Cryo Explorer Ethereum Mainnet

// SPDX-License-Identifier: BUSL-1.1
pragma solidity =0.8.25;
pragma abicoder v2;

import './Shared.sol';
import { IInvoiceManager } from './interfaces/IInvoiceManager.sol';
import { ValidatorManager } from './ValidatorManager.sol';
import { ERC20 } from '../lib/solmate/src/tokens/ERC20.sol';
import { SafeTransferLib } from '../lib/solmate/src/utils/SafeTransferLib.sol';

/**
 * @title NativeAssetManager
 * @notice Manages assets on native chain within the portal ecosystem.
 * @custom:security-contact [email protected]
 */
contract NativeAssetManager is IInvoiceManager, ValidatorManager {
  /**
   * Mapping of all registered assets by their ERC-20 contract address to
   * their respective unique identifiers on the portal chain.
   */
  mapping(address => bytes32) public _assetIdsByAddress;

  /**
   * Mapping of all registered assets by their unique identifiers on the
   * portal chain to their respective ERC-20 contract addresses.
   */
  mapping(bytes32 => address) internal _assetAddressesById;

  bytes32 constant ETHEREUM_HASH = keccak256(bytes('ethereum'));
  bytes32 constant ETH_SYMBOL_HASH = keccak256(bytes('ETH'));
  bytes32 constant ETH_NAME_HASH = keccak256(bytes('Ether'));

  /**
   * Initializes NativeSwapManager on the Ethereum chain.
   * @param _validatorRegistry The address of the validator registry contract
   */
  constructor(
    address _validatorRegistry
  ) ValidatorManager(_validatorRegistry) {}

  ////////////////////////////////////////////////////////////////////////////
  // Liquidity Operations
  ////////////////////////////////////////////////////////////////////////////

  /**
   * Registers an asset in the portal ecosystem.
   * @param asset The asset being registered in the portal ecosystem
   */
  function registerAsset(Asset calldata asset) external onlyFoundation {
    address assetAddress = toAddress(asset.contractAddress);
    if (_assetIdsByAddress[assetAddress] != bytes32(0))
      revert AssetAlreadyRegistered(asset.id);
    if (keccak256(bytes(asset.chain)) != ETHEREUM_HASH)
      revert InvalidChain(asset.chain);

    bytes32 assetSymbolHash = keccak256(bytes(asset.symbol));
    bytes32 assetNameHash = keccak256(bytes(asset.name));
    if (assetAddress == NATIVE_ADDRESS) {
      if (
        assetSymbolHash != ETH_SYMBOL_HASH ||
        assetNameHash != ETH_NAME_HASH ||
        asset.decimals != 18
      ) revert InvalidEthAsset();
    } else {
      ERC20 token = ERC20(assetAddress);
      if (
        keccak256(bytes(token.symbol())) != assetSymbolHash ||
        keccak256(bytes(token.name())) != assetNameHash ||
        token.decimals() != asset.decimals
      ) revert MismatchedTokenMetadata();
    }

    _assetIdsByAddress[assetAddress] = asset.id;
    _assetAddressesById[asset.id] = assetAddress;
    emit AssetRegistered(asset);
  }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity =0.8.25;
pragma abicoder v2;

import './Shared.sol';
import { ValidatorManager } from './ValidatorManager.sol';
import { NativeAssetManager } from './NativeAssetManager.sol';
import { IInvoiceManager } from './interfaces/IInvoiceManager.sol';
import { ERC20 } from '../lib/solmate/src/tokens/ERC20.sol';
import { SafeTransferLib } from '../lib/solmate/src/utils/SafeTransferLib.sol';

/**
 * @title NativeLiquidityManager
 * @notice Manages liquidity for native assets within the portal ecosystem.
 * @custom:security-contact [email protected]
 */
contract NativeLiquidityManager is IInvoiceManager, ValidatorManager {
  using SafeTransferLib for ERC20;

  /**
   * @dev The address of the native asset manager contract.
   */
  NativeAssetManager internal assetManager;

  /**
   * Initializes NativeLiquidityManager on the Ethereum chain.
   * @param _validator The address of the validator contract
   * @param _assetManager The address of the asset manager contract
   */
  constructor(
    address _validator,
    address _assetManager
  ) ValidatorManager(_validator) {
    if (_assetManager == address(0)) revert InvalidAssetManager();
    assetManager = NativeAssetManager(_assetManager);
  }

