Contract 0xe75f89012375e704dd172ecb37a82b2164bf03fe 10
Contract Overview
Balance:
0 ETH
ETH Value:
$0.00
My Name Tag:
Not Available
[ Download CSV Export ]
Contract Name:
SimpleKeeperProxy
Compiler Version
v0.8.18+commit.87f61d96
Optimization Enabled:
Yes with 200 runs
Other Settings:
default evmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol) pragma solidity ^0.8.0; import "../utils/Context.sol"; /** * @dev Contract module which provides a basic access control mechanism, where * there is an account (an owner) that can be granted exclusive access to * specific functions. * * By default, the owner account will be the one that deploys the contract. This * can later be changed with {transferOwnership}. * * This module is used through inheritance. It will make available the modifier * `onlyOwner`, which can be applied to your functions to restrict their use to * the owner. */ abstract contract Ownable is Context { address private _owner; event OwnershipTransferred(address indexed previousOwner, address indexed newOwner); /** * @dev Initializes the contract setting the deployer as the initial owner. */ constructor() { _transferOwnership(_msgSender()); } /** * @dev Throws if called by any account other than the owner. */ modifier onlyOwner() { _checkOwner(); _; } /** * @dev Returns the address of the current owner. */ function owner() public view virtual returns (address) { return _owner; } /** * @dev Throws if the sender is not the owner. */ function _checkOwner() internal view virtual { require(owner() == _msgSender(), "Ownable: caller is not the owner"); } /** * @dev Leaves the contract without owner. It will not be possible to call * `onlyOwner` functions anymore. Can only be called by the current owner. * * NOTE: Renouncing ownership will leave the contract without an owner, * thereby removing any functionality that is only available to the owner. */ function renounceOwnership() public virtual onlyOwner { _transferOwnership(address(0)); } /** * @dev Transfers ownership of the contract to a new account (`newOwner`). * Can only be called by the current owner. */ function transferOwnership(address newOwner) public virtual onlyOwner { require(newOwner != address(0), "Ownable: new owner is the zero address"); _transferOwnership(newOwner); } /** * @dev Transfers ownership of the contract to a new account (`newOwner`). * Internal function without access restriction. */ function _transferOwnership(address newOwner) internal virtual { address oldOwner = _owner; _owner = newOwner; emit OwnershipTransferred(oldOwner, newOwner); } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.7.0) (interfaces/IERC3156FlashBorrower.sol) pragma solidity ^0.8.0; /** * @dev Interface of the ERC3156 FlashBorrower, as defined in * https://eips.ethereum.org/EIPS/eip-3156[ERC-3156]. * * _Available since v4.1._ */ interface IERC3156FlashBorrower { /** * @dev Receive a flash loan. * @param initiator The initiator of the loan. * @param token The loan currency. * @param amount The amount of tokens lent. * @param fee The additional amount of tokens to repay. * @param data Arbitrary data structure, intended to contain user-defined parameters. * @return The keccak256 hash of "IERC3156FlashBorrower.onFlashLoan" */ function onFlashLoan( address initiator, address token, uint256 amount, uint256 fee, bytes calldata data ) external returns (bytes32); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (interfaces/IERC3156FlashLender.sol) pragma solidity ^0.8.0; import "./IERC3156FlashBorrower.sol"; /** * @dev Interface of the ERC3156 FlashLender, as defined in * https://eips.ethereum.org/EIPS/eip-3156[ERC-3156]. * * _Available since v4.1._ */ interface IERC3156FlashLender { /** * @dev The amount of currency available to be lended. * @param token The loan currency. * @return The amount of `token` that can be borrowed. */ function maxFlashLoan(address token) external view returns (uint256); /** * @dev The fee to be charged for a given loan. * @param token The loan currency. * @param amount The amount of tokens lent. * @return The amount of `token` to be charged for the loan, on top of the returned principal. */ function flashFee(address token, uint256 amount) external view returns (uint256); /** * @dev Initiate a flash loan. * @param receiver The receiver of the tokens in the loan, and the receiver of the callback. * @param token The loan currency. * @param amount The amount of tokens lent. * @param data Arbitrary data structure, intended to contain user-defined parameters. */ function flashLoan( IERC3156FlashBorrower receiver, address token, uint256 amount, bytes calldata data ) external returns (bool); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/ERC20.sol) pragma solidity ^0.8.0; import "./IERC20.sol"; import "./extensions/IERC20Metadata.sol"; import "../../utils/Context.sol"; /** * @dev Implementation of the {IERC20} interface. * * This implementation is agnostic to the way tokens are created. This means * that a supply mechanism has to be added in a derived contract using {_mint}. * For a generic mechanism see {ERC20PresetMinterPauser}. * * TIP: For a detailed writeup see our guide * https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How * to implement supply mechanisms]. * * We have followed general OpenZeppelin Contracts guidelines: functions revert * instead returning `false` on failure. This behavior is nonetheless * conventional and does not conflict with the expectations of ERC20 * applications. * * Additionally, an {Approval} event is emitted on calls to {transferFrom}. * This allows applications to reconstruct the allowance for all accounts just * by listening to said events. Other implementations of the EIP may not emit * these events, as it isn't required by the specification. * * Finally, the non-standard {decreaseAllowance} and {increaseAllowance} * functions have been added to mitigate the well-known issues around setting * allowances. See {IERC20-approve}. */ contract ERC20 is Context, IERC20, IERC20Metadata { mapping(address => uint256) private _balances; mapping(address => mapping(address => uint256)) private _allowances; uint256 private _totalSupply; string private _name; string private _symbol; /** * @dev Sets the values for {name} and {symbol}. * * The default value of {decimals} is 18. To select a different value for * {decimals} you should overload it. * * All two of these values are immutable: they can only be set once during * construction. */ constructor(string memory name_, string memory symbol_) { _name = name_; _symbol = symbol_; } /** * @dev Returns the name of the token. */ function name() public view virtual override returns (string memory) { return _name; } /** * @dev Returns the symbol of the token, usually a shorter version of the * name. */ function symbol() public view virtual override returns (string memory) { return _symbol; } /** * @dev Returns the number of decimals used to get its user representation. * For example, if `decimals` equals `2`, a balance of `505` tokens should * be displayed to a user as `5.05` (`505 / 10 ** 2`). * * Tokens usually opt for a value of 18, imitating the relationship between * Ether and Wei. This is the value {ERC20} uses, unless this function is * overridden; * * NOTE: This information is only used for _display_ purposes: it in * no way affects any of the arithmetic of the contract, including * {IERC20-balanceOf} and {IERC20-transfer}. */ function decimals() public view virtual override returns (uint8) { return 18; } /** * @dev See {IERC20-totalSupply}. */ function totalSupply() public view virtual override returns (uint256) { return _totalSupply; } /** * @dev See {IERC20-balanceOf}. */ function balanceOf(address account) public view virtual override returns (uint256) { return _balances[account]; } /** * @dev See {IERC20-transfer}. * * Requirements: * * - `to` cannot be the zero address. * - the caller must have a balance of at least `amount`. */ function transfer(address to, uint256 amount) public virtual override returns (bool) { address owner = _msgSender(); _transfer(owner, to, amount); return true; } /** * @dev See {IERC20-allowance}. */ function allowance(address owner, address spender) public view virtual override returns (uint256) { return _allowances[owner][spender]; } /** * @dev See {IERC20-approve}. * * NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on * `transferFrom`. This is semantically equivalent to an infinite approval. * * Requirements: * * - `spender` cannot be the zero address. */ function approve(address spender, uint256 amount) public virtual override returns (bool) { address owner = _msgSender(); _approve(owner, spender, amount); return true; } /** * @dev See {IERC20-transferFrom}. * * Emits an {Approval} event indicating the updated allowance. This is not * required by the EIP. See the note at the beginning of {ERC20}. * * NOTE: Does not update the allowance if the current allowance * is the maximum `uint256`. * * Requirements: * * - `from` and `to` cannot be the zero address. * - `from` must have a balance of at least `amount`. * - the caller must have allowance for ``from``'s tokens of at least * `amount`. */ function transferFrom( address from, address to, uint256 amount ) public virtual override returns (bool) { address spender = _msgSender(); _spendAllowance(from, spender, amount); _transfer(from, to, amount); return true; } /** * @dev Atomically increases the allowance granted to `spender` by the caller. * * This is an alternative to {approve} that can be used as a mitigation for * problems described in {IERC20-approve}. * * Emits an {Approval} event indicating the updated allowance. * * Requirements: * * - `spender` cannot be the zero address. */ function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) { address owner = _msgSender(); _approve(owner, spender, allowance(owner, spender) + addedValue); return true; } /** * @dev Atomically decreases the allowance granted to `spender` by the caller. * * This is an alternative to {approve} that can be used as a mitigation for * problems described in {IERC20-approve}. * * Emits an {Approval} event indicating the updated allowance. * * Requirements: * * - `spender` cannot be the zero address. * - `spender` must have allowance for the caller of at least * `subtractedValue`. */ function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) { address owner = _msgSender(); uint256 currentAllowance = allowance(owner, spender); require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero"); unchecked { _approve(owner, spender, currentAllowance - subtractedValue); } return true; } /** * @dev Moves `amount` of tokens from `from` to `to`. * * This internal function is equivalent to {transfer}, and can be used to * e.g. implement automatic token fees, slashing mechanisms, etc. * * Emits a {Transfer} event. * * Requirements: * * - `from` cannot be the zero address. * - `to` cannot be the zero address. * - `from` must have a balance of at least `amount`. */ function _transfer( address from, address to, uint256 amount ) internal virtual { require(from != address(0), "ERC20: transfer from the zero address"); require(to != address(0), "ERC20: transfer to the zero address"); _beforeTokenTransfer(from, to, amount); uint256 fromBalance = _balances[from]; require(fromBalance >= amount, "ERC20: transfer amount exceeds balance"); unchecked { _balances[from] = fromBalance - amount; // Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by // decrementing then incrementing. _balances[to] += amount; } emit Transfer(from, to, amount); _afterTokenTransfer(from, to, amount); } /** @dev Creates `amount` tokens and assigns them to `account`, increasing * the total supply. * * Emits a {Transfer} event with `from` set to the zero address. * * Requirements: * * - `account` cannot be the zero address. */ function _mint(address account, uint256 amount) internal virtual { require(account != address(0), "ERC20: mint to the zero address"); _beforeTokenTransfer(address(0), account, amount); _totalSupply += amount; unchecked { // Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above. _balances[account] += amount; } emit Transfer(address(0), account, amount); _afterTokenTransfer(address(0), account, amount); } /** * @dev Destroys `amount` tokens from `account`, reducing the * total supply. * * Emits a {Transfer} event with `to` set to the zero address. * * Requirements: * * - `account` cannot be the zero address. * - `account` must have at least `amount` tokens. */ function _burn(address account, uint256 amount) internal virtual { require(account != address(0), "ERC20: burn from the zero address"); _beforeTokenTransfer(account, address(0), amount); uint256 accountBalance = _balances[account]; require(accountBalance >= amount, "ERC20: burn amount exceeds balance"); unchecked { _balances[account] = accountBalance - amount; // Overflow not possible: amount <= accountBalance <= totalSupply. _totalSupply -= amount; } emit Transfer(account, address(0), amount); _afterTokenTransfer(account, address(0), amount); } /** * @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens. * * This internal function is equivalent to `approve`, and can be used to * e.g. set automatic allowances for certain subsystems, etc. * * Emits an {Approval} event. * * Requirements: * * - `owner` cannot be the zero address. * - `spender` cannot be the zero address. */ function _approve( address owner, address spender, uint256 amount ) internal virtual { require(owner != address(0), "ERC20: approve from the zero address"); require(spender != address(0), "ERC20: approve to the zero address"); _allowances[owner][spender] = amount; emit Approval(owner, spender, amount); } /** * @dev Updates `owner` s allowance for `spender` based on spent `amount`. * * Does not update the allowance amount in case of infinite allowance. * Revert if not enough allowance is available. * * Might emit an {Approval} event. */ function _spendAllowance( address owner, address spender, uint256 amount ) internal virtual { uint256 currentAllowance = allowance(owner, spender); if (currentAllowance != type(uint256).max) { require(currentAllowance >= amount, "ERC20: insufficient allowance"); unchecked { _approve(owner, spender, currentAllowance - amount); } } } /** * @dev Hook that is called before any transfer of tokens. This includes * minting and burning. * * Calling conditions: * * - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens * will be transferred to `to`. * - when `from` is zero, `amount` tokens will be minted for `to`. * - when `to` is zero, `amount` of ``from``'s tokens will be burned. * - `from` and `to` are never both zero. * * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks]. */ function _beforeTokenTransfer( address from, address to, uint256 amount ) internal virtual {} /** * @dev Hook that is called after any transfer of tokens. This includes * minting and burning. * * Calling conditions: * * - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens * has been transferred to `to`. * - when `from` is zero, `amount` tokens have been minted for `to`. * - when `to` is zero, `amount` of ``from``'s tokens have been burned. * - `from` and `to` are never both zero. * * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks]. */ function _afterTokenTransfer( address from, address to, uint256 amount ) internal virtual {} }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol) pragma solidity ^0.8.0; /** * @dev Interface of the ERC20 standard as defined in the EIP. */ interface IERC20 { /** * @dev Emitted when `value` tokens are moved from one account (`from`) to * another (`to`). * * Note that `value` may be zero. */ event Transfer(address indexed from, address indexed to, uint256 value); /** * @dev Emitted when the allowance of a `spender` for an `owner` is set by * a call to {approve}. `value` is the new allowance. */ event Approval(address indexed owner, address indexed spender, uint256 value); /** * @dev Returns the amount of tokens in existence. */ function totalSupply() external view returns (uint256); /** * @dev Returns the amount of tokens owned by `account`. */ function balanceOf(address account) external view returns (uint256); /** * @dev Moves `amount` tokens from the caller's account to `to`. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transfer(address to, uint256 amount) external returns (bool); /** * @dev Returns the remaining number of tokens that `spender` will be * allowed to spend on behalf of `owner` through {transferFrom}. This is * zero by default. * * This value changes when {approve} or {transferFrom} are called. */ function allowance(address owner, address spender) external view returns (uint256); /** * @dev Sets `amount` as the allowance of `spender` over the caller's tokens. * * Returns a boolean value indicating whether the operation succeeded. * * IMPORTANT: Beware that changing an allowance with this method brings the risk * that someone may use both the old and the new allowance by unfortunate * transaction ordering. One possible solution to mitigate this race * condition is to first reduce the spender's allowance to 0 and set the * desired value afterwards: * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 * * Emits an {Approval} event. */ function approve(address spender, uint256 amount) external returns (bool); /** * @dev Moves `amount` tokens from `from` to `to` using the * allowance mechanism. `amount` is then deducted from the caller's * allowance. