradeable.sol";
// @dev Import the 'Origin' so it's exposed to OApp implementers
// solhint-disable-next-line no-unused-import
import { OAppReceiverUpgradeable, Origin } from "./OAppReceiverUpgradeable.sol";
import { OAppCoreUpgradeable } from "./OAppCoreUpgradeable.sol";
/**
* @title OApp
* @dev Abstract contract serving as the base for OApp implementation, combining OAppSender and OAppReceiver functionality.
*/
abstract contract OAppUpgradeable is OAppSenderUpgradeable, OAppReceiverUpgradeable {
/**
* @dev Constructor to initialize the OApp with the provided endpoint and owner.
* @param _endpoint The address of the LOCAL LayerZero endpoint.
*/
constructor(address _endpoint) OAppCoreUpgradeable(_endpoint) {}
/**
* @dev Initializes the OApp with the provided delegate.
* @param _delegate The delegate capable of making OApp configurations inside of the endpoint.
*
* @dev The delegate typically should be set as the owner of the contract.
* @dev Ownable is not initialized here on purpose. It should be initialized in the child contract to
* accommodate the different version of Ownable.
*/
function __OApp_init(address _delegate) internal onlyInitializing {
__OAppCore_init(_delegate);
__OAppReceiver_init_unchained();
__OAppSender_init_unchained();
}
function __OApp_init_unchained() internal onlyInitializing {}
/**
* @notice Retrieves the OApp version information.
* @return senderVersion The version of the OAppSender.sol implementation.
* @return receiverVersion The version of the OAppReceiver.sol implementation.
*/
function oAppVersion()
public
pure
virtual
override(OAppSenderUpgradeable, OAppReceiverUpgradeable)
returns (uint64 senderVersion, uint64 receiverVersion)
{
return (SENDER_VERSION, RECEIVER_VERSION);
}
}
OAppPreCrimeSimulatorUpgradeable.sol 151 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { OwnableUpgradeable } from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
import { IPreCrime } from "@layerzerolabs/oapp-evm/contracts/precrime/interfaces/IPreCrime.sol";
import { IOAppPreCrimeSimulator, InboundPacket, Origin } from "@layerzerolabs/oapp-evm/contracts/precrime/interfaces/IOAppPreCrimeSimulator.sol";
/**
* @title OAppPreCrimeSimulator
* @dev Abstract contract serving as the base for preCrime simulation functionality in an OApp.
*/
abstract contract OAppPreCrimeSimulatorUpgradeable is IOAppPreCrimeSimulator, OwnableUpgradeable {
struct OAppPreCrimeSimulatorStorage {
// The address of the preCrime implementation.
address preCrime;
}
// keccak256(abi.encode(uint256(keccak256("layerzerov2.storage.oappprecrimesimulator")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant OAPP_PRE_CRIME_SIMULATOR_STORAGE_LOCATION =
0xefb041d771d6daaa55702fff6eb740d63ba559a75d2d1d3e151c78ff2480b600;
function _getOAppPreCrimeSimulatorStorage() internal pure returns (OAppPreCrimeSimulatorStorage storage $) {
assembly {
$.slot := OAPP_PRE_CRIME_SIMULATOR_STORAGE_LOCATION
}
}
/**
* @dev Ownable is not initialized here on purpose. It should be initialized in the child contract to
* accommodate the different version of Ownable.
*/
function __OAppPreCrimeSimulator_init() internal onlyInitializing {}
function __OAppPreCrimeSimulator_init_unchained() internal onlyInitializing {}
function preCrime() external view override returns (address) {
OAppPreCrimeSimulatorStorage storage $ = _getOAppPreCrimeSimulatorStorage();
return $.preCrime;
}
/**
* @dev Retrieves the address of the OApp contract.
* @return The address of the OApp contract.
*
* @dev The simulator contract is the base contract for the OApp by default.
* @dev If the simulator is a separate contract, override this function.
*/
function oApp() external view virtual returns (address) {
return address(this);
}
/**
* @dev Sets the preCrime contract address.
* @param _preCrime The address of the preCrime contract.
*/
function setPreCrime(address _preCrime) public virtual onlyOwner {
OAppPreCrimeSimulatorStorage storage $ = _getOAppPreCrimeSimulatorStorage();
$.preCrime = _preCrime;
emit PreCrimeSet(_preCrime);
}
/**
* @dev Interface for pre-crime simulations. Always reverts at the end with the simulation results.
* @param _packets An array of InboundPacket objects representing received packets to be delivered.
*
* @dev WARNING: MUST revert at the end with the simulation results.
* @dev Gives the preCrime implementation the ability to mock sending packets to the lzReceive function,
* WITHOUT actually executing them.
*/
function lzReceiveAndRevert(InboundPacket[] calldata _packets) public payable virtual {
for (uint256 i = 0; i < _packets.length; i++) {
InboundPacket calldata packet = _packets[i];
// Ignore packets that are not from trusted peers.
if (!isPeer(packet.origin.srcEid, packet.origin.sender)) continue;
// @dev Because a verifier is calling this function, it doesnt have access to executor params:
// - address _executor
// - bytes calldata _extraData
// preCrime will NOT work for OApps that rely on these two parameters inside of their _lzReceive().
// They are instead stubbed to default values, address(0) and bytes("")
// @dev Calling this.lzReceiveSimulate removes ability for assembly return 0 callstack exit,
// which would cause the revert to be ignored.
this.lzReceiveSimulate{ value: packet.value }(
packet.origin,
packet.guid,
packet.message,
packet.executor,
packet.extraData
);
}
// @dev Revert with the simulation results. msg.sender must implement IPreCrime.buildSimulationResult().
revert SimulationResult(IPreCrime(msg.sender).buildSimulationResult());
}
/**
* @dev Is effectively an internal function because msg.sender must be address(this).
* Allows resetting the call stack for 'internal' calls.
* @param _origin The origin information containing the source endpoint and sender address.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address on the src chain.
* - nonce: The nonce of the message.
* @param _guid The unique identifier of the packet.
* @param _message The message payload of the packet.
* @param _executor The executor address for the packet.
* @param _extraData Additional data for the packet.
*/
function lzReceiveSimulate(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) external payable virtual {
// @dev Ensure ONLY can be called 'internally'.
if (msg.sender != address(this)) revert OnlySelf();
_lzReceiveSimulate(_origin, _guid, _message, _executor, _extraData);
}
/**
* @dev Internal function to handle the OAppPreCrimeSimulator simulated receive.
* @param _origin The origin information.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address from the src chain.
* - nonce: The nonce of the LayerZero message.
* @param _guid The GUID of the LayerZero message.
* @param _message The LayerZero message.
* @param _executor The address of the off-chain executor.
* @param _extraData Arbitrary data passed by the msg executor.
*
* @dev Enables the preCrime simulator to mock sending lzReceive() messages,
* routes the msg down from the OAppPreCrimeSimulator, and back up to the OAppReceiver.
*/
function _lzReceiveSimulate(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) internal virtual;
/**
* @dev checks if the specified peer is considered 'trusted' by the OApp.
* @param _eid The endpoint Id to check.
* @param _peer The peer to check.
* @return Whether the peer passed is considered 'trusted' by the OApp.
*/
function isPeer(uint32 _eid, bytes32 _peer) public view virtual returns (bool);
}
IOAppComposer.sol 12 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { ILayerZeroComposer } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroComposer.sol";
/**
* @title IOAppComposer
* @dev This interface defines the OApp Composer, allowing developers to inherit only the OApp package without the protocol.
*/
// solhint-disable-next-line no-empty-blocks
interface IOAppComposer is ILayerZeroComposer {}
IOAppCore.sol 52 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { ILayerZeroEndpointV2 } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroEndpointV2.sol";
/**
* @title IOAppCore
*/
interface IOAppCore {
// Custom error messages
error OnlyPeer(uint32 eid, bytes32 sender);
error NoPeer(uint32 eid);
error InvalidEndpointCall();
error InvalidDelegate();
// Event emitted when a peer (OApp) is set for a corresponding endpoint
event PeerSet(uint32 eid, bytes32 peer);
/**
* @notice Retrieves the OApp version information.
* @return senderVersion The version of the OAppSender.sol contract.
* @return receiverVersion The version of the OAppReceiver.sol contract.
*/
function oAppVersion() external view returns (uint64 senderVersion, uint64 receiverVersion);
/**
* @notice Retrieves the LayerZero endpoint associated with the OApp.
* @return iEndpoint The LayerZero endpoint as an interface.
*/
function endpoint() external view returns (ILayerZeroEndpointV2 iEndpoint);
/**
* @notice Retrieves the peer (OApp) associated with a corresponding endpoint.
* @param _eid The endpoint ID.
* @return peer The peer address (OApp instance) associated with the corresponding endpoint.
*/
function peers(uint32 _eid) external view returns (bytes32 peer);
/**
* @notice Sets the peer address (OApp instance) for a corresponding endpoint.
* @param _eid The endpoint ID.
* @param _peer The address of the peer to be associated with the corresponding endpoint.
*/
function setPeer(uint32 _eid, bytes32 _peer) external;
/**
* @notice Sets the delegate address for the OApp Core.
* @param _delegate The address of the delegate to be set.
*/
function setDelegate(address _delegate) external;
}
IOAppMsgInspector.sol 22 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
/**
* @title IOAppMsgInspector
* @dev Interface for the OApp Message Inspector, allowing examination of message and options contents.
*/
interface IOAppMsgInspector {
// Custom error message for inspection failure
error InspectionFailed(bytes message, bytes options);
/**
* @notice Allows the inspector to examine LayerZero message contents and optionally throw a revert if invalid.
* @param _message The message payload to be inspected.
* @param _options Additional options or parameters for inspection.
* @return valid A boolean indicating whether the inspection passed (true) or failed (false).
*
* @dev Optionally done as a revert, OR use the boolean provided to handle the failure.
*/
function inspect(bytes calldata _message, bytes calldata _options) external view returns (bool valid);
}
IOAppOptionsType3.sol 43 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
/**
* @dev Struct representing enforced option parameters.
*/
struct EnforcedOptionParam {
uint32 eid; // Endpoint ID
uint16 msgType; // Message Type
bytes options; // Additional options
}
/**
* @title IOAppOptionsType3
* @dev Interface for the OApp with Type 3 Options, allowing the setting and combining of enforced options.
*/
interface IOAppOptionsType3 {
// Custom error message for invalid options
error InvalidOptions(bytes options);
// Event emitted when enforced options are set
event EnforcedOptionSet(EnforcedOptionParam[] _enforcedOptions);
/**
* @notice Sets enforced options for specific endpoint and message type combinations.
* @param _enforcedOptions An array of EnforcedOptionParam structures specifying enforced options.
*/
function setEnforcedOptions(EnforcedOptionParam[] calldata _enforcedOptions) external;
/**
* @notice Combines options for a given endpoint and message type.
* @param _eid The endpoint ID.
* @param _msgType The OApp message type.
* @param _extraOptions Additional options passed by the caller.
* @return options The combination of caller specified options AND enforced options.
*/
function combineOptions(
uint32 _eid,
uint16 _msgType,
bytes calldata _extraOptions
) external view returns (bytes memory options);
}
IOAppReceiver.sol 25 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { ILayerZeroReceiver, Origin } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroReceiver.sol";
interface IOAppReceiver is ILayerZeroReceiver {
/**
* @notice Indicates whether an address is an approved composeMsg sender to the Endpoint.
* @param _origin The origin information containing the source endpoint and sender address.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address on the src chain.
* - nonce: The nonce of the message.
* @param _message The lzReceive payload.
* @param _sender The sender address.
* @return isSender Is a valid sender.
*
* @dev Applications can optionally choose to implement a separate composeMsg sender that is NOT the bridging layer.
* @dev The default sender IS the OAppReceiver implementer.
*/
function isComposeMsgSender(
Origin calldata _origin,
bytes calldata _message,
address _sender
) external view returns (bool isSender);
}
OAppOptionsType3.sol 98 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
import { IOAppOptionsType3, EnforcedOptionParam } from "../interfaces/IOAppOptionsType3.sol";
/**
* @title OAppOptionsType3
* @dev Abstract contract implementing the IOAppOptionsType3 interface with type 3 options.
*/
abstract contract OAppOptionsType3 is IOAppOptionsType3, Ownable {
uint16 internal constant OPTION_TYPE_3 = 3;
// @dev The "msgType" should be defined in the child contract.
mapping(uint32 eid => mapping(uint16 msgType => bytes enforcedOption)) public enforcedOptions;
/**
* @dev Sets the enforced options for specific endpoint and message type combinations.
* @param _enforcedOptions An array of EnforcedOptionParam structures specifying enforced options.
*
* @dev Only the owner/admin of the OApp can call this function.
* @dev Provides a way for the OApp to enforce things like paying for PreCrime, AND/OR minimum dst lzReceive gas amounts etc.
* @dev These enforced options can vary as the potential options/execution on the remote may differ as per the msgType.
* eg. Amount of lzReceive() gas necessary to deliver a lzCompose() message adds overhead you dont want to pay
* if you are only making a standard LayerZero message ie. lzReceive() WITHOUT sendCompose().
*/
function setEnforcedOptions(EnforcedOptionParam[] calldata _enforcedOptions) public virtual onlyOwner {
_setEnforcedOptions(_enforcedOptions);
}
/**
* @dev Sets the enforced options for specific endpoint and message type combinations.
* @param _enforcedOptions An array of EnforcedOptionParam structures specifying enforced options.
*
* @dev Provides a way for the OApp to enforce things like paying for PreCrime, AND/OR minimum dst lzReceive gas amounts etc.
* @dev These enforced options can vary as the potential options/execution on the remote may differ as per the msgType.
* eg. Amount of lzReceive() gas necessary to deliver a lzCompose() message adds overhead you dont want to pay
* if you are only making a standard LayerZero message ie. lzReceive() WITHOUT sendCompose().
*/
function _setEnforcedOptions(EnforcedOptionParam[] memory _enforcedOptions) internal virtual {
for (uint256 i = 0; i < _enforcedOptions.length; i++) {
// @dev Enforced options are only available for optionType 3, as type 1 and 2 dont support combining.
_assertOptionsType3(_enforcedOptions[i].options);
enforcedOptions[_enforcedOptions[i].eid][_enforcedOptions[i].msgType] = _enforcedOptions[i].options;
}
emit EnforcedOptionSet(_enforcedOptions);
}
/**
* @notice Combines options for a given endpoint and message type.
* @param _eid The endpoint ID.
* @param _msgType The OAPP message type.
* @param _extraOptions Additional options passed by the caller.
* @return options The combination of caller specified options AND enforced options.
*
* @dev If there is an enforced lzReceive option:
* - {gasLimit: 200k, msg.value: 1 ether} AND a caller supplies a lzReceive option: {gasLimit: 100k, msg.value: 0.5 ether}
* - The resulting options will be {gasLimit: 300k, msg.value: 1.5 ether} when the message is executed on the remote lzReceive() function.
* @dev This presence of duplicated options is handled off-chain in the verifier/executor.
*/
function combineOptions(
uint32 _eid,
uint16 _msgType,
bytes calldata _extraOptions
) public view virtual returns (bytes memory) {
bytes memory enforced = enforcedOptions[_eid][_msgType];
// No enforced options, pass whatever the caller supplied, even if it's empty or legacy type 1/2 options.
if (enforced.length == 0) return _extraOptions;
// No caller options, return enforced
if (_extraOptions.length == 0) return enforced;
// @dev If caller provided _extraOptions, must be type 3 as its the ONLY type that can be combined.
if (_extraOptions.length >= 2) {
_assertOptionsType3(_extraOptions);
// @dev Remove the first 2 bytes containing the type from the _extraOptions and combine with enforced.
return bytes.concat(enforced, _extraOptions[2:]);
}
// No valid set of options was found.
revert InvalidOptions(_extraOptions);
}
/**
* @dev Internal function to assert that options are of type 3.
* @param _options The options to be checked.
*/
function _assertOptionsType3(bytes memory _options) internal pure virtual {
uint16 optionsType;
assembly {
optionsType := mload(add(_options, 2))
}
if (optionsType != OPTION_TYPE_3) revert InvalidOptions(_options);
}
}
OApp.sol 39 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
// @dev Import the 'MessagingFee' and 'MessagingReceipt' so it's exposed to OApp implementers
// solhint-disable-next-line no-unused-import
import { OAppSender, MessagingFee, MessagingReceipt } from "./OAppSender.sol";
// @dev Import the 'Origin' so it's exposed to OApp implementers
// solhint-disable-next-line no-unused-import
import { OAppReceiver, Origin } from "./OAppReceiver.sol";
import { OAppCore } from "./OAppCore.sol";
/**
* @title OApp
* @dev Abstract contract serving as the base for OApp implementation, combining OAppSender and OAppReceiver functionality.
*/
abstract contract OApp is OAppSender, OAppReceiver {
/**
* @dev Constructor to initialize the OApp with the provided endpoint and owner.
* @param _endpoint The address of the LOCAL LayerZero endpoint.
* @param _delegate The delegate capable of making OApp configurations inside of the endpoint.
*/
constructor(address _endpoint, address _delegate) OAppCore(_endpoint, _delegate) {}
/**
* @notice Retrieves the OApp version information.
* @return senderVersion The version of the OAppSender.sol implementation.
* @return receiverVersion The version of the OAppReceiver.sol implementation.
*/
function oAppVersion()
public
pure
virtual
override(OAppSender, OAppReceiver)
returns (uint64 senderVersion, uint64 receiverVersion)
{
return (SENDER_VERSION, RECEIVER_VERSION);
}
}
OAppCore.sol 83 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
import { IOAppCore, ILayerZeroEndpointV2 } from "./interfaces/IOAppCore.sol";
/**
* @title OAppCore
* @dev Abstract contract implementing the IOAppCore interface with basic OApp configurations.
*/
abstract contract OAppCore is IOAppCore, Ownable {
// The LayerZero endpoint associated with the given OApp
ILayerZeroEndpointV2 public immutable endpoint;
// Mapping to store peers associated with corresponding endpoints
mapping(uint32 eid => bytes32 peer) public peers;
/**
* @dev Constructor to initialize the OAppCore with the provided endpoint and delegate.
* @param _endpoint The address of the LOCAL Layer Zero endpoint.
* @param _delegate The delegate capable of making OApp configurations inside of the endpoint.
*
* @dev The delegate typically should be set as the owner of the contract.
*/
constructor(address _endpoint, address _delegate) {
endpoint = ILayerZeroEndpointV2(_endpoint);
if (_delegate == address(0)) revert InvalidDelegate();
endpoint.setDelegate(_delegate);
}
/**
* @notice Sets the peer address (OApp instance) for a corresponding endpoint.
* @param _eid The endpoint ID.
* @param _peer The address of the peer to be associated with the corresponding endpoint.
*
* @dev Only the owner/admin of the OApp can call this function.
* @dev Indicates that the peer is trusted to send LayerZero messages to this OApp.
* @dev Set this to bytes32(0) to remove the peer address.
* @dev Peer is a bytes32 to accommodate non-evm chains.
*/
function setPeer(uint32 _eid, bytes32 _peer) public virtual onlyOwner {
_setPeer(_eid, _peer);
}
/**
* @notice Sets the peer address (OApp instance) for a corresponding endpoint.
* @param _eid The endpoint ID.
* @param _peer The address of the peer to be associated with the corresponding endpoint.
*
* @dev Indicates that the peer is trusted to send LayerZero messages to this OApp.
* @dev Set this to bytes32(0) to remove the peer address.
* @dev Peer is a bytes32 to accommodate non-evm chains.
*/
function _setPeer(uint32 _eid, bytes32 _peer) internal virtual {
peers[_eid] = _peer;
emit PeerSet(_eid, _peer);
}
/**
* @notice Internal function to get the peer address associated with a specific endpoint; reverts if NOT set.
* ie. the peer is set to bytes32(0).
* @param _eid The endpoint ID.
* @return peer The address of the peer associated with the specified endpoint.
*/
function _getPeerOrRevert(uint32 _eid) internal view virtual returns (bytes32) {
bytes32 peer = peers[_eid];
if (peer == bytes32(0)) revert NoPeer(_eid);
return peer;
}
/**
* @notice Sets the delegate address for the OApp.
* @param _delegate The address of the delegate to be set.
*
* @dev Only the owner/admin of the OApp can call this function.
* @dev Provides the ability for a delegate to set configs, on behalf of the OApp, directly on the Endpoint contract.
*/
function setDelegate(address _delegate) public onlyOwner {
endpoint.setDelegate(_delegate);
}
}
OAppReceiver.sol 122 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { IOAppReceiver, Origin } from "./interfaces/IOAppReceiver.sol";
import { OAppCore } from "./OAppCore.sol";
/**
* @title OAppReceiver
* @dev Abstract contract implementing the ILayerZeroReceiver interface and extending OAppCore for OApp receivers.
*/
abstract contract OAppReceiver is IOAppReceiver, OAppCore {
// Custom error message for when the caller is not the registered endpoint/
error OnlyEndpoint(address addr);
// @dev The version of the OAppReceiver implementation.
// @dev Version is bumped when changes are made to this contract.
uint64 internal constant RECEIVER_VERSION = 2;
/**
* @notice Retrieves the OApp version information.
* @return senderVersion The version of the OAppSender.sol contract.
* @return receiverVersion The version of the OAppReceiver.sol contract.
*
* @dev Providing 0 as the default for OAppSender version. Indicates that the OAppSender is not implemented.
* ie. this is a RECEIVE only OApp.
* @dev If the OApp uses both OAppSender and OAppReceiver, then this needs to be override returning the correct versions.
*/
function oAppVersion() public view virtual returns (uint64 senderVersion, uint64 receiverVersion) {
return (0, RECEIVER_VERSION);
}
/**
* @notice Indicates whether an address is an approved composeMsg sender to the Endpoint.
* @dev _origin The origin information containing the source endpoint and sender address.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address on the src chain.
* - nonce: The nonce of the message.
* @dev _message The lzReceive payload.
* @param _sender The sender address.
* @return isSender Is a valid sender.
*
* @dev Applications can optionally choose to implement separate composeMsg senders that are NOT the bridging layer.
* @dev The default sender IS the OAppReceiver implementer.
*/
function isComposeMsgSender(
Origin calldata /*_origin*/,
bytes calldata /*_message*/,
address _sender
) public view virtual returns (bool) {
return _sender == address(this);
}
/**
* @notice Checks if the path initialization is allowed based on the provided origin.
* @param origin The origin information containing the source endpoint and sender address.
* @return Whether the path has been initialized.
*
* @dev This indicates to the endpoint that the OApp has enabled msgs for this particular path to be received.
* @dev This defaults to assuming if a peer has been set, its initialized.
* Can be overridden by the OApp if there is other logic to determine this.
*/
function allowInitializePath(Origin calldata origin) public view virtual returns (bool) {
return peers[origin.srcEid] == origin.sender;
}
/**
* @notice Retrieves the next nonce for a given source endpoint and sender address.
* @dev _srcEid The source endpoint ID.
* @dev _sender The sender address.
* @return nonce The next nonce.
*
* @dev The path nonce starts from 1. If 0 is returned it means that there is NO nonce ordered enforcement.
* @dev Is required by the off-chain executor to determine the OApp expects msg execution is ordered.
* @dev This is also enforced by the OApp.
* @dev By default this is NOT enabled. ie. nextNonce is hardcoded to return 0.
*/
function nextNonce(uint32 /*_srcEid*/, bytes32 /*_sender*/) public view virtual returns (uint64 nonce) {
return 0;
}
/**
* @dev Entry point for receiving messages or packets from the endpoint.
* @param _origin The origin information containing the source endpoint and sender address.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address on the src chain.
* - nonce: The nonce of the message.
* @param _guid The unique identifier for the received LayerZero message.
* @param _message The payload of the received message.
* @param _executor The address of the executor for the received message.
* @param _extraData Additional arbitrary data provided by the corresponding executor.
*
* @dev Entry point for receiving msg/packet from the LayerZero endpoint.
*/
function lzReceive(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) public payable virtual {
// Ensures that only the endpoint can attempt to lzReceive() messages to this OApp.
if (address(endpoint) != msg.sender) revert OnlyEndpoint(msg.sender);
// Ensure that the sender matches the expected peer for the source endpoint.
if (_getPeerOrRevert(_origin.srcEid) != _origin.sender) revert OnlyPeer(_origin.srcEid, _origin.sender);
// Call the internal OApp implementation of lzReceive.
_lzReceive(_origin, _guid, _message, _executor, _extraData);
}
/**
* @dev Internal function to implement lzReceive logic without needing to copy the basic parameter validation.
*/
function _lzReceive(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) internal virtual;
}
OAppSender.sol 124 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { SafeERC20, IERC20 } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import { MessagingParams, MessagingFee, MessagingReceipt } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroEndpointV2.sol";
import { OAppCore } from "./OAppCore.sol";
/**
* @title OAppSender
* @dev Abstract contract implementing the OAppSender functionality for sending messages to a LayerZero endpoint.
*/
abstract contract OAppSender is OAppCore {
using SafeERC20 for IERC20;
// Custom error messages
error NotEnoughNative(uint256 msgValue);
error LzTokenUnavailable();
// @dev The version of the OAppSender implementation.
// @dev Version is bumped when changes are made to this contract.
uint64 internal constant SENDER_VERSION = 1;
/**
* @notice Retrieves the OApp version information.
* @return senderVersion The version of the OAppSender.sol contract.
* @return receiverVersion The version of the OAppReceiver.sol contract.
*
* @dev Providing 0 as the default for OAppReceiver version. Indicates that the OAppReceiver is not implemented.
* ie. this is a SEND only OApp.
* @dev If the OApp uses both OAppSender and OAppReceiver, then this needs to be override returning the correct versions
*/
function oAppVersion() public view virtual returns (uint64 senderVersion, uint64 receiverVersion) {
return (SENDER_VERSION, 0);
}
/**
* @dev Internal function to interact with the LayerZero EndpointV2.quote() for fee calculation.
* @param _dstEid The destination endpoint ID.
* @param _message The message payload.
* @param _options Additional options for the message.
* @param _payInLzToken Flag indicating whether to pay the fee in LZ tokens.
* @return fee The calculated MessagingFee for the message.
* - nativeFee: The native fee for the message.
* - lzTokenFee: The LZ token fee for the message.
*/
function _quote(
uint32 _dstEid,
bytes memory _message,
bytes memory _options,
bool _payInLzToken
) internal view virtual returns (MessagingFee memory fee) {
return
endpoint.quote(
MessagingParams(_dstEid, _getPeerOrRevert(_dstEid), _message, _options, _payInLzToken),
address(this)
);
}
/**
* @dev Internal function to interact with the LayerZero EndpointV2.send() for sending a message.
* @param _dstEid The destination endpoint ID.
* @param _message The message payload.
* @param _options Additional options for the message.
* @param _fee The calculated LayerZero fee for the message.
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
* @param _refundAddress The address to receive any excess fee values sent to the endpoint.
* @return receipt The receipt for the sent message.
* - guid: The unique identifier for the sent message.
* - nonce: The nonce of the sent message.
* - fee: The LayerZero fee incurred for the message.
*/
function _lzSend(
uint32 _dstEid,
bytes memory _message,
bytes memory _options,
MessagingFee memory _fee,
address _refundAddress
) internal virtual returns (MessagingReceipt memory receipt) {
// @dev Push corresponding fees to the endpoint, any excess is sent back to the _refundAddress from the endpoint.
uint256 messageValue = _payNative(_fee.nativeFee);
if (_fee.lzTokenFee > 0) _payLzToken(_fee.lzTokenFee);
return
// solhint-disable-next-line check-send-result
endpoint.send{ value: messageValue }(
MessagingParams(_dstEid, _getPeerOrRevert(_dstEid), _message, _options, _fee.lzTokenFee > 0),
_refundAddress
);
}
/**
* @dev Internal function to pay the native fee associated with the message.
* @param _nativeFee The native fee to be paid.
* @return nativeFee The amount of native currency paid.
*
* @dev If the OApp needs to initiate MULTIPLE LayerZero messages in a single transaction,
* this will need to be overridden because msg.value would contain multiple lzFees.
* @dev Should be overridden in the event the LayerZero endpoint requires a different native currency.
* @dev Some EVMs use an ERC20 as a method for paying transactions/gasFees.
* @dev The endpoint is EITHER/OR, ie. it will NOT support both types of native payment at a time.
*/
function _payNative(uint256 _nativeFee) internal virtual returns (uint256 nativeFee) {
if (msg.value != _nativeFee) revert NotEnoughNative(msg.value);
return _nativeFee;
}
/**
* @dev Internal function to pay the LZ token fee associated with the message.
* @param _lzTokenFee The LZ token fee to be paid.
*
* @dev If the caller is trying to pay in the specified lzToken, then the lzTokenFee is passed to the endpoint.
* @dev Any excess sent, is passed back to the specified _refundAddress in the _lzSend().
*/
function _payLzToken(uint256 _lzTokenFee) internal virtual {
// @dev Cannot cache the token because it is not immutable in the endpoint.
address lzToken = endpoint.lzToken();
if (lzToken == address(0)) revert LzTokenUnavailable();
// Pay LZ token fee by sending tokens to the endpoint.
IERC20(lzToken).safeTransferFrom(msg.sender, address(endpoint), _lzTokenFee);
}
}
IOAppPreCrimeSimulator.sol 55 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
// @dev Import the Origin so it's exposed to OAppPreCrimeSimulator implementers.
// solhint-disable-next-line no-unused-import
import { InboundPacket, Origin } from "../libs/Packet.sol";
/**
* @title IOAppPreCrimeSimulator Interface
* @dev Interface for the preCrime simulation functionality in an OApp.
*/
interface IOAppPreCrimeSimulator {
// @dev simulation result used in PreCrime implementation
error SimulationResult(bytes result);
error OnlySelf();
/**
* @dev Emitted when the preCrime contract address is set.
* @param preCrimeAddress The address of the preCrime contract.
*/
event PreCrimeSet(address preCrimeAddress);
/**
* @dev Retrieves the address of the preCrime contract implementation.
* @return The address of the preCrime contract.
*/
function preCrime() external view returns (address);
/**
* @dev Retrieves the address of the OApp contract.
* @return The address of the OApp contract.
*/
function oApp() external view returns (address);
/**
* @dev Sets the preCrime contract address.
* @param _preCrime The address of the preCrime contract.
*/
function setPreCrime(address _preCrime) external;
/**
* @dev Mocks receiving a packet, then reverts with a series of data to infer the state/result.
* @param _packets An array of LayerZero InboundPacket objects representing received packets.
*/
function lzReceiveAndRevert(InboundPacket[] calldata _packets) external payable;
/**
* @dev checks if the specified peer is considered 'trusted' by the OApp.
* @param _eid The endpoint Id to check.
* @param _peer The peer to check.
* @return Whether the peer passed is considered 'trusted' by the OApp.
*/
function isPeer(uint32 _eid, bytes32 _peer) external view returns (bool);
}
IPreCrime.sol 40 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
struct PreCrimePeer {
uint32 eid;
bytes32 preCrime;
bytes32 oApp;
}
// TODO not done yet
interface IPreCrime {
error OnlyOffChain();
// for simulate()
error PacketOversize(uint256 max, uint256 actual);
error PacketUnsorted();
error SimulationFailed(bytes reason);
// for preCrime()
error SimulationResultNotFound(uint32 eid);
error InvalidSimulationResult(uint32 eid, bytes reason);
error CrimeFound(bytes crime);
function getConfig(bytes[] calldata _packets, uint256[] calldata _packetMsgValues) external returns (bytes memory);
function simulate(
bytes[] calldata _packets,
uint256[] calldata _packetMsgValues
) external payable returns (bytes memory);
function buildSimulationResult() external view returns (bytes memory);
function preCrime(
bytes[] calldata _packets,
uint256[] calldata _packetMsgValues,
bytes[] calldata _simulations
) external;
function version() external view returns (uint64 major, uint8 minor);
}
Packet.sol 61 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { Origin } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroEndpointV2.sol";
import { PacketV1Codec } from "@layerzerolabs/lz-evm-protocol-v2/contracts/messagelib/libs/PacketV1Codec.sol";
/**
* @title InboundPacket
* @dev Structure representing an inbound packet received by the contract.
*/
struct InboundPacket {
Origin origin; // Origin information of the packet.
uint32 dstEid; // Destination endpointId of the packet.
address receiver; // Receiver address for the packet.
bytes32 guid; // Unique identifier of the packet.
uint256 value; // msg.value of the packet.
address executor; // Executor address for the packet.
bytes message; // Message payload of the packet.
bytes extraData; // Additional arbitrary data for the packet.
}
/**
* @title PacketDecoder
* @dev Library for decoding LayerZero packets.
*/
library PacketDecoder {
using PacketV1Codec for bytes;
/**
* @dev Decode an inbound packet from the given packet data.
* @param _packet The packet data to decode.
* @return packet An InboundPacket struct representing the decoded packet.
*/
function decode(bytes calldata _packet) internal pure returns (InboundPacket memory packet) {
packet.origin = Origin(_packet.srcEid(), _packet.sender(), _packet.nonce());
packet.dstEid = _packet.dstEid();
packet.receiver = _packet.receiverB20();
packet.guid = _packet.guid();
packet.message = _packet.message();
}
/**
* @dev Decode multiple inbound packets from the given packet data and associated message values.
* @param _packets An array of packet data to decode.
* @param _packetMsgValues An array of associated message values for each packet.
* @return packets An array of InboundPacket structs representing the decoded packets.
*/
function decode(
bytes[] calldata _packets,
uint256[] memory _packetMsgValues
) internal pure returns (InboundPacket[] memory packets) {
packets = new InboundPacket[](_packets.length);
for (uint256 i = 0; i < _packets.length; i++) {
bytes calldata packet = _packets[i];
packets[i] = PacketDecoder.decode(packet);
// @dev Allows the verifier to specify the msg.value that gets passed in lzReceive.
packets[i].value = _packetMsgValues[i];
}
}
}
IOFT.sol 150 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import { MessagingReceipt, MessagingFee } from "@layerzerolabs/oapp-evm/contracts/oapp/OAppSender.sol";
/**
* @dev Struct representing token parameters for the OFT send() operation.
*/
struct SendParam {
uint32 dstEid; // Destination endpoint ID.
bytes32 to; // Recipient address.
uint256 amountLD; // Amount to send in local decimals.
uint256 minAmountLD; // Minimum amount to send in local decimals.
bytes extraOptions; // Additional options supplied by the caller to be used in the LayerZero message.
bytes composeMsg; // The composed message for the send() operation.
bytes oftCmd; // The OFT command to be executed, unused in default OFT implementations.
}
/**
* @dev Struct representing OFT limit information.
* @dev These amounts can change dynamically and are up the specific oft implementation.
*/
struct OFTLimit {
uint256 minAmountLD; // Minimum amount in local decimals that can be sent to the recipient.
uint256 maxAmountLD; // Maximum amount in local decimals that can be sent to the recipient.
}
/**
* @dev Struct representing OFT receipt information.
*/
struct OFTReceipt {
uint256 amountSentLD; // Amount of tokens ACTUALLY debited from the sender in local decimals.
// @dev In non-default implementations, the amountReceivedLD COULD differ from this value.
uint256 amountReceivedLD; // Amount of tokens to be received on the remote side.
}
/**
* @dev Struct representing OFT fee details.
* @dev Future proof mechanism to provide a standardized way to communicate fees to things like a UI.
*/
struct OFTFeeDetail {
int256 feeAmountLD; // Amount of the fee in local decimals.
string description; // Description of the fee.
}
/**
* @title IOFT
* @dev Interface for the OftChain (OFT) token.
* @dev Does not inherit ERC20 to accommodate usage by OFTAdapter as well.
* @dev This specific interface ID is '0x02e49c2c'.
*/
interface IOFT {
// Custom error messages
error InvalidLocalDecimals();
error SlippageExceeded(uint256 amountLD, uint256 minAmountLD);
error AmountSDOverflowed(uint256 amountSD);
// Events
event OFTSent(
bytes32 indexed guid, // GUID of the OFT message.
uint32 dstEid, // Destination Endpoint ID.
address indexed fromAddress, // Address of the sender on the src chain.
uint256 amountSentLD, // Amount of tokens sent in local decimals.
uint256 amountReceivedLD // Amount of tokens received in local decimals.
);
event OFTReceived(
bytes32 indexed guid, // GUID of the OFT message.
uint32 srcEid, // Source Endpoint ID.
address indexed toAddress, // Address of the recipient on the dst chain.
uint256 amountReceivedLD // Amount of tokens received in local decimals.
);
/**
* @notice Retrieves interfaceID and the version of the OFT.
* @return interfaceId The interface ID.
* @return version The version.
*
* @dev interfaceId: This specific interface ID is '0x02e49c2c'.
* @dev version: Indicates a cross-chain compatible msg encoding with other OFTs.
* @dev If a new feature is added to the OFT cross-chain msg encoding, the version will be incremented.
* ie. localOFT version(x,1) CAN send messages to remoteOFT version(x,1)
*/
function oftVersion() external view returns (bytes4 interfaceId, uint64 version);
/**
* @notice Retrieves the address of the token associated with the OFT.
* @return token The address of the ERC20 token implementation.
*/
function token() external view returns (address);
/**
* @notice Indicates whether the OFT contract requires approval of the 'token()' to send.
* @return requiresApproval Needs approval of the underlying token implementation.
*
* @dev Allows things like wallet implementers to determine integration requirements,
* without understanding the underlying token implementation.
*/
function approvalRequired() external view returns (bool);
/**
* @notice Retrieves the shared decimals of the OFT.
* @return sharedDecimals The shared decimals of the OFT.
*/
function sharedDecimals() external view returns (uint8);
/**
* @notice Provides the fee breakdown and settings data for an OFT. Unused in the default implementation.
* @param _sendParam The parameters for the send operation.
* @return limit The OFT limit information.
* @return oftFeeDetails The details of OFT fees.
* @return receipt The OFT receipt information.
*/
function quoteOFT(
SendParam calldata _sendParam
) external view returns (OFTLimit memory, OFTFeeDetail[] memory oftFeeDetails, OFTReceipt memory);
/**
* @notice Provides a quote for the send() operation.
* @param _sendParam The parameters for the send() operation.
* @param _payInLzToken Flag indicating whether the caller is paying in the LZ token.
* @return fee The calculated LayerZero messaging fee from the send() operation.
*
* @dev MessagingFee: LayerZero msg fee
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
*/
function quoteSend(SendParam calldata _sendParam, bool _payInLzToken) external view returns (MessagingFee memory);
/**
* @notice Executes the send() operation.
* @param _sendParam The parameters for the send operation.
* @param _fee The fee information supplied by the caller.
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
* @param _refundAddress The address to receive any excess funds from fees etc. on the src.
* @return receipt The LayerZero messaging receipt from the send() operation.
* @return oftReceipt The OFT receipt information.
*
* @dev MessagingReceipt: LayerZero msg receipt
* - guid: The unique identifier for the sent message.
* - nonce: The nonce of the sent message.
* - fee: The LayerZero fee incurred for the message.
*/
function send(
SendParam calldata _sendParam,
MessagingFee calldata _fee,
address _refundAddress
) external payable returns (MessagingReceipt memory, OFTReceipt memory);
}
OFTComposeMsgCodec.sol 91 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
library OFTComposeMsgCodec {
// Offset constants for decoding composed messages
uint8 private constant NONCE_OFFSET = 8;
uint8 private constant SRC_EID_OFFSET = 12;
uint8 private constant AMOUNT_LD_OFFSET = 44;
uint8 private constant COMPOSE_FROM_OFFSET = 76;
/**
* @dev Encodes a OFT composed message.
* @param _nonce The nonce value.
* @param _srcEid The source endpoint ID.
* @param _amountLD The amount in local decimals.
* @param _composeMsg The composed message.
* @return _msg The encoded Composed message.
*/
function encode(
uint64 _nonce,
uint32 _srcEid,
uint256 _amountLD,
bytes memory _composeMsg // 0x[composeFrom][composeMsg]
) internal pure returns (bytes memory _msg) {
_msg = abi.encodePacked(_nonce, _srcEid, _amountLD, _composeMsg);
}
/**
* @dev Retrieves the nonce for the composed message.
* @param _msg The message.
* @return The nonce value.
*/
function nonce(bytes calldata _msg) internal pure returns (uint64) {
return uint64(bytes8(_msg[:NONCE_OFFSET]));
}
/**
* @dev Retrieves the source endpoint ID for the composed message.
* @param _msg The message.
* @return The source endpoint ID.
*/
function srcEid(bytes calldata _msg) internal pure returns (uint32) {
return uint32(bytes4(_msg[NONCE_OFFSET:SRC_EID_OFFSET]));
}
/**
* @dev Retrieves the amount in local decimals from the composed message.
* @param _msg The message.
* @return The amount in local decimals.
*/
function amountLD(bytes calldata _msg) internal pure returns (uint256) {
return uint256(bytes32(_msg[SRC_EID_OFFSET:AMOUNT_LD_OFFSET]));
}
/**
* @dev Retrieves the composeFrom value from the composed message.
* @param _msg The message.
* @return The composeFrom value.
*/
function composeFrom(bytes calldata _msg) internal pure returns (bytes32) {
return bytes32(_msg[AMOUNT_LD_OFFSET:COMPOSE_FROM_OFFSET]);
}
/**
* @dev Retrieves the composed message.
* @param _msg The message.
* @return The composed message.
*/
function composeMsg(bytes calldata _msg) internal pure returns (bytes memory) {
return _msg[COMPOSE_FROM_OFFSET:];
}
/**
* @dev Converts an address to bytes32.
* @param _addr The address to convert.
* @return The bytes32 representation of the address.
*/
function addressToBytes32(address _addr) internal pure returns (bytes32) {
return bytes32(uint256(uint160(_addr)));
}
/**
* @dev Converts bytes32 to an address.
* @param _b The bytes32 value to convert.
* @return The address representation of bytes32.
*/
function bytes32ToAddress(bytes32 _b) internal pure returns (address) {
return address(uint160(uint256(_b)));
}
}
OFTMsgCodec.sol 83 lines
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
library OFTMsgCodec {
// Offset constants for encoding and decoding OFT messages
uint8 private constant SEND_TO_OFFSET = 32;
uint8 private constant SEND_AMOUNT_SD_OFFSET = 40;
/**
* @dev Encodes an OFT LayerZero message.
* @param _sendTo The recipient address.
* @param _amountShared The amount in shared decimals.
* @param _composeMsg The composed message.
* @return _msg The encoded message.
* @return hasCompose A boolean indicating whether the message has a composed payload.
*/
function encode(
bytes32 _sendTo,
uint64 _amountShared,
bytes memory _composeMsg
) internal view returns (bytes memory _msg, bool hasCompose) {
hasCompose = _composeMsg.length > 0;
// @dev Remote chains will want to know the composed function caller ie. msg.sender on the src.
_msg = hasCompose
? abi.encodePacked(_sendTo, _amountShared, addressToBytes32(msg.sender), _composeMsg)
: abi.encodePacked(_sendTo, _amountShared);
}
/**
* @dev Checks if the OFT message is composed.
* @param _msg The OFT message.
* @return A boolean indicating whether the message is composed.
*/
function isComposed(bytes calldata _msg) internal pure returns (bool) {
return _msg.length > SEND_AMOUNT_SD_OFFSET;
}
/**
* @dev Retrieves the recipient address from the OFT message.
* @param _msg The OFT message.
* @return The recipient address.
*/
function sendTo(bytes calldata _msg) internal pure returns (bytes32) {
return bytes32(_msg[:SEND_TO_OFFSET]);
}
/**
* @dev Retrieves the amount in shared decimals from the OFT message.
* @param _msg The OFT message.
* @return The amount in shared decimals.
*/
function amountSD(bytes calldata _msg) internal pure returns (uint64) {
return uint64(bytes8(_msg[SEND_TO_OFFSET:SEND_AMOUNT_SD_OFFSET]));
}
/**
* @dev Retrieves the composed message from the OFT message.
* @param _msg The OFT message.
* @return The composed message.
*/
function composeMsg(bytes calldata _msg) internal pure returns (bytes memory) {
return _msg[SEND_AMOUNT_SD_OFFSET:];
}
/**
* @dev Converts an address to bytes32.
* @param _addr The address to convert.
* @return The bytes32 representation of the address.
*/
function addressToBytes32(address _addr) internal pure returns (bytes32) {
return bytes32(uint256(uint160(_addr)));
}
/**
* @dev Converts bytes32 to an address.
* @param _b The bytes32 value to convert.
* @return The address representation of bytes32.
*/
function bytes32ToAddress(bytes32 _b) internal pure returns (address) {
return address(uint160(uint256(_b)));
}
}
AccessControlUpgradeable.sol 232 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (access/AccessControl.sol)
pragma solidity ^0.8.20;
import {IAccessControl} from "@openzeppelin/contracts/access/IAccessControl.sol";
import {ContextUpgradeable} from "../utils/ContextUpgradeable.sol";
import {IERC165} from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
import {ERC165Upgradeable} from "../utils/introspection/ERC165Upgradeable.sol";
import {Initializable} from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms. This is a lightweight version that doesn't allow enumerating role
* members except through off-chain means by accessing the contract event logs. Some
* applications may benefit from on-chain enumerability, for those cases see
* {AccessControlEnumerable}.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```solidity
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```solidity
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules}
* to enforce additional security measures for this role.
*/
abstract contract AccessControlUpgradeable is Initializable, ContextUpgradeable, IAccessControl, ERC165Upgradeable {
struct RoleData {
mapping(address account => bool) hasRole;
bytes32 adminRole;
}
bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;
/// @custom:storage-location erc7201:openzeppelin.storage.AccessControl
struct AccessControlStorage {
mapping(bytes32 role => RoleData) _roles;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.AccessControl")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant AccessControlStorageLocation = 0x02dd7bc7dec4dceedda775e58dd541e08a116c6c53815c0bd028192f7b626800;
function _getAccessControlStorage() private pure returns (AccessControlStorage storage $) {
assembly {
$.slot := AccessControlStorageLocation
}
}
/**
* @dev Modifier that checks that an account has a specific role. Reverts
* with an {AccessControlUnauthorizedAccount} error including the required role.
*/
modifier onlyRole(bytes32 role) {
_checkRole(role);
_;
}
function __AccessControl_init() internal onlyInitializing {
}
function __AccessControl_init_unchained() internal onlyInitializing {
}
/// @inheritdoc IERC165
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId);
}
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) public view virtual returns (bool) {
AccessControlStorage storage $ = _getAccessControlStorage();
return $._roles[role].hasRole[account];
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `_msgSender()`
* is missing `role`. Overriding this function changes the behavior of the {onlyRole} modifier.
*/
function _checkRole(bytes32 role) internal view virtual {
_checkRole(role, _msgSender());
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `account`
* is missing `role`.
*/
function _checkRole(bytes32 role, address account) internal view virtual {
if (!hasRole(role, account)) {
revert AccessControlUnauthorizedAccount(account, role);
}
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) public view virtual returns (bytes32) {
AccessControlStorage storage $ = _getAccessControlStorage();
return $._roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleGranted} event.
*/
function grantRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleRevoked} event.
*/
function revokeRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been revoked `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*
* May emit a {RoleRevoked} event.
*/
function renounceRole(bytes32 role, address callerConfirmation) public virtual {
if (callerConfirmation != _msgSender()) {
revert AccessControlBadConfirmation();
}
_revokeRole(role, callerConfirmation);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
AccessControlStorage storage $ = _getAccessControlStorage();
bytes32 previousAdminRole = getRoleAdmin(role);
$._roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
/**
* @dev Attempts to grant `role` to `account` and returns a boolean indicating if `role` was granted.
*
* Internal function without access restriction.
*
* May emit a {RoleGranted} event.
*/
function _grantRole(bytes32 role, address account) internal virtual returns (bool) {
AccessControlStorage storage $ = _getAccessControlStorage();
if (!hasRole(role, account)) {
$._roles[role].hasRole[account] = true;
emit RoleGranted(role, account, _msgSender());
return true;
} else {
return false;
}
}
/**
* @dev Attempts to revoke `role` from `account` and returns a boolean indicating if `role` was revoked.
*
* Internal function without access restriction.
*
* May emit a {RoleRevoked} event.
*/
function _revokeRole(bytes32 role, address account) internal virtual returns (bool) {
AccessControlStorage storage $ = _getAccessControlStorage();
if (hasRole(role, account)) {
$._roles[role].hasRole[account] = false;
emit RoleRevoked(role, account, _msgSender());
return true;
} else {
return false;
}
}
}
OwnableUpgradeable.sol 119 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)
pragma solidity ^0.8.20;
import {ContextUpgradeable} from "../utils/ContextUpgradeable.sol";
import {Initializable} from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* The initial owner is set to the address provided by the deployer. This can
* later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract OwnableUpgradeable is Initializable, ContextUpgradeable {
/// @custom:storage-location erc7201:openzeppelin.storage.Ownable
struct OwnableStorage {
address _owner;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Ownable")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant OwnableStorageLocation = 0x9016d09d72d40fdae2fd8ceac6b6234c7706214fd39c1cd1e609a0528c199300;
function _getOwnableStorage() private pure returns (OwnableStorage storage $) {
assembly {
$.slot := OwnableStorageLocation
}
}
/**
* @dev The caller account is not authorized to perform an operation.
*/
error OwnableUnauthorizedAccount(address account);
/**
* @dev The owner is not a valid owner account. (eg. `address(0)`)
*/
error OwnableInvalidOwner(address owner);
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the address provided by the deployer as the initial owner.
*/
function __Ownable_init(address initialOwner) internal onlyInitializing {
__Ownable_init_unchained(initialOwner);
}
function __Ownable_init_unchained(address initialOwner) internal onlyInitializing {
if (initialOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(initialOwner);
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
OwnableStorage storage $ = _getOwnableStorage();
return $._owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
if (owner() != _msgSender()) {
revert OwnableUnauthorizedAccount(_msgSender());
}
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
if (newOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
OwnableStorage storage $ = _getOwnableStorage();
address oldOwner = $._owner;
$._owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
ERC20Upgradeable.sol 330 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {IERC20Metadata} from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import {ContextUpgradeable} from "../../utils/ContextUpgradeable.sol";
import {IERC20Errors} from "@openzeppelin/contracts/interfaces/draft-IERC6093.sol";
import {Initializable} from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* The default value of {decimals} is 18. To change this, you should override
* this function so it returns a different value.
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC-20
* applications.
*/
abstract contract ERC20Upgradeable is Initializable, ContextUpgradeable, IERC20, IERC20Metadata, IERC20Errors {
/// @custom:storage-location erc7201:openzeppelin.storage.ERC20
struct ERC20Storage {
mapping(address account => uint256) _balances;
mapping(address account => mapping(address spender => uint256)) _allowances;
uint256 _totalSupply;
string _name;
string _symbol;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.ERC20")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant ERC20StorageLocation = 0x52c63247e1f47db19d5ce0460030c497f067ca4cebf71ba98eeadabe20bace00;
function _getERC20Storage() private pure returns (ERC20Storage storage $) {
assembly {
$.slot := ERC20StorageLocation
}
}
/**
* @dev Sets the values for {name} and {symbol}.
*
* Both values are immutable: they can only be set once during construction.
*/
function __ERC20_init(string memory name_, string memory symbol_) internal onlyInitializing {
__ERC20_init_unchained(name_, symbol_);
}
function __ERC20_init_unchained(string memory name_, string memory symbol_) internal onlyInitializing {
ERC20Storage storage $ = _getERC20Storage();
$._name = name_;
$._symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual returns (string memory) {
ERC20Storage storage $ = _getERC20Storage();
return $._name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual returns (string memory) {
ERC20Storage storage $ = _getERC20Storage();
return $._symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the default value returned by this function, unless
* it's overridden.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual returns (uint8) {
return 18;
}
/// @inheritdoc IERC20
function totalSupply() public view virtual returns (uint256) {
ERC20Storage storage $ = _getERC20Storage();
return $._totalSupply;
}
/// @inheritdoc IERC20
function balanceOf(address account) public view virtual returns (uint256) {
ERC20Storage storage $ = _getERC20Storage();
return $._balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `value`.
*/
function transfer(address to, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_transfer(owner, to, value);
return true;
}
/// @inheritdoc IERC20
function allowance(address owner, address spender) public view virtual returns (uint256) {
ERC20Storage storage $ = _getERC20Storage();
return $._allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `value` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, value);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Skips emitting an {Approval} event indicating an allowance update. This is not
* required by the ERC. See {xref-ERC20-_approve-address-address-uint256-bool-}[_approve].
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `value`.
* - the caller must have allowance for ``from``'s tokens of at least
* `value`.
*/
function transferFrom(address from, address to, uint256 value) public virtual returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, value);
_transfer(from, to, value);
return true;
}
/**
* @dev Moves a `value` amount of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _transfer(address from, address to, uint256 value) internal {
if (from == address(0)) {
revert ERC20InvalidSender(address(0));
}
if (to == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(from, to, value);
}
/**
* @dev Transfers a `value` amount of tokens from `from` to `to`, or alternatively mints (or burns) if `from`
* (or `to`) is the zero address. All customizations to transfers, mints, and burns should be done by overriding
* this function.
*
* Emits a {Transfer} event.
*/
function _update(address from, address to, uint256 value) internal virtual {
ERC20Storage storage $ = _getERC20Storage();
if (from == address(0)) {
// Overflow check required: The rest of the code assumes that totalSupply never overflows
$._totalSupply += value;
} else {
uint256 fromBalance = $._balances[from];
if (fromBalance < value) {
revert ERC20InsufficientBalance(from, fromBalance, value);
}
unchecked {
// Overflow not possible: value <= fromBalance <= totalSupply.
$._balances[from] = fromBalance - value;
}
}
if (to == address(0)) {
unchecked {
// Overflow not possible: value <= totalSupply or value <= fromBalance <= totalSupply.
$._totalSupply -= value;
}
} else {
unchecked {
// Overflow not possible: balance + value is at most totalSupply, which we know fits into a uint256.
$._balances[to] += value;
}
}
emit Transfer(from, to, value);
}
/**
* @dev Creates a `value` amount of tokens and assigns them to `account`, by transferring it from address(0).
* Relies on the `_update` mechanism
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _mint(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(address(0), account, value);
}
/**
* @dev Destroys a `value` amount of tokens from `account`, lowering the total supply.
* Relies on the `_update` mechanism.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead
*/
function _burn(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidSender(address(0));
}
_update(account, address(0), value);
}
/**
* @dev Sets `value` as the allowance of `spender` over the `owner`'s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*
* Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
*/
function _approve(address owner, address spender, uint256 value) internal {
_approve(owner, spender, value, true);
}
/**
* @dev Variant of {_approve} with an optional flag to enable or disable the {Approval} event.
*
* By default (when calling {_approve}) the flag is set to true. On the other hand, approval changes made by
* `_spendAllowance` during the `transferFrom` operation sets the flag to false. This saves gas by not emitting any
* `Approval` event during `transferFrom` operations.