  /**
   * Fallback function to receive ETH deposits.
   */
  receive() external payable {
    revert MustCallDepositFunction(msg.value, msg.sender);
  }

  ////////////////////////////////////////////////////////////////////////////
  // Liquidity Operations
  ////////////////////////////////////////////////////////////////////////////

  /**
   * Deposits an amount of an asset into the contract.
   * @param assetAddress The address of the asset contract; 0x0 for ETH
   * @param nativeAmount The amount of the deposit
   * @param portalAddress The address of the depositor on the portal chain
   */
  function deposit(
    address assetAddress,
    uint256 nativeAmount,
    address portalAddress
  ) external payable notValidator {
    if (portalAddress == address(0)) revert InvalidPortalAddress();
    if (nativeAmount == 0) revert ZeroAmount();
    if (assetManager._assetIdsByAddress(assetAddress) == bytes32(0))
      revert InvalidAssetAddress();

    if (assetAddress == NATIVE_ADDRESS) {
      if (msg.value != nativeAmount)
        revert InvalidEthDeposit(msg.value, nativeAmount);
    } else {
      ERC20(assetAddress).safeTransferFrom(
        msg.sender,
        address(this),
        nativeAmount
      );
    }

    emit Deposit({
      ts: block.timestamp,
      chain: 'ethereum',
      symbol: assetAddress == NATIVE_ADDRESS
        ? 'ETH'
        : ERC20(assetAddress).symbol(),
      contractAddress: assetAddress,
      nativeAmount: nativeAmount,
      nativeAddress: msg.sender,
      portalAddress: portalAddress
    });
  }

  /**
   * Withdraws an amount of an asset from the contract
   * @param id The unique identifier of the withdrawal (liquidity)
   * @param ts The timestamp of the asset burning on the portal chain
   * @param assetAddress The address of the asset contract; 0x0 for ETH
   * @param nativeAmount The amount of the withdrawal
   * @param nativeAddress The address of the recipient on the native chain
   * @param portalAddress The address of the recipient on the portal chain
   */
  function withdraw(
    bytes32 id,
    uint256 ts,
    address assetAddress,
    int256 nativeAmount,
    address nativeAddress,
    address portalAddress
  ) external onlyValidator {
    if (nativeAmount == 0) revert ZeroAmount();
    if (portalAddress == address(0)) revert InvalidPortalAddress();
    if (nativeAddress == NATIVE_ADDRESS) revert InvalidNativeAddress();
    if (assetManager._assetIdsByAddress(assetAddress) == bytes32(0))
      revert InvalidAssetAddress();

    if (nativeAmount == type(int256).min) {
      revert AmountOverflow();
    }
    uint256 withdrawAmount = uint256(-nativeAmount);

    // Check contract solvency: ensure contract has enough balance to fulfill withdrawal
    // Portal chain is the authoritative source of truth for user balances
    uint256 contractBalance = assetAddress == NATIVE_ADDRESS
      ? address(this).balance
      : ERC20(assetAddress).balanceOf(address(this));

    if (withdrawAmount > contractBalance)
      revert InsufficientContractBalance(
        assetAddress,
        contractBalance,
        withdrawAmount
      );

    emit Withdraw({
      id: id,
      ts: ts,
      chain: 'ethereum',
      symbol: assetAddress == NATIVE_ADDRESS
        ? 'ETH'
        : ERC20(assetAddress).symbol(),
      contractAddress: assetAddress,
      nativeAmount: nativeAmount,
      nativeAddress: nativeAddress,
      portalAddress: portalAddress
    });

    if (assetAddress == NATIVE_ADDRESS) {
      (bool success, ) = payable(nativeAddress).call{ value: withdrawAmount }(
        ''
      );
      if (!success) revert EthTransferFailed(nativeAddress, withdrawAmount);
    } else {
      ERC20(assetAddress).safeTransfer(nativeAddress, withdrawAmount);
    }
  }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity =0.8.25;
pragma abicoder v2;

////////////////////////////////////////////////////////////////////////////////
// Constants
////////////////////////////////////////////////////////////////////////////////

address constant NATIVE_ADDRESS = address(0);