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transferFrom( address from, address to, uint256 amount ) external returns (bool); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/extensions/ERC20Permit.sol) pragma solidity ^0.8.0; import "./IERC20Permit.sol"; import "../ERC20.sol"; import "../../../utils/cryptography/ECDSA.sol"; import "../../../utils/cryptography/EIP712.sol"; import "../../../utils/Counters.sol"; /** * @dev Implementation of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in * https://eips.ethereum.org/EIPS/eip-2612[EIP-2612]. * * Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by * presenting a message signed by the account. By not relying on `{IERC20-approve}`, the token holder account doesn't * need to send a transaction, and thus is not required to hold Ether at all. * * _Available since v3.4._ */ abstract contract ERC20Permit is ERC20, IERC20Permit, EIP712 { using Counters for Counters.Counter; mapping(address => Counters.Counter) private _nonces; // solhint-disable-next-line var-name-mixedcase bytes32 private constant _PERMIT_TYPEHASH = keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)"); /** * @dev In previous versions `_PERMIT_TYPEHASH` was declared as `immutable`. * However, to ensure consistency with the upgradeable transpiler, we will continue * to reserve a slot. * @custom:oz-renamed-from _PERMIT_TYPEHASH */ // solhint-disable-next-line var-name-mixedcase bytes32 private _PERMIT_TYPEHASH_DEPRECATED_SLOT; /** * @dev Initializes the {EIP712} domain separator using the `name` parameter, and setting `version` to `"1"`. * * It's a good idea to use the same `name` that is defined as the ERC20 token name. */ constructor(string memory name) EIP712(name, "1") {} /** * @dev See {IERC20Permit-permit}. */ function permit( address owner, address spender, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s ) public virtual override { require(block.timestamp <= deadline, "ERC20Permit: expired deadline"); bytes32 structHash = keccak256(abi.encode(_PERMIT_TYPEHASH, owner, spender, value, _useNonce(owner), deadline)); bytes32 hash = _hashTypedDataV4(structHash); address signer = ECDSA.recover(hash, v, r, s); require(signer == owner, "ERC20Permit: invalid signature"); _approve(owner, spender, value); } /** * @dev See {IERC20Permit-nonces}. */ function nonces(address owner) public view virtual override returns (uint256) { return _nonces[owner].current(); } /** * @dev See {IERC20Permit-DOMAIN_SEPARATOR}. */ // solhint-disable-next-line func-name-mixedcase function DOMAIN_SEPARATOR() external view override returns (bytes32) { return _domainSeparatorV4(); } /** * @dev "Consume a nonce": return the current value and increment. * * _Available since v4.1._ */ function _useNonce(address owner) internal virtual returns (uint256 current) { Counters.Counter storage nonce = _nonces[owner]; current = nonce.current(); nonce.increment(); } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol) pragma solidity ^0.8.0; import "../IERC20.sol"; /** * @dev Interface for the optional metadata functions from the ERC20 standard. * * _Available since v4.1._ */ interface IERC20Metadata is IERC20 { /** * @dev Returns the name of the token. */ function name() external view returns (string memory); /** * @dev Returns the symbol of the token. */ function symbol() external view returns (string memory); /** * @dev Returns the decimals places of the token. */ function decimals() external view returns (uint8); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Permit.sol) pragma solidity ^0.8.0; /** * @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in * https://eips.ethereum.org/EIPS/eip-2612[EIP-2612]. * * Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by * presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't * need to send a transaction, and thus is not required to hold Ether at all. */ interface IERC20Permit { /** * @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens, * given ``owner``'s signed approval. * * IMPORTANT: The same issues {IERC20-approve} has related to transaction * ordering also apply here. * * Emits an {Approval} event. * * Requirements: * * - `spender` cannot be the zero address. * - `deadline` must be a timestamp in the future. * - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner` * over the EIP712-formatted function arguments. * - the signature must use ``owner``'s current nonce (see {nonces}). * * For more information on the signature format, see the * https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP * section]. */ function permit( address owner, address spender, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s ) external; /** * @dev Returns the current nonce for `owner`. This value must be * included whenever a signature is generated for {permit}. * * Every successful call to {permit} increases ``owner``'s nonce by one. This * prevents a signature from being used multiple times. */ function nonces(address owner) external view returns (uint256); /** * @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}. */ // solhint-disable-next-line func-name-mixedcase function DOMAIN_SEPARATOR() external view returns (bytes32); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/utils/SafeERC20.sol) pragma solidity ^0.8.0; import "../IERC20.sol"; import "../extensions/IERC20Permit.sol"; import "../../../utils/Address.sol"; /** * @title SafeERC20 * @dev Wrappers around ERC20 operations that throw on failure (when the token * contract returns false). Tokens that return no value (and instead revert or * throw on failure) are also supported, non-reverting calls are assumed to be * successful. * To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract, * which allows you to call the safe operations as `token.safeTransfer(...)`, etc. */ library SafeERC20 { using Address for address; function safeTransfer( IERC20 token, address to, uint256 value ) internal { _callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value)); } function safeTransferFrom( IERC20 token, address from, address to, uint256 value ) internal { _callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value)); } /** * @dev Deprecated. This function has issues similar to the ones found in * {IERC20-approve}, and its usage is discouraged. * * Whenever possible, use {safeIncreaseAllowance} and * {safeDecreaseAllowance} instead. */ function safeApprove( IERC20 token, address spender, uint256 value ) internal { // safeApprove should only be called when setting an initial allowance, // or when resetting it to zero. To increase and decrease it, use // 'safeIncreaseAllowance' and 'safeDecreaseAllowance' require( (value == 0) || (token.allowance(address(this), spender) == 0), "SafeERC20: approve from non-zero to non-zero allowance" ); _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value)); } function safeIncreaseAllowance( IERC20 token, address spender, uint256 value ) internal { uint256 newAllowance = token.allowance(address(this), spender) + value; _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance)); } function safeDecreaseAllowance( IERC20 token, address spender, uint256 value ) internal { unchecked { uint256 oldAllowance = token.allowance(address(this), spender); require(oldAllowance >= value, "SafeERC20: decreased allowance below zero"); uint256 newAllowance = oldAllowance - value; _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance)); } } function safePermit( IERC20Permit token, address owner, address spender, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s ) internal { uint256 nonceBefore = token.nonces(owner); token.permit(owner, spender, value, deadline, v, r, s); uint256 nonceAfter = token.nonces(owner); require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed"); } /** * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement * on the return value: the return value is optional (but if data is returned, it must not be false). * @param token The token targeted by the call. * @param data The call data (encoded using abi.encode or one of its variants). */ function _callOptionalReturn(IERC20 token, bytes memory data) private { // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since // we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that // the target address contains contract code and also asserts for success in the low-level call. bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed"); if (returndata.length > 0) { // Return data is optional require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed"); } } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol) pragma solidity ^0.8.1; /** * @dev Collection of functions related to the address type */ library Address { /** * @dev Returns true if `account` is a contract. * * [IMPORTANT] * ==== * It is unsafe to assume that an address for which this function returns * false is an externally-owned account (EOA) and not a contract. * * Among others, `isContract` will return false for the following * types of addresses: * * - an externally-owned account * - a contract in construction * - an address where a contract will be created * - an address where a contract lived, but was destroyed * ==== * * [IMPORTANT] * ==== * You shouldn't rely on `isContract` to protect against flash loan attacks! * * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract * constructor. * ==== */ function isContract(address account) internal view returns (bool) { // This method relies on extcodesize/address.code.length, which returns 0 // for contracts in construction, since the code is only stored at the end // of the constructor execution. return account.code.length > 0; } /** * @dev Replacement for Solidity's `transfer`: sends `amount` wei to * `recipient`, forwarding all available gas and reverting on errors. * * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost * of certain opcodes, possibly making contracts go over the 2300 gas limit * imposed by `transfer`, making them unable to receive funds via * `transfer`. {sendValue} removes this limitation. * * https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more]. * * IMPORTANT: because control is transferred to `recipient`, care must be * taken to not create reentrancy vulnerabilities. Consider using * {ReentrancyGuard} or the * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern]. */ function sendValue(address payable recipient, uint256 amount) internal { require(address(this).balance >= amount, "Address: insufficient balance"); (bool success, ) = recipient.call{value: amount}(""); require(success, "Address: unable to send value, recipient may have reverted"); } /** * @dev Performs a Solidity function call using a low level `call`. A * plain `call` is an unsafe replacement for a function call: use this * function instead. * * If `target` reverts with a revert reason, it is bubbled up by this * function (like regular Solidity function calls). * * Returns the raw returned data. To convert to the expected return value, * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`]. * * Requirements: * * - `target` must be a contract. * - calling `target` with `data` must not revert. * * _Available since v3.1._ */ function functionCall(address target, bytes memory data) internal returns (bytes memory) { return functionCallWithValue(target, data, 0, "Address: low-level call failed"); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with * `errorMessage` as a fallback revert reason when `target` reverts. * * _Available since v3.1._ */ function functionCall( address target, bytes memory data, string memory errorMessage ) internal returns (bytes memory) { return functionCallWithValue(target, data, 0, errorMessage); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but also transferring `value` wei to `target`. * * Requirements: * * - the calling contract must have an ETH balance of at least `value`. * - the called Solidity function must be `payable`. * * _Available since v3.1._ */ function functionCallWithValue( address target, bytes memory data, uint256 value ) internal returns (bytes memory) { return functionCallWithValue(target, data, value, "Address: low-level call with value failed"); } /** * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but * with `errorMessage` as a fallback revert reason when `target` reverts. * * _Available since v3.1._ */ function functionCallWithValue( address target, bytes memory data, uint256 value, string memory errorMessage ) internal returns (bytes memory) { require(address(this).balance >= value, "Address: insufficient balance for call"); (bool success, bytes memory returndata) = target.call{value: value}(data); return verifyCallResultFromTarget(target, success, returndata, errorMessage); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but performing a static call. * * _Available since v3.3._ */ function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) { return functionStaticCall(target, data, "Address: low-level static call failed"); } /** * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`], * but performing a static call. * * _Available since v3.3._ */ function functionStaticCall( address target, bytes memory data, string memory errorMessage ) internal view returns (bytes memory) { (bool success, bytes memory returndata) = target.staticcall(data); return verifyCallResultFromTarget(target, success, returndata, errorMessage); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but performing a delegate call. * * _Available since v3.4._ */ function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) { return functionDelegateCall(target, data, "Address: low-level delegate call failed"); } /** * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`], * but performing a delegate call. * * _Available since v3.4._ */ function functionDelegateCall( address target, bytes memory data, string memory errorMessage ) internal returns (bytes memory) { (bool success, bytes memory returndata) = target.delegatecall(data); return verifyCallResultFromTarget(target, success, returndata, errorMessage); } /** * @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling * the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract. * * _Available since v4.8._ */ function verifyCallResultFromTarget( address target, bool success, bytes memory returndata, string memory errorMessage ) internal view returns (bytes memory) { if (success) { if (returndata.length == 0) { // only check isContract if the call was successful and the return data is empty // otherwise we already know that it was a contract require(isContract(target), "Address: call to non-contract"); } return returndata; } else { _revert(returndata, errorMessage); } } /** * @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the * revert reason or using the provided one. * * _Available since v4.3._ */ function verifyCallResult( bool success, bytes memory returndata, string memory errorMessage ) internal pure returns (bytes memory) { if (success) { return returndata; } else { _revert(returndata, errorMessage); } } function _revert(bytes memory returndata, string memory errorMessage) private pure { // Look for revert reason and bubble it up if present if (returndata.length > 0) { // The easiest way to bubble the revert reason is using memory via assembly /// @solidity memory-safe-assembly assembly { let returndata_size := mload(returndata) revert(add(32, returndata), returndata_size) } } else { revert(errorMessage); } } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (utils/Context.sol) pragma solidity ^0.8.0; /** * @dev Provides information about the current execution context, including the * sender of the transaction and its data. While these are generally available * via msg.sender and msg.data, they should not be accessed in such a direct * manner, since when dealing with meta-transactions the account sending and * paying for execution may not be the actual sender (as far as an application * is concerned). * * This contract is only required for intermediate, library-like contracts. */ abstract contract Context { function _msgSender() internal view virtual returns (address) { return msg.sender; } function _msgData() internal view virtual returns (bytes calldata) { return msg.data; } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (utils/Counters.sol) pragma solidity ^0.8.0; /** * @title Counters * @author Matt Condon (@shrugs) * @dev Provides counters that can only be incremented, decremented or reset. This can be used e.g. to track the number * of elements in a mapping, issuing ERC721 ids, or counting request ids. * * Include with `using Counters for Counters.Counter;` */ library Counters { struct Counter { // This variable should never be directly accessed by users of the library: interactions must be restricted to // the library's function. As of Solidity v0.5.2, this cannot be enforced, though there is a proposal to add // this feature: see https://github.com/ethereum/solidity/issues/4637 uint256 _value; // default: 0 } function current(Counter storage counter) internal view returns (uint256) { return counter._value; } function increment(Counter storage counter) internal { unchecked { counter._value += 1; } } function decrement(Counter storage counter) internal { uint256 value = counter._value; require(value > 0, "Counter: decrement overflow"); unchecked { counter._value = value - 1; } } function reset(Counter storage counter) internal { counter._value = 0; } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.8.0) (utils/Strings.sol) pragma solidity ^0.8.0; import "./math/Math.sol"; /** * @dev String operations. */ library Strings { bytes16 private constant _SYMBOLS = "0123456789abcdef"; uint8 private constant _ADDRESS_LENGTH = 20; /** * @dev Converts a `uint256` to its ASCII `string` decimal representation. */ function toString(uint256 value) internal pure returns (string memory) { unchecked { uint256 length = Math.log10(value) + 1; string memory buffer = new string(length); uint256 ptr; /// @solidity memory-safe-assembly assembly { ptr := add(buffer, add(32, length)) } while (true) { ptr--; /// @solidity memory-safe-assembly assembly { mstore8(ptr, byte(mod(value, 10), _SYMBOLS)) } value /= 10; if (value == 0) break; } return buffer; } } /** * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation. */ function toHexString(uint256 value) internal pure returns (string memory) { unchecked { return toHexString(value, Math.log256(value) + 1); } } /** * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length. */ function toHexString(uint256 value, uint256 length) internal pure returns (string memory) { bytes memory buffer = new bytes(2 * length + 2); buffer[0] = "0"; buffer[1] = "x"; for (uint256 i = 2 * length + 1; i > 1; --i) { buffer[i] = _SYMBOLS[value & 0xf]; value >>= 4; } require(value == 0, "Strings: hex length insufficient"); return string(buffer); } /** * @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation. */ function toHexString(address addr) internal pure returns (string memory) { return toHexString(uint256(uint160(addr)), _ADDRESS_LENGTH); } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/ECDSA.sol) pragma solidity ^0.8.0; import "../Strings.sol"; /** * @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations. * * These functions can be used to verify that a message was signed by the holder * of the private keys of a given address. */ library ECDSA { enum RecoverError { NoError, InvalidSignature, InvalidSignatureLength, InvalidSignatureS, InvalidSignatureV // Deprecated in v4.8 } function _throwError(RecoverError error) private pure { if (error == RecoverError.NoError) { return; // no error: do nothing } else if (error == RecoverError.InvalidSignature) { revert("ECDSA: invalid signature"); } else if (error == RecoverError.InvalidSignatureLength) { revert("ECDSA: invalid signature length"); } else if (error == RecoverError.InvalidSignatureS) { revert("ECDSA: invalid signature 's' value"); } } /** * @dev Returns the address that signed a hashed message (`hash`) with * `signature` or error string. This address can then be used for verification purposes. * * The `ecrecover` EVM opcode allows for malleable (non-unique) signatures: * this function rejects them by requiring the `s` value to be in the lower * half order, and the `v` value to be either 27 or 28. * * IMPORTANT: `hash` _must_ be the result of a hash operation for the * verification to be secure: it is possible to craft signatures that * recover to arbitrary addresses for non-hashed data. A safe way to ensure * this is by receiving a hash of the original message (which may otherwise * be too long), and then calling {toEthSignedMessageHash} on it. * * Documentation for signature generation: * - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js] * - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers] * * _Available since v4.3._ */ function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError) { if (signature.length == 65) { bytes32 r; bytes32 s; uint8 v; // ecrecover takes the signature parameters, and the only way to get them // currently is to use assembly. /// @solidity memory-safe-assembly assembly { r := mload(add(signature, 0x20)) s := mload(add(signature, 0x40)) v := byte(0, mload(add(signature, 0x60))) } return tryRecover(hash, v, r, s); } else { return (address(0), RecoverError.InvalidSignatureLength); } } /** * @dev Returns the address that signed a hashed message (`hash`) with * `signature`. This address can then be used for verification purposes. * * The `ecrecover` EVM opcode allows for malleable (non-unique) signatures: * this function rejects them by requiring the `s` value to be in the lower * half order, and the `v` value to be either 27 or 28. * * IMPORTANT: `hash` _must_ be the result of a hash operation for the * verification to be secure: it is possible to craft signatures that * recover to arbitrary addresses for non-hashed data. A safe way to ensure * this is by receiving a hash of the original message (which may otherwise * be too long), and then calling {toEthSignedMessageHash} on it. */ function recover(bytes32 hash, bytes memory signature) internal pure returns (address) { (address recovered, RecoverError error) = tryRecover(hash, signature); _throwError(error); return recovered; } /** * @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately. * * See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures] * * _Available since v4.3._ */ function tryRecover( bytes32 hash, bytes32 r, bytes32 vs ) internal pure returns (address, RecoverError) { bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff); uint8 v = uint8((uint256(vs) >> 255) + 27); return tryRecover(hash, v, r, s); } /** * @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately. * * _Available since v4.2._ */ function recover( bytes32 hash, bytes32 r, bytes32 vs ) internal pure returns (address) { (address recovered, RecoverError error) = tryRecover(hash, r, vs); _throwError(error); return recovered; } /** * @dev Overload of {ECDSA-tryRecover} that receives the `v`, * `r` and `s` signature fields separately. * * _Available since v4.3._ */ function tryRecover( bytes32 hash, uint8 v, bytes32 r, bytes32 s ) internal pure returns (address, RecoverError) { // EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature // unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines // the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most // signatures from current libraries generate a unique signature with an s-value in the lower half order. // // If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value // with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or // vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept // these malleable signatures as well. if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) { return (address(0), RecoverError.InvalidSignatureS); } // If the signature is valid (and not malleable), return the signer address address signer = ecrecover(hash, v, r, s); if (signer == address(0)) { return (address(0), RecoverError.InvalidSignature); } return (signer, RecoverError.NoError); } /** * @dev Overload of {ECDSA-recover} that receives the `v`, * `r` and `s` signature fields separately. */ function recover( bytes32 hash, uint8 v, bytes32 r, bytes32 s ) internal pure returns (address) { (address recovered, RecoverError error) = tryRecover(hash, v, r, s); _throwError(error); return recovered; } /** * @dev Returns an Ethereum Signed Message, created from a `hash`. This * produces hash corresponding to the one signed with the * https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`] * JSON-RPC method as part of EIP-191. * * See {recover}. */ function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32) { // 32 is the length in bytes of hash, // enforced by the type signature above return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", hash)); } /** * @dev Returns an Ethereum Signed Message, created from `s`. This * produces hash corresponding to the one signed with the * https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`] * JSON-RPC method as part of EIP-191. * * See {recover}. */ function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32) { return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n", Strings.toString(s.length), s)); } /** * @dev Returns an Ethereum Signed Typed Data, created from a * `domainSeparator` and a `structHash`. This produces hash corresponding * to the one signed with the * https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`] * JSON-RPC method as part of EIP-712. * * See {recover}. */ function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32) { return keccak256(abi.encodePacked("\x19\x01", domainSeparator, structHash)); } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/EIP712.sol) pragma solidity ^0.8.0; import "./ECDSA.sol"; /** * @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data. * * The encoding specified in the EIP is very generic, and such a generic implementation in Solidity is not feasible, * thus this contract does not implement the encoding itself. Protocols need to implement the type-specific encoding * they need in their contracts using a combination of `abi.encode` and `keccak256`. * * This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding * scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA * ({_hashTypedDataV4}). * * The implementation of the domain separator was designed to be as efficient as possible while still properly updating * the chain id to protect against replay attacks on an eventual fork of the chain. * * NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method * https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask]. * * _Available since v3.4._ */ abstract contract EIP712 { /* solhint-disable var-name-mixedcase */ // Cache the domain separator as an immutable value, but also store the chain id that it corresponds to, in order to // invalidate the cached domain separator if the chain id changes. bytes32 private immutable _CACHED_DOMAIN_SEPARATOR; uint256 private immutable _CACHED_CHAIN_ID; address private immutable _CACHED_THIS; bytes32 private immutable _HASHED_NAME; bytes32 private immutable _HASHED_VERSION; bytes32 private immutable _TYPE_HASH; /* solhint-enable var-name-mixedcase */ /** * @dev Initializes the domain separator and parameter caches. * * The meaning of `name` and `version` is specified in * https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]: * * - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol. * - `version`: the current major version of the signing domain. * * NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart * contract upgrade]. */ constructor(string memory name, string memory version) { bytes32 hashedName = keccak256(bytes(name)); bytes32 hashedVersion = keccak256(bytes(version)); bytes32 typeHash = keccak256( "EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)" ); _HASHED_NAME = hashedName; _HASHED_VERSION = hashedVersion; _CACHED_CHAIN_ID = block.chainid; _CACHED_DOMAIN_SEPARATOR = _buildDomainSeparator(typeHash, hashedName, hashedVersion); _CACHED_THIS = address(this); _TYPE_HASH = typeHash; } /** * @dev Returns the domain separator for the current chain. */ function _domainSeparatorV4() internal view returns (bytes32) { if (address(this) == _CACHED_THIS && block.chainid == _CACHED_CHAIN_ID) { return _CACHED_DOMAIN_SEPARATOR; } else { return _buildDomainSeparator(_TYPE_HASH, _HASHED_NAME, _HASHED_VERSION); } } function _buildDomainSeparator( bytes32 typeHash, bytes32 nameHash, bytes32 versionHash ) private view returns (bytes32) { return keccak256(abi.encode(typeHash, nameHash, versionHash, block.chainid, address(this))); } /** * @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this * function returns the hash of the fully encoded EIP712 message for this domain. * * This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example: * * ```solidity * bytes32 digest = _hashTypedDataV4(keccak256(abi.encode( * keccak256("Mail(address to,string contents)"), * mailTo, * keccak256(bytes(mailContents)) * ))); * address signer = ECDSA.recover(digest, signature); * ``` */ function _hashTypedDataV4(bytes32 structHash) internal view virtual returns (bytes32) { return ECDSA.toTypedDataHash(_domainSeparatorV4(), structHash); } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.8.0) (utils/math/Math.sol) pragma solidity ^0.8.0; /** * @dev Standard math utilities missing in the Solidity language. */ library Math { enum Rounding { Down, // Toward negative infinity Up, // Toward infinity Zero // Toward zero } /** * @dev Returns the largest of two numbers. */ function max(uint256 a, uint256 b) internal pure returns (uint256) { return a > b ? a : b; } /** * @dev Returns the smallest of two numbers. */ function min(uint256 a, uint256 b) internal pure returns (uint256) { return a < b ? a : b; } /** * @dev Returns the average of two numbers. The result is rounded towards * zero. */ function average(uint256 a, uint256 b) internal pure returns (uint256) { // (a + b) / 2 can overflow. return (a & b) + (a ^ b) / 2; } /** * @dev Returns the ceiling of the division of two numbers. * * This differs from standard division with `/` in that it rounds up instead * of rounding down. */ function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) { // (a + b - 1) / b can overflow on addition, so we distribute. return a == 0 ? 0 : (a - 1) / b + 1; } /** * @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0 * @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) * with further edits by Uniswap Labs also under MIT license. */ function mulDiv( uint256 x, uint256 y, uint256 denominator ) internal pure returns (uint256 result) { unchecked { // 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use // use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256 // variables such that product = prod1 * 2^256 + prod0. uint256 prod0; // Least significant 256 bits of the product uint256 prod1; // Most significant 256 bits of the product assembly { let mm := mulmod(x, y, not(0)) prod0 := mul(x, y) prod1 := sub(sub(mm, prod0), lt(mm, prod0)) } // Handle non-overflow cases, 256 by 256 division. if (prod1 == 0) { return prod0 / denominator; } // Make sure the result is less than 2^256. Also prevents denominator == 0. require(denominator > prod1); /////////////////////////////////////////////// // 512 by 256 division. /////////////////////////////////////////////// // Make division exact by subtracting the remainder from [prod1 prod0]. uint256 remainder; assembly { // Compute remainder using mulmod. remainder := mulmod(x, y, denominator) // Subtract 256 bit number from 512 bit number. prod1 := sub(prod1, gt(remainder, prod0)) prod0 := sub(prod0, remainder) } // Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1. // See https://cs.stackexchange.com/q/138556/92363. // Does not overflow because the denominator cannot be zero at this stage in the function. uint256 twos = denominator & (~denominator + 1); assembly { // Divide denominator by twos. denominator := div(denominator, twos) // Divide [prod1 prod0] by twos. prod0 := div(prod0, twos) // Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one. twos := add(div(sub(0, twos), twos), 1) } // Shift in bits from prod1 into prod0. prod0 |= prod1 * twos; // Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such // that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for // four bits. That is, denominator * inv = 1 mod 2^4. uint256 inverse = (3 * denominator) ^ 2; // Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works // in modular arithmetic, doubling the correct bits in each step. inverse *= 2 - denominator * inverse; // inverse mod 2^8 inverse *= 2 - denominator * inverse; // inverse mod 2^16 inverse *= 2 - denominator * inverse; // inverse mod 2^32 inverse *= 2 - denominator * inverse; // inverse mod 2^64 inverse *= 2 - denominator * inverse; // inverse mod 2^128 inverse *= 2 - denominator * inverse; // inverse mod 2^256 // Because the division is now exact we can divide by multiplying with the modular inverse of denominator. // This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is // less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1 // is no longer required. result = prod0 * inverse; return result; } } /** * @notice Calculates x * y / denominator with full precision, following the selected rounding direction. */ function mulDiv( uint256 x, uint256 y, uint256 denominator, Rounding rounding ) internal pure returns (uint256) { uint256 result = mulDiv(x, y, denominator); if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) { result += 1; } return result; } /** * @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down. * * Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11). */ function sqrt(uint256 a) internal pure returns (uint256) { if (a == 0) { return 0; } // For our first guess, we get the biggest power of 2 which is smaller than the square root of the target. // // We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have // `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`. // // This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)` // → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))` // → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)` // // Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit. uint256 result = 1 << (log2(a) >> 1); // At this point `result` is an estimation with one bit of precision. We know the true value is a uint128, // since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at // every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision // into the expected uint128 result. unchecked { result = (result + a / result) >> 1; result = (result + a / result) >> 1; result = (result + a / result) >> 1; result = (result + a / result) >> 1; result = (result + a / result) >> 1; result = (result + a / result) >> 1; result = (result + a / result) >> 1; return min(result, a / result); } } /** * @notice Calculates sqrt(a), following the selected rounding direction. */ function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) { unchecked { uint256 result = sqrt(a); return result + (rounding == Rounding.Up && result * result < a ? 1 : 0); } } /** * @dev Return the log in base 2, rounded down, of a positive value. * Returns 0 if given 0. */ function log2(uint256 value) internal pure returns (uint256) { uint256 result = 0; unchecked { if (value >> 128 > 0) { value >>= 128; result += 128; } if (value >> 64 > 0) { value >>= 64; result += 64; } if (value >> 32 > 0) { value >>= 32; result += 32; } if (value >> 16 > 0) { value >>= 16; result += 16; } if (value >> 8 > 0) { value >>= 8; result += 8; } if (value >> 4 > 0) { value >>= 4; result += 4; } if (value >> 2 > 0) { value >>= 2; result += 2; } if (value >> 1 > 0) { result += 1; } } return result; } /** * @dev Return the log in base 2, following the selected rounding direction, of a positive value. * Returns 0 if given 0. */ function log2(uint256 value, Rounding rounding) internal pure returns (uint256) { unchecked { uint256 result = log2(value); return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0); } } /** * @dev Return the log in base 10, rounded down, of a positive value. * Returns 0 if given 0. */ function log10(uint256 value) internal pure returns (uint256) { uint256 result = 0; unchecked { if (value >= 10**64) { value /= 10**64; result += 64; } if (value >= 10**32) { value /= 10**32; result += 32; } if (value >= 10**16) { value /= 10**16; result += 16; } if (value >= 10**8) { value /= 10**8; result += 8; } if (value >= 10**4) { value /= 10**4; result += 4; } if (value >= 10**2) { value /= 10**2; result += 2; } if (value >= 10**1) { result += 1; } } return result; } /** * @dev Return the log in base 10, following the selected rounding direction, of a positive value. * Returns 0 if given 0. */ function log10(uint256 value, Rounding rounding) internal pure returns (uint256) { unchecked { uint256 result = log10(value); return result + (rounding == Rounding.Up && 10**result < value ? 1 : 0); } } /** * @dev Return the log in base 256, rounded down, of a positive value. * Returns 0 if given 0. * * Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string. */ function log256(uint256 value) internal pure returns (uint256) { uint256 result = 0; unchecked { if (value >> 128 > 0) { value >>= 128; result += 16; } if (value >> 64 > 0) { value >>= 64; result += 8; } if (value >> 32 > 0) { value >>= 32; result += 4; } if (value >> 16 > 0) { value >>= 16; result += 2; } if (value >> 8 > 0) { result += 1; } } return result; } /** * @dev Return the log in base 10, following the selected rounding direction, of a positive value. * Returns 0 if given 0. */ function log256(uint256 value, Rounding rounding) internal pure returns (uint256) { unchecked { uint256 result = log256(value); return result + (rounding == Rounding.Up && 1 << (result << 3) < value ? 1 : 0); } } }
// SPDX-License-Identifier: Unlicense pragma solidity >=0.8.4; /// @notice Emitted when the result overflows uint256. error PRBMath__MulDivFixedPointOverflow(uint256 prod1); /// @notice Emitted when the result overflows uint256. error PRBMath__MulDivOverflow(uint256 prod1, uint256 denominator); /// @notice Emitted when one of the inputs is type(int256).min. error PRBMath__MulDivSignedInputTooSmall(); /// @notice Emitted when the intermediary absolute result overflows int256. error PRBMath__MulDivSignedOverflow(uint256 rAbs); /// @notice Emitted when the input is MIN_SD59x18. error PRBMathSD59x18__AbsInputTooSmall(); /// @notice Emitted when ceiling a number overflows SD59x18. error PRBMathSD59x18__CeilOverflow(int256 x); /// @notice Emitted when one of the inputs is MIN_SD59x18. error PRBMathSD59x18__DivInputTooSmall(); /// @notice Emitted when one of the intermediary unsigned results overflows SD59x18. error PRBMathSD59x18__DivOverflow(uint256 rAbs); /// @notice Emitted when the input is greater than 133.084258667509499441. error PRBMathSD59x18__ExpInputTooBig(int256 x); /// @notice Emitted when the input is greater than 192. error PRBMathSD59x18__Exp2InputTooBig(int256 x); /// @notice Emitted when flooring a number underflows SD59x18. error PRBMathSD59x18__FloorUnderflow(int256 x); /// @notice Emitted when converting a basic integer to the fixed-point format overflows SD59x18. error PRBMathSD59x18__FromIntOverflow(int256 x); /// @notice Emitted when converting a basic integer to the fixed-point format underflows SD59x18. error PRBMathSD59x18__FromIntUnderflow(int256 x); /// @notice Emitted when the product of the inputs is negative. error PRBMathSD59x18__GmNegativeProduct(int256 x, int256 y); /// @notice Emitted when multiplying the inputs overflows SD59x18. error PRBMathSD59x18__GmOverflow(int256 x, int256 y); /// @notice Emitted when the input is less than or equal to zero. error PRBMathSD59x18__LogInputTooSmall(int256 x); /// @notice Emitted when one of the inputs is MIN_SD59x18. error PRBMathSD59x18__MulInputTooSmall(); /// @notice Emitted when the intermediary absolute result overflows SD59x18. error PRBMathSD59x18__MulOverflow(uint256 rAbs); /// @notice Emitted when the intermediary absolute result overflows SD59x18. error PRBMathSD59x18__PowuOverflow(uint256 rAbs); /// @notice Emitted when the input is negative. error PRBMathSD59x18__SqrtNegativeInput(int256 x); /// @notice Emitted when the calculating the square root overflows SD59x18. error PRBMathSD59x18__SqrtOverflow(int256 x); /// @notice Emitted when addition overflows UD60x18. error PRBMathUD60x18__AddOverflow(uint256 x, uint256 y); /// @notice Emitted when ceiling a number overflows UD60x18. error PRBMathUD60x18__CeilOverflow(uint256 x); /// @notice Emitted when the input is greater than 133.084258667509499441. error PRBMathUD60x18__ExpInputTooBig(uint256 x); /// @notice Emitted when the input is greater than 192. error PRBMathUD60x18__Exp2InputTooBig(uint256 x); /// @notice Emitted when converting a basic integer to the fixed-point format format overflows UD60x18. error PRBMathUD60x18__FromUintOverflow(uint256 x); /// @notice Emitted when multiplying the inputs overflows UD60x18. error PRBMathUD60x18__GmOverflow(uint256 x, uint256 y); /// @notice Emitted when the input is less than 1. error PRBMathUD60x18__LogInputTooSmall(uint256 x); /// @notice Emitted when the calculating the square root overflows UD60x18. error PRBMathUD60x18__SqrtOverflow(uint256 x); /// @notice Emitted when subtraction underflows UD60x18. error PRBMathUD60x18__SubUnderflow(uint256 x, uint256 y); /// @dev Common mathematical functions used in both PRBMathSD59x18 and PRBMathUD60x18. Note that this shared library /// does not always assume the signed 59.18-decimal fixed-point or the unsigned 60.18-decimal fixed-point /// representation. When it does not, it is explicitly mentioned in the NatSpec documentation. library PRBMath { /// STRUCTS /// struct SD59x18 { int256 value; } struct UD60x18 { uint256 value; } /// STORAGE /// /// @dev How many trailing decimals can be represented. uint256 internal constant SCALE = 1e18; /// @dev Largest power of two divisor of SCALE. uint256 internal constant SCALE_LPOTD = 262144; /// @dev SCALE inverted mod 2^256. uint256 internal constant SCALE_INVERSE = 78156646155174841979727994598816262306175212592076161876661_508869554232690281; /// FUNCTIONS /// /// @notice Calculates the binary exponent of x using the binary fraction method. /// @dev Has to use 192.64-bit fixed-point numbers. /// See https://ethereum.stackexchange.com/a/96594/24693. /// @param x The exponent as an unsigned 192.64-bit fixed-point number. /// @return result The result as an unsigned 60.18-decimal fixed-point number. function exp2(uint256 x) internal pure returns (uint256 result) { unchecked { // Start from 0.5 in the 192.64-bit fixed-point format. result = 0x800000000000000000000000000000000000000000000000; // Multiply the result by root(2, 2^-i) when the bit at position i is 1. None of