*
* Anyone who wishes to continue emitting `Approval` events on the `transferFrom` operation can force the flag to
* true using the following override:
*
* ```solidity
* function _approve(address owner, address spender, uint256 value, bool) internal virtual override {
* super._approve(owner, spender, value, true);
* }
* ```
*
* Requirements are the same as {_approve}.
*/
function _approve(address owner, address spender, uint256 value, bool emitEvent) internal virtual {
ERC20Storage storage $ = _getERC20Storage();
if (owner == address(0)) {
revert ERC20InvalidApprover(address(0));
}
if (spender == address(0)) {
revert ERC20InvalidSpender(address(0));
}
$._allowances[owner][spender] = value;
if (emitEvent) {
emit Approval(owner, spender, value);
}
}
/**
* @dev Updates `owner`'s allowance for `spender` based on spent `value`.
*
* Does not update the allowance value in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Does not emit an {Approval} event.
*/
function _spendAllowance(address owner, address spender, uint256 value) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance < type(uint256).max) {
if (currentAllowance < value) {
revert ERC20InsufficientAllowance(spender, currentAllowance, value);
}
unchecked {
_approve(owner, spender, currentAllowance - value, false);
}
}
}
}
ERC4626Upgradeable.sol 327 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (token/ERC20/extensions/ERC4626.sol)
pragma solidity ^0.8.24;
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {IERC20Metadata} from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import {ERC20Upgradeable} from "../ERC20Upgradeable.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {IERC4626} from "@openzeppelin/contracts/interfaces/IERC4626.sol";
import {LowLevelCall} from "@openzeppelin/contracts/utils/LowLevelCall.sol";
import {Memory} from "@openzeppelin/contracts/utils/Memory.sol";
import {Math} from "@openzeppelin/contracts/utils/math/Math.sol";
import {Initializable} from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
/**
* @dev Implementation of the ERC-4626 "Tokenized Vault Standard" as defined in
* https://eips.ethereum.org/EIPS/eip-4626[ERC-4626].
*
* This extension allows the minting and burning of "shares" (represented using the ERC-20 inheritance) in exchange for
* underlying "assets" through standardized {deposit}, {mint}, {redeem} and {burn} workflows. This contract extends
* the ERC-20 standard. Any additional extensions included along it would affect the "shares" token represented by this
* contract and not the "assets" token which is an independent contract.
*
* [CAUTION]
* ====
* In empty (or nearly empty) ERC-4626 vaults, deposits are at high risk of being stolen through frontrunning
* with a "donation" to the vault that inflates the price of a share. This is variously known as a donation or inflation
* attack and is essentially a problem of slippage. Vault deployers can protect against this attack by making an initial
* deposit of a non-trivial amount of the asset, such that price manipulation becomes infeasible. Withdrawals may
* similarly be affected by slippage. Users can protect against this attack as well as unexpected slippage in general by
* verifying the amount received is as expected, using a wrapper that performs these checks such as
* https://github.com/fei-protocol/ERC4626#erc4626router-and-base[ERC4626Router].
*
* Since v4.9, this implementation introduces configurable virtual assets and shares to help developers mitigate that risk.
* The `_decimalsOffset()` corresponds to an offset in the decimal representation between the underlying asset's decimals
* and the vault decimals. This offset also determines the rate of virtual shares to virtual assets in the vault, which
* itself determines the initial exchange rate. While not fully preventing the attack, analysis shows that the default
* offset (0) makes it non-profitable even if an attacker is able to capture value from multiple user deposits, as a result
* of the value being captured by the virtual shares (out of the attacker's donation) matching the attacker's expected gains.
* With a larger offset, the attack becomes orders of magnitude more expensive than it is profitable. More details about the
* underlying math can be found xref:ROOT:erc4626.adoc#inflation-attack[here].
*
* The drawback of this approach is that the virtual shares do capture (a very small) part of the value being accrued
* to the vault. Also, if the vault experiences losses, the users try to exit the vault, the virtual shares and assets
* will cause the first user to exit to experience reduced losses in detriment to the last users that will experience
* bigger losses. Developers willing to revert back to the pre-v4.9 behavior just need to override the
* `_convertToShares` and `_convertToAssets` functions.
*
* To learn more, check out our xref:ROOT:erc4626.adoc[ERC-4626 guide].
* ====
*
* [NOTE]
* ====
* When overriding this contract, some elements must be considered:
*
* * When overriding the behavior of the deposit or withdraw mechanisms, it is recommended to override the internal
* functions. Overriding {_deposit} automatically affects both {deposit} and {mint}. Similarly, overriding {_withdraw}
* automatically affects both {withdraw} and {redeem}. Overall it is not recommended to override the public facing
* functions since that could lead to inconsistent behaviors between the {deposit} and {mint} or between {withdraw} and
* {redeem}, which is documented to have lead to loss of funds.
*
* * Overrides to the deposit or withdraw mechanism must be reflected in the preview functions as well.
*
* * {maxWithdraw} depends on {maxRedeem}. Therefore, overriding {maxRedeem} only is enough. On the other hand,
* overriding {maxWithdraw} only would have no effect on {maxRedeem}, and could create an inconsistency between the two
* functions.
*
* * If {previewRedeem} is overridden to revert, {maxWithdraw} must be overridden as necessary to ensure it
* always return successfully.
* ====
*/
abstract contract ERC4626Upgradeable is Initializable, ERC20Upgradeable, IERC4626 {
using Math for uint256;
/// @custom:storage-location erc7201:openzeppelin.storage.ERC4626
struct ERC4626Storage {
IERC20 _asset;
uint8 _underlyingDecimals;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.ERC4626")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant ERC4626StorageLocation = 0x0773e532dfede91f04b12a73d3d2acd361424f41f76b4fb79f090161e36b4e00;
function _getERC4626Storage() private pure returns (ERC4626Storage storage $) {
assembly {
$.slot := ERC4626StorageLocation
}
}
/**
* @dev Attempted to deposit more assets than the max amount for `receiver`.
*/
error ERC4626ExceededMaxDeposit(address receiver, uint256 assets, uint256 max);
/**
* @dev Attempted to mint more shares than the max amount for `receiver`.
*/
error ERC4626ExceededMaxMint(address receiver, uint256 shares, uint256 max);
/**
* @dev Attempted to withdraw more assets than the max amount for `receiver`.
*/
error ERC4626ExceededMaxWithdraw(address owner, uint256 assets, uint256 max);
/**
* @dev Attempted to redeem more shares than the max amount for `receiver`.
*/
error ERC4626ExceededMaxRedeem(address owner, uint256 shares, uint256 max);
/**
* @dev Set the underlying asset contract. This must be an ERC20-compatible contract (ERC-20 or ERC-777).
*/
function __ERC4626_init(IERC20 asset_) internal onlyInitializing {
__ERC4626_init_unchained(asset_);
}
function __ERC4626_init_unchained(IERC20 asset_) internal onlyInitializing {
ERC4626Storage storage $ = _getERC4626Storage();
(bool success, uint8 assetDecimals) = _tryGetAssetDecimals(asset_);
$._underlyingDecimals = success ? assetDecimals : 18;
$._asset = asset_;
}
/**
* @dev Attempts to fetch the asset decimals. A return value of false indicates that the attempt failed in some way.
*/
function _tryGetAssetDecimals(IERC20 asset_) private view returns (bool ok, uint8 assetDecimals) {
Memory.Pointer ptr = Memory.getFreeMemoryPointer();
(bool success, bytes32 returnedDecimals, ) = LowLevelCall.staticcallReturn64Bytes(
address(asset_),
abi.encodeCall(IERC20Metadata.decimals, ())
);
Memory.setFreeMemoryPointer(ptr);
return
(success && LowLevelCall.returnDataSize() >= 32 && uint256(returnedDecimals) <= type(uint8).max)
? (true, uint8(uint256(returnedDecimals)))
: (false, 0);
}
/**
* @dev Decimals are computed by adding the decimal offset on top of the underlying asset's decimals. This
* "original" value is cached during construction of the vault contract. If this read operation fails (e.g., the
* asset has not been created yet), a default of 18 is used to represent the underlying asset's decimals.
*
* See {IERC20Metadata-decimals}.
*/
function decimals() public view virtual override(IERC20Metadata, ERC20Upgradeable) returns (uint8) {
ERC4626Storage storage $ = _getERC4626Storage();
return $._underlyingDecimals + _decimalsOffset();
}
/// @inheritdoc IERC4626
function asset() public view virtual returns (address) {
ERC4626Storage storage $ = _getERC4626Storage();
return address($._asset);
}
/// @inheritdoc IERC4626
function totalAssets() public view virtual returns (uint256) {
return IERC20(asset()).balanceOf(address(this));
}
/// @inheritdoc IERC4626
function convertToShares(uint256 assets) public view virtual returns (uint256) {
return _convertToShares(assets, Math.Rounding.Floor);
}
/// @inheritdoc IERC4626
function convertToAssets(uint256 shares) public view virtual returns (uint256) {
return _convertToAssets(shares, Math.Rounding.Floor);
}
/// @inheritdoc IERC4626
function maxDeposit(address) public view virtual returns (uint256) {
return type(uint256).max;
}
/// @inheritdoc IERC4626
function maxMint(address) public view virtual returns (uint256) {
return type(uint256).max;
}
/// @inheritdoc IERC4626
function maxWithdraw(address owner) public view virtual returns (uint256) {
return previewRedeem(maxRedeem(owner));
}
/// @inheritdoc IERC4626
function maxRedeem(address owner) public view virtual returns (uint256) {
return balanceOf(owner);
}
/// @inheritdoc IERC4626
function previewDeposit(uint256 assets) public view virtual returns (uint256) {
return _convertToShares(assets, Math.Rounding.Floor);
}
/// @inheritdoc IERC4626
function previewMint(uint256 shares) public view virtual returns (uint256) {
return _convertToAssets(shares, Math.Rounding.Ceil);
}
/// @inheritdoc IERC4626
function previewWithdraw(uint256 assets) public view virtual returns (uint256) {
return _convertToShares(assets, Math.Rounding.Ceil);
}
/// @inheritdoc IERC4626
function previewRedeem(uint256 shares) public view virtual returns (uint256) {
return _convertToAssets(shares, Math.Rounding.Floor);
}
/// @inheritdoc IERC4626
function deposit(uint256 assets, address receiver) public virtual returns (uint256) {
uint256 maxAssets = maxDeposit(receiver);
if (assets > maxAssets) {
revert ERC4626ExceededMaxDeposit(receiver, assets, maxAssets);
}
uint256 shares = previewDeposit(assets);
_deposit(_msgSender(), receiver, assets, shares);
return shares;
}
/// @inheritdoc IERC4626
function mint(uint256 shares, address receiver) public virtual returns (uint256) {
uint256 maxShares = maxMint(receiver);
if (shares > maxShares) {
revert ERC4626ExceededMaxMint(receiver, shares, maxShares);
}
uint256 assets = previewMint(shares);
_deposit(_msgSender(), receiver, assets, shares);
return assets;
}
/// @inheritdoc IERC4626
function withdraw(uint256 assets, address receiver, address owner) public virtual returns (uint256) {
uint256 maxAssets = maxWithdraw(owner);
if (assets > maxAssets) {
revert ERC4626ExceededMaxWithdraw(owner, assets, maxAssets);
}
uint256 shares = previewWithdraw(assets);
_withdraw(_msgSender(), receiver, owner, assets, shares);
return shares;
}
/// @inheritdoc IERC4626
function redeem(uint256 shares, address receiver, address owner) public virtual returns (uint256) {
uint256 maxShares = maxRedeem(owner);
if (shares > maxShares) {
revert ERC4626ExceededMaxRedeem(owner, shares, maxShares);
}
uint256 assets = previewRedeem(shares);
_withdraw(_msgSender(), receiver, owner, assets, shares);
return assets;
}
/**
* @dev Internal conversion function (from assets to shares) with support for rounding direction.
*/
function _convertToShares(uint256 assets, Math.Rounding rounding) internal view virtual returns (uint256) {
return assets.mulDiv(totalSupply() + 10 ** _decimalsOffset(), totalAssets() + 1, rounding);
}
/**
* @dev Internal conversion function (from shares to assets) with support for rounding direction.
*/
function _convertToAssets(uint256 shares, Math.Rounding rounding) internal view virtual returns (uint256) {
return shares.mulDiv(totalAssets() + 1, totalSupply() + 10 ** _decimalsOffset(), rounding);
}
/**
* @dev Deposit/mint common workflow.
*/
function _deposit(address caller, address receiver, uint256 assets, uint256 shares) internal virtual {
// If asset() is ERC-777, `transferFrom` can trigger a reentrancy BEFORE the transfer happens through the
// `tokensToSend` hook. On the other hand, the `tokenReceived` hook, that is triggered after the transfer,
// calls the vault, which is assumed not malicious.
//
// Conclusion: we need to do the transfer before we mint so that any reentrancy would happen before the
// assets are transferred and before the shares are minted, which is a valid state.
// slither-disable-next-line reentrancy-no-eth
SafeERC20.safeTransferFrom(IERC20(asset()), caller, address(this), assets);
_mint(receiver, shares);
emit Deposit(caller, receiver, assets, shares);
}
/**
* @dev Withdraw/redeem common workflow.
*/
function _withdraw(
address caller,
address receiver,
address owner,
uint256 assets,
uint256 shares
) internal virtual {
if (caller != owner) {
_spendAllowance(owner, caller, shares);
}
// If asset() is ERC-777, `transfer` can trigger a reentrancy AFTER the transfer happens through the
// `tokensReceived` hook. On the other hand, the `tokensToSend` hook, that is triggered before the transfer,
// calls the vault, which is assumed not malicious.
//
// Conclusion: we need to do the transfer after the burn so that any reentrancy would happen after the
// shares are burned and after the assets are transferred, which is a valid state.
_burn(owner, shares);
SafeERC20.safeTransfer(IERC20(asset()), receiver, assets);
emit Withdraw(caller, receiver, owner, assets, shares);
}
function _decimalsOffset() internal view virtual returns (uint8) {
return 0;
}
}
ContextUpgradeable.sol 34 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
import {Initializable} from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract ContextUpgradeable is Initializable {
function __Context_init() internal onlyInitializing {
}
function __Context_init_unchained() internal onlyInitializing {
}
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}
ERC165Upgradeable.sol 31 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (utils/introspection/ERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
import {Initializable} from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC-165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*/
abstract contract ERC165Upgradeable is Initializable, IERC165 {
function __ERC165_init() internal onlyInitializing {
}
function __ERC165_init_unchained() internal onlyInitializing {
}
/// @inheritdoc IERC165
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}
AccessControl.sol 207 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (access/AccessControl.sol)
pragma solidity ^0.8.20;
import {IAccessControl} from "./IAccessControl.sol";
import {Context} from "../utils/Context.sol";
import {IERC165, ERC165} from "../utils/introspection/ERC165.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms. This is a lightweight version that doesn't allow enumerating role
* members except through off-chain means by accessing the contract event logs. Some
* applications may benefit from on-chain enumerability, for those cases see
* {AccessControlEnumerable}.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```solidity
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```solidity
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules}
* to enforce additional security measures for this role.
*/
abstract contract AccessControl is Context, IAccessControl, ERC165 {
struct RoleData {
mapping(address account => bool) hasRole;
bytes32 adminRole;
}
mapping(bytes32 role => RoleData) private _roles;
bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;
/**
* @dev Modifier that checks that an account has a specific role. Reverts
* with an {AccessControlUnauthorizedAccount} error including the required role.
*/
modifier onlyRole(bytes32 role) {
_checkRole(role);
_;
}
/// @inheritdoc IERC165
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId);
}
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) public view virtual returns (bool) {
return _roles[role].hasRole[account];
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `_msgSender()`
* is missing `role`. Overriding this function changes the behavior of the {onlyRole} modifier.
*/
function _checkRole(bytes32 role) internal view virtual {
_checkRole(role, _msgSender());
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `account`
* is missing `role`.
*/
function _checkRole(bytes32 role, address account) internal view virtual {
if (!hasRole(role, account)) {
revert AccessControlUnauthorizedAccount(account, role);
}
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) public view virtual returns (bytes32) {
return _roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleGranted} event.
*/
function grantRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleRevoked} event.
*/
function revokeRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been revoked `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*
* May emit a {RoleRevoked} event.
*/
function renounceRole(bytes32 role, address callerConfirmation) public virtual {
if (callerConfirmation != _msgSender()) {
revert AccessControlBadConfirmation();
}
_revokeRole(role, callerConfirmation);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
bytes32 previousAdminRole = getRoleAdmin(role);
_roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
/**
* @dev Attempts to grant `role` to `account` and returns a boolean indicating if `role` was granted.
*
* Internal function without access restriction.
*
* May emit a {RoleGranted} event.
*/
function _grantRole(bytes32 role, address account) internal virtual returns (bool) {
if (!hasRole(role, account)) {
_roles[role].hasRole[account] = true;
emit RoleGranted(role, account, _msgSender());
return true;
} else {
return false;
}
}
/**
* @dev Attempts to revoke `role` from `account` and returns a boolean indicating if `role` was revoked.
*
* Internal function without access restriction.
*
* May emit a {RoleRevoked} event.
*/
function _revokeRole(bytes32 role, address account) internal virtual returns (bool) {
if (hasRole(role, account)) {
_roles[role].hasRole[account] = false;
emit RoleRevoked(role, account, _msgSender());
return true;
} else {
return false;
}
}
}
IAccessControl.sol 98 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (access/IAccessControl.sol)
pragma solidity >=0.8.4;
/**
* @dev External interface of AccessControl declared to support ERC-165 detection.
*/
interface IAccessControl {
/**
* @dev The `account` is missing a role.
*/
error AccessControlUnauthorizedAccount(address account, bytes32 neededRole);
/**
* @dev The caller of a function is not the expected one.
*
* NOTE: Don't confuse with {AccessControlUnauthorizedAccount}.
*/
error AccessControlBadConfirmation();
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted to signal this.
*/
event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call. This account bears the admin role (for the granted role).
* Expected in cases where the role was granted using the internal {AccessControl-_grantRole}.
*/
event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/
event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) external view returns (bool);
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {AccessControl-_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) external view returns (bytes32);
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function grantRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function revokeRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*/
function renounceRole(bytes32 role, address callerConfirmation) external;
}
Ownable.sol 100 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)
pragma solidity ^0.8.20;
import {Context} from "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* The initial owner is set to the address provided by the deployer. This can
* later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
/**
* @dev The caller account is not authorized to perform an operation.
*/
error OwnableUnauthorizedAccount(address account);
/**
* @dev The owner is not a valid owner account. (eg. `address(0)`)
*/
error OwnableInvalidOwner(address owner);
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the address provided by the deployer as the initial owner.
*/
constructor(address initialOwner) {
if (initialOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(initialOwner);
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
if (owner() != _msgSender()) {
revert OwnableUnauthorizedAccount(_msgSender());
}
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
if (newOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
draft-IERC1822.sol 20 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/draft-IERC1822.sol)
pragma solidity >=0.4.16;
/**
* @dev ERC-1822: Universal Upgradeable Proxy Standard (UUPS) documents a method for upgradeability through a simplified
* proxy whose upgrades are fully controlled by the current implementation.
*/
interface IERC1822Proxiable {
/**
* @dev Returns the storage slot that the proxiable contract assumes is being used to store the implementation
* address.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy.
*/
function proxiableUUID() external view returns (bytes32);
}
draft-IERC6093.sol 162 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (interfaces/draft-IERC6093.sol)
pragma solidity >=0.8.4;
/**
* @dev Standard ERC-20 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-20 tokens.
*/
interface IERC20Errors {
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
*/
error ERC20InsufficientBalance(address sender, uint256 balance, uint256 needed);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC20InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC20InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `spender`’s `allowance`. Used in transfers.
* @param spender Address that may be allowed to operate on tokens without being their owner.
* @param allowance Amount of tokens a `spender` is allowed to operate with.
* @param needed Minimum amount required to perform a transfer.
*/
error ERC20InsufficientAllowance(address spender, uint256 allowance, uint256 needed);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC20InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `spender` to be approved. Used in approvals.
* @param spender Address that may be allowed to operate on tokens without being their owner.
*/
error ERC20InvalidSpender(address spender);
}
/**
* @dev Standard ERC-721 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-721 tokens.
*/
interface IERC721Errors {
/**
* @dev Indicates that an address can't be an owner. For example, `address(0)` is a forbidden owner in ERC-721.
* Used in balance queries.
* @param owner Address of the current owner of a token.
*/
error ERC721InvalidOwner(address owner);
/**
* @dev Indicates a `tokenId` whose `owner` is the zero address.
* @param tokenId Identifier number of a token.
*/
error ERC721NonexistentToken(uint256 tokenId);
/**
* @dev Indicates an error related to the ownership over a particular token. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param tokenId Identifier number of a token.
* @param owner Address of the current owner of a token.
*/
error ERC721IncorrectOwner(address sender, uint256 tokenId, address owner);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC721InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC721InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param tokenId Identifier number of a token.
*/
error ERC721InsufficientApproval(address operator, uint256 tokenId);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC721InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/
error ERC721InvalidOperator(address operator);
}
/**
* @dev Standard ERC-1155 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-1155 tokens.
*/
interface IERC1155Errors {
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
* @param tokenId Identifier number of a token.
*/
error ERC1155InsufficientBalance(address sender, uint256 balance, uint256 needed, uint256 tokenId);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC1155InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC1155InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param owner Address of the current owner of a token.
*/
error ERC1155MissingApprovalForAll(address operator, address owner);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC1155InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/
error ERC1155InvalidOperator(address operator);
/**
* @dev Indicates an array length mismatch between ids and values in a safeBatchTransferFrom operation.
* Used in batch transfers.
* @param idsLength Length of the array of token identifiers
* @param valuesLength Length of the array of token amounts
*/
error ERC1155InvalidArrayLength(uint256 idsLength, uint256 valuesLength);
}
IERC1363.sol 86 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC1363.sol)
pragma solidity >=0.6.2;
import {IERC20} from "./IERC20.sol";
import {IERC165} from "./IERC165.sol";
/**
* @title IERC1363
* @dev Interface of the ERC-1363 standard as defined in the https://eips.ethereum.org/EIPS/eip-1363[ERC-1363].
*
* Defines an extension interface for ERC-20 tokens that supports executing code on a recipient contract
* after `transfer` or `transferFrom`, or code on a spender contract after `approve`, in a single transaction.
*/
interface IERC1363 is IERC20, IERC165 {
/*
* Note: the ERC-165 identifier for this interface is 0xb0202a11.
* 0xb0202a11 ===
* bytes4(keccak256('transferAndCall(address,uint256)')) ^
* bytes4(keccak256('transferAndCall(address,uint256,bytes)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256,bytes)')) ^
* bytes4(keccak256('approveAndCall(address,uint256)')) ^
* bytes4(keccak256('approveAndCall(address,uint256,bytes)'))
*/
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @param data Additional data with no specified format, sent in call to `spender`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value, bytes calldata data) external returns (bool);
}
IERC165.sol 6 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC165.sol)
pragma solidity >=0.4.16;
import {IERC165} from "../utils/introspection/IERC165.sol";
IERC1967.sol 24 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC1967.sol)
pragma solidity >=0.4.11;
/**
* @dev ERC-1967: Proxy Storage Slots. This interface contains the events defined in the ERC.
*/
interface IERC1967 {
/**
* @dev Emitted when the implementation is upgraded.
*/
event Upgraded(address indexed implementation);
/**
* @dev Emitted when the admin account has changed.
*/
event AdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Emitted when the beacon is changed.
*/
event BeaconUpgraded(address indexed beacon);
}
IERC20.sol 6 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC20.sol)
pragma solidity >=0.4.16;
import {IERC20} from "../token/ERC20/IERC20.sol";
IERC4626.sol 230 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (interfaces/IERC4626.sol)
pragma solidity >=0.6.2;
import {IERC20} from "../token/ERC20/IERC20.sol";
import {IERC20Metadata} from "../token/ERC20/extensions/IERC20Metadata.sol";
/**
* @dev Interface of the ERC-4626 "Tokenized Vault Standard", as defined in
* https://eips.ethereum.org/EIPS/eip-4626[ERC-4626].
*/
interface IERC4626 is IERC20, IERC20Metadata {
event Deposit(address indexed sender, address indexed owner, uint256 assets, uint256 shares);
event Withdraw(
address indexed sender,
address indexed receiver,
address indexed owner,
uint256 assets,
uint256 shares
);
/**
* @dev Returns the address of the underlying token used for the Vault for accounting, depositing, and withdrawing.
*
* - MUST be an ERC-20 token contract.
* - MUST NOT revert.
*/
function asset() external view returns (address assetTokenAddress);
/**
* @dev Returns the total amount of the underlying asset that is “managed” by Vault.
*
* - SHOULD include any compounding that occurs from yield.
* - MUST be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT revert.
*/
function totalAssets() external view returns (uint256 totalManagedAssets);
/**
* @dev Returns the amount of shares that the Vault would exchange for the amount of assets provided, in an ideal
* scenario where all the conditions are met.
*
* - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT show any variations depending on the caller.
* - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
* - MUST NOT revert.
*
* NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
* “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
* from.
*/
function convertToShares(uint256 assets) external view returns (uint256 shares);
/**
* @dev Returns the amount of assets that the Vault would exchange for the amount of shares provided, in an ideal
* scenario where all the conditions are met.
*
* - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT show any variations depending on the caller.
* - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
* - MUST NOT revert.
*
* NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
* “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
* from.
*/
function convertToAssets(uint256 shares) external view returns (uint256 assets);
/**
* @dev Returns the maximum amount of the underlying asset that can be deposited into the Vault for the receiver,
* through a deposit call.
*
* - MUST return a limited value if receiver is subject to some deposit limit.
* - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of assets that may be deposited.
* - MUST NOT revert.
*/
function maxDeposit(address receiver) external view returns (uint256 maxAssets);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their deposit at the current block, given
* current on-chain conditions.
*
* - MUST return as close to and no more than the exact amount of Vault shares that would be minted in a deposit
* call in the same transaction. I.e. deposit should return the same or more shares as previewDeposit if called
* in the same transaction.
* - MUST NOT account for deposit limits like those returned from maxDeposit and should always act as though the
* deposit would be accepted, regardless if the user has enough tokens approved, etc.
* - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToShares and previewDeposit SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by depositing.
*/
function previewDeposit(uint256 assets) external view returns (uint256 shares);
/**
* @dev Deposit `assets` underlying tokens and send the corresponding number of vault shares (`shares`) to `receiver`.
*
* - MUST emit the Deposit event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* deposit execution, and are accounted for during deposit.
* - MUST revert if all of assets cannot be deposited (due to deposit limit being reached, slippage, the user not
* approving enough underlying tokens to the Vault contract, etc).
*
* NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
*/
function deposit(uint256 assets, address receiver) external returns (uint256 shares);
/**
* @dev Returns the maximum amount of the Vault shares that can be minted for the receiver, through a mint call.
* - MUST return a limited value if receiver is subject to some mint limit.
* - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of shares that may be minted.
* - MUST NOT revert.
*/
function maxMint(address receiver) external view returns (uint256 maxShares);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their mint at the current block, given
* current on-chain conditions.
*
* - MUST return as close to and no fewer than the exact amount of assets that would be deposited in a mint call
* in the same transaction. I.e. mint should return the same or fewer assets as previewMint if called in the
* same transaction.
* - MUST NOT account for mint limits like those returned from maxMint and should always act as though the mint
* would be accepted, regardless if the user has enough tokens approved, etc.
* - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToAssets and previewMint SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by minting.
*/
function previewMint(uint256 shares) external view returns (uint256 assets);
/**
* @dev Mints exactly `shares` vault shares to `receiver` in exchange for `assets` underlying tokens.
*
* - MUST emit the Deposit event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the mint
* execution, and are accounted for during mint.
* - MUST revert if all of shares cannot be minted (due to deposit limit being reached, slippage, the user not
* approving enough underlying tokens to the Vault contract, etc).
*
* NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
*/
function mint(uint256 shares, address receiver) external returns (uint256 assets);
/**
* @dev Returns the maximum amount of the underlying asset that can be withdrawn from the owner balance in the
* Vault, through a withdraw call.
*
* - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
* - MUST NOT revert.
*/
function maxWithdraw(address owner) external view returns (uint256 maxAssets);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their withdrawal at the current block,
* given current on-chain conditions.
*
* - MUST return as close to and no fewer than the exact amount of Vault shares that would be burned in a withdraw
* call in the same transaction. I.e. withdraw should return the same or fewer shares as previewWithdraw if
* called
* in the same transaction.
* - MUST NOT account for withdrawal limits like those returned from maxWithdraw and should always act as though
* the withdrawal would be accepted, regardless if the user has enough shares, etc.
* - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToShares and previewWithdraw SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by depositing.
*/
function previewWithdraw(uint256 assets) external view returns (uint256 shares);
/**
* @dev Burns shares from owner and sends exactly assets of underlying tokens to receiver.
*
* - MUST emit the Withdraw event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* withdraw execution, and are accounted for during withdraw.
* - MUST revert if all of assets cannot be withdrawn (due to withdrawal limit being reached, slippage, the owner
* not having enough shares, etc).
*
* Note that some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
* Those methods should be performed separately.
*/
function withdraw(uint256 assets, address receiver, address owner) external returns (uint256 shares);
/**
* @dev Returns the maximum amount of Vault shares that can be redeemed from the owner balance in the Vault,
* through a redeem call.
*
* - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
* - MUST return balanceOf(owner) if owner is not subject to any withdrawal limit or timelock.
* - MUST NOT revert.
*/
function maxRedeem(address owner) external view returns (uint256 maxShares);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their redemption at the current block,
* given current on-chain conditions.
*
* - MUST return as close to and no more than the exact amount of assets that would be withdrawn in a redeem call
* in the same transaction. I.e. redeem should return the same or more assets as previewRedeem if called in the
* same transaction.
* - MUST NOT account for redemption limits like those returned from maxRedeem and should always act as though the
* redemption would be accepted, regardless if the user has enough shares, etc.
* - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToAssets and previewRedeem SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by redeeming.
*/
function previewRedeem(uint256 shares) external view returns (uint256 assets);
/**
* @dev Burns exactly shares from owner and sends assets of underlying tokens to receiver.
*
* - MUST emit the Withdraw event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* redeem execution, and are accounted for during redeem.
* - MUST revert if all of shares cannot be redeemed (due to withdrawal limit being reached, slippage, the owner
* not having enough shares, etc).
*
* NOTE: some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
* Those methods should be performed separately.
*/
function redeem(uint256 shares, address receiver, address owner) external returns (uint256 assets);
}
IBeacon.sol 16 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (proxy/beacon/IBeacon.sol)
pragma solidity >=0.4.16;
/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/
interface IBeacon {
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {UpgradeableBeacon} will check that this address is a contract.
*/
function implementation() external view returns (address);
}
ERC1967Utils.sol 177 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (proxy/ERC1967/ERC1967Utils.sol)
pragma solidity ^0.8.21;
import {IBeacon} from "../beacon/IBeacon.sol";
import {IERC1967} from "../../interfaces/IERC1967.sol";
import {Address} from "../../utils/Address.sol";
import {StorageSlot} from "../../utils/StorageSlot.sol";
/**
* @dev This library provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[ERC-1967] slots.
*/
library ERC1967Utils {
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1.
*/
// solhint-disable-next-line private-vars-leading-underscore
bytes32 internal constant IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev The `implementation` of the proxy is invalid.
*/
error ERC1967InvalidImplementation(address implementation);
/**
* @dev The `admin` of the proxy is invalid.
*/
error ERC1967InvalidAdmin(address admin);
/**
* @dev The `beacon` of the proxy is invalid.
*/
error ERC1967InvalidBeacon(address beacon);
/**
* @dev An upgrade function sees `msg.value > 0` that may be lost.
*/
error ERC1967NonPayable();
/**
* @dev Returns the current implementation address.
*/
function getImplementation() internal view returns (address) {
return StorageSlot.getAddressSlot(IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the ERC-1967 implementation slot.
*/
function _setImplementation(address newImplementation) private {
if (newImplementation.code.length == 0) {
revert ERC1967InvalidImplementation(newImplementation);
}
StorageSlot.getAddressSlot(IMPLEMENTATION_SLOT).value = newImplementation;
}
/**
* @dev Performs implementation upgrade with additional setup call if data is nonempty.
* This function is payable only if the setup call is performed, otherwise `msg.value` is rejected
* to avoid stuck value in the contract.
*
* Emits an {IERC1967-Upgraded} event.
*/
function upgradeToAndCall(address newImplementation, bytes memory data) internal {
_setImplementation(newImplementation);
emit IERC1967.Upgraded(newImplementation);
if (data.length > 0) {
Address.functionDelegateCall(newImplementation, data);
} else {
_checkNonPayable();
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1.
*/
// solhint-disable-next-line private-vars-leading-underscore
bytes32 internal constant ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Returns the current admin.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by ERC-1967) using
* the https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`
*/
function getAdmin() internal view returns (address) {
return StorageSlot.getAddressSlot(ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the ERC-1967 admin slot.
*/
function _setAdmin(address newAdmin) private {
if (newAdmin == address(0)) {
revert ERC1967InvalidAdmin(address(0));
}
StorageSlot.getAddressSlot(ADMIN_SLOT).value = newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {IERC1967-AdminChanged} event.
*/
function changeAdmin(address newAdmin) internal {
emit IERC1967.AdminChanged(getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is the keccak-256 hash of "eip1967.proxy.beacon" subtracted by 1.
*/
// solhint-disable-next-line private-vars-leading-underscore
bytes32 internal constant BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Returns the current beacon.
*/
function getBeacon() internal view returns (address) {
return StorageSlot.getAddressSlot(BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the ERC-1967 beacon slot.
*/
function _setBeacon(address newBeacon) private {
if (newBeacon.code.length == 0) {
revert ERC1967InvalidBeacon(newBeacon);
}
StorageSlot.getAddressSlot(BEACON_SLOT).value = newBeacon;
address beaconImplementation = IBeacon(newBeacon).implementation();
if (beaconImplementation.code.length == 0) {
revert ERC1967InvalidImplementation(beaconImplementation);
}
}
/**
* @dev Change the beacon and trigger a setup call if data is nonempty.
* This function is payable only if the setup call is performed, otherwise `msg.value` is rejected
* to avoid stuck value in the contract.
*
* Emits an {IERC1967-BeaconUpgraded} event.
*
* CAUTION: Invoking this function has no effect on an instance of {BeaconProxy} since v5, since
* it uses an immutable beacon without looking at the value of the ERC-1967 beacon slot for
* efficiency.
*/
function upgradeBeaconToAndCall(address newBeacon, bytes memory data) internal {
_setBeacon(newBeacon);
emit IERC1967.BeaconUpgraded(newBeacon);
if (data.length > 0) {
Address.functionDelegateCall(IBeacon(newBeacon).implementation(), data);
} else {
_checkNonPayable();
}
}
/**
* @dev Reverts if `msg.value` is not zero. It can be used to avoid `msg.value` stuck in the contract
* if an upgrade doesn't perform an initialization call.
*/
function _checkNonPayable() private {
if (msg.value > 0) {
revert ERC1967NonPayable();
}
}
}
Proxy.sol 69 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (proxy/Proxy.sol)
pragma solidity ^0.8.20;
/**
* @dev This abstract contract provides a fallback function that delegates all calls to another contract using the EVM
* instruction `delegatecall`. We refer to the second contract as the _implementation_ behind the proxy, and it has to
* be specified by overriding the virtual {_implementation} function.
*
* Additionally, delegation to the implementation can be triggered manually through the {_fallback} function, or to a
* different contract through the {_delegate} function.
*
* The success and return data of the delegated call will be returned back to the caller of the proxy.
*/
abstract contract Proxy {
/**
* @dev Delegates the current call to `implementation`.
*
* This function does not return to its internal call site, it will return directly to the external caller.
*/
function _delegate(address implementation) internal virtual {
assembly {
// Copy msg.data. We take full control of memory in this inline assembly
// block because it will not return to Solidity code. We overwrite the
// Solidity scratch pad at memory position 0.
calldatacopy(0x00, 0x00, calldatasize())
// Call the implementation.
// out and outsize are 0 because we don't know the size yet.
let result := delegatecall(gas(), implementation, 0x00, calldatasize(), 0x00, 0x00)
// Copy the returned data.
returndatacopy(0x00, 0x00, returndatasize())
switch result
// delegatecall returns 0 on error.
case 0 {
revert(0x00, returndatasize())
}
default {
return(0x00, returndatasize())
}
}
}
/**
* @dev This is a virtual function that should be overridden so it returns the address to which the fallback
* function and {_fallback} should delegate.
*/
function _implementation() internal view virtual returns (address);
/**
* @dev Delegates the current call to the address returned by `_implementation()`.
*
* This function does not return to its internal call site, it will return directly to the external caller.
*/
function _fallback() internal virtual {
_delegate(_implementation());
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if no other
* function in the contract matches the call data.
*/
fallback() external payable virtual {
_fallback();
}
}
Initializable.sol 238 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.20;
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Storage of the initializable contract.
*
* It's implemented on a custom ERC-7201 namespace to reduce the risk of storage collisions
* when using with upgradeable contracts.
*
* @custom:storage-location erc7201:openzeppelin.storage.Initializable
*/
struct InitializableStorage {
/**
* @dev Indicates that the contract has been initialized.
*/
uint64 _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool _initializing;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Initializable")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant INITIALIZABLE_STORAGE = 0xf0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00;
/**
* @dev The contract is already initialized.
*/
error InvalidInitialization();
/**
* @dev The contract is not initializing.
*/
error NotInitializing();
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint64 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that in the context of a constructor an `initializer` may be invoked any
* number of times. This behavior in the constructor can be useful during testing and is not expected to be used in
* production.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
// Cache values to avoid duplicated sloads
bool isTopLevelCall = !$._initializing;
uint64 initialized = $._initialized;
// Allowed calls:
// - initialSetup: the contract is not in the initializing state and no previous version was
// initialized
// - construction: the contract is initialized at version 1 (no reinitialization) and the
// current contract is just being deployed
bool initialSetup = initialized == 0 && isTopLevelCall;
bool construction = initialized == 1 && address(this).code.length == 0;
if (!initialSetup && !construction) {
revert InvalidInitialization();
}
$._initialized = 1;
if (isTopLevelCall) {
$._initializing = true;
}
_;
if (isTopLevelCall) {
$._initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: Setting the version to 2**64 - 1 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint64 version) {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing || $._initialized >= version) {
revert InvalidInitialization();
}
$._initialized = version;
$._initializing = true;
_;
$._initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
_checkInitializing();
_;
}
/**
* @dev Reverts if the contract is not in an initializing state. See {onlyInitializing}.
*/
function _checkInitializing() internal view virtual {
if (!_isInitializing()) {
revert NotInitializing();
}
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing) {
revert InvalidInitialization();
}
if ($._initialized != type(uint64).max) {
$._initialized = type(uint64).max;
emit Initialized(type(uint64).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint64) {
return _getInitializableStorage()._initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _getInitializableStorage()._initializing;
}
/**
* @dev Pointer to storage slot. Allows integrators to override it with a custom storage location.
*
* NOTE: Consider following the ERC-7201 formula to derive storage locations.
*/
function _initializableStorageSlot() internal pure virtual returns (bytes32) {
return INITIALIZABLE_STORAGE;
}
/**
* @dev Returns a pointer to the storage namespace.
*/
// solhint-disable-next-line var-name-mixedcase
function _getInitializableStorage() private pure returns (InitializableStorage storage $) {
bytes32 slot = _initializableStorageSlot();
assembly {
$.slot := slot
}
}
}
UUPSUpgradeable.sol 148 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (proxy/utils/UUPSUpgradeable.sol)
pragma solidity ^0.8.22;
import {IERC1822Proxiable} from "../../interfaces/draft-IERC1822.sol";
import {ERC1967Utils} from "../ERC1967/ERC1967Utils.sol";
/**
* @dev An upgradeability mechanism designed for UUPS proxies. The functions included here can perform an upgrade of an
* {ERC1967Proxy}, when this contract is set as the implementation behind such a proxy.
*
* A security mechanism ensures that an upgrade does not turn off upgradeability accidentally, although this risk is
* reinstated if the upgrade retains upgradeability but removes the security mechanism, e.g. by replacing
* `UUPSUpgradeable` with a custom implementation of upgrades.
*
* The {_authorizeUpgrade} function must be overridden to include access restriction to the upgrade mechanism.
*
* @custom:stateless
*/
abstract contract UUPSUpgradeable is IERC1822Proxiable {
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable
address private immutable __self = address(this);
/**
* @dev The version of the upgrade interface of the contract. If this getter is missing, both `upgradeTo(address)`
* and `upgradeToAndCall(address,bytes)` are present, and `upgradeTo` must be used if no function should be called,
* while `upgradeToAndCall` will invoke the `receive` function if the second argument is the empty byte string.
* If the getter returns `"5.0.0"`, only `upgradeToAndCall(address,bytes)` is present, and the second argument must
* be the empty byte string if no function should be called, making it impossible to invoke the `receive` function
* during an upgrade.
*/
string public constant UPGRADE_INTERFACE_VERSION = "5.0.0";
/**
* @dev The call is from an unauthorized context.
*/
error UUPSUnauthorizedCallContext();
/**
* @dev The storage `slot` is unsupported as a UUID.
*/
error UUPSUnsupportedProxiableUUID(bytes32 slot);
/**
* @dev Check that the execution is being performed through a delegatecall call and that the execution context is
* a proxy contract with an implementation (as defined in ERC-1967) pointing to self. This should only be the case
* for UUPS and transparent proxies that are using the current contract as their implementation. Execution of a
* function through ERC-1167 minimal proxies (clones) would not normally pass this test, but is not guaranteed to
* fail.
*/
modifier onlyProxy() {
_checkProxy();
_;
}
/**
* @dev Check that the execution is not being performed through a delegate call. This allows a function to be
* callable on the implementing contract but not through proxies.
*/
modifier notDelegated() {
_checkNotDelegated();
_;
}
/**
* @dev Implementation of the ERC-1822 {proxiableUUID} function. This returns the storage slot used by the
* implementation. It is used to validate the implementation's compatibility when performing an upgrade.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy. This is guaranteed by the `notDelegated` modifier.
*/
function proxiableUUID() external view notDelegated returns (bytes32) {
return ERC1967Utils.IMPLEMENTATION_SLOT;
}
/**
* @dev Upgrade the implementation of the proxy to `newImplementation`, and subsequently execute the function call
* encoded in `data`.
*
* Calls {_authorizeUpgrade}.
*
* Emits an {Upgraded} event.
*
* @custom:oz-upgrades-unsafe-allow-reachable delegatecall
*/
function upgradeToAndCall(address newImplementation, bytes memory data) public payable virtual onlyProxy {
_authorizeUpgrade(newImplementation);
_upgradeToAndCallUUPS(newImplementation, data);
}
/**
* @dev Reverts if the execution is not performed via delegatecall or the execution
* context is not of a proxy with an ERC-1967 compliant implementation pointing to self.
*/
function _checkProxy() internal view virtual {
if (
address(this) == __self || // Must be called through delegatecall
ERC1967Utils.getImplementation() != __self // Must be called through an active proxy
) {
revert UUPSUnauthorizedCallContext();
}
}
/**
* @dev Reverts if the execution is performed via delegatecall.
* See {notDelegated}.
*/
function _checkNotDelegated() internal view virtual {
if (address(this) != __self) {
// Must not be called through delegatecall
revert UUPSUnauthorizedCallContext();
}
}
/**
* @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract. Called by
* {upgradeToAndCall}.
*
* Normally, this function will use an xref:access.adoc[access control] modifier such as {Ownable-onlyOwner}.
*
* ```solidity
* function _authorizeUpgrade(address) internal onlyOwner {}
* ```
*/
function _authorizeUpgrade(address newImplementation) internal virtual;
/**
* @dev Performs an implementation upgrade with a security check for UUPS proxies, and additional setup call.
*
* As a security check, {proxiableUUID} is invoked in the new implementation, and the return value
* is expected to be the implementation slot in ERC-1967.
*
* Emits an {IERC1967-Upgraded} event.
*/
function _upgradeToAndCallUUPS(address newImplementation, bytes memory data) private {
try IERC1822Proxiable(newImplementation).proxiableUUID() returns (bytes32 slot) {
if (slot != ERC1967Utils.IMPLEMENTATION_SLOT) {
revert UUPSUnsupportedProxiableUUID(slot);
}
ERC1967Utils.upgradeToAndCall(newImplementation, data);
} catch {
// The implementation is not UUPS
revert ERC1967Utils.ERC1967InvalidImplementation(newImplementation);
}
}
}
ERC20.sol 305 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "./IERC20.sol";
import {IERC20Metadata} from "./extensions/IERC20Metadata.sol";
import {Context} from "../../utils/Context.sol";
import {IERC20Errors} from "../../interfaces/draft-IERC6093.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* The default value of {decimals} is 18. To change this, you should override
* this function so it returns a different value.
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC-20
* applications.
*/
abstract contract ERC20 is Context, IERC20, IERC20Metadata, IERC20Errors {
mapping(address account => uint256) private _balances;
mapping(address account => mapping(address spender => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* Both values are immutable: they can only be set once during construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the default value returned by this function, unless
* it's overridden.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual returns (uint8) {
return 18;
}
/// @inheritdoc IERC20
function totalSupply() public view virtual returns (uint256) {
return _totalSupply;
}
/// @inheritdoc IERC20
function balanceOf(address account) public view virtual returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `value`.
*/
function transfer(address to, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_transfer(owner, to, value);
return true;
}
/// @inheritdoc IERC20
function allowance(address owner, address spender) public view virtual returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `value` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, value);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Skips emitting an {Approval} event indicating an allowance update. This is not
* required by the ERC. See {xref-ERC20-_approve-address-address-uint256-bool-}[_approve].
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `value`.
* - the caller must have allowance for ``from``'s tokens of at least
* `value`.
*/
function transferFrom(address from, address to, uint256 value) public virtual returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, value);
_transfer(from, to, value);
return true;
}
/**
* @dev Moves a `value` amount of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _transfer(address from, address to, uint256 value) internal {
if (from == address(0)) {
revert ERC20InvalidSender(address(0));
}
if (to == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(from, to, value);
}
/**
* @dev Transfers a `value` amount of tokens from `from` to `to`, or alternatively mints (or burns) if `from`
* (or `to`) is the zero address. All customizations to transfers, mints, and burns should be done by overriding
* this function.
*
* Emits a {Transfer} event.
*/
function _update(address from, address to, uint256 value) internal virtual {
if (from == address(0)) {
// Overflow check required: The rest of the code assumes that totalSupply never overflows
_totalSupply += value;
} else {
uint256 fromBalance = _balances[from];
if (fromBalance < value) {
revert ERC20InsufficientBalance(from, fromBalance, value);
}
unchecked {
// Overflow not possible: value <= fromBalance <= totalSupply.
_balances[from] = fromBalance - value;
}
}
if (to == address(0)) {
unchecked {
// Overflow not possible: value <= totalSupply or value <= fromBalance <= totalSupply.
_totalSupply -= value;
}
} else {
unchecked {
// Overflow not possible: balance + value is at most totalSupply, which we know fits into a uint256.
_balances[to] += value;
}
}
emit Transfer(from, to, value);
}
/**
* @dev Creates a `value` amount of tokens and assigns them to `account`, by transferring it from address(0).
* Relies on the `_update` mechanism
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _mint(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(address(0), account, value);
}
/**
* @dev Destroys a `value` amount of tokens from `account`, lowering the total supply.
* Relies on the `_update` mechanism.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead
*/
function _burn(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidSender(address(0));
}
_update(account, address(0), value);
}
/**
* @dev Sets `value` as the allowance of `spender` over the `owner`'s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*
* Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
*/
function _approve(address owner, address spender, uint256 value) internal {
_approve(owner, spender, value, true);
}
/**
* @dev Variant of {_approve} with an optional flag to enable or disable the {Approval} event.
*
* By default (when calling {_approve}) the flag is set to true. On the other hand, approval changes made by
* `_spendAllowance` during the `transferFrom` operation sets the flag to false. This saves gas by not emitting any
* `Approval` event during `transferFrom` operations.
*
* Anyone who wishes to continue emitting `Approval` events on the `transferFrom` operation can force the flag to
* true using the following override:
*
* ```solidity
* function _approve(address owner, address spender, uint256 value, bool) internal virtual override {
* super._approve(owner, spender, value, true);
* }
* ```
*
* Requirements are the same as {_approve}.
*/
function _approve(address owner, address spender, uint256 value, bool emitEvent) internal virtual {
if (owner == address(0)) {
revert ERC20InvalidApprover(address(0));
}
if (spender == address(0)) {
revert ERC20InvalidSpender(address(0));
}
_allowances[owner][spender] = value;
if (emitEvent) {
emit Approval(owner, spender, value);
}
}
/**
* @dev Updates `owner`'s allowance for `spender` based on spent `value`.
*
* Does not update the allowance value in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Does not emit an {Approval} event.
*/
function _spendAllowance(address owner, address spender, uint256 value) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance < type(uint256).max) {
if (currentAllowance < value) {
revert ERC20InsufficientAllowance(spender, currentAllowance, value);
}
unchecked {
_approve(owner, spender, currentAllowance - value, false);
}
}
}
}
ERC4626.sol 305 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (token/ERC20/extensions/ERC4626.sol)
pragma solidity ^0.8.24;
import {IERC20, IERC20Metadata, ERC20} from "../ERC20.sol";
import {SafeERC20} from "../utils/SafeERC20.sol";
import {IERC4626} from "../../../interfaces/IERC4626.sol";
import {LowLevelCall} from "../../../utils/LowLevelCall.sol";
import {Memory} from "../../../utils/Memory.sol";
import {Math} from "../../../utils/math/Math.sol";
/**
* @dev Implementation of the ERC-4626 "Tokenized Vault Standard" as defined in
* https://eips.ethereum.org/EIPS/eip-4626[ERC-4626].
*
* This extension allows the minting and burning of "shares" (represented using the ERC-20 inheritance) in exchange for
* underlying "assets" through standardized {deposit}, {mint}, {redeem} and {burn} workflows. This contract extends
* the ERC-20 standard. Any additional extensions included along it would affect the "shares" token represented by this
* contract and not the "assets" token which is an independent contract.
*
* [CAUTION]
* ====
* In empty (or nearly empty) ERC-4626 vaults, deposits are at high risk of being stolen through frontrunning
* with a "donation" to the vault that inflates the price of a share. This is variously known as a donation or inflation
* attack and is essentially a problem of slippage. Vault deployers can protect against this attack by making an initial
* deposit of a non-trivial amount of the asset, such that price manipulation becomes infeasible. Withdrawals may
* similarly be affected by slippage. Users can protect against this attack as well as unexpected slippage in general by
* verifying the amount received is as expected, using a wrapper that performs these checks such as
* https://github.com/fei-protocol/ERC4626#erc4626router-and-base[ERC4626Router].
*
* Since v4.9, this implementation introduces configurable virtual assets and shares to help developers mitigate that risk.
* The `_decimalsOffset()` corresponds to an offset in the decimal representation between the underlying asset's decimals
* and the vault decimals. This offset also determines the rate of virtual shares to virtual assets in the vault, which
* itself determines the initial exchange rate. While not fully preventing the attack, analysis shows that the default
* offset (0) makes it non-profitable even if an attacker is able to capture value from multiple user deposits, as a result
* of the value being captured by the virtual shares (out of the attacker's donation) matching the attacker's expected gains.
* With a larger offset, the attack becomes orders of magnitude more expensive than it is profitable. More details about the
* underlying math can be found xref:ROOT:erc4626.adoc#inflation-attack[here].
*
* The drawback of this approach is that the virtual shares do capture (a very small) part of the value being accrued
* to the vault. Also, if the vault experiences losses, the users try to exit the vault, the virtual shares and assets
* will cause the first user to exit to experience reduced losses in detriment to the last users that will experience
* bigger losses. Developers willing to revert back to the pre-v4.9 behavior just need to override the
* `_convertToShares` and `_convertToAssets` functions.
*
* To learn more, check out our xref:ROOT:erc4626.adoc[ERC-4626 guide].
* ====
*
* [NOTE]
* ====
* When overriding this contract, some elements must be considered:
*
* * When overriding the behavior of the deposit or withdraw mechanisms, it is recommended to override the internal
* functions. Overriding {_deposit} automatically affects both {deposit} and {mint}. Similarly, overriding {_withdraw}
* automatically affects both {withdraw} and {redeem}. Overall it is not recommended to override the public facing
* functions since that could lead to inconsistent behaviors between the {deposit} and {mint} or between {withdraw} and
* {redeem}, which is documented to have lead to loss of funds.
*
* * Overrides to the deposit or withdraw mechanism must be reflected in the preview functions as well.
*
* * {maxWithdraw} depends on {maxRedeem}. Therefore, overriding {maxRedeem} only is enough. On the other hand,
* overriding {maxWithdraw} only would have no effect on {maxRedeem}, and could create an inconsistency between the two
* functions.
*
* * If {previewRedeem} is overridden to revert, {maxWithdraw} must be overridden as necessary to ensure it
* always return successfully.
* ====
*/
abstract contract ERC4626 is ERC20, IERC4626 {
using Math for uint256;
IERC20 private immutable _asset;
uint8 private immutable _underlyingDecimals;
/**
* @dev Attempted to deposit more assets than the max amount for `receiver`.
*/
error ERC4626ExceededMaxDeposit(address receiver, uint256 assets, uint256 max);
/**
* @dev Attempted to mint more shares than the max amount for `receiver`.
*/
error ERC4626ExceededMaxMint(address receiver, uint256 shares, uint256 max);
/**
* @dev Attempted to withdraw more assets than the max amount for `receiver`.
*/
error ERC4626ExceededMaxWithdraw(address owner, uint256 assets, uint256 max);
/**
* @dev Attempted to redeem more shares than the max amount for `receiver`.
*/
error ERC4626ExceededMaxRedeem(address owner, uint256 shares, uint256 max);
/**
* @dev Set the underlying asset contract. This must be an ERC20-compatible contract (ERC-20 or ERC-777).
*/
constructor(IERC20 asset_) {
(bool success, uint8 assetDecimals) = _tryGetAssetDecimals(asset_);
_underlyingDecimals = success ? assetDecimals : 18;
_asset = asset_;
}
/**
* @dev Attempts to fetch the asset decimals. A return value of false indicates that the attempt failed in some way.