////////////////////////////////////////////////////////////////////////////////
// Structs
////////////////////////////////////////////////////////////////////////////////

/**
 * Stores the particulars of an asset.
 * @param id SHA-256 hash of the chain name and the asset symbol
 * @param decimals The number of decimal places the asset supports
 * @param enabled Whether the asset is enabled for trading
 * @param chain The name of the native chain of the asset
 * @param symbol Ticker symbol of the asset
 * @param name The human-readable name of the asset
 * @param contractAddress The address of the asset on the native chain
 */
struct Asset {
  bytes32 id;
  uint8 decimals;
  bool enabled;
  string name;
  string chain;
  string symbol;
  string contractAddress;
}

/**
 * Store the particulars of liquidity entering/leaving the Portal ecosystem.
 * @param id The unique identifier of the liquidity
 * @param ts The timestamp at which the liquidity was created
 * @param chain The name of the native chain of the asset
 * @param symbol The ticker symbol of the asset
 * @param nativeAmount The amount of the asset on the native chain
 * @param portalAmount The amount of the asset on the portal chain
 * @param nativeAddress The address of the owner on the native chain
 * @param portalAddress The address of the owner on the portal chain
 */
struct Liquidity {
  bytes32 id;
  uint256 ts;
  int256 nativeAmount;
  int256 portalAmount;
  address portalAddress;
  string chain;
  string symbol;
  string contractAddress;
  string nativeAddress;
}

/**
 * Enumerates the states of a swap.
 * @param MATCHED The swap has been matched
 * @param HOLDER_INVOICED The holder has created and registed their invoice
 * @param SEEKER_INVOICED The seeker has created and registed their invoice
 * @param HOLDER_PAID The holder has paid the seeker's invoice
 * @param SEEKER_PAID The seeker has paid the holder's invoice
 * @param HOLDER_SETTLED The holder has revealed the secret to settle the swap
 * @param SEEKER_SETTLED The seeker has used the secret to settle the swap
 * @param REFUNDED The swap has been refunded
 */
enum SwapState {
  MATCHED,
  HOLDER_INVOICED,
  SEEKER_INVOICED,
  HOLDER_PAID,
  SEEKER_PAID,
  HOLDER_SETTLED,
  SEEKER_SETTLED,
  REFUNDED
}

/**
 * Store the particulars of a swap between two parties.
 * @param id The unique identifier of the swap
 * @param state The state of the swap
 * @param secretHash The hash of the secret that will unlock the swap
 * @param secretHolder The secret holder of the swap
 * @param secretSeeker The secret seeker of the swap
 * @param holderTimeout Absolute timestamp when holder's HTLC expires
 * @param seekerTimeout Absolute timestamp when seeker's HTLC expires
 * @param createdAt The timestamp at which the swap was created
 * @param holderTimeoutBlock Block height when holder's HTLC expires on native chain
 * @param seekerTimeoutBlock Block height when seeker's HTLC expires on native chain
 */
struct Swap {
  bytes32 id;
  SwapState state;
  bytes32 secretHash;
  Party secretHolder;
  Party secretSeeker;
  uint256 holderTimeout;
  uint256 seekerTimeout;
  uint256 createdAt;
  uint256 holderTimeoutBlock;
  uint256 seekerTimeoutBlock;
}

/**
 * Stores the particulars of a party to a swap.
 * @param portalAddress The address of the party on the portal chain
 * @param amount The amount of the asset
 * @param chain The name of the native chain of the asset
 * @param symbol The ticker symbol of the asset
 * @param contractAddress The address of the asset on the native chain
 * @param invoice The invoice for the swap
 * @param receipt The receipt for the swap
 * @param isTrader Whether the party is a trader (true) or a user (false)
 */
struct Party {
  address portalAddress;
  uint256 amount;
  string chain;
  string symbol;
  string contractAddress;
  string invoice;
  string receipt;
  bool isTrader;
}

////////////////////////////////////////////////////////////////////////////////
// Functions
////////////////////////////////////////////////////////////////////////////////

function toHexString(bytes32 data) pure returns (string memory) {
  bytes memory hexChars = '0123456789abcdef';
  bytes memory str = new bytes(64); // bytes32 → 64 hex characters

  for (uint256 i = 0; i < 32; i++) {
    uint8 byteVal = uint8(data[i]);
    str[i * 2] = hexChars[byteVal >> 4]; // First hex character
    str[i * 2 + 1] = hexChars[byteVal & 0x0f]; // Second hex character
  }
  return string(abi.encodePacked('0x', str));
}