the intermediary results overflows // because the initial result is 2^191 and all magic factors are less than 2^65. if (x & 0x8000000000000000 > 0) { result = (result * 0x16A09E667F3BCC909) >> 64; } if (x & 0x4000000000000000 > 0) { result = (result * 0x1306FE0A31B7152DF) >> 64; } if (x & 0x2000000000000000 > 0) { result = (result * 0x1172B83C7D517ADCE) >> 64; } if (x & 0x1000000000000000 > 0) { result = (result * 0x10B5586CF9890F62A) >> 64; } if (x & 0x800000000000000 > 0) { result = (result * 0x1059B0D31585743AE) >> 64; } if (x & 0x400000000000000 > 0) { result = (result * 0x102C9A3E778060EE7) >> 64; } if (x & 0x200000000000000 > 0) { result = (result * 0x10163DA9FB33356D8) >> 64; } if (x & 0x100000000000000 > 0) { result = (result * 0x100B1AFA5ABCBED61) >> 64; } if (x & 0x80000000000000 > 0) { result = (result * 0x10058C86DA1C09EA2) >> 64; } if (x & 0x40000000000000 > 0) { result = (result * 0x1002C605E2E8CEC50) >> 64; } if (x & 0x20000000000000 > 0) { result = (result * 0x100162F3904051FA1) >> 64; } if (x & 0x10000000000000 > 0) { result = (result * 0x1000B175EFFDC76BA) >> 64; } if (x & 0x8000000000000 > 0) { result = (result * 0x100058BA01FB9F96D) >> 64; } if (x & 0x4000000000000 > 0) { result = (result * 0x10002C5CC37DA9492) >> 64; } if (x & 0x2000000000000 > 0) { result = (result * 0x1000162E525EE0547) >> 64; } if (x & 0x1000000000000 > 0) { result = (result * 0x10000B17255775C04) >> 64; } if (x & 0x800000000000 > 0) { result = (result * 0x1000058B91B5BC9AE) >> 64; } if (x & 0x400000000000 > 0) { result = (result * 0x100002C5C89D5EC6D) >> 64; } if (x & 0x200000000000 > 0) { result = (result * 0x10000162E43F4F831) >> 64; } if (x & 0x100000000000 > 0) { result = (result * 0x100000B1721BCFC9A) >> 64; } if (x & 0x80000000000 > 0) { result = (result * 0x10000058B90CF1E6E) >> 64; } if (x & 0x40000000000 > 0) { result = (result * 0x1000002C5C863B73F) >> 64; } if (x & 0x20000000000 > 0) { result = (result * 0x100000162E430E5A2) >> 64; } if (x & 0x10000000000 > 0) { result = (result * 0x1000000B172183551) >> 64; } if (x & 0x8000000000 > 0) { result = (result * 0x100000058B90C0B49) >> 64; } if (x & 0x4000000000 > 0) { result = (result * 0x10000002C5C8601CC) >> 64; } if (x & 0x2000000000 > 0) { result = (result * 0x1000000162E42FFF0) >> 64; } if (x & 0x1000000000 > 0) { result = (result * 0x10000000B17217FBB) >> 64; } if (x & 0x800000000 > 0) { result = (result * 0x1000000058B90BFCE) >> 64; } if (x & 0x400000000 > 0) { result = (result * 0x100000002C5C85FE3) >> 64; } if (x & 0x200000000 > 0) { result = (result * 0x10000000162E42FF1) >> 64; } if (x & 0x100000000 > 0) { result = (result * 0x100000000B17217F8) >> 64; } if (x & 0x80000000 > 0) { result = (result * 0x10000000058B90BFC) >> 64; } if (x & 0x40000000 > 0) { result = (result * 0x1000000002C5C85FE) >> 64; } if (x & 0x20000000 > 0) { result = (result * 0x100000000162E42FF) >> 64; } if (x & 0x10000000 > 0) { result = (result * 0x1000000000B17217F) >> 64; } if (x & 0x8000000 > 0) { result = (result * 0x100000000058B90C0) >> 64; } if (x & 0x4000000 > 0) { result = (result * 0x10000000002C5C860) >> 64; } if (x & 0x2000000 > 0) { result = (result * 0x1000000000162E430) >> 64; } if (x & 0x1000000 > 0) { result = (result * 0x10000000000B17218) >> 64; } if (x & 0x800000 > 0) { result = (result * 0x1000000000058B90C) >> 64; } if (x & 0x400000 > 0) { result = (result * 0x100000000002C5C86) >> 64; } if (x & 0x200000 > 0) { result = (result * 0x10000000000162E43) >> 64; } if (x & 0x100000 > 0) { result = (result * 0x100000000000B1721) >> 64; } if (x & 0x80000 > 0) { result = (result * 0x10000000000058B91) >> 64; } if (x & 0x40000 > 0) { result = (result * 0x1000000000002C5C8) >> 64; } if (x & 0x20000 > 0) { result = (result * 0x100000000000162E4) >> 64; } if (x & 0x10000 > 0) { result = (result * 0x1000000000000B172) >> 64; } if (x & 0x8000 > 0) { result = (result * 0x100000000000058B9) >> 64; } if (x & 0x4000 > 0) { result = (result * 0x10000000000002C5D) >> 64; } if (x & 0x2000 > 0) { result = (result * 0x1000000000000162E) >> 64; } if (x & 0x1000 > 0) { result = (result * 0x10000000000000B17) >> 64; } if (x & 0x800 > 0) { result = (result * 0x1000000000000058C) >> 64; } if (x & 0x400 > 0) { result = (result * 0x100000000000002C6) >> 64; } if (x & 0x200 > 0) { result = (result * 0x10000000000000163) >> 64; } if (x & 0x100 > 0) { result = (result * 0x100000000000000B1) >> 64; } if (x & 0x80 > 0) { result = (result * 0x10000000000000059) >> 64; } if (x & 0x40 > 0) { result = (result * 0x1000000000000002C) >> 64; } if (x & 0x20 > 0) { result = (result * 0x10000000000000016) >> 64; } if (x & 0x10 > 0) { result = (result * 0x1000000000000000B) >> 64; } if (x & 0x8 > 0) { result = (result * 0x10000000000000006) >> 64; } if (x & 0x4 > 0) { result = (result * 0x10000000000000003) >> 64; } if (x & 0x2 > 0) { result = (result * 0x10000000000000001) >> 64; } if (x & 0x1 > 0) { result = (result * 0x10000000000000001) >> 64; } // We're doing two things at the same time: // // 1. Multiply the result by 2^n + 1, where "2^n" is the integer part and the one is added to account for // the fact that we initially set the result to 0.5. This is accomplished by subtracting from 191 // rather than 192. // 2. Convert the result to the unsigned 60.18-decimal fixed-point format. // // This works because 2^(191-ip) = 2^ip / 2^191, where "ip" is the integer part "2^n". result *= SCALE; result >>= (191 - (x >> 64)); } } /// @notice Finds the zero-based index of the first one in the binary representation of x. /// @dev See the note on msb in the "Find First Set" Wikipedia article https://en.wikipedia.org/wiki/Find_first_set /// @param x The uint256 number for which to find the index of the most significant bit. /// @return msb The index of the most significant bit as an uint256. function mostSignificantBit(uint256 x) internal pure returns (uint256 msb) { if (x >= 2**128) { x >>= 128; msb += 128; } if (x >= 2**64) { x >>= 64; msb += 64; } if (x >= 2**32) { x >>= 32; msb += 32; } if (x >= 2**16) { x >>= 16; msb += 16; } if (x >= 2**8) { x >>= 8; msb += 8; } if (x >= 2**4) { x >>= 4; msb += 4; } if (x >= 2**2) { x >>= 2; msb += 2; } if (x >= 2**1) { // No need to shift x any more. msb += 1; } } /// @notice Calculates floor(x*y÷denominator) with full precision. /// /// @dev Credit to Remco Bloemen under MIT license https://xn--2-umb.com/21/muldiv. /// /// Requirements: /// - The denominator cannot be zero. /// - The result must fit within uint256. /// /// Caveats: /// - This function does not work with fixed-point numbers. /// /// @param x The multiplicand as an uint256. /// @param y The multiplier as an uint256. /// @param denominator The divisor as an uint256. /// @return result The result as an uint256. function mulDiv( uint256 x, uint256 y, uint256 denominator ) internal pure returns (uint256 result) { // 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use // use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256 // variables such that product = prod1 * 2^256 + prod0. uint256 prod0; // Least significant 256 bits of the product uint256 prod1; // Most significant 256 bits of the product assembly { let mm := mulmod(x, y, not(0)) prod0 := mul(x, y) prod1 := sub(sub(mm, prod0), lt(mm, prod0)) } // Handle non-overflow cases, 256 by 256 division. if (prod1 == 0) { unchecked { result = prod0 / denominator; } return result; } // Make sure the result is less than 2^256. Also prevents denominator == 0. if (prod1 >= denominator) { revert PRBMath__MulDivOverflow(prod1, denominator); } /////////////////////////////////////////////// // 512 by 256 division. /////////////////////////////////////////////// // Make division exact by subtracting the remainder from [prod1 prod0]. uint256 remainder; assembly { // Compute remainder using mulmod. remainder := mulmod(x, y, denominator) // Subtract 256 bit number from 512 bit number. prod1 := sub(prod1, gt(remainder, prod0)) prod0 := sub(prod0, remainder) } // Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1. // See https://cs.stackexchange.com/q/138556/92363. unchecked { // Does not overflow because the denominator cannot be zero at this stage in the function. uint256 lpotdod = denominator & (~denominator + 1); assembly { // Divide denominator by lpotdod. denominator := div(denominator, lpotdod) // Divide [prod1 prod0] by lpotdod. prod0 := div(prod0, lpotdod) // Flip lpotdod such that it is 2^256 / lpotdod. If lpotdod is zero, then it becomes one. lpotdod := add(div(sub(0, lpotdod), lpotdod), 1) } // Shift in bits from prod1 into prod0. prod0 |= prod1 * lpotdod; // Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such // that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for // four bits. That is, denominator * inv = 1 mod 2^4. uint256 inverse = (3 * denominator) ^ 2; // Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works // in modular arithmetic, doubling the correct bits in each step. inverse *= 2 - denominator * inverse; // inverse mod 2^8 inverse *= 2 - denominator * inverse; // inverse mod 2^16 inverse *= 2 - denominator * inverse; // inverse mod 2^32 inverse *= 2 - denominator * inverse; // inverse mod 2^64 inverse *= 2 - denominator * inverse; // inverse mod 2^128 inverse *= 2 - denominator * inverse; // inverse mod 2^256 // Because the division is now exact we can divide by multiplying with the modular inverse of denominator. // This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is // less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1 // is no longer required. result = prod0 * inverse; return result; } } /// @notice Calculates floor(x*y÷1e18) with full precision. /// /// @dev Variant of "mulDiv" with constant folding, i.e. in which the denominator is always 1e18. Before returning the /// final result, we add 1 if (x * y) % SCALE >= HALF_SCALE. Without this, 6.6e-19 would be truncated to 0 instead of /// being rounded to 1e-18. See "Listing 6" and text above it at https://accu.org/index.php/journals/1717. /// /// Requirements: /// - The result must fit within uint256. /// /// Caveats: /// - The body is purposely left uncommented; see the NatSpec comments in "PRBMath.mulDiv" to understand how this works. /// - It is assumed that the result can never be type(uint256).max when x and y solve the following two equations: /// 1. x * y = type(uint256).max * SCALE /// 2. (x * y) % SCALE >= SCALE / 2 /// /// @param x The multiplicand as an unsigned 60.18-decimal fixed-point number. /// @param y The multiplier as an unsigned 60.18-decimal fixed-point number. /// @return result The result as an unsigned 60.18-decimal fixed-point number. function mulDivFixedPoint(uint256 x, uint256 y) internal pure returns (uint256 result) { uint256 prod0; uint256 prod1; assembly { let mm := mulmod(x, y, not(0)) prod0 := mul(x, y) prod1 := sub(sub(mm, prod0), lt(mm, prod0)) } if (prod1 >= SCALE) { revert PRBMath__MulDivFixedPointOverflow(prod1); } uint256 remainder; uint256 roundUpUnit; assembly { remainder := mulmod(x, y, SCALE) roundUpUnit := gt(remainder, 499999999999999999) } if (prod1 == 0) { unchecked { result = (prod0 / SCALE) + roundUpUnit; return result; } } assembly { result := add( mul( or( div(sub(prod0, remainder), SCALE_LPOTD), mul(sub(prod1, gt(remainder, prod0)), add(div(sub(0, SCALE_LPOTD), SCALE_LPOTD), 1)) ), SCALE_INVERSE ), roundUpUnit ) } } /// @notice Calculates floor(x*y÷denominator) with full precision. /// /// @dev An extension of "mulDiv" for signed numbers. Works by computing the signs and the absolute values separately. /// /// Requirements: /// - None of the inputs can be type(int256).min. /// - The result must fit within int256. /// /// @param x The multiplicand as an int256. /// @param y The multiplier as an int256. /// @param denominator The divisor as an int256. /// @return result The result as an int256. function mulDivSigned( int256 x, int256 y, int256 denominator ) internal pure returns (int256 result) { if (x == type(int256).min || y == type(int256).min || denominator == type(int256).min) { revert PRBMath__MulDivSignedInputTooSmall(); } // Get hold of the absolute values of x, y and the denominator. uint256 ax; uint256 ay; uint256 ad; unchecked { ax = x < 0 ? uint256(-x) : uint256(x); ay = y < 0 ? uint256(-y) : uint256(y); ad = denominator < 0 ? uint256(-denominator) : uint256(denominator); } // Compute the absolute value of (x*y)÷denominator. The result must fit within int256. uint256 rAbs = mulDiv(ax, ay, ad); if (rAbs > uint256(type(int256).max)) { revert PRBMath__MulDivSignedOverflow(rAbs); } // Get the signs of x, y and the denominator. uint256 sx; uint256 sy; uint256 sd; assembly { sx := sgt(x, sub(0, 1)) sy := sgt(y, sub(0, 1)) sd := sgt(denominator, sub(0, 1)) } // XOR over sx, sy and sd. This is checking whether there are one or three negative signs in the inputs. // If yes, the result should be negative. result = sx ^ sy ^ sd == 0 ? -int256(rAbs) : int256(rAbs); } /// @notice Calculates the square root of x, rounding down. /// @dev Uses the Babylonian method https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_method. /// /// Caveats: /// - This function does not work with fixed-point numbers. /// /// @param x The uint256 number for which to calculate the square root. /// @return result The result as an uint256. function sqrt(uint256 x) internal pure returns (uint256 result) { if (x == 0) { return 0; } // Set the initial guess to the least power of two that is greater than or equal to sqrt(x). uint256 xAux = uint256(x); result = 1; if (xAux >= 0x100000000000000000000000000000000) { xAux >>= 128; result <<= 64; } if (xAux >= 0x10000000000000000) { xAux >>= 64; result <<= 32; } if (xAux >= 0x100000000) { xAux >>= 32; result <<= 16; } if (xAux >= 0x10000) { xAux >>= 16; result <<= 8; } if (xAux >= 0x100) { xAux >>= 8; result <<= 4; } if (xAux >= 0x10) { xAux >>= 4; result <<= 2; } if (xAux >= 0x4) { result <<= 1; } // The operations can never overflow because the result is max 2^127 when it enters this block. unchecked { result = (result + x / result) >> 1; result = (result + x / result) >> 1; result = (result + x / result) >> 1; result = (result + x / result) >> 1; result = (result + x / result) >> 1; result = (result + x / result) >> 1; result = (result + x / result) >> 1; // Seven iterations should be enough uint256 roundedDownResult = x / result; return result >= roundedDownResult ? roundedDownResult : result; } } }
// SPDX-License-Identifier: Unlicense pragma solidity >=0.8.4; import "./PRBMath.sol"; /// @title PRBMathUD60x18 /// @author Paul Razvan Berg /// @notice Smart contract library for advanced fixed-point math that works with uint256 numbers considered to have 18 /// trailing decimals. We call this number representation unsigned 60.18-decimal fixed-point, since there can be up to 60 /// digits in the integer part and up to 18 decimals in the fractional part. The numbers are bound by the minimum and the /// maximum values permitted by the Solidity type uint256. library PRBMathUD60x18 { /// @dev Half the SCALE number. uint256 internal constant HALF_SCALE = 5e17; /// @dev log2(e) as an unsigned 60.18-decimal fixed-point number. uint256 internal constant LOG2_E = 1_442695040888963407; /// @dev The maximum value an unsigned 60.18-decimal fixed-point number can have. uint256 internal constant MAX_UD60x18 = 115792089237316195423570985008687907853269984665640564039457_584007913129639935; /// @dev The maximum whole value an unsigned 60.18-decimal fixed-point number can have. uint256 internal constant MAX_WHOLE_UD60x18 = 115792089237316195423570985008687907853269984665640564039457_000000000000000000; /// @dev How many trailing decimals can be represented. uint256 internal constant SCALE = 1e18; /// @notice Calculates the arithmetic average of x and y, rounding down. /// @param x The first operand as an unsigned 60.18-decimal fixed-point number. /// @param y The second operand as an unsigned 60.18-decimal fixed-point number. /// @return result The arithmetic average as an unsigned 60.18-decimal fixed-point number. function avg(uint256 x, uint256 y) internal pure returns (uint256 result) { // The operations can never overflow. unchecked { // The last operand checks if both x and y are odd and if that is the case, we add 1 to the result. We need // to do this because if both numbers are odd, the 0.5 remainder gets truncated twice. result = (x >> 1) + (y >> 1) + (x & y & 1); } } /// @notice Yields the least unsigned 60.18 decimal fixed-point number greater than or equal to x. /// /// @dev Optimized for fractional value inputs, because for every whole value there are (1e18 - 1) fractional counterparts. /// See https://en.wikipedia.org/wiki/Floor_and_ceiling_functions. /// /// Requirements: /// - x must be less than or equal to MAX_WHOLE_UD60x18. /// /// @param x The unsigned 60.18-decimal fixed-point number to ceil. /// @param result The least integer greater than or equal to x, as an unsigned 60.18-decimal fixed-point number. function ceil(uint256 x) internal pure returns (uint256 result) { if (x > MAX_WHOLE_UD60x18) { revert PRBMathUD60x18__CeilOverflow(x); } assembly { // Equivalent to "x % SCALE" but faster. let remainder := mod(x, SCALE) // Equivalent to "SCALE - remainder" but faster. let delta := sub(SCALE, remainder) // Equivalent to "x + delta * (remainder > 0 ? 1 : 0)" but faster. result := add(x, mul(delta, gt(remainder, 0))) } } /// @notice Divides two unsigned 60.18-decimal fixed-point numbers, returning a new unsigned 60.18-decimal fixed-point number. /// /// @dev Uses mulDiv to enable overflow-safe multiplication and division. /// /// Requirements: /// - The denominator cannot be zero. /// /// @param x The numerator as an unsigned 60.18-decimal fixed-point number. /// @param y The denominator as an unsigned 60.18-decimal fixed-point number. /// @param result The quotient as an unsigned 60.18-decimal fixed-point number. function div(uint256 x, uint256 y) internal pure returns (uint256 result) { result = PRBMath.mulDiv(x, SCALE, y); } /// @notice Returns Euler's number as an unsigned 60.18-decimal fixed-point number. /// @dev See https://en.wikipedia.org/wiki/E_(mathematical_constant). function e() internal pure returns (uint256 result) { result = 2_718281828459045235; } /// @notice Calculates the natural exponent of x. /// /// @dev Based on the insight that e^x = 2^(x * log2(e)). /// /// Requirements: /// - All from "log2". /// - x must be less than 133.084258667509499441. /// /// @param x The exponent as an unsigned 60.18-decimal fixed-point number. /// @return result The result as an unsigned 60.18-decimal fixed-point number. function exp(uint256 x) internal pure returns (uint256 result) { // Without this check, the value passed to "exp2" would be greater than 192. if (x >= 133_084258667509499441) { revert PRBMathUD60x18__ExpInputTooBig(x); } // Do the fixed-point multiplication inline to save gas. unchecked { uint256 doubleScaleProduct = x * LOG2_E; result = exp2((doubleScaleProduct + HALF_SCALE) / SCALE); } } /// @notice Calculates the binary exponent of x using the binary fraction method. /// /// @dev See https://ethereum.stackexchange.com/q/79903/24693. /// /// Requirements: /// - x must be 192 or less. /// - The result must fit within MAX_UD60x18. /// /// @param x The exponent as an unsigned 60.18-decimal fixed-point number. /// @return result The result as an unsigned 60.18-decimal fixed-point number. function exp2(uint256 x) internal pure returns (uint256 result) { // 2^192 doesn't fit within the 192.64-bit format used internally in this function. if (x >= 192e18) { revert PRBMathUD60x18__Exp2InputTooBig(x); } unchecked { // Convert x to the 192.64-bit fixed-point format. uint256 x192x64 = (x << 64) / SCALE; // Pass x to the PRBMath.exp2 function, which uses the 192.64-bit fixed-point number representation. result = PRBMath.exp2(x192x64); } } /// @notice Yields the greatest unsigned 60.18 decimal fixed-point number less than or equal to x. /// @dev Optimized for fractional value inputs, because for every whole value there are (1e18 - 1) fractional counterparts. /// See https://en.wikipedia.org/wiki/Floor_and_ceiling_functions. /// @param x The unsigned 60.18-decimal fixed-point number to floor. /// @param result The greatest integer less than or equal to x, as an unsigned 60.18-decimal fixed-point number. function floor(uint256 x) internal pure returns (uint256 result) { assembly { // Equivalent to "x % SCALE" but faster. let remainder := mod(x, SCALE) // Equivalent to "x - remainder * (remainder > 0 ? 