*/
function _tryGetAssetDecimals(IERC20 asset_) private view returns (bool ok, uint8 assetDecimals) {
Memory.Pointer ptr = Memory.getFreeMemoryPointer();
(bool success, bytes32 returnedDecimals, ) = LowLevelCall.staticcallReturn64Bytes(
address(asset_),
abi.encodeCall(IERC20Metadata.decimals, ())
);
Memory.setFreeMemoryPointer(ptr);
return
(success && LowLevelCall.returnDataSize() >= 32 && uint256(returnedDecimals) <= type(uint8).max)
? (true, uint8(uint256(returnedDecimals)))
: (false, 0);
}
/**
* @dev Decimals are computed by adding the decimal offset on top of the underlying asset's decimals. This
* "original" value is cached during construction of the vault contract. If this read operation fails (e.g., the
* asset has not been created yet), a default of 18 is used to represent the underlying asset's decimals.
*
* See {IERC20Metadata-decimals}.
*/
function decimals() public view virtual override(IERC20Metadata, ERC20) returns (uint8) {
return _underlyingDecimals + _decimalsOffset();
}
/// @inheritdoc IERC4626
function asset() public view virtual returns (address) {
return address(_asset);
}
/// @inheritdoc IERC4626
function totalAssets() public view virtual returns (uint256) {
return IERC20(asset()).balanceOf(address(this));
}
/// @inheritdoc IERC4626
function convertToShares(uint256 assets) public view virtual returns (uint256) {
return _convertToShares(assets, Math.Rounding.Floor);
}
/// @inheritdoc IERC4626
function convertToAssets(uint256 shares) public view virtual returns (uint256) {
return _convertToAssets(shares, Math.Rounding.Floor);
}
/// @inheritdoc IERC4626
function maxDeposit(address) public view virtual returns (uint256) {
return type(uint256).max;
}
/// @inheritdoc IERC4626
function maxMint(address) public view virtual returns (uint256) {
return type(uint256).max;
}
/// @inheritdoc IERC4626
function maxWithdraw(address owner) public view virtual returns (uint256) {
return previewRedeem(maxRedeem(owner));
}
/// @inheritdoc IERC4626
function maxRedeem(address owner) public view virtual returns (uint256) {
return balanceOf(owner);
}
/// @inheritdoc IERC4626
function previewDeposit(uint256 assets) public view virtual returns (uint256) {
return _convertToShares(assets, Math.Rounding.Floor);
}
/// @inheritdoc IERC4626
function previewMint(uint256 shares) public view virtual returns (uint256) {
return _convertToAssets(shares, Math.Rounding.Ceil);
}
/// @inheritdoc IERC4626
function previewWithdraw(uint256 assets) public view virtual returns (uint256) {
return _convertToShares(assets, Math.Rounding.Ceil);
}
/// @inheritdoc IERC4626
function previewRedeem(uint256 shares) public view virtual returns (uint256) {
return _convertToAssets(shares, Math.Rounding.Floor);
}
/// @inheritdoc IERC4626
function deposit(uint256 assets, address receiver) public virtual returns (uint256) {
uint256 maxAssets = maxDeposit(receiver);
if (assets > maxAssets) {
revert ERC4626ExceededMaxDeposit(receiver, assets, maxAssets);
}
uint256 shares = previewDeposit(assets);
_deposit(_msgSender(), receiver, assets, shares);
return shares;
}
/// @inheritdoc IERC4626
function mint(uint256 shares, address receiver) public virtual returns (uint256) {
uint256 maxShares = maxMint(receiver);
if (shares > maxShares) {
revert ERC4626ExceededMaxMint(receiver, shares, maxShares);
}
uint256 assets = previewMint(shares);
_deposit(_msgSender(), receiver, assets, shares);
return assets;
}
/// @inheritdoc IERC4626
function withdraw(uint256 assets, address receiver, address owner) public virtual returns (uint256) {
uint256 maxAssets = maxWithdraw(owner);
if (assets > maxAssets) {
revert ERC4626ExceededMaxWithdraw(owner, assets, maxAssets);
}
uint256 shares = previewWithdraw(assets);
_withdraw(_msgSender(), receiver, owner, assets, shares);
return shares;
}
/// @inheritdoc IERC4626
function redeem(uint256 shares, address receiver, address owner) public virtual returns (uint256) {
uint256 maxShares = maxRedeem(owner);
if (shares > maxShares) {
revert ERC4626ExceededMaxRedeem(owner, shares, maxShares);
}
uint256 assets = previewRedeem(shares);
_withdraw(_msgSender(), receiver, owner, assets, shares);
return assets;
}
/**
* @dev Internal conversion function (from assets to shares) with support for rounding direction.
*/
function _convertToShares(uint256 assets, Math.Rounding rounding) internal view virtual returns (uint256) {
return assets.mulDiv(totalSupply() + 10 ** _decimalsOffset(), totalAssets() + 1, rounding);
}
/**
* @dev Internal conversion function (from shares to assets) with support for rounding direction.
*/
function _convertToAssets(uint256 shares, Math.Rounding rounding) internal view virtual returns (uint256) {
return shares.mulDiv(totalAssets() + 1, totalSupply() + 10 ** _decimalsOffset(), rounding);
}
/**
* @dev Deposit/mint common workflow.
*/
function _deposit(address caller, address receiver, uint256 assets, uint256 shares) internal virtual {
// If asset() is ERC-777, `transferFrom` can trigger a reentrancy BEFORE the transfer happens through the
// `tokensToSend` hook. On the other hand, the `tokenReceived` hook, that is triggered after the transfer,
// calls the vault, which is assumed not malicious.
//
// Conclusion: we need to do the transfer before we mint so that any reentrancy would happen before the
// assets are transferred and before the shares are minted, which is a valid state.
// slither-disable-next-line reentrancy-no-eth
SafeERC20.safeTransferFrom(IERC20(asset()), caller, address(this), assets);
_mint(receiver, shares);
emit Deposit(caller, receiver, assets, shares);
}
/**
* @dev Withdraw/redeem common workflow.
*/
function _withdraw(
address caller,
address receiver,
address owner,
uint256 assets,
uint256 shares
) internal virtual {
if (caller != owner) {
_spendAllowance(owner, caller, shares);
}
// If asset() is ERC-777, `transfer` can trigger a reentrancy AFTER the transfer happens through the
// `tokensReceived` hook. On the other hand, the `tokensToSend` hook, that is triggered before the transfer,
// calls the vault, which is assumed not malicious.
//
// Conclusion: we need to do the transfer after the burn so that any reentrancy would happen after the
// shares are burned and after the assets are transferred, which is a valid state.
_burn(owner, shares);
SafeERC20.safeTransfer(IERC20(asset()), receiver, assets);
emit Withdraw(caller, receiver, owner, assets, shares);
}
function _decimalsOffset() internal view virtual returns (uint8) {
return 0;
}
}
IERC20Metadata.sol 26 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity >=0.6.2;
import {IERC20} from "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC-20 standard.
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}
IERC20Permit.sol 90 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (token/ERC20/extensions/IERC20Permit.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[ERC-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC-20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*
* ==== Security Considerations
*
* There are two important considerations concerning the use of `permit`. The first is that a valid permit signature
* expresses an allowance, and it should not be assumed to convey additional meaning. In particular, it should not be
* considered as an intention to spend the allowance in any specific way. The second is that because permits have
* built-in replay protection and can be submitted by anyone, they can be frontrun. A protocol that uses permits should
* take this into consideration and allow a `permit` call to fail. Combining these two aspects, a pattern that may be
* generally recommended is:
*
* ```solidity
* function doThingWithPermit(..., uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s) public {
* try token.permit(msg.sender, address(this), value, deadline, v, r, s) {} catch {}
* doThing(..., value);
* }
*
* function doThing(..., uint256 value) public {
* token.safeTransferFrom(msg.sender, address(this), value);
* ...
* }
* ```
*
* Observe that: 1) `msg.sender` is used as the owner, leaving no ambiguity as to the signer intent, and 2) the use of
* `try/catch` allows the permit to fail and makes the code tolerant to frontrunning. (See also
* {SafeERC20-safeTransferFrom}).
*
* Additionally, note that smart contract wallets (such as Argent or Safe) are not able to produce permit signatures, so
* contracts should have entry points that don't rely on permit.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also applies here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*
* CAUTION: See Security Considerations above.
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}
IERC20.sol 79 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (token/ERC20/IERC20.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-20 standard as defined in the ERC.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}
SafeERC20.sol 280 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
import {IERC1363} from "../../../interfaces/IERC1363.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC-20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
/**
* @dev An operation with an ERC-20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
if (!_safeTransfer(token, to, value, true)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
if (!_safeTransferFrom(token, from, to, value, true)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Variant of {safeTransfer} that returns a bool instead of reverting if the operation is not successful.
*/
function trySafeTransfer(IERC20 token, address to, uint256 value) internal returns (bool) {
return _safeTransfer(token, to, value, false);
}
/**
* @dev Variant of {safeTransferFrom} that returns a bool instead of reverting if the operation is not successful.
*/
function trySafeTransferFrom(IERC20 token, address from, address to, uint256 value) internal returns (bool) {
return _safeTransferFrom(token, from, to, value, false);
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*
* NOTE: If the token implements ERC-7674, this function will not modify any temporary allowance. This function
* only sets the "standard" allowance. Any temporary allowance will remain active, in addition to the value being
* set here.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
if (!_safeApprove(token, spender, value, false)) {
if (!_safeApprove(token, spender, 0, true)) revert SafeERC20FailedOperation(address(token));
if (!_safeApprove(token, spender, value, true)) revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} transferAndCall, with a fallback to the simple {ERC20} transfer if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that relies on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
safeTransfer(token, to, value);
} else if (!token.transferAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} transferFromAndCall, with a fallback to the simple {ERC20} transferFrom if the target
* has no code. This can be used to implement an {ERC721}-like safe transfer that relies on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferFromAndCallRelaxed(
IERC1363 token,
address from,
address to,
uint256 value,
bytes memory data
) internal {
if (to.code.length == 0) {
safeTransferFrom(token, from, to, value);
} else if (!token.transferFromAndCall(from, to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} approveAndCall, with a fallback to the simple {ERC20} approve if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* NOTE: When the recipient address (`to`) has no code (i.e. is an EOA), this function behaves as {forceApprove}.
* Oppositely, when the recipient address (`to`) has code, this function only attempts to call {ERC1363-approveAndCall}
* once without retrying, and relies on the returned value to be true.
*
* Reverts if the returned value is other than `true`.
*/
function approveAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
forceApprove(token, to, value);
} else if (!token.approveAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity `token.transfer(to, value)` call, relaxing the requirement on the return value: the
* return value is optional (but if data is returned, it must not be false).
*
* @param token The token targeted by the call.
* @param to The recipient of the tokens
* @param value The amount of token to transfer
* @param bubble Behavior switch if the transfer call reverts: bubble the revert reason or return a false boolean.
*/
function _safeTransfer(IERC20 token, address to, uint256 value, bool bubble) private returns (bool success) {
bytes4 selector = IERC20.transfer.selector;
assembly ("memory-safe") {
let fmp := mload(0x40)
mstore(0x00, selector)
mstore(0x04, and(to, shr(96, not(0))))
mstore(0x24, value)
success := call(gas(), token, 0, 0x00, 0x44, 0x00, 0x20)
// if call success and return is true, all is good.
// otherwise (not success or return is not true), we need to perform further checks
if iszero(and(success, eq(mload(0x00), 1))) {
// if the call was a failure and bubble is enabled, bubble the error
if and(iszero(success), bubble) {
returndatacopy(fmp, 0x00, returndatasize())
revert(fmp, returndatasize())
}
// if the return value is not true, then the call is only successful if:
// - the token address has code
// - the returndata is empty
success := and(success, and(iszero(returndatasize()), gt(extcodesize(token), 0)))
}
mstore(0x40, fmp)
}
}
/**
* @dev Imitates a Solidity `token.transferFrom(from, to, value)` call, relaxing the requirement on the return
* value: the return value is optional (but if data is returned, it must not be false).
*
* @param token The token targeted by the call.
* @param from The sender of the tokens
* @param to The recipient of the tokens
* @param value The amount of token to transfer
* @param bubble Behavior switch if the transfer call reverts: bubble the revert reason or return a false boolean.
*/
function _safeTransferFrom(
IERC20 token,
address from,
address to,
uint256 value,
bool bubble
) private returns (bool success) {
bytes4 selector = IERC20.transferFrom.selector;
assembly ("memory-safe") {
let fmp := mload(0x40)
mstore(0x00, selector)
mstore(0x04, and(from, shr(96, not(0))))
mstore(0x24, and(to, shr(96, not(0))))
mstore(0x44, value)
success := call(gas(), token, 0, 0x00, 0x64, 0x00, 0x20)
// if call success and return is true, all is good.
// otherwise (not success or return is not true), we need to perform further checks
if iszero(and(success, eq(mload(0x00), 1))) {
// if the call was a failure and bubble is enabled, bubble the error
if and(iszero(success), bubble) {
returndatacopy(fmp, 0x00, returndatasize())
revert(fmp, returndatasize())
}
// if the return value is not true, then the call is only successful if:
// - the token address has code
// - the returndata is empty
success := and(success, and(iszero(returndatasize()), gt(extcodesize(token), 0)))
}
mstore(0x40, fmp)
mstore(0x60, 0)
}
}
/**
* @dev Imitates a Solidity `token.approve(spender, value)` call, relaxing the requirement on the return value:
* the return value is optional (but if data is returned, it must not be false).
*
* @param token The token targeted by the call.
* @param spender The spender of the tokens
* @param value The amount of token to transfer
* @param bubble Behavior switch if the transfer call reverts: bubble the revert reason or return a false boolean.
*/
function _safeApprove(IERC20 token, address spender, uint256 value, bool bubble) private returns (bool success) {
bytes4 selector = IERC20.approve.selector;
assembly ("memory-safe") {
let fmp := mload(0x40)
mstore(0x00, selector)
mstore(0x04, and(spender, shr(96, not(0))))
mstore(0x24, value)
success := call(gas(), token, 0, 0x00, 0x44, 0x00, 0x20)
// if call success and return is true, all is good.
// otherwise (not success or return is not true), we need to perform further checks
if iszero(and(success, eq(mload(0x00), 1))) {
// if the call was a failure and bubble is enabled, bubble the error
if and(iszero(success), bubble) {
returndatacopy(fmp, 0x00, returndatasize())
revert(fmp, returndatasize())
}
// if the return value is not true, then the call is only successful if:
// - the token address has code
// - the returndata is empty
success := and(success, and(iszero(returndatasize()), gt(extcodesize(token), 0)))
}
mstore(0x40, fmp)
}
}
}
Address.sol 167 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (utils/Address.sol)
pragma solidity ^0.8.20;
import {Errors} from "./Errors.sol";
import {LowLevelCall} from "./LowLevelCall.sol";
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev There's no code at `target` (it is not a contract).
*/
error AddressEmptyCode(address target);
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
if (address(this).balance < amount) {
revert Errors.InsufficientBalance(address(this).balance, amount);
}
if (LowLevelCall.callNoReturn(recipient, amount, "")) {
// call successful, nothing to do
return;
} else if (LowLevelCall.returnDataSize() > 0) {
LowLevelCall.bubbleRevert();
} else {
revert Errors.FailedCall();
}
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason or custom error, it is bubbled
* up by this function (like regular Solidity function calls). However, if
* the call reverted with no returned reason, this function reverts with a
* {Errors.FailedCall} error.
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
if (address(this).balance < value) {
revert Errors.InsufficientBalance(address(this).balance, value);
}
bool success = LowLevelCall.callNoReturn(target, value, data);
if (success && (LowLevelCall.returnDataSize() > 0 || target.code.length > 0)) {
return LowLevelCall.returnData();
} else if (success) {
revert AddressEmptyCode(target);
} else if (LowLevelCall.returnDataSize() > 0) {
LowLevelCall.bubbleRevert();
} else {
revert Errors.FailedCall();
}
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
bool success = LowLevelCall.staticcallNoReturn(target, data);
if (success && (LowLevelCall.returnDataSize() > 0 || target.code.length > 0)) {
return LowLevelCall.returnData();
} else if (success) {
revert AddressEmptyCode(target);
} else if (LowLevelCall.returnDataSize() > 0) {
LowLevelCall.bubbleRevert();
} else {
revert Errors.FailedCall();
}
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
bool success = LowLevelCall.delegatecallNoReturn(target, data);
if (success && (LowLevelCall.returnDataSize() > 0 || target.code.length > 0)) {
return LowLevelCall.returnData();
} else if (success) {
revert AddressEmptyCode(target);
} else if (LowLevelCall.returnDataSize() > 0) {
LowLevelCall.bubbleRevert();
} else {
revert Errors.FailedCall();
}
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target
* was not a contract or bubbling up the revert reason (falling back to {Errors.FailedCall}) in case
* of an unsuccessful call.
*
* NOTE: This function is DEPRECATED and may be removed in the next major release.
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata
) internal view returns (bytes memory) {
// only check if target is a contract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
if (success && (returndata.length > 0 || target.code.length > 0)) {
return returndata;
} else if (success) {
revert AddressEmptyCode(target);
} else if (returndata.length > 0) {
LowLevelCall.bubbleRevert(returndata);
} else {
revert Errors.FailedCall();
}
}
/**
* @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the
* revert reason or with a default {Errors.FailedCall} error.
*/
function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else if (returndata.length > 0) {
LowLevelCall.bubbleRevert(returndata);
} else {
revert Errors.FailedCall();
}
}
}
Arrays.sol 735 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (utils/Arrays.sol)
// This file was procedurally generated from scripts/generate/templates/Arrays.js.
pragma solidity ^0.8.24;
import {Comparators} from "./Comparators.sol";
import {SlotDerivation} from "./SlotDerivation.sol";
import {StorageSlot} from "./StorageSlot.sol";
import {Math} from "./math/Math.sol";
/**
* @dev Collection of functions related to array types.
*/
library Arrays {
using SlotDerivation for bytes32;
using StorageSlot for bytes32;
/**
* @dev Sort an array of uint256 (in memory) following the provided comparator function.
*
* This function does the sorting "in place", meaning that it overrides the input. The object is returned for
* convenience, but that returned value can be discarded safely if the caller has a memory pointer to the array.
*
* NOTE: this function's cost is `O(n · log(n))` in average and `O(n²)` in the worst case, with n the length of the
* array. Using it in view functions that are executed through `eth_call` is safe, but one should be very careful
* when executing this as part of a transaction. If the array being sorted is too large, the sort operation may
* consume more gas than is available in a block, leading to potential DoS.
*
* IMPORTANT: Consider memory side-effects when using custom comparator functions that access memory in an unsafe way.
*/
function sort(
uint256[] memory array,
function(uint256, uint256) pure returns (bool) comp
) internal pure returns (uint256[] memory) {
_quickSort(_begin(array), _end(array), comp);
return array;
}
/**
* @dev Variant of {sort} that sorts an array of uint256 in increasing order.
*/
function sort(uint256[] memory array) internal pure returns (uint256[] memory) {
sort(array, Comparators.lt);
return array;
}
/**
* @dev Sort an array of address (in memory) following the provided comparator function.
*
* This function does the sorting "in place", meaning that it overrides the input. The object is returned for
* convenience, but that returned value can be discarded safely if the caller has a memory pointer to the array.
*
* NOTE: this function's cost is `O(n · log(n))` in average and `O(n²)` in the worst case, with n the length of the
* array. Using it in view functions that are executed through `eth_call` is safe, but one should be very careful
* when executing this as part of a transaction. If the array being sorted is too large, the sort operation may
* consume more gas than is available in a block, leading to potential DoS.
*
* IMPORTANT: Consider memory side-effects when using custom comparator functions that access memory in an unsafe way.
*/
function sort(
address[] memory array,
function(address, address) pure returns (bool) comp
) internal pure returns (address[] memory) {
sort(_castToUint256Array(array), _castToUint256Comp(comp));
return array;
}
/**
* @dev Variant of {sort} that sorts an array of address in increasing order.
*/
function sort(address[] memory array) internal pure returns (address[] memory) {
sort(_castToUint256Array(array), Comparators.lt);
return array;
}
/**
* @dev Sort an array of bytes32 (in memory) following the provided comparator function.
*
* This function does the sorting "in place", meaning that it overrides the input. The object is returned for
* convenience, but that returned value can be discarded safely if the caller has a memory pointer to the array.
*
* NOTE: this function's cost is `O(n · log(n))` in average and `O(n²)` in the worst case, with n the length of the
* array. Using it in view functions that are executed through `eth_call` is safe, but one should be very careful
* when executing this as part of a transaction. If the array being sorted is too large, the sort operation may
* consume more gas than is available in a block, leading to potential DoS.
*
* IMPORTANT: Consider memory side-effects when using custom comparator functions that access memory in an unsafe way.
*/
function sort(
bytes32[] memory array,
function(bytes32, bytes32) pure returns (bool) comp
) internal pure returns (bytes32[] memory) {
sort(_castToUint256Array(array), _castToUint256Comp(comp));
return array;
}
/**
* @dev Variant of {sort} that sorts an array of bytes32 in increasing order.
*/
function sort(bytes32[] memory array) internal pure returns (bytes32[] memory) {
sort(_castToUint256Array(array), Comparators.lt);
return array;
}
/**
* @dev Performs a quick sort of a segment of memory. The segment sorted starts at `begin` (inclusive), and stops
* at end (exclusive). Sorting follows the `comp` comparator.
*
* Invariant: `begin <= end`. This is the case when initially called by {sort} and is preserved in subcalls.
*
* IMPORTANT: Memory locations between `begin` and `end` are not validated/zeroed. This function should
* be used only if the limits are within a memory array.
*/
function _quickSort(uint256 begin, uint256 end, function(uint256, uint256) pure returns (bool) comp) private pure {
unchecked {
if (end - begin < 0x40) return;
// Use first element as pivot
uint256 pivot = _mload(begin);
// Position where the pivot should be at the end of the loop
uint256 pos = begin;
for (uint256 it = begin + 0x20; it < end; it += 0x20) {
if (comp(_mload(it), pivot)) {
// If the value stored at the iterator's position comes before the pivot, we increment the
// position of the pivot and move the value there.
pos += 0x20;
_swap(pos, it);
}
}
_swap(begin, pos); // Swap pivot into place
_quickSort(begin, pos, comp); // Sort the left side of the pivot
_quickSort(pos + 0x20, end, comp); // Sort the right side of the pivot
}
}
/**
* @dev Pointer to the memory location of the first element of `array`.
*/
function _begin(uint256[] memory array) private pure returns (uint256 ptr) {
assembly ("memory-safe") {
ptr := add(array, 0x20)
}
}
/**
* @dev Pointer to the memory location of the first memory word (32bytes) after `array`. This is the memory word
* that comes just after the last element of the array.
*/
function _end(uint256[] memory array) private pure returns (uint256 ptr) {
unchecked {
return _begin(array) + array.length * 0x20;
}
}
/**
* @dev Load memory word (as a uint256) at location `ptr`.
*/
function _mload(uint256 ptr) private pure returns (uint256 value) {
assembly {
value := mload(ptr)
}
}
/**
* @dev Swaps the elements memory location `ptr1` and `ptr2`.
*/
function _swap(uint256 ptr1, uint256 ptr2) private pure {
assembly {
let value1 := mload(ptr1)
let value2 := mload(ptr2)
mstore(ptr1, value2)
mstore(ptr2, value1)
}
}
/// @dev Helper: low level cast address memory array to uint256 memory array
function _castToUint256Array(address[] memory input) private pure returns (uint256[] memory output) {
assembly {
output := input
}
}
/// @dev Helper: low level cast bytes32 memory array to uint256 memory array
function _castToUint256Array(bytes32[] memory input) private pure returns (uint256[] memory output) {
assembly {
output := input
}
}
/// @dev Helper: low level cast address comp function to uint256 comp function
function _castToUint256Comp(
function(address, address) pure returns (bool) input
) private pure returns (function(uint256, uint256) pure returns (bool) output) {
assembly {
output := input
}
}
/// @dev Helper: low level cast bytes32 comp function to uint256 comp function
function _castToUint256Comp(
function(bytes32, bytes32) pure returns (bool) input
) private pure returns (function(uint256, uint256) pure returns (bool) output) {
assembly {
output := input
}
}
/**
* @dev Searches a sorted `array` and returns the first index that contains
* a value greater or equal to `element`. If no such index exists (i.e. all
* values in the array are strictly less than `element`), the array length is
* returned. Time complexity O(log n).
*
* NOTE: The `array` is expected to be sorted in ascending order, and to
* contain no repeated elements.
*
* IMPORTANT: Deprecated. This implementation behaves as {lowerBound} but lacks
* support for repeated elements in the array. The {lowerBound} function should
* be used instead.
*/
function findUpperBound(uint256[] storage array, uint256 element) internal view returns (uint256) {
uint256 low = 0;
uint256 high = array.length;
if (high == 0) {
return 0;
}
while (low < high) {
uint256 mid = Math.average(low, high);
// Note that mid will always be strictly less than high (i.e. it will be a valid array index)
// because Math.average rounds towards zero (it does integer division with truncation).
if (unsafeAccess(array, mid).value > element) {
high = mid;
} else {
low = mid + 1;
}
}
// At this point `low` is the exclusive upper bound. We will return the inclusive upper bound.
if (low > 0 && unsafeAccess(array, low - 1).value == element) {
return low - 1;
} else {
return low;
}
}
/**
* @dev Searches an `array` sorted in ascending order and returns the first
* index that contains a value greater or equal than `element`. If no such index
* exists (i.e. all values in the array are strictly less than `element`), the array
* length is returned. Time complexity O(log n).
*
* See C++'s https://en.cppreference.com/w/cpp/algorithm/lower_bound[lower_bound].
*/
function lowerBound(uint256[] storage array, uint256 element) internal view returns (uint256) {
uint256 low = 0;
uint256 high = array.length;
if (high == 0) {
return 0;
}
while (low < high) {
uint256 mid = Math.average(low, high);
// Note that mid will always be strictly less than high (i.e. it will be a valid array index)
// because Math.average rounds towards zero (it does integer division with truncation).
if (unsafeAccess(array, mid).value < element) {
// this cannot overflow because mid < high
unchecked {
low = mid + 1;
}
} else {
high = mid;
}
}
return low;
}
/**
* @dev Searches an `array` sorted in ascending order and returns the first
* index that contains a value strictly greater than `element`. If no such index
* exists (i.e. all values in the array are strictly less than `element`), the array
* length is returned. Time complexity O(log n).
*
* See C++'s https://en.cppreference.com/w/cpp/algorithm/upper_bound[upper_bound].
*/
function upperBound(uint256[] storage array, uint256 element) internal view returns (uint256) {
uint256 low = 0;
uint256 high = array.length;
if (high == 0) {
return 0;
}
while (low < high) {
uint256 mid = Math.average(low, high);
// Note that mid will always be strictly less than high (i.e. it will be a valid array index)
// because Math.average rounds towards zero (it does integer division with truncation).
if (unsafeAccess(array, mid).value > element) {
high = mid;
} else {
// this cannot overflow because mid < high
unchecked {
low = mid + 1;
}
}
}
return low;
}
/**
* @dev Same as {lowerBound}, but with an array in memory.
*/
function lowerBoundMemory(uint256[] memory array, uint256 element) internal pure returns (uint256) {
uint256 low = 0;
uint256 high = array.length;
if (high == 0) {
return 0;
}
while (low < high) {
uint256 mid = Math.average(low, high);
// Note that mid will always be strictly less than high (i.e. it will be a valid array index)
// because Math.average rounds towards zero (it does integer division with truncation).
if (unsafeMemoryAccess(array, mid) < element) {
// this cannot overflow because mid < high
unchecked {
low = mid + 1;
}
} else {
high = mid;
}
}
return low;
}
/**
* @dev Same as {upperBound}, but with an array in memory.
*/
function upperBoundMemory(uint256[] memory array, uint256 element) internal pure returns (uint256) {
uint256 low = 0;
uint256 high = array.length;
if (high == 0) {
return 0;
}
while (low < high) {
uint256 mid = Math.average(low, high);
// Note that mid will always be strictly less than high (i.e. it will be a valid array index)
// because Math.average rounds towards zero (it does integer division with truncation).
if (unsafeMemoryAccess(array, mid) > element) {
high = mid;
} else {
// this cannot overflow because mid < high
unchecked {
low = mid + 1;
}
}
}
return low;
}
/**
* @dev Copies the content of `array`, from `start` (included) to the end of `array` into a new address array in
* memory.
*
* NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/slice[Javascript's `Array.slice`]
*/
function slice(address[] memory array, uint256 start) internal pure returns (address[] memory) {
return slice(array, start, array.length);
}
/**
* @dev Copies the content of `array`, from `start` (included) to `end` (excluded) into a new address array in
* memory. The `end` argument is truncated to the length of the `array`.
*
* NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/slice[Javascript's `Array.slice`]
*/
function slice(address[] memory array, uint256 start, uint256 end) internal pure returns (address[] memory) {
// sanitize
end = Math.min(end, array.length);
start = Math.min(start, end);
// allocate and copy
address[] memory result = new address[](end - start);
assembly ("memory-safe") {
mcopy(add(result, 0x20), add(add(array, 0x20), mul(start, 0x20)), mul(sub(end, start), 0x20))
}
return result;
}
/**
* @dev Copies the content of `array`, from `start` (included) to the end of `array` into a new bytes32 array in
* memory.
*
* NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/slice[Javascript's `Array.slice`]
*/
function slice(bytes32[] memory array, uint256 start) internal pure returns (bytes32[] memory) {
return slice(array, start, array.length);
}
/**
* @dev Copies the content of `array`, from `start` (included) to `end` (excluded) into a new bytes32 array in
* memory. The `end` argument is truncated to the length of the `array`.
*
* NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/slice[Javascript's `Array.slice`]
*/
function slice(bytes32[] memory array, uint256 start, uint256 end) internal pure returns (bytes32[] memory) {
// sanitize
end = Math.min(end, array.length);
start = Math.min(start, end);
// allocate and copy
bytes32[] memory result = new bytes32[](end - start);
assembly ("memory-safe") {
mcopy(add(result, 0x20), add(add(array, 0x20), mul(start, 0x20)), mul(sub(end, start), 0x20))
}
return result;
}
/**
* @dev Copies the content of `array`, from `start` (included) to the end of `array` into a new uint256 array in
* memory.
*
* NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/slice[Javascript's `Array.slice`]
*/
function slice(uint256[] memory array, uint256 start) internal pure returns (uint256[] memory) {
return slice(array, start, array.length);
}
/**
* @dev Copies the content of `array`, from `start` (included) to `end` (excluded) into a new uint256 array in
* memory. The `end` argument is truncated to the length of the `array`.
*
* NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/slice[Javascript's `Array.slice`]
*/
function slice(uint256[] memory array, uint256 start, uint256 end) internal pure returns (uint256[] memory) {
// sanitize
end = Math.min(end, array.length);
start = Math.min(start, end);
// allocate and copy
uint256[] memory result = new uint256[](end - start);
assembly ("memory-safe") {
mcopy(add(result, 0x20), add(add(array, 0x20), mul(start, 0x20)), mul(sub(end, start), 0x20))
}
return result;
}
/**
* @dev Moves the content of `array`, from `start` (included) to the end of `array` to the start of that array.
*
* NOTE: This function modifies the provided array in place. If you need to preserve the original array, use {slice} instead.
* NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/splice[Javascript's `Array.splice`]
*/
function splice(address[] memory array, uint256 start) internal pure returns (address[] memory) {
return splice(array, start, array.length);
}
/**
* @dev Moves the content of `array`, from `start` (included) to `end` (excluded) to the start of that array. The
* `end` argument is truncated to the length of the `array`.
*
* NOTE: This function modifies the provided array in place. If you need to preserve the original array, use {slice} instead.
* NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/splice[Javascript's `Array.splice`]
*/
function splice(address[] memory array, uint256 start, uint256 end) internal pure returns (address[] memory) {
// sanitize
end = Math.min(end, array.length);
start = Math.min(start, end);
// move and resize
assembly ("memory-safe") {
mcopy(add(array, 0x20), add(add(array, 0x20), mul(start, 0x20)), mul(sub(end, start), 0x20))
mstore(array, sub(end, start))
}
return array;
}
/**
* @dev Moves the content of `array`, from `start` (included) to the end of `array` to the start of that array.
*
* NOTE: This function modifies the provided array in place. If you need to preserve the original array, use {slice} instead.
* NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/splice[Javascript's `Array.splice`]
*/
function splice(bytes32[] memory array, uint256 start) internal pure returns (bytes32[] memory) {
return splice(array, start, array.length);
}
/**
* @dev Moves the content of `array`, from `start` (included) to `end` (excluded) to the start of that array. The
* `end` argument is truncated to the length of the `array`.
*
* NOTE: This function modifies the provided array in place. If you need to preserve the original array, use {slice} instead.
* NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/splice[Javascript's `Array.splice`]
*/
function splice(bytes32[] memory array, uint256 start, uint256 end) internal pure returns (bytes32[] memory) {
// sanitize
end = Math.min(end, array.length);
start = Math.min(start, end);
// move and resize
assembly ("memory-safe") {
mcopy(add(array, 0x20), add(add(array, 0x20), mul(start, 0x20)), mul(sub(end, start), 0x20))
mstore(array, sub(end, start))
}
return array;
}
/**
* @dev Moves the content of `array`, from `start` (included) to the end of `array` to the start of that array.
*
* NOTE: This function modifies the provided array in place. If you need to preserve the original array, use {slice} instead.
* NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/splice[Javascript's `Array.splice`]
*/
function splice(uint256[] memory array, uint256 start) internal pure returns (uint256[] memory) {
return splice(array, start, array.length);
}
/**
* @dev Moves the content of `array`, from `start` (included) to `end` (excluded) to the start of that array. The
* `end` argument is truncated to the length of the `array`.
*
* NOTE: This function modifies the provided array in place. If you need to preserve the original array, use {slice} instead.
* NOTE: replicates the behavior of https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/splice[Javascript's `Array.splice`]
*/
function splice(uint256[] memory array, uint256 start, uint256 end) internal pure returns (uint256[] memory) {
// sanitize
end = Math.min(end, array.length);
start = Math.min(start, end);
// move and resize
assembly ("memory-safe") {
mcopy(add(array, 0x20), add(add(array, 0x20), mul(start, 0x20)), mul(sub(end, start), 0x20))
mstore(array, sub(end, start))
}
return array;
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeAccess(address[] storage arr, uint256 pos) internal pure returns (StorageSlot.AddressSlot storage) {
bytes32 slot;
assembly ("memory-safe") {
slot := arr.slot
}
return slot.deriveArray().offset(pos).getAddressSlot();
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeAccess(bytes32[] storage arr, uint256 pos) internal pure returns (StorageSlot.Bytes32Slot storage) {
bytes32 slot;
assembly ("memory-safe") {
slot := arr.slot
}
return slot.deriveArray().offset(pos).getBytes32Slot();
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeAccess(uint256[] storage arr, uint256 pos) internal pure returns (StorageSlot.Uint256Slot storage) {
bytes32 slot;
assembly ("memory-safe") {
slot := arr.slot
}
return slot.deriveArray().offset(pos).getUint256Slot();
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeAccess(bytes[] storage arr, uint256 pos) internal pure returns (StorageSlot.BytesSlot storage) {
bytes32 slot;
assembly ("memory-safe") {
slot := arr.slot
}
return slot.deriveArray().offset(pos).getBytesSlot();
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeAccess(string[] storage arr, uint256 pos) internal pure returns (StorageSlot.StringSlot storage) {
bytes32 slot;
assembly ("memory-safe") {
slot := arr.slot
}
return slot.deriveArray().offset(pos).getStringSlot();
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeMemoryAccess(address[] memory arr, uint256 pos) internal pure returns (address res) {
assembly {
res := mload(add(add(arr, 0x20), mul(pos, 0x20)))
}
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeMemoryAccess(bytes32[] memory arr, uint256 pos) internal pure returns (bytes32 res) {
assembly {
res := mload(add(add(arr, 0x20), mul(pos, 0x20)))
}
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeMemoryAccess(uint256[] memory arr, uint256 pos) internal pure returns (uint256 res) {
assembly {
res := mload(add(add(arr, 0x20), mul(pos, 0x20)))
}
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeMemoryAccess(bytes[] memory arr, uint256 pos) internal pure returns (bytes memory res) {
assembly {
res := mload(add(add(arr, 0x20), mul(pos, 0x20)))
}
}
/**
* @dev Access an array in an "unsafe" way. Skips solidity "index-out-of-range" check.
*
* WARNING: Only use if you are certain `pos` is lower than the array length.
*/
function unsafeMemoryAccess(string[] memory arr, uint256 pos) internal pure returns (string memory res) {
assembly {
res := mload(add(add(arr, 0x20), mul(pos, 0x20)))
}
}
/**
* @dev Helper to set the length of a dynamic array. Directly writing to `.length` is forbidden.
*
* WARNING: this does not clear elements if length is reduced, of initialize elements if length is increased.
*/
function unsafeSetLength(address[] storage array, uint256 len) internal {
assembly ("memory-safe") {
sstore(array.slot, len)
}
}
/**
* @dev Helper to set the length of a dynamic array. Directly writing to `.length` is forbidden.
*
* WARNING: this does not clear elements if length is reduced, of initialize elements if length is increased.
*/
function unsafeSetLength(bytes32[] storage array, uint256 len) internal {
assembly ("memory-safe") {
sstore(array.slot, len)
}
}
/**
* @dev Helper to set the length of a dynamic array. Directly writing to `.length` is forbidden.
*
* WARNING: this does not clear elements if length is reduced, of initialize elements if length is increased.
*/
function unsafeSetLength(uint256[] storage array, uint256 len) internal {
assembly ("memory-safe") {
sstore(array.slot, len)
}
}
/**
* @dev Helper to set the length of a dynamic array. Directly writing to `.length` is forbidden.
*
* WARNING: this does not clear elements if length is reduced, of initialize elements if length is increased.
*/
function unsafeSetLength(bytes[] storage array, uint256 len) internal {
assembly ("memory-safe") {
sstore(array.slot, len)
}
}
/**
* @dev Helper to set the length of a dynamic array. Directly writing to `.length` is forbidden.
*
* WARNING: this does not clear elements if length is reduced, of initialize elements if length is increased.
*/
function unsafeSetLength(string[] storage array, uint256 len) internal {
assembly ("memory-safe") {
sstore(array.slot, len)
}
}
}
Comparators.sol 19 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Comparators.sol)
pragma solidity ^0.8.20;
/**
* @dev Provides a set of functions to compare values.
*
* _Available since v5.1._
*/
library Comparators {
function lt(uint256 a, uint256 b) internal pure returns (bool) {
return a < b;
}
function gt(uint256 a, uint256 b) internal pure returns (bool) {
return a > b;
}
}
Context.sol 28 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}
Create2.sol 91 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (utils/Create2.sol)
pragma solidity ^0.8.20;
import {Errors} from "./Errors.sol";
import {LowLevelCall} from "./LowLevelCall.sol";
/**
* @dev Helper to make usage of the `CREATE2` EVM opcode easier and safer.
* `CREATE2` can be used to compute in advance the address where a smart
* contract will be deployed, which allows for interesting new mechanisms known
* as 'counterfactual interactions'.
*
* See the https://eips.ethereum.org/EIPS/eip-1014#motivation[EIP] for more
* information.
*/
library Create2 {
/**
* @dev There's no code to deploy.
*/
error Create2EmptyBytecode();
/**
* @dev Deploys a contract using `CREATE2`. The address where the contract
* will be deployed can be known in advance via {computeAddress}.
*
* The bytecode for a contract can be obtained from Solidity with
* `type(contractName).creationCode`.
*
* Requirements:
*
* - `bytecode` must not be empty.
* - `salt` must have not been used for `bytecode` already.
* - the factory must have a balance of at least `amount`.
* - if `amount` is non-zero, `bytecode` must have a `payable` constructor.
*/
function deploy(uint256 amount, bytes32 salt, bytes memory bytecode) internal returns (address addr) {
if (address(this).balance < amount) {
revert Errors.InsufficientBalance(address(this).balance, amount);
}
if (bytecode.length == 0) {
revert Create2EmptyBytecode();
}
assembly ("memory-safe") {
addr := create2(amount, add(bytecode, 0x20), mload(bytecode), salt)
}
if (addr == address(0)) {
if (LowLevelCall.returnDataSize() == 0) {
revert Errors.FailedDeployment();
} else {
LowLevelCall.bubbleRevert();
}
}
}
/**
* @dev Returns the address where a contract will be stored if deployed via {deploy}. Any change in the
* `bytecodeHash` or `salt` will result in a new destination address.
*/
function computeAddress(bytes32 salt, bytes32 bytecodeHash) internal view returns (address) {
return computeAddress(salt, bytecodeHash, address(this));
}
/**
* @dev Returns the address where a contract will be stored if deployed via {deploy} from a contract located at
* `deployer`. If `deployer` is this contract's address, returns the same value as {computeAddress}.
*/
function computeAddress(bytes32 salt, bytes32 bytecodeHash, address deployer) internal pure returns (address addr) {
assembly ("memory-safe") {
let ptr := mload(0x40) // Get free memory pointer
// | | ↓ ptr ... ↓ ptr + 0x0B (start) ... ↓ ptr + 0x20 ... ↓ ptr + 0x40 ... |
// |---------------------|---------------------------------------------------------------------------|
// | bytecodeHash | CCCCCCCCCCCCC...CC |
// | salt | BBBBBBBBBBBBB...BB |
// | deployer | 000000...0000AAAAAAAAAAAAAAAAAAA...AA |
// | 0xFF | FF |
// |---------------------|---------------------------------------------------------------------------|
// | memory | 000000...00FFAAAAAAAAAAAAAAAAAAA...AABBBBBBBBBBBBB...BBCCCCCCCCCCCCC...CC |
// | keccak(start, 0x55) | ↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑ |
mstore(add(ptr, 0x40), bytecodeHash)
mstore(add(ptr, 0x20), salt)
mstore(ptr, deployer) // Right-aligned with 12 preceding garbage bytes
let start := add(ptr, 0x0b) // The hashed data starts at the final garbage byte which we will set to 0xff
mstore8(start, 0xff)
addr := and(keccak256(start, 0x55), 0xffffffffffffffffffffffffffffffffffffffff)
}
}
}
Errors.sol 34 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Errors.sol)
pragma solidity ^0.8.20;
/**
* @dev Collection of common custom errors used in multiple contracts
*
* IMPORTANT: Backwards compatibility is not guaranteed in future versions of the library.
* It is recommended to avoid relying on the error API for critical functionality.
*
* _Available since v5.1._
*/
library Errors {
/**
* @dev The ETH balance of the account is not enough to perform the operation.
*/
error InsufficientBalance(uint256 balance, uint256 needed);
/**
* @dev A call to an address target failed. The target may have reverted.
*/
error FailedCall();
/**
* @dev The deployment failed.
*/
error FailedDeployment();
/**
* @dev A necessary precompile is missing.
*/
error MissingPrecompile(address);
}
ERC165.sol 25 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (utils/introspection/ERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "./IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC-165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*/
abstract contract ERC165 is IERC165 {
/// @inheritdoc IERC165
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}
IERC165.sol 25 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (utils/introspection/IERC165.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[ERC].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
LowLevelCall.sol 127 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (utils/LowLevelCall.sol)
pragma solidity ^0.8.20;
/**
* @dev Library of low level call functions that implement different calling strategies to deal with the return data.
*
* WARNING: Using this library requires an advanced understanding of Solidity and how the EVM works. It is recommended
* to use the {Address} library instead.
*/
library LowLevelCall {
/// @dev Performs a Solidity function call using a low level `call` and ignoring the return data.
function callNoReturn(address target, bytes memory data) internal returns (bool success) {
return callNoReturn(target, 0, data);
}
/// @dev Same as {callNoReturn}, but allows to specify the value to be sent in the call.
function callNoReturn(address target, uint256 value, bytes memory data) internal returns (bool success) {
assembly ("memory-safe") {
success := call(gas(), target, value, add(data, 0x20), mload(data), 0x00, 0x00)
}
}
/// @dev Performs a Solidity function call using a low level `call` and returns the first 64 bytes of the result
/// in the scratch space of memory. Useful for functions that return a tuple of single-word values.
///
/// WARNING: Do not assume that the results are zero if `success` is false. Memory can be already allocated
/// and this function doesn't zero it out.
function callReturn64Bytes(
address target,
bytes memory data
) internal returns (bool success, bytes32 result1, bytes32 result2) {
return callReturn64Bytes(target, 0, data);
}
/// @dev Same as {callReturnBytes32Pair}, but allows to specify the value to be sent in the call.
function callReturn64Bytes(
address target,
uint256 value,
bytes memory data
) internal returns (bool success, bytes32 result1, bytes32 result2) {
assembly ("memory-safe") {
success := call(gas(), target, value, add(data, 0x20), mload(data), 0x00, 0x40)
result1 := mload(0x00)
result2 := mload(0x20)
}
}
/// @dev Performs a Solidity function call using a low level `staticcall` and ignoring the return data.
function staticcallNoReturn(address target, bytes memory data) internal view returns (bool success) {
assembly ("memory-safe") {
success := staticcall(gas(), target, add(data, 0x20), mload(data), 0x00, 0x00)
}
}
/// @dev Performs a Solidity function call using a low level `staticcall` and returns the first 64 bytes of the result
/// in the scratch space of memory. Useful for functions that return a tuple of single-word values.
///
/// WARNING: Do not assume that the results are zero if `success` is false. Memory can be already allocated
/// and this function doesn't zero it out.
function staticcallReturn64Bytes(
address target,
bytes memory data
) internal view returns (bool success, bytes32 result1, bytes32 result2) {
assembly ("memory-safe") {
success := staticcall(gas(), target, add(data, 0x20), mload(data), 0x00, 0x40)
result1 := mload(0x00)
result2 := mload(0x20)
}
}
/// @dev Performs a Solidity function call using a low level `delegatecall` and ignoring the return data.
function delegatecallNoReturn(address target, bytes memory data) internal returns (bool success) {
assembly ("memory-safe") {
success := delegatecall(gas(), target, add(data, 0x20), mload(data), 0x00, 0x00)
}
}
/// @dev Performs a Solidity function call using a low level `delegatecall` and returns the first 64 bytes of the result
/// in the scratch space of memory. Useful for functions that return a tuple of single-word values.
///
/// WARNING: Do not assume that the results are zero if `success` is false. Memory can be already allocated
/// and this function doesn't zero it out.
function delegatecallReturn64Bytes(
address target,
bytes memory data
) internal returns (bool success, bytes32 result1, bytes32 result2) {
assembly ("memory-safe") {
success := delegatecall(gas(), target, add(data, 0x20), mload(data), 0x00, 0x40)
result1 := mload(0x00)
result2 := mload(0x20)
}
}
/// @dev Returns the size of the return data buffer.
function returnDataSize() internal pure returns (uint256 size) {
assembly ("memory-safe") {
size := returndatasize()
}
}
/// @dev Returns a buffer containing the return data from the last call.
function returnData() internal pure returns (bytes memory result) {
assembly ("memory-safe") {
result := mload(0x40)
mstore(result, returndatasize())
returndatacopy(add(result, 0x20), 0x00, returndatasize())
mstore(0x40, add(result, add(0x20, returndatasize())))
}
}
/// @dev Revert with the return data from the last call.
function bubbleRevert() internal pure {
assembly ("memory-safe") {
let fmp := mload(0x40)
returndatacopy(fmp, 0x00, returndatasize())
revert(fmp, returndatasize())
}
}
function bubbleRevert(bytes memory returndata) internal pure {
assembly ("memory-safe") {
revert(add(returndata, 0x20), mload(returndata))
}
}
}
Math.sol 756 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (utils/math/Math.sol)
pragma solidity ^0.8.20;
import {Panic} from "../Panic.sol";
import {SafeCast} from "./SafeCast.sol";
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
enum Rounding {
Floor, // Toward negative infinity
Ceil, // Toward positive infinity
Trunc, // Toward zero
Expand // Away from zero
}
/**
* @dev Return the 512-bit addition of two uint256.
*
* The result is stored in two 256 variables such that sum = high * 2²⁵⁶ + low.
*/
function add512(uint256 a, uint256 b) internal pure returns (uint256 high, uint256 low) {
assembly ("memory-safe") {
low := add(a, b)
high := lt(low, a)
}
}
/**
* @dev Return the 512-bit multiplication of two uint256.
*
* The result is stored in two 256 variables such that product = high * 2²⁵⁶ + low.
*/
function mul512(uint256 a, uint256 b) internal pure returns (uint256 high, uint256 low) {
// 512-bit multiply [high low] = x * y. Compute the product mod 2²⁵⁶ and mod 2²⁵⁶ - 1, then use
// the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = high * 2²⁵⁶ + low.
assembly ("memory-safe") {
let mm := mulmod(a, b, not(0))
low := mul(a, b)
high := sub(sub(mm, low), lt(mm, low))
}
}
/**
* @dev Returns the addition of two unsigned integers, with a success flag (no overflow).
*/
function tryAdd(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
uint256 c = a + b;
success = c >= a;
result = c * SafeCast.toUint(success);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with a success flag (no overflow).
*/
function trySub(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
uint256 c = a - b;
success = c <= a;
result = c * SafeCast.toUint(success);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with a success flag (no overflow).
*/
function tryMul(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
uint256 c = a * b;
assembly ("memory-safe") {
// Only true when the multiplication doesn't overflow
// (c / a == b) || (a == 0)
success := or(eq(div(c, a), b), iszero(a))
}
// equivalent to: success ? c : 0
result = c * SafeCast.toUint(success);
}
}
/**
* @dev Returns the division of two unsigned integers, with a success flag (no division by zero).
*/
function tryDiv(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
success = b > 0;
assembly ("memory-safe") {
// The `DIV` opcode returns zero when the denominator is 0.
result := div(a, b)
}
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a success flag (no division by zero).
*/
function tryMod(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
success = b > 0;
assembly ("memory-safe") {
// The `MOD` opcode returns zero when the denominator is 0.
result := mod(a, b)
}
}
}
/**
* @dev Unsigned saturating addition, bounds to `2²⁵⁶ - 1` instead of overflowing.
*/
function saturatingAdd(uint256 a, uint256 b) internal pure returns (uint256) {
(bool success, uint256 result) = tryAdd(a, b);
return ternary(success, result, type(uint256).max);
}
/**
* @dev Unsigned saturating subtraction, bounds to zero instead of overflowing.
*/
function saturatingSub(uint256 a, uint256 b) internal pure returns (uint256) {
(, uint256 result) = trySub(a, b);
return result;
}
/**
* @dev Unsigned saturating multiplication, bounds to `2²⁵⁶ - 1` instead of overflowing.
*/
function saturatingMul(uint256 a, uint256 b) internal pure returns (uint256) {
(bool success, uint256 result) = tryMul(a, b);
return ternary(success, result, type(uint256).max);
}
/**
* @dev Branchless ternary evaluation for `condition ? a : b`. Gas costs are constant.
*
* IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone.
* However, the compiler may optimize Solidity ternary operations (i.e. `condition ? a : b`) to only compute
* one branch when needed, making this function more expensive.
*/
function ternary(bool condition, uint256 a, uint256 b) internal pure returns (uint256) {
unchecked {
// branchless ternary works because:
// b ^ (a ^ b) == a
// b ^ 0 == b
return b ^ ((a ^ b) * SafeCast.toUint(condition));
}
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return ternary(a > b, a, b);
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return ternary(a < b, a, b);
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds towards infinity instead
* of rounding towards zero.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
if (b == 0) {
// Guarantee the same behavior as in a regular Solidity division.
Panic.panic(Panic.DIVISION_BY_ZERO);
}
// The following calculation ensures accurate ceiling division without overflow.
// Since a is non-zero, (a - 1) / b will not overflow.
// The largest possible result occurs when (a - 1) / b is type(uint256).max,
// but the largest value we can obtain is type(uint256).max - 1, which happens
// when a = type(uint256).max and b = 1.
unchecked {
return SafeCast.toUint(a > 0) * ((a - 1) / b + 1);
}
}
/**
* @dev Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
* denominator == 0.
*
* Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
* Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
(uint256 high, uint256 low) = mul512(x, y);
// Handle non-overflow cases, 256 by 256 division.
if (high == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return low / denominator;
}
// Make sure the result is less than 2²⁵⁶. Also prevents denominator == 0.
if (denominator <= high) {
Panic.panic(ternary(denominator == 0, Panic.DIVISION_BY_ZERO, Panic.UNDER_OVERFLOW));
}
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [high low].
uint256 remainder;
assembly ("memory-safe") {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
high := sub(high, gt(remainder, low))
low := sub(low, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator.
// Always >= 1. See https://cs.stackexchange.com/q/138556/92363.
uint256 twos = denominator & (0 - denominator);
assembly ("memory-safe") {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [high low] by twos.
low := div(low, twos)
// Flip twos such that it is 2²⁵⁶ / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from high into low.
low |= high * twos;
// Invert denominator mod 2²⁵⁶. Now that denominator is an odd number, it has an inverse modulo 2²⁵⁶ such
// that denominator * inv ≡ 1 mod 2²⁵⁶. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv ≡ 1 mod 2⁴.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
// works in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2⁸
inverse *= 2 - denominator * inverse; // inverse mod 2¹⁶
inverse *= 2 - denominator * inverse; // inverse mod 2³²
inverse *= 2 - denominator * inverse; // inverse mod 2⁶⁴
inverse *= 2 - denominator * inverse; // inverse mod 2¹²⁸
inverse *= 2 - denominator * inverse; // inverse mod 2²⁵⁶
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2²⁵⁶. Since the preconditions guarantee that the outcome is
// less than 2²⁵⁶, this is the final result. We don't need to compute the high bits of the result and high
// is no longer required.
result = low * inverse;
return result;
}
}
/**
* @dev Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
return mulDiv(x, y, denominator) + SafeCast.toUint(unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0);
}
/**
* @dev Calculates floor(x * y >> n) with full precision. Throws if result overflows a uint256.
*/
function mulShr(uint256 x, uint256 y, uint8 n) internal pure returns (uint256 result) {
unchecked {
(uint256 high, uint256 low) = mul512(x, y);
if (high >= 1 << n) {
Panic.panic(Panic.UNDER_OVERFLOW);
}
return (high << (256 - n)) | (low >> n);
}
}
/**
* @dev Calculates x * y >> n with full precision, following the selected rounding direction.
*/
function mulShr(uint256 x, uint256 y, uint8 n, Rounding rounding) internal pure returns (uint256) {
return mulShr(x, y, n) + SafeCast.toUint(unsignedRoundsUp(rounding) && mulmod(x, y, 1 << n) > 0);
}
/**
* @dev Calculate the modular multiplicative inverse of a number in Z/nZ.
*
* If n is a prime, then Z/nZ is a field. In that case all elements are inversible, except 0.
* If n is not a prime, then Z/nZ is not a field, and some elements might not be inversible.
*
* If the input value is not inversible, 0 is returned.
