Forkchoice Ethereum Mainnet

// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.26;

import {ICreate3Factory} from "./interfaces/ICreate3Factory.sol";
import {Ownable2Step, Ownable} from "@openzeppelin/contracts/access/Ownable2Step.sol";
import {Create3} from "./libraries/Create3.sol";
import {ReentrancyGuard} from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";

/// @notice Deploy contracts in a deterministic way using CREATE3
/// @dev ensure this contract is deployed on multiple chain with the same address
contract Create3Factory is ICreate3Factory, Ownable2Step, ReentrancyGuard {
    event SetWhitelist(address indexed user, bool isWhitelist);
    event Deployed(address indexed deployed, bytes32 salt, bytes32 creationCodeHash);

    // Only whitelisted user can interact with create2Factory
    mapping(address user => bool isWhitelisted) public isUserWhitelisted;

    modifier onlyWhitelisted() {
        if (!isUserWhitelisted[msg.sender]) revert NotWhitelisted();
        _;
    }

    constructor() Ownable(msg.sender) {
        isUserWhitelisted[msg.sender] = true;
    }

    /// @inheritdoc ICreate3Factory
    function deploy(
        bytes32 salt,
        bytes memory creationCode,
        bytes32 creationCodeHash,
        uint256 creationFund,
        bytes calldata afterDeploymentExecutionPayload,
        uint256 afterDeploymentExecutionFund
    ) external payable onlyWhitelisted nonReentrant returns (address deployed) {
        if (creationCodeHash != keccak256(creationCode)) revert CreationCodeHashMismatch();
        if (creationFund + afterDeploymentExecutionFund != msg.value) revert FundsAmountMismatch();

        deployed = Create3.create3(
            salt, creationCode, creationFund, afterDeploymentExecutionPayload, afterDeploymentExecutionFund
        );

        emit Deployed(deployed, salt, creationCodeHash);
    }

    /// @inheritdoc ICreate3Factory
    function computeAddress(bytes32 salt) public view returns (address) {
        return Create3.addressOf(salt);
    }

    /// @inheritdoc ICreate3Factory
    function setWhitelistUser(address user, bool isWhiteList) external onlyOwner {
        isUserWhitelisted[user] = isWhiteList;

        emit SetWhitelist(user, isWhiteList);
    }
}

//SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

interface ICreate3Factory {
    error NotWhitelisted();
    error CreationCodeHashMismatch();
    error FundsAmountMismatch();

    /**
     * @notice create3 deploy a contract
     * @dev So long the same salt is used, the contract will be deployed at the same address on other chain
     * @param salt Salt of the contract creation, resulting address will be derived from this value only
     * @param creationCode Creation code (constructor + args) of the contract to be deployed, this value doesn't affect the resulting address
     * @param creationCodeHash Hash of the creation code, it can be used to verify the creation code
     * @param creationFund In WEI of ETH to be forwarded to target contract constructor
     * @param afterDeploymentExecutionPayload Payload to be executed after contract creation
     * @param afterDeploymentExecutionFund In WEI of ETH to be forwarded to when executing after deployment initialization
     * @return deployed of the deployed contract, reverts on error
     */
    function deploy(
        bytes32 salt,
        bytes memory creationCode,
        bytes32 creationCodeHash,
        uint256 creationFund,
        bytes calldata afterDeploymentExecutionPayload,
        uint256 afterDeploymentExecutionFund
    ) external payable returns (address deployed);

    /// @notice compute the create3 address based on salt
    function computeAddress(bytes32 salt) external view returns (address);

    /// @notice set user as whitelisted
    function setWhitelistUser(address user, bool isWhiteList) external;
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable2Step.sol)

pragma solidity ^0.8.20;

import {Ownable} from "./Ownable.sol";