1 : 0)" but faster. result := sub(x, mul(remainder, gt(remainder, 0))) } } /// @notice Yields the excess beyond the floor of x. /// @dev Based on the odd function definition https://en.wikipedia.org/wiki/Fractional_part. /// @param x The unsigned 60.18-decimal fixed-point number to get the fractional part of. /// @param result The fractional part of x as an unsigned 60.18-decimal fixed-point number. function frac(uint256 x) internal pure returns (uint256 result) { assembly { result := mod(x, SCALE) } } /// @notice Converts a number from basic integer form to unsigned 60.18-decimal fixed-point representation. /// /// @dev Requirements: /// - x must be less than or equal to MAX_UD60x18 divided by SCALE. /// /// @param x The basic integer to convert. /// @param result The same number in unsigned 60.18-decimal fixed-point representation. function fromUint(uint256 x) internal pure returns (uint256 result) { unchecked { if (x > MAX_UD60x18 / SCALE) { revert PRBMathUD60x18__FromUintOverflow(x); } result = x * SCALE; } } /// @notice Calculates geometric mean of x and y, i.e. sqrt(x * y), rounding down. /// /// @dev Requirements: /// - x * y must fit within MAX_UD60x18, lest it overflows. /// /// @param x The first operand as an unsigned 60.18-decimal fixed-point number. /// @param y The second operand as an unsigned 60.18-decimal fixed-point number. /// @return result The result as an unsigned 60.18-decimal fixed-point number. function gm(uint256 x, uint256 y) internal pure returns (uint256 result) { if (x == 0) { return 0; } unchecked { // Checking for overflow this way is faster than letting Solidity do it. uint256 xy = x * y; if (xy / x != y) { revert PRBMathUD60x18__GmOverflow(x, y); } // We don't need to multiply by the SCALE here because the x*y product had already picked up a factor of SCALE // during multiplication. See the comments within the "sqrt" function. result = PRBMath.sqrt(xy); } } /// @notice Calculates 1 / x, rounding toward zero. /// /// @dev Requirements: /// - x cannot be zero. /// /// @param x The unsigned 60.18-decimal fixed-point number for which to calculate the inverse. /// @return result The inverse as an unsigned 60.18-decimal fixed-point number. function inv(uint256 x) internal pure returns (uint256 result) { unchecked { // 1e36 is SCALE * SCALE. result = 1e36 / x; } } /// @notice Calculates the natural logarithm of x. /// /// @dev Based on the insight that ln(x) = log2(x) / log2(e). /// /// Requirements: /// - All from "log2". /// /// Caveats: /// - All from "log2". /// - This doesn't return exactly 1 for 2.718281828459045235, for that we would need more fine-grained precision. /// /// @param x The unsigned 60.18-decimal fixed-point number for which to calculate the natural logarithm. /// @return result The natural logarithm as an unsigned 60.18-decimal fixed-point number. function ln(uint256 x) internal pure returns (uint256 result) { // Do the fixed-point multiplication inline to save gas. This is overflow-safe because the maximum value that log2(x) // can return is 196205294292027477728. unchecked { result = (log2(x) * SCALE) / LOG2_E; } } /// @notice Calculates the common logarithm of x. /// /// @dev First checks if x is an exact power of ten and it stops if yes. If it's not, calculates the common /// logarithm based on the insight that log10(x) = log2(x) / log2(10). /// /// Requirements: /// - All from "log2". /// /// Caveats: /// - All from "log2". /// /// @param x The unsigned 60.18-decimal fixed-point number for which to calculate the common logarithm. /// @return result The common logarithm as an unsigned 60.18-decimal fixed-point number. function log10(uint256 x) internal pure returns (uint256 result) { if (x < SCALE) { revert PRBMathUD60x18__LogInputTooSmall(x); } // Note that the "mul" in this block is the assembly multiplication operation, not the "mul" function defined // in this contract. // prettier-ignore assembly { switch x case 1 { result := mul(SCALE, sub(0, 18)) } case 10 { result := mul(SCALE, sub(1, 18)) } case 100 { result := mul(SCALE, sub(2, 18)) } case 1000 { result := mul(SCALE, sub(3, 18)) } case 10000 { result := mul(SCALE, sub(4, 18)) } case 100000 { result := mul(SCALE, sub(5, 18)) } case 1000000 { result := mul(SCALE, sub(6, 18)) } case 10000000 { result := mul(SCALE, sub(7, 18)) } case 100000000 { result := mul(SCALE, sub(8, 18)) } case 1000000000 { result := mul(SCALE, sub(9, 18)) } case 10000000000 { result := mul(SCALE, sub(10, 18)) } case 100000000000 { result := mul(SCALE, sub(11, 18)) } case 1000000000000 { result := mul(SCALE, sub(12, 18)) } case 10000000000000 { result := mul(SCALE, sub(13, 18)) } case 100000000000000 { result := mul(SCALE, sub(14, 18)) } case 1000000000000000 { result := mul(SCALE, sub(15, 18)) } case 10000000000000000 { result := mul(SCALE, sub(16, 18)) } case 100000000000000000 { result := mul(SCALE, sub(17, 18)) } case 1000000000000000000 { result := 0 } case 10000000000000000000 { result := SCALE } case 100000000000000000000 { result := mul(SCALE, 2) } case 1000000000000000000000 { result := mul(SCALE, 3) } case 10000000000000000000000 { result := mul(SCALE, 4) } case 100000000000000000000000 { result := mul(SCALE, 5) } case 1000000000000000000000000 { result := mul(SCALE, 6) } case 10000000000000000000000000 { result := mul(SCALE, 7) } case 100000000000000000000000000 { result := mul(SCALE, 8) } case 1000000000000000000000000000 { result := mul(SCALE, 9) } case 10000000000000000000000000000 { result := mul(SCALE, 10) } case 100000000000000000000000000000 { result := mul(SCALE, 11) } case 1000000000000000000000000000000 { result := mul(SCALE, 12) } case 10000000000000000000000000000000 { result := mul(SCALE, 13) } case 100000000000000000000000000000000 { result := mul(SCALE, 14) } case 1000000000000000000000000000000000 { result := mul(SCALE, 15) } case 10000000000000000000000000000000000 { result := mul(SCALE, 16) } case 100000000000000000000000000000000000 { result := mul(SCALE, 17) } case 1000000000000000000000000000000000000 { result := mul(SCALE, 18) } case 10000000000000000000000000000000000000 { result := mul(SCALE, 19) } case 100000000000000000000000000000000000000 { result := mul(SCALE, 20) } case 1000000000000000000000000000000000000000 { result := mul(SCALE, 21) } case 10000000000000000000000000000000000000000 { result := mul(SCALE, 22) } case 100000000000000000000000000000000000000000 { result := mul(SCALE, 23) } case 1000000000000000000000000000000000000000000 { result := mul(SCALE, 24) } case 10000000000000000000000000000000000000000000 { result := mul(SCALE, 25) } case 100000000000000000000000000000000000000000000 { result := mul(SCALE, 26) } case 1000000000000000000000000000000000000000000000 { result := mul(SCALE, 27) } case 10000000000000000000000000000000000000000000000 { result := mul(SCALE, 28) } case 100000000000000000000000000000000000000000000000 { result := mul(SCALE, 29) } case 1000000000000000000000000000000000000000000000000 { result := mul(SCALE, 30) } case 10000000000000000000000000000000000000000000000000 { result := mul(SCALE, 31) } case 100000000000000000000000000000000000000000000000000 { result := mul(SCALE, 32) } case 1000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 33) } case 10000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 34) } case 100000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 35) } case 1000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 36) } case 10000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 37) } case 100000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 38) } case 1000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 39) } case 10000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 40) } case 100000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 41) } case 1000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 42) } case 10000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 43) } case 100000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 44) } case 1000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 45) } case 10000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 46) } case 100000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 47) } case 1000000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 48) } case 10000000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 49) } case 100000000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 50) } case 1000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 51) } case 10000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 52) } case 100000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 53) } case 1000000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 54) } case 10000000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 55) } case 100000000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 56) } case 1000000000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 57) } case 10000000000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 58) } case 100000000000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(SCALE, 59) } default { result := MAX_UD60x18 } } if (result == MAX_UD60x18) { // Do the fixed-point division inline to save gas. The denominator is log2(10). unchecked { result = (log2(x) * SCALE) / 3_321928094887362347; } } } /// @notice Calculates the binary logarithm of x. /// /// @dev Based on the iterative approximation algorithm. /// https://en.wikipedia.org/wiki/Binary_logarithm#Iterative_approximation /// /// Requirements: /// - x must be greater than or equal to SCALE, otherwise the result would be negative. /// /// Caveats: /// - The results are nor perfectly accurate to the last decimal, due to the lossy precision of the iterative approximation. /// /// @param x The unsigned 60.18-decimal fixed-point number for which to calculate the binary logarithm. /// @return result The binary logarithm as an unsigned 60.18-decimal fixed-point number. function log2(uint256 x) internal pure returns (uint256 result) { if (x < SCALE) { revert PRBMathUD60x18__LogInputTooSmall(x); } unchecked { // Calculate the integer part of the logarithm and add it to the result and finally calculate y = x * 2^(-n). uint256 n = PRBMath.mostSignificantBit(x / SCALE); // The integer part of the logarithm as an unsigned 60.18-decimal fixed-point number. The operation can't overflow // because n is maximum 255 and SCALE is 1e18. result = n * SCALE; // This is y = x * 2^(-n). uint256 y = x >> n; // If y = 1, the fractional part is zero. if (y == SCALE) { return result; } // Calculate the fractional part via the iterative approximation. // The "delta >>= 1" part is equivalent to "delta /= 2", but shifting bits is faster. for (uint256 delta = HALF_SCALE; delta > 0; delta >>= 1) { y = (y * y) / SCALE; // Is y^2 > 2 and so in the range [2,4)? if (y >= 2 * SCALE) { // Add the 2^(-m) factor to the logarithm. result += delta; // Corresponds to z/2 on Wikipedia. y >>= 1; } } } } /// @notice Multiplies two unsigned 60.18-decimal fixed-point numbers together, returning a new unsigned 60.18-decimal /// fixed-point number. /// @dev See the documentation for the "PRBMath.mulDivFixedPoint" function. /// @param x The multiplicand as an unsigned 60.18-decimal fixed-point number. /// @param y The multiplier as an unsigned 60.18-decimal fixed-point number. /// @return result The product as an unsigned 60.18-decimal fixed-point number. function mul(uint256 x, uint256 y) internal pure returns (uint256 result) { result = PRBMath.mulDivFixedPoint(x, y); } /// @notice Returns PI as an unsigned 60.18-decimal fixed-point number. function pi() internal pure returns (uint256 result) { result = 3_141592653589793238; } /// @notice Raises x to the power of y. /// /// @dev Based on the insight that x^y = 2^(log2(x) * y). /// /// Requirements: /// - All from "exp2", "log2" and "mul". /// /// Caveats: /// - All from "exp2", "log2" and "mul". /// - Assumes 0^0 is 1. /// /// @param x Number to raise to given power y, as an unsigned 60.18-decimal fixed-point number. /// @param y Exponent to raise x to, as an unsigned 60.18-decimal fixed-point number. /// @return result x raised to power y, as an unsigned 60.18-decimal fixed-point number. function pow(uint256 x, uint256 y) internal pure returns (uint256 result) { if (x == 0) { result = y == 0 ? SCALE : uint256(0); } else { result = exp2(mul(log2(x), y)); } } /// @notice Raises x (unsigned 60.18-decimal fixed-point number) to the power of y (basic unsigned integer) using the /// famous algorithm "exponentiation by squaring". /// /// @dev See https://en.wikipedia.org/wiki/Exponentiation_by_squaring /// /// Requirements: /// - The result must fit within MAX_UD60x18. /// /// Caveats: /// - All from "mul". /// - Assumes 0^0 is 1. /// /// @param x The base as an unsigned 60.18-decimal fixed-point number. /// @param y The exponent as an uint256. /// @return result The result as an unsigned 60.18-decimal fixed-point number. function powu(uint256 x, uint256 y) internal pure returns (uint256 result) { // Calculate the first iteration of the loop in advance. result = y & 1 > 0 ? x : SCALE; // Equivalent to "for(y /= 2; y > 0; y /= 2)" but faster. for (y >>= 1; y > 0; y >>= 1) { x = PRBMath.mulDivFixedPoint(x, x); // Equivalent to "y % 2 == 1" but faster. if (y & 1 > 0) { result = PRBMath.mulDivFixedPoint(result, x); } } } /// @notice Returns 1 as an unsigned 60.18-decimal fixed-point number. function scale() internal pure returns (uint256 result) { result = SCALE; } /// @notice Calculates the square root of x, rounding down. /// @dev Uses the Babylonian method https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_method. /// /// Requirements: /// - x must be less than MAX_UD60x18 / SCALE. /// /// @param x The unsigned 60.18-decimal fixed-point number for which to calculate the square root. /// @return result The result as an unsigned 60.18-decimal fixed-point . function sqrt(uint256 x) internal pure returns (uint256 result) { unchecked { if (x > MAX_UD60x18 / SCALE) { revert PRBMathUD60x18__SqrtOverflow(x); } // Multiply x by the SCALE to account for the factor of SCALE that is picked up when multiplying two unsigned // 60.18-decimal fixed-point numbers together (in this case, those two numbers are both the square root). result = PRBMath.sqrt(x * SCALE); } } /// @notice Converts a unsigned 60.18-decimal fixed-point number to basic integer form, rounding down in the process. /// @param x The unsigned 60.18-decimal fixed-point number to convert. /// @return result The same number in basic integer form. function toUint(uint256 x) internal pure returns (uint256 result) { unchecked { result = x / SCALE; } } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; import "@openzeppelin/contracts/token/ERC20/ERC20.sol"; import "@openzeppelin/contracts/token/ERC20/extensions/ERC20Permit.sol"; /// @notice Template for modular tokens with an allowlist to manage minting/burning contract ModularToken is ERC20, ERC20Permit { /// @notice Allowed addresses can mint/burn the token. mapping(address => bool) public allowlist; /// @notice Emitted when an address is added/removed from the allowlist /// @param account Address that was added/removed /// @param isAllowed Whether the address is allowed event SetAllowlist(address indexed account, bool isAllowed); /// @notice Restricts execution of a function to allowed contracts modifier onlyAllowlist() { require(allowlist[msg.sender], "ModularToken: Sender not allowed"); _; } /// @notice Constructor /// @param mintAmount Amount of tokens to mint /// @param name Name of the token /// @param symbol Symbol of the token constructor( uint256 mintAmount, string memory name, string memory symbol ) ERC20(name, symbol) ERC20Permit(name) { _mint(msg.sender, mintAmount); allowlist[msg.sender] = true; setAllowlist(msg.sender, true); } /// @notice Sets the allowlist status of an address /// @param account Address to set /// @param isAllowed Whether the address is allowed function setAllowlist( address account, bool isAllowed ) public onlyAllowlist { allowlist[account] = isAllowed; emit SetAllowlist(account, isAllowed); } /// @notice Used by allowed contracts to mint tokens /// @param account Address that receives tokens /// @param amount Amount of tokens to mint function mint( address account, uint256 amount ) external onlyAllowlist { _mint(account, amount); } /// @notice Used by allowed contracts to burn tokens /// @param account Address where tokens are burned /// @param amount Amount of tokens to burn function burn( address account, uint256 amount ) external onlyAllowlist { _burn(account, amount); } /// @notice Used by allowed contracts to modify token allowances /// @param owner Address that owns the tokens /// @param spender Address that is allowed to spend the tokens /// @param amount Amount of tokens that are allowed to be spent function approve( address owner, address spender, uint256 amount ) external onlyAllowlist { _approve(owner, spender, amount); } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; import "./ModularToken.sol"; /// @notice Yama stablecoin. contract YSS is ModularToken { constructor() ModularToken(0, "Yama Settlement Standard", "YAMA") {} }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; /// @notice Called when a protocol surplus or deficit is registered. interface IBalanceSheetHandler { /// @notice Called when a protocol surplus is registered. /// @param amount The surplus amount. function onAddSurplus(int256 amount) external; /// @notice Called when a protocol deficit is registered. /// @param amount The deficit amount. function onAddDeficit(int256 amount) external; }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; /// @notice Performs actions with CDP collateral, such as re-lending. interface ICollateralManager { /// @notice Called when collateral is deposited into a CDP. /// @param vaultId The CDP ID. /// @param amount The amount of collateral deposited. function handleCollateralDeposit( uint256 vaultId, uint256 amount ) external; /// @notice Called when collateral is withdrawn from a CDP. /// @param vaultId The CDP ID. /// @param amount The amount of collateral withdrawn. function handleCollateralWithdrawal( uint256 vaultId, uint256 amount ) external; }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; /// @notice A contract the CDP calls to liquidate undercollateralized vaults. interface ILiquidator { /// @notice Liquidates a CDP. /// @param vaultId The CDP vault ID. /// @return successful True if the liquidator accepts this liquidation. function liquidate(uint256 vaultId) external returns (bool successful); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; /// @notice Returns the price of a collateral type in Yama. /// @dev Used by the CDP module to determine the value of collateral. interface IPriceSource { /// @notice Returns the price of a collateral type in Yama. /// @return amount price of the collateral type in Yama. function price() external view returns (uint256 amount); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; import "./templates/YSSModule.sol"; import "../interfaces/IBalanceSheetHandler.sol"; /// @notice Keeps track of protocol deficit/surplus. contract BalanceSheetModule is YSSModule { /// @notice The protocol surplus. int256 public totalSurplus; /// @notice Called when a protocol surplus or deficit is registered. IBalanceSheetHandler public handler; /// @notice Emitted when a protocol surplus is registered. /// @param account The account that registered the surplus. /// @param amount The surplus amount. event AddSurplus(address indexed account, int256 amount); /// @notice Emitted when a protocol deficit is registered. /// @param account The account that registered the deficit. /// @param amount The deficit amount. event AddDeficit(address indexed account, int256 