*
* NOTE: If you know for sure that n is (big) a prime, it may be cheaper to use Fermat's little theorem and get the
* inverse using `Math.modExp(a, n - 2, n)`. See {invModPrime}.
*/
function invMod(uint256 a, uint256 n) internal pure returns (uint256) {
unchecked {
if (n == 0) return 0;
// The inverse modulo is calculated using the Extended Euclidean Algorithm (iterative version)
// Used to compute integers x and y such that: ax + ny = gcd(a, n).
// When the gcd is 1, then the inverse of a modulo n exists and it's x.
// ax + ny = 1
// ax = 1 + (-y)n
// ax ≡ 1 (mod n) # x is the inverse of a modulo n
// If the remainder is 0 the gcd is n right away.
uint256 remainder = a % n;
uint256 gcd = n;
// Therefore the initial coefficients are:
// ax + ny = gcd(a, n) = n
// 0a + 1n = n
int256 x = 0;
int256 y = 1;
while (remainder != 0) {
uint256 quotient = gcd / remainder;
(gcd, remainder) = (
// The old remainder is the next gcd to try.
remainder,
// Compute the next remainder.
// Can't overflow given that (a % gcd) * (gcd // (a % gcd)) <= gcd
// where gcd is at most n (capped to type(uint256).max)
gcd - remainder * quotient
);
(x, y) = (
// Increment the coefficient of a.
y,
// Decrement the coefficient of n.
// Can overflow, but the result is casted to uint256 so that the
// next value of y is "wrapped around" to a value between 0 and n - 1.
x - y * int256(quotient)
);
}
if (gcd != 1) return 0; // No inverse exists.
return ternary(x < 0, n - uint256(-x), uint256(x)); // Wrap the result if it's negative.
}
}
/**
* @dev Variant of {invMod}. More efficient, but only works if `p` is known to be a prime greater than `2`.
*
* From https://en.wikipedia.org/wiki/Fermat%27s_little_theorem[Fermat's little theorem], we know that if p is
* prime, then `a**(p-1) ≡ 1 mod p`. As a consequence, we have `a * a**(p-2) ≡ 1 mod p`, which means that
* `a**(p-2)` is the modular multiplicative inverse of a in Fp.
*
* NOTE: this function does NOT check that `p` is a prime greater than `2`.
*/
function invModPrime(uint256 a, uint256 p) internal view returns (uint256) {
unchecked {
return Math.modExp(a, p - 2, p);
}
}
/**
* @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m)
*
* Requirements:
* - modulus can't be zero
* - underlying staticcall to precompile must succeed
*
* IMPORTANT: The result is only valid if the underlying call succeeds. When using this function, make
* sure the chain you're using it on supports the precompiled contract for modular exponentiation
* at address 0x05 as specified in https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise,
* the underlying function will succeed given the lack of a revert, but the result may be incorrectly
* interpreted as 0.
*/
function modExp(uint256 b, uint256 e, uint256 m) internal view returns (uint256) {
(bool success, uint256 result) = tryModExp(b, e, m);
if (!success) {
Panic.panic(Panic.DIVISION_BY_ZERO);
}
return result;
}
/**
* @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m).
* It includes a success flag indicating if the operation succeeded. Operation will be marked as failed if trying
* to operate modulo 0 or if the underlying precompile reverted.
*
* IMPORTANT: The result is only valid if the success flag is true. When using this function, make sure the chain
* you're using it on supports the precompiled contract for modular exponentiation at address 0x05 as specified in
* https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise, the underlying function will succeed given the lack
* of a revert, but the result may be incorrectly interpreted as 0.
*/
function tryModExp(uint256 b, uint256 e, uint256 m) internal view returns (bool success, uint256 result) {
if (m == 0) return (false, 0);
assembly ("memory-safe") {
let ptr := mload(0x40)
// | Offset | Content | Content (Hex) |
// |-----------|------------|--------------------------------------------------------------------|
// | 0x00:0x1f | size of b | 0x0000000000000000000000000000000000000000000000000000000000000020 |
// | 0x20:0x3f | size of e | 0x0000000000000000000000000000000000000000000000000000000000000020 |
// | 0x40:0x5f | size of m | 0x0000000000000000000000000000000000000000000000000000000000000020 |
// | 0x60:0x7f | value of b | 0x<.............................................................b> |
// | 0x80:0x9f | value of e | 0x<.............................................................e> |
// | 0xa0:0xbf | value of m | 0x<.............................................................m> |
mstore(ptr, 0x20)
mstore(add(ptr, 0x20), 0x20)
mstore(add(ptr, 0x40), 0x20)
mstore(add(ptr, 0x60), b)
mstore(add(ptr, 0x80), e)
mstore(add(ptr, 0xa0), m)
// Given the result < m, it's guaranteed to fit in 32 bytes,
// so we can use the memory scratch space located at offset 0.
success := staticcall(gas(), 0x05, ptr, 0xc0, 0x00, 0x20)
result := mload(0x00)
}
}
/**
* @dev Variant of {modExp} that supports inputs of arbitrary length.
*/
function modExp(bytes memory b, bytes memory e, bytes memory m) internal view returns (bytes memory) {
(bool success, bytes memory result) = tryModExp(b, e, m);
if (!success) {
Panic.panic(Panic.DIVISION_BY_ZERO);
}
return result;
}
/**
* @dev Variant of {tryModExp} that supports inputs of arbitrary length.
*/
function tryModExp(
bytes memory b,
bytes memory e,
bytes memory m
) internal view returns (bool success, bytes memory result) {
if (_zeroBytes(m)) return (false, new bytes(0));
uint256 mLen = m.length;
// Encode call args in result and move the free memory pointer
result = abi.encodePacked(b.length, e.length, mLen, b, e, m);
assembly ("memory-safe") {
let dataPtr := add(result, 0x20)
// Write result on top of args to avoid allocating extra memory.
success := staticcall(gas(), 0x05, dataPtr, mload(result), dataPtr, mLen)
// Overwrite the length.
// result.length > returndatasize() is guaranteed because returndatasize() == m.length
mstore(result, mLen)
// Set the memory pointer after the returned data.
mstore(0x40, add(dataPtr, mLen))
}
}
/**
* @dev Returns whether the provided byte array is zero.
*/
function _zeroBytes(bytes memory byteArray) private pure returns (bool) {
for (uint256 i = 0; i < byteArray.length; ++i) {
if (byteArray[i] != 0) {
return false;
}
}
return true;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded
* towards zero.
*
* This method is based on Newton's method for computing square roots; the algorithm is restricted to only
* using integer operations.
*/
function sqrt(uint256 a) internal pure returns (uint256) {
unchecked {
// Take care of easy edge cases when a == 0 or a == 1
if (a <= 1) {
return a;
}
// In this function, we use Newton's method to get a root of `f(x) := x² - a`. It involves building a
// sequence x_n that converges toward sqrt(a). For each iteration x_n, we also define the error between
// the current value as `ε_n = | x_n - sqrt(a) |`.
//
// For our first estimation, we consider `e` the smallest power of 2 which is bigger than the square root
// of the target. (i.e. `2**(e-1) ≤ sqrt(a) < 2**e`). We know that `e ≤ 128` because `(2¹²⁸)² = 2²⁵⁶` is
// bigger than any uint256.
//
// By noticing that
// `2**(e-1) ≤ sqrt(a) < 2**e → (2**(e-1))² ≤ a < (2**e)² → 2**(2*e-2) ≤ a < 2**(2*e)`
// we can deduce that `e - 1` is `log2(a) / 2`. We can thus compute `x_n = 2**(e-1)` using a method similar
// to the msb function.
uint256 aa = a;
uint256 xn = 1;
if (aa >= (1 << 128)) {
aa >>= 128;
xn <<= 64;
}
if (aa >= (1 << 64)) {
aa >>= 64;
xn <<= 32;
}
if (aa >= (1 << 32)) {
aa >>= 32;
xn <<= 16;
}
if (aa >= (1 << 16)) {
aa >>= 16;
xn <<= 8;
}
if (aa >= (1 << 8)) {
aa >>= 8;
xn <<= 4;
}
if (aa >= (1 << 4)) {
aa >>= 4;
xn <<= 2;
}
if (aa >= (1 << 2)) {
xn <<= 1;
}
// We now have x_n such that `x_n = 2**(e-1) ≤ sqrt(a) < 2**e = 2 * x_n`. This implies ε_n ≤ 2**(e-1).
//
// We can refine our estimation by noticing that the middle of that interval minimizes the error.
// If we move x_n to equal 2**(e-1) + 2**(e-2), then we reduce the error to ε_n ≤ 2**(e-2).
// This is going to be our x_0 (and ε_0)
xn = (3 * xn) >> 1; // ε_0 := | x_0 - sqrt(a) | ≤ 2**(e-2)
// From here, Newton's method give us:
// x_{n+1} = (x_n + a / x_n) / 2
//
// One should note that:
// x_{n+1}² - a = ((x_n + a / x_n) / 2)² - a
// = ((x_n² + a) / (2 * x_n))² - a
// = (x_n⁴ + 2 * a * x_n² + a²) / (4 * x_n²) - a
// = (x_n⁴ + 2 * a * x_n² + a² - 4 * a * x_n²) / (4 * x_n²)
// = (x_n⁴ - 2 * a * x_n² + a²) / (4 * x_n²)
// = (x_n² - a)² / (2 * x_n)²
// = ((x_n² - a) / (2 * x_n))²
// ≥ 0
// Which proves that for all n ≥ 1, sqrt(a) ≤ x_n
//
// This gives us the proof of quadratic convergence of the sequence:
// ε_{n+1} = | x_{n+1} - sqrt(a) |
// = | (x_n + a / x_n) / 2 - sqrt(a) |
// = | (x_n² + a - 2*x_n*sqrt(a)) / (2 * x_n) |
// = | (x_n - sqrt(a))² / (2 * x_n) |
// = | ε_n² / (2 * x_n) |
// = ε_n² / | (2 * x_n) |
//
// For the first iteration, we have a special case where x_0 is known:
// ε_1 = ε_0² / | (2 * x_0) |
// ≤ (2**(e-2))² / (2 * (2**(e-1) + 2**(e-2)))
// ≤ 2**(2*e-4) / (3 * 2**(e-1))
// ≤ 2**(e-3) / 3
// ≤ 2**(e-3-log2(3))
// ≤ 2**(e-4.5)
//
// For the following iterations, we use the fact that, 2**(e-1) ≤ sqrt(a) ≤ x_n:
// ε_{n+1} = ε_n² / | (2 * x_n) |
// ≤ (2**(e-k))² / (2 * 2**(e-1))
// ≤ 2**(2*e-2*k) / 2**e
// ≤ 2**(e-2*k)
xn = (xn + a / xn) >> 1; // ε_1 := | x_1 - sqrt(a) | ≤ 2**(e-4.5) -- special case, see above
xn = (xn + a / xn) >> 1; // ε_2 := | x_2 - sqrt(a) | ≤ 2**(e-9) -- general case with k = 4.5
xn = (xn + a / xn) >> 1; // ε_3 := | x_3 - sqrt(a) | ≤ 2**(e-18) -- general case with k = 9
xn = (xn + a / xn) >> 1; // ε_4 := | x_4 - sqrt(a) | ≤ 2**(e-36) -- general case with k = 18
xn = (xn + a / xn) >> 1; // ε_5 := | x_5 - sqrt(a) | ≤ 2**(e-72) -- general case with k = 36
xn = (xn + a / xn) >> 1; // ε_6 := | x_6 - sqrt(a) | ≤ 2**(e-144) -- general case with k = 72
// Because e ≤ 128 (as discussed during the first estimation phase), we know have reached a precision
// ε_6 ≤ 2**(e-144) < 1. Given we're operating on integers, then we can ensure that xn is now either
// sqrt(a) or sqrt(a) + 1.
return xn - SafeCast.toUint(xn > a / xn);
}
}
/**
* @dev Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && result * result < a);
}
}
/**
* @dev Return the log in base 2 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log2(uint256 x) internal pure returns (uint256 r) {
// If value has upper 128 bits set, log2 result is at least 128
r = SafeCast.toUint(x > 0xffffffffffffffffffffffffffffffff) << 7;
// If upper 64 bits of 128-bit half set, add 64 to result
r |= SafeCast.toUint((x >> r) > 0xffffffffffffffff) << 6;
// If upper 32 bits of 64-bit half set, add 32 to result
r |= SafeCast.toUint((x >> r) > 0xffffffff) << 5;
// If upper 16 bits of 32-bit half set, add 16 to result
r |= SafeCast.toUint((x >> r) > 0xffff) << 4;
// If upper 8 bits of 16-bit half set, add 8 to result
r |= SafeCast.toUint((x >> r) > 0xff) << 3;
// If upper 4 bits of 8-bit half set, add 4 to result
r |= SafeCast.toUint((x >> r) > 0xf) << 2;
// Shifts value right by the current result and use it as an index into this lookup table:
//
// | x (4 bits) | index | table[index] = MSB position |
// |------------|---------|-----------------------------|
// | 0000 | 0 | table[0] = 0 |
// | 0001 | 1 | table[1] = 0 |
// | 0010 | 2 | table[2] = 1 |
// | 0011 | 3 | table[3] = 1 |
// | 0100 | 4 | table[4] = 2 |
// | 0101 | 5 | table[5] = 2 |
// | 0110 | 6 | table[6] = 2 |
// | 0111 | 7 | table[7] = 2 |
// | 1000 | 8 | table[8] = 3 |
// | 1001 | 9 | table[9] = 3 |
// | 1010 | 10 | table[10] = 3 |
// | 1011 | 11 | table[11] = 3 |
// | 1100 | 12 | table[12] = 3 |
// | 1101 | 13 | table[13] = 3 |
// | 1110 | 14 | table[14] = 3 |
// | 1111 | 15 | table[15] = 3 |
//
// The lookup table is represented as a 32-byte value with the MSB positions for 0-15 in the last 16 bytes.
assembly ("memory-safe") {
r := or(r, byte(shr(r, x), 0x0000010102020202030303030303030300000000000000000000000000000000))
}
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << result < value);
}
}
/**
* @dev Return the log in base 10 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 10 ** result < value);
}
}
/**
* @dev Return the log in base 256 of a positive value rounded towards zero.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 x) internal pure returns (uint256 r) {
// If value has upper 128 bits set, log2 result is at least 128
r = SafeCast.toUint(x > 0xffffffffffffffffffffffffffffffff) << 7;
// If upper 64 bits of 128-bit half set, add 64 to result
r |= SafeCast.toUint((x >> r) > 0xffffffffffffffff) << 6;
// If upper 32 bits of 64-bit half set, add 32 to result
r |= SafeCast.toUint((x >> r) > 0xffffffff) << 5;
// If upper 16 bits of 32-bit half set, add 16 to result
r |= SafeCast.toUint((x >> r) > 0xffff) << 4;
// Add 1 if upper 8 bits of 16-bit half set, and divide accumulated result by 8
return (r >> 3) | SafeCast.toUint((x >> r) > 0xff);
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << (result << 3) < value);
}
}
/**
* @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.
*/
function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) {
return uint8(rounding) % 2 == 1;
}
/**
* @dev Counts the number of leading zero bits in a uint256.
*/
function clz(uint256 x) internal pure returns (uint256) {
return ternary(x == 0, 256, 255 - log2(x));
}
}
SafeCast.sol 1162 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/SafeCast.sol)
// This file was procedurally generated from scripts/generate/templates/SafeCast.js.
pragma solidity ^0.8.20;
/**
* @dev Wrappers over Solidity's uintXX/intXX/bool casting operators with added overflow
* checks.
*
* Downcasting from uint256/int256 in Solidity does not revert on overflow. This can
* easily result in undesired exploitation or bugs, since developers usually
* assume that overflows raise errors. `SafeCast` restores this intuition by
* reverting the transaction when such an operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeCast {
/**
* @dev Value doesn't fit in an uint of `bits` size.
*/
error SafeCastOverflowedUintDowncast(uint8 bits, uint256 value);
/**
* @dev An int value doesn't fit in an uint of `bits` size.
*/
error SafeCastOverflowedIntToUint(int256 value);
/**
* @dev Value doesn't fit in an int of `bits` size.
*/
error SafeCastOverflowedIntDowncast(uint8 bits, int256 value);
/**
* @dev An uint value doesn't fit in an int of `bits` size.
*/
error SafeCastOverflowedUintToInt(uint256 value);
/**
* @dev Returns the downcasted uint248 from uint256, reverting on
* overflow (when the input is greater than largest uint248).
*
* Counterpart to Solidity's `uint248` operator.
*
* Requirements:
*
* - input must fit into 248 bits
*/
function toUint248(uint256 value) internal pure returns (uint248) {
if (value > type(uint248).max) {
revert SafeCastOverflowedUintDowncast(248, value);
}
return uint248(value);
}
/**
* @dev Returns the downcasted uint240 from uint256, reverting on
* overflow (when the input is greater than largest uint240).
*
* Counterpart to Solidity's `uint240` operator.
*
* Requirements:
*
* - input must fit into 240 bits
*/
function toUint240(uint256 value) internal pure returns (uint240) {
if (value > type(uint240).max) {
revert SafeCastOverflowedUintDowncast(240, value);
}
return uint240(value);
}
/**
* @dev Returns the downcasted uint232 from uint256, reverting on
* overflow (when the input is greater than largest uint232).
*
* Counterpart to Solidity's `uint232` operator.
*
* Requirements:
*
* - input must fit into 232 bits
*/
function toUint232(uint256 value) internal pure returns (uint232) {
if (value > type(uint232).max) {
revert SafeCastOverflowedUintDowncast(232, value);
}
return uint232(value);
}
/**
* @dev Returns the downcasted uint224 from uint256, reverting on
* overflow (when the input is greater than largest uint224).
*
* Counterpart to Solidity's `uint224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*/
function toUint224(uint256 value) internal pure returns (uint224) {
if (value > type(uint224).max) {
revert SafeCastOverflowedUintDowncast(224, value);
}
return uint224(value);
}
/**
* @dev Returns the downcasted uint216 from uint256, reverting on
* overflow (when the input is greater than largest uint216).
*
* Counterpart to Solidity's `uint216` operator.
*
* Requirements:
*
* - input must fit into 216 bits
*/
function toUint216(uint256 value) internal pure returns (uint216) {
if (value > type(uint216).max) {
revert SafeCastOverflowedUintDowncast(216, value);
}
return uint216(value);
}
/**
* @dev Returns the downcasted uint208 from uint256, reverting on
* overflow (when the input is greater than largest uint208).
*
* Counterpart to Solidity's `uint208` operator.
*
* Requirements:
*
* - input must fit into 208 bits
*/
function toUint208(uint256 value) internal pure returns (uint208) {
if (value > type(uint208).max) {
revert SafeCastOverflowedUintDowncast(208, value);
}
return uint208(value);
}
/**
* @dev Returns the downcasted uint200 from uint256, reverting on
* overflow (when the input is greater than largest uint200).
*
* Counterpart to Solidity's `uint200` operator.
*
* Requirements:
*
* - input must fit into 200 bits
*/
function toUint200(uint256 value) internal pure returns (uint200) {
if (value > type(uint200).max) {
revert SafeCastOverflowedUintDowncast(200, value);
}
return uint200(value);
}
/**
* @dev Returns the downcasted uint192 from uint256, reverting on
* overflow (when the input is greater than largest uint192).
*
* Counterpart to Solidity's `uint192` operator.
*
* Requirements:
*
* - input must fit into 192 bits
*/
function toUint192(uint256 value) internal pure returns (uint192) {
if (value > type(uint192).max) {
revert SafeCastOverflowedUintDowncast(192, value);
}
return uint192(value);
}
/**
* @dev Returns the downcasted uint184 from uint256, reverting on
* overflow (when the input is greater than largest uint184).
*
* Counterpart to Solidity's `uint184` operator.
*
* Requirements:
*
* - input must fit into 184 bits
*/
function toUint184(uint256 value) internal pure returns (uint184) {
if (value > type(uint184).max) {
revert SafeCastOverflowedUintDowncast(184, value);
}
return uint184(value);
}
/**
* @dev Returns the downcasted uint176 from uint256, reverting on
* overflow (when the input is greater than largest uint176).
*
* Counterpart to Solidity's `uint176` operator.
*
* Requirements:
*
* - input must fit into 176 bits
*/
function toUint176(uint256 value) internal pure returns (uint176) {
if (value > type(uint176).max) {
revert SafeCastOverflowedUintDowncast(176, value);
}
return uint176(value);
}
/**
* @dev Returns the downcasted uint168 from uint256, reverting on
* overflow (when the input is greater than largest uint168).
*
* Counterpart to Solidity's `uint168` operator.
*
* Requirements:
*
* - input must fit into 168 bits
*/
function toUint168(uint256 value) internal pure returns (uint168) {
if (value > type(uint168).max) {
revert SafeCastOverflowedUintDowncast(168, value);
}
return uint168(value);
}
/**
* @dev Returns the downcasted uint160 from uint256, reverting on
* overflow (when the input is greater than largest uint160).
*
* Counterpart to Solidity's `uint160` operator.
*
* Requirements:
*
* - input must fit into 160 bits
*/
function toUint160(uint256 value) internal pure returns (uint160) {
if (value > type(uint160).max) {
revert SafeCastOverflowedUintDowncast(160, value);
}
return uint160(value);
}
/**
* @dev Returns the downcasted uint152 from uint256, reverting on
* overflow (when the input is greater than largest uint152).
*
* Counterpart to Solidity's `uint152` operator.
*
* Requirements:
*
* - input must fit into 152 bits
*/
function toUint152(uint256 value) internal pure returns (uint152) {
if (value > type(uint152).max) {
revert SafeCastOverflowedUintDowncast(152, value);
}
return uint152(value);
}
/**
* @dev Returns the downcasted uint144 from uint256, reverting on
* overflow (when the input is greater than largest uint144).
*
* Counterpart to Solidity's `uint144` operator.
*
* Requirements:
*
* - input must fit into 144 bits
*/
function toUint144(uint256 value) internal pure returns (uint144) {
if (value > type(uint144).max) {
revert SafeCastOverflowedUintDowncast(144, value);
}
return uint144(value);
}
/**
* @dev Returns the downcasted uint136 from uint256, reverting on
* overflow (when the input is greater than largest uint136).
*
* Counterpart to Solidity's `uint136` operator.
*
* Requirements:
*
* - input must fit into 136 bits
*/
function toUint136(uint256 value) internal pure returns (uint136) {
if (value > type(uint136).max) {
revert SafeCastOverflowedUintDowncast(136, value);
}
return uint136(value);
}
/**
* @dev Returns the downcasted uint128 from uint256, reverting on
* overflow (when the input is greater than largest uint128).
*
* Counterpart to Solidity's `uint128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*/
function toUint128(uint256 value) internal pure returns (uint128) {
if (value > type(uint128).max) {
revert SafeCastOverflowedUintDowncast(128, value);
}
return uint128(value);
}
/**
* @dev Returns the downcasted uint120 from uint256, reverting on
* overflow (when the input is greater than largest uint120).
*
* Counterpart to Solidity's `uint120` operator.
*
* Requirements:
*
* - input must fit into 120 bits
*/
function toUint120(uint256 value) internal pure returns (uint120) {
if (value > type(uint120).max) {
revert SafeCastOverflowedUintDowncast(120, value);
}
return uint120(value);
}
/**
* @dev Returns the downcasted uint112 from uint256, reverting on
* overflow (when the input is greater than largest uint112).
*
* Counterpart to Solidity's `uint112` operator.
*
* Requirements:
*
* - input must fit into 112 bits
*/
function toUint112(uint256 value) internal pure returns (uint112) {
if (value > type(uint112).max) {
revert SafeCastOverflowedUintDowncast(112, value);
}
return uint112(value);
}
/**
* @dev Returns the downcasted uint104 from uint256, reverting on
* overflow (when the input is greater than largest uint104).
*
* Counterpart to Solidity's `uint104` operator.
*
* Requirements:
*
* - input must fit into 104 bits
*/
function toUint104(uint256 value) internal pure returns (uint104) {
if (value > type(uint104).max) {
revert SafeCastOverflowedUintDowncast(104, value);
}
return uint104(value);
}
/**
* @dev Returns the downcasted uint96 from uint256, reverting on
* overflow (when the input is greater than largest uint96).
*
* Counterpart to Solidity's `uint96` operator.
*
* Requirements:
*
* - input must fit into 96 bits
*/
function toUint96(uint256 value) internal pure returns (uint96) {
if (value > type(uint96).max) {
revert SafeCastOverflowedUintDowncast(96, value);
}
return uint96(value);
}
/**
* @dev Returns the downcasted uint88 from uint256, reverting on
* overflow (when the input is greater than largest uint88).
*
* Counterpart to Solidity's `uint88` operator.
*
* Requirements:
*
* - input must fit into 88 bits
*/
function toUint88(uint256 value) internal pure returns (uint88) {
if (value > type(uint88).max) {
revert SafeCastOverflowedUintDowncast(88, value);
}
return uint88(value);
}
/**
* @dev Returns the downcasted uint80 from uint256, reverting on
* overflow (when the input is greater than largest uint80).
*
* Counterpart to Solidity's `uint80` operator.
*
* Requirements:
*
* - input must fit into 80 bits
*/
function toUint80(uint256 value) internal pure returns (uint80) {
if (value > type(uint80).max) {
revert SafeCastOverflowedUintDowncast(80, value);
}
return uint80(value);
}
/**
* @dev Returns the downcasted uint72 from uint256, reverting on
* overflow (when the input is greater than largest uint72).
*
* Counterpart to Solidity's `uint72` operator.
*
* Requirements:
*
* - input must fit into 72 bits
*/
function toUint72(uint256 value) internal pure returns (uint72) {
if (value > type(uint72).max) {
revert SafeCastOverflowedUintDowncast(72, value);
}
return uint72(value);
}
/**
* @dev Returns the downcasted uint64 from uint256, reverting on
* overflow (when the input is greater than largest uint64).
*
* Counterpart to Solidity's `uint64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*/
function toUint64(uint256 value) internal pure returns (uint64) {
if (value > type(uint64).max) {
revert SafeCastOverflowedUintDowncast(64, value);
}
return uint64(value);
}
/**
* @dev Returns the downcasted uint56 from uint256, reverting on
* overflow (when the input is greater than largest uint56).
*
* Counterpart to Solidity's `uint56` operator.
*
* Requirements:
*
* - input must fit into 56 bits
*/
function toUint56(uint256 value) internal pure returns (uint56) {
if (value > type(uint56).max) {
revert SafeCastOverflowedUintDowncast(56, value);
}
return uint56(value);
}
/**
* @dev Returns the downcasted uint48 from uint256, reverting on
* overflow (when the input is greater than largest uint48).
*
* Counterpart to Solidity's `uint48` operator.
*
* Requirements:
*
* - input must fit into 48 bits
*/
function toUint48(uint256 value) internal pure returns (uint48) {
if (value > type(uint48).max) {
revert SafeCastOverflowedUintDowncast(48, value);
}
return uint48(value);
}
/**
* @dev Returns the downcasted uint40 from uint256, reverting on
* overflow (when the input is greater than largest uint40).
*
* Counterpart to Solidity's `uint40` operator.
*
* Requirements:
*
* - input must fit into 40 bits
*/
function toUint40(uint256 value) internal pure returns (uint40) {
if (value > type(uint40).max) {
revert SafeCastOverflowedUintDowncast(40, value);
}
return uint40(value);
}
/**
* @dev Returns the downcasted uint32 from uint256, reverting on
* overflow (when the input is greater than largest uint32).
*
* Counterpart to Solidity's `uint32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*/
function toUint32(uint256 value) internal pure returns (uint32) {
if (value > type(uint32).max) {
revert SafeCastOverflowedUintDowncast(32, value);
}
return uint32(value);
}
/**
* @dev Returns the downcasted uint24 from uint256, reverting on
* overflow (when the input is greater than largest uint24).
*
* Counterpart to Solidity's `uint24` operator.
*
* Requirements:
*
* - input must fit into 24 bits
*/
function toUint24(uint256 value) internal pure returns (uint24) {
if (value > type(uint24).max) {
revert SafeCastOverflowedUintDowncast(24, value);
}
return uint24(value);
}
/**
* @dev Returns the downcasted uint16 from uint256, reverting on
* overflow (when the input is greater than largest uint16).
*
* Counterpart to Solidity's `uint16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*/
function toUint16(uint256 value) internal pure returns (uint16) {
if (value > type(uint16).max) {
revert SafeCastOverflowedUintDowncast(16, value);
}
return uint16(value);
}
/**
* @dev Returns the downcasted uint8 from uint256, reverting on
* overflow (when the input is greater than largest uint8).
*
* Counterpart to Solidity's `uint8` operator.
*
* Requirements:
*
* - input must fit into 8 bits
*/
function toUint8(uint256 value) internal pure returns (uint8) {
if (value > type(uint8).max) {
revert SafeCastOverflowedUintDowncast(8, value);
}
return uint8(value);
}
/**
* @dev Converts a signed int256 into an unsigned uint256.
*
* Requirements:
*
* - input must be greater than or equal to 0.
*/
function toUint256(int256 value) internal pure returns (uint256) {
if (value < 0) {
revert SafeCastOverflowedIntToUint(value);
}
return uint256(value);
}
/**
* @dev Returns the downcasted int248 from int256, reverting on
* overflow (when the input is less than smallest int248 or
* greater than largest int248).
*
* Counterpart to Solidity's `int248` operator.
*
* Requirements:
*
* - input must fit into 248 bits
*/
function toInt248(int256 value) internal pure returns (int248 downcasted) {
downcasted = int248(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(248, value);
}
}
/**
* @dev Returns the downcasted int240 from int256, reverting on
* overflow (when the input is less than smallest int240 or
* greater than largest int240).
*
* Counterpart to Solidity's `int240` operator.
*
* Requirements:
*
* - input must fit into 240 bits
*/
function toInt240(int256 value) internal pure returns (int240 downcasted) {
downcasted = int240(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(240, value);
}
}
/**
* @dev Returns the downcasted int232 from int256, reverting on
* overflow (when the input is less than smallest int232 or
* greater than largest int232).
*
* Counterpart to Solidity's `int232` operator.
*
* Requirements:
*
* - input must fit into 232 bits
*/
function toInt232(int256 value) internal pure returns (int232 downcasted) {
downcasted = int232(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(232, value);
}
}
/**
* @dev Returns the downcasted int224 from int256, reverting on
* overflow (when the input is less than smallest int224 or
* greater than largest int224).
*
* Counterpart to Solidity's `int224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*/
function toInt224(int256 value) internal pure returns (int224 downcasted) {
downcasted = int224(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(224, value);
}
}
/**
* @dev Returns the downcasted int216 from int256, reverting on
* overflow (when the input is less than smallest int216 or
* greater than largest int216).
*
* Counterpart to Solidity's `int216` operator.
*
* Requirements:
*
* - input must fit into 216 bits
*/
function toInt216(int256 value) internal pure returns (int216 downcasted) {
downcasted = int216(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(216, value);
}
}
/**
* @dev Returns the downcasted int208 from int256, reverting on
* overflow (when the input is less than smallest int208 or
* greater than largest int208).
*
* Counterpart to Solidity's `int208` operator.
*
* Requirements:
*
* - input must fit into 208 bits
*/
function toInt208(int256 value) internal pure returns (int208 downcasted) {
downcasted = int208(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(208, value);
}
}
/**
* @dev Returns the downcasted int200 from int256, reverting on
* overflow (when the input is less than smallest int200 or
* greater than largest int200).
*
* Counterpart to Solidity's `int200` operator.
*
* Requirements:
*
* - input must fit into 200 bits
*/
function toInt200(int256 value) internal pure returns (int200 downcasted) {
downcasted = int200(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(200, value);
}
}
/**
* @dev Returns the downcasted int192 from int256, reverting on
* overflow (when the input is less than smallest int192 or
* greater than largest int192).
*
* Counterpart to Solidity's `int192` operator.
*
* Requirements:
*
* - input must fit into 192 bits
*/
function toInt192(int256 value) internal pure returns (int192 downcasted) {
downcasted = int192(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(192, value);
}
}
/**
* @dev Returns the downcasted int184 from int256, reverting on
* overflow (when the input is less than smallest int184 or
* greater than largest int184).
*
* Counterpart to Solidity's `int184` operator.
*
* Requirements:
*
* - input must fit into 184 bits
*/
function toInt184(int256 value) internal pure returns (int184 downcasted) {
downcasted = int184(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(184, value);
}
}
/**
* @dev Returns the downcasted int176 from int256, reverting on
* overflow (when the input is less than smallest int176 or
* greater than largest int176).
*
* Counterpart to Solidity's `int176` operator.
*
* Requirements:
*
* - input must fit into 176 bits
*/
function toInt176(int256 value) internal pure returns (int176 downcasted) {
downcasted = int176(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(176, value);
}
}
/**
* @dev Returns the downcasted int168 from int256, reverting on
* overflow (when the input is less than smallest int168 or
* greater than largest int168).
*
* Counterpart to Solidity's `int168` operator.
*
* Requirements:
*
* - input must fit into 168 bits
*/
function toInt168(int256 value) internal pure returns (int168 downcasted) {
downcasted = int168(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(168, value);
}
}
/**
* @dev Returns the downcasted int160 from int256, reverting on
* overflow (when the input is less than smallest int160 or
* greater than largest int160).
*
* Counterpart to Solidity's `int160` operator.
*
* Requirements:
*
* - input must fit into 160 bits
*/
function toInt160(int256 value) internal pure returns (int160 downcasted) {
downcasted = int160(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(160, value);
}
}
/**
* @dev Returns the downcasted int152 from int256, reverting on
* overflow (when the input is less than smallest int152 or
* greater than largest int152).
*
* Counterpart to Solidity's `int152` operator.
*
* Requirements:
*
* - input must fit into 152 bits
*/
function toInt152(int256 value) internal pure returns (int152 downcasted) {
downcasted = int152(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(152, value);
}
}
/**
* @dev Returns the downcasted int144 from int256, reverting on
* overflow (when the input is less than smallest int144 or
* greater than largest int144).
*
* Counterpart to Solidity's `int144` operator.
*
* Requirements:
*
* - input must fit into 144 bits
*/
function toInt144(int256 value) internal pure returns (int144 downcasted) {
downcasted = int144(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(144, value);
}
}
/**
* @dev Returns the downcasted int136 from int256, reverting on
* overflow (when the input is less than smallest int136 or
* greater than largest int136).
*
* Counterpart to Solidity's `int136` operator.
*
* Requirements:
*
* - input must fit into 136 bits
*/
function toInt136(int256 value) internal pure returns (int136 downcasted) {
downcasted = int136(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(136, value);
}
}
/**
* @dev Returns the downcasted int128 from int256, reverting on
* overflow (when the input is less than smallest int128 or
* greater than largest int128).
*
* Counterpart to Solidity's `int128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*/
function toInt128(int256 value) internal pure returns (int128 downcasted) {
downcasted = int128(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(128, value);
}
}
/**
* @dev Returns the downcasted int120 from int256, reverting on
* overflow (when the input is less than smallest int120 or
* greater than largest int120).
*
* Counterpart to Solidity's `int120` operator.
*
* Requirements:
*
* - input must fit into 120 bits
*/
function toInt120(int256 value) internal pure returns (int120 downcasted) {
downcasted = int120(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(120, value);
}
}
/**
* @dev Returns the downcasted int112 from int256, reverting on
* overflow (when the input is less than smallest int112 or
* greater than largest int112).
*
* Counterpart to Solidity's `int112` operator.
*
* Requirements:
*
* - input must fit into 112 bits
*/
function toInt112(int256 value) internal pure returns (int112 downcasted) {
downcasted = int112(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(112, value);
}
}
/**
* @dev Returns the downcasted int104 from int256, reverting on
* overflow (when the input is less than smallest int104 or
* greater than largest int104).
*
* Counterpart to Solidity's `int104` operator.
*
* Requirements:
*
* - input must fit into 104 bits
*/
function toInt104(int256 value) internal pure returns (int104 downcasted) {
downcasted = int104(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(104, value);
}
}
/**
* @dev Returns the downcasted int96 from int256, reverting on
* overflow (when the input is less than smallest int96 or
* greater than largest int96).
*
* Counterpart to Solidity's `int96` operator.
*
* Requirements:
*
* - input must fit into 96 bits
*/
function toInt96(int256 value) internal pure returns (int96 downcasted) {
downcasted = int96(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(96, value);
}
}
/**
* @dev Returns the downcasted int88 from int256, reverting on
* overflow (when the input is less than smallest int88 or
* greater than largest int88).
*
* Counterpart to Solidity's `int88` operator.
*
* Requirements:
*
* - input must fit into 88 bits
*/
function toInt88(int256 value) internal pure returns (int88 downcasted) {
downcasted = int88(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(88, value);
}
}
/**
* @dev Returns the downcasted int80 from int256, reverting on
* overflow (when the input is less than smallest int80 or
* greater than largest int80).
*
* Counterpart to Solidity's `int80` operator.
*
* Requirements:
*
* - input must fit into 80 bits
*/
function toInt80(int256 value) internal pure returns (int80 downcasted) {
downcasted = int80(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(80, value);
}
}
/**
* @dev Returns the downcasted int72 from int256, reverting on
* overflow (when the input is less than smallest int72 or
* greater than largest int72).
*
* Counterpart to Solidity's `int72` operator.
*
* Requirements:
*
* - input must fit into 72 bits
*/
function toInt72(int256 value) internal pure returns (int72 downcasted) {
downcasted = int72(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(72, value);
}
}
/**
* @dev Returns the downcasted int64 from int256, reverting on
* overflow (when the input is less than smallest int64 or
* greater than largest int64).
*
* Counterpart to Solidity's `int64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*/
function toInt64(int256 value) internal pure returns (int64 downcasted) {
downcasted = int64(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(64, value);
}
}
/**
* @dev Returns the downcasted int56 from int256, reverting on
* overflow (when the input is less than smallest int56 or
* greater than largest int56).
*
* Counterpart to Solidity's `int56` operator.
*
* Requirements:
*
* - input must fit into 56 bits
*/
function toInt56(int256 value) internal pure returns (int56 downcasted) {
downcasted = int56(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(56, value);
}
}
/**
* @dev Returns the downcasted int48 from int256, reverting on
* overflow (when the input is less than smallest int48 or
* greater than largest int48).
*
* Counterpart to Solidity's `int48` operator.
*
* Requirements:
*
* - input must fit into 48 bits
*/
function toInt48(int256 value) internal pure returns (int48 downcasted) {
downcasted = int48(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(48, value);
}
}
/**
* @dev Returns the downcasted int40 from int256, reverting on
* overflow (when the input is less than smallest int40 or
* greater than largest int40).
*
* Counterpart to Solidity's `int40` operator.
*
* Requirements:
*
* - input must fit into 40 bits
*/
function toInt40(int256 value) internal pure returns (int40 downcasted) {
downcasted = int40(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(40, value);
}
}
/**
* @dev Returns the downcasted int32 from int256, reverting on
* overflow (when the input is less than smallest int32 or
* greater than largest int32).
*
* Counterpart to Solidity's `int32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*/
function toInt32(int256 value) internal pure returns (int32 downcasted) {
downcasted = int32(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(32, value);
}
}
/**
* @dev Returns the downcasted int24 from int256, reverting on
* overflow (when the input is less than smallest int24 or
* greater than largest int24).
*
* Counterpart to Solidity's `int24` operator.
*
* Requirements:
*
* - input must fit into 24 bits
*/
function toInt24(int256 value) internal pure returns (int24 downcasted) {
downcasted = int24(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(24, value);
}
}
/**
* @dev Returns the downcasted int16 from int256, reverting on
* overflow (when the input is less than smallest int16 or
* greater than largest int16).
*
* Counterpart to Solidity's `int16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*/
function toInt16(int256 value) internal pure returns (int16 downcasted) {
downcasted = int16(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(16, value);
}
}
/**
* @dev Returns the downcasted int8 from int256, reverting on
* overflow (when the input is less than smallest int8 or
* greater than largest int8).
*
* Counterpart to Solidity's `int8` operator.
*
* Requirements:
*
* - input must fit into 8 bits
*/
function toInt8(int256 value) internal pure returns (int8 downcasted) {
downcasted = int8(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(8, value);
}
}
/**
* @dev Converts an unsigned uint256 into a signed int256.
*
* Requirements:
*
* - input must be less than or equal to maxInt256.
*/
function toInt256(uint256 value) internal pure returns (int256) {
// Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive
if (value > uint256(type(int256).max)) {
revert SafeCastOverflowedUintToInt(value);
}
return int256(value);
}
/**
* @dev Cast a boolean (false or true) to a uint256 (0 or 1) with no jump.
*/
function toUint(bool b) internal pure returns (uint256 u) {
assembly ("memory-safe") {
u := iszero(iszero(b))
}
}
}
Memory.sol 135 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (utils/Memory.sol)
pragma solidity ^0.8.24;
import {Panic} from "./Panic.sol";
import {Math} from "./math/Math.sol";
/**
* @dev Utilities to manipulate memory.
*
* Memory is a contiguous and dynamic byte array in which Solidity stores non-primitive types.
* This library provides functions to manipulate pointers to this dynamic array and work with slices of it.
*
* Slices provide a view into a portion of memory without copying data, enabling efficient substring operations.
*
* WARNING: When manipulating memory pointers or slices, make sure to follow the Solidity documentation
* guidelines for https://docs.soliditylang.org/en/v0.8.20/assembly.html#memory-safety[Memory Safety].
*/
library Memory {
type Pointer is bytes32;
/// @dev Returns a `Pointer` to the current free `Pointer`.
function getFreeMemoryPointer() internal pure returns (Pointer ptr) {
assembly ("memory-safe") {
ptr := mload(0x40)
}
}
/**
* @dev Sets the free `Pointer` to a specific value.
*
* WARNING: Everything after the pointer may be overwritten.
**/
function setFreeMemoryPointer(Pointer ptr) internal pure {
assembly ("memory-safe") {
mstore(0x40, ptr)
}
}
/// @dev `Pointer` to `bytes32`. Expects a pointer to a properly ABI-encoded `bytes` object.
function asBytes32(Pointer ptr) internal pure returns (bytes32) {
return Pointer.unwrap(ptr);
}
/// @dev `bytes32` to `Pointer`. Expects a pointer to a properly ABI-encoded `bytes` object.
function asPointer(bytes32 value) internal pure returns (Pointer) {
return Pointer.wrap(value);
}
/// @dev Move a pointer forward by a given offset.
function forward(Pointer ptr, uint256 offset) internal pure returns (Pointer) {
return Pointer.wrap(bytes32(uint256(Pointer.unwrap(ptr)) + offset));
}
/// @dev Equality comparator for memory pointers.
function equal(Pointer ptr1, Pointer ptr2) internal pure returns (bool) {
return Pointer.unwrap(ptr1) == Pointer.unwrap(ptr2);
}
type Slice is bytes32;
/// @dev Get a slice representation of a bytes object in memory
function asSlice(bytes memory self) internal pure returns (Slice result) {
assembly ("memory-safe") {
result := or(shl(128, mload(self)), add(self, 0x20))
}
}
/// @dev Returns the length of a given slice (equiv to self.length for calldata slices)
function length(Slice self) internal pure returns (uint256 result) {
assembly ("memory-safe") {
result := shr(128, self)
}
}
/// @dev Offset a memory slice (equivalent to self[start:] for calldata slices)
function slice(Slice self, uint256 offset) internal pure returns (Slice) {
if (offset > length(self)) Panic.panic(Panic.ARRAY_OUT_OF_BOUNDS);
return _asSlice(length(self) - offset, forward(_pointer(self), offset));
}
/// @dev Offset and cut a Slice (equivalent to self[start:start+length] for calldata slices)
function slice(Slice self, uint256 offset, uint256 len) internal pure returns (Slice) {
if (offset + len > length(self)) Panic.panic(Panic.ARRAY_OUT_OF_BOUNDS);
return _asSlice(len, forward(_pointer(self), offset));
}
/**
* @dev Read a bytes32 buffer from a given Slice at a specific offset
*
* NOTE: If offset > length(slice) - 0x20, part of the return value will be out of bound of the slice. These bytes are zeroed.
*/
function load(Slice self, uint256 offset) internal pure returns (bytes32 value) {
uint256 outOfBoundBytes = Math.saturatingSub(0x20 + offset, length(self));
if (outOfBoundBytes > 0x1f) Panic.panic(Panic.ARRAY_OUT_OF_BOUNDS);
assembly ("memory-safe") {
value := and(mload(add(and(self, shr(128, not(0))), offset)), shl(mul(8, outOfBoundBytes), not(0)))
}
}
/// @dev Extract the data corresponding to a Slice (allocate new memory)
function toBytes(Slice self) internal pure returns (bytes memory result) {
uint256 len = length(self);
Memory.Pointer ptr = _pointer(self);
assembly ("memory-safe") {
result := mload(0x40)
mstore(result, len)
mcopy(add(result, 0x20), ptr, len)
mstore(0x40, add(add(result, len), 0x20))
}
}
/**
* @dev Private helper: create a slice from raw values (length and pointer)
*
* NOTE: this function MUST NOT be called with `len` or `ptr` that exceed `2**128-1`. This should never be
* the case of slices produced by `asSlice(bytes)`, and function that reduce the scope of slices
* (`slice(Slice,uint256)` and `slice(Slice,uint256, uint256)`) should not cause this issue if the parent slice is
* correct.
*/
function _asSlice(uint256 len, Memory.Pointer ptr) private pure returns (Slice result) {
assembly ("memory-safe") {
result := or(shl(128, len), ptr)
}
}
/// @dev Returns the memory location of a given slice (equiv to self.offset for calldata slices)
function _pointer(Slice self) private pure returns (Memory.Pointer result) {
assembly ("memory-safe") {
result := and(self, shr(128, not(0)))
}
}
}
Panic.sol 57 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Panic.sol)
pragma solidity ^0.8.20;
/**
* @dev Helper library for emitting standardized panic codes.
*
* ```solidity
* contract Example {
* using Panic for uint256;
*
* // Use any of the declared internal constants
* function foo() { Panic.GENERIC.panic(); }
*
* // Alternatively
* function foo() { Panic.panic(Panic.GENERIC); }
* }
* ```
*
* Follows the list from https://github.com/ethereum/solidity/blob/v0.8.24/libsolutil/ErrorCodes.h[libsolutil].
*
* _Available since v5.1._
*/
// slither-disable-next-line unused-state
library Panic {
/// @dev generic / unspecified error
uint256 internal constant GENERIC = 0x00;
/// @dev used by the assert() builtin
uint256 internal constant ASSERT = 0x01;
/// @dev arithmetic underflow or overflow
uint256 internal constant UNDER_OVERFLOW = 0x11;
/// @dev division or modulo by zero
uint256 internal constant DIVISION_BY_ZERO = 0x12;
/// @dev enum conversion error
uint256 internal constant ENUM_CONVERSION_ERROR = 0x21;
/// @dev invalid encoding in storage
uint256 internal constant STORAGE_ENCODING_ERROR = 0x22;
/// @dev empty array pop
uint256 internal constant EMPTY_ARRAY_POP = 0x31;
/// @dev array out of bounds access
uint256 internal constant ARRAY_OUT_OF_BOUNDS = 0x32;
/// @dev resource error (too large allocation or too large array)
uint256 internal constant RESOURCE_ERROR = 0x41;
/// @dev calling invalid internal function
uint256 internal constant INVALID_INTERNAL_FUNCTION = 0x51;
/// @dev Reverts with a panic code. Recommended to use with
/// the internal constants with predefined codes.
function panic(uint256 code) internal pure {
assembly ("memory-safe") {
mstore(0x00, 0x4e487b71)
mstore(0x20, code)
revert(0x1c, 0x24)
}
}
}
ReentrancyGuard.sol 119 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (utils/ReentrancyGuard.sol)
pragma solidity ^0.8.20;
import {StorageSlot} from "./StorageSlot.sol";
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If EIP-1153 (transient storage) is available on the chain you're deploying at,
* consider using {ReentrancyGuardTransient} instead.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*
* IMPORTANT: Deprecated. This storage-based reentrancy guard will be removed and replaced
* by the {ReentrancyGuardTransient} variant in v6.0.
*
* @custom:stateless
*/
abstract contract ReentrancyGuard {
using StorageSlot for bytes32;
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.ReentrancyGuard")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant REENTRANCY_GUARD_STORAGE =
0x9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f00;
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant NOT_ENTERED = 1;
uint256 private constant ENTERED = 2;
/**
* @dev Unauthorized reentrant call.
*/
error ReentrancyGuardReentrantCall();
constructor() {
_reentrancyGuardStorageSlot().getUint256Slot().value = NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
/**
* @dev A `view` only version of {nonReentrant}. Use to block view functions
* from being called, preventing reading from inconsistent contract state.
*
* CAUTION: This is a "view" modifier and does not change the reentrancy
* status. Use it only on view functions. For payable or non-payable functions,
* use the standard {nonReentrant} modifier instead.
*/
modifier nonReentrantView() {
_nonReentrantBeforeView();
_;
}
function _nonReentrantBeforeView() private view {
if (_reentrancyGuardEntered()) {
revert ReentrancyGuardReentrantCall();
}
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be NOT_ENTERED
_nonReentrantBeforeView();
// Any calls to nonReentrant after this point will fail
_reentrancyGuardStorageSlot().getUint256Slot().value = ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_reentrancyGuardStorageSlot().getUint256Slot().value = NOT_ENTERED;
}
/**
* @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
* `nonReentrant` function in the call stack.
*/
function _reentrancyGuardEntered() internal view returns (bool) {
return _reentrancyGuardStorageSlot().getUint256Slot().value == ENTERED;
}
function _reentrancyGuardStorageSlot() internal pure virtual returns (bytes32) {
return REENTRANCY_GUARD_STORAGE;
}
}
SlotDerivation.sol 155 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (utils/SlotDerivation.sol)
// This file was procedurally generated from scripts/generate/templates/SlotDerivation.js.
pragma solidity ^0.8.20;
/**
* @dev Library for computing storage (and transient storage) locations from namespaces and deriving slots
* corresponding to standard patterns. The derivation method for array and mapping matches the storage layout used by
* the solidity language / compiler.
*
* See https://docs.soliditylang.org/en/v0.8.20/internals/layout_in_storage.html#mappings-and-dynamic-arrays[Solidity docs for mappings and dynamic arrays.].
*
* Example usage:
* ```solidity
* contract Example {
* // Add the library methods
* using StorageSlot for bytes32;
* using SlotDerivation for *;
*
* // Declare a namespace
* string private constant _NAMESPACE = "<namespace>"; // eg. OpenZeppelin.Slot
*
* function setValueInNamespace(uint256 key, address newValue) internal {
* _NAMESPACE.erc7201Slot().deriveMapping(key).getAddressSlot().value = newValue;
* }
*
* function getValueInNamespace(uint256 key) internal view returns (address) {
* return _NAMESPACE.erc7201Slot().deriveMapping(key).getAddressSlot().value;
* }
* }
* ```
*
* TIP: Consider using this library along with {StorageSlot}.
*
* NOTE: This library provides a way to manipulate storage locations in a non-standard way. Tooling for checking
* upgrade safety will ignore the slots accessed through this library.
*
* _Available since v5.1._
*/
library SlotDerivation {
/**
* @dev Derive an ERC-7201 slot from a string (namespace).
*/
function erc7201Slot(string memory namespace) internal pure returns (bytes32 slot) {
assembly ("memory-safe") {
mstore(0x00, sub(keccak256(add(namespace, 0x20), mload(namespace)), 1))
slot := and(keccak256(0x00, 0x20), not(0xff))
}
}
/**
* @dev Add an offset to a slot to get the n-th element of a structure or an array.
*/
function offset(bytes32 slot, uint256 pos) internal pure returns (bytes32 result) {
unchecked {
return bytes32(uint256(slot) + pos);
}
}
/**
* @dev Derive the location of the first element in an array from the slot where the length is stored.
*/
function deriveArray(bytes32 slot) internal pure returns (bytes32 result) {
assembly ("memory-safe") {
mstore(0x00, slot)
result := keccak256(0x00, 0x20)
}
}
/**
* @dev Derive the location of a mapping element from the key.
*/
function deriveMapping(bytes32 slot, address key) internal pure returns (bytes32 result) {
assembly ("memory-safe") {
mstore(0x00, and(key, shr(96, not(0))))
mstore(0x20, slot)
result := keccak256(0x00, 0x40)
}
}
/**
* @dev Derive the location of a mapping element from the key.
*/
function deriveMapping(bytes32 slot, bool key) internal pure returns (bytes32 result) {
assembly ("memory-safe") {
mstore(0x00, iszero(iszero(key)))
mstore(0x20, slot)
result := keccak256(0x00, 0x40)
}
}
/**
* @dev Derive the location of a mapping element from the key.
*/
function deriveMapping(bytes32 slot, bytes32 key) internal pure returns (bytes32 result) {
assembly ("memory-safe") {
mstore(0x00, key)
mstore(0x20, slot)
result := keccak256(0x00, 0x40)
}
}
/**
* @dev Derive the location of a mapping element from the key.
*/
function deriveMapping(bytes32 slot, uint256 key) internal pure returns (bytes32 result) {
assembly ("memory-safe") {
mstore(0x00, key)
mstore(0x20, slot)
result := keccak256(0x00, 0x40)
}
}
/**
* @dev Derive the location of a mapping element from the key.
*/
function deriveMapping(bytes32 slot, int256 key) internal pure returns (bytes32 result) {
assembly ("memory-safe") {
mstore(0x00, key)
mstore(0x20, slot)
result := keccak256(0x00, 0x40)
}
}
/**
* @dev Derive the location of a mapping element from the key.
*/
function deriveMapping(bytes32 slot, string memory key) internal pure returns (bytes32 result) {
assembly ("memory-safe") {
let length := mload(key)
let begin := add(key, 0x20)
let end := add(begin, length)
let cache := mload(end)
mstore(end, slot)
result := keccak256(begin, add(length, 0x20))
mstore(end, cache)
}
}
/**
* @dev Derive the location of a mapping element from the key.
*/
function deriveMapping(bytes32 slot, bytes memory key) internal pure returns (bytes32 result) {
assembly ("memory-safe") {
let length := mload(key)
let begin := add(key, 0x20)
let end := add(begin, length)
let cache := mload(end)
mstore(end, slot)
result := keccak256(begin, add(length, 0x20))
mstore(end, cache)
}
}
}
StorageSlot.sol 143 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/StorageSlot.sol)
// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.
pragma solidity ^0.8.20;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC-1967 implementation slot:
* ```solidity
* contract ERC1967 {
* // Define the slot. Alternatively, use the SlotDerivation library to derive the slot.
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(newImplementation.code.length > 0);
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* TIP: Consider using this library along with {SlotDerivation}.
*/
library StorageSlot {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
struct Int256Slot {
int256 value;
}
struct StringSlot {
string value;
}
struct BytesSlot {
bytes value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns a `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns a `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns a `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns a `Int256Slot` with member `value` located at `slot`.