/**
 * @dev Contract module which provides access control mechanism, where
 * there is an account (an owner) that can be granted exclusive access to
 * specific functions.
 *
 * The initial owner is specified at deployment time in the constructor for `Ownable`. This
 * can later be changed with {transferOwnership} and {acceptOwnership}.
 *
 * This module is used through inheritance. It will make available all functions
 * from parent (Ownable).
 */
abstract contract Ownable2Step is Ownable {
    address private _pendingOwner;

    event OwnershipTransferStarted(address indexed previousOwner, address indexed newOwner);

    /**
     * @dev Returns the address of the pending owner.
     */
    function pendingOwner() public view virtual returns (address) {
        return _pendingOwner;
    }

    /**
     * @dev Starts the ownership transfer of the contract to a new account. Replaces the pending transfer if there is one.
     * Can only be called by the current owner.
     */
    function transferOwnership(address newOwner) public virtual override onlyOwner {
        _pendingOwner = newOwner;
        emit OwnershipTransferStarted(owner(), newOwner);
    }

    /**
     * @dev Transfers ownership of the contract to a new account (`newOwner`) and deletes any pending owner.
     * Internal function without access restriction.
     */
    function _transferOwnership(address newOwner) internal virtual override {
        delete _pendingOwner;
        super._transferOwnership(newOwner);
    }

    /**
     * @dev The new owner accepts the ownership transfer.
     */
    function acceptOwnership() public virtual {
        address sender = _msgSender();
        if (pendingOwner() != sender) {
            revert OwnableUnauthorizedAccount(sender);
        }
        _transferOwnership(sender);
    }
}

// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.26;

import {CustomizedProxyChild} from "../CustomizedProxyChild.sol";

/**
 * @dev Referenced from https://github.com/0xsequence/create3/blob/master/contracts/Create3.sol
 * Updated PROXY_CHILD_BYTECODE to support customized deployment logic
 * @title A library for deploying contracts EIP-3171 style.
 * @author Agustin Aguilar <[email protected]>
 */
library Create3 {
    error ErrorCreatingProxy();
    error ErrorCreatingContract();
    error TargetAlreadyExists();

    bytes internal constant PROXY_CHILD_BYTECODE = type(CustomizedProxyChild).creationCode;

    bytes32 internal constant KECCAK256_PROXY_CHILD_BYTECODE = keccak256(PROXY_CHILD_BYTECODE);

    /**
     * @notice Returns the size of the code on a given address
     * @param _addr Address that may or may not contain code
     * @return size of the code on the given `_addr`
     */
    function codeSize(address _addr) internal view returns (uint256 size) {
        assembly {
            size := extcodesize(_addr)
        }
    }

    /**
     * @notice Creates a new contract with given `_creationCode` and `_salt`
     * @param _salt Salt of the contract creation, resulting address will be derived from this value only
     * @param _creationCode Creation code (constructor) of the contract to be deployed, this value doesn't affect the resulting address
     * @param _creationFund In WEI of ETH to be forwarded to target contract constructor
     * @param _afterDeploymentExecutionPayload Payload to be executed after contract creation
     * @param _afterDeploymentExecutionFund In WEI of ETH to be forwarded to when executing after deployment initialization
     * @return addr of the deployed contract, reverts on error
     */
    function create3(
        bytes32 _salt,
        bytes memory _creationCode,
        uint256 _creationFund,
        bytes calldata _afterDeploymentExecutionPayload,
        uint256 _afterDeploymentExecutionFund
    ) internal returns (address addr) {
        // Creation code
        bytes memory proxyCreationCode = PROXY_CHILD_BYTECODE;

        // Get target final address
        address preCalculatedAddr = addressOf(_salt);
        if (codeSize(preCalculatedAddr) != 0) revert TargetAlreadyExists();

        // Create CREATE2 proxy
        address proxy;
        assembly {
            proxy := create2(0, add(proxyCreationCode, 32), mload(proxyCreationCode), _salt)
        }
        if (proxy == address(0)) revert ErrorCreatingProxy();