amount); /// @notice Emitted when the protocol surplus is set. /// @param account The account that set the surplus. event SetSurplus(address indexed account, int256 amount); /// @notice Sets the stablecoin address constructor(YSS _stablecoin) YSSModule(_stablecoin) {} /// @notice Sets the handler /// @param _handler Handler to set function setHandler(IBalanceSheetHandler _handler) external onlyAllowlist { handler = _handler; } /// @notice Registers a protocol surplus /// @param amount The surplus amount. function addSurplus(int256 amount) external onlyAllowlist { totalSurplus += amount; emit AddSurplus(msg.sender, amount); if (address(handler) != address(0)) { handler.onAddSurplus(amount); } } /// @notice Registers a protocol deficit /// @param amount The deficit amount. function addDeficit(int256 amount) external onlyAllowlist { totalSurplus -= amount; emit AddDeficit(msg.sender, amount); if (address(handler) != address(0)) { handler.onAddDeficit(amount); } } /// @notice Sets the protocol surplus /// @param amount The surplus amount. function setSurplus(int256 amount) external onlyAllowlist { totalSurplus = amount; emit SetSurplus(msg.sender, amount); } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; import "./templates/YSSModuleExtended.sol"; import "../interfaces/IPriceSource.sol"; import "../interfaces/ICollateralManager.sol"; import "../interfaces/ILiquidator.sol"; import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; import "@openzeppelin/contracts/access/Ownable.sol"; import "@prb/math/contracts/PRBMathUD60x18.sol"; import "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol"; /// @notice Manages the creation and maintenance of collateralized debt positions /// (CDPs) contract CDPModule is YSSModuleExtended { using SafeERC20 for IERC20; using PRBMathUD60x18 for uint256; struct Vault { uint256 collateralAmount; uint256 collateralTypeId; address owner; address altOwner; uint256 initialDebt; bool isLiquidated; } struct CollateralType { IERC20 token; IPriceSource priceSource; uint256 debtFloor; uint256 debtCeiling; uint256 collateralRatio; uint256 interestRate; // Debt is multiplied by this value every second. uint256 totalCollateral; uint256 lastUpdateTime; uint256 initialDebt; uint256 cumulativeInterest; bool borrowingEnabled; bool allowlistEnabled; } Vault[] public vaults; CollateralType[] public collateralTypes; /// @notice Called when collateral is added/removed from a vault /// @dev Allows governance to stake collateral to other protocols ICollateralManager public collateralManager; /// @notice A list of liquidators that can accept a liquidation ILiquidator[] public liquidators; bool public borrowingDisabled; mapping(uint256 collateralTypeId => mapping(address borrower => bool isAllowed)) allowedBorrowers; mapping(address account => uint256[] ownedVaults) public ownedVaults; /// @notice Emitted when a vault's debt is set /// @param account The account that owns the vault /// @param vaultId The vault's ID /// @param debt The new debt amount /// @param initialDebt The vault's initial debt amount event SetDebt( address indexed account, uint256 indexed vaultId, uint256 debt, uint256 initialDebt ); /// @notice Emitted when an account borrows against a vault /// @param account The account that borrowed /// @param vaultId The vault's ID /// @param amount The amount borrowed event Borrow( address indexed account, uint256 indexed vaultId, uint256 amount ); /// @notice Emitted when an account repays a vault's debt /// @param account The account that repaid /// @param vaultId The vault's ID /// @param amount The amount repaid event Repay( address indexed account, uint256 indexed vaultId, uint256 amount ); /// @notice Emitted when an account adds collateral to a vault /// @param account The account that added collateral /// @param vaultId The vault's ID /// @param amount The amount of collateral added event AddCollateral( address indexed account, uint256 indexed vaultId, uint256 amount ); /// @notice Emitted when an account removes collateral from a vault /// @param account The account that removed collateral /// @param vaultId The vault's ID /// @param amount The amount of collateral removed event RemoveCollateral( address indexed account, uint256 indexed vaultId, uint256 amount ); /// @notice Emitted when a vault is created /// @param owner The account that owns the vault /// @param vaultId The vault's ID /// @param collateralTypeId The ID of the vault's collateral type /// @param collateralAmount The amount of collateral deposited /// @param altOwner Another account that can control the vault event CreateVault( address indexed owner, uint256 indexed vaultId, uint256 indexed collateralTypeId, uint256 collateralAmount, address altOwner ); /// @notice Emitted when a vault is liquidated /// @param initiator The account that initiated the liquidation /// @param liquidated The account that owns the vault /// @param vaultId The vault's ID /// @param liquidator The account that liquidated the vault event Liquidate( address indexed initiator, address indexed liquidated, uint256 indexed vaultId, address liquidator ); /// @notice Emitted when a collateral type is added /// @param collateralTypeId The ID of the collateral type /// @param token The collateral token /// @param priceSource The price source for the collateral token /// @param debtFloor The minimum amount of debt that can be borrowed /// @param debtCeiling The maximum amount of debt that can be borrowed /// @param collateralRatio The ratio of collateral to debt /// @param interestRate The interest rate for the collateral type /// @param borrowingEnabled Whether borrowing is enabled for the collateral type /// @param allowlistEnabled Whether the allowlist is enabled for the collateral type event AddCollateralType( uint256 indexed collateralTypeId, address indexed token, address priceSource, uint256 debtFloor, uint256 debtCeiling, uint256 collateralRatio, uint256 interestRate, bool borrowingEnabled, bool allowlistEnabled ); /// @notice Emitted when a collateral type is updated /// @param collateralTypeId The ID of the collateral type /// @param token The collateral token /// @param priceSource The price source for the collateral token /// @param debtFloor The minimum amount of debt that can be borrowed /// @param debtCeiling The maximum amount of debt that can be borrowed /// @param collateralRatio The ratio of collateral to debt /// @param interestRate The interest rate for the collateral type /// @param borrowingEnabled Whether borrowing is enabled for the collateral type /// @param allowlistEnabled Whether the allowlist is enabled for the collateral type event SetCollateralType( uint256 indexed collateralTypeId, address indexed token, address priceSource, uint256 debtFloor, uint256 debtCeiling, uint256 collateralRatio, uint256 interestRate, bool borrowingEnabled, bool allowlistEnabled ); /// @notice Emitted when a collateral type's interest rate is updated /// @param collateralTypeId The ID of the collateral type /// @param interestRate The interest rate for the collateral type /// @param lastUpdateTime The last time the interest rate was updated /// @param cumulativeInterest The cumulative interest event UpdateInterest( uint256 indexed collateralTypeId, uint256 interestRate, uint256 lastUpdateTime, uint256 cumulativeInterest ); /// @notice Emitted when a liquidated vault is written off /// @param vaultId The vault's ID event ClearVault(uint256 indexed vaultId); /// @notice Verifies that msg.sender owns the vault /// @param vaultId The vault's ID modifier onlyVaultOwner(uint256 vaultId) { require(vaults[vaultId].owner == msg.sender || vaults[vaultId].altOwner == msg.sender, "Yama: Must be vault owner"); _; } /// @notice Verifies that the vault is not liquidated /// @param vaultId The vault's ID modifier notLiquidated(uint256 vaultId) { require(!vaults[vaultId].isLiquidated, "Yama: Vault already liquidated"); _; } /// @notice Initializes the module /// @param _stablecoin The YSS contract /// @param _balanceSheet The BalanceSheet contract /// @param _collateralManager The CollateralManager contract constructor( YSS _stablecoin, BalanceSheetModule _balanceSheet, ICollateralManager _collateralManager ) YSSModuleExtended(_stablecoin, _balanceSheet) { setCollateralManager(_collateralManager); } /// @notice Creates a vault /// @param collateralTypeId The ID of the vault's collateral type /// @param collateralAmount The amount of collateral to deposit /// @param altOwner Another account that can control the vault /// @return vaultId The vault's ID function createVault( uint256 collateralTypeId, uint256 collateralAmount, address altOwner ) external returns (uint256 vaultId) { Vault memory vault; vault.collateralTypeId = collateralTypeId; vault.owner = msg.sender; vault.altOwner = altOwner; vaults.push(vault); vaultId = vaults.length - 1; ownedVaults[msg.sender].push(vaultId); if (altOwner != address(0)) { ownedVaults[altOwner].push(vaultId); } emit CreateVault( msg.sender, vaultId, collateralTypeId, collateralAmount, altOwner ); addCollateral(vaultId, collateralAmount); } /// @notice Liquidates a vault /// @param vaultId The vault's ID function liquidate(uint256 vaultId) notLiquidated(vaultId) external { Vault storage vault = vaults[vaultId]; updateInterest(vault.collateralTypeId); require(underCollateralized(vaultId), "Yama: Vault not undercollateralized"); for (uint256 i = 0; i < liquidators.length; i++) { if (liquidators[i].liquidate(vaultId)) { vault.isLiquidated = true; emit Liquidate( msg.sender, vault.owner, vaultId, address(liquidators[i]) ); return; } } revert("Yama: No liquidator accepted the liquidation"); } /// @notice Used by allowlist contracts to transfer tokens out /// @param token The token to transfer /// @param to The recipient /// @param amount The amount to transfer function transfer( IERC20 token, address to, uint256 amount ) external onlyAllowlist { token.safeTransfer(to, amount); } /// @notice Adds a collateral type /// @param token The collateral token /// @param priceSource The price source for the collateral token /// @param debtFloor The minimum amount of debt that can be borrowed for each vault /// @param debtCeiling The maximum amount of debt that can be borrowed by everyone cumulatively /// @param collateralRatio The ratio of collateral to debt /// @param interestRate The interest rate for the collateral type /// @param borrowingEnabled Whether borrowing is enabled for the collateral type /// @param allowlistEnabled Whether the allowlist is enabled for the collateral type /// @return collateralTypeId The ID of the new collateral type function addCollateralType( IERC20 token, IPriceSource priceSource, uint256 debtFloor, uint256 debtCeiling, uint256 collateralRatio, uint256 interestRate, bool borrowingEnabled, bool allowlistEnabled ) external onlyAllowlist returns (uint256 collateralTypeId) { CollateralType memory newCollateralType = CollateralType( token, priceSource, debtFloor, debtCeiling, collateralRatio, interestRate, 0, block.timestamp, 0, PRBMathUD60x18.SCALE, borrowingEnabled, allowlistEnabled ); collateralTypes.push(newCollateralType); collateralTypeId = collateralTypes.length - 1; emit AddCollateralType( collateralTypeId, address(token), address(priceSource), debtFloor, debtCeiling, collateralRatio, interestRate, borrowingEnabled, allowlistEnabled ); } /// @notice Sets a collateral type's parameters /// @param collateralTypeId The ID of the collateral type /// @param priceSource The price source for the collateral token /// @param debtFloor The minimum amount of debt that can be borrowed for each vault /// @param debtCeiling The maximum amount of debt that can be borrowed by everyone cumulatively /// @param collateralRatio The ratio of collateral to debt /// @param interestRate The interest rate for the collateral type /// @param borrowingEnabled Whether borrowing is enabled for the collateral type /// @param allowlistEnabled Whether the allowlist is enabled for the collateral type function setCollateralType( uint256 collateralTypeId, IPriceSource priceSource, uint256 debtFloor, uint256 debtCeiling, uint256 collateralRatio, uint256 interestRate, bool borrowingEnabled, bool allowlistEnabled ) external onlyAllowlist { CollateralType storage newCollateralType = collateralTypes[collateralTypeId]; newCollateralType.priceSource = priceSource; newCollateralType.debtFloor = debtFloor; newCollateralType.debtCeiling = debtCeiling; newCollateralType.collateralRatio = collateralRatio; newCollateralType.interestRate = interestRate; newCollateralType.borrowingEnabled = borrowingEnabled; newCollateralType.allowlistEnabled = allowlistEnabled; emit SetCollateralType( collateralTypeId, address(newCollateralType.token), address(priceSource), debtFloor, debtCeiling, collateralRatio, interestRate, borrowingEnabled, allowlistEnabled ); } /// @notice Sets an allowed borrower for a vault /// @param collateralTypeId The ID of the collateral type /// @param borrower The borrower /// @param isAllowed Whether the borrower is allowed function setAllowedBorrower( uint256 collateralTypeId, address borrower, bool isAllowed ) external onlyAllowlist { allowedBorrowers[collateralTypeId][borrower] = isAllowed; } /// @notice Borrows from a vault /// @param vaultId The vault's ID /// @param amount The amount to borrow function borrow( uint256 vaultId, uint256 amount ) external onlyVaultOwner(vaultId) notLiquidated(vaultId) { require(!borrowingDisabled, "Yama: Borrowing disabled"); CollateralType storage cType = getCollateralType(vaultId); uint256 cTypeId = vaults[vaultId].collateralTypeId; require(cType.borrowingEnabled, "Yama: Collateral type disabled"); if (cType.allowlistEnabled) { require(allowedBorrowers[cTypeId][msg.sender], "Yama: Not allowed borrower"); } updateInterest(cTypeId); uint256 newDebt = getDebt(vaultId) + amount; requireValidDebtAmount(vaultId, newDebt); setDebt(vaultId, newDebt); require(getTotalDebt(cTypeId) <= cType.debtCeiling, "Yama: Debt ceiling exceeded"); stablecoin.mint(msg.sender, amount); emit Borrow(msg.sender, vaultId, amount); } /// @notice Repays a vault /// @param vaultId The vault's ID /// @param amount The amount to repay function repay( uint256 vaultId, uint256 amount ) external onlyVaultOwner(vaultId) notLiquidated(vaultId) { updateInterest(vaults[vaultId].collateralTypeId); uint256 newDebt = getDebt(vaultId) - amount; requireValidDebtAmount(vaultId, newDebt); stablecoin.burn(msg.sender, amount); setDebt(vaultId, newDebt); emit Repay(msg.sender, vaultId, amount); } /// @notice Removes collateral from a vault /// @param vaultId The vault's ID /// @param amount The amount to remove function removeCollateral( uint256 vaultId, uint256 amount ) external onlyVaultOwner(vaultId) notLiquidated(vaultId) { updateInterest(vaults[vaultId].collateralTypeId); collateralManager.handleCollateralWithdrawal(vaultId, amount); vaults[vaultId].collateralAmount -= amount; getCollateralType(vaultId).totalCollateral -= amount; require(!underCollateralized(vaultId), "Yama: Vault undercollateralized"); getCollateralType(vaultId).token.safeTransfer(msg.sender, amount); emit RemoveCollateral(msg.sender, vaultId, amount); } /// @notice Used to write off liquidated vaults /// @dev Sets collateral to 0 and debt to 0, doesn't call balance sheet /// @param vaultId The vault's ID function clearVault(uint256 vaultId) external onlyAllowlist { Vault storage vault = vaults[vaultId]; updateInterest(vault.collateralTypeId); CollateralType storage cType = getCollateralType(vaultId); collateralManager.handleCollateralWithdrawal( vaultId, vault.collateralAmount); cType.totalCollateral -= vault.collateralAmount; vault.collateralAmount = 0; setDebt(vaultId, 0); emit ClearVault(vaultId); } /// @notice Sets the liquidators for this module /// @param _liquidators The liquidators function setLiquidators( ILiquidator[] memory _liquidators ) external onlyAllowlist { liquidators = _liquidators; } /// @notice Used to enable/disable borrowing. /// @param value Whether to enable/disable borrowing function setBorrowingDisabled( bool value ) external onlyAllowlist { borrowingDisabled = value; } /// @notice Determines if a vault has been liquidated /// @param vaultId The vault's ID function isLiquidated(uint256 vaultId) external view returns (bool) { return vaults[vaultId].isLiquidated; } /// @notice Gets annual interest for a collateral type /// @dev Assumes 31536000 seconds in a year /// @param collateralTypeId The ID of the collateral type /// @return annualInterest The annual interest rate function getAnnualInterest( uint256 collateralTypeId ) external view returns (uint256 annualInterest) { return collateralTypes[collateralTypeId].interestRate.powu(31536000); } /// @notice Gets per-second interest for a collateral type /// @param collateralTypeId The ID of the collateral type /// @return psInterest The per-second interest rate function getPsInterest( uint256 collateralTypeId ) external view returns (uint256 psInterest) { return collateralTypes[collateralTypeId].interestRate; } /// @notice Obtains the collateralization ratio for a collateral type /// @param collateralTypeId The ID of the collateral type /// @return collateralRatio The collateralization ratio function getCollateralRatio( uint256 collateralTypeId ) external view returns (uint256 collateralRatio) { CollateralType storage cType = collateralTypes[collateralTypeId]; return cType.collateralRatio; } /// @notice Obtains the debt floor for a collateral type /// @param collateralTypeId The ID of the collateral type /// @return debtFloor The debt floor function getDebtFloor( uint256 collateralTypeId ) external view returns (uint256 debtFloor) { return collateralTypes[collateralTypeId].debtFloor; } /// @notice Obtains the debt ceiling for a collateral type /// @param collateralTypeId The ID of the collateral type /// @return debtCeiling The debt ceiling function getDebtCeiling( uint256 collateralTypeId ) external view returns (uint256 debtCeiling) { return collateralTypes[collateralTypeId].debtCeiling; } /// @notice Gets the vaults owned by an address /// @param owner The owner's address /// @return ownedVaults_ The vaults owned by the address function getOwnedVaults( address owner ) external view returns (uint256[] memory ownedVaults_) { return ownedVaults[owner]; } /// @notice Gets the owner of a vault /// @param vaultId The vault's ID /// @return owner The owner's address function getOwner( uint256 vaultId ) external view returns (address owner) { return vaults[vaultId].owner; } /// @notice Gets the alternate owner of a vault /// @param vaultId The vault's ID /// @return altOwner The alternate owner's address function getAltOwner( uint256 vaultId ) external view returns (address altOwner) { return vaults[vaultId].altOwner; } /// @notice Returns the collateral type ID for a vault /// @param vaultId The vault's ID /// @return collateralTypeId The collateral type ID function getCollateralTypeId( uint256 vaultId ) external view returns (uint256 collateralTypeId) { return vaults[vaultId].collateralTypeId; } /// @notice Returns the collateral token for a vault /// @param vaultId The vault's ID /// @return collateralToken The collateral token function getCollateralToken( uint256 vaultId ) external view returns (IERC20 collateralToken) { return getCollateralType(vaultId).token; } /// @notice Adds collateral to a vault /// @param vaultId The vault's ID /// @param amount The amount of collateral to add function addCollateral( uint256 vaultId, uint256 amount ) public onlyVaultOwner(vaultId) notLiquidated(vaultId) { getCollateralType(vaultId).token.safeTransferFrom( msg.sender, address(this), amount ); vaults[vaultId].collateralAmount += amount; getCollateralType(vaultId).totalCollateral += amount; collateralManager.handleCollateralDeposit(vaultId, amount); emit AddCollateral(msg.sender, vaultId, amount); } /// @notice Sets the collateral manager /// @param _collateralManager The collateral manager function setCollateralManager( ICollateralManager _collateralManager ) public onlyAllowlist { collateralManager = _collateralManager; } /// @notice Determines a vault's debt /// @param vaultId The vault's ID /// @return debt The vault's debt function getDebt(uint256 vaultId) public view returns (uint256 debt) { return vaults[vaultId].initialDebt.mul( getCollateralType(vaultId).cumulativeInterest); } /// @notice Obtains the total debt for a collateral type /// @param collateralTypeId The ID of the collateral type /// @return totalDebt The total debt function getTotalDebt( uint256 collateralTypeId ) public view returns (uint256 totalDebt) { CollateralType storage cType = collateralTypes[collateralTypeId]; return cType.initialDebt.mul(cType.cumulativeInterest); } /// @notice Updates interest for a collateral type /// @param collateralTypeId The ID of the collateral type function updateInterest(uint256 collateralTypeId) public { CollateralType storage cType = collateralTypes[collateralTypeId]; uint256 timeDelta = block.timestamp - cType.lastUpdateTime; if (timeDelta == 0) { return; } uint256 oldTotalDebt = getTotalDebt(collateralTypeId); cType.cumulativeInterest = cType.cumulativeInterest.mul( cType.interestRate.powu(timeDelta)); emit UpdateInterest( collateralTypeId, cType.interestRate, cType.lastUpdateTime, cType.cumulativeInterest ); cType.lastUpdateTime = block.timestamp; balanceSheet.addSurplus((int256(getTotalDebt(collateralTypeId)) - int256(oldTotalDebt))); } /// @notice Returns the collateral amount for a vault /// @param vaultId The vault's ID /// @return collateralAmount The collateral amount function getCollateralAmount( uint256 vaultId ) public view returns (uint256 collateralAmount) { return vaults[vaultId].collateralAmount; } /// @notice Returns the per-unit price of the vault's collateral /// @param vaultId The vault's ID /// @return price The collateral price function getCollateralPrice( uint256 vaultId ) public view returns (uint256 price) { price = getCollateralType(vaultId).priceSource.price(); } /// @notice Returns the value of a vault's collateral /// @param vaultId The vault's ID /// @return collateralValue The collateral value function getCollateralValue(uint256 vaultId) public view returns (uint256) { return getCollateralAmount(vaultId).mul(getCollateralPrice(vaultId)); } /// @notice Multiplies the debt by the collateral ratio for a vault /// @param vaultId The vault's ID /// @return targetCollateralValue The target collateral value function getTargetCollateralValue( uint256 vaultId ) public view returns (uint256 targetCollateralValue) { return getDebt(vaultId).mul(getCollateralType(vaultId).collateralRatio); } /// @notice Determines if a vault is undercollateralized /// @param vaultId The vault's ID /// @return undercollateralized True if the vault is undercollateralized function underCollateralized(uint256 vaultId) public view returns (bool) { return getCollateralValue(vaultId) < getTargetCollateralValue(vaultId); } /// @notice Sets the debt for a vault /// @param vaultId The vault's ID /// @param newDebt The new debt function setDebt(uint256 vaultId, uint256 newDebt) internal { CollateralType storage cType = getCollateralType(vaultId); uint256 oldInitialDebt = vaults[vaultId].initialDebt; uint256 newInitialDebt = newDebt.div(cType.cumulativeInterest); vaults[vaultId].initialDebt = newInitialDebt; cType.initialDebt = cType.initialDebt + newInitialDebt - oldInitialDebt; emit SetDebt(msg.sender, vaultId, newDebt, newInitialDebt); } /// @notice Returns the collateral type object for a specific vault /// @param vaultId The vault's ID /// @return cType The collateral type object function getCollateralType( uint256 vaultId ) internal view returns (CollateralType storage cType) { return collateralTypes[vaults[vaultId].collateralTypeId]; } /// @notice Reverts if the debt amount is invalid. /// @param vaultId The vault's ID /// @param amount The debt amount function requireValidDebtAmount( uint256 vaultId, uint256 amount ) internal view { require(validDebtAmount(vaultId, amount), "Yama: Invalid debt amount"); } /// @notice Determines if the debt amount is valid. /// @param vaultId The vault's ID /// @param amount The debt amount /// @return isValidDebtAmount True if the debt amount is valid function validDebtAmount( uint256 vaultId, uint256 amount ) internal view returns (bool isValidDebtAmount) { return ( amount == 0 || (amount >= getCollateralType(vaultId).debtFloor && !underCollateralizedWithNewDebt(vaultId, amount))); } /// @notice Determines if a vault is undercollateralized with a new debt amount /// @param vaultId The vault's ID /// @param amount The debt amount /// @return isUnderCollateralized True if the vault is undercollateralized function underCollateralizedWithNewDebt( uint256 vaultId, uint256 amount ) internal view returns (bool isUnderCollateralized) { return getCollateralValue(vaultId) < getTargetCollateralValueWithNewDebt(vaultId, amount); } /// @notice Multiplies the debt by the collateral ratio for a vault with a new debt amount /// @param vaultId The vault's ID /// @param amount The debt amount /// @return targetCollateralValue The target collateral value function getTargetCollateralValueWithNewDebt( uint256 vaultId, uint256 amount ) internal view returns (uint256 targetCollateralValue) { return amount.mul(getCollateralType(vaultId).collateralRatio); } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; import "./templates/YSSModule.sol"; import "@openzeppelin/contracts/interfaces/IERC3156FlashLender.sol"; /// @notice Issues flash loans denominated in Yama. contract FlashMintModule is YSSModule, IERC3156FlashLender { /// @notice Maximum flash loan amount uint256 public max; bytes32 constant CALLBACK_SUCCESS = keccak256("ERC3156FlashBorrower.onFlashLoan"); /// @notice Verifies the token is Yama /// @param token Token to verify modifier onlyYama(address token) { require(token == address(stablecoin), "Yama: Not YSS"); _; } /// @notice Initializes the module /// @param _stablecoin Stablecoin /// @param _max Maximum flash loan amount constructor(YSS _stablecoin, uint256 _max) YSSModule(_stablecoin) { max = _max; } /// @notice Returns the maximum flash loan amount /// @param token Token /// @return Maximum flash loan amount function maxFlashLoan( address token ) onlyYama(token) external view override returns (uint256) { return max; } /// @notice Returns the fee for a given flash loan amount. Fee is always 0 /// @param token Token /// @param amount Amount /// @return Fee function flashFee( address token, uint256 amount ) onlyYama(token) external view override returns (uint256) { amount; return 0; } /// @notice Executes an ERC3165 flash loan /// @param receiver Receiver of the flash loan /// @param token Token /// @param amount Amount /// @param data Data /// @return success Success /// @notice This function can re-enter, but it doesn't pose a risk because the tokens /// are burned regardless function flashLoan( IERC3156FlashBorrower receiver, address token, uint256 amount, bytes calldata data ) onlyYama(token) external override returns (bool success) { require(amount <= max, "Yama: Flash loan exceeds max"); stablecoin.mint(address(receiver), amount); require( receiver.onFlashLoan(msg.sender, token, amount, 0, data) == CALLBACK_SUCCESS, "Yama: Callback failed" ); uint256 allowance = stablecoin.allowance(address(receiver), address(this)); require( allowance >= amount, "Yama: Insufficient allowance" ); stablecoin.burn(address(receiver), amount); // Not the ERC20 approve function, so SafeERC20 not required. stablecoin.approve( address(receiver), address(this), allowance - amount ); return true; } /// @notice Sets the maximum flash loan amount /// @param _max Maximum flash loan amount function setMax(uint256 _max) external onlyAllowlist { max = _max; } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; /// @notice Provides a utility function for converting amounts between tokens with different decimal places. abstract contract Module { /// @notice Converts an amount between tokens with different decimal places /// @param amount The amount to convert /// @param fromDecimals The number of decimals of the token to convert from /// @param toDecimals The number of decimals of the token to convert to /// @return result The converted amount function convertAmount( uint256 amount, uint8 fromDecimals, uint8 toDecimals ) internal pure returns (uint256 result) { if (fromDecimals == toDecimals) { return amount; } else if (fromDecimals < toDecimals) { return amount * (10 ** (toDecimals - fromDecimals)); } else { return amount / (10 ** (fromDecimals - toDecimals)); } } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; import "../../YSS.sol"; import "./Module.sol"; /// @notice Abstract contract to easily check if caller is on the YSS's allowlist abstract contract YSSModule is Module { YSS public stablecoin; /// @notice Modifier to check if caller is on the allowlist modifier onlyAllowlist() { require(stablecoin.allowlist(msg.sender)); _; } /// @notice Sets the token /// @param _stablecoin Token to set constructor(YSS _stablecoin) { stablecoin = _stablecoin; } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; import "./YSSModule.sol"; import "../BalanceSheetModule.sol"; /// @notice Abstract contract for contracts that are part of the Yama Finance protocol. abstract contract YSSModuleExtended is YSSModule { BalanceSheetModule public balanceSheet; /// @notice Sets the stablecoin and balance sheet /// @param _stablecoin Stablecoin to set /// @param _balanceSheet Balance sheet to set constructor( YSS _stablecoin, BalanceSheetModule _balanceSheet ) YSSModule(_stablecoin) { balanceSheet = _balanceSheet; } /// @notice Sets the balance sheet function setBalanceSheet( BalanceSheetModule _balanceSheet ) external onlyAllowlist { balanceSheet = _balanceSheet; } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; import "src/modules/templates/YSSModuleExtended.sol"; import "@prb/math/contracts/PRBMathUD60x18.sol"; import "src/modules/CDPModule.sol"; /// @notice Liquidates CDPs with a dutch auction. contract DutchAuctionLiquidator is YSSModuleExtended, ILiquidator { using PRBMathUD60x18 for uint256; /// @custom:type Collateral type parameters. struct CTypeParams { // Multiplies the collateral value to determine starting price. uint256 initialPriceRatio; // How many seconds between each price drop. uint256 timeInterval; // PRBMathUD60x18.SCALE - (PRBMathUD60x18.SCALE / 100), which represents // 0.99 is a 1% price drop every timeInterval seconds uint256 changeRate; // After resetThreshold * timeInterval seconds, no one can bid and the // auction must be reset. uint256 resetThreshold; // Used to check if this struct is used instead of the default CTypeParams. // If this is the default CTypeParams, this field is unused. bool enabled; } struct Auction { uint256 vaultId; uint256 startPrice; uint256 startTime; bool done; // Claimed or reset. } /// @notice Includes all auctions, even those that have been claimed or reset. Auction[] public auctions; CDPModule public immutable cdpModule; mapping(uint256 collateralTypeId => CTypeParams cTypeParams) public cTypeParamsMapping; CTypeParams public defaultCTypeParams; /// @notice Emitted when an auction is initialized /// @param vaultId The vault ID /// @param auctionId The auction ID /// @param startPrice The starting price /// @param startTime The starting time event InitializeAuction( uint256 indexed vaultId, uint256 indexed auctionId, uint256 startPrice, uint256 startTime ); /// @notice Emitted when an auction is reset /// @param initiator The initiator of the reset /// @param vaultId The vault ID /// @param auctionId The auction ID event ResetAuction( address indexed initiator, uint256 indexed vaultId, uint256 indexed auctionId ); /// @notice Emitted when an auction is claimed /// @param claimer The claimer of the auction /// @param vaultId The vault ID /// @param auctionId The auction ID /// @param price The price of the auction event ClaimAuction( address indexed claimer, uint256 indexed vaultId, uint256 indexed auctionId, uint256 price ); /// @notice Emitted when the default collateral type parameters are set /// @param initialPriceRatio The initial price ratio /// @param timeInterval The time interval /// @param changeRate The change rate /// @param resetThreshold The reset threshold event SetDefaultCTypeParams( uint256 initialPriceRatio, uint256 timeInterval, uint256 changeRate, uint256 resetThreshold ); /// @notice Emitted when the collateral type parameters are set /// @param collateralTypeId The collateral type ID /// @param initialPriceRatio The initial price ratio /// @param timeInterval The time interval /// @param changeRate The change rate /// @param resetThreshold The reset threshold /// @param enabled Whether the collateral type is enabled event SetCTypeParams( uint256 indexed collateralTypeId, uint256 initialPriceRatio, uint256 timeInterval, uint256 changeRate, uint256 resetThreshold, bool enabled ); /// @notice Verifies that the auction has not been claimed or reset modifier notDone(uint256 auctionId) { require(!auctions[auctionId].done, "Yama: Auction done"); _; } /// @notice Initializes this contract /// @param _stablecoin The YSS contract /// @param _balanceSheet The BalanceSheet contract /// @param _cdpModule The CDPModule contract /// @param defaultInitialPriceRatio The default initial price ratio /// @param defaultTimeInterval The default time interval /// @param defaultChangeRate The default change rate /// @param defaultResetThreshold The default reset threshold constructor( YSS _stablecoin, BalanceSheetModule _balanceSheet, CDPModule _cdpModule, uint256 defaultInitialPriceRatio, uint256 defaultTimeInterval, uint256 defaultChangeRate, uint256 defaultResetThreshold ) YSSModuleExtended(_stablecoin, _balanceSheet) { cdpModule = _cdpModule; defaultCTypeParams = CTypeParams( defaultInitialPriceRatio, defaultTimeInterval, defaultChangeRate, defaultResetThreshold, true ); emit SetDefaultCTypeParams( defaultInitialPriceRatio, defaultTimeInterval, defaultChangeRate, defaultResetThreshold ); } /// @notice Sets the liquidation parameters for a collateral type /// @param collateralTypeId The collateral type ID /// @param initialPriceRatio The initial price ratio /// @param timeInterval The time interval /// @param changeRate The change rate /// @param resetThreshold The reset threshold /// @param enabled Whether the collateral type is enabled function setCTypeParams( uint256 collateralTypeId, uint256 initialPriceRatio, uint256 timeInterval, uint256 changeRate, uint256 resetThreshold, bool enabled ) external onlyAllowlist { cTypeParamsMapping[collateralTypeId] = CTypeParams( initialPriceRatio, timeInterval, changeRate, resetThreshold, enabled ); emit SetCTypeParams( collateralTypeId, initialPriceRatio, timeInterval, changeRate, resetThreshold, enabled ); } /// @notice Called by the CDP module to liquidate a vault /// @param vaultId The vault ID /// @return successful Whether the liquidation was successful function liquidate( uint256 vaultId ) external onlyAllowlist returns (bool successful) { initializeAuction(vaultId); return true; } /// @notice Used to purchase the auctioned collateral at the current price /// @param maxPrice The transaction reverts if the price is above this amount function claim( uint256 auctionId, uint256 maxPrice ) external notDone(auctionId) { Auction storage auction = auctions[auctionId]; require(!isExpired(auctionId), "Yama: Auction expired"); uint256 price = getPrice(auctionId); require(price <= maxPrice, "Yama: price > maxPrice"); stablecoin.burn(msg.sender, price); cdpModule.transfer( cdpModule.getCollateralToken(auction.vaultId), msg.sender, cdpModule.getCollateralAmount(auction.vaultId) ); cdpModule.updateInterest(cdpModule.getCollateralTypeId(auction.vaultId)); balanceSheet.addSurplus( int256(price) - int256(cdpModule.getDebt(auction.vaultId))); cdpModule.clearVault(auction.vaultId); auction.done = true; emit ClaimAuction( msg.sender, auction.vaultId, auctionId, price ); } /// @notice Resets an auction once it has expired /// @param auctionId The auction ID function resetAuction( uint256 auctionId ) external notDone(auctionId) { require(isExpired(auctionId), "Yama: Auction not expired"); auctions[auctionId].done = true; emit ResetAuction( msg.sender, auctions[auctionId].vaultId, auctionId ); initializeAuction(auctions[auctionId].vaultId); } /// @notice Obtains the amount of collateral in an auction /// @param auctionId The auction ID /// @return collateralAmount The amount of collateral function getCollateralAmount( uint256 auctionId ) external view returns (uint256 collateralAmount) { return cdpModule.getCollateralAmount(auctions[auctionId].vaultId); } /// @notice Gets the last auction ID. /// @return lastAuctionId The last auction ID function getLastAuctionId() external view returns (uint256 lastAuctionId) { return auctions.length - 1; } /// @notice Sets the default liquidation parameters. /// @param initialPriceRatio The initial price ratio /// @param timeInterval The time interval /// @param changeRate The change rate /// @param resetThreshold The reset threshold function setDefaultCTypeParams( uint256 initialPriceRatio, uint256 timeInterval, uint256 changeRate, uint256 resetThreshold ) public onlyAllowlist { defaultCTypeParams = CTypeParams( initialPriceRatio, timeInterval, changeRate, resetThreshold, true ); emit SetDefaultCTypeParams( initialPriceRatio, timeInterval, changeRate, resetThreshold ); } /// @notice Obtains the collateral type ID for an auction /// @param auctionId The auction ID /// @return collateralTypeId The collateral type ID function getCollateralTypeId( uint256 auctionId ) public view returns (uint256 collateralTypeId) { return cdpModule.getCollateralTypeId(auctions[auctionId].vaultId); } /// @notice Calculates the current price for an auction. /// @dev Returns 0 if the auction is not in progress. /// @param auctionId The auction ID /// @return price The current price function getPrice(uint256 auctionId) public view returns (uint256 price) { Auction storage auction = auctions[auctionId]; if (auction.done || isExpired(auctionId)) { return 0; } CTypeParams storage cTypeParams = getAuctionCTypeParams(auctionId); uint256 intervalsElapsed = (block.timestamp - auction.startTime) / cTypeParams.timeInterval; return auction.startPrice.mul( cTypeParams.changeRate.powu(intervalsElapsed)); } function isExpired(uint256 auctionId) public view returns (bool) { CTypeParams storage cTypeParams = getAuctionCTypeParams(auctionId); return block.timestamp >= (auctions[auctionId].startTime + (cTypeParams.timeInterval * cTypeParams.resetThreshold)); } /// @notice Initializes an auction /// @param vaultId The vault ID function initializeAuction( uint256 vaultId ) internal { CTypeParams storage cTypeParams = getCTypeParams(cdpModule.getCollateralTypeId(vaultId)); Auction memory auction = Auction( vaultId, cdpModule.getCollateralValue(vaultId).mul(cTypeParams.initialPriceRatio), block.timestamp, false ); auctions.push(auction); emit InitializeAuction( vaultId, auctions.length - 1, auction.startPrice, auction.startTime ); } /// @notice Obtains CTypeParams for a collateral type (or default CTypeParams) /// @param collateralTypeId The collateral type ID /// @return cTypeParams The CTypeParams function getCTypeParams( uint256 collateralTypeId ) internal view returns (CTypeParams storage cTypeParams) { CTypeParams storage specificCTypeParams = cTypeParamsMapping[collateralTypeId]; if (specificCTypeParams.enabled) { return specificCTypeParams; } else { return defaultCTypeParams; } } /// @notice Obtains CTypeParams for an auction. /// @param auctionId The auction ID /// @return cTypeParams The CTypeParams function getAuctionCTypeParams( uint256 auctionId ) internal view returns (CTypeParams storage cTypeParams) { return getCTypeParams(getCollateralTypeId(auctionId)); } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; /// @notice Interface for a contract that can swap between Yama and a collateral token interface ISwapper { /// @notice Swaps the collateral token to Yama /// @dev minOutputAmount is used to prevent sandwich attacks /// @param collateralAmount The amount of collateral to swap /// @param minOutputAmount The minimum amount of Yama to receive /// @return outputAmount The amount of Yama received function