*/
function getInt256Slot(bytes32 slot) internal pure returns (Int256Slot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns a `StringSlot` with member `value` located at `slot`.
*/
function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` representation of the string storage pointer `store`.
*/
function getStringSlot(string storage store) internal pure returns (StringSlot storage r) {
assembly ("memory-safe") {
r.slot := store.slot
}
}
/**
* @dev Returns a `BytesSlot` with member `value` located at `slot`.
*/
function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.
*/
function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) {
assembly ("memory-safe") {
r.slot := store.slot
}
}
}
EnumerableSet.sol 792 lines
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (utils/structs/EnumerableSet.sol)
// This file was procedurally generated from scripts/generate/templates/EnumerableSet.js.
pragma solidity ^0.8.24;
import {Arrays} from "../Arrays.sol";
import {Math} from "../math/Math.sol";
/**
* @dev Library for managing
* https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive
* types.
*
* Sets have the following properties:
*
* - Elements are added, removed, and checked for existence in constant time
* (O(1)).
* - Elements are enumerated in O(n). No guarantees are made on the ordering.
* - Set can be cleared (all elements removed) in O(n).
*
* ```solidity
* contract Example {
* // Add the library methods
* using EnumerableSet for EnumerableSet.AddressSet;
*
* // Declare a set state variable
* EnumerableSet.AddressSet private mySet;
* }
* ```
*
* The following types are supported:
*
* - `bytes32` (`Bytes32Set`) since v3.3.0
* - `address` (`AddressSet`) since v3.3.0
* - `uint256` (`UintSet`) since v3.3.0
* - `string` (`StringSet`) since v5.4.0
* - `bytes` (`BytesSet`) since v5.4.0
*
* [WARNING]
* ====
* Trying to delete such a structure from storage will likely result in data corruption, rendering the structure
* unusable.
* See https://github.com/ethereum/solidity/pull/11843[ethereum/solidity#11843] for more info.
*
* In order to clean an EnumerableSet, you can either remove all elements one by one or create a fresh instance using an
* array of EnumerableSet.
* ====
*/
library EnumerableSet {
// To implement this library for multiple types with as little code
// repetition as possible, we write it in terms of a generic Set type with
// bytes32 values.
// The Set implementation uses private functions, and user-facing
// implementations (such as AddressSet) are just wrappers around the
// underlying Set.
// This means that we can only create new EnumerableSets for types that fit
// in bytes32.
struct Set {
// Storage of set values
bytes32[] _values;
// Position is the index of the value in the `values` array plus 1.
// Position 0 is used to mean a value is not in the set.
mapping(bytes32 value => uint256) _positions;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function _add(Set storage set, bytes32 value) private returns (bool) {
if (!_contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes
// and use 0 as a sentinel value
set._positions[value] = set._values.length;
return true;
} else {
return false;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function _remove(Set storage set, bytes32 value) private returns (bool) {
// We cache the value's position to prevent multiple reads from the same storage slot
uint256 position = set._positions[value];
if (position != 0) {
// Equivalent to contains(set, value)
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in
// the array, and then remove the last element (sometimes called as 'swap and pop').
// This modifies the order of the array, as noted in {at}.
uint256 valueIndex = position - 1;
uint256 lastIndex = set._values.length - 1;
if (valueIndex != lastIndex) {
bytes32 lastValue = set._values[lastIndex];
// Move the lastValue to the index where the value to delete is
set._values[valueIndex] = lastValue;
// Update the tracked position of the lastValue (that was just moved)
set._positions[lastValue] = position;
}
// Delete the slot where the moved value was stored
set._values.pop();
// Delete the tracked position for the deleted slot
delete set._positions[value];
return true;
} else {
return false;
}
}
/**
* @dev Removes all the values from a set. O(n).
*
* WARNING: This function has an unbounded cost that scales with set size. Developers should keep in mind that
* using it may render the function uncallable if the set grows to the point where clearing it consumes too much
* gas to fit in a block.
*/
function _clear(Set storage set) private {
uint256 len = _length(set);
for (uint256 i = 0; i < len; ++i) {
delete set._positions[set._values[i]];
}
Arrays.unsafeSetLength(set._values, 0);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function _contains(Set storage set, bytes32 value) private view returns (bool) {
return set._positions[value] != 0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/
function _length(Set storage set) private view returns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function _at(Set storage set, uint256 index) private view returns (bytes32) {
return set._values[index];
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function _values(Set storage set) private view returns (bytes32[] memory) {
return set._values;
}
/**
* @dev Return a slice of the set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function _values(Set storage set, uint256 start, uint256 end) private view returns (bytes32[] memory) {
unchecked {
end = Math.min(end, _length(set));
start = Math.min(start, end);
uint256 len = end - start;
bytes32[] memory result = new bytes32[](len);
for (uint256 i = 0; i < len; ++i) {
result[i] = Arrays.unsafeAccess(set._values, start + i).value;
}
return result;
}
}
// Bytes32Set
struct Bytes32Set {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(Bytes32Set storage set, bytes32 value) internal returns (bool) {
return _add(set._inner, value);
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(Bytes32Set storage set, bytes32 value) internal returns (bool) {
return _remove(set._inner, value);
}
/**
* @dev Removes all the values from a set. O(n).
*
* WARNING: Developers should keep in mind that this function has an unbounded cost and using it may render the
* function uncallable if the set grows to the point where clearing it consumes too much gas to fit in a block.
*/
function clear(Bytes32Set storage set) internal {
_clear(set._inner);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(Bytes32Set storage set, bytes32 value) internal view returns (bool) {
return _contains(set._inner, value);
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(Bytes32Set storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(Bytes32Set storage set, uint256 index) internal view returns (bytes32) {
return _at(set._inner, index);
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(Bytes32Set storage set) internal view returns (bytes32[] memory) {
bytes32[] memory store = _values(set._inner);
bytes32[] memory result;
assembly ("memory-safe") {
result := store
}
return result;
}
/**
* @dev Return a slice of the set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(Bytes32Set storage set, uint256 start, uint256 end) internal view returns (bytes32[] memory) {
bytes32[] memory store = _values(set._inner, start, end);
bytes32[] memory result;
assembly ("memory-safe") {
result := store
}
return result;
}
// AddressSet
struct AddressSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(AddressSet storage set, address value) internal returns (bool) {
return _add(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(AddressSet storage set, address value) internal returns (bool) {
return _remove(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Removes all the values from a set. O(n).
*
* WARNING: Developers should keep in mind that this function has an unbounded cost and using it may render the
* function uncallable if the set grows to the point where clearing it consumes too much gas to fit in a block.
*/
function clear(AddressSet storage set) internal {
_clear(set._inner);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(AddressSet storage set, address value) internal view returns (bool) {
return _contains(set._inner, bytes32(uint256(uint160(value))));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(AddressSet storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(AddressSet storage set, uint256 index) internal view returns (address) {
return address(uint160(uint256(_at(set._inner, index))));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(AddressSet storage set) internal view returns (address[] memory) {
bytes32[] memory store = _values(set._inner);
address[] memory result;
assembly ("memory-safe") {
result := store
}
return result;
}
/**
* @dev Return a slice of the set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(AddressSet storage set, uint256 start, uint256 end) internal view returns (address[] memory) {
bytes32[] memory store = _values(set._inner, start, end);
address[] memory result;
assembly ("memory-safe") {
result := store
}
return result;
}
// UintSet
struct UintSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(UintSet storage set, uint256 value) internal returns (bool) {
return _add(set._inner, bytes32(value));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(UintSet storage set, uint256 value) internal returns (bool) {
return _remove(set._inner, bytes32(value));
}
/**
* @dev Removes all the values from a set. O(n).
*
* WARNING: Developers should keep in mind that this function has an unbounded cost and using it may render the
* function uncallable if the set grows to the point where clearing it consumes too much gas to fit in a block.
*/
function clear(UintSet storage set) internal {
_clear(set._inner);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(UintSet storage set, uint256 value) internal view returns (bool) {
return _contains(set._inner, bytes32(value));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(UintSet storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(UintSet storage set, uint256 index) internal view returns (uint256) {
return uint256(_at(set._inner, index));
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(UintSet storage set) internal view returns (uint256[] memory) {
bytes32[] memory store = _values(set._inner);
uint256[] memory result;
assembly ("memory-safe") {
result := store
}
return result;
}
/**
* @dev Return a slice of the set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(UintSet storage set, uint256 start, uint256 end) internal view returns (uint256[] memory) {
bytes32[] memory store = _values(set._inner, start, end);
uint256[] memory result;
assembly ("memory-safe") {
result := store
}
return result;
}
struct StringSet {
// Storage of set values
string[] _values;
// Position is the index of the value in the `values` array plus 1.
// Position 0 is used to mean a value is not in the set.
mapping(string value => uint256) _positions;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(StringSet storage set, string memory value) internal returns (bool) {
if (!contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes
// and use 0 as a sentinel value
set._positions[value] = set._values.length;
return true;
} else {
return false;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(StringSet storage set, string memory value) internal returns (bool) {
// We cache the value's position to prevent multiple reads from the same storage slot
uint256 position = set._positions[value];
if (position != 0) {
// Equivalent to contains(set, value)
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in
// the array, and then remove the last element (sometimes called as 'swap and pop').
// This modifies the order of the array, as noted in {at}.
uint256 valueIndex = position - 1;
uint256 lastIndex = set._values.length - 1;
if (valueIndex != lastIndex) {
string memory lastValue = set._values[lastIndex];
// Move the lastValue to the index where the value to delete is
set._values[valueIndex] = lastValue;
// Update the tracked position of the lastValue (that was just moved)
set._positions[lastValue] = position;
}
// Delete the slot where the moved value was stored
set._values.pop();
// Delete the tracked position for the deleted slot
delete set._positions[value];
return true;
} else {
return false;
}
}
/**
* @dev Removes all the values from a set. O(n).
*
* WARNING: Developers should keep in mind that this function has an unbounded cost and using it may render the
* function uncallable if the set grows to the point where clearing it consumes too much gas to fit in a block.
*/
function clear(StringSet storage set) internal {
uint256 len = length(set);
for (uint256 i = 0; i < len; ++i) {
delete set._positions[set._values[i]];
}
Arrays.unsafeSetLength(set._values, 0);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(StringSet storage set, string memory value) internal view returns (bool) {
return set._positions[value] != 0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/
function length(StringSet storage set) internal view returns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(StringSet storage set, uint256 index) internal view returns (string memory) {
return set._values[index];
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(StringSet storage set) internal view returns (string[] memory) {
return set._values;
}
/**
* @dev Return a slice of the set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(StringSet storage set, uint256 start, uint256 end) internal view returns (string[] memory) {
unchecked {
end = Math.min(end, length(set));
start = Math.min(start, end);
uint256 len = end - start;
string[] memory result = new string[](len);
for (uint256 i = 0; i < len; ++i) {
result[i] = Arrays.unsafeAccess(set._values, start + i).value;
}
return result;
}
}
struct BytesSet {
// Storage of set values
bytes[] _values;
// Position is the index of the value in the `values` array plus 1.
// Position 0 is used to mean a value is not in the set.
mapping(bytes value => uint256) _positions;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(BytesSet storage set, bytes memory value) internal returns (bool) {
if (!contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes
// and use 0 as a sentinel value
set._positions[value] = set._values.length;
return true;
} else {
return false;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(BytesSet storage set, bytes memory value) internal returns (bool) {
// We cache the value's position to prevent multiple reads from the same storage slot
uint256 position = set._positions[value];
if (position != 0) {
// Equivalent to contains(set, value)
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in
// the array, and then remove the last element (sometimes called as 'swap and pop').
// This modifies the order of the array, as noted in {at}.
uint256 valueIndex = position - 1;
uint256 lastIndex = set._values.length - 1;
if (valueIndex != lastIndex) {
bytes memory lastValue = set._values[lastIndex];
// Move the lastValue to the index where the value to delete is
set._values[valueIndex] = lastValue;
// Update the tracked position of the lastValue (that was just moved)
set._positions[lastValue] = position;
}
// Delete the slot where the moved value was stored
set._values.pop();
// Delete the tracked position for the deleted slot
delete set._positions[value];
return true;
} else {
return false;
}
}
/**
* @dev Removes all the values from a set. O(n).
*
* WARNING: Developers should keep in mind that this function has an unbounded cost and using it may render the
* function uncallable if the set grows to the point where clearing it consumes too much gas to fit in a block.
*/
function clear(BytesSet storage set) internal {
uint256 len = length(set);
for (uint256 i = 0; i < len; ++i) {
delete set._positions[set._values[i]];
}
Arrays.unsafeSetLength(set._values, 0);
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(BytesSet storage set, bytes memory value) internal view returns (bool) {
return set._positions[value] != 0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/
function length(BytesSet storage set) internal view returns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(BytesSet storage set, uint256 index) internal view returns (bytes memory) {
return set._values[index];
}
/**
* @dev Return the entire set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(BytesSet storage set) internal view returns (bytes[] memory) {
return set._values;
}
/**
* @dev Return a slice of the set in an array
*
* WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
* to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
* this function has an unbounded cost, and using it as part of a state-changing function may render the function
* uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
*/
function values(BytesSet storage set, uint256 start, uint256 end) internal view returns (bytes[] memory) {
unchecked {
end = Math.min(end, length(set));
start = Math.min(start, end);
uint256 len = end - start;
bytes[] memory result = new bytes[](len);
for (uint256 i = 0; i < len; ++i) {
result[i] = Arrays.unsafeAccess(set._values, start + i).value;
}
return result;
}
}
}
AddressLib.sol 12 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
library AddressLib {
function toAddress(bytes32 _bytes) internal pure returns (address) {
return address(uint160(uint256(_bytes)));
}
function toBytes32(address _addr) internal pure returns (bytes32) {
return bytes32(uint256(uint160(_addr)));
}
}
Errors.sol 86 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { ContractType } from "./Types.sol";
abstract contract Errors {
error CallerNotVaultComposer();
error CallerNotAccountingReceiver();
error CallerNotStrategyManager();
error ImportCollision();
error Paused();
error FailedToFetchUnderlyingDecimals();
error FunctionDisabled();
error ZeroAddress();
error MessageTypeNotSupported();
error GuidAlreadyProcessed(bytes32 guid);
error LengthMismatch();
error EmptyArray();
error ImplNotContract();
error AlreadyDeployed();
error AlreadyInitialized();
error AlreadyFulfilled();
error AlreadyCanceled();
error ProxyNotSet();
error ProxyNotMatching(address proxy, address predicted);
error ProxyInfoAlreadyAdded();
error OnlyBridgeRouterAllowed();
error OnlyBridgeOperatorAllowed();
error OnlyNative();
error InvalidContractType();
error InvalidSharedDecimals();
error InvalidLocalDecimals();
error InvalidMessageLength();
error InvalidSendParameters();
error InvalidComposeOptionValue();
error UndefinedEidToChainId();
error UndefinedChainIdToEid();
error UndefinedWindow();
error UndefinedOAppOwner();
error UndefinedOAppDelegate();
error UndefinedAdmin();
error UndefinedBridgeRouter();
error UndefinedUnderlying();
error UndefinedImplementation(ContractType contractType);
error ChainIdAlreadyMapped();
error NotEnoughValueToPayFees();
error MsgValueNotZero();
error NotInitiatorRequest();
error SecondHopFeeNonZero();
error NotEnoughFee();
error NotEnoughSecondHopFee();
error NotEnoughNative();
error FeeNonZero();
error DestNotRegistered();
error DestNotInCluster();
error DestDoNotSupportAsset();
error StrategyNotAllowed();
error StrategyAlreadyAllowed();
error StrategyHasBalance();
error MinShareAmountNotMet();
error MinUnderlyingAmountNotMet();
error AmountSDOverflowed(uint256 amountSD);
error WrongVault();
error OnlySelf();
error AccountingReceiverNotSet();
error RefundFailed();
error ExtraFeesNotMatchingMsgValue();
error MinAmountNotMet();
error WithdrawalUnderThreshold();
}
OFTAdapterUpgradeable.sol 161 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import {
IERC20Metadata,
IERC20
} from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { SafeERC20 } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import { IOFT, OFTCoreUpgradeable } from "./OFTCoreUpgradeable.sol";
/// @title OFTAdapter Contract
/// @dev OFTAdapter is a contract that adapts an ERC-20 token to the OFT functionality.
///
/// @dev For existing ERC20 tokens, this can be used to convert the token to crosschain compatibility.
/// @dev WARNING: ONLY 1 of these should exist for a given global mesh,
/// unless you make a NON-default implementation of OFT and needs to be done very carefully.
/// @dev WARNING: The default OFTAdapter implementation assumes LOSSLESS transfers, ie. 1 token in, 1 token out.
/// IF the 'innerToken' applies something like a transfer fee, the default will NOT work...
/// a pre/post balance check will need to be done to calculate the amountSentLD/amountReceivedLD.
/*
* Diff description:
* - Solidity compiler pinned to 0.8.30.
* - Replaces immutable `innerToken` with upgrade-safe storage slot (`OFTAdapterStorage`) and accessor.
* - Constructor now only accepts `_lzEndpoint`; token address & shared decimals supplied in initializer.
* - `__OFTAdapter_init` takes `_innerToken`, `_sharedDecimals`, `_delegate`; stores token via `__OFTAdapter_init_unchained`.
* - Adds `innerToken()` view helper; `token()`, `_debit()`, `_credit()` route through it.
*/
abstract contract OFTAdapterUpgradeable is OFTCoreUpgradeable {
using SafeERC20 for IERC20;
struct OFTAdapterStorage {
IERC20 innerToken;
}
// keccak256(abi.encode(uint256(keccak256("zircuit.finance.storage.OFTAdapter")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant OFT_ADAPTER_STORAGE_LOCATION =
0x57cf91c52cfebf7b3bcbf651e7cb2c8d2dd785d9eb964e1ae51ca2c2608f2f00;
function _getOFTAdapterStorage()
internal
pure
returns (OFTAdapterStorage storage $)
{
assembly {
$.slot := OFT_ADAPTER_STORAGE_LOCATION
}
}
/**
* @dev Constructor for the OFTAdapter contract.
* @param _lzEndpoint The LayerZero endpoint address.
*/
constructor(address _lzEndpoint) OFTCoreUpgradeable(_lzEndpoint) {}
/**
* @notice Initializes the OFT adapter around an existing ERC-20 token.
* @dev initializes the underlying OFT core using the inner token’s decimals and
* stores the token address.
* @param _innerToken ERC-20 token to adapt for cross-chain transfers.
* @param _sharedDecimals Shared cross-chain decimal precision (SD) used by the mesh.
* @param _delegate Address allowed to manage LayerZero endpoint configuration.
*/
function __OFTAdapter_init(
address _innerToken,
uint8 _sharedDecimals,
address _delegate
) internal onlyInitializing {
__OFTCore_init(
_delegate,
IERC20Metadata(_innerToken).decimals(),
_sharedDecimals
);
__OFTAdapter_init_unchained(_innerToken);
}
/**
* @notice stores the ERC-20 token instance for the adapter.
* @param _innerToken ERC-20 token to wrap.
*/
function __OFTAdapter_init_unchained(
address _innerToken
) internal onlyInitializing {
OFTAdapterStorage storage $ = _getOFTAdapterStorage();
$.innerToken = IERC20(_innerToken);
}
function innerToken() public view returns (IERC20) {
return _getOFTAdapterStorage().innerToken;
}
/**
* @dev Retrieves the address of the underlying ERC20 implementation.
* @return The address of the adapted ERC-20 token.
* @dev In the case of OFTAdapter, address(this) and erc20 are NOT the same contract.
*/
function token() public view returns (address) {
return address(_getOFTAdapterStorage().innerToken);
}
/**
* @notice Indicates whether the OFT contract requires approval of the 'token()' to send.
* @return requiresApproval Needs approval of the underlying token implementation.
* @dev In the case of default OFTAdapter, approval is required.
* @dev In non-default OFTAdapter contracts with something like mint and burn privileges, it would NOT need approval.
*/
function approvalRequired() external pure virtual returns (bool) {
return true;
}
/**
* @dev Burns tokens from the sender's specified balance, ie. pull method.
* @param _from The address to debit from.
* @param _amountLD The amount of tokens to send in local decimals.
* @param _minAmountLD The minimum amount to send in local decimals.
* @param _dstEid The destination chain ID.
* @return amountSentLD The amount sent in local decimals.
* @return amountReceivedLD The amount received in local decimals on the remote.
* @dev msg.sender will need to approve this _amountLD of tokens to be locked inside of the contract.
* @dev WARNING: The default OFTAdapter implementation assumes LOSSLESS transfers, ie. 1 token in, 1 token out.
* IF the 'innerToken' applies something like a transfer fee, the default will NOT work...
* a pre/post balance check will need to be done to calculate the amountReceivedLD.
*/
function _debit(
address _from,
uint256 _amountLD,
uint256 _minAmountLD,
uint32 _dstEid
)
internal
virtual
override
returns (uint256 amountSentLD, uint256 amountReceivedLD)
{
(amountSentLD, amountReceivedLD) = _debitView(
_amountLD,
_minAmountLD,
_dstEid
);
// @dev Lock tokens by moving them into this contract from the caller.
innerToken().safeTransferFrom(_from, address(this), amountSentLD);
}
/**
* @dev Credits tokens to the specified address.
* @param _to The address to credit the tokens to.
* @param _amountLD The amount of tokens to credit in local decimals.
* @dev _srcEid The source chain ID.
* @return amountReceivedLD The amount of tokens ACTUALLY received in local decimals.
* @dev WARNING: The default OFTAdapter implementation assumes LOSSLESS transfers, ie. 1 token in, 1 token out.
* IF the 'innerToken' applies something like a transfer fee, the default will NOT work...
* a pre/post balance check will need to be done to calculate the amountReceivedLD.
*/
function _credit(
address _to,
uint256 _amountLD,
uint32 /*_srcEid*/
) internal virtual override returns (uint256 amountReceivedLD) {
// @dev Unlock the tokens and transfer to the recipient.
innerToken().safeTransfer(_to, _amountLD);
// @dev In the case of NON-default OFTAdapter, the amountLD MIGHT not be == amountReceivedLD.
return _amountLD;
}
}
OFTCoreUpgradeable.sol 620 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import {
IOFT,
SendParam,
OFTLimit,
OFTReceipt,
OFTFeeDetail,
MessagingReceipt,
MessagingFee
} from "@layerzerolabs/oft-evm/contracts/interfaces/IOFT.sol";
import {
OAppUpgradeable,
Origin
} from "@layerzerolabs/oapp-evm-upgradeable/contracts/oapp/OAppUpgradeable.sol";
import { OAppOptionsType3Upgradeable } from "@layerzerolabs/oapp-evm-upgradeable/contracts/oapp/libs/OAppOptionsType3Upgradeable.sol";
import { IOAppMsgInspector } from "@layerzerolabs/oapp-evm/contracts/oapp/interfaces/IOAppMsgInspector.sol";
import { OAppPreCrimeSimulatorUpgradeable } from "@layerzerolabs/oapp-evm-upgradeable/contracts/precrime/OAppPreCrimeSimulatorUpgradeable.sol";
import { OFTMsgCodec } from "@layerzerolabs/oft-evm/contracts/libs/OFTMsgCodec.sol";
import { OFTComposeMsgCodec } from "@layerzerolabs/oft-evm/contracts/libs/OFTComposeMsgCodec.sol";
import { Initializable } from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
/**
* @title OFTCore
* @dev Abstract contract for the OftChain (OFT) token.
*/
/*
* Diff description:
* - Pins Solidity to 0.8.30 and pulls in OZ Initializable for the new initializer workflow.
* - Extends OFTCoreStorage with decimalConversionRate/sharedDecimals and swaps to the zircuit-specific storage slot id.
* - Removes constructor decimals arg; __OFTCore_init/__OFTCore_init_unchained now take _localDecimals & _sharedDecimals, validate them, and persist the conversion data.
* - Replaces the immutable decimalConversionRate with a storage-backed getter and makes sharedDecimals() return the stored value instead of the hard-coded.
* - _removeDust, _toLD, and _toSD updated to read the conversion rate via the new getter.
* - Adds composeFromOverride storage plus `_encode` helper so callers can temporarily override the compose sender,
* letting withdrawal-manager flows preserve the original initiator as the composeFrom.
*/
abstract contract OFTCoreUpgradeable is
IOFT,
OAppUpgradeable,
OAppPreCrimeSimulatorUpgradeable,
OAppOptionsType3Upgradeable
{
using OFTMsgCodec for bytes;
using OFTMsgCodec for bytes32;
struct OFTCoreStorage {
// Address of an optional contract to inspect both 'message' and 'options'
address msgInspector;
// @notice Provides a conversion rate when swapping between denominations of SD and LD
// - shareDecimals == SD == shared Decimals
// - localDecimals == LD == local decimals
// @dev Considers that tokens have different decimal amounts on various chains.
// @dev eg.
// For a token
// - locally with 4 decimals --> 1.2345 => uint(12345)
// - remotely with 2 decimals --> 1.23 => uint(123)
// - The conversion rate would be 10 ** (4 - 2) = 100
// @dev If you want to send 1.2345 -> (uint 12345), you CANNOT represent that value on the remote,
// you can only display 1.23 -> uint(123).
// @dev To preserve the dust that would otherwise be lost on that conversion,
// we need to unify a denomination that can be represented on ALL chains inside of the OFT mesh
uint256 decimalConversionRate;
uint8 sharedDecimals;
address composeFromOverride;
}
// keccak256(abi.encode(uint256(keccak256("zircuit.finance.storage.OFTCore")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant OFT_CORE_STORAGE_LOCATION =
0xa2a8014020eeeaa605851c6a4e888a34174932ab0ce9b5b70347fb4c1bc67500;
// @notice Msg types that are used to identify the various OFT operations.
// @dev This can be extended in child contracts for non-default oft operations
// @dev These values are used in things like combineOptions() in OAppOptionsType3.sol.
uint16 public constant SEND = 1;
uint16 public constant SEND_AND_CALL = 2;
event MsgInspectorSet(address inspector);
function _getOFTCoreStorage()
internal
pure
returns (OFTCoreStorage storage $)
{
assembly {
$.slot := OFT_CORE_STORAGE_LOCATION
}
}
/**
* @dev Constructor.
* @param _endpoint The address of the LayerZero endpoint.
*/
constructor(address _endpoint) OAppUpgradeable(_endpoint) {}
/**
* @notice Initializes shared LayerZero state for the OFT core.
* @dev Registers the delegate with the endpoint, bootstraps inherited OApp
* modules, and forwards decimal configuration to the unchained initializer.
* @param _delegate Address authorized to adjust LayerZero endpoint settings.
* @param _localDecimals Local token precision (LD) for this chain.
* @param _sharedDecimals Common precision (SD) used across all OFT deployments.
*/
function __OFTCore_init(
address _delegate,
uint8 _localDecimals,
uint8 _sharedDecimals
) internal onlyInitializing {
__OApp_init(_delegate);
__OAppPreCrimeSimulator_init();
__OAppOptionsType3_init();
__OFTCore_init_unchained(_localDecimals, _sharedDecimals);
}
/**
* @notice Calculate `decimalConversionRate` and saves the shared decimal value.
* @dev Reverts with `InvalidLocalDecimals()` when `_localDecimals` is smaller
* than `_sharedDecimals`. Stores the SD value and calculates the LD↔SD
* conversion rate
* @param _localDecimals Local token precision (LD).
* @param _sharedDecimals Shared cross-chain precision (SD).
*/
function __OFTCore_init_unchained(
uint8 _localDecimals,
uint8 _sharedDecimals
) internal onlyInitializing {
OFTCoreStorage storage $ = _getOFTCoreStorage();
if (_localDecimals < _sharedDecimals) revert InvalidLocalDecimals();
$.sharedDecimals = _sharedDecimals;
$.decimalConversionRate = 10 ** (_localDecimals - _sharedDecimals);
}
/**
* @notice Retrieves interfaceID and the version of the OFT.
* @return interfaceId The interface ID.
* @return version The version.
*
* @dev interfaceId: This specific interface ID is '0x02e49c2c'.
* @dev version: Indicates a cross-chain compatible msg encoding with other OFTs.
* @dev If a new feature is added to the OFT cross-chain msg encoding, the version will be incremented.
* ie. localOFT version(x,1) CAN send messages to remoteOFT version(x,1)
*/
function oftVersion()
external
pure
virtual
returns (bytes4 interfaceId, uint64 version)
{
return (type(IOFT).interfaceId, 1);
}
function decimalConversionRate() public view returns (uint256) {
return _getOFTCoreStorage().decimalConversionRate;
}
/**
* @dev Retrieves the shared decimals of the OFT.
* @return The shared decimals of the OFT.
*
* @dev Sets an implicit cap on the amount of tokens, over uint64.max() will need some sort of outbound cap / totalSupply cap
* Lowest common decimal denominator between chains.
* Defaults to 6 decimal places to provide up to 18,446,744,073,709.551615 units (max uint64).
* For tokens exceeding this totalSupply(), they will need to override the sharedDecimals function with something smaller.
* ie. 4 sharedDecimals would be 1,844,674,407,370,955.1615
*/
function sharedDecimals() public view returns (uint8) {
return _getOFTCoreStorage().sharedDecimals;
}
function msgInspector() public view returns (address) {
OFTCoreStorage storage $ = _getOFTCoreStorage();
return $.msgInspector;
}
/**
* @dev Sets the message inspector address for the OFT.
* @param _msgInspector The address of the message inspector.
*
* @dev This is an optional contract that can be used to inspect both 'message' and 'options'.
* @dev Set it to address(0) to disable it, or set it to a contract address to enable it.
*/
function setMsgInspector(address _msgInspector) public virtual onlyOwner {
OFTCoreStorage storage $ = _getOFTCoreStorage();
$.msgInspector = _msgInspector;
emit MsgInspectorSet(_msgInspector);
}
/**
* @notice Provides a quote for OFT-related operations.
* @param _sendParam The parameters for the send operation.
* @return oftLimit The OFT limit information.
* @return oftFeeDetails The details of OFT fees.
* @return oftReceipt The OFT receipt information.
*/
function quoteOFT(
SendParam calldata _sendParam
)
external
view
virtual
returns (
OFTLimit memory oftLimit,
OFTFeeDetail[] memory oftFeeDetails,
OFTReceipt memory oftReceipt
)
{
uint256 minAmountLD = 0; // Unused in the default implementation.
uint256 maxAmountLD = type(uint256).max; // Unused in the default implementation.
oftLimit = OFTLimit(minAmountLD, maxAmountLD);
// Unused in the default implementation; reserved for future complex fee details.
oftFeeDetails = new OFTFeeDetail[](0);
// @dev This is the same as the send() operation, but without the actual send.
// - amountSentLD is the amount in local decimals that would be sent from the sender.
// - amountReceivedLD is the amount in local decimals that will be credited to the recipient on the remote OFT instance.
// @dev The amountSentLD MIGHT not equal the amount the user actually receives. HOWEVER, the default does.
(uint256 amountSentLD, uint256 amountReceivedLD) = _debitView(
_sendParam.amountLD,
_sendParam.minAmountLD,
_sendParam.dstEid
);
oftReceipt = OFTReceipt(amountSentLD, amountReceivedLD);
}
/**
* @notice Provides a quote for the send() operation.
* @param _sendParam The parameters for the send() operation.
* @param _payInLzToken Flag indicating whether the caller is paying in the LZ token.
* @return msgFee The calculated LayerZero messaging fee from the send() operation.
*
* @dev MessagingFee: LayerZero msg fee
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
*/
function quoteSend(
SendParam calldata _sendParam,
bool _payInLzToken
) external view virtual returns (MessagingFee memory msgFee) {
// @dev mock the amount to receive, this is the same operation used in the send().
// The quote is as similar as possible to the actual send() operation.
(, uint256 amountReceivedLD) = _debitView(
_sendParam.amountLD,
_sendParam.minAmountLD,
_sendParam.dstEid
);
// @dev Builds the options and OFT message to quote in the endpoint.
(bytes memory message, bytes memory options) = _buildMsgAndOptions(
_sendParam,
amountReceivedLD
);
// @dev Calculates the LayerZero fee for the send() operation.
return _quote(_sendParam.dstEid, message, options, _payInLzToken);
}
/**
* @dev Executes the send operation.
* @param _sendParam The parameters for the send operation.
* @param _fee The calculated fee for the send() operation.
* - nativeFee: The native fee.
* - lzTokenFee: The lzToken fee.
* @param _refundAddress The address to receive any excess funds.
* @return msgReceipt The receipt for the send operation.
* @return oftReceipt The OFT receipt information.
*
* @dev MessagingReceipt: LayerZero msg receipt
* - guid: The unique identifier for the sent message.
* - nonce: The nonce of the sent message.
* - fee: The LayerZero fee incurred for the message.
*/
function send(
SendParam calldata _sendParam,
MessagingFee calldata _fee,
address _refundAddress
)
external
payable
virtual
returns (
MessagingReceipt memory msgReceipt,
OFTReceipt memory oftReceipt
)
{
return _send(_sendParam, _fee, _refundAddress);
}
/**
* @dev Internal function to execute send operations.
* @param _sendParam The parameters for the send operation.
* @param _fee The calculated LayerZero messaging fee from the send() operation.
* @param _refundAddress The address to receive any excess funds from LayerZero fees.
* @return msgReceipt The receipt from the LayerZero messaging library.
* @return oftReceipt The OFT receipt information.
*/
function _send(
SendParam calldata _sendParam,
MessagingFee calldata _fee,
address _refundAddress
)
internal
virtual
returns (
MessagingReceipt memory msgReceipt,
OFTReceipt memory oftReceipt
)
{
// @dev Applies the token transfers regarding this send() operation.
// - amountSentLD is the amount in local decimals that was ACTUALLY sent/debited from the sender.
// - amountReceivedLD is the amount in local decimals that will be received/credited to the recipient on the remote OFT instance.
(uint256 amountSentLD, uint256 amountReceivedLD) = _debit(
msg.sender,
_sendParam.amountLD,
_sendParam.minAmountLD,
_sendParam.dstEid
);
// @dev Builds the options and OFT message to quote in the endpoint.
(bytes memory message, bytes memory options) = _buildMsgAndOptions(
_sendParam,
amountReceivedLD
);
// @dev Sends the message to the LayerZero endpoint and returns the LayerZero msg receipt.
msgReceipt = _lzSend(
_sendParam.dstEid,
message,
options,
_fee,
_refundAddress
);
// @dev Formulate the OFT receipt.
oftReceipt = OFTReceipt(amountSentLD, amountReceivedLD);
emit OFTSent(
msgReceipt.guid,
_sendParam.dstEid,
msg.sender,
amountSentLD,
amountReceivedLD
);
}
/**
* @dev Internal function to build the message and options.
* @param _sendParam The parameters for the send() operation.
* @param _amountLD The amount in local decimals.
* @return message The encoded message.
* @return options The encoded options.
*/
function _buildMsgAndOptions(
SendParam calldata _sendParam,
uint256 _amountLD
)
internal
view
virtual
returns (bytes memory message, bytes memory options)
{
bool hasCompose;
// @dev This generated message has the msg.sender encoded into the payload so the remote knows who the caller is.
(message, hasCompose) = _encode(
_sendParam.to,
_toSD(_amountLD),
// @dev Must be include a non empty bytes if you want to compose, EVEN if you dont need it on the remote.
// EVEN if you dont require an arbitrary payload to be sent... eg. '0x01'
_sendParam.composeMsg
);
// @dev Change the msg type depending if its composed or not.
uint16 msgType = hasCompose ? SEND_AND_CALL : SEND;
// @dev Combine the callers _extraOptions with the enforced options via the OAppOptionsType3.
options = combineOptions(
_sendParam.dstEid,
msgType,
_sendParam.extraOptions
);
OFTCoreStorage storage $ = _getOFTCoreStorage();
// @dev Optionally inspect the message and options depending if the OApp owner has set a msg inspector.
// @dev If it fails inspection, needs to revert in the implementation. ie. does not rely on return boolean
address inspector = $.msgInspector; // caches the msgInspector to avoid potential double storage read
if (inspector != address(0))
IOAppMsgInspector(inspector).inspect(message, options);
}
/**
* @dev Encodes an OFT LayerZero message.
* @param _sendTo The recipient address.
* @param _amountShared The amount in shared decimals.
* @param _composeMsg The composed message.
* @return _msg The encoded message.
* @return hasCompose A boolean indicating whether the message has a composed payload.
*/
function _encode(
bytes32 _sendTo,
uint64 _amountShared,
bytes memory _composeMsg
) internal view returns (bytes memory _msg, bool hasCompose) {
hasCompose = _composeMsg.length > 0;
// @dev Remote chains will want to know the composed function caller ie. msg.sender on the src.
address composeFromOverride = _getOFTCoreStorage().composeFromOverride;
address composeFrom = composeFromOverride != address(0)
? composeFromOverride
: msg.sender;
_msg = hasCompose
? abi.encodePacked(
_sendTo,
_amountShared,
OFTMsgCodec.addressToBytes32(composeFrom),
_composeMsg
)
: abi.encodePacked(_sendTo, _amountShared);
}
/**
* @dev Internal function to handle the receive on the LayerZero endpoint.
* @param _origin The origin information.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address from the src chain.
* - nonce: The nonce of the LayerZero message.
* @param _guid The unique identifier for the received LayerZero message.
* @param _message The encoded message.
* @dev _executor The address of the executor.
* @dev _extraData Additional data.
*/
function _lzReceive(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address /*_executor*/, // @dev unused in the default implementation.
bytes calldata /*_extraData*/ // @dev unused in the default implementation.
) internal virtual override {
// @dev The src sending chain doesnt know the address length on this chain (potentially non-evm)
// Thus everything is bytes32() encoded in flight.
address toAddress = _message.sendTo().bytes32ToAddress();
// @dev Credit the amountLD to the recipient and return the ACTUAL amount the recipient received in local decimals
uint256 amountReceivedLD = _credit(
toAddress,
_toLD(_message.amountSD()),
_origin.srcEid
);
if (_message.isComposed()) {
// @dev Proprietary composeMsg format for the OFT.
bytes memory composeMsg = OFTComposeMsgCodec.encode(
_origin.nonce,
_origin.srcEid,
amountReceivedLD,
_message.composeMsg()
);
// @dev Stores the lzCompose payload that will be executed in a separate tx.
// Standardizes functionality for executing arbitrary contract invocation on some non-evm chains.
// @dev The off-chain executor will listen and process the msg based on the src-chain-callers compose options passed.
// @dev The index is used when a OApp needs to compose multiple msgs on lzReceive.
// For default OFT implementation there is only 1 compose msg per lzReceive, thus its always 0.
endpoint.sendCompose(
toAddress,
_guid,
0 /* the index of the composed message*/,
composeMsg
);
}
emit OFTReceived(_guid, _origin.srcEid, toAddress, amountReceivedLD);
}
/**
* @dev Internal function to handle the OAppPreCrimeSimulator simulated receive.
* @param _origin The origin information.
* - srcEid: The source chain endpoint ID.
* - sender: The sender address from the src chain.
* - nonce: The nonce of the LayerZero message.
* @param _guid The unique identifier for the received LayerZero message.
* @param _message The LayerZero message.
* @param _executor The address of the off-chain executor.
* @param _extraData Arbitrary data passed by the msg executor.
*
* @dev Enables the preCrime simulator to mock sending lzReceive() messages,
* routes the msg down from the OAppPreCrimeSimulator, and back up to the OAppReceiver.
*/
function _lzReceiveSimulate(
Origin calldata _origin,
bytes32 _guid,
bytes calldata _message,
address _executor,
bytes calldata _extraData
) internal virtual override {
_lzReceive(_origin, _guid, _message, _executor, _extraData);
}
/**
* @dev Check if the peer is considered 'trusted' by the OApp.
* @param _eid The endpoint ID to check.
* @param _peer The peer to check.
* @return Whether the peer passed is considered 'trusted' by the OApp.
*
* @dev Enables OAppPreCrimeSimulator to check whether a potential Inbound Packet is from a trusted source.
*/
function isPeer(
uint32 _eid,
bytes32 _peer
) public view virtual override returns (bool) {
return peers(_eid) == _peer;
}
/**
* @dev Internal function to remove dust from the given local decimal amount.
* @param _amountLD The amount in local decimals.
* @return amountLD The amount after removing dust.
*
* @dev Prevents the loss of dust when moving amounts between chains with different decimals.
* @dev eg. uint(123) with a conversion rate of 100 becomes uint(100).
*/
function _removeDust(
uint256 _amountLD
) internal view virtual returns (uint256 amountLD) {
uint256 _decimalConversionRate = decimalConversionRate();
return (_amountLD / _decimalConversionRate) * _decimalConversionRate;
}
/**
* @dev Internal function to convert an amount from shared decimals into local decimals.
* @param _amountSD The amount in shared decimals.
* @return amountLD The amount in local decimals.
*/
function _toLD(
uint64 _amountSD
) internal view virtual returns (uint256 amountLD) {
return _amountSD * decimalConversionRate();
}
/**
* @dev Internal function to convert an amount from local decimals into shared decimals.
* @param _amountLD The amount in local decimals.
* @return amountSD The amount in shared decimals.
*
* @dev Reverts if the _amountLD in shared decimals overflows uint64.
* @dev eg. uint(2**64 + 123) with a conversion rate of 1 wraps around 2**64 to uint(123).
*/
function _toSD(
uint256 _amountLD
) internal view virtual returns (uint64 amountSD) {
uint256 _amountSD = _amountLD / decimalConversionRate();
if (_amountSD > type(uint64).max) revert AmountSDOverflowed(_amountSD);
return uint64(_amountSD);
}
/**
* @dev Internal function to mock the amount mutation from a OFT debit() operation.
* @param _amountLD The amount to send in local decimals.
* @param _minAmountLD The minimum amount to send in local decimals.
* @dev _dstEid The destination endpoint ID.
* @return amountSentLD The amount sent, in local decimals.
* @return amountReceivedLD The amount to be received on the remote chain, in local decimals.
*
* @dev This is where things like fees would be calculated and deducted from the amount to be received on the remote.
*/
function _debitView(
uint256 _amountLD,
uint256 _minAmountLD,
uint32 /*_dstEid*/
)
internal
view
virtual
returns (uint256 amountSentLD, uint256 amountReceivedLD)
{
// @dev Remove the dust so nothing is lost on the conversion between chains with different decimals for the token.
amountSentLD = _removeDust(_amountLD);
// @dev The amount to send is the same as amount received in the default implementation.
amountReceivedLD = amountSentLD;
// @dev Check for slippage.
if (amountReceivedLD < _minAmountLD) {
revert SlippageExceeded(amountReceivedLD, _minAmountLD);
}
}
/**
* @dev Internal function to perform a debit operation.
* @param _from The address to debit from.
* @param _amountLD The amount to send in local decimals.
* @param _minAmountLD The minimum amount to send in local decimals.
* @param _dstEid The destination endpoint ID.
* @return amountSentLD The amount sent in local decimals.
* @return amountReceivedLD The amount received in local decimals on the remote.
*
* @dev Defined here but are intended to be overriden depending on the OFT implementation.
* @dev Depending on OFT implementation the _amountLD could differ from the amountReceivedLD.
*/
function _debit(
address _from,
uint256 _amountLD,
uint256 _minAmountLD,
uint32 _dstEid
) internal virtual returns (uint256 amountSentLD, uint256 amountReceivedLD);
/**
* @dev Internal function to perform a credit operation.
* @param _to The address to credit.
* @param _amountLD The amount to credit in local decimals.
* @param _srcEid The source endpoint ID.
* @return amountReceivedLD The amount ACTUALLY received in local decimals.
*
* @dev Defined here but are intended to be overriden depending on the OFT implementation.
* @dev Depending on OFT implementation the _amountLD could differ from the amountReceivedLD.
*/
function _credit(
address _to,
uint256 _amountLD,
uint32 _srcEid
) internal virtual returns (uint256 amountReceivedLD);
}
OFTUpgradeable.sol 120 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { ERC20Upgradeable } from "@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol";
import { IOFT, OFTCoreUpgradeable } from "./OFTCoreUpgradeable.sol";
/**
* @title OFT Contract
* @dev OFT is an ERC-20 token that extends the functionality of the OFTCore contract.
*/
/*
* Diff description:
* - Pins Solidity to 0.8.30.
* - Updates constructor to forward only _lzEndpoint to OFTCoreUpgradeable; token decimals now come from the initializer.
* - Extends __OFT_init to accept _decimals and _sharedDecimals and forwards both to __OFTCore_init alongside _delegate.
*/
abstract contract OFTUpgradeable is OFTCoreUpgradeable, ERC20Upgradeable {
/**
* @dev Constructor for the OFT contract.
* @param _lzEndpoint The LayerZero endpoint address.
*/
constructor(address _lzEndpoint) OFTCoreUpgradeable(_lzEndpoint) {}
/**
* @dev Initializes the OFT with the provided name, symbol, and delegate.
* @param _name The name of the OFT.
* @param _symbol The symbol of the OFT.
* @param _delegate The delegate capable of making OApp configurations inside of the endpoint.
*
* @dev The delegate typically should be set as the owner of the contract.
* @dev Ownable is not initialized here on purpose. It should be initialized in the child contract to
* accommodate the different version of Ownable.
*/
function __OFT_init(
string memory _name,
string memory _symbol,
uint8 _decimals,
uint8 _sharedDecimals,
address _delegate
) internal onlyInitializing {
__ERC20_init(_name, _symbol);
__OFTCore_init(_delegate, _decimals, _sharedDecimals);
}
function __OFT_init_unchained() internal onlyInitializing {}
/**
* @dev Retrieves the address of the underlying ERC20 implementation.
* @return The address of the OFT token.
*
* @dev In the case of OFT, address(this) and erc20 are the same contract.
*/
function token() public view returns (address) {
return address(this);
}
/**
* @notice Indicates whether the OFT contract requires approval of the 'token()' to send.
* @return requiresApproval Needs approval of the underlying token implementation.
*
* @dev In the case of OFT where the contract IS the token, approval is NOT required.
*/
function approvalRequired() external pure virtual returns (bool) {
return false;
}
/**
* @dev Burns tokens from the sender's specified balance.
* @param _from The address to debit the tokens from.
* @param _amountLD The amount of tokens to send in local decimals.
* @param _minAmountLD The minimum amount to send in local decimals.
* @param _dstEid The destination chain ID.
* @return amountSentLD The amount sent in local decimals.
* @return amountReceivedLD The amount received in local decimals on the remote.
*/
function _debit(
address _from,
uint256 _amountLD,
uint256 _minAmountLD,
uint32 _dstEid
)
internal
virtual
override
returns (uint256 amountSentLD, uint256 amountReceivedLD)
{
(amountSentLD, amountReceivedLD) = _debitView(
_amountLD,
_minAmountLD,
_dstEid
);
// @dev In NON-default OFT, amountSentLD could be 100, with a 10% fee, the amountReceivedLD amount is 90,
// therefore amountSentLD CAN differ from amountReceivedLD.
// @dev Default OFT burns on src.
_burn(_from, amountSentLD);
}
/**
* @dev Credits tokens to the specified address.
* @param _to The address to credit the tokens to.
* @param _amountLD The amount of tokens to credit in local decimals.
* @dev _srcEid The source chain ID.
* @return amountReceivedLD The amount of tokens ACTUALLY received in local decimals.
*/
function _credit(
address _to,
uint256 _amountLD,
uint32 /*_srcEid*/
) internal virtual override returns (uint256 amountReceivedLD) {
if (_to == address(0x0)) _to = address(0xdead); // _mint(...) does not support address(0x0)
// @dev Default OFT mints on dst.
_mint(_to, _amountLD);
// @dev In the case of NON-default OFT, the _amountLD MIGHT not be == amountReceivedLD.
return _amountLD;
}
}
Roles.sol 31 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
abstract contract Roles {
bytes32 public constant UPGRADE_MANAGER = keccak256("UPGRADE_MANAGER");
bytes32 public constant PAUSE_MANAGER = keccak256("PAUSE_MANAGER");
bytes32 public constant UNPAUSE_MANAGER = keccak256("UNPAUSE_MANAGER");
bytes32 public constant BRIDGE_GATEWAY_OPERATOR =
keccak256("BRIDGE_GATEWAY_OPERATOR");
bytes32 public constant BRIDGE_GATEWAY_SETTER =
keccak256("BRIDGE_GATEWAY_SETTER");
bytes32 public constant WITHDRAWAL_MANAGER =
keccak256("WITHDRAWAL_MANAGER");
bytes32 public constant ALLOCATION_MANAGER =
keccak256("ALLOCATION_MANAGER");
bytes32 public constant REPORTING_MANAGER = keccak256("REPORTING_MANAGER");
bytes32 public constant STRATEGY_MANAGER = keccak256("STRATEGY_MANAGER");
/// @notice Role required to update global registry configuration (owners, bridge, assets).
bytes32 public constant SETTER_ROLE = keccak256("SETTER_ROLE");
/// @notice Role required to deploy new proxies via {BaseFactory._deployContractType}.
bytes32 public constant DEPLOYER_ROLE = keccak256("DEPLOYER_ROLE");
}
Types.sol 253 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import {
SendParam,
OFTReceipt,
MessagingReceipt,
MessagingFee
} from "@layerzerolabs/oft-evm/contracts/interfaces/IOFT.sol";
/**
* @notice Enumerates deployable contract categories tracked by the factory.
*/
enum ContractType {
UNDERLYING_OFT,
UNDERLYING_OFT_ADAPTER,
VAULT,
VAULT_TOKEN,
VAULT_COMPOSER,
STRATEGY_MANAGER,
ACCOUNTING_RECEIVER,
PLACEHOLDER // note: leave last
}
/**
* @notice Initialization parameters for an UnderlyingOFTAdapter deployment.
* @param clusterName Cluster identifier shared by contracts in the deployment.
* @param underlyingSymbol Predefined Symbol of the underlying asset (found in vault.config.ts).
* @param underlyingToken Address of the underlying ERC20 asset.
* @param bridgeRouter Bridge router contract authorized to move funds.
* @param vaultComposer Bytes32-encoded vault composer contract address used for cross-chain orchestration.
* @param vaultComposerEid LayerZero endpoint id for the vault composer chain.
* @param sharedDecimals Shared decimals used in OFT transfers (<=6).
* @param oAppOwner Address that receives Ownable ownership of the OApp.
* @param oAppDelegate LayerZero delegate used to configure the OApp parameters on the local LayerZero endpoint.
* @param defaultAdmin Address assigned the DEFAULT_ADMIN_ROLE.
*/
struct UnderlyingOFTAdapterParams {
string clusterName;
string underlyingSymbol;
address underlyingToken;
address bridgeRouter;
bytes32 vaultComposer;
uint32 vaultComposerEid;
uint8 sharedDecimals;
address oAppOwner;
address oAppDelegate;
address defaultAdmin;
}
/**
* @notice Initialization parameters for the UnderlyingOFT omnichain token.
* @param clusterName Cluster identifier shared by contracts in the deployment.
* @param underlyingSymbol Predefined Symbol of the underlying asset (found in vault.config.ts).
* @param underlyingToken Address of the underlying ERC20 asset.
* @param sharedDecimals Shared decimals used in OFT transfers (<=6).
* @param vault Vault contract address.
* @param vaultComposer Vault composer contract address used for cross-chain orchestration.
* @param accountingReceiver Accounting receiver contract address.
* @param bridgeRouter Bridge router contract authorized to move funds.
* @param oAppOwner Address that receives Ownable ownership of the OApp.
* @param oAppDelegate LayerZero delegate used to configure the OApp parameters on the local LayerZero endpoint.
* @param defaultAdmin Address assigned the DEFAULT_ADMIN_ROLE.
*/
struct UnderlyingOFTParams {
string clusterName;
string underlyingSymbol;
address underlyingToken;
uint8 sharedDecimals;
address vault;
address vaultComposer;
address accountingReceiver;
address bridgeRouter;
address oAppOwner;
address oAppDelegate;
address defaultAdmin;
}
/**
* @notice Initialization parameters for an omnichain ERC4626 vault.
* @param name ERC20 name for the deployed token.
* @param symbol ERC20 symbol for the deployed token.
* @param underlyingOFT Underlying OFT contract used as lockbox for the underlying assets.
* @param vaultComposer Vault composer contract address used for cross-chain orchestration.
* @param oAppOwner Address that receives Ownable ownership of the OApp.
* @param oAppDelegate LayerZero delegate used to configure the OApp parameters on the local LayerZero endpoint.
* @param defaultAdmin Address assigned the DEFAULT_ADMIN_ROLE.
*/
struct VaultParams {
string name;
string symbol;
address underlyingOFT;
address vaultComposer;
address oAppOwner;
address oAppDelegate;
address defaultAdmin;
}
/**
* @notice Initialization parameters for the vault composer orchestrator.
* @param vault Vault contract address.
* @param underlyingOFT Underlying OFT contract used as lockbox for the underlying assets.
* @param underlyingToken Address of the underlying ERC20 asset.
* @param endpoint LayerZero endpoint trusted for compose callbacks.
* @param defaultAdmin Address assigned the DEFAULT_ADMIN_ROLE.
* @param localEid LayerZero endpoint id for this chain.
*/
struct VaultComposerParams {
address vault;
address underlyingOFT;
address underlyingToken;
address endpoint;
address defaultAdmin;
uint32 localEid;
}
/**
* @notice Initialization parameters for the vault share OFT token.
* @param name ERC20 name for the deployed token.
* @param symbol ERC20 symbol for the deployed token.
* @param oAppOwner Address that receives Ownable ownership of the OApp.
* @param oAppDelegate LayerZero delegate used to configure the OApp parameters on the local LayerZero endpoint.
* @param defaultAdmin Address assigned the DEFAULT_ADMIN_ROLE.
* @param vaultComposer Bytes32-encoded vault composer contract address.
* @param vaultComposerEid LayerZero endpoint id for the vault composer chain.
*/
struct VaultTokenParams {
string name;
string symbol;
address oAppOwner;
address oAppDelegate;
address defaultAdmin;
bytes32 vaultComposer;
uint32 vaultComposerEid;
}
/**
* @notice Initialization parameters for the StrategyManager OApp.
* @param clusterName Cluster identifier shared by contracts in the deployment.
* @param underlyingSymbol Predefined Symbol of the underlying asset (found in vault.config.ts).
* @param underlyingToken Address of the underlying ERC20 asset.
* @param bridgeRouter Bridge router contract authorized to move funds.
* @param accountingReceiver Bytes32-encoded accounting receiver contract address used for reporting.
* @param accountingReceiverEid LayerZero endpoint id for the accounting receiver chain.
* @param sharedDecimals Shared decimals used in OFT transfers (<=6).
* @param oAppOwner Address that receives Ownable ownership of the OApp.
* @param oAppDelegate LayerZero delegate used to configure the OApp parameters on the local LayerZero endpoint.