/**
 * Convert a hex string into an address
 * @param _hexString The hex string to convert to an address
 */
function toAddress(string memory _hexString) pure returns (address) {
  require(bytes(_hexString).length == 42, 'Invalid address length');
  bytes memory hexBytes = bytes(_hexString);
  uint160 addr = 0;
  for (uint i = 2; i < 42; i++) {
    uint8 b = uint8(hexBytes[i]);
    if (b >= 48 && b <= 57) {
      b = b - 48; // 0-9
    } else if (b >= 65 && b <= 70) {
      b = b - 55; // A-F
    } else if (b >= 97 && b <= 102) {
      b = b - 87; // a-f
    } else {
      revert('Invalid character in address');
    }
    addr = (addr << 4) | uint160(b);
  }
  return address(addr);
}

/**
 * Convert a hex string into a 32-byte hash
 * @param _hexString The hex string to convert to a bytes32
 */
function toBytes32(string memory _hexString) pure returns (bytes32) {
  require(bytes(_hexString).length == 66, 'Invalid hex string length');
  bytes memory hexBytes = bytes(_hexString);
  bytes32 result;
  for (uint i = 2; i < 66; i++) {
    uint8 b = uint8(hexBytes[i]);
    if (b >= 48 && b <= 57) {
      b = b - 48; // 0-9
    } else if (b >= 65 && b <= 70) {
      b = b - 55; // A-F
    } else if (b >= 97 && b <= 102) {
      b = b - 87; // a-f
    } else {
      revert('Invalid character in hex string');
    }
    result = (result << 4) | bytes32(uint256(b)); // Correct type conversion
  }
  return result;
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity =0.8.25;
pragma abicoder v2;

import './interfaces/IValidatorManager.sol';
import './interfaces/IValidatorRegistry.sol';

/**
 * @title ValidatorManager
 * @notice Abstract contract providing validator authentication via registry
 * @dev Provides onlyValidator modifier by querying external ValidatorRegistry
 */
abstract contract ValidatorManager is IValidatorManager {
  /**
   * @notice Reference to the validator registry
   */
  IValidatorRegistry public immutable validatorRegistry;

  /**
   * @notice Initialize with validator registry address
   * @param _validatorRegistry Address of ValidatorRegistry contract
   */
  constructor(address _validatorRegistry) {
    validatorRegistry = IValidatorRegistry(_validatorRegistry);
  }

  /**
   * @notice Modifier to restrict function access to validator only
   */
  modifier onlyValidator() {
    if (!validatorRegistry.isValidator(msg.sender)) {
      revert CallerIsNotValidator(msg.sender);
    }
    _;
  }

  /**
   * @notice Modifier to restrict function access to non  validators
   */
  modifier notValidator() {
    if (validatorRegistry.isValidator(msg.sender)) {
      revert CallerIsValidator(msg.sender);
    }
    _;
  }

  /**
   * @notice Modifier to restrict function access to foundation only
   */
  modifier onlyFoundation() {
    if (msg.sender != validatorRegistry.foundation()) {
      revert CallerIsNotFoundation(msg.sender);
    }
    _;
  }

  /**
   * @notice Modifier to restrict function access to validator or foundation
   */
  modifier onlyValidatorOrFoundation() {
    if (
      !validatorRegistry.isValidator(msg.sender) &&
      msg.sender != validatorRegistry.foundation()
    ) {
      revert NotFoundationOrValidator(msg.sender);
    }
    _;
  }

  /**
   * @notice Get current validator address
   * @return address Current validator from registry
   */
  function validator() public view returns (address) {
    return validatorRegistry.validator();
  }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity =0.8.25;
pragma abicoder v2;
import '../Shared.sol';

/**
 * @title IInvoiceManager
 * Interface for the IInvoiceManager contract that provides the basic deposit and withdraw functionalities
 * @custom:security-contact [email protected]
 */
interface IInvoiceManager {
  //////////////////////////////////////////////////////////////////////////////
  // Types
  //////////////////////////////////////////////////////////////////////////////