        // Call proxy with final init code to deploy target contract
        addr = CustomizedProxyChild(proxy).deploy{value: _creationFund + _afterDeploymentExecutionFund}(
            _creationCode, _creationFund, _afterDeploymentExecutionPayload, _afterDeploymentExecutionFund
        );

        if (preCalculatedAddr != addr) revert ErrorCreatingContract();
    }

    /**
     * @notice Computes the resulting address of a contract deployed using address(this) and the given `_salt`
     * @param _salt Salt of the contract creation, resulting address will be derived from this value only
     * @return addr of the deployed contract, reverts on error
     *
     * @dev The address creation formula is: keccak256(rlp([keccak256(0xff ++ address(this) ++ _salt ++ keccak256(childBytecode))[12:], 0x01]))
     */
    function addressOf(bytes32 _salt) internal view returns (address) {
        address proxy = address(
            uint160(uint256(keccak256(abi.encodePacked(hex"ff", address(this), _salt, KECCAK256_PROXY_CHILD_BYTECODE))))
        );

        return address(uint160(uint256(keccak256(abi.encodePacked(hex"d694", proxy, hex"01")))));
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/ReentrancyGuard.sol)

pragma solidity ^0.8.20;

/**
 * @dev Contract module that helps prevent reentrant calls to a function.
 *
 * Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
 * available, which can be applied to functions to make sure there are no nested
 * (reentrant) calls to them.
 *
 * Note that because there is a single `nonReentrant` guard, functions marked as
 * `nonReentrant` may not call one another. This can be worked around by making
 * those functions `private`, and then adding `external` `nonReentrant` entry
 * points to them.
 *
 * TIP: If you would like to learn more about reentrancy and alternative ways
 * to protect against it, check out our blog post
 * https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
 */
abstract contract ReentrancyGuard {
    // Booleans are more expensive than uint256 or any type that takes up a full
    // word because each write operation emits an extra SLOAD to first read the
    // slot's contents, replace the bits taken up by the boolean, and then write
    // back. This is the compiler's defense against contract upgrades and
    // pointer aliasing, and it cannot be disabled.

    // The values being non-zero value makes deployment a bit more expensive,
    // but in exchange the refund on every call to nonReentrant will be lower in
    // amount. Since refunds are capped to a percentage of the total
    // transaction's gas, it is best to keep them low in cases like this one, to
    // increase the likelihood of the full refund coming into effect.
    uint256 private constant NOT_ENTERED = 1;
    uint256 private constant ENTERED = 2;

    uint256 private _status;

    /**
     * @dev Unauthorized reentrant call.
     */
    error ReentrancyGuardReentrantCall();

    constructor() {
        _status = NOT_ENTERED;
    }

    /**
     * @dev Prevents a contract from calling itself, directly or indirectly.
     * Calling a `nonReentrant` function from another `nonReentrant`
     * function is not supported. It is possible to prevent this from happening
     * by making the `nonReentrant` function external, and making it call a
     * `private` function that does the actual work.
     */
    modifier nonReentrant() {
        _nonReentrantBefore();
        _;
        _nonReentrantAfter();
    }

    function _nonReentrantBefore() private {
        // On the first call to nonReentrant, _status will be NOT_ENTERED
        if (_status == ENTERED) {
            revert ReentrancyGuardReentrantCall();
        }

        // Any calls to nonReentrant after this point will fail
        _status = ENTERED;
    }

    function _nonReentrantAfter() private {
        // By storing the original value once again, a refund is triggered (see
        // https://eips.ethereum.org/EIPS/eip-2200)
        _status = NOT_ENTERED;
    }

    /**
     * @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
     * `nonReentrant` function in the call stack.
     */
    function _reentrancyGuardEntered() internal view returns (bool) {
        return _status == ENTERED;
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)

pragma solidity ^0.8.20;

import {Context} from "../utils/Context.sol";

/**
 * @dev Contract module which provides a basic access control mechanism, where
 * there is an account (an owner) that can be granted exclusive access to
 * specific functions.
 *
 * The initial owner is set to the address provided by the deployer. This can
 * later be changed with {transferOwnership}.
 *
 * This module is used through inheritance. It will make available the modifier
 * `onlyOwner`, which can be applied to your functions to restrict their use to
 * the owner.
 */
abstract contract Ownable is Context {
    address private _owner;