* @param defaultAdmin Address assigned the DEFAULT_ADMIN_ROLE.
*/
struct StrategyManagerParams {
string clusterName;
string underlyingSymbol;
address underlyingToken;
address bridgeRouter;
bytes32 accountingReceiver;
uint32 accountingReceiverEid;
uint8 sharedDecimals;
address oAppOwner;
address oAppDelegate;
address defaultAdmin;
}
/**
* @notice Initialization parameters for the AccountingReceiver OApp.
* @param clusterName Cluster identifier shared by contracts in the deployment.
* @param underlyingSymbol Predefined Symbol of the underlying asset (found in vault.config.ts).
* @param underlyingToken Address of the underlying ERC20 asset.
* @param underlyingOFT Underlying OFT contract used as lockbox for the underlying assets.
* @param oAppOwner Address that receives Ownable ownership of the OApp.
* @param oAppDelegate LayerZero delegate used to configure the OApp parameters on the local LayerZero endpoint.
* @param defaultAdmin Address assigned the DEFAULT_ADMIN_ROLE.
* @param sharedDecimals Shared decimals used in OFT transfers (<=6).
*/
struct AccountingReceiverParams {
string clusterName;
string underlyingSymbol;
address underlyingToken;
address underlyingOFT;
address oAppOwner;
address oAppDelegate;
address defaultAdmin;
uint8 sharedDecimals;
}
/**
* @notice Metadata describing a deployed proxy tracked by the registry.
* @param proxyAddress Bytes32-encoded proxy address (cast from `address`).
* @param eid LayerZero endpoint identifier for the proxy deployment.
* @param clusterName Cluster identifier shared by contracts in the deployment.
* @param symbol Predefined Symbol of the underlying asset (found in vault.config.ts).
*/
struct ProxyInfo {
bytes32 proxyAddress;
uint32 eid;
string clusterName;
string symbol;
}
/**
* @notice Payload forwarded between StrategyManager and AccountingReceiver.
* @param mint True to mint underlying on receipt, false to burn.
* @param delta Amount of underlying to mint or burn to the vault, expressed in shared decimals.
*/
struct DeltaMessage {
bool mint;
uint64 delta;
}
/**
* @notice Withdrawal request details tracked by the vault token.
* @param initiator Address that created the withdrawal request.
* @param sendParam LayerZero send parameters describing the outbound transfer.
* @param fee Fee quote.
* @param refundAddress Address that receives any unused LayerZero fees.
* @param txFee Additional transaction fee set by the user (not enforced by contract, typically set via UI).
* @param fulfilled True once the request has been processed.
* @param canceled True if the request was canceled.
* @param msgReceipt Messaging receipt returned by LayerZero.
* @param oftReceipt OFT receipt returned by LayerZero.
*/
struct WithdrawalQueueEntry {
address initiator;
SendParam sendParam;
MessagingFee fee;
address refundAddress;
uint256 txFee;
bool fulfilled;
bool canceled;
MessagingReceipt msgReceipt;
OFTReceipt oftReceipt;
}
/**
* @notice Withdrawal request details tracked by the vault composer.
* @param initiator Address that created the withdrawal request.
* @param shareAmount Vault shares to redeem for the user.
* @param sendParam LayerZero send parameters describing the outbound transfer.
* @param fee Native fee deposited with the withdrawal request.
* @param txFee Additional transaction fee set by the user (not enforced by contract, typically set via UI).
* @param refundAddress Address that receives any unused LayerZero fees.
* @param fulfilled True once the request has been processed.
* @param canceled True if the request was canceled.
*/
struct ComposerWithdrawalQueueEntry {
address initiator;
uint256 shareAmount;
SendParam sendParam;
uint256 fee;
uint256 txFee;
address refundAddress;
bool fulfilled;
bool canceled;
}
BaseFactory.sol 307 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { Create2 } from "@openzeppelin/contracts/utils/Create2.sol";
import { MessagingFee } from "@layerzerolabs/oapp-evm/contracts/oapp/OApp.sol";
import { Errors } from "../../common/Errors.sol";
import { ContractType, ProxyInfo } from "../../common/Types.sol";
import { Registry } from "./Registry.sol";
import { ERC1967Proxy } from "./ERC1967Proxy.sol";
import { ProxyRegistryLib } from "./ProxyRegistryLib.sol";
import { AddressLib } from "../../common/AddressLib.sol";
/// @title BaseFactory
/// @notice Shared deployment utilities for vault, receipt token, and oracle factories.
/// @dev
/// - Extends {Registry} so deterministic deployments share the same configuration surface.
/// - Manages implementation addresses per {ContractType} and deploys proxies via CREATE2 salts derived
/// from cluster/asset/type tuples.
/// - Records deployed proxies in {ProxyRegistryLib} for constant-time lookups and cross-chain sync.
/// - Exposes hooks ({_getEid}, {_sync}) for LayerZero-aware extensions such as {OAppFactory}.
abstract contract BaseFactory is Registry {
using AddressLib for address;
using AddressLib for bytes32;
using ProxyRegistryLib for ProxyRegistryLib.RegistrySet;
/// @dev Registry of deployed proxies, keyed by both deterministic salt tuple and proxy address/EID.
ProxyRegistryLib.RegistrySet internal proxiesList;
/// @notice Emitted when a deterministic proxy address is deployed and recorded locally.
/// @param contractType Logical contract type deployed.
/// @param clusterName Cluster identifier used for the deployment salt.
/// @param underlyingSymbol Underlying asset symbol used for the deployment salt.
/// @param proxyAddress Bytes32 representation of the deployed proxy contract address.
/// @param eid LayerZero endpoint ID associated with the deployment chain.
event ProxyDeployed(
ContractType indexed contractType,
string clusterName,
string underlyingSymbol,
bytes32 proxyAddress,
uint32 eid
);
/// @notice Initializes the base factory by optionally seeding the proxy registry.
/// @dev
/// - Accepts aligned arrays of `_contractTypes` and `_entries` used to pre-populate
/// the local proxy registry at deployment time.
/// - Uses `ProxyRegistryLib.importBatch`.
/// - Enables deploying a new factory instance and syncing it with proxies already
/// deployed by other factories.
/// @param _contractTypes Contract types for each provided proxy entry.
/// @param _entries Proxy metadata entries aligned with `_contractTypes`.
constructor(
ContractType[] memory _contractTypes,
ProxyInfo[] memory _entries
) {
proxiesList.importBatch(_contractTypes, _entries);
}
/// @notice Deploys an ERC1967 proxy for the given contract type using CREATE2 and records it.
/// @dev
/// - Constructs a deterministic salt from cluster/asset/type and deploys via {Create2}.
/// - Ensures the target tuple has not been deployed locally or remotely and the implementation is configured.
/// - Initializes the proxy via {ERC1967Proxy.initProxy} within the same transaction to avoid takeover.
/// - Registers the proxy in {ProxyRegistryLib} and invokes {_sync} so child factories can broadcast cross-chain.
/// - Emits {ProxyDeployed} after successful registration.
/// @param _contractType Contract type associated with the deployment.
/// @param _clusterName Cluster identifier contributing to the CREATE2 salt.
/// @param _underlyingSymbol Underlying asset symbol contributing to the CREATE2 salt.
/// @param _initCalldata ABI-encoded initializer payload invoked on the implementation.
/// @param _fees LayerZero fee quotes for each destination endpoint.
/// @return proxy Address of the freshly deployed proxy.
function _deployContractType(
ContractType _contractType,
string calldata _clusterName,
string calldata _underlyingSymbol,
bytes memory _initCalldata,
MessagingFee[] calldata _fees
) internal onlyRole(DEPLOYER_ROLE) returns (address proxy) {
_validateContractType(_contractType);
if (
proxiesList.contains(
_contractType,
_clusterName,
_underlyingSymbol,
_getEid()
)
) revert Errors.AlreadyDeployed();
(address predicted, bytes32 salt) = _predictAddress(
_contractType,
_clusterName,
_underlyingSymbol
);
if (predicted.code.length != 0) revert Errors.AlreadyDeployed();
address impl = getImplementation(_contractType);
proxy = Create2.deploy(0, salt, _proxyCreationCode());
if (proxy != predicted)
revert Errors.ProxyNotMatching(proxy, predicted);
ERC1967Proxy(payable(predicted)).initProxy(impl, _initCalldata);
_handleSync(
_contractType,
_clusterName,
_underlyingSymbol,
_fees,
predicted
);
}
function _handleSync(
ContractType _contractType,
string calldata _clusterName,
string calldata _underlyingSymbol,
MessagingFee[] calldata _fees,
address _predicted
) private {
ProxyInfo memory info = ProxyInfo({
proxyAddress: _predicted.toBytes32(),
eid: _getEid(),
clusterName: _clusterName,
symbol: _underlyingSymbol
});
if (!proxiesList.add(info, _contractType))
revert Errors.ProxyInfoAlreadyAdded();
// Notify cross-chain peers via an overridable hook.
_sync(
_contractType,
info.proxyAddress,
_clusterName,
_underlyingSymbol,
_getEid(),
_fees
);
emit ProxyDeployed(
_contractType,
_clusterName,
_underlyingSymbol,
info.proxyAddress,
_getEid()
);
}
/// @notice Computes the deterministic proxy address for a prospective deployment.
/// @dev Mirrors the CREATE2 parameters used within {_deployContractType}; useful for off-chain predictions.
/// @param _contractType Contract type whose proxy is being predicted.
/// @param _clusterName Cluster identifier used to derive the salt.
/// @param _underlyingSymbol Underlying asset symbol used to derive the salt.
/// @return predicted Expected proxy address.
/// @return salt Salt returned for reuse with `Create2.deploy`.
function _predictAddress(
ContractType _contractType,
string calldata _clusterName,
string calldata _underlyingSymbol
) internal view returns (address predicted, bytes32 salt) {
salt = _deriveSalt(_clusterName, _underlyingSymbol, _contractType);
bytes memory creationCode = _proxyCreationCode();
bytes32 creationCodeHash = keccak256(creationCode);
predicted = Create2.computeAddress(
salt,
creationCodeHash,
address(this)
);
}
/// @dev Derives the CREATE2 salt for a proxy deployment from its identifying tuple.
/// @param _clusterName Cluster identifier provided by the caller.
/// @param _underlyingSymbol Underlying asset symbol provided by the caller.
/// @param _contractType Contract type for which the proxy is deployed.
/// @return salt CREATE2 salt derived from the supplied values.
function _deriveSalt(
string calldata _clusterName,
string calldata _underlyingSymbol,
ContractType _contractType
) private pure returns (bytes32) {
return
keccak256(
abi.encode(_clusterName, _underlyingSymbol, _contractType)
);
}
/// @dev Returns the creation bytecode used for deploying new proxies.
function _proxyCreationCode() private pure returns (bytes memory) {
return type(ERC1967Proxy).creationCode;
}
/// @notice Looks up a proxy registered under the provided identifiers.
/// @param _contractType Contract type to search within.
/// @param _clusterName Cluster identifier that was used during deployment.
/// @param _underlyingSymbol Underlying asset symbol that was used during deployment.
/// @param _eid LayerZero endpoint identifier tied to the deployment.
/// @return status True if a proxy is present in the registry.
/// @return proxyAddress bytes32 proxy address stored in the registry.
/// @return eid LayerZero endpoint ID recorded with the proxy.
function _getDeployed(
ContractType _contractType,
string calldata _clusterName,
string calldata _underlyingSymbol,
uint32 _eid
) internal view returns (bool status, bytes32 proxyAddress, uint32 eid) {
_validateContractType(_contractType);
(bool _status, ProxyInfo memory info) = proxiesList.get(
_contractType,
_clusterName,
_underlyingSymbol,
_eid
);
status = _status;
if (_status != false) {
proxyAddress = info.proxyAddress;
eid = info.eid;
}
}
/// @notice Looks up a proxy registered under the provided identifiers.
/// @param _contractType Contract type to search within.
/// @param _proxyAddress Bytes32 proxy address stored in the registry.
/// @param _eid LayerZero endpoint ID recorded with the proxy.
/// @return status True if a proxy is present in the registry.
/// @return proxyInfo Proxy Info struct including its cluster name and underlying symbol.
function getProxyInfo(
ContractType _contractType,
bytes32 _proxyAddress,
uint32 _eid
) public view returns (bool status, ProxyInfo memory proxyInfo) {
_validateContractType(_contractType);
(status, proxyInfo) = proxiesList.get(
_contractType,
_proxyAddress,
_eid
);
}
/// @notice Returns a registered proxy or reverts when the tuple has not been deployed yet.
/// @param _contractType Contract type to search within.
/// @param _clusterName Cluster identifier that was used during deployment.
/// @param _underlyingSymbol Underlying asset symbol that was used during deployment.
/// @param _eid LayerZero endpoint identifier tied to the deployment.
/// @return proxyAddress bytes32 proxy address stored in the registry.
/// @return eid LayerZero endpoint ID recorded with the proxy.
function getDeployedOrRevert(
ContractType _contractType,
string calldata _clusterName,
string calldata _underlyingSymbol,
uint32 _eid
) public view returns (bytes32 proxyAddress, uint32 eid) {
bool status;
(status, proxyAddress, eid) = _getDeployed(
_contractType,
_clusterName,
_underlyingSymbol,
_eid
);
if (!status) revert Errors.ProxyNotSet();
}
/// @notice Returns all proxy entries recorded for a given contract type.
/// @dev Intended for off-chain reads and to bootstrap new factories.
function getAllProxies(
ContractType _contractType
) external view returns (ProxyInfo[] memory entries) {
// Call the library directly to copy storage → memory
return ProxyRegistryLib.entries(proxiesList, _contractType);
}
/// @notice Returns the local LayerZero endpoint ID.
/// @return eid LayerZero endpoint ID.
function _getEid() internal virtual returns (uint32);
/// @notice Hook invoked after a successful local deployment to allow to sync state cross-chain.
/// @param _contractType Contract type associated with the deployment.
/// @param _proxyAddress Bytes32 proxy address written to the registry.
/// @param _clusterName Cluster identifier supplied by the caller.
/// @param _underlyingSymbol Underlying asset symbol supplied by the caller.
/// @param _eid Endpoint ID where the proxy was deployed.
/// @param _fees LayerZero fee quotes for each destination endpoint
function _sync(
ContractType _contractType,
bytes32 _proxyAddress,
string calldata _clusterName,
string calldata _underlyingSymbol,
uint32 _eid,
MessagingFee[] calldata _fees
) internal virtual;
/// @notice Registers metadata for a proxy deployed on a remote chain without reverting on duplicates.
/// @dev Intended for cross-chain message receivers; the underlying registry silently ignores duplicates.
/// @param _contractType Contract type associated with the remote proxy.
/// @param _info Proxy metadata received from the remote source.
function _registerRemote(
ContractType _contractType,
ProxyInfo memory _info
) internal {
// library returns false if already present. We do not revert.
proxiesList.add(_info, _contractType);
}
}
ERC1967Proxy.sol 49 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { Proxy } from "@openzeppelin/contracts/proxy/Proxy.sol";
import { ERC1967Utils } from "@openzeppelin/contracts/proxy/ERC1967/ERC1967Utils.sol";
import { Errors } from "../../common/Errors.sol";
/// @title ERC-1967 Proxy (constructor-less)
/// @dev
/// - Uses standard EIP-1967 storage slots via {ERC1967Utils}.
/// - The constructor does not set an implementation (slot remains zero).
/// - {initProxy} is intended to be called by a Factory **in the same transaction** that deploys this proxy
/// (deploy → immediately call `initProxy`) to avoid any chance of third-party initialization.
/// - This proxy has no admin/owner logic; after initialization, upgrade authority is expected to be enforced
/// by the implementation (e.g., UUPS with access control) if upgrades are supported.
contract ERC1967Proxy is Proxy {
/// @notice Deploys the proxy with no implementation set.
/// @dev Intentionally empty; leaves the EIP-1967 implementation slot unset (zero).
constructor() payable {}
/// @notice One-time initializer to set the implementation and optionally call it.
/// @dev
/// - Reverts with {Errors.AlreadyInitialized} if the implementation slot is non-zero.
/// - Designed to be invoked by the Factory **within the same transaction** as deployment.
/// - Writes the EIP-1967 implementation slot and delegatecalls `implementation` with `data` (if non-empty)
/// using {ERC1967Utils.upgradeToAndCall}.
/// @param implementation Address of the logic contract to delegate to.
/// @param data ABI-encoded calldata for an optional initialization delegatecall on the implementation.
function initProxy(
address implementation,
bytes memory data
) external payable {
if (_implementation() != address(0)) revert Errors.AlreadyInitialized();
ERC1967Utils.upgradeToAndCall(implementation, data);
}
/// @notice Returns the current implementation (logic) address.
/// @dev Reads the standard EIP-1967 implementation slot via {ERC1967Utils.getImplementation}.
/// @return impl The address of the implementation contract.
function _implementation()
internal
view
virtual
override
returns (address impl)
{
return ERC1967Utils.getImplementation();
}
}
OAppFactory.sol 286 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import {
OApp,
Origin,
MessagingFee
} from "@layerzerolabs/oapp-evm/contracts/oapp/OApp.sol";
import { OAppOptionsType3 } from "@layerzerolabs/oapp-evm/contracts/oapp/libs/OAppOptionsType3.sol";
import { EnumerableSet } from "@openzeppelin/contracts/utils/structs/EnumerableSet.sol";
import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";
import { BaseFactory } from "./BaseFactory.sol";
import { ProxyRegistryLib } from "./ProxyRegistryLib.sol";
import { Errors } from "../../common/Errors.sol";
import { ContractType, ProxyInfo } from "../../common/Types.sol";
/// @title OAppFactory
/// @notice BaseFactory extension that synchronizes proxy deployments across chains via LayerZero OApp v2.
/// @dev
/// - Extends {BaseFactory} for deterministic deployments/registry bookkeeping and {OApp} for messaging.
/// - Maintains a list of subscribed endpoint IDs (`listedEids`) that receive proxy registration broadcasts.
/// - Uses the `_sync` hook from {BaseFactory} to broadcast after every local deployment and
/// `_registerRemote` to persist remote deployments received over LayerZero.
abstract contract OAppFactory is BaseFactory, OApp, OAppOptionsType3 {
using EnumerableSet for EnumerableSet.UintSet;
/// @notice LayerZero message type identifier for proxy registrations.
uint16 internal constant MSG_REGISTER_PROXY = 0;
/// @notice Tracks processed LayerZero message GUIDs to prevent replays.
mapping(bytes32 => bool) private processedGuid;
/// @notice Set of destination endpoint IDs that should receive broadcasts.
EnumerableSet.UintSet private listedEids;
/// @notice LayerZero endpoint ID for the local deployment environment.
uint32 private immutable localEid;
/// @notice Initializes the OApp factory with LayerZero endpoint details and ownership data.
/// @param _lzEndpoint Address of the LayerZero endpoint contract on this chain.
/// @param _oAppOwner Account that will own the OApp and control peer configuration.
/// @param _oAppDelegate Delegate allowed to manage endpoint configuration on LayerZero.
constructor(
address _lzEndpoint,
address _oAppOwner,
address _oAppDelegate
) OApp(_lzEndpoint, _oAppDelegate) Ownable(_oAppOwner) {
localEid = endpoint.eid();
}
/// @notice Registers or clears a remote peer application for a given endpoint ID.
/// @dev
/// - Enforces one-to-one mapping between endpoint ID and peer address via {OApp.setPeer}.
/// - Keeps the local `listedEids` cache in sync so broadcasts iterate deterministic destinations.
/// @param _eid Destination LayerZero endpoint ID.
/// @param _peer Encoded remote peer address or zero to unset.
function setPeer(uint32 _eid, bytes32 _peer) public override onlyOwner {
bytes32 prev = peers[_eid];
bool wasSet = prev != bytes32(0);
bool willBeSet = _peer != bytes32(0);
if (wasSet != willBeSet) {
if (willBeSet) {
listedEids.add(uint256(_eid)); // unset → set
} else {
listedEids.remove(uint256(_eid)); // set → unset
}
}
super.setPeer(_eid, _peer);
}
/// @notice Lists endpoint IDs currently configured to receive deployment broadcasts.
/// @return eids Array of endpoint IDs in insertion order.
function getListedEids() public view returns (uint32[] memory eids) {
uint256 len = listedEids.length();
eids = new uint32[](len);
for (uint256 i = 0; i < len; i++) eids[i] = uint32(listedEids.at(i));
}
/// @notice Quotes LayerZero fees required to broadcast a deployment registration to all peers.
/// @param _clusterName Cluster identifier tied to the deployment.
/// @param _underlyingSymbol Underlying asset symbol tied to the deployment.
/// @return fees Array of LayerZero fee quotations, one per `listedEids` entry (ordered consistently).
function quoteBroadcast(
string calldata _clusterName,
string calldata _underlyingSymbol
) external view returns (MessagingFee[] memory fees) {
bytes memory payload = abi.encode(
ContractType.PLACEHOLDER, // just as a placeholder
bytes32(0),
_clusterName,
_underlyingSymbol,
uint32(0)
);
bytes memory message = abi.encodePacked(
uint16(MSG_REGISTER_PROXY),
payload
);
uint256 len = listedEids.length();
fees = new MessagingFee[](len);
bytes calldata options = msg.data[0:0];
for (uint256 i = 0; i < len; i++) {
uint32 dstEid = uint32(listedEids.at(i));
fees[i] = _quote(
dstEid,
message,
combineOptions(dstEid, MSG_REGISTER_PROXY, options),
false
);
}
}
/// @inheritdoc BaseFactory
function _getEid() internal view override returns (uint32) {
return localEid;
}
/// @inheritdoc BaseFactory
function _sync(
ContractType _contractType,
bytes32 _proxyAddress,
string calldata _clusterName,
string calldata _underlyingSymbol,
uint32 _eid,
MessagingFee[] calldata _fees
) internal override {
_broadcast(
_contractType,
_proxyAddress,
_clusterName,
_underlyingSymbol,
_eid,
_fees,
getListedEids()
);
}
/// @notice Broadcasts existing proxy registration to specific destination EIDs.
/// @param _contractType Logical contract type whose proxy is being synchronized.
/// @param _clusterName Cluster identifier used during deterministic deployment.
/// @param _underlyingSymbol Underlying asset symbol used during deterministic deployment.
/// @param _eid LayerZero endpoint ID of the chain where the proxy is deployed.
/// @param _fees LayerZero fee quotes aligned with `_dstEids` order.
/// @param _dstEids Destination LayerZero endpoint IDs to receive the registration message.
function sync(
ContractType _contractType,
string calldata _clusterName,
string calldata _underlyingSymbol,
uint32 _eid,
MessagingFee[] calldata _fees,
uint32[] memory _dstEids
) public payable onlyRole(SETTER_ROLE) {
(bytes32 proxyAddress, ) = getDeployedOrRevert(
_contractType,
_clusterName,
_underlyingSymbol,
_eid
);
_broadcast(
_contractType,
proxyAddress,
_clusterName,
_underlyingSymbol,
_eid,
_fees,
_dstEids
);
}
/// @notice Broadcasts a proxy registration message to each specified destination endpoint.
/// @dev
/// - Caller is expected to fund LayerZero fees using the supplied `_fees` data.
/// - Validates that `_fees.length` matches the number of destinations in `_dstEids`.
/// @param _contractType Contract type associated with the deployed proxy.
/// @param _proxyAddress Bytes32 proxy address to broadcast.
/// @param _clusterName Cluster identifier used for deterministic deployment.
/// @param _underlyingSymbol Underlying asset symbol used for deterministic deployment.
/// @param _eid Endpoint ID where the proxy was deployed.
/// @param _fees LayerZero fee quotes for each destination endpoint in `_dstEids` order.
/// @param _dstEids LayerZero destination endpoint IDs.
function _broadcast(
ContractType _contractType,
bytes32 _proxyAddress,
string calldata _clusterName,
string calldata _underlyingSymbol,
uint32 _eid,
MessagingFee[] calldata _fees,
uint32[] memory _dstEids
) internal {
bytes memory payload = abi.encode(
_contractType,
_clusterName,
_underlyingSymbol,
_proxyAddress,
_eid
);
bytes memory message = abi.encodePacked(
uint16(MSG_REGISTER_PROXY),
payload
);
uint256 len = _dstEids.length;
if (len == 0) return;
if (_fees.length != len) revert Errors.LengthMismatch();
bytes calldata options = msg.data[0:0];
uint256 totalFees = 0;
for (uint256 i = 0; i < len; i++) totalFees += _fees[i].nativeFee;
if (totalFees != msg.value) revert Errors.NotEnoughValueToPayFees();
for (uint256 i = 0; i < len; i++) {
uint32 dstEid = _dstEids[i];
_lzSend(
dstEid,
message,
combineOptions(dstEid, MSG_REGISTER_PROXY, options),
_fees[i],
payable(msg.sender)
);
}
}
/// @notice Handles inbound LayerZero messages and records remote proxy deployments.
/// @dev
/// - Rejects duplicate GUIDs and unsupported message types.
/// - Decodes the payload and persists it via {_registerRemote} so local lookups include remote peers.
/// @param _guid Unique LayerZero message identifier used for replay protection.
/// @param _message ABI-encoded message payload prefixed with the message type.
function _lzReceive(
Origin calldata /*_origin*/,
bytes32 _guid,
bytes calldata _message,
address /*_executor*/,
bytes calldata /*_extraData*/
) internal override {
if (processedGuid[_guid]) revert Errors.GuidAlreadyProcessed(_guid);
processedGuid[_guid] = true;
(uint16 msgType, bytes calldata message) = _decodeMessage(_message);
if (msgType != MSG_REGISTER_PROXY)
revert Errors.MessageTypeNotSupported();
(
ContractType contractType,
string memory clusterName,
string memory underlyingSymbol,
bytes32 proxyAddress,
uint32 eid
) = abi.decode(
message,
(ContractType, string, string, bytes32, uint32)
);
ProxyInfo memory info = ProxyInfo({
proxyAddress: proxyAddress,
eid: eid,
clusterName: clusterName,
symbol: underlyingSymbol
});
_registerRemote(contractType, info);
}
/// @notice Splits a LayerZero message into the type prefix and payload.
/// @dev Reverts when the message is shorter or equal to two bytes.
/// @param _message Raw message emitted by LayerZero.
/// @return msgType Message type identifier.
/// @return message Raw payload following the type prefix.
function _decodeMessage(
bytes calldata _message
) private pure returns (uint16 msgType, bytes calldata message) {
if (_message.length <= 2) revert Errors.InvalidMessageLength();
msgType = uint16(bytes2(_message[0:2]));
message = _message[2:];
}
function _payNative(
uint256 _nativeFee
) internal override returns (uint256 nativeFee) {
if (msg.value < _nativeFee) revert NotEnoughNative(msg.value);
return _nativeFee;
}
}
ProxyRegistryLib.sol 413 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { ContractType, ProxyInfo } from "../../common/Types.sol";
import { Errors } from "../../common/Errors.sol";
/// @title Proxy Registry Library
/// @notice Tracks deterministic proxy deployments using dual lookup keys for O(1) retrieval.
/// @dev
/// - Every proxy is indexed by both (cluster, symbol, eid) and (proxyAddress, eid) tuples.
/// - Used by {BaseFactory} descendants to prevent duplicate CREATE2 deployments and to serve cross-chain lookups.
/// - Maintains both indices in sync while supporting swap-and-pop removal.
library ProxyRegistryLib {
/// @notice Default endpoint ID used for oracle deployments when listing proxies (oracles are globally (cross-chain) indexed).
uint32 constant PLACEHOLDER_EID = 0;
/// @notice Storage tracking proxies keyed by multiple lookup indices (address/EID and tuple/EID).
struct ProxyRegistry {
// keccak256(abi.encode(proxyAddress, eid)) => index (index + 1)
mapping(bytes32 => uint256) indexByProxyEid;
// keccak256(abi.encode(clusterName, symbol, eid)) => index (index + 1)
mapping(bytes32 => uint256) indexByClusterSymbolEid;
ProxyInfo[] values;
}
/// @notice Mapping of contract types to their dedicated proxy registries.
struct RegistrySet {
mapping(ContractType => ProxyRegistry) registries;
}
/// @dev Computes the key used to identify a proxy by address/eid pair.
function _computeProxyEidKey(
bytes32 _proxyAddress,
uint32 _eid
) private pure returns (bytes32) {
return keccak256(abi.encode(_proxyAddress, _eid));
}
// @dev only one deployment by cluster is allowed for the following contract types
function _singleContractType(
ContractType _contractType
) internal pure returns (bool) {
if (
_contractType == ContractType.UNDERLYING_OFT ||
_contractType == ContractType.VAULT_COMPOSER ||
_contractType == ContractType.VAULT ||
_contractType == ContractType.ACCOUNTING_RECEIVER
) return true;
return false;
}
/// @dev Computes the key used to identify a proxy by cluster/symbol/eid triple, normalising oracle EIDs to zero.
function _computeClusterSymbolEidKey(
ContractType _contractType,
string memory _clusterName,
string memory _symbol,
uint32 _eid
) private pure returns (bytes32) {
uint256 eid = uint256(_eid);
// only one deployment by cluster is allowed for the following contract types
if (_singleContractType(_contractType)) {
// place holder to enfoce only one deployment for all chains by cluster/symbol
eid = type(uint256).max - uint256(_contractType);
}
return keccak256(abi.encode(_clusterName, _symbol, eid));
}
/// @notice Adds a proxy entry to the registry set if no collision exists.
/// @dev Returns false when either lookup key is already populated, leaving storage unchanged.
/// @param _set Registry set.
/// @param _info Proxy metadata to record.
/// @param _contractType Contract type to insert into.
/// @return status True when the proxy was inserted, false if already present.
function add(
RegistrySet storage _set,
ProxyInfo memory _info,
ContractType _contractType
) external returns (bool status) {
bytes32 _proxyEidKey = _computeProxyEidKey(
_info.proxyAddress,
_info.eid
);
bytes32 _clusterSymbolEidKey = _computeClusterSymbolEidKey(
_contractType,
_info.clusterName,
_info.symbol,
_info.eid
);
ProxyRegistry storage _registry = _set.registries[_contractType];
if (
_registry.indexByProxyEid[_proxyEidKey] != 0 ||
_registry.indexByClusterSymbolEid[_clusterSymbolEidKey] != 0
) {
status = false; // already exists
} else {
_registry.values.push(_info);
uint256 _newIndex = _registry.values.length; // index + 1
_registry.indexByProxyEid[_proxyEidKey] = _newIndex;
_registry.indexByClusterSymbolEid[_clusterSymbolEidKey] = _newIndex;
status = true;
}
}
/// @notice Removes a proxy entry identified by proxy address and endpoint.
/// @param _set Registry set.
/// @param _contractType Contract type to remove from.
/// @param _proxyAddress Bytes32 proxy address bytes32(uint256(uint160(address))).
/// @param _eid LayerZero endpoint identifier associated with the proxy.
/// @return removed True if the entry was removed, false when it was missing.
function remove(
RegistrySet storage _set,
ContractType _contractType,
bytes32 _proxyAddress,
uint32 _eid
) external returns (bool) {
ProxyRegistry storage _registry = _set.registries[_contractType];
bytes32 _proxyEidKey = _computeProxyEidKey(_proxyAddress, _eid);
uint256 _index = _registry.indexByProxyEid[_proxyEidKey];
if (_index == 0) return false;
_removeAt(_registry, _contractType, _index);
return true;
}
/// @notice Removes a proxy entry identified by cluster name, symbol, and eid.
/// @param _set Registry set storing contract-type specific registries.
/// @param _contractType Contract type.
/// @param _clusterName Cluster identifier used for deterministic deployment.
/// @param _symbol Underlying asset symbol paired with the cluster.
/// @param _eid LayerZero endpoint identifier associated with the proxy.
/// @return removed True if the entry was removed, false when it was missing.
function remove(
RegistrySet storage _set,
ContractType _contractType,
string memory _clusterName,
string memory _symbol,
uint32 _eid
) external returns (bool) {
ProxyRegistry storage _registry = _set.registries[_contractType];
bytes32 _clusterSymbolEidKey = _computeClusterSymbolEidKey(
_contractType,
_clusterName,
_symbol,
_eid
);
uint256 _index = _registry.indexByClusterSymbolEid[
_clusterSymbolEidKey
];
if (_index == 0) return false; // not found
_removeAt(_registry, _contractType, _index);
return true;
}
/// @dev Removes a registry entry at the provided index, performing swap-and-pop and updating both indices.
function _removeAt(
ProxyRegistry storage _registry,
ContractType _contractType,
uint256 _index
) private {
uint256 _idx = _index - 1; // stored as index+1
uint256 _lastIdx = _registry.values.length - 1;
ProxyInfo memory _removedInfo = _registry.values[_idx];
bytes32 _proxyEidKey = _computeProxyEidKey(
_removedInfo.proxyAddress,
_removedInfo.eid
);
bytes32 _clusterSymbolEidKey = _computeClusterSymbolEidKey(
_contractType,
_removedInfo.clusterName,
_removedInfo.symbol,
_removedInfo.eid
);
// if not last element, swap with last
if (_idx != _lastIdx) {
ProxyInfo memory _lastInfo = _registry.values[_lastIdx];
_registry.values[_idx] = _lastInfo;
bytes32 _lastProxyEidKey = _computeProxyEidKey(
_lastInfo.proxyAddress,
_lastInfo.eid
);
bytes32 _lastClusterSymbolEidKey = _computeClusterSymbolEidKey(
_contractType,
_lastInfo.clusterName,
_lastInfo.symbol,
_lastInfo.eid
);
_registry.indexByProxyEid[_lastProxyEidKey] = _index;
_registry.indexByClusterSymbolEid[
_lastClusterSymbolEidKey
] = _index;
}
_registry.values.pop();
// clear removed keys
delete _registry.indexByProxyEid[_proxyEidKey];
delete _registry.indexByClusterSymbolEid[_clusterSymbolEidKey];
}
/// @notice Returns true when a proxy is registered for the given address/endpoint pair.
function contains(
RegistrySet storage _set,
ContractType _contractType,
bytes32 _proxyAddress,
uint32 _eid
) external view returns (bool) {
ProxyRegistry storage _registry = _set.registries[_contractType];
return
_registry.indexByProxyEid[
_computeProxyEidKey(_proxyAddress, _eid)
] != 0;
}
/// @notice Returns true when a proxy is registered for the given cluster/symbol/endpoint tuple.
function contains(
RegistrySet storage _set,
ContractType _contractType,
string memory _clusterName,
string memory _symbol,
uint32 _eid
) external view returns (bool) {
ProxyRegistry storage _registry = _set.registries[_contractType];
return
_registry.indexByClusterSymbolEid[
_computeClusterSymbolEidKey(
_contractType,
_clusterName,
_symbol,
_eid
)
] != 0;
}
/// @notice Returns the number of proxies registered under the provided contract type.
function length(
RegistrySet storage _set,
ContractType _contractType
) external view returns (uint256) {
return _set.registries[_contractType].values.length;
}
/// @notice Returns the proxy metadata stored at index.
/// @param _set Registry set storing contract-type specific registries.
/// @param _contractType Contract type.
/// @param _index Index.
/// @return ProxyInfo metadata stored at the index.
function at(
RegistrySet storage _set,
ContractType _contractType,
uint256 _index
) external view returns (ProxyInfo memory) {
ProxyRegistry storage _registry = _set.registries[_contractType];
if (_index >= _registry.values.length) revert Errors.ProxyNotSet();
return _registry.values[_index];
}
/// @notice Attempts to fetch proxy metadata keyed by proxy address and endpoint.
/// @param _set Registry set storing contract-type specific registries.
/// @param _contractType Contract type.
/// @param _proxyAddress Bytes32 proxy address bytes32(uint256(uint160(address))).
/// @param _eid LayerZero endpoint identifier associated with the proxy.
/// @return status True when the proxy exists.
/// @return proxyInfo Proxy metadata when present (zeroed otherwise).
function get(
RegistrySet storage _set,
ContractType _contractType,
bytes32 _proxyAddress,
uint32 _eid
) external view returns (bool status, ProxyInfo memory proxyInfo) {
status = true;
ProxyRegistry storage _registry = _set.registries[_contractType];
uint256 _idxPlus = _registry.indexByProxyEid[
_computeProxyEidKey(_proxyAddress, _eid)
];
if (_idxPlus == 0) {
status = false;
} else {
proxyInfo = _registry.values[_idxPlus - 1];
}
}
/// @notice Attempts to fetch proxy metadata keyed by cluster name, symbol, and endpoint.
/// @param _set Registry set storing contract-type specific registries.
/// @param _contractType Contract type.
/// @param _clusterName Cluster identifier.
/// @param _symbol Underlying asset symbol paired with the cluster.
/// @param _eid LayerZero endpoint identifier associated with the proxy.
/// @return status True when the proxy exists.
/// @return proxyInfo Proxy metadata when present (zeroed otherwise).
function get(
RegistrySet storage _set,
ContractType _contractType,
string calldata _clusterName,
string calldata _symbol,
uint32 _eid
) external view returns (bool status, ProxyInfo memory proxyInfo) {
status = true;
ProxyRegistry storage _registry = _set.registries[_contractType];
uint256 _idxPlus = _registry.indexByClusterSymbolEid[
_computeClusterSymbolEidKey(
_contractType,
_clusterName,
_symbol,
_eid
)
];
if (_idxPlus == 0) {
status = false;
} else {
proxyInfo = _registry.values[_idxPlus - 1];
}
}
/// @notice Returns the full list of proxy addresses and associated endpoint IDs for a contract type.
/// @param _set Registry set storing contract-type specific registries.
/// @param _contractType Contract type.
/// @return proxies Bytes32 proxy addresses corresponding to each registry entry.
/// @return eids LayerZero endpoint IDs corresponding to the proxy deployment chain.
function values(
RegistrySet storage _set,
ContractType _contractType
) external view returns (bytes32[] memory proxies, uint32[] memory eids) {
ProxyRegistry storage _registry = _set.registries[_contractType];
uint256 _len = _registry.values.length;
proxies = new bytes32[](_len);
eids = new uint32[](_len);
for (uint256 i = 0; i < _len; i++) {
ProxyInfo storage pi = _registry.values[i];
proxies[i] = pi.proxyAddress;
eids[i] = pi.eid;
}
}
/// @notice Returns the full list of proxy entries for a contract type.
/// @dev Copies storage into memory; intended for off-chain reads and bootstrap seeding.
/// @param _set Registry set storing contract-type specific registries.
/// @param _contractType Contract type.
/// @return _entries Array of ProxyInfo entries including cluster and symbol metadata.
function entries(
RegistrySet storage _set,
ContractType _contractType
) external view returns (ProxyInfo[] memory _entries) {
ProxyRegistry storage _registry = _set.registries[_contractType];
uint256 _len = _registry.values.length;
_entries = new ProxyInfo[](_len);
for (uint256 i = 0; i < _len; i++) {
ProxyInfo storage pi = _registry.values[i];
_entries[i] = ProxyInfo({
proxyAddress: pi.proxyAddress,
eid: pi.eid,
clusterName: pi.clusterName,
symbol: pi.symbol
});
}
}
/// @notice Imports a batch of proxy entries into the registry set, ignoring duplicates.
/// @dev Length mismatch reverts; duplicate entries are skipped without reverting.
/// @param _set Registry set storing contract-type specific registries.
/// @param _contractTypes Contract types per entry.
/// @param _entries Proxy metadata entries aligned with `_contractTypes`.
function importBatch(
RegistrySet storage _set,
ContractType[] memory _contractTypes,
ProxyInfo[] memory _entries
) external {
if (_contractTypes.length != _entries.length)
revert Errors.LengthMismatch();
uint256 len = _contractTypes.length;
for (uint256 i = 0; i < len; i++) {
ContractType _contractType = _contractTypes[i];
ProxyRegistry storage _registry = _set.registries[_contractType];
ProxyInfo memory _info = _entries[i];
bytes32 _proxyEidKey = _computeProxyEidKey(
_info.proxyAddress,
_info.eid
);
bytes32 _clusterSymbolEidKey = _computeClusterSymbolEidKey(
_contractType,
_info.clusterName,
_info.symbol,
_info.eid
);
if (
_registry.indexByProxyEid[_proxyEidKey] != 0 ||
_registry.indexByClusterSymbolEid[_clusterSymbolEidKey] != 0
) {
if (_singleContractType(_contractType))
revert Errors.ImportCollision();
continue; // skip duplicates
}
_registry.values.push(_info);
uint256 _newIndex = _registry.values.length; // index + 1
_registry.indexByProxyEid[_proxyEidKey] = _newIndex;
_registry.indexByClusterSymbolEid[_clusterSymbolEidKey] = _newIndex;
}
}
}
Registry.sol 234 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { IERC20 } from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import { AccessControl } from "@openzeppelin/contracts/access/AccessControl.sol";
import { IERC20Metadata } from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { Errors } from "../../common/Errors.sol";
import { Roles } from "../../common/Roles.sol";
import { ContractType, ProxyInfo } from "../../common/Types.sol";
import { IFactory } from "../../interfaces/IFactory.sol";
/// @title Factory Registry
/// @notice Central configuration hub for vault, oracle, and receipt token deployments.
/// @dev Stores global LayerZero ownership, bridging, exchange-rate updates, and asset metadata used by factories.
abstract contract Registry is IFactory, AccessControl, Roles {
/// @dev Tracks the implementation contract configured for each logical contract type.
mapping(ContractType => address) internal implementationOf;
/// @notice Emitted when an implementation address is updated for a contract type.
/// @param contractType Contract type whose implementation changed.
/// @param oldImpl Previously configured implementation address.
/// @param newImpl Newly configured implementation address.
event ImplementationUpdated(
ContractType indexed contractType,
address indexed oldImpl,
address indexed newImpl
);
bool public paused;
/// @dev Address installed as `Ownable` owner for every deployed OApp contract.
address private oAppOwner;
/// @dev LayerZero delegate allowed to configure LZ endpoints on behalf of the owner.
address private oAppDelegate;
/// @dev Account granted the `DEFAULT_ADMIN_ROLE` on all deployments.
address private admin;
/// @dev Bridge router contract used by vaults to settle cross-chain withdrawals.
address private bridgeRouter;
/// @dev Maps an underlying asset symbol (e.g. "USDC") to its canonical ERC20 address.
mapping(string => address) private underlyingAssets;
/// @notice Tracks the on-chain `chainid` associated with each LayerZero endpoint ID.
mapping(uint32 => uint256) private eidToChainId;
/// @notice Tracks the LayerZero endpoint ID associated with each chainId.
mapping(uint256 => uint32) private chainIdToEid;
/// @notice Minimum native fee required to execute the withdrawal's second hop for a given route.
/// @dev Used to validate second-hop costs as estimation is no unavailable on the user chain.
mapping(uint32 => mapping(uint32 => uint256)) private withdrawalMinFee;
/// @notice Registers the LayerZero OApp owner reused across all OApp initializers.
/// @param _oAppOwner Address installed as Ownable owner on vault, oracle, and receipt token proxies.
function setOAppOwner(address _oAppOwner) external onlyRole(SETTER_ROLE) {
oAppOwner = _oAppOwner;
}
/// @notice Registers the OApp delegate responsible for LayerZero endpoint management.
/// @param _oAppDelegate Delegate address passed into OApp initializers.
function setOAppDelegate(
address _oAppDelegate
) external onlyRole(SETTER_ROLE) {
oAppDelegate = _oAppDelegate;
}
/// @notice Sets the administrator address that receives `DEFAULT_ADMIN_ROLE` on new deployments.
/// @param _admin Address entrusted with admin rights for deployed contracts.
function setAdmin(address _admin) external onlyRole(SETTER_ROLE) {
admin = _admin;
}
/// @notice Registers the bridge router contract used to execute cross-chain withdrawals.
/// @param _bridgeRouter Router address invoked by vaults during `bridge` operations.
function setBridgeRouter(
address _bridgeRouter
) external onlyRole(SETTER_ROLE) {
bridgeRouter = _bridgeRouter;
}
/// @notice Associates an underlying asset symbol with its canonical ERC20 address.
/// @param symbol Symbol used to reference the underlying asset during deployments.
/// @param asset ERC20 contract address for the underlying on this chain.
function setUnderlyingAsset(
string calldata symbol,
address asset
) external onlyRole(SETTER_ROLE) {
underlyingAssets[symbol] = asset;
}
/// @notice Stores the chain identifier referenced by a LayerZero endpoint ID.
/// @param _eid LayerZero endpoint ID used in cross-chain messaging.
/// @param _chainId Native `block.chainid` value for that endpoint.
function setChainId(
uint32 _eid,
uint256 _chainId
) external onlyRole(SETTER_ROLE) {
uint256 oldChainId = eidToChainId[_eid];
if (oldChainId != 0) {
delete chainIdToEid[oldChainId];
}
if (chainIdToEid[_chainId] != 0) revert Errors.ChainIdAlreadyMapped();
eidToChainId[_eid] = _chainId;
chainIdToEid[_chainId] = _eid;
}
/// @notice Registers the minimum native fee for a withdrawal route.
/// @param _srcEid Source LayerZero endpoint ID.
/// @param _dstEid Destination LayerZero endpoint ID.
/// @param _nativeFee Minimum native fee required.
function setWithdrawalMinFee(
uint32 _srcEid,
uint32 _dstEid,
uint256 _nativeFee
) external onlyRole(SETTER_ROLE) {
withdrawalMinFee[_srcEid][_dstEid] = _nativeFee;
}
/// @notice Stores the implementation address used when deploying a specific contract type.
/// @dev
/// - Restricted to accounts with `SETTER_ROLE` propagated from {FactoryRoles}.
/// - Validates the contract type, non-zero address, and that bytecode exists.
/// - Emits {ImplementationUpdated} with both the previous and new implementation addresses.
/// @param _contractType Contract type being configured.
/// @param _impl Implementation contract address to record.
function setImplementation(
ContractType _contractType,
address _impl
) external onlyRole(SETTER_ROLE) {
_validateContractType(_contractType);
if (_impl == address(0)) revert Errors.ZeroAddress();
if (_impl.code.length == 0) revert Errors.ImplNotContract();
emit ImplementationUpdated(
_contractType,
implementationOf[_contractType],
_impl
);
implementationOf[_contractType] = _impl;
}
/// @notice Fetches the OApp owner for the deployed contracts.
/// @return _oAppOwner Address configured as owner for OApp components.
/// @dev Reverts if the owner has not been configured.
function getOAppOwner() public view returns (address _oAppOwner) {
_oAppOwner = oAppOwner;
if (_oAppOwner == address(0)) revert Errors.UndefinedOAppOwner();
}
/// @notice Fetches the OApp delegate used for LayerZero endpoint operations.
/// @return _oAppDelegate Delegate address supplied to deployed OApps.
/// @dev Reverts if the delegate has not been configured.
function getOAppDelegate() public view returns (address _oAppDelegate) {
_oAppDelegate = oAppDelegate;
if (_oAppDelegate == address(0)) revert Errors.UndefinedOAppDelegate();
}
/// @notice Returns the administrator address granted factory-level `DEFAULT_ADMIN_ROLE` assignments.
/// @return _admin Admin address injected into new deployments.
/// @dev Reverts if the admin has not been configured.
function getAdmin() public view returns (address _admin) {
_admin = admin;
if (_admin == address(0)) revert Errors.UndefinedAdmin();
}
/// @notice Returns the bridge router contract leveraged during cross-chain withdrawals.
/// @return _bridgeRouter Router contract expected by deployed vaults.
/// @dev Reverts if the router has not been configured.
function getBridgeRouter() public view returns (address _bridgeRouter) {
_bridgeRouter = bridgeRouter;
if (_bridgeRouter == address(0)) revert Errors.UndefinedBridgeRouter();
}
/// @notice Resolves the ERC20 address for a registered underlying symbol.
/// @param symbol Symbol of the asset to look up.
/// @return _underlyingAsset ERC20 address.
/// @dev Reverts if the asset is not registered.
function getUnderlyingAsset(
string calldata symbol
) public view returns (address _underlyingAsset) {
_underlyingAsset = underlyingAssets[symbol];
if (_underlyingAsset == address(0)) revert Errors.UndefinedUnderlying();
}
/// @notice Returns the native chain identifier referenced by LayerZero Eid.
/// @dev Reverts if the endpoint ID is not registered.
function getChainId(uint32 _eid) public view returns (uint256 chainId) {
chainId = eidToChainId[_eid];
if (chainId == 0) revert Errors.UndefinedEidToChainId();
}
/// @notice Returns the LayerZero Eid referenced by chain identifier.
/// @dev Reverts if the chain ID is not registered.
function getEid(uint256 _chainId) public view returns (uint32 eid) {
eid = chainIdToEid[_chainId];
if (eid == 0) revert Errors.UndefinedChainIdToEid();
}
/// @notice Returns the configured minimum native fee for the specified withdrawal route.
/// @dev Reverts if the fee is not configured for the given source and destination endpoints.
/// @param _srcEid Source LayerZero endpoint ID.
/// @param _dstEid Destination LayerZero endpoint ID.
/// @return nativeFee Minimum native fee required.
function getWithdrawalMinFee(
uint32 _srcEid,
uint32 _dstEid
) public view returns (uint256 nativeFee) {
nativeFee = withdrawalMinFee[_srcEid][_dstEid];
}
/// @notice Returns the implementation address configured for a contract type.
/// @param _contractType Contract type to query.
/// @return impl implementation Currently stored implementation address (zero if unset).
function getImplementation(
ContractType _contractType
) public view returns (address impl) {
_validateContractType(_contractType);
impl = implementationOf[_contractType];
if (impl == address(0))
revert Errors.UndefinedImplementation(_contractType);
}
function pause() external onlyRole(PAUSE_MANAGER) {
paused = true;
}
function unpause() external onlyRole(UNPAUSE_MANAGER) {
paused = false;
}
/// @dev Validates that the provided contract type enum value is one of the supported factory types.
/// @param _contractType Contract type to validate.
function _validateContractType(ContractType _contractType) internal pure {
if (uint8(_contractType) >= uint8(ContractType.PLACEHOLDER))
revert Errors.InvalidContractType();
}
}
AccountingReceiverFactory.sol 57 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { MessagingFee } from "@layerzerolabs/oapp-evm/contracts/oapp/OApp.sol";
import { ProxyRegistryLib } from "../base/ProxyRegistryLib.sol";
import { OAppFactory } from "../base/OAppFactory.sol";
import { ContractType, AccountingReceiverParams } from "../../common/Types.sol";
import { AddressLib } from "../../common/AddressLib.sol";
import { IAccountingReceiver } from "../../interfaces/IAccountingReceiver.sol";
/// @title AccountingReceiverFactory
/// @notice Deploys AccountingReceiver proxies and exposes deterministic registry lookups.
/// @dev Combines registry-sourced configuration (receipt token address, oracle metadata, bridge router, etc.)
/// to assemble the initializer payload for each AccountingReceiver deployment.
abstract contract AccountingReceiverFactory is OAppFactory {
using AddressLib for bytes32;
function deployAccountingReceiver(
string calldata _clusterName,
string calldata _underlyingSymbol,
uint8 _sharedDecimals,
MessagingFee[] calldata _fees
) external payable returns (address proxy) {
AccountingReceiverParams memory params;
(bytes32 underlyingOFT, ) = getDeployedOrRevert(
ContractType.UNDERLYING_OFT,
_clusterName,
_underlyingSymbol,
ProxyRegistryLib.PLACEHOLDER_EID
);
params.underlyingOFT = underlyingOFT.toAddress();
params.clusterName = _clusterName;
params.underlyingSymbol = _underlyingSymbol;
params.underlyingToken = getUnderlyingAsset(_underlyingSymbol);
params.oAppOwner = getOAppOwner();
params.oAppDelegate = getOAppDelegate();
params.defaultAdmin = getAdmin();
params.sharedDecimals = _sharedDecimals;
// Prepare init calldata
bytes memory initDataAccountingReceiver = abi.encodeWithSelector(
IAccountingReceiver.initialize.selector,
params
);
proxy = _deployContractType(
ContractType.ACCOUNTING_RECEIVER,
_clusterName,
_underlyingSymbol,
initDataAccountingReceiver,
_fees
);
}
}
StrategyManagerFactory.sol 57 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { MessagingFee } from "@layerzerolabs/oapp-evm/contracts/oapp/OApp.sol";
import { ProxyRegistryLib } from "../base/ProxyRegistryLib.sol";
import { OAppFactory } from "../base/OAppFactory.sol";
import { ContractType, StrategyManagerParams } from "../../common/Types.sol";
import { AddressLib } from "../../common/AddressLib.sol";
import { IStrategyManager } from "../../interfaces/IStrategyManager.sol";
/// @title StrategyManagerFactory
/// @notice Deploys StrategyManager proxies and exposes deterministic registry lookups.
/// @dev Combines registry-sourced configuration (receipt token address, oracle metadata, bridge router, etc.)
/// to assemble the initializer payload for each StrategyManager deployment.
abstract contract StrategyManagerFactory is OAppFactory {
function deployStrategyManager(
string calldata _clusterName,
string calldata _underlyingSymbol,
uint8 _sharedDecimals,
MessagingFee[] calldata _fees
) external payable returns (address proxy) {
StrategyManagerParams memory params;
(
params.accountingReceiver,
params.accountingReceiverEid
) = getDeployedOrRevert(
ContractType.ACCOUNTING_RECEIVER,
_clusterName,
_underlyingSymbol,
ProxyRegistryLib.PLACEHOLDER_EID
);
params.clusterName = _clusterName;
params.underlyingSymbol = _underlyingSymbol;
params.underlyingToken = getUnderlyingAsset(_underlyingSymbol);
params.bridgeRouter = getBridgeRouter();
params.sharedDecimals = _sharedDecimals;
params.oAppOwner = getOAppOwner();
params.oAppDelegate = getOAppDelegate();
params.defaultAdmin = getAdmin();
bytes memory initDataStrategyManager = abi.encodeWithSelector(
IStrategyManager.initialize.selector,
params
);
proxy = _deployContractType(
ContractType.STRATEGY_MANAGER,
_clusterName,
_underlyingSymbol,
initDataStrategyManager,
_fees
);
}
}
UnderlyingOFTAdapterFactory.sol 57 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { MessagingFee } from "@layerzerolabs/oapp-evm/contracts/oapp/OApp.sol";
import {
ContractType,
UnderlyingOFTAdapterParams
} from "../../common/Types.sol";
import { ProxyRegistryLib } from "../base/ProxyRegistryLib.sol";
import { OAppFactory } from "../base/OAppFactory.sol";
import { AddressLib } from "../../common/AddressLib.sol";
import { IUnderlyingOFTAdapter } from "../../interfaces/IUnderlyingOFTAdapter.sol";
/// @title UnderlyingOFTAdapterFactory
/// @notice Deploys UnderlyingOFTAdapter proxies and exposes deterministic registry lookups.