  /**
   * Defines an invoice associated with a swap
   * @param
   */
  struct Invoice {
    bool initialized;
    bytes32 secretHash;
    address nativeAddress;
    address assetAddress;
    uint256 amount;
  }

  struct LockedFunds {
    address payer;
    address assetAddress;
    uint256 amount;
    uint256 timeout;
    bool recovered;
  }

  //////////////////////////////////////////////////////////////////////////////
  // Events
  //////////////////////////////////////////////////////////////////////////////

  /**
   * Event emitted when an asset is registered.
   * @param asset The asset being registered
   */
  event AssetRegistered(Asset asset);

  /**
   * Event emitted when a deposit is made.
   * @param ts The time the deposit was created
   * @param chain The name of the native chain of the asset
   * @param symbol Ticker symbol of the asset
   * @param nativeAmount The amount of the deposit
   * @param nativeAddress The depositor's address on the native chain
   * @param portalAddress The depositor's address on the portal chain
   */
  event Deposit(
    uint256 ts,
    string chain,
    string symbol,
    address contractAddress,
    uint256 nativeAmount,
    address indexed nativeAddress,
    address indexed portalAddress
  );

  /**
   * Event emitted when a withdrawal is made.
   * @param chain The name of the native chain of the asset
   * @param symbol The ticker symbol of the asset
   * @param nativeAmount The amount of the withdrawal
   * @param nativeAddress The withdrawer's address on the native chain
   * @param portalAddress The withdrawer's address on the portal chain
   */
  event Withdraw(
    bytes32 id,
    uint256 ts,
    string chain,
    string symbol,
    address contractAddress,
    int256 nativeAmount,
    address indexed nativeAddress,
    address indexed portalAddress
  );

  /**
   * Event emitted when an invoice is created.
   * @param swap The particulars of the swap
   */
  event SwapInvoiceCreated(Swap swap);

  /**
   * Event emitted when the holder pays an invoice.
   * @param id The unique identifier of the swap
   */
  event SwapHolderPaid(bytes32 id);

  /**
   * Event emitted when the seeker pays an invoice.
   * @param id The unique identifier of the swap
   */
  event SwapSeekerPaid(bytes32 id);

  /**
   * Event emitted when the holder settles an invoice.
   * @param id The unique identifier of the swap
   * @param secret The secret corresponding to the secret hash of the swap
   */
  event SwapHolderSettled(bytes32 id, bytes secret);

  /**
   * Event emitted when the seeker settles an invoice.
   * @param id The unique identifier of the swap
   */
  event SwapSeekerSettled(bytes32 id);

  event FundsRecovered(
    bytes32 indexed swapId,
    address indexed recipient,
    address assetAddress,
    uint256 amount
  );

  /**
   * Event emitted when a swap is fully purged from storage
   * @param swapId The ID of the swap
   * @param invoiceId The ID of the invoice
   */
  event SwapStorageCleaned(bytes32 indexed swapId, bytes32 indexed invoiceId);

  // Errors
  error InvalidAssetManager();

  error AssetAlreadyRegistered(bytes32 assetId);
  error InvalidChain(string chain);
  error InvalidEthAsset();
  error MismatchedTokenMetadata();

  error InvalidPortalAddress();
  error ZeroAmount();
  error InvalidAssetAddress();
  error InvalidEthDeposit(uint256 _value, uint256 _amount);

  error InvalidNativeAddress();
  error InsufficientContractBalance(
    address asset,
    uint256 contractBalance,
    uint256 requested
  );

  error SwapNotOnEthereum();
  error SwapNotCrossChain();
  error InvalidChainConfiguration();
  error ZeroInvoiceAmount();

  error InvalidInvoiceId();
  error InvalidSecretHash();
  error InvalidInvoiceAmount(uint256 amountSent, uint256 amountExpected);
  error InvalidSwapState();
  error SwapExpired(bytes32 swapId);

  error NotPayee(address caller);
  error NotPayer(address caller);
  error InvalidSecret();

  error InvoiceDeadlinePassed(uint256 deadline, uint256 currentTime);
  error PaymentDeadlinePassed(uint256 deadline, uint256 currentTime);
  error SettlementDeadlinePassed(uint256 deadline, uint256 currentTime);
  error NotOriginalPayer();
  error NoLockedFunds();
  error FundsAlreadyRecovered();
  error AlreadySettled();
  error NoTimeoutYet(uint256 recoveryTime, uint256 currentTime);

  error SwapNotSettled();
  error LengthMismatch();
  error BatchTooLarge();

  error MustCallDepositFunction(uint256 valueSent, address sender);
  error AmountOverflow();
  error EthTransferFailed(address recipient, uint256 amount);
  error DirectTransferNotAllowed();
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity =0.8.25;
pragma abicoder v2;