    /**
     * @dev The caller account is not authorized to perform an operation.
     */
    error OwnableUnauthorizedAccount(address account);

    /**
     * @dev The owner is not a valid owner account. (eg. `address(0)`)
     */
    error OwnableInvalidOwner(address owner);

    event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);

    /**
     * @dev Initializes the contract setting the address provided by the deployer as the initial owner.
     */
    constructor(address initialOwner) {
        if (initialOwner == address(0)) {
            revert OwnableInvalidOwner(address(0));
        }
        _transferOwnership(initialOwner);
    }

    /**
     * @dev Throws if called by any account other than the owner.
     */
    modifier onlyOwner() {
        _checkOwner();
        _;
    }

    /**
     * @dev Returns the address of the current owner.
     */
    function owner() public view virtual returns (address) {
        return _owner;
    }

    /**
     * @dev Throws if the sender is not the owner.
     */
    function _checkOwner() internal view virtual {
        if (owner() != _msgSender()) {
            revert OwnableUnauthorizedAccount(_msgSender());
        }
    }

    /**
     * @dev Leaves the contract without owner. It will not be possible to call
     * `onlyOwner` functions. Can only be called by the current owner.
     *
     * NOTE: Renouncing ownership will leave the contract without an owner,
     * thereby disabling any functionality that is only available to the owner.
     */
    function renounceOwnership() public virtual onlyOwner {
        _transferOwnership(address(0));
    }

    /**
     * @dev Transfers ownership of the contract to a new account (`newOwner`).
     * Can only be called by the current owner.
     */
    function transferOwnership(address newOwner) public virtual onlyOwner {
        if (newOwner == address(0)) {
            revert OwnableInvalidOwner(address(0));
        }
        _transferOwnership(newOwner);
    }

    /**
     * @dev Transfers ownership of the contract to a new account (`newOwner`).
     * Internal function without access restriction.
     */
    function _transferOwnership(address newOwner) internal virtual {
        address oldOwner = _owner;
        _owner = newOwner;
        emit OwnershipTransferred(oldOwner, newOwner);
    }
}

// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.0;

contract CustomizedProxyChild {
    error NotFromParent();
    error BackrunExecutionFailed();

    address public immutable parent;

    constructor() {
        parent = msg.sender;
    }

    function deploy(bytes memory creationCode, uint256 creationFund, bytes calldata backRunPayload, uint256 backRunFund)
        external
        payable
        returns (address addr)
    {
        // make sure only Create3Factory can deploy contract in case of unauthorized deployment
        if (msg.sender != parent) {
            revert NotFromParent();
        }

        assembly {
            /// @dev create with creation code, deterministic addr since create(thisAddr=fixed, nonce=0)
            addr := create(creationFund, add(creationCode, 32), mload(creationCode))
        }

        if (backRunPayload.length != 0) {
            /// @dev This could be helpful when newly deployed contract
            /// needs to run some initialization logic for example owner update
            (bool success, bytes memory reason) = addr.call{value: backRunFund}(backRunPayload);
            if (!success) {
                // bubble up the revert reason from backrun if any
                if (reason.length > 0) {
                    assembly {
                        revert(add(reason, 32), mload(reason))
                    }
                }
                revert BackrunExecutionFailed();
            }
        }
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)

pragma solidity ^0.8.20;

/**
 * @dev Provides information about the current execution context, including the
 * sender of the transaction and its data. While these are generally available
 * via msg.sender and msg.data, they should not be accessed in such a direct
 * manner, since when dealing with meta-transactions the account sending and
 * paying for execution may not be the actual sender (as far as an application
 * is concerned).
 *
 * This contract is only required for intermediate, library-like contracts.
 */
abstract contract Context {
    function _msgSender() internal view virtual returns (address) {
        return msg.sender;
    }

    function _msgData() internal view virtual returns (bytes calldata) {
        return msg.data;
    }

    function _contextSuffixLength() internal view virtual returns (uint256) {
        return 0;
    }
}