/// @dev Combines registry-sourced configuration to assemble the initializer payload for each UnderlyingOFTAdapter deployment.
abstract contract UnderlyingOFTAdapterFactory is OAppFactory {
function deployUnderlyingOFTAdapter(
string calldata _clusterName,
string calldata _underlyingSymbol,
uint8 _sharedDecimals,
MessagingFee[] calldata _fees
) external payable returns (address proxy) {
UnderlyingOFTAdapterParams memory params;
(params.vaultComposer, params.vaultComposerEid) = getDeployedOrRevert(
ContractType.VAULT_COMPOSER,
_clusterName,
_underlyingSymbol,
ProxyRegistryLib.PLACEHOLDER_EID // EID does not need to be specified
);
params.clusterName = _clusterName;
params.underlyingSymbol = _underlyingSymbol;
params.underlyingToken = getUnderlyingAsset(_underlyingSymbol);
params.sharedDecimals = _sharedDecimals;
params.bridgeRouter = getBridgeRouter();
params.oAppOwner = getOAppOwner();
params.oAppDelegate = getOAppDelegate();
params.defaultAdmin = getAdmin();
// Prepare init calldata
bytes memory initDataVault = abi.encodeWithSelector(
IUnderlyingOFTAdapter.initialize.selector,
params
);
proxy = _deployContractType(
ContractType.UNDERLYING_OFT_ADAPTER,
_clusterName,
_underlyingSymbol,
initDataVault,
_fees
);
}
}
UnderlyingOFTFactory.sol 65 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { MessagingFee } from "@layerzerolabs/oapp-evm/contracts/oapp/OApp.sol";
import { ProxyRegistryLib } from "../base/ProxyRegistryLib.sol";
import { OAppFactory } from "../base/OAppFactory.sol";
import { ContractType, UnderlyingOFTParams } from "../../common/Types.sol";
import { AddressLib } from "../../common/AddressLib.sol";
import { IUnderlyingOFT } from "../../interfaces/IUnderlyingOFT.sol";
/// @title UnderlyingOFTFactory
/// @notice Deploys UnderlyingOFT proxies and exposes deterministic registry lookups.
/// @dev Combines registry-sourced configuration to assemble the initializer payload for each UnderlyingOFT deployment.
abstract contract UnderlyingOFTFactory is OAppFactory {
function deployUnderlyingOFT(
string calldata _clusterName,
string calldata _underlyingSymbol,
uint8 _sharedDecimals,
MessagingFee[] calldata _fees
) external payable returns (address proxy) {
UnderlyingOFTParams memory params;
(params.vault, ) = _predictAddress(
ContractType.VAULT,
_clusterName,
_underlyingSymbol
);
(params.vaultComposer, ) = _predictAddress(
ContractType.VAULT_COMPOSER,
_clusterName,
_underlyingSymbol
);
(params.accountingReceiver, ) = _predictAddress(
ContractType.ACCOUNTING_RECEIVER,
_clusterName,
_underlyingSymbol
);
params.clusterName = _clusterName;
params.underlyingSymbol = _underlyingSymbol;
params.underlyingToken = getUnderlyingAsset(_underlyingSymbol);
params.sharedDecimals = _sharedDecimals;
params.bridgeRouter = getBridgeRouter();
params.oAppOwner = getOAppOwner();
params.oAppDelegate = getOAppDelegate();
params.defaultAdmin = getAdmin();
// Prepare init calldata
bytes memory initDataVault = abi.encodeWithSelector(
IUnderlyingOFT.initialize.selector,
params
);
proxy = _deployContractType(
ContractType.UNDERLYING_OFT,
_clusterName,
_underlyingSymbol,
initDataVault,
_fees
);
}
}
VaultComposerFactory.sol 60 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { MessagingFee } from "@layerzerolabs/oapp-evm/contracts/oapp/OApp.sol";
import { ProxyRegistryLib } from "../base/ProxyRegistryLib.sol";
import { OAppFactory } from "../base/OAppFactory.sol";
import { ContractType, VaultComposerParams } from "../../common/Types.sol";
import { AddressLib } from "../../common/AddressLib.sol";
import { IVaultComposer } from "../../interfaces/IVaultComposer.sol";
/// @title VaultComposerFactory
/// @notice Deploys VaultComposer proxies and exposes deterministic registry lookups.
/// @dev Combines registry-sourced configuration to assemble the initializer payload for each vault deployment.
abstract contract VaultComposerFactory is OAppFactory {
using AddressLib for bytes32;
function deployVaultComposer(
string calldata _clusterName,
string calldata _underlyingSymbol,
MessagingFee[] calldata _fees
) external payable returns (address proxy) {
VaultComposerParams memory params;
(bytes32 vault, ) = getDeployedOrRevert(
ContractType.VAULT,
_clusterName,
_underlyingSymbol,
ProxyRegistryLib.PLACEHOLDER_EID
);
(bytes32 underlyingOFT, ) = getDeployedOrRevert(
ContractType.UNDERLYING_OFT,
_clusterName,
_underlyingSymbol,
ProxyRegistryLib.PLACEHOLDER_EID
);
params.vault = vault.toAddress();
params.underlyingOFT = underlyingOFT.toAddress();
params.underlyingToken = getUnderlyingAsset(_underlyingSymbol);
params.endpoint = address(endpoint);
params.localEid = endpoint.eid();
params.defaultAdmin = getAdmin();
// Prepare init calldata
bytes memory initDataVault = abi.encodeWithSelector(
IVaultComposer.initialize.selector,
params
);
proxy = _deployContractType(
ContractType.VAULT_COMPOSER,
_clusterName,
_underlyingSymbol,
initDataVault,
_fees
);
}
}
VaultFactory.sol 63 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { MessagingFee } from "@layerzerolabs/oapp-evm/contracts/oapp/OApp.sol";
import { ProxyRegistryLib } from "../base/ProxyRegistryLib.sol";
import { OAppFactory } from "../base/OAppFactory.sol";
import { ContractType, VaultParams } from "../../common/Types.sol";
import { AddressLib } from "../../common/AddressLib.sol";
import { IVault } from "../../interfaces/IVault.sol";
/// @title VaultFactory
/// @notice Deploys vault proxies and exposes deterministic registry lookups.
/// @dev Combines registry-sourced configuration (receipt token address, oracle metadata, bridge router, etc.)
/// to assemble the initializer payload for each vault deployment.
abstract contract VaultFactory is OAppFactory {
using AddressLib for bytes32;
function deployVault(
string calldata _clusterName,
string calldata _underlyingSymbol,
MessagingFee[] calldata _fees
) external payable returns (address proxy) {
VaultParams memory params;
(bytes32 underlyingOFT, ) = getDeployedOrRevert(
ContractType.UNDERLYING_OFT,
_clusterName,
_underlyingSymbol,
ProxyRegistryLib.PLACEHOLDER_EID // EID does not need to be specified
);
(params.vaultComposer, ) = _predictAddress(
ContractType.VAULT_COMPOSER,
_clusterName,
_underlyingSymbol
);
params.underlyingOFT = underlyingOFT.toAddress();
params.name = string.concat(
"Zircuit Finance Vault Token: ",
_underlyingSymbol
);
params.symbol = string.concat("zv", _underlyingSymbol);
params.oAppOwner = getOAppOwner();
params.oAppDelegate = getOAppDelegate();
params.defaultAdmin = getAdmin();
// Prepare init calldata
bytes memory initDataVault = abi.encodeWithSelector(
IVault.initialize.selector,
params
);
proxy = _deployContractType(
ContractType.VAULT,
_clusterName,
_underlyingSymbol,
initDataVault,
_fees
);
}
}
VaultTokenFactory.sol 54 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { MessagingFee } from "@layerzerolabs/oapp-evm/contracts/oapp/OApp.sol";
import { ProxyRegistryLib } from "../base/ProxyRegistryLib.sol";
import { OAppFactory } from "../base/OAppFactory.sol";
import { ContractType, VaultTokenParams } from "../../common/Types.sol";
import { AddressLib } from "../../common/AddressLib.sol";
import { IVaultToken } from "../../interfaces/IVaultToken.sol";
/// @title VaultTokenFactory
/// @notice Deploys VaultToken proxies and exposes deterministic registry lookups.
/// @dev Combines registry-sourced configuration to assemble the initializer payload for each vault deployment.
abstract contract VaultTokenFactory is OAppFactory {
function deployVaultToken(
string calldata _clusterName,
string calldata _underlyingSymbol,
MessagingFee[] calldata _fees
) external payable returns (address proxy) {
VaultTokenParams memory params;
(params.vaultComposer, params.vaultComposerEid) = getDeployedOrRevert(
ContractType.VAULT_COMPOSER,
_clusterName,
_underlyingSymbol,
ProxyRegistryLib.PLACEHOLDER_EID // EID does not need to be specified
);
params.name = string.concat(
"Zircuit Finance Vault Token: ",
_underlyingSymbol
);
params.symbol = string.concat("zv", _underlyingSymbol);
params.oAppOwner = getOAppOwner();
params.oAppDelegate = getOAppDelegate();
params.defaultAdmin = getAdmin();
// Prepare init calldata
bytes memory initDataVault = abi.encodeWithSelector(
IVaultToken.initialize.selector,
params
);
proxy = _deployContractType(
ContractType.VAULT_TOKEN,
_clusterName,
_underlyingSymbol,
initDataVault,
_fees
);
}
}
Factory.sol 82 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { AddressLib } from "../common/AddressLib.sol";
import { ContractType, ProxyInfo } from "../common/Types.sol";
import { Errors } from "../common/Errors.sol";
import { OAppFactory } from "./base/OAppFactory.sol";
import { VaultFactory } from "./factories/VaultFactory.sol";
import { VaultTokenFactory } from "./factories/VaultTokenFactory.sol";
import { VaultComposerFactory } from "./factories/VaultComposerFactory.sol";
import { UnderlyingOFTFactory } from "./factories/UnderlyingOFTFactory.sol";
import { UnderlyingOFTAdapterFactory } from "./factories/UnderlyingOFTAdapterFactory.sol";
import { StrategyManagerFactory } from "./factories/StrategyManagerFactory.sol";
import { AccountingReceiverFactory } from "./factories/AccountingReceiverFactory.sol";
import { ProxyRegistryLib } from "./base/ProxyRegistryLib.sol";
import { BaseFactory } from "./base/BaseFactory.sol";
/// @title Omnichain Factory
/// @notice Aggregates vault, receipt-token, and rate-oracle deployment flows behind a single entry point.
/// @dev Layers the concrete factories on top of {OAppFactory} so LayerZero peer and role plumbing
/// are reused across every deployment.
contract Factory is
VaultFactory,
VaultTokenFactory,
VaultComposerFactory,
UnderlyingOFTFactory,
UnderlyingOFTAdapterFactory,
StrategyManagerFactory,
AccountingReceiverFactory
{
using AddressLib for address;
/// @notice Initializes the factory with LayerZero endpoint metadata, admin role, and optional seed data.
/// @dev
/// - Grants `DEFAULT_ADMIN_ROLE` to `_admin`.
/// - Forwards optional `(_contractTypes, _entries)` to the base to support bootstrapping
/// a freshly deployed factory with already-deployed proxies.
/// @param _lzEndpoint LayerZero endpoint address on the current chain.
/// @param _oAppOwner Address installed as owner for deployed OApp components.
/// @param _oAppDelegate LayerZero delegate allowed to configure factory peers.
/// @param _admin Account granted `DEFAULT_ADMIN_ROLE`, enabling role management across modules.
/// @param _contractTypes Optional contract types for each seed entry (aligned with `_entries`).
/// @param _entries Optional proxy metadata entries used to pre-populate the registry.
constructor(
address _lzEndpoint,
address _oAppOwner,
address _oAppDelegate,
address _admin,
ContractType[] memory _contractTypes,
ProxyInfo[] memory _entries
)
OAppFactory(_lzEndpoint, _oAppOwner, _oAppDelegate)
BaseFactory(_contractTypes, _entries)
{
_grantRole(DEFAULT_ADMIN_ROLE, _admin);
}
// Helper function used by the bridge routers to authorise bridge transfers
function isAuthorizedBridgeAddress(
address _caller,
uint256 _chainId
) external view returns (bool) {
bytes32 callerB32 = _caller.toBytes32();
uint32 eid = getEid(_chainId);
bool status;
(status, ) = getProxyInfo(
ContractType.UNDERLYING_OFT_ADAPTER,
callerB32,
eid
);
if (status) return true;
(status, ) = getProxyInfo(ContractType.UNDERLYING_OFT, callerB32, eid);
if (status) return true;
(status, ) = getProxyInfo(
ContractType.STRATEGY_MANAGER,
callerB32,
eid
);
return status;
}
}
FactoryClient.sol 83 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { Initializable } from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
import { OFTComposeMsgCodec } from "@layerzerolabs/oft-evm/contracts/libs/OFTComposeMsgCodec.sol";
import { Errors } from "../common/Errors.sol";
import { IFactory } from "../interfaces/IFactory.sol";
import { ContractType } from "../common/Types.sol";
contract FactoryClient is Initializable {
struct FactoryClientStorage {
IFactory factory;
string clusterName;
string underlyingSymbol;
uint32 localEid;
}
// keccak256(abi.encode(uint256(keccak256("zircuit.finance.storage.FactoryClient")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant FACTORY_CLIENT_STORAGE_LOCATION =
0x8966bd06582120daaa799b40d38db4a297fbd3a3fa513ac4922e8ed389049e00;
function _getFactoryClientStorage()
internal
pure
returns (FactoryClientStorage storage $)
{
assembly {
$.slot := FACTORY_CLIENT_STORAGE_LOCATION
}
}
function __FactoryClient_init(
address _factory,
string memory _clusterName,
string memory _underlyingSymbol,
uint32 _localEid
) internal onlyInitializing {
FactoryClientStorage storage $ = _getFactoryClientStorage();
$.factory = IFactory(_factory);
$.clusterName = _clusterName;
$.underlyingSymbol = _underlyingSymbol;
$.localEid = _localEid;
}
function __FactoryClient_init(address _factory) internal onlyInitializing {
FactoryClientStorage storage $ = _getFactoryClientStorage();
$.factory = IFactory(_factory);
}
modifier whenFactoryNotPaused() {
FactoryClientStorage storage $ = _getFactoryClientStorage();
if ($.factory.paused()) revert Errors.Paused();
_;
}
modifier onlyStrategyManager() {
FactoryClientStorage storage $ = _getFactoryClientStorage();
(bytes32 proxy, uint32 proxyEid) = $.factory.getDeployedOrRevert(
ContractType.STRATEGY_MANAGER,
$.clusterName,
$.underlyingSymbol,
$.localEid
);
if (
OFTComposeMsgCodec.bytes32ToAddress(proxy) != msg.sender ||
proxyEid != $.localEid
) revert Errors.CallerNotStrategyManager();
_;
}
function _getWithdrawalMinFee(
uint32 _srcEid,
uint32 _dstEid
) internal view returns (uint256) {
return
_getFactoryClientStorage().factory.getWithdrawalMinFee(
_srcEid,
_dstEid
);
}
}
IAccountingReceiver.sol 9 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { AccountingReceiverParams, DeltaMessage } from "../common/Types.sol";
interface IAccountingReceiver {
function updateAccountingLocal(DeltaMessage calldata _message) external;
function initialize(AccountingReceiverParams calldata _params) external;
}
IBridgeRouter.sol 12 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
interface IBridgeRouter {
function bridge(
address token,
uint256 amount,
uint256 destChainId,
bytes32 _destAddress,
bytes calldata extraData
) external;
}
IFactory.sol 34 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { ContractType, ProxyInfo } from "../common/Types.sol";
interface IFactory {
function getChainId(uint32 _eid) external returns (uint256);
function getEid(uint256 _chainId) external returns (uint32);
function getProxyInfo(
ContractType _contractType,
bytes32 _proxyAddress,
uint32 _eid
) external view returns (bool status, ProxyInfo memory proxyInfo);
function getDeployedOrRevert(
ContractType _contractType,
string calldata _clusterName,
string calldata _underlyingSymbol,
uint32 _eid
) external view returns (bytes32 proxyAddress, uint32 eid);
function isAuthorizedBridgeAddress(
address _caller,
uint256 _chainId
) external view returns (bool);
function getWithdrawalMinFee(
uint32 _srcEid,
uint32 _dstEid
) external view returns (uint256 nativeFee);
function paused() external view returns (bool);
}
IStrategy.sol 6 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { IERC4626 } from "@openzeppelin/contracts/interfaces/IERC4626.sol";
interface IStrategy is IERC4626 {}
IStrategyManager.sol 8 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { StrategyManagerParams } from "../common/Types.sol";
interface IStrategyManager {
function initialize(StrategyManagerParams calldata _params) external;
}
IUnderlyingOFT.sol 13 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { IERC20 } from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { UnderlyingOFTParams } from "../common/Types.sol";
interface IUnderlyingOFT {
function mint(uint256 _amount) external;
function burn(uint256 _amount) external;
function deposit(uint256 _amount) external;
function withdraw(uint256 _amount) external;
function initialize(UnderlyingOFTParams calldata _params) external;
}
IUnderlyingOFTAdapter.sol 8 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { UnderlyingOFTAdapterParams } from "../common/Types.sol";
interface IUnderlyingOFTAdapter {
function initialize(UnderlyingOFTAdapterParams calldata _params) external;
}
IVault.sol 8 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { VaultParams } from "../common/Types.sol";
interface IVault {
function initialize(VaultParams calldata _params) external;
}
IVaultComposer.sol 8 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { VaultComposerParams } from "../common/Types.sol";
interface IVaultComposer {
function initialize(VaultComposerParams calldata _params) external;
}
IVaultComposerSync.sol 99 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { IERC4626 } from "@openzeppelin/contracts/interfaces/IERC4626.sol";
import { IOAppComposer } from "@layerzerolabs/oapp-evm/contracts/oapp/interfaces/IOAppComposer.sol";
import {
SendParam,
MessagingFee,
MessagingReceipt,
OFTReceipt
} from "@layerzerolabs/oft-evm/contracts/interfaces/IOFT.sol";
interface IVaultComposerSync is IOAppComposer {
/// ========================== EVENTS =====================================
event Sent(bytes32 indexed guid); // 0x27b5aea9
event Refunded(bytes32 indexed guid); // 0xfe509803
event Deposited(
bytes32 sender,
bytes32 recipient,
uint32 dstEid,
uint256 assetAmt,
uint256 shareAmt
); // 0xa53b96f2
event Redeemed(
bytes32 sender,
bytes32 recipient,
uint32 dstEid,
uint256 shareAmt,
uint256 assetAmt
); // 0x57e232f1
/// ========================== Error Messages =====================================
error ShareOFTNotAdapter(address shareOFT); // 0xfc1514ae
error ShareTokenNotVault(address shareERC20, address vault); // 0x0e178ab6
error AssetTokenNotVaultAsset(address assetERC20, address vaultAsset); // 0xba9d665f
error OnlyEndpoint(address caller); // 0x91ac5e4f
error OnlySelf(address caller); // 0xa19dbf00
error OnlyValidComposeCaller(address caller); // 0x84fb3f0d
error InsufficientMsgValue(
uint256 expectedMsgValue,
uint256 actualMsgValue
); // 0x7cb769dc
error NoMsgValueExpected(); // 0x7578d2bd
error SlippageExceeded(uint256 amountLD, uint256 minAmountLD); // 0x71c4efed
/// ========================== Proxy OFT =====================================
/**
* @notice Deposits ERC20 assets from the caller into the vault and sends them to the recipient
* @param assetAmount The number of ERC20 tokens to deposit and send
* @param sendParam Parameters on how to send the shares to the recipient
* @param refundAddress Address to receive excess `msg.value`
* @return receipt The messaging receipt from LayerZero
* @return oftReceipt The OFT receipt with amount details
*/
function depositAndSend(
uint256 assetAmount,
SendParam memory sendParam,
address refundAddress
)
external
payable
returns (MessagingReceipt memory receipt, OFTReceipt memory oftReceipt);
/**
* @notice Redeems vault shares and sends the resulting assets to the user
* @param shareAmount The number of vault shares to redeem
* @param sendParam Parameter that defines how to send the assets
* @param refundAddress Address to receive excess payment of the LZ fees
*/
function redeemAndSend(
uint256 shareAmount,
SendParam memory sendParam,
address refundAddress
) external payable;
/**
* @notice Quotes the send operation for the given OFT and SendParam
* @param from The "sender address" used for the quote
* @param targetOft The OFT contract address to quote
* @param vaultInAmount The amount of tokens to send to the vault
* @param sendParam The parameters for the send operation
* @return MessagingFee The estimated fee for the send operation
* @dev This function can be overridden to implement custom quoting logic
*/
function quoteSend(
address from,
address targetOft,
uint256 vaultInAmount,
SendParam memory sendParam
) external view returns (MessagingFee memory);
/// ========================== Receive =====================================
receive() external payable;
}
IVaultToken.sol 8 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { VaultTokenParams } from "../common/Types.sol";
interface IVaultToken {
function initialize(VaultTokenParams calldata _params) external;
}
VaultComposer.sol 374 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import {
SendParam,
MessagingFee,
MessagingReceipt,
OFTReceipt
} from "@layerzerolabs/oft-evm/contracts/interfaces/IOFT.sol";
import { OFTComposeMsgCodec } from "@layerzerolabs/oft-evm/contracts/libs/OFTComposeMsgCodec.sol";
import {
SafeERC20,
IERC20
} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import { Initializable } from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
import { UUPSUpgradeable } from "@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol";
import { IERC20Permit } from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Permit.sol";
import { AccessControlUpgradeable } from "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";
import {
VaultComposerParams,
ComposerWithdrawalQueueEntry
} from "../../common/Types.sol";
import { Roles } from "../../common/Roles.sol";
import { Errors } from "../../common/Errors.sol";
import { FactoryClient } from "../../factory/FactoryClient.sol";
import { IVaultComposer } from "../../interfaces/IVaultComposer.sol";
import { IUnderlyingOFT } from "../../interfaces/IUnderlyingOFT.sol";
import { VaultComposerSync } from "./VaultComposerSync.sol";
/**
* @title VaultComposer
* @notice Coordinates cross-chain vault share redemptions and withdrawals.
* @dev Extends {VaultComposerSync} to reuse the deposit/redeem send logic and
* adds queueing, cancellation and fulfillment mechanics.
* @dev Initialize through the factory using {VaultComposerParams}.
*/
contract VaultComposer is
IVaultComposer,
Initializable,
UUPSUpgradeable,
AccessControlUpgradeable,
FactoryClient,
Roles,
VaultComposerSync
{
using SafeERC20 for IERC20;
/// @notice Emitted when a referral code is attached to a cross-chain send request.
/// @param user Vault composer that submitted the send operation.
/// @param referralCode Bytes32-encoded referral identifier supplied in the request.
/// @param amount Amount of underlying (in local decimals) forwarded with the referral.
event ReferralInfo(
address indexed user,
bytes32 indexed referralCode,
uint256 amount
);
/**
* @notice Emitted whenever a new withdrawal request is created.
* @param index Identifier of the withdrawal entry.
* @param initiator Address that submitted the request.
* @param timestamp Block timestamp when the request was enqueued.
*/
event WithdrawalRequest(
uint256 indexed index,
address indexed initiator,
uint256 timestamp
);
/**
* @notice Emitted after a queued withdrawal has been processed successfully.
* @param index Identifier of the withdrawal entry.
* @param initiator Address that submitted the request.
* @param timestamp Block timestamp when the request was fulfilled.
*/
event WithdrawalProcessed(
uint256 indexed index,
address indexed initiator,
uint256 timestamp
);
/**
* @notice Emitted when a pending withdrawal is canceled and funds are returned.
* @param index Identifier of the withdrawal entry.
* @param initiator Address that submitted the request.
* @param timestamp Block timestamp when the cancellation was executed.
*/
event WithdrawalCanceled(
uint256 indexed index,
address indexed initiator,
uint256 timestamp
);
/**
* @dev Storage bucket keeping the withdrawal queue for upgradeable deployments.
* @param withdrawalQueue list of withdrawal request submitted by users.
*/
struct VaultComposerStorage {
ComposerWithdrawalQueueEntry[] withdrawalQueue;
}
// keccak256(abi.encode(uint256(keccak256("zircuit.finance.storage.VaultComposer")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant VAULT_COMPOSER_STORAGE_LOCATION =
0x7c094683e496c2018822e92f3a22381ba734092f848f08d2e13588f89ec7d300;
function _getVaultComposerStorage()
internal
pure
returns (VaultComposerStorage storage $)
{
assembly {
$.slot := VAULT_COMPOSER_STORAGE_LOCATION
}
}
constructor() {
_disableInitializers();
}
function initialize(
VaultComposerParams calldata _params
) external initializer {
__AccessControl_init();
__VaultComposerSync_init(
_params.vault,
_params.underlyingOFT,
_params.underlyingToken,
_params.endpoint,
_params.localEid
);
__FactoryClient_init(msg.sender);
_grantRole(DEFAULT_ADMIN_ROLE, _params.defaultAdmin);
}
/// @notice Authorizes UUPS implementation upgrades.
/// @dev Restricted to addresses with `UPGRADE_MANAGER`.
/// @param newImplementation Address of the new implementation contract.
function _authorizeUpgrade(
address newImplementation
) internal override onlyRole(UPGRADE_MANAGER) {}
function depositAndSendWithPermit(
uint256 _underlyingAmount,
SendParam memory _sendParam,
address _refundAddress,
uint256 _deadline,
uint8 _v,
bytes32 _r,
bytes32 _s
)
external
payable
returns (MessagingReceipt memory receipt, OFTReceipt memory oftReceipt)
{
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
try
IERC20Permit($.underlyingToken).permit(
msg.sender,
address(this),
_underlyingAmount,
_deadline,
_v,
_r,
_s
)
{} catch {}
return depositAndSend(_underlyingAmount, _sendParam, _refundAddress);
}
/**
* @notice Deposits ERC20 underlying from the caller into the vault and sends them to the recipient
* @param _underlyingAmount The number of ERC20 tokens to deposit and send
* @param _sendParam Parameters on how to send the shares to the recipient
* @param _refundAddress Address to receive excess `msg.value`
*/
function depositAndSend(
uint256 _underlyingAmount,
SendParam memory _sendParam,
address _refundAddress
)
public
payable
virtual
override
nonReentrant
whenFactoryNotPaused
returns (
MessagingReceipt memory msgReceipt,
OFTReceipt memory oftReceipt
)
{
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
IERC20($.underlyingToken).safeTransferFrom(
msg.sender,
address(this),
_underlyingAmount
);
IUnderlyingOFT($.underlyingOft).deposit(_underlyingAmount);
(msgReceipt, oftReceipt) = _depositAndSend(
OFTComposeMsgCodec.addressToBytes32(msg.sender),
_underlyingAmount,
_sendParam,
_refundAddress
);
if (_sendParam.oftCmd.length == 32) {
emit ReferralInfo(
msg.sender,
abi.decode(_sendParam.oftCmd, (bytes32)),
oftReceipt.amountSentLD
);
}
}
/**
* @notice create a redeem request for vault shares to send the resulting underlying to the user later on
* @param _shareAmount The number of vault shares to redeem
* @param _sendParam Parameter that defines how to send the underlying
* @param _refundAddress Address to receive excess payment of the LZ fees
*/
function redeemAndSend(
uint256 _shareAmount,
SendParam memory _sendParam,
address _refundAddress
) external payable override nonReentrant whenFactoryNotPaused {
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
VaultComposerStorage storage $$ = _getVaultComposerStorage();
MessagingFee memory fee;
if (_sendParam.dstEid != $.localEid) {
fee = quoteSend(
msg.sender,
$.underlyingOft,
_shareAmount,
_sendParam
);
if (msg.value < fee.nativeFee)
revert Errors.NotEnoughValueToPayFees();
} else {
if (fee.nativeFee != 0) revert Errors.FeeNonZero();
}
ComposerWithdrawalQueueEntry memory entry;
entry.initiator = msg.sender;
entry.shareAmount = _shareAmount;
entry.sendParam = _sendParam;
entry.fee = fee.nativeFee;
entry.txFee = msg.value - fee.nativeFee;
entry.refundAddress = _refundAddress;
IERC20(address($.vault)).safeTransferFrom(
msg.sender,
address(this),
_shareAmount
);
uint256 id = $$.withdrawalQueue.length;
$$.withdrawalQueue.push(entry);
emit WithdrawalRequest(id, msg.sender, block.timestamp);
}
/**
* @notice Cancels a pending withdrawal and refunds the requester’s shares plus prepaid fees.
* @dev Reverts if the caller is not the original initiator, or if the entry is already completed/canceled.
* @param _id Index of the withdrawal entry inside the queue.
*/
function cancelWithdrawal(
uint256 _id
) external nonReentrant whenFactoryNotPaused {
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
ComposerWithdrawalQueueEntry storage entry = _getVaultComposerStorage()
.withdrawalQueue[_id];
address initiator = entry.initiator;
if (msg.sender != initiator) revert Errors.NotInitiatorRequest();
if (entry.canceled) revert Errors.AlreadyCanceled();
if (entry.fulfilled) revert Errors.AlreadyFulfilled();
entry.canceled = true;
IERC20(address($.vault)).safeTransfer(initiator, entry.shareAmount);
(bool success, ) = payable(initiator).call{
value: entry.fee + entry.txFee
}("");
if (!success) revert Errors.RefundFailed();
emit WithdrawalCanceled(_id, initiator, block.timestamp);
}
/**
* @notice Processes multiple queued withdrawals in a single transaction.
* @dev Callable only by accounts with `WITHDRAWAL_MANAGER` role. More gas-efficient than calling
* `processWithdrawal` multiple times. The sum of all `_extraFees` must equal `msg.value`.
* Emits {WithdrawalProcessed} for each successfully processed withdrawal.
* @param _ids Array of withdrawal entry indices to fulfill.
* @param _extraFees Array of additional native fees for each withdrawal (must match _ids length).
*/
function processWithdrawals(
uint256[] calldata _ids,
uint256[] calldata _extraFees
)
external
payable
nonReentrant
onlyRole(WITHDRAWAL_MANAGER)
whenFactoryNotPaused
{
uint256 length = _ids.length;
if (length == 0) revert Errors.EmptyArray();
if (length != _extraFees.length) revert Errors.LengthMismatch();
uint256 totalExtraFees;
uint256 totalTxFees;
for (uint256 i = 0; i < length; i++) {
totalExtraFees += _extraFees[i];
}
if (msg.value != totalExtraFees)
revert Errors.ExtraFeesNotMatchingMsgValue();
VaultComposerStorage storage $$ = _getVaultComposerStorage();
for (uint256 i = 0; i < length; i++) {
uint256 id = _ids[i];
uint256 extraFee = _extraFees[i];
ComposerWithdrawalQueueEntry storage entry = $$.withdrawalQueue[id];
if (entry.canceled) revert Errors.AlreadyCanceled();
if (entry.fulfilled) revert Errors.AlreadyFulfilled();
address initiator = entry.initiator;
entry.fulfilled = true;
// Accumulate txFees to refund later
totalTxFees += entry.txFee;
_redeemAndSend(
OFTComposeMsgCodec.addressToBytes32(initiator),
entry.shareAmount,
entry.sendParam,
entry.refundAddress,
entry.fee + extraFee
);
emit WithdrawalProcessed(id, initiator, block.timestamp);
}
if (totalTxFees > 0) {
// The keeper should always be able to receive the funds;
// if not, the transaction should not fail because of it.
(bool success, ) = payable(msg.sender).call{ value: totalTxFees }(
""
);
success;
}
}
function getWithdrawalQueueLength() external view returns (uint256) {
return _getVaultComposerStorage().withdrawalQueue.length;
}
function getWithdrawalQueueEntry(
uint256 _index
) external view returns (ComposerWithdrawalQueueEntry memory) {
return _getVaultComposerStorage().withdrawalQueue[_index];
}
}
VaultComposerSync.sol 467 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import {
SafeERC20,
IERC20
} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {
ERC4626,
IERC4626
} from "@openzeppelin/contracts/token/ERC20/extensions/ERC4626.sol";
import {
IOFT,
SendParam,
MessagingFee,
MessagingReceipt,
OFTReceipt
} from "@layerzerolabs/oft-evm/contracts/interfaces/IOFT.sol";
import { ReentrancyGuard } from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
import { IOAppCore } from "@layerzerolabs/oapp-evm/contracts/oapp/interfaces/IOAppCore.sol";
import { ILayerZeroEndpointV2 } from "@layerzerolabs/lz-evm-protocol-v2/contracts/interfaces/ILayerZeroEndpointV2.sol";
import { OFTComposeMsgCodec } from "@layerzerolabs/oft-evm/contracts/libs/OFTComposeMsgCodec.sol";
import { Initializable } from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
import { IUnderlyingOFT } from "../../interfaces/IUnderlyingOFT.sol";
import { IVaultComposerSync } from "../../interfaces/IVaultComposerSync.sol";
abstract contract VaultComposerSync is
Initializable,
IVaultComposerSync,
ReentrancyGuard
{
using OFTComposeMsgCodec for bytes;
using OFTComposeMsgCodec for bytes32;
using SafeERC20 for IERC20;
/**
* @notice Storage layout for upgradeable contract.
* @param vault Target ERC4626 vault used for share minting and burning.
* @param underlyingOft OFT contract that represents the underlying asset.
* @param underlyingToken ERC20 used by UnderlyingOFT.
* @param endpoint LayerZero endpoint trusted for compose calls.
* @param localEid LayerZero endpoint id for the local chain.
*/
struct VaultComposerSyncStorage {
IERC4626 vault;
address underlyingOft;
address underlyingToken;
address endpoint;
uint32 localEid;
}
// keccak256(abi.encode(uint256(keccak256("zircuit.finance.storage.VaultComposerSync")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant VAULT_COMPOSER_SYNC_STORAGE_LOCATION =
0x0547bf30cac86716723f9098631557b8ec4ea137f23c7b6b7b154c7fd6947600;
function _getVaultComposerSyncStorage()
internal
pure
returns (VaultComposerSyncStorage storage $)
{
assembly {
$.slot := VAULT_COMPOSER_SYNC_STORAGE_LOCATION
}
}
/**
* @notice Sets the vault, OFT, token, endpoint, and eid values.
* @param _vault ERC4626 vault address.
* @param _underlyingOFT UnderlyingOFT contract for the underlying asset.
* @param _underlyingToken ERC20 used by UnderlyingOFT.
* @param _endpoint LayerZero endpoint address.
* @param _localEid Local LayerZero endpoint id.
*/
function __VaultComposerSync_init(
address _vault,
address _underlyingOFT,
address _underlyingToken,
address _endpoint,
uint32 _localEid
) public onlyInitializing {
__VaultComposerSync_init_unchained(
_vault,
_underlyingOFT,
_underlyingToken,
_endpoint,
_localEid
);
}
/**
* @notice Stores the config values and sets approvals for vault and OFT transfers.
* @param _vault ERC4626 vault address.
* @param _underlyingOft UnderlyingOFT contract for the underlying asset.
* @param _underlyingToken ERC20 used by UnderlyingOFT.
* @param _endpoint LayerZero endpoint address.
* @param _localEid Local LayerZero endpoint id.
*/
function __VaultComposerSync_init_unchained(
address _vault,
address _underlyingOft,
address _underlyingToken,
address _endpoint,
uint32 _localEid
) public onlyInitializing {
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
$.vault = IERC4626(_vault);
$.underlyingOft = _underlyingOft;
$.underlyingToken = _underlyingToken;
$.endpoint = _endpoint;
$.localEid = _localEid;
IERC20($.underlyingOft).forceApprove(_vault, type(uint256).max);
IERC20($.underlyingToken).forceApprove(
_underlyingOft,
type(uint256).max
);
}
/**
* @notice Handles LayerZero compose operations for vault transactions with automatic refund functionality
* @dev This composer is designed to handle refunds to an EOA address and not a contract
* @dev Any revert in handleCompose() causes a refund back to the src EXCEPT for InsufficientMsgValue
* @param _composeSender The OFT contract address used for refunds, must be either $.underlyingOft or $.shareOft
* @param _guid LayerZero's unique tx id (created on the source tx)
* @param _message Decomposable bytes object into [composeHeader][composeMessage]
*/
function lzCompose(
address _composeSender, // The OFT used on refund, also the vaultIn token.
bytes32 _guid,
bytes calldata _message, // expected to contain a composeMessage = abi.encode(SendParam hopSendParam,uint256 minMsgValue)
address /*_executor*/,
bytes calldata /*_extraData*/
) external payable virtual override {
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
if (msg.sender != $.endpoint) revert OnlyEndpoint(msg.sender);
if (
_composeSender != $.underlyingOft &&
_composeSender != address($.vault)
) revert OnlyValidComposeCaller(_composeSender);
bytes32 composeFrom = _message.composeFrom();
uint256 amount = _message.amountLD();
bytes memory composeMsg = _message.composeMsg();
/// @dev try...catch to handle the compose operation. if it fails we refund the user
try
this.handleCompose{ value: msg.value }(
_composeSender,
composeFrom,
composeMsg,
amount
)
{
emit Sent(_guid);
} catch (bytes memory _err) {
/// @dev A revert where the msg.value passed is lower than the min expected msg.value is handled separately
/// This is because it is possible to re-trigger from the endpoint the compose operation with the right msg.value
if (bytes4(_err) == InsufficientMsgValue.selector) {
assembly {
revert(add(32, _err), mload(_err))
}
}
_refund(_composeSender, _message, amount, tx.origin);
emit Refunded(_guid);
}
}
/**
* @notice Handles the compose operation for OFT (Omnichain Fungible Token) transactions
* @dev This function can only be called by the contract itself (self-call restriction)
* Decodes the compose message to extract SendParam and minimum message value
* Routes to either deposit or redeem flow based on the input OFT token type
* @param _oftIn The OFT token whose funds have been received in the lzReceive associated with this lzTx
* @param _composeFrom The bytes32 identifier of the compose sender
* @param _composeMsg The encoded message containing SendParam and minMsgValue
* @param _amount The amount of tokens received in the lzReceive associated with this lzTx
*/
function handleCompose(
address _oftIn,
bytes32 _composeFrom,
bytes memory _composeMsg,
uint256 _amount
) external payable {
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
/// @dev Can only be called by self
if (msg.sender != address(this)) revert OnlySelf(msg.sender);
/// @dev SendParam defines how the composer will handle the user's funds
/// @dev The minMsgValue is the minimum amount of msg.value that must be sent, failing to do so will revert and the transaction will be retained in the endpoint for future retries
(SendParam memory sendParam, uint256 minMsgValue) = abi.decode(
_composeMsg,
(SendParam, uint256)
);
if (msg.value < minMsgValue)
revert InsufficientMsgValue(minMsgValue, msg.value);
if (_oftIn == $.underlyingOft) {
_depositAndSend(_composeFrom, _amount, sendParam, tx.origin);
} else {
_redeemAndSend(
_composeFrom,
_amount,
sendParam,
tx.origin,
msg.value
);
}
}
/**
* @dev Internal function that deposits underlying and sends shares to another chain
* @param _depositor The depositor (bytes32 format to account for non-evm addresses)
* @param _underlyingAmount The number of underlying to deposit
* @param _sendParam Parameter that defines how to send the shares
* @param _refundAddress Address to receive excess payment of the LZ fees
* @return receipt The messaging receipt from LayerZero
* @return oftReceipt The OFT receipt with amount details
* @notice This function first deposits the underlyingOFT to mint shares, validates the shares meet minimum slippage requirements,
* then sends the minted shares cross-chain using the OFT (Omnichain Fungible Token) protocol
* @notice The _sendParam.amountLD is updated to the actual share amount minted, and minAmountLD is reset to 0 for the send operation
*/
function _depositAndSend(
bytes32 _depositor,
uint256 _underlyingAmount,
SendParam memory _sendParam,
address _refundAddress
)
internal
virtual
returns (MessagingReceipt memory receipt, OFTReceipt memory oftReceipt)
{
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
uint256 shareAmount = _deposit(_depositor, _underlyingAmount);
_assertSlippage(shareAmount, _sendParam.minAmountLD);
_sendParam.amountLD = shareAmount;
_sendParam.minAmountLD = 0;
(receipt, oftReceipt) = _send(
address($.vault),
_sendParam,
_refundAddress,
msg.value
);
emit Deposited(
_depositor,
_sendParam.to,
_sendParam.dstEid,
_underlyingAmount,
shareAmount
);
}
/**
* @notice Internal function to deposit underlyingOFT into the vault.
* @param _underlyingAmount Amount of underlyingOFT deposited.
* @return shareAmount Amount of shares minted.
*/
function _deposit(
bytes32 /*_depositor*/,
uint256 _underlyingAmount
) internal virtual returns (uint256 shareAmount) {
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
shareAmount = $.vault.deposit(_underlyingAmount, address(this));
}
/**
* @dev Internal function that redeems shares for underlying and sends them cross-chain
* @param _redeemer The address of the redeemer in bytes32 format
* @param _shareAmount The number of shares to redeem
* @param _sendParam Parameter that defines how to send the underlying
* @param _refundAddress Address to receive excess payment of the LZ fees
* @param _nativeFee Required native fee for processing
* @notice This function first redeems the specified share amount for the underlyingOFT,
* validates the received amount against slippage protection, then initiates a cross-chain
* transfer of the redeemed underlyingOFT using the OFT (Omnichain Fungible Token) protocol
* @notice The minAmountLD in _sendParam is reset to 0 after slippage validation since the
* actual amount has already been verified
*/
function _redeemAndSend(
bytes32 _redeemer,
uint256 _shareAmount,
SendParam memory _sendParam,
address _refundAddress,
uint256 _nativeFee
) internal virtual {
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
uint256 underlyingAmount = _redeem(_redeemer, _shareAmount);
_assertSlippage(underlyingAmount, _sendParam.minAmountLD);
_sendParam.amountLD = underlyingAmount;
_sendParam.minAmountLD = 0;
_send($.underlyingOft, _sendParam, _refundAddress, _nativeFee);
emit Redeemed(
_redeemer,
_sendParam.to,
_sendParam.dstEid,
_shareAmount,
underlyingAmount
);
}
/**
* @dev Internal function to redeem shares from the vault
* @param _shareAmount The number of shares to redeem from the vault
* @return underlyingAmount The amount of underlyingOFT received from the vault redemption
* @notice This function is expected to be overridden by the inheriting contract to implement custom/nonERC4626 redemption logic
*/
function _redeem(
bytes32 /*_redeemer*/,
uint256 _shareAmount
) internal virtual returns (uint256 underlyingAmount) {
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
underlyingAmount = $.vault.redeem(
_shareAmount,
address(this),
address(this)
);
}
/**
* @param _amountLD The amount of tokens to send
* @param _minAmountLD The minimum amount of tokens that must be sent to avoid slippage
* @notice This function checks if the amount sent is less than the minimum amount
* If it is, it reverts with SlippageExceeded error
* @notice This function can be overridden to implement custom slippage logic
*/
function _assertSlippage(
uint256 _amountLD,
uint256 _minAmountLD
) internal view virtual {
if (_amountLD < _minAmountLD)
revert SlippageExceeded(_amountLD, _minAmountLD);
}
/**
* @notice Quotes the send operation for the given OFT and SendParam
* @dev Revert on slippage will be thrown by the OFT and not _assertSlippage
* @param _from The "sender address" used for the quote
* @param _targetOFT The OFT contract address to quote
* @param _vaultInAmount The amount of tokens to send to the vault
* @param _sendParam The parameters for the send operation
* @return MessagingFee The estimated fee for the send operation
* @dev This function can be overridden to implement custom quoting logic
*/
function quoteSend(
address _from,
address _targetOFT,
uint256 _vaultInAmount,
SendParam memory _sendParam
) public view virtual returns (MessagingFee memory) {
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
/// @dev When quoting the underlying OFT, the function input is shares and the SendParam.amountLD
/// into quoteSend() should be underlying (and vice versa)
if (_targetOFT == $.underlyingOft) {
uint256 maxRedeem = $.vault.maxRedeem(_from);
if (_vaultInAmount > maxRedeem) {
revert ERC4626.ERC4626ExceededMaxRedeem(
_from,
_vaultInAmount,
maxRedeem
);
}
_sendParam.amountLD = $.vault.previewRedeem(_vaultInAmount);
} else {
uint256 maxDeposit = $.vault.maxDeposit(_from);
if (_vaultInAmount > maxDeposit) {
revert ERC4626.ERC4626ExceededMaxDeposit(
_from,
_vaultInAmount,
maxDeposit
);
}
_sendParam.amountLD = $.vault.previewDeposit(_vaultInAmount);
}
return IOFT(_targetOFT).quoteSend(_sendParam, false);
}
/**
* @dev Internal function that handles token transfer to the recipient
* @dev If the destination eid is the same as the current eid, it transfers the tokens directly to the recipient
* @dev If the destination eid is different, it sends a LayerZero cross-chain transaction
* @param _oft The OFT contract address to use for sending
* @param _sendParam The parameters for the send operation
* @param _refundAddress Address to receive excess payment of the LZ fees
* @param _nativeFee Required native fee for processing
* @return receipt The messaging receipt from LayerZero (empty for local transfers)
* @return oftReceipt The OFT receipt with amount details
*/
function _send(
address _oft,
SendParam memory _sendParam,
address _refundAddress,
uint256 _nativeFee
)
internal
returns (MessagingReceipt memory receipt, OFTReceipt memory oftReceipt)
{
VaultComposerSyncStorage storage $ = _getVaultComposerSyncStorage();
if (_sendParam.dstEid == $.localEid) {
/// @dev Can do this because _oft is validated before this function is called
if (_nativeFee > 0) revert NoMsgValueExpected();
if ($.underlyingOft == _oft) {
IUnderlyingOFT($.underlyingOft).withdraw(_sendParam.amountLD);
IERC20($.underlyingToken).safeTransfer(
_sendParam.to.bytes32ToAddress(),
_sendParam.amountLD
);
} else {
IERC20(_oft).safeTransfer(
_sendParam.to.bytes32ToAddress(),
_sendParam.amountLD
);
}
oftReceipt = OFTReceipt({
amountSentLD: _sendParam.amountLD,
amountReceivedLD: _sendParam.amountLD
});
} else {
// crosschain send
return
IOFT(_oft).send{ value: _nativeFee }(
_sendParam,
MessagingFee(_nativeFee, 0),
_refundAddress
);
}
}
/**
* @dev Internal function to refund input tokens to sender on source during a failed transaction
* @param _oft The OFT contract address used for refunding
* @param _message The original message that was sent
* @param _amount The amount of tokens to refund
* @param _refundAddress Address to receive the refund
*/
function _refund(
address _oft,
bytes calldata _message,
uint256 _amount,
address _refundAddress
) internal virtual {
/// @dev Extracted from the _message header. Will always be part of the _message since it is created by lzReceive
SendParam memory refundSendParam;
refundSendParam.dstEid = OFTComposeMsgCodec.srcEid(_message);
refundSendParam.to = OFTComposeMsgCodec.composeFrom(_message);
refundSendParam.amountLD = _amount;
IOFT(_oft).send{ value: msg.value }(
refundSendParam,
MessagingFee(msg.value, 0),
_refundAddress
);
}
receive() external payable {}
}
AccountingReceiver.sol 182 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { Initializable } from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
import { UUPSUpgradeable } from "@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol";
import { AccessControlUpgradeable } from "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";
import { IERC20Metadata } from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import {
Origin,
OAppUpgradeable
} from "@layerzerolabs/oapp-evm-upgradeable/contracts/oapp/OAppUpgradeable.sol";
import { OFTComposeMsgCodec } from "@layerzerolabs/oft-evm/contracts/libs/OFTComposeMsgCodec.sol";
import { OAppOptionsType3Upgradeable } from "@layerzerolabs/oapp-evm-upgradeable/contracts/oapp/libs/OAppOptionsType3Upgradeable.sol";
import { Roles } from "../../common/Roles.sol";
import { Errors } from "../../common/Errors.sol";
import { FactoryClient } from "../../factory/FactoryClient.sol";
import {
AccountingReceiverParams,
DeltaMessage,
ContractType
} from "../../common/Types.sol";
import { IUnderlyingOFT } from "../../interfaces/IUnderlyingOFT.sol";
import { IFactory } from "../../interfaces/IFactory.sol";
/**
* @title AccountingReceiver
* @notice OApp endpoint that accepts strategy delta reports and mirrors supply on the underlying OFT.
* @dev Initialize through the factory using {AccountingReceiverParams} to align ownership and LayerZero metadata.
*/
contract AccountingReceiver is
Initializable,
UUPSUpgradeable,
AccessControlUpgradeable,
OAppUpgradeable,
OAppOptionsType3Upgradeable,
FactoryClient,
Roles
{
using OFTComposeMsgCodec for bytes32;
event DeltaReceived(
bytes32 indexed guid,
uint256 delta,
bool isMint,
uint256 amountLD
);
/**
* @notice Storage layout for upgradeable deployments.
* @param underlyingOFT Underlying OFT contract used as lockbox for the underlying assets.
* @param decimalConversionRate Conversion factor between shared decimals and local decimals.
* @param processedGuid Replay protection map for processed LayerZero messages.
*/
struct AccountingReceiverStorage {
address underlyingOFT;
uint256 decimalConversionRate;
mapping(bytes32 => bool) processedGuid;
}
// keccak256(abi.encode(uint256(keccak256("zircuit.storage.AccountingReceiver")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant ACCOUNTING_RECEIVER_STORAGE_LOCATION =
0x0a59346b4263bf167da6b54c661b0c1738408553996dca1ef40c4dab71da0a00;
function _getAccountingReceiverStorage()
internal
pure
returns (AccountingReceiverStorage storage $)
{
assembly {
$.slot := ACCOUNTING_RECEIVER_STORAGE_LOCATION
}
}
/// @notice Initializes the implementation with the given LayerZero endpoint.
/// @dev `_lzEndpoint` is set as immutable in OAppCore; proxies call {initialize} for state setup.
/// @param _lzEndpoint The address of the LayerZero endpoint contract.
constructor(address _lzEndpoint) OAppUpgradeable(_lzEndpoint) {
_disableInitializers();
}
/**
* @notice Initializes a proxied instance.
* @param _params Deployment settings. See {AccountingReceiverParams} for field descriptions.
*/
function initialize(
AccountingReceiverParams calldata _params
) external initializer {
if (_params.sharedDecimals > 6) revert Errors.InvalidSharedDecimals();
__AccessControl_init();
__OApp_init(_params.oAppDelegate);
__Ownable_init(_params.oAppOwner);
__OAppOptionsType3_init();
__FactoryClient_init(
msg.sender,
_params.clusterName,
_params.underlyingSymbol,
endpoint.eid()
);
_grantRole(DEFAULT_ADMIN_ROLE, _params.defaultAdmin);
uint8 localDecimals = IERC20Metadata(_params.underlyingToken)
.decimals();
if (localDecimals < _params.sharedDecimals)
revert Errors.InvalidLocalDecimals();
AccountingReceiverStorage storage $ = _getAccountingReceiverStorage();
$.underlyingOFT = _params.underlyingOFT;
$.decimalConversionRate =
10 ** (localDecimals - _params.sharedDecimals);
}
/// @notice Authorizes UUPS implementation upgrades.
/// @dev Restricted to addresses with `UPGRADE_MANAGER`.
/// @param newImplementation Address of the new implementation contract.
function _authorizeUpgrade(
address newImplementation
) internal override onlyRole(UPGRADE_MANAGER) {}
/**
* @notice Updates accounting locally when StrategyManager operates on the same chain.
* @param _message Report payload describing the delta.
*/
function updateAccountingLocal(
DeltaMessage memory _message
) external onlyStrategyManager {
_executeMintBurn(0, _message);
}
/**
* @notice Handles cross-chain accounting reports and enforces GUID replay protection.
* @param _guid LayerZero GUID supplied with the message.
* @param _message ABI-encoded {DeltaMessage}.
*/
function _lzReceive(
Origin calldata /*_origin*/,
bytes32 _guid,
bytes calldata _message,
address /*_executor*/,
bytes calldata /*_extraData*/
) internal override {
AccountingReceiverStorage storage $ = _getAccountingReceiverStorage();
// Check GUID replay protection for cross-chain messages
if ($.processedGuid[_guid]) revert Errors.GuidAlreadyProcessed(_guid);
$.processedGuid[_guid] = true;
DeltaMessage memory message = abi.decode(_message, (DeltaMessage));
_executeMintBurn(_guid, message);
}
/**
* @notice Applies mint or burn operations on the underlying OFT.
* @param _guid LayerZero message id.
* @param _message Report payload describing the delta.
*/
function _executeMintBurn(
bytes32 _guid,
DeltaMessage memory _message
) internal whenFactoryNotPaused {
AccountingReceiverStorage storage $ = _getAccountingReceiverStorage();
uint256 amountLD = _toLD(_message.delta);
if (_message.mint) {
IUnderlyingOFT($.underlyingOFT).mint(amountLD);
} else {
IUnderlyingOFT($.underlyingOFT).burn(amountLD);
}
emit DeltaReceived(_guid, _message.delta, _message.mint, amountLD);
}
/**
* @notice Converts shared-decimal amounts to local decimals.
* @param _amountSD Amount expressed in shared decimals.
* @return Amount expressed in local decimals.
*/
function _toLD(uint64 _amountSD) internal view returns (uint256) {
AccountingReceiverStorage storage $ = _getAccountingReceiverStorage();
return _amountSD * $.decimalConversionRate;
}
}
StrategyManager.sol 448 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { IERC20 } from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import { SafeCast } from "@openzeppelin/contracts/utils/math/SafeCast.sol";
import { IERC20Metadata } from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { SafeERC20 } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import { IERC4626 } from "@openzeppelin/contracts/interfaces/IERC4626.sol";
import { EnumerableSet } from "@openzeppelin/contracts/utils/structs/EnumerableSet.sol";
import { Initializable } from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
import { UUPSUpgradeable } from "@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol";
import { AccessControlUpgradeable } from "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";
import {
Origin,
OAppUpgradeable,
MessagingFee,
MessagingReceipt
} from "@layerzerolabs/oapp-evm-upgradeable/contracts/oapp/OAppUpgradeable.sol";
import { OFTComposeMsgCodec } from "@layerzerolabs/oft-evm/contracts/libs/OFTComposeMsgCodec.sol";
import { OAppOptionsType3Upgradeable } from "@layerzerolabs/oapp-evm-upgradeable/contracts/oapp/libs/OAppOptionsType3Upgradeable.sol";
import { Errors } from "../../common/Errors.sol";
import { Roles } from "../../common/Roles.sol";
import { DeltaMessage, StrategyManagerParams } from "../../common/Types.sol";
import { BridgeGateway } from "../underlying-adapter/BridgeGateway.sol";
import { IAccountingReceiver } from "../../interfaces/IAccountingReceiver.sol";
/**
* @title StrategyManager
* @notice Receives the underlying asset, allocates funds to allowed strategies, and reports performance deltas to AccountingReceiver.