/**
 * @title IValidatorManager
 * @dev Interface for the ValidatorManager contract that defines functions for managing validators.
 * @custom:security-contact [email protected]
 */
interface IValidatorManager {
  error CallerIsNotValidator(address _caller);
  error CallerIsValidator(address _validator);
  error CallerIsNotFoundation(address _caller);
  error NotFoundationOrValidator(address caller);
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity =0.8.25;

/**
 * @title IValidatorRegistry
 * @notice Interface for the ValidatorRegistry contract
 * @dev Provides validator authentication for all system contracts
 */
interface IValidatorRegistry {
  /**
   * @notice Check if an address is the current validator
   * @param account Address to check
   * @return bool True if address is the current validator
   */
  function isValidator(address account) external view returns (bool);

  /**
   * @notice Get the current validator address
   * @return address Current validator
   */
  function validator() external view returns (address);

  /**
   * @notice Get the current foundation address
   * @return address current foundation
   */
  function foundation() external view returns (address);

  /**
   * @notice Emitted when validator is changed
   * @param oldValidator Previous validator address
   * @param newValidator New validator address
   */
  event ValidatorChanged(
    address indexed oldValidator,
    address indexed newValidator
  );

  /**
   * @notice Thrown when zero address is provided
   */
  error ZeroAddress();

  /**
   * @notice Thrown when caller is not authorized
   */
  error Unauthorized();
}

// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity >=0.8.0;

/// @notice Modern and gas efficient ERC20 + EIP-2612 implementation.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/tokens/ERC20.sol)
/// @author Modified from Uniswap (https://github.com/Uniswap/uniswap-v2-core/blob/master/contracts/UniswapV2ERC20.sol)
/// @dev Do not manually set balances without updating totalSupply, as the sum of all user balances must not exceed it.
abstract contract ERC20 {
    /*//////////////////////////////////////////////////////////////
                                 EVENTS
    //////////////////////////////////////////////////////////////*/

    event Transfer(address indexed from, address indexed to, uint256 amount);

    event Approval(address indexed owner, address indexed spender, uint256 amount);

    /*//////////////////////////////////////////////////////////////
                            METADATA STORAGE
    //////////////////////////////////////////////////////////////*/

    string public name;

    string public symbol;

    uint8 public immutable decimals;

    /*//////////////////////////////////////////////////////////////
                              ERC20 STORAGE
    //////////////////////////////////////////////////////////////*/

    uint256 public totalSupply;

    mapping(address => uint256) public balanceOf;

    mapping(address => mapping(address => uint256)) public allowance;

    /*//////////////////////////////////////////////////////////////
                            EIP-2612 STORAGE
    //////////////////////////////////////////////////////////////*/

    uint256 internal immutable INITIAL_CHAIN_ID;

    bytes32 internal immutable INITIAL_DOMAIN_SEPARATOR;

    mapping(address => uint256) public nonces;

    /*//////////////////////////////////////////////////////////////
                               CONSTRUCTOR
    //////////////////////////////////////////////////////////////*/

    constructor(
        string memory _name,
        string memory _symbol,
        uint8 _decimals
    ) {
        name = _name;
        symbol = _symbol;
        decimals = _decimals;

        INITIAL_CHAIN_ID = block.chainid;
        INITIAL_DOMAIN_SEPARATOR = computeDomainSeparator();
    }

    /*//////////////////////////////////////////////////////////////
                               ERC20 LOGIC
    //////////////////////////////////////////////////////////////*/

    function approve(address spender, uint256 amount) public virtual returns (bool) {
        allowance[msg.sender][spender] = amount;

        emit Approval(msg.sender, spender, amount);

        return true;
    }

    function transfer(address to, uint256 amount) public virtual returns (bool) {
        balanceOf[msg.sender] -= amount;

        // Cannot overflow because the sum of all user
        // balances can't exceed the max uint256 value.
        unchecked {
            balanceOf[to] += amount;
        }

        emit Transfer(msg.sender, to, amount);

        return true;
    }

    function transferFrom(
        address from,
        address to,
        uint256 amount
    ) public virtual returns (bool) {
        uint256 allowed = allowance[from][msg.sender]; // Saves gas for limited approvals.

        if (allowed != type(uint256).max) allowance[from][msg.sender] = allowed - amount;

        balanceOf[from] -= amount;

        // Cannot overflow because the sum of all user
        // balances can't exceed the max uint256 value.
        unchecked {
            balanceOf[to] += amount;
        }

        emit Transfer(from, to, amount);

        return true;
    }

    /*//////////////////////////////////////////////////////////////
                             EIP-2612 LOGIC
    //////////////////////////////////////////////////////////////*/

    function permit(
        address owner,
        address spender,
        uint256 value,
        uint256 deadline,
        uint8 v,
        bytes32 r,
        bytes32 s
    ) public virtual {
        require(deadline >= block.timestamp, "PERMIT_DEADLINE_EXPIRED");

        // Unchecked because the only math done is incrementing
        // the owner's nonce which cannot realistically overflow.
        unchecked {
            address recoveredAddress = ecrecover(
                keccak256(
                    abi.encodePacked(
                        "\x19\x01",
                        DOMAIN_SEPARATOR(),
                        keccak256(
                            abi.encode(
                                keccak256(
                                    "Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)"
                                ),
                                owner,
                                spender,
                                value,
                                nonces[owner]++,
                                deadline
                            )
                        )
                    )
                ),
                v,
                r,
                s
            );

            require(recoveredAddress != address(0) && recoveredAddress == owner, "INVALID_SIGNER");

            allowance[recoveredAddress][spender] = value;
        }

        emit Approval(owner, spender, value);
    }

    function DOMAIN_SEPARATOR() public view virtual returns (bytes32) {
        return block.chainid == INITIAL_CHAIN_ID ? INITIAL_DOMAIN_SEPARATOR : computeDomainSeparator();
    }

    function computeDomainSeparator() internal view virtual returns (bytes32) {
        return
            keccak256(
                abi.encode(
                    keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"),
                    keccak256(bytes(name)),
                    keccak256("1"),
                    block.chainid,
                    address(this)
                )
            );
    }

    /*//////////////////////////////////////////////////////////////
                        INTERNAL MINT/BURN LOGIC
    //////////////////////////////////////////////////////////////*/

    function _mint(address to, uint256 amount) internal virtual {
        totalSupply += amount;

        // Cannot overflow because the sum of all user
        // balances can't exceed the max uint256 value.
        unchecked {
            balanceOf[to] += amount;
        }

        emit Transfer(address(0), to, amount);
    }

    function _burn(address from, uint256 amount) internal virtual {
        balanceOf[from] -= amount;

        // Cannot underflow because a user's balance
        // will never be larger than the total supply.
        unchecked {
            totalSupply -= amount;
        }

        emit Transfer(from, address(0), amount);
    }
}

// SPDX-License-Identifier: AGPL-3.0-only
pragma solidity >=0.8.0;

import {ERC20} from "../tokens/ERC20.sol";

/// @notice Safe ETH and ERC20 transfer library that gracefully handles missing return values.
/// @author Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/SafeTransferLib.sol)
/// @dev Use with caution! Some functions in this library knowingly create dirty bits at the destination of the free memory pointer.
library SafeTransferLib {
    /*//////////////////////////////////////////////////////////////
                             ETH OPERATIONS
    //////////////////////////////////////////////////////////////*/

    function safeTransferETH(address to, uint256 amount) internal {
        bool success;

        /// @solidity memory-safe-assembly
        assembly {
            // Transfer the ETH and store if it succeeded or not.
            success := call(gas(), to, amount, 0, 0, 0, 0)
        }

        require(success, "ETH_TRANSFER_FAILED");
    }

    /*//////////////////////////////////////////////////////////////
                            ERC20 OPERATIONS
    //////////////////////////////////////////////////////////////*/

    function safeTransferFrom(
        ERC20 token,
        address from,
        address to,
        uint256 amount
    ) internal {
        bool success;