* @dev Initialize through the factory using {StrategyManagerParams}.
*/
contract StrategyManager is
Initializable,
UUPSUpgradeable,
BridgeGateway,
OAppUpgradeable,
OAppOptionsType3Upgradeable
{
using SafeERC20 for IERC20;
using OFTComposeMsgCodec for bytes32;
using EnumerableSet for EnumerableSet.AddressSet;
uint16 constant REPORT_DELTA = 0;
/**
* @notice Storage layout for upgradeable deployments.
* @param allowedStrategies Set of ERC4626 compatible strategies permitted to receive allocations.
* @param sharedDecimals Shared decimals used in OFT decimal conversion logic (<=6).
* @param localEid LayerZero endpoint id for this chain.
* @param accountingReceiver Bytes32-encoded accounting receiver contract address used for reporting.
* @param accountingReceiverEid LayerZero endpoint id for the accounting receiver chain.
* @param decimalConversionRate Conversion factor between local decimals and shared decimals.
* @param underlyingToken Address of the underlying ERC20 asset.
* @param underlyingByStrategy Tracking map of underlying held per strategy.
*/
struct StrategyManagerStorage {
EnumerableSet.AddressSet allowedStrategies;
uint8 sharedDecimals;
uint32 localEid;
bytes32 accountingReceiver;
uint32 accountingReceiverEid;
uint256 decimalConversionRate;
address underlyingToken;
mapping(address => int256) underlyingByStrategy;
}
// keccak256(abi.encode(uint256(keccak256("zircuit.storage.StrategyManager")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant STRATEGY_MANAGER_STORAGE_LOCATION =
0xeee24b1068db1f77995529a239f6d9b26635e7162ee18ce6dabc59845aabd700;
function _getStrategyManagerStorage()
internal
pure
returns (StrategyManagerStorage storage $)
{
assembly {
$.slot := STRATEGY_MANAGER_STORAGE_LOCATION
}
}
event StrategyAllowed(address indexed strategy, bool allowed);
event DeltaReported(
address indexed strategy,
bytes32 indexed guid,
uint64 delta,
bool isMint,
uint256 timestamp
);
event DeployedFunds(address indexed strategy, uint256 amount);
event FreedFunds(address indexed strategy, uint256 amount);
constructor(address _lzEndpoint) OAppUpgradeable(_lzEndpoint) {
_disableInitializers();
}
/**
* @notice Initializes a proxied instance.
* @param _params Deployment settings. See {StrategyManagerParams} for field descriptions.
*/
function initialize(
StrategyManagerParams calldata _params
) external initializer {
if (_params.sharedDecimals > 6) revert Errors.InvalidSharedDecimals();
__BridgeGateway_init(
_params.clusterName,
_params.underlyingSymbol,
_params.underlyingToken,
_params.bridgeRouter
);
__Ownable_init(_params.oAppOwner);
__OApp_init(_params.oAppDelegate);
__OAppOptionsType3_init();
__AccessControl_init();
__FactoryClient_init(msg.sender);
_grantRole(DEFAULT_ADMIN_ROLE, _params.defaultAdmin);
uint8 localDecimals = IERC20Metadata(_params.underlyingToken)
.decimals();
if (localDecimals < _params.sharedDecimals)
revert Errors.InvalidSharedDecimals();
StrategyManagerStorage storage $ = _getStrategyManagerStorage();
$.sharedDecimals = _params.sharedDecimals;
$.decimalConversionRate =
10 ** (localDecimals - _params.sharedDecimals);
$.accountingReceiverEid = _params.accountingReceiverEid;
$.accountingReceiver = _params.accountingReceiver;
$.underlyingToken = _params.underlyingToken;
$.localEid = endpoint.eid();
}
function _authorizeUpgrade(
address _newImplementation
) internal override onlyRole(UPGRADE_MANAGER) {}
modifier onlyAllowedStrategy(address _strategy) {
StrategyManagerStorage storage $ = _getStrategyManagerStorage();
if (!$.allowedStrategies.contains(_strategy))
revert Errors.StrategyNotAllowed();
_;
}
/**
* @notice Adds or removes a strategy from the allowed set.
* @dev Restricted to addresses with `STRATEGY_MANAGER`.
* @param _strategy Strategy vault address.
* @param _allowed Whether the strategy should be allowed.
*/
function allowStrategy(
address _strategy,
bool _allowed
) external onlyRole(STRATEGY_MANAGER) {
StrategyManagerStorage storage $ = _getStrategyManagerStorage();
if (_allowed) {
if (!$.allowedStrategies.add(_strategy))
revert Errors.StrategyAlreadyAllowed();
IERC20($.underlyingToken).forceApprove(
_strategy,
type(uint256).max
);
} else {
if (!$.allowedStrategies.remove(_strategy))
revert Errors.StrategyNotAllowed();
if (IERC4626(_strategy).balanceOf(address(this)) > 0)
revert Errors.StrategyHasBalance();
IERC20($.underlyingToken).forceApprove(_strategy, 0);
}
emit StrategyAllowed(_strategy, _allowed);
}
/**
* @notice Quotes the native fee required to report a delta to the accounting receiver.
* @return nativeFee Estimated native fee for the message.
*/
function quoteReport() external view returns (uint256 nativeFee) {
StrategyManagerStorage storage $ = _getStrategyManagerStorage();
uint32 localEid = $.localEid;
uint32 remoteEid = $.accountingReceiverEid;
bytes calldata options = msg.data[0:0];
if (localEid == remoteEid) {
nativeFee = 0;
} else {
DeltaMessage memory message;
nativeFee = _quote(
remoteEid,
abi.encode(message),
combineOptions(remoteEid, REPORT_DELTA, options),
false
).nativeFee;
}
}
/**
* @notice Computes and reports the change in underlying assets for a strategy.
* @param _strategy Strategy vault address.
*/
function reportDelta(
address _strategy
)
external
payable
onlyAllowedStrategy(_strategy)
whenFactoryNotPaused
onlyRole(REPORTING_MANAGER)
returns (DeltaMessage memory message, MessagingReceipt memory receipt)
{
StrategyManagerStorage storage $ = _getStrategyManagerStorage();
uint32 remoteEid = $.accountingReceiverEid;
uint256 totalStrategyShares = IERC4626(_strategy).balanceOf(
address(this)
);
int256 underlyingAmountNew = SafeCast.toInt256(
IERC4626(_strategy).convertToAssets(totalStrategyShares)
);
int256 underlyingAmountOld = $.underlyingByStrategy[_strategy];
if (_removeDust(underlyingAmountNew) != underlyingAmountOld) {
uint64 delta;
if (underlyingAmountNew > underlyingAmountOld) {
delta = _toSD(
SafeCast.toUint256(
underlyingAmountNew - underlyingAmountOld
)
);
message.mint = true;
// this allows to account for dust after sd conversion
$.underlyingByStrategy[_strategy] =
underlyingAmountOld +
SafeCast.toInt256(delta * $.decimalConversionRate); // convert back to LD
} else {
delta = _toSD(
SafeCast.toUint256(
underlyingAmountOld - underlyingAmountNew
)
);
message.mint = false;
// this allows to account for dust after sd conversion
$.underlyingByStrategy[_strategy] =
underlyingAmountOld -
SafeCast.toInt256(delta * $.decimalConversionRate); // convert back to LD
}
message.delta = delta;
if ($.localEid == remoteEid) {
if (msg.value > 0) revert Errors.MsgValueNotZero();
_reportLocal(
_strategy,
$.accountingReceiver.bytes32ToAddress(),
message
);
} else {
receipt = _reportCrossChain(_strategy, remoteEid, message);
}
}
}
/**
* @notice Reports a delta to the local accounting receiver.
* @param _strategy Strategy vault address.
* @param _accountingReceiver Accounting receiver contract address.
* @param _message Report payload describing the delta.
*/
function _reportLocal(
address _strategy,
address _accountingReceiver,
DeltaMessage memory _message
) internal {
IAccountingReceiver(_accountingReceiver).updateAccountingLocal(
_message
);
emit DeltaReported(
_strategy,
bytes32(0), // Zero bytes32 represent local reporting
_message.delta,
_message.mint,
block.timestamp
);
}
/**
* @notice Sends a cross-chain delta report to the accounting receiver.
* @param _strategy Strategy vault address.
* @param _accountingReceiverEid LayerZero endpoint id for the accounting receiver chain.
* @param _message Report payload describing the delta.
*/
function _reportCrossChain(
address _strategy,
uint32 _accountingReceiverEid,
DeltaMessage memory _message
) internal returns (MessagingReceipt memory receipt) {
bytes calldata options = msg.data[0:0];
receipt = _lzSend(
_accountingReceiverEid,
abi.encode(_message),
combineOptions(_accountingReceiverEid, REPORT_DELTA, options),
MessagingFee(msg.value, 0),
address(msg.sender)
);
emit DeltaReported(
_strategy,
receipt.guid,
_message.delta,
_message.mint,
block.timestamp
);
}
/**
* @notice Converts local-decimal amounts to shared decimals.
* @param _amountLD Amount expressed in local decimals.
* @return Amount expressed in shared decimals.
*/
function _toSD(uint256 _amountLD) internal view returns (uint64) {
StrategyManagerStorage storage $ = _getStrategyManagerStorage();
uint256 _amountSD = _amountLD / $.decimalConversionRate;
// If there is an overflow we report the maximum possible value,
// since we only advance by delta * decimalConversionRate, so
// the next reportDelta call will pick up the remainder.
if (_amountSD > type(uint64).max) return type(uint64).max;
return SafeCast.toUint64(_amountSD);
}
function _removeDust(
int256 _amountLD
) internal view virtual returns (int256 amountLD) {
int256 _decimalConversionRate = int256(
_getStrategyManagerStorage().decimalConversionRate
);
amountLD =
(_amountLD / _decimalConversionRate) * _decimalConversionRate;
}
/**
* @notice Deposits underlying tokens into a strategy.
* @dev Restricted to addresses with `ALLOCATION_MANAGER`.
* @param _strategy Strategy vault address.
* @param _amount Token amount deposited in local decimals.
* @param _minSharesAmount Minimum acceptable amount of strategy shares.
* @return sharesReceived Amount of strategy shares minted.
*/
function deployFunds(
address _strategy,
uint256 _amount,
uint256 _minSharesAmount
)
public
onlyAllowedStrategy(_strategy)
onlyRole(ALLOCATION_MANAGER)
whenFactoryNotPaused
returns (uint256)
{
StrategyManagerStorage storage $ = _getStrategyManagerStorage();
$.underlyingByStrategy[_strategy] += SafeCast.toInt256(_amount);
uint256 sharesReceived = IERC4626(_strategy).deposit(
_amount,
address(this)
);
if (sharesReceived < _minSharesAmount)
revert Errors.MinShareAmountNotMet();
emit DeployedFunds(_strategy, _amount);
return sharesReceived;
}
/**
* @notice Withdraws underlying tokens from a strategy.
* @dev Restricted to addresses with `ALLOCATION_MANAGER`.
* @param _strategy Strategy vault address.
* @param _sharesAmount Amount of strategy shares to redeem.
* @param _minUnderlyingAmount Minimum acceptable amount of underlying tokens.
* @return underlyingReceived Amount of underlying tokens redeemed.
*/
function freeFunds(
address _strategy,
uint256 _sharesAmount,
uint256 _minUnderlyingAmount
)
public
onlyAllowedStrategy(_strategy)
onlyRole(ALLOCATION_MANAGER)
whenFactoryNotPaused
returns (uint256)
{
uint256 underlyingReceived = IERC4626(_strategy).redeem(
_sharesAmount,
address(this),
address(this)
);
if (underlyingReceived < _minUnderlyingAmount)
revert Errors.MinUnderlyingAmountNotMet();
StrategyManagerStorage storage $ = _getStrategyManagerStorage();
$.underlyingByStrategy[_strategy] -= SafeCast.toInt256(
underlyingReceived
);
emit FreedFunds(_strategy, underlyingReceived);
return underlyingReceived;
}
/**
* @notice Returns the set of allowed strategies.
* @return strategies List of strategy addresses.
*/
function getStrategies()
external
view
returns (address[] memory strategies)
{
StrategyManagerStorage storage $ = _getStrategyManagerStorage();
strategies = $.allowedStrategies.values();
}
function getUnderlyingByStrategy(
address _strategy
) external view returns (int256) {
return _getStrategyManagerStorage().underlyingByStrategy[_strategy];
}
function _lzReceive(
Origin calldata /*_origin*/,
bytes32 /*_guid*/,
bytes calldata /*_message*/,
address /*_executor*/,
bytes calldata /*_extraData*/
) internal pure override {
revert Errors.FunctionDisabled();
}
}
BridgeGateway.sol 295 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import { IERC20 } from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { SafeERC20 } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import { AccessControlUpgradeable } from "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";
import { IBridgeRouter } from "../../interfaces/IBridgeRouter.sol";
import { IFactory } from "../../interfaces/IFactory.sol";
import { Roles } from "../../common/Roles.sol";
import { Errors } from "../../common/Errors.sol";
import { FactoryClient } from "../../factory/FactoryClient.sol";
import { ContractType, ProxyInfo } from "../../common/Types.sol";
/**
* @title BridgeGateway
* @notice Shared bridge routing logic for underlying asset flows.
* @dev Child contracts must call {__BridgeGateway_init} with consistent metadata sourced from {UnderlyingOFTParams}, {UnderlyingOFTAdapterParams}.
*/
abstract contract BridgeGateway is
AccessControlUpgradeable,
FactoryClient,
Roles
{
event BridgedOut(
bytes32 indexed id,
uint256 indexed dstChainId,
string symbol,
uint256 amount
);
event BridgedIn(bytes32 indexed id, uint256 amount);
/**
* @notice Storage layout for bridge operations.
* @param clusterName Cluster identifier shared by contracts in the deployment.
* @param underlyingSymbol Predefined Symbol of the underlying asset (found in vault.config.ts).
* @param underlyingToken Address of the underlying ERC20 asset.
* @param withdrawalNonce Incrementing nonce used when computing bridge transaction ids.
* @param bridgeRouter Bridge router contract authorized to move funds.
* @param factory Factory contract used to resolve registered deployments.
*/
struct BridgeGatewayStorage {
string clusterName;
string underlyingSymbol;
address underlyingToken;
uint256 withdrawalNonce;
IBridgeRouter bridgeRouter;
IFactory factory;
}
// keccak256(abi.encode(uint256(keccak256("zircuit.finance.storage.BridgeGateway")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant BRIDGE_GATEWAY_STORAGE_LOCATION =
0xe948a858a10e36e2240400aabf638efb41bfa7e95a50f227a2e10f8f2e35d200;
function _getBridgeGatewayStorage()
internal
pure
returns (BridgeGatewayStorage storage $)
{
assembly {
$.slot := BRIDGE_GATEWAY_STORAGE_LOCATION
}
}
/**
* @notice Initializes bridge metadata for the inheriting contract.
* @param _clusterName Cluster identifier shared by contracts in the deployment.
* @param _underlyingSymbol Predefined Symbol of the underlying asset (found in vault.config.ts).
* @param _underlyingToken Address of the underlying ERC20 asset.
* @param _bridgeRouter Bridge router contract authorized to move funds.
*/
function __BridgeGateway_init(
string calldata _clusterName,
string calldata _underlyingSymbol,
address _underlyingToken,
address _bridgeRouter
) public onlyInitializing {
BridgeGatewayStorage storage $ = _getBridgeGatewayStorage();
$.clusterName = _clusterName;
$.underlyingSymbol = _underlyingSymbol;
$.underlyingToken = _underlyingToken;
$.bridgeRouter = IBridgeRouter(_bridgeRouter);
$.factory = IFactory(msg.sender);
}
modifier onlyBridgeRouter() {
BridgeGatewayStorage storage $ = _getBridgeGatewayStorage();
if (msg.sender != address($.bridgeRouter))
revert Errors.OnlyBridgeRouterAllowed();
_;
}
function setBridgeRouter(
address _newBridgeRouter
) external onlyRole(BRIDGE_GATEWAY_SETTER) {
BridgeGatewayStorage storage $ = _getBridgeGatewayStorage();
$.bridgeRouter = IBridgeRouter(_newBridgeRouter);
}
function getBridgeRouter() external view returns (address) {
BridgeGatewayStorage storage $ = _getBridgeGatewayStorage();
return address($.bridgeRouter);
}
/**
* @notice Handles bridge router deposits.
* @param _amount Token amount deposited in local decimals.
* @param _payload ABI-encoded metadata forwarded by the bridge router.
*/
function crossChainDeposit(
uint256 _amount,
bytes calldata _payload
) external virtual onlyBridgeRouter {
_crossChainDeposit(_amount, _payload);
}
/**
* @notice Internal hook to process a deposit initiated by the bridge router.
* @param _amount Token amount deposited in local decimals.
* @param _payload ABI-encoded metadata forwarded by the bridge router.
*/
function _crossChainDeposit(
uint256 _amount,
bytes calldata _payload
) internal {
BridgeGatewayStorage storage $ = _getBridgeGatewayStorage();
SafeERC20.safeTransferFrom(
IERC20($.underlyingToken),
msg.sender,
address(this),
_amount
);
(bytes32 bridgeTxId, bytes memory extraData) = abi.decode(
_payload,
(bytes32, bytes)
);
_afterCrossChainDeposit(_amount, bridgeTxId, extraData);
emit BridgedIn(bridgeTxId, _amount);
}
/**
* @notice Hook executed after funds are deposited via the bridge router.
* @param _amount Token amount deposited in local decimals.
* @param _bridgeTxId Unique ID to track every bridge transaction.
* @param _extraData ABI-encoded metadata forwarded by the bridge router.
*/
function _afterCrossChainDeposit(
uint256 _amount,
bytes32 _bridgeTxId,
bytes memory _extraData
) internal virtual {}
/**
* @notice Initiates a bridge withdrawal to another chain.
* @param _amount Token amount withdrawn in local decimals.
* @param _destAddress Bytes32-encoded destination address.
* @param _dstEid LayerZero endpoint id for the destination chain.
* @param _contractType Enumerated contract type that must handle the withdrawal.
* @param _extraData ABI-encoded metadata passed by the operator to execute logic in the StrategyManager. (Unused)
*/
function crossChainWithdraw(
uint256 _amount,
bytes32 _destAddress,
uint32 _dstEid,
ContractType _contractType,
bytes calldata _extraData
) external virtual onlyRole(BRIDGE_GATEWAY_OPERATOR) whenFactoryNotPaused {
_crossChainWithdraw(
_amount,
_destAddress,
_dstEid,
_contractType,
_extraData
);
}
/**
* @notice Internal hook that validates metadata and forwards the withdrawal through the bridge router.
* @param _amount Token amount withdrawn in local decimals.
* @param _destAddress Bytes32-encoded destination address.
* @param _dstEid LayerZero endpoint id for the destination chain.
* @param _contractType Enumerated contract type that must handle the withdrawal.
* @param _extraData ABI-encoded metadata passed by the operator to execute logic in the StrategyManager. (Unused)
*/
function _crossChainWithdraw(
uint256 _amount,
bytes32 _destAddress,
uint32 _dstEid,
ContractType _contractType,
bytes memory _extraData
) internal {
_validateContractType(_contractType);
BridgeGatewayStorage storage $ = _getBridgeGatewayStorage();
(bool status, ProxyInfo memory info) = $.factory.getProxyInfo(
_contractType,
_destAddress,
_dstEid
);
if (!status) revert Errors.DestNotRegistered();
if (
keccak256(bytes(info.clusterName)) !=
keccak256(bytes($.clusterName))
) revert Errors.DestNotInCluster();
if (
keccak256(bytes(info.symbol)) !=
keccak256(bytes($.underlyingSymbol))
) revert Errors.DestDoNotSupportAsset();
uint256 dstChainId = $.factory.getChainId(_dstEid);
bytes32 bridgeTxId = _computeBridgeTxId();
bytes memory payload = abi.encode(bridgeTxId, _extraData);
SafeERC20.forceApprove(
IERC20($.underlyingToken),
address($.bridgeRouter),
_amount
);
$.bridgeRouter.bridge(
$.underlyingToken,
_amount,
dstChainId,
_destAddress,
payload
);
_afterCrossChainWithdraw(
_amount,
_destAddress,
_dstEid,
_contractType,
bridgeTxId,
_extraData
);
emit BridgedOut(bridgeTxId, dstChainId, info.symbol, _amount);
}
/**
* @notice Hook executed after the bridge router is instructed to withdraw funds.
* @param _amount Token amount withdrawn in local decimals.
* @param _destAddress Bytes32-encoded destination address.
* @param _dstEid LayerZero endpoint id for the destination chain.
* @param _contractType Enumerated contract type that must handle the withdrawal.
* @param _bridgeTxId Unique ID to track every bridge transaction.
* @param _extraData ABI-encoded metadata appended to the bridge call decoded from the payload.
*/
function _afterCrossChainWithdraw(
uint256 _amount,
bytes32 _destAddress,
uint32 _dstEid,
ContractType _contractType,
bytes32 _bridgeTxId,
bytes memory _extraData
) internal virtual {}
/**
* @notice Ensures that the requested contract type is supported.
* @param _contractType Enumerated contract type that must handle the withdrawal.
*/
function _validateContractType(ContractType _contractType) internal pure {
if (
_contractType == ContractType.UNDERLYING_OFT_ADAPTER ||
_contractType == ContractType.UNDERLYING_OFT ||
_contractType == ContractType.STRATEGY_MANAGER
) return;
revert Errors.InvalidContractType();
}
/**
* @notice Computes a unique identifier for the bridge transaction.
* @return bridgeTxId Newly generated bridge transaction identifier.
*/
function _computeBridgeTxId() internal returns (bytes32) {
BridgeGatewayStorage storage $ = _getBridgeGatewayStorage();
return
keccak256(
abi.encodePacked(
address(this),
$.withdrawalNonce++,
block.chainid
)
);
}
}
UnderlyingOFT.sol 210 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import {
IERC20Metadata,
IERC20
} from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import {
SendParam,
OFTReceipt,
MessagingReceipt,
MessagingFee
} from "@layerzerolabs/oft-evm/contracts/interfaces/IOFT.sol";
import { SafeERC20 } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import { Initializable } from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
import { UUPSUpgradeable } from "@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol";
import { AccessControlUpgradeable } from "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";
import { ReentrancyGuard } from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
import { Roles } from "../../common/Roles.sol";
import { Errors } from "../../common/Errors.sol";
import { UnderlyingOFTParams } from "../../common/Types.sol";
import { IUnderlyingOFT } from "../../interfaces/IUnderlyingOFT.sol";
import { BridgeGateway } from "./BridgeGateway.sol";
import { OFTUpgradeable } from "../../common/layer-zero/OFTUpgradeable.sol";
import { OFTCoreUpgradeable } from "../../common/layer-zero/OFTCoreUpgradeable.sol";
/**
* @title UnderlyingOFT
* @notice Omnichain fungible token that mirrors the underlying asset and services vault flows.
* @dev Deploy through the factory using {UnderlyingOFTParams}.
*/
contract UnderlyingOFT is
IUnderlyingOFT,
Initializable,
UUPSUpgradeable,
AccessControlUpgradeable,
ReentrancyGuard,
OFTUpgradeable,
Roles,
BridgeGateway
{
/**
* @notice Storage layout for upgradeable deployments.
* @param underlyingToken Address of the underlying ERC20 asset.
* @param vault Vault contract address.
* @param vaultComposer Vault composer contract address used for cross-chain orchestration.
* @param accountingReceiver Accounting receiver contract address.
* @param decimals Cached local token decimals.
*/
struct UnderlyingOFTStorage {
IERC20 underlyingToken;
address vault;
address vaultComposer;
address accountingReceiver;
uint8 decimals;
}
// keccak256(abi.encode(uint256(keccak256("zircuit.finance.storage.UnderlyingOFT")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant UNDERLYING_OFT_STORAGE_LOCATION =
0xd5e260abbaeb14f5e9ac0f2750fdd87bf26f56e1bb861f2376fc4778d84f0900;
function _getUnderlyingOFTStorage()
internal
pure
returns (UnderlyingOFTStorage storage $)
{
assembly {
$.slot := UNDERLYING_OFT_STORAGE_LOCATION
}
}
/// @notice Initializes the implementation with the given LayerZero endpoint.
/// @dev `_lzEndpoint` is immutable within the implementation; proxies call {initialize} for state setup.
/// @param _lzEndpoint The address of the LayerZero endpoint contract.
constructor(address _lzEndpoint) OFTUpgradeable(_lzEndpoint) {
_disableInitializers();
}
/**
* @notice Initializes a proxied instance.
* @param _params Deployment settings. See {UnderlyingOFTParams} for field descriptions.
*/
function initialize(
UnderlyingOFTParams calldata _params
) public initializer {
if (_params.sharedDecimals > 6) revert Errors.InvalidSharedDecimals();
uint8 underlyingDecimals = IERC20Metadata(_params.underlyingToken)
.decimals();
__BridgeGateway_init(
_params.clusterName,
_params.underlyingSymbol,
_params.underlyingToken,
_params.bridgeRouter
);
__OFT_init(
string.concat("z", _params.underlyingSymbol),
string.concat("z", _params.underlyingSymbol),
underlyingDecimals,
_params.sharedDecimals,
_params.oAppDelegate
);
__Ownable_init(_params.oAppOwner);
__AccessControl_init();
__FactoryClient_init(msg.sender);
_grantRole(DEFAULT_ADMIN_ROLE, _params.defaultAdmin);
UnderlyingOFTStorage storage $ = _getUnderlyingOFTStorage();
$.vault = _params.vault;
$.vaultComposer = _params.vaultComposer;
$.accountingReceiver = _params.accountingReceiver;
$.underlyingToken = IERC20(_params.underlyingToken);
$.decimals = underlyingDecimals;
}
function decimals() public view override returns (uint8) {
return _getUnderlyingOFTStorage().decimals;
}
/// @inheritdoc OFTCoreUpgradeable
function send(
SendParam calldata _sendParam,
MessagingFee calldata _fee,
address _refundAddress
)
external
payable
override
onlyVaultComposer
returns (
MessagingReceipt memory msgReceipt,
OFTReceipt memory oftReceipt
)
{
return _send(_sendParam, _fee, _refundAddress);
}
/// @notice Authorizes UUPS implementation upgrades.
/// @dev Restricted to addresses with `UPGRADE_MANAGER`.
/// @param newImplementation Address of the new implementation contract.
function _authorizeUpgrade(
address newImplementation
) internal override onlyRole(UPGRADE_MANAGER) {}
/// @notice Restricts function access to vault composer only
/// @dev Reverts with {Errors.CallerNotVaultComposer} if caller is not the vault composer
modifier onlyVaultComposer() {
UnderlyingOFTStorage storage $ = _getUnderlyingOFTStorage();
if (msg.sender != address($.vaultComposer))
revert Errors.CallerNotVaultComposer();
_;
}
/// @notice Restricts function access to accounting receiver
/// @dev Reverts with {Errors.CallerNotAccountingReceiver} if caller is neither
modifier onlyAccountingReceiver() {
UnderlyingOFTStorage storage $ = _getUnderlyingOFTStorage();
if (msg.sender != $.accountingReceiver)
revert Errors.CallerNotAccountingReceiver();
_;
}
/// @notice Mints underlying supply to the vault contract.
/// @dev Guarded by {onlyAccountingReceiver}. Reverts with {Errors.CallerNotAccountingReceiver}.
/// @param _amount Token amount to mint in local decimals.
function mint(uint256 _amount) external onlyAccountingReceiver {
UnderlyingOFTStorage storage $ = _getUnderlyingOFTStorage();
_mint($.vault, _amount);
}
/// @notice Burns underlying supply from the vault contract.
/// @dev Guarded by {onlyAccountingReceiver}. Reverts with {Errors.CallerNotAccountingReceiver}.
/// @param _amount Token amount to burn in local decimals.
function burn(uint256 _amount) external onlyAccountingReceiver {
UnderlyingOFTStorage storage $ = _getUnderlyingOFTStorage();
_burn($.vault, _amount);
}
/**
* @notice Mints OFT shares to the vault composer and pulls matching underlying tokens.
* @dev Restricted to the vault composer recorded in storage. Uses {SafeERC20.safeTransferFrom}.
* @param _amount Token amount to deposit in local decimals.
*/
function deposit(uint256 _amount) external onlyVaultComposer nonReentrant {
UnderlyingOFTStorage storage $ = _getUnderlyingOFTStorage();
_mint(msg.sender, _amount);
SafeERC20.safeTransferFrom(
$.underlyingToken,
msg.sender,
address(this),
_amount
);
}
/**
* @notice Burns OFT shares from the vault composer and releases underlying tokens.
* @dev Restricted to the vault composer recorded in storage. Uses {SafeERC20.safeTransfer}.
* @param _amount Token amount to withdraw in local decimals.
*/
function withdraw(uint256 _amount) external onlyVaultComposer nonReentrant {
UnderlyingOFTStorage storage $ = _getUnderlyingOFTStorage();
_burn(msg.sender, _amount);
SafeERC20.safeTransfer($.underlyingToken, msg.sender, _amount);
}
}
UnderlyingOFTAdapter.sol 200 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import {
SendParam,
OFTReceipt,
MessagingReceipt,
MessagingFee
} from "@layerzerolabs/oft-evm/contracts/interfaces/IOFT.sol";
import { ReentrancyGuard } from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
import { Initializable } from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
import { UUPSUpgradeable } from "@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol";
import { AccessControlUpgradeable } from "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";
import { IERC20Permit } from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Permit.sol";
import { BridgeGateway } from "./BridgeGateway.sol";
import { OFTCoreUpgradeable } from "../../common/layer-zero/OFTCoreUpgradeable.sol";
import { OFTAdapterUpgradeable } from "../../common/layer-zero/OFTAdapterUpgradeable.sol";
import { Roles } from "../../common/Roles.sol";
import { Errors } from "../../common/Errors.sol";
import { UnderlyingOFTAdapterParams } from "../../common/Types.sol";
import { IUnderlyingOFTAdapter } from "../../interfaces/IUnderlyingOFTAdapter.sol";
/**
* @title UnderlyingOFTAdapter
* @notice LayerZero adapter that wraps the underlying asset and routes liquidity to the configured vault composer.
* @dev Initialize through the factory using {UnderlyingOFTAdapterParams}.
*/
contract UnderlyingOFTAdapter is
IUnderlyingOFTAdapter,
Initializable,
UUPSUpgradeable,
AccessControlUpgradeable,
ReentrancyGuard,
OFTAdapterUpgradeable,
Roles,
BridgeGateway
{
/// @notice Emitted when a referral code is attached to a cross-chain send request.
/// @param user Vault composer that submitted the send operation.
/// @param referralCode Bytes32-encoded referral identifier supplied in the request.
/// @param amount Amount of underlying (in local decimals) forwarded with the referral.
event ReferralInfo(
address indexed user,
bytes32 indexed referralCode,
uint256 amount
);
/**
* @notice Storage layout for upgradeable deployments.
* @param vaultComposer Bytes32-encoded vault composer contract address used for cross-chain orchestration.
* @param vaultComposerEid LayerZero endpoint id for the vault composer chain.
*/
struct UnderlyingOFTAdapterStorage {
bytes32 vaultComposer;
uint32 vaultComposerEid;
}
// keccak256(abi.encode(uint256(keccak256("zircuit.finance.storage.UnderlyingOFTAdapter")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant UNDERLYING_OFT_ADAPTER_STORAGE_LOCATION =
0x4e766ba3471462bbbcc2d2a93b1922e99a88adbc44e04ab94a42c7461cdcd700;
function _getUnderlyingOFTAdapterStorage()
internal
pure
returns (UnderlyingOFTAdapterStorage storage $)
{
assembly {
$.slot := UNDERLYING_OFT_ADAPTER_STORAGE_LOCATION
}
}
/// @notice Initializes the implementation with the given LayerZero endpoint.
/// @dev `_lzEndpoint` is immutable within the implementation; proxies call {initialize} for state setup.
/// @param _lzEndpoint The address of the LayerZero endpoint contract.
constructor(address _lzEndpoint) OFTAdapterUpgradeable(_lzEndpoint) {
_disableInitializers();
}
/**
* @notice Initializes a proxied instance.
* @param _params Deployment settings. See {UnderlyingOFTAdapterParams} for field descriptions.
*/
function initialize(
UnderlyingOFTAdapterParams calldata _params
) public initializer {
if (_params.sharedDecimals > 6) revert Errors.InvalidSharedDecimals();
__BridgeGateway_init(
_params.clusterName,
_params.underlyingSymbol,
_params.underlyingToken,
_params.bridgeRouter
);
__Ownable_init(_params.oAppOwner);
__OFTAdapter_init(
_params.underlyingToken,
_params.sharedDecimals,
_params.oAppDelegate
);
__AccessControl_init();
__FactoryClient_init(msg.sender);
_grantRole(DEFAULT_ADMIN_ROLE, _params.defaultAdmin);
UnderlyingOFTAdapterStorage
storage $ = _getUnderlyingOFTAdapterStorage();
$.vaultComposer = _params.vaultComposer;
$.vaultComposerEid = _params.vaultComposerEid;
}
/// @inheritdoc OFTCoreUpgradeable
/// @dev Validates that the destination matches the configured vault composer metadata.
function send(
SendParam calldata _sendParam,
MessagingFee calldata _fee,
address _refundAddress
)
public
payable
override
nonReentrant
whenFactoryNotPaused
returns (
MessagingReceipt memory msgReceipt,
OFTReceipt memory oftReceipt
)
{
UnderlyingOFTAdapterStorage
storage $ = _getUnderlyingOFTAdapterStorage();
if (
_sendParam.dstEid != $.vaultComposerEid ||
_sendParam.to != $.vaultComposer ||
_sendParam.composeMsg.length == 0
) revert Errors.InvalidSendParameters();
(msgReceipt, oftReceipt) = _send(_sendParam, _fee, _refundAddress);
if (_sendParam.oftCmd.length == 32) {
emit ReferralInfo(
msg.sender,
abi.decode(_sendParam.oftCmd, (bytes32)),
oftReceipt.amountSentLD
);
}
}
function sendWithPermit(
SendParam calldata _sendParam,
MessagingFee calldata _fee,
address _refundAddress,
uint256 _deadline,
uint8 _v,
bytes32 _r,
bytes32 _s
)
external
payable
returns (
MessagingReceipt memory msgReceipt,
OFTReceipt memory oftReceipt
)
{
try
IERC20Permit(token()).permit(
msg.sender,
address(this),
_sendParam.amountLD,
_deadline,
_v,
_r,
_s
)
{} catch {}
return send(_sendParam, _fee, _refundAddress);
}
/// @notice Authorizes UUPS implementation upgrades.
/// @dev Restricted to addresses with `UPGRADE_MANAGER`.
/// @param newImplementation Address of the new implementation contract.
function _authorizeUpgrade(
address newImplementation
) internal override onlyRole(UPGRADE_MANAGER) {}
/**
* @notice Returns the configured vault composer address and EID
* @dev Used by EIP-7702 templates to validate adapter configuration
* @return vaultComposer Bytes32-encoded vault composer address
* @return vaultComposerEid LayerZero endpoint ID for the vault composer
*/
function getVaultComposerConfig()
external
view
returns (bytes32 vaultComposer, uint32 vaultComposerEid)
{
UnderlyingOFTAdapterStorage
storage $ = _getUnderlyingOFTAdapterStorage();
return ($.vaultComposer, $.vaultComposerEid);
}
}
Vault.sol 227 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import {
SendParam,
OFTReceipt,
MessagingReceipt,
MessagingFee
} from "@layerzerolabs/oft-evm/contracts/interfaces/IOFT.sol";
import { OFTComposeMsgCodec } from "@layerzerolabs/oft-evm/contracts/libs/OFTComposeMsgCodec.sol";
import {
IERC20Metadata,
IERC20
} from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { ReentrancyGuard } from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
import { ERC20Upgradeable } from "@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol";
import { Initializable } from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
import { UUPSUpgradeable } from "@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol";
import { AccessControlUpgradeable } from "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";
import { ERC4626Upgradeable } from "@openzeppelin/contracts-upgradeable/token/ERC20/extensions/ERC4626Upgradeable.sol";
import { Roles } from "../../common/Roles.sol";
import { Errors } from "../../common/Errors.sol";
import { VaultParams } from "../../common/Types.sol";
import { FactoryClient } from "../../factory/FactoryClient.sol";
import { IVault } from "../../interfaces/IVault.sol";
import { OFTUpgradeable } from "../../common/layer-zero/OFTUpgradeable.sol";
import { OFTCoreUpgradeable } from "../../common/layer-zero/OFTCoreUpgradeable.sol";
/**
* @title Vault
* @notice Omnichain ERC4626 vault that issues shares against the underlying OFT.
* @dev Initialize through the factory using {VaultParams}. Vault and VaultToken represent the same omnichain token
*/
contract Vault is
IVault,
Initializable,
UUPSUpgradeable,
AccessControlUpgradeable,
ReentrancyGuard,
FactoryClient,
ERC4626Upgradeable,
OFTUpgradeable,
Roles
{
uint8 constant DEFAULT_SHARED_DECIMALS = 6;
/**
* @notice Storage layout for upgradeable deployments.
* @param crossChainTotalSupply Total share supply across all chains; the on-chain total only reflects local shares,
* so this value tracks the consolidated amount.
* @param vaultComposer Vault composer contract address used for cross-chain orchestration.
*/
struct VaultStorage {
uint256 crossChainTotalSupply;
address vaultComposer;
uint32 localEid;
}
modifier onlyVaultComposer() {
if (_getVaultStorage().vaultComposer != msg.sender)
revert Errors.CallerNotVaultComposer();
_;
}
// keccak256(abi.encode(uint256(keccak256("zircuit.finance.storage.Vault")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant VAULT_STORAGE_LOCATION =
0x6aeb924f0a50d745d4f32e67839b2ae193de1bf17354f79c03583f2046345800;
function _getVaultStorage() internal pure returns (VaultStorage storage $) {
assembly {
$.slot := VAULT_STORAGE_LOCATION
}
}
constructor(address _lzEndpoint) OFTUpgradeable(_lzEndpoint) {
_disableInitializers();
}
/**
* @notice Initializes a proxied instance.
* @param _params Deployment settings. See {VaultParams} for field descriptions.
*/
function initialize(VaultParams calldata _params) external initializer {
__ERC4626_init(IERC20(_params.underlyingOFT));
__Ownable_init(_params.oAppOwner);
__OFT_init(
_params.name,
_params.symbol,
decimals(),
DEFAULT_SHARED_DECIMALS,
_params.oAppDelegate
);
__AccessControl_init();
__FactoryClient_init(msg.sender);
VaultStorage storage $ = _getVaultStorage();
$.vaultComposer = _params.vaultComposer;
$.localEid = endpoint.eid();
_grantRole(DEFAULT_ADMIN_ROLE, _params.defaultAdmin);
}
function decimals()
public
view
override(ERC20Upgradeable, ERC4626Upgradeable)
returns (uint8)
{
return ERC4626Upgradeable.decimals();
}
/// @notice Authorizes UUPS implementation upgrades.
/// @dev Restricted to addresses with `UPGRADE_MANAGER`.
/// @param newImplementation Address of the new implementation contract.
function _authorizeUpgrade(
address newImplementation
) internal override onlyRole(UPGRADE_MANAGER) {}
/**
* @inheritdoc ERC4626Upgradeable
* @dev Tracks minted shares in `crossChainTotalSupply`.
*/
function _deposit(
address _caller,
address _receiver,
uint256 _assets,
uint256 _shares
) internal override {
VaultStorage storage $ = _getVaultStorage();
$.crossChainTotalSupply += _shares;
super._deposit(_caller, _receiver, _assets, _shares);
}
/**
* @inheritdoc ERC4626Upgradeable
* @dev Decrements `crossChainTotalSupply` when shares are burned.
*/
function _withdraw(
address _caller,
address _receiver,
address _owner,
uint256 _assets,
uint256 _shares
) internal override {
VaultStorage storage $ = _getVaultStorage();
$.crossChainTotalSupply -= _shares;
super._withdraw(_caller, _receiver, _owner, _assets, _shares);
}
/// @inheritdoc OFTCoreUpgradeable
function send(
SendParam calldata _sendParam,
MessagingFee calldata _fee,
address _refundAddress
)
external
payable
override
nonReentrant
whenFactoryNotPaused
returns (
MessagingReceipt memory msgReceipt,
OFTReceipt memory oftReceipt
)
{
uint32 localEid = _getVaultStorage().localEid;
if (_sendParam.dstEid == localEid)
revert Errors.InvalidSendParameters();
return _send(_sendParam, _fee, _refundAddress);
}
/**
* @inheritdoc ERC20Upgradeable
*/
function totalSupply()
public
view
override(ERC20Upgradeable, IERC20)
returns (uint256)
{
return _getVaultStorage().crossChainTotalSupply;
}
/**
* @inheritdoc ERC4626Upgradeable
*/
function deposit(
uint256 _assets,
address _receiver
) public override onlyVaultComposer nonReentrant returns (uint256) {
// Return the number of shares minted by the ERC4626 logic
return super.deposit(_assets, _receiver);
}
/**
* @inheritdoc ERC4626Upgradeable
*/
function mint(
uint256 _shares,
address _receiver
) public override onlyVaultComposer nonReentrant returns (uint256) {
return super.mint(_shares, _receiver);
}
/**
* @inheritdoc ERC4626Upgradeable
*/
function withdraw(
uint256 _assets,
address _receiver,
address _owner
) public override onlyVaultComposer nonReentrant returns (uint256) {
return super.withdraw(_assets, _receiver, _owner);
}
/**
* @inheritdoc ERC4626Upgradeable
*/
function redeem(
uint256 _shares,
address _receiver,
address _owner
) public override onlyVaultComposer nonReentrant returns (uint256) {
return super.redeem(_shares, _receiver, _owner);
}
}
VaultToken.sol 391 lines
// SPDX-License-Identifier: MIT
pragma solidity 0.8.30;
import {
SendParam,
OFTReceipt,
MessagingReceipt,
MessagingFee
} from "@layerzerolabs/oft-evm/contracts/interfaces/IOFT.sol";
import { ReentrancyGuard } from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
import { Initializable } from "@openzeppelin/contracts/proxy/utils/Initializable.sol";
import { UUPSUpgradeable } from "@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol";
import { AccessControlUpgradeable } from "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";
import { VaultTokenParams, WithdrawalQueueEntry } from "../../common/Types.sol";
import { Roles } from "../../common/Roles.sol";
import { Errors } from "../../common/Errors.sol";
import { FactoryClient } from "../../factory/FactoryClient.sol";
import { OFTUpgradeable } from "../../common/layer-zero/OFTUpgradeable.sol";
import { OFTCoreUpgradeable } from "../../common/layer-zero/OFTCoreUpgradeable.sol";
import { IVaultToken } from "../../interfaces/IVaultToken.sol";
import { IFactory } from "../../interfaces/IFactory.sol";
/**
* @title VaultToken
* @notice Omnichain share token that queues withdrawal requests for the vault composer.
* @dev Initialize through the factory using {VaultTokenParams}.
*/
contract VaultToken is
IVaultToken,
Initializable,
UUPSUpgradeable,
AccessControlUpgradeable,
ReentrancyGuard,
FactoryClient,
OFTUpgradeable,
Roles
{
uint8 constant DEFAULT_SHARED_DECIMALS = 6;
/**
* @notice Emitted when a user queues a withdrawal.
* @param index Position in the withdrawal queue.
* @param initiator Address that created the withdrawal request.
* @param timestamp Block timestamp when the request was queued.
*/
event WithdrawalRequest(
uint256 indexed index,
address indexed initiator,
uint256 timestamp
);
/**
* @notice Emitted once a withdrawal request has been processed.
* @param index Position in the withdrawal queue.
* @param initiator Address that created the withdrawal request.
* @param timestamp Block timestamp when the request was processed.
*/
event WithdrawalProcessed(
uint256 indexed index,
address indexed initiator,
uint256 timestamp
);
/**
* @notice Emitted when a pending withdrawal is canceled.
* @param index Position in the withdrawal queue.
* @param initiator Address that created the withdrawal request.
* @param timestamp Block timestamp when the request was canceled.
*/
event WithdrawalCanceled(
uint256 indexed index,
address indexed initiator,
uint256 timestamp
);
/**
* @notice Storage layout for upgradeable deployments.
* @param vaultComposer Bytes32-encoded vault composer contract address.
* @param vaultComposerEid LayerZero endpoint id for the vault composer chain.
* @param withdrawalQueue Pending withdrawal requests.
*/
struct VaultTokenStorage {
bytes32 vaultComposer;
uint32 vaultComposerEid;
address tmpComposeFrom;
WithdrawalQueueEntry[] withdrawalQueue;
}
// keccak256(abi.encode(uint256(keccak256("zircuit.finance.storage.VaultToken")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant VAULT_TOKEN_STORAGE_LOCATION =
0xe0913ae125bb6bd87bc7d157a02ebd350d4fb7b6de4f250370254c3648545400;
function _getVaultTokenStorage()
internal
pure
returns (VaultTokenStorage storage $)
{
assembly {
$.slot := VAULT_TOKEN_STORAGE_LOCATION
}
}
/// @notice Initializes the implementation with the given LayerZero endpoint.
/// @dev `_lzEndpoint` is immutable within the implementation; proxies call {initialize} for state setup.
/// @param _lzEndpoint The address of the LayerZero endpoint contract.
constructor(address _lzEndpoint) OFTUpgradeable(_lzEndpoint) {
_disableInitializers();
}
/**
* @notice Initializes a proxied instance.
* @param _params Deployment settings. See {VaultTokenParams} for field descriptions.
*/
function initialize(VaultTokenParams calldata _params) public initializer {
__Ownable_init(_params.oAppOwner);
__OFT_init(
_params.name,
_params.symbol,
decimals(), // default 18 decimals
DEFAULT_SHARED_DECIMALS, // default 6 decimals
_params.oAppDelegate
);
__AccessControl_init();
__FactoryClient_init(msg.sender);
VaultTokenStorage storage $ = _getVaultTokenStorage();
$.vaultComposer = _params.vaultComposer;
$.vaultComposerEid = _params.vaultComposerEid;
_grantRole(DEFAULT_ADMIN_ROLE, _params.defaultAdmin);
}
/// @notice Authorizes UUPS implementation upgrades.
/// @dev Restricted to addresses with `UPGRADE_MANAGER`.
/// @param newImplementation Address of the new implementation contract.
function _authorizeUpgrade(
address newImplementation
) internal override onlyRole(UPGRADE_MANAGER) {}
/// @inheritdoc OFTCoreUpgradeable
/// @dev Stores withdrawal requests when the destination matches the configured vault composer.
function send(
SendParam calldata _sendParam,
MessagingFee calldata _fee,
address _refundAddress
)
external
payable
override
nonReentrant
whenFactoryNotPaused
returns (
MessagingReceipt memory msgReceipt,
OFTReceipt memory oftReceipt
)
{
VaultTokenStorage storage $ = _getVaultTokenStorage();
if (
_sendParam.to == $.vaultComposer &&
_sendParam.dstEid == $.vaultComposerEid &&
msg.sender != address(this)
) {
_validateFees(_sendParam, _fee);
uint256 amount = _toLD(_toSD(_sendParam.amountLD));
_transfer(msg.sender, address(this), amount);
if (amount == 0) revert Errors.WithdrawalUnderThreshold();
if (_sendParam.minAmountLD > amount)
revert Errors.MinAmountNotMet();
uint256 id = $.withdrawalQueue.length;
WithdrawalQueueEntry memory entry;
entry.initiator = msg.sender;
entry.sendParam = _sendParam;
entry.fee = _fee;
entry.refundAddress = _refundAddress;
entry.txFee = msg.value - _fee.nativeFee;
entry.sendParam.amountLD = amount;
$.withdrawalQueue.push(entry);
emit WithdrawalRequest(id, msg.sender, block.timestamp);
} else {
return _send(_sendParam, _fee, _refundAddress);
}
}
/**
* @notice Cancels a withdrawal request and refunds the original caller.
* @param _id Position of the withdrawal entry in the queue.
*/
function cancelWithdrawal(
uint256 _id
) external nonReentrant whenFactoryNotPaused {
WithdrawalQueueEntry storage entry = _getVaultTokenStorage()
.withdrawalQueue[_id];
address initiator = entry.initiator;
if (msg.sender != initiator) revert Errors.NotInitiatorRequest();
if (entry.canceled) revert Errors.AlreadyCanceled();
if (entry.fulfilled) revert Errors.AlreadyFulfilled();
entry.canceled = true;
_transfer(address(this), initiator, entry.sendParam.amountLD);
(bool success, ) = payable(entry.initiator).call{
value: entry.fee.nativeFee + entry.txFee
}("");
if (!success) revert Errors.RefundFailed();
emit WithdrawalCanceled(_id, initiator, block.timestamp);
}
/**
* @notice Processes multiple queued withdrawals by forwarding funds through the vault composer.
* @dev Restricted to addresses with `WITHDRAWAL_MANAGER`. More gas-efficient than processing
* withdrawals individually. The sum of all `_extraFees` must equal `msg.value`.
* Each withdrawal's receipts are stored in its queue entry.
* @param _ids Array of withdrawal entry indices to process.
* @param _extraFees Array of additional native fees for each withdrawal (must match _ids length).
*/
function processWithdrawals(
uint256[] calldata _ids,
uint256[] calldata _extraFees
)
external
payable
onlyRole(WITHDRAWAL_MANAGER)
whenFactoryNotPaused
returns (
MessagingReceipt[] memory msgReceipts,
OFTReceipt[] memory oftReceipts
)
{
uint256 length = _ids.length;
if (length == 0) revert Errors.EmptyArray();
if (length != _extraFees.length) revert Errors.LengthMismatch();
// Initialize return arrays
msgReceipts = new MessagingReceipt[](length);
oftReceipts = new OFTReceipt[](length);
uint256 totalExtraFees;
uint256 totalTxFees;
for (uint256 i = 0; i < length; i++) {
totalExtraFees += _extraFees[i];
}
if (msg.value != totalExtraFees)
revert Errors.ExtraFeesNotMatchingMsgValue();
VaultTokenStorage storage $ = _getVaultTokenStorage();
uint256 txFee;
for (uint256 i = 0; i < length; i++) {
uint256 id = _ids[i];
(txFee, msgReceipts[i], oftReceipts[i]) = _processWithdrawal(
id,
$.withdrawalQueue[id],
_extraFees[i]
);
totalTxFees += txFee;
}
if (totalTxFees > 0) {
// The keeper should always be able to receive the funds;
// if not, the transaction should not fail because of it.
(bool success, ) = payable(msg.sender).call{ value: totalTxFees }(
""
);
success;
}
}
/**
* @notice Executes a queued withdrawal by forwarding funds and composing from the initiator.
* @dev Reverts if the withdrawal was canceled or already fulfilled. Wraps `send` so the
* VaultComposer observes the original initiator as the `composeFrom`.
* @param _id Index of the withdrawal in the queue.
* @param _entry Storage pointer to the withdrawal queue entry.
* @param _extraFee Additional native fee supplied by the caller of `processWithdrawals`.
* @return txFee transaction fee that should be refunded to the withdrawal manager.
* @return msgReceipt Messaging receipt returned by the LayerZero send.
* @return oftReceipt OFT receipt returned by the LayerZero send.
*/
function _processWithdrawal(
uint256 _id,
WithdrawalQueueEntry storage _entry,
uint256 _extraFee
)
internal
composeFromOverride(_entry.initiator)
returns (
uint256 txFee,
MessagingReceipt memory msgReceipt,
OFTReceipt memory oftReceipt
)
{
if (_entry.fulfilled) revert Errors.AlreadyFulfilled();
if (!_entry.canceled) {
MessagingFee memory fee = MessagingFee({
nativeFee: _entry.fee.nativeFee + _extraFee,
lzTokenFee: 0
});
_entry.fulfilled = true;
(msgReceipt, oftReceipt) = this.send{ value: fee.nativeFee }(
_entry.sendParam,
fee,
_entry.refundAddress
);
_entry.msgReceipt = msgReceipt;
_entry.oftReceipt = oftReceipt;
txFee = _entry.txFee;
emit WithdrawalProcessed(_id, _entry.initiator, block.timestamp);
}
}
/**
* @notice Temporarily overrides the composeFrom with the queued withdrawal initiator.
* @dev Sets `composeFromOverride` before executing the wrapped logic and clears it afterward so
* LayerZero compose payloads reflect the original caller rather than the contract itself.
* `$.composeFromOverride` is later handled by `OFTCoreUpgradeable` to replace the composeFrom.
* This is a necessary step so that the VaultComposer can refund the asset to the initiator and
* not to this contract.
* @param _initiator Address withdrawing funds.
*/
modifier composeFromOverride(address _initiator) {
OFTCoreStorage storage $ = _getOFTCoreStorage();
// Save the current composeFromOverride value to prevent potential nested calls.
// This situation should never occur since this function is intended to be used
// only during withdrawals from the VaultToken. This is a safeguard against
// possible misuse in future updates.
address oldComposeFromOverride = $.composeFromOverride;
$.composeFromOverride = _initiator;
_;
$.composeFromOverride = oldComposeFromOverride;
}
function _validateFees(
SendParam calldata _sendParam,
MessagingFee calldata _fee
) internal view {
if (_fee.lzTokenFee != 0) revert Errors.OnlyNative();
MessagingFee memory minFee = this.quoteSend(_sendParam, false);
if (_fee.nativeFee < minFee.nativeFee) {
revert Errors.NotEnoughFee();
}
if (msg.value < _fee.nativeFee) revert Errors.NotEnoughNative();
// Decode the compose (second hop) payload: (SendParam, uint256)
(SendParam memory secondHop, uint256 secondHopNativeFee) = abi.decode(
_sendParam.composeMsg,
(SendParam, uint256)
);
uint256 minSecondHopNativeFee;
if (secondHop.dstEid == _sendParam.dstEid) {
if (secondHopNativeFee != 0) revert Errors.SecondHopFeeNonZero();
} else {
minSecondHopNativeFee = _getWithdrawalMinFee(
_sendParam.dstEid,
secondHop.dstEid
);
if (secondHopNativeFee < minSecondHopNativeFee) {
revert Errors.NotEnoughSecondHopFee();
}
}
}
function getWithdrawalQueueLength() external view returns (uint256) {
return _getVaultTokenStorage().withdrawalQueue.length;
}
function getWithdrawalQueueEntry(
uint256 _index
) external view returns (WithdrawalQueueEntry memory) {
return _getVaultTokenStorage().withdrawalQueue[_index];
}
}
Write Contract 1 functions
These functions modify contract state and require a wallet transaction to execute.
initProxy 0xead30dd4
address implementation
bytes data
Recent Transactions
No transactions found for this address