        /// @solidity memory-safe-assembly
        assembly {
            // Get a pointer to some free memory.
            let freeMemoryPointer := mload(0x40)

            // Write the abi-encoded calldata into memory, beginning with the function selector.
            mstore(freeMemoryPointer, 0x23b872dd00000000000000000000000000000000000000000000000000000000)
            mstore(add(freeMemoryPointer, 4), and(from, 0xffffffffffffffffffffffffffffffffffffffff)) // Append and mask the "from" argument.
            mstore(add(freeMemoryPointer, 36), and(to, 0xffffffffffffffffffffffffffffffffffffffff)) // Append and mask the "to" argument.
            mstore(add(freeMemoryPointer, 68), amount) // Append the "amount" argument. Masking not required as it's a full 32 byte type.

            // We use 100 because the length of our calldata totals up like so: 4 + 32 * 3.
            // We use 0 and 32 to copy up to 32 bytes of return data into the scratch space.
            success := call(gas(), token, 0, freeMemoryPointer, 100, 0, 32)

            // Set success to whether the call reverted, if not we check it either
            // returned exactly 1 (can't just be non-zero data), or had no return data and token has code.
            if and(iszero(and(eq(mload(0), 1), gt(returndatasize(), 31))), success) {
                success := iszero(or(iszero(extcodesize(token)), returndatasize())) 
            }
        }

        require(success, "TRANSFER_FROM_FAILED");
    }

    function safeTransfer(
        ERC20 token,
        address to,
        uint256 amount
    ) internal {
        bool success;

        /// @solidity memory-safe-assembly
        assembly {
            // Get a pointer to some free memory.
            let freeMemoryPointer := mload(0x40)

            // Write the abi-encoded calldata into memory, beginning with the function selector.
            mstore(freeMemoryPointer, 0xa9059cbb00000000000000000000000000000000000000000000000000000000)
            mstore(add(freeMemoryPointer, 4), and(to, 0xffffffffffffffffffffffffffffffffffffffff)) // Append and mask the "to" argument.
            mstore(add(freeMemoryPointer, 36), amount) // Append the "amount" argument. Masking not required as it's a full 32 byte type.

            // We use 68 because the length of our calldata totals up like so: 4 + 32 * 2.
            // We use 0 and 32 to copy up to 32 bytes of return data into the scratch space.
            success := call(gas(), token, 0, freeMemoryPointer, 68, 0, 32)

            // Set success to whether the call reverted, if not we check it either
            // returned exactly 1 (can't just be non-zero data), or had no return data and token has code.
            if and(iszero(and(eq(mload(0), 1), gt(returndatasize(), 31))), success) {
                success := iszero(or(iszero(extcodesize(token)), returndatasize())) 
            }
        }

        require(success, "TRANSFER_FAILED");
    }

    function safeApprove(
        ERC20 token,
        address to,
        uint256 amount
    ) internal {
        bool success;

        /// @solidity memory-safe-assembly
        assembly {
            // Get a pointer to some free memory.
            let freeMemoryPointer := mload(0x40)

            // Write the abi-encoded calldata into memory, beginning with the function selector.
            mstore(freeMemoryPointer, 0x095ea7b300000000000000000000000000000000000000000000000000000000)
            mstore(add(freeMemoryPointer, 4), and(to, 0xffffffffffffffffffffffffffffffffffffffff)) // Append and mask the "to" argument.
            mstore(add(freeMemoryPointer, 36), amount) // Append the "amount" argument. Masking not required as it's a full 32 byte type.

            // We use 68 because the length of our calldata totals up like so: 4 + 32 * 2.
            // We use 0 and 32 to copy up to 32 bytes of return data into the scratch space.
            success := call(gas(), token, 0, freeMemoryPointer, 68, 0, 32)

            // Set success to whether the call reverted, if not we check it either
            // returned exactly 1 (can't just be non-zero data), or had no return data and token has code.
            if and(iszero(and(eq(mload(0), 1), gt(returndatasize(), 31))), success) {
                success := iszero(or(iszero(extcodesize(token)), returndatasize())) 
            }
        }

        require(success, "APPROVE_FAILED");
    }
}