swapToYama( uint256 collateralAmount, uint256 minOutputAmount ) external returns (uint256 outputAmount); /// @notice Swaps Yama to the collateral token /// @dev minOutputAmount is used to prevent sandwich attacks /// @param yamaAmount The amount of Yama to swap /// @param minOutputAmount The minimum amount of collateral to receive /// @return outputAmount The amount of collateral received function swapToCollateral( uint256 yamaAmount, uint256 minOutputAmount ) external returns (uint256 outputAmount); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity 0.8.18; import "../modules/FlashMintModule.sol"; import "../periphery/DutchAuctionLiquidator.sol"; import "./ISwapper.sol"; import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; /// @notice A simple contract used by keepers to liquidate CDPs using flash loans contract SimpleKeeperProxy is IERC3156FlashBorrower { YSS public immutable stablecoin; FlashMintModule public immutable flashMintModule; CDPModule public immutable cdpModule; DutchAuctionLiquidator public immutable liquidatorModule; IERC20 public immutable collateral; ISwapper public immutable swapper; /// @notice Initializes the contract /// @param _stablecoin Stablecoin /// @param _flashMintModule Flash mint module /// @param _cdpModule CDP module /// @param _liquidatorModule Liquidator module /// @param _collateral Collateral token /// @param _swapper Swapper constructor( YSS _stablecoin, FlashMintModule _flashMintModule, CDPModule _cdpModule, DutchAuctionLiquidator _liquidatorModule, IERC20 _collateral, ISwapper _swapper ) { stablecoin = _stablecoin; flashMintModule = _flashMintModule; cdpModule = _cdpModule; liquidatorModule = _liquidatorModule; collateral = _collateral; swapper = _swapper; } /// @notice Liquidates a vault and claims the auction using a flash loan and pockets the profit /// @param vaultId Vault ID /// @param maxPrice Maximum price to pay to claim the collateral function liquidateAndClaim(uint256 vaultId, uint256 maxPrice) external { cdpModule.liquidate(vaultId); uint256 auctionId = liquidatorModule.getLastAuctionId(); uint256 auctionPrice = liquidatorModule.getPrice(auctionId); flashMintModule.flashLoan( IERC3156FlashBorrower(address(this)), address(stablecoin), auctionPrice, encodeFlashLoanData(auctionId, maxPrice, msg.sender) ); } /// @notice Resets and claims an auction using a flash loan and pockets the profit /// @param auctionId Auction ID /// @param maxPrice Maximum price to pay to claim the collateral function resetAndClaim(uint256 auctionId, uint256 maxPrice) external { liquidatorModule.resetAuction(auctionId); uint256 newAuctionId = liquidatorModule.getLastAuctionId(); uint256 auctionPrice = liquidatorModule.getPrice(newAuctionId); flashMintModule.flashLoan( IERC3156FlashBorrower(address(this)), address(stablecoin), auctionPrice, encodeFlashLoanData(newAuctionId, maxPrice, msg.sender) ); } /// @notice Claims an auction using a flash loan and pockets the profit /// @param auctionId Auction ID /// @param maxPrice Maximum price to pay to claim the collateral function claimAuction(uint256 auctionId, uint256 maxPrice) external { uint256 auctionPrice = liquidatorModule.getPrice(auctionId); flashMintModule.flashLoan( IERC3156FlashBorrower(address(this)), address(stablecoin), auctionPrice, encodeFlashLoanData(auctionId, maxPrice, msg.sender) ); } /// @notice Callback function for flash loans /// @param initiator Initiator of the flash loan /// @param token Token address /// @param amount Amount of tokens borrowed /// @param fee Fee /// @param data Data /// @return hash keccak256("ERC3156FlashBorrower.onFlashLoan") function onFlashLoan( address initiator, address token, uint256 amount, uint256 fee, bytes calldata data ) external returns (bytes32 hash) { fee; token; require(msg.sender == address(flashMintModule), "SimpleLiquidator: Not flashMintModule"); require(initiator == address(this), "SimpleLiquidator: Initiator not this"); (uint256 auctionId, uint256 maxPrice, address executor) = decodeFlashLoanData(data); uint256 collateralAmount = liquidatorModule.getCollateralAmount(auctionId); liquidatorModule.claim(auctionId, maxPrice); collateral.approve(address(swapper), collateralAmount); uint256 profit = swapper.swapToYama(collateralAmount, amount) - amount; stablecoin.approve(address(flashMintModule), amount); stablecoin.transfer(executor, profit); return keccak256("ERC3156FlashBorrower.onFlashLoan"); } /// @notice Encodes flash loan data /// @param auctionId Auction ID /// @param maxPrice Maximum price to pay to claim the collateral /// @param executor Executor /// @return data Encoded data function encodeFlashLoanData( uint256 auctionId, uint256 maxPrice, address executor ) internal pure returns (bytes memory data) { return abi.encode( auctionId, maxPrice, executor ); } /// @notice Decodes flash loan data /// @param data Encoded data /// @return auctionId Auction ID /// @return maxPrice Maximum price to pay to claim the collateral /// @return executor Executor function decodeFlashLoanData( bytes memory data ) internal pure returns ( uint256 auctionId, uint256 maxPrice, address executor ) { return abi.decode(data, (uint256, uint256, address)); } }
{ "remappings": [ "@hyperlane-xyz/=lib/hyperlane-monorepo/solidity/", "@openzeppelin/contracts-upgradeable/=lib/openzeppelin-contracts-upgradeable/contracts/", "@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/", "@prb/math/=lib/prb-math/", "ds-test/=lib/forge-std/lib/ds-test/src/", "forge-std/=lib/forge-std/src/", "hyperlane-monorepo/=lib/hyperlane-monorepo/", "openzeppelin-contracts/=lib/openzeppelin-contracts/", "prb-math/=lib/prb-math/contracts/" ], "optimizer": { "enabled": true, "runs": 200 }, "metadata": { "bytecodeHash": "ipfs", "appendCBOR": true }, "outputSelection": { "*": { "*": [ "evm.bytecode", "evm.deployedBytecode", "devdoc", "userdoc", "metadata", "abi" ] } }, "evmVersion": "london", "libraries": {} }
[{"inputs":[{"internalType":"contract YSS","name":"_stablecoin","type":"address"},{"internalType":"contract FlashMintModule","name":"_flashMintModule","type":"address"},{"internalType":"contract CDPModule","name":"_cdpModule","type":"address"},{"internalType":"contract DutchAuctionLiquidator","name":"_liquidatorModule","type":"address"},{"internalType":"contract IERC20","name":"_collateral","type":"address"},{"internalType":"contract ISwapper","name":"_swapper","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"inputs":[],"name":"cdpModule","outputs":[{"internalType":"contract CDPModule","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"auctionId","type":"uint256"},{"internalType":"uint256","name":"maxPrice","type":"uint256"}],"name":"claimAuction","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"collateral","outputs":[{"internalType":"contract IERC20","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"flashMintModule","outputs":[{"internalType":"contract FlashMintModule","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"vaultId","type":"uint256"},{"internalType":"uint256","name":"maxPrice","type":"uint256"}],"name":"liquidateAndClaim","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"liquidatorModule","outputs":[{"internalType":"contract DutchAuctionLiquidator","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"initiator","type":"address"},{"internalType":"address","name":"token","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"},{"internalType":"uint256","name":"fee","type":"uint256"},{"internalType":"bytes","name":"data","type":"bytes"}],"name":"onFlashLoan","outputs":[{"internalType":"bytes32","name":"hash","type":"bytes32"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"auctionId","type":"uint256"},{"internalType":"uint256","name":"maxPrice","type":"uint256"}],"name":"resetAndClaim","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"stablecoin","outputs":[{"internalType":"contract YSS","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"swapper","outputs":[{"internalType":"contract ISwapper","name":"","type":"address"}],"stateMutability":"view","type":"function"}]
Contract Creation Code
6101406040523480156200001257600080fd5b5060405162000f8a38038062000f8a83398101604081905262000035916200007e565b6001600160a01b0395861660805293851660a05291841660c052831660e052821661010052166101205262000112565b6001600160a01b03811681146200007b57600080fd5b50565b60008060008060008060c087890312156200009857600080fd5b8651620000a58162000065565b6020880151909650620000b88162000065565b6040880151909550620000cb8162000065565b6060880151909450620000de8162000065565b6080880151909350620000f18162000065565b60a0880151909250620001048162000065565b809150509295509295509295565b60805160a05160c05160e0516101005161012051610dab620001df60003960008181610122015281816106c1015261078a0152600081816101bd01526106f001526000818160a801528181610285015281816103290152818161059b015281816106480152818161099501526109e501526000818161015c015261021c0152600081816101830152818161039801528181610469015281816108180152610a5c0152600081816101e4015281816103c80152818161084a015281816108e00152610a8c0152610dab6000f3fe608060405234801561001057600080fd5b506004361061009e5760003560e01c80634d6f91d1116100665780634d6f91d114610157578063995c07cd1461017e578063c46a6d3d146101a5578063d8dfeb45146101b8578063e9cbd822146101df57600080fd5b8063139a1a09146100a35780631f35c8e2146100e757806323e30c8b146100fc5780632b3297f91461011d578063352a94d714610144575b600080fd5b6100ca7f000000000000000000000000000000000000000000000000000000000000000081565b6040516001600160a01b0390911681526020015b60405180910390f35b6100fa6100f5366004610b7e565b610206565b005b61010f61010a366004610bb8565b61045c565b6040519081526020016100de565b6100ca7f000000000000000000000000000000000000000000000000000000000000000081565b6100fa610152366004610b7e565b61097f565b6100ca7f000000000000000000000000000000000000000000000000000000000000000081565b6100ca7f000000000000000000000000000000000000000000000000000000000000000081565b6100fa6101b3366004610b7e565b6109cc565b6100ca7f000000000000000000000000000000000000000000000000000000000000000081565b6100ca7f000000000000000000000000000000000000000000000000000000000000000081565b6040516301057c4960e61b8152600481018390527f00000000000000000000000000000000000000000000000000000000000000006001600160a01b03169063415f1240906024015b600060405180830381600087803b15801561026957600080fd5b505af115801561027d573d6000803e3d6000fd5b5050505060007f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316630aff20766040518163ffffffff1660e01b8152600401602060405180830381865afa1580156102e1573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906103059190610c62565b604051630e75722360e41b8152600481018290529091506000906001600160a01b037f0000000000000000000000000000000000000000000000000000000000000000169063e757223090602401602060405180830381865afa158015610370573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906103949190610c62565b90507f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316635cffe9de307f0000000000000000000000000000000000000000000000000000000000000000846103f3878933610b1f565b6040518563ffffffff1660e01b81526004016104129493929190610c7b565b6020604051808303816000875af1158015610431573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906104559190610cec565b5050505050565b6000336001600160a01b037f000000000000000000000000000000000000000000000000000000000000000016146104e95760405162461bcd60e51b815260206004820152602560248201527f53696d706c654c697175696461746f723a204e6f7420666c6173684d696e744d6044820152646f64756c6560d81b60648201526084015b60405180910390fd5b6001600160a01b038716301461054d5760405162461bcd60e51b8152602060048201526024808201527f53696d706c654c697175696461746f723a20496e69746961746f72206e6f74206044820152637468697360e01b60648201526084016104e0565b600080600061059186868080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250610b5892505050565b92509250925060007f00000000000000000000000000000000000000000000000000000000000000006001600160a01b031663bdc7c12b856040518263ffffffff1660e01b81526004016105e791815260200190565b602060405180830381865afa158015610604573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906106289190610c62565b60405163c349026360e01b815260048101869052602481018590529091507f00000000000000000000000000000000000000000000000000000000000000006001600160a01b03169063c349026390604401600060405180830381600087803b15801561069457600080fd5b505af11580156106a8573d6000803e3d6000fd5b505060405163095ea7b360e01b81526001600160a01b037f000000000000000000000000000000000000000000000000000000000000000081166004830152602482018590527f000000000000000000000000000000000000000000000000000000000000000016925063095ea7b391506044016020604051808303816000875af115801561073b573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061075f9190610cec565b5060405163067ce32760e31b815260048101829052602481018a90526000908a906001600160a01b037f000000000000000000000000000000000000000000000000000000000000000016906333e71938906044016020604051808303816000875af11580156107d3573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906107f79190610c62565b6108019190610d15565b60405163095ea7b360e01b81526001600160a01b037f000000000000000000000000000000000000000000000000000000000000000081166004830152602482018d90529192507f00000000000000000000000000000000000000000000000000000000000000009091169063095ea7b3906044016020604051808303816000875af1158015610895573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906108b99190610cec565b5060405163a9059cbb60e01b81526001600160a01b038481166004830152602482018390527f0000000000000000000000000000000000000000000000000000000000000000169063a9059cbb906044016020604051808303816000875af1158015610929573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061094d9190610cec565b507f439148f0bbc682ca079e46d6e2c2f0c1e3b820f1a291b069d8882abf8cf18dd99c9b505050505050505050505050565b604051633092af9360e11b8152600481018390527f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316906361255f269060240161024f565b604051630e75722360e41b8152600481018390526000907f00000000000000000000000000000000000000000000000000000000000000006001600160a01b03169063e757223090602401602060405180830381865afa158015610a34573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610a589190610c62565b90507f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316635cffe9de307f000000000000000000000000000000000000000000000000000000000000000084610ab7888833610b1f565b6040518563ffffffff1660e01b8152600401610ad69493929190610c7b565b6020604051808303816000875af1158015610af5573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610b199190610cec565b50505050565b604080516020810194909452838101929092526001600160a01b0316606080840191909152815180840390910181526080909201905290565b600080600083806020019051810190610b719190610d3c565b9250925092509193909250565b60008060408385031215610b9157600080fd5b50508035926020909101359150565b6001600160a01b0381168114610bb557600080fd5b50565b60008060008060008060a08789031215610bd157600080fd5b8635610bdc81610ba0565b95506020870135610bec81610ba0565b94506040870135935060608701359250608087013567ffffffffffffffff80821115610c1757600080fd5b818901915089601f830112610c2b57600080fd5b813581811115610c3a57600080fd5b8a6020828501011115610c4c57600080fd5b6020830194508093505050509295509295509295565b600060208284031215610c7457600080fd5b5051919050565b600060018060a01b038087168352602081871681850152856040850152608060608501528451915081608085015260005b82811015610cc85785810182015185820160a001528101610cac565b5050600060a0828501015260a0601f19601f83011684010191505095945050505050565b600060208284031215610cfe57600080fd5b81518015158114610d0e57600080fd5b9392505050565b81810381811115610d3657634e487b7160e01b600052601160045260246000fd5b92915050565b600080600060608486031215610d5157600080fd5b83519250602084015191506040840151610d6a81610ba0565b80915050925092509256fea2646970667358221220d949dbe5afe06b6ce1f620fbcef65d1548eb62b9aef7d02f7e4e052013d78d3164736f6c634300081200330000000000000000000000007a88b57bf741a3950e53421eaa6c1a3c89d066f90000000000000000000000002ca1b6d28ee88e75f9116172d73cd4d09c5804600000000000000000000000001cd97ee98f3423222f7b4cddb383f2ee2907e628000000000000000000000000ffa1950dc6d595ca272e937522bc8df22cb125bc0000000000000000000000009dbbbaecacedf53d5caa295b8293c1def2055adc000000000000000000000000523920ee2e7a744b8bb76ecfc96f43b6403ed814
Deployed Bytecode
0x608060405234801561001057600080fd5b506004361061009e5760003560e01c80634d6f91d1116100665780634d6f91d114610157578063995c07cd1461017e578063c46a6d3d146101a5578063d8dfeb45146101b8578063e9cbd822146101df57600080fd5b8063139a1a09146100a35780631f35c8e2146100e757806323e30c8b146100fc5780632b3297f91461011d578063352a94d714610144575b600080fd5b6100ca7f000000000000000000000000ffa1950dc6d595ca272e937522bc8df22cb125bc81565b6040516001600160a01b0390911681526020015b60405180910390f35b6100fa6100f5366004610b7e565b610206565b005b61010f61010a366004610bb8565b61045c565b6040519081526020016100de565b6100ca7f000000000000000000000000523920ee2e7a744b8bb76ecfc96f43b6403ed81481565b6100fa610152366004610b7e565b61097f565b6100ca7f0000000000000000000000001cd97ee98f3423222f7b4cddb383f2ee2907e62881565b6100ca7f0000000000000000000000002ca1b6d28ee88e75f9116172d73cd4d09c58046081565b6100fa6101b3366004610b7e565b6109cc565b6100ca7f0000000000000000000000009dbbbaecacedf53d5caa295b8293c1def2055adc81565b6100ca7f0000000000000000000000007a88b57bf741a3950e53421eaa6c1a3c89d066f981565b6040516301057c4960e61b8152600481018390527f0000000000000000000000001cd97ee98f3423222f7b4cddb383f2ee2907e6286001600160a01b03169063415f1240906024015b600060405180830381600087803b15801561026957600080fd5b505af115801561027d573d6000803e3d6000fd5b5050505060007f000000000000000000000000ffa1950dc6d595ca272e937522bc8df22cb125bc6001600160a01b0316630aff20766040518163ffffffff1660e01b8152600401602060405180830381865afa1580156102e1573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906103059190610c62565b604051630e75722360e41b8152600481018290529091506000906001600160a01b037f000000000000000000000000ffa1950dc6d595ca272e937522bc8df22cb125bc169063e757223090602401602060405180830381865afa158015610370573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906103949190610c62565b90507f0000000000000000000000002ca1b6d28ee88e75f9116172d73cd4d09c5804606001600160a01b0316635cffe9de307f0000000000000000000000007a88b57bf741a3950e53421eaa6c1a3c89d066f9846103f3878933610b1f565b6040518563ffffffff1660e01b81526004016104129493929190610c7b565b6020604051808303816000875af1158015610431573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906104559190610cec565b5050505050565b6000336001600160a01b037f0000000000000000000000002ca1b6d28ee88e75f9116172d73cd4d09c58046016146104e95760405162461bcd60e51b815260206004820152602560248201527f53696d706c654c697175696461746f723a204e6f7420666c6173684d696e744d6044820152646f64756c6560d81b60648201526084015b60405180910390fd5b6001600160a01b038716301461054d5760405162461bcd60e51b8152602060048201526024808201527f53696d706c654c697175696461746f723a20496e69746961746f72206e6f74206044820152637468697360e01b60648201526084016104e0565b600080600061059186868080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250610b5892505050565b92509250925060007f000000000000000000000000ffa1950dc6d595ca272e937522bc8df22cb125bc6001600160a01b031663bdc7c12b856040518263ffffffff1660e01b81526004016105e791815260200190565b602060405180830381865afa158015610604573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906106289190610c62565b60405163c349026360e01b815260048101869052602481018590529091507f000000000000000000000000ffa1950dc6d595ca272e937522bc8df22cb125bc6001600160a01b03169063c349026390604401600060405180830381600087803b15801561069457600080fd5b505af11580156106a8573d6000803e3d6000fd5b505060405163095ea7b360e01b81526001600160a01b037f000000000000000000000000523920ee2e7a744b8bb76ecfc96f43b6403ed81481166004830152602482018590527f0000000000000000000000009dbbbaecacedf53d5caa295b8293c1def2055adc16925063095ea7b391506044016020604051808303816000875af115801561073b573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061075f9190610cec565b5060405163067ce32760e31b815260048101829052602481018a90526000908a906001600160a01b037f000000000000000000000000523920ee2e7a744b8bb76ecfc96f43b6403ed81416906333e71938906044016020604051808303816000875af11580156107d3573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906107f79190610c62565b6108019190610d15565b60405163095ea7b360e01b81526001600160a01b037f0000000000000000000000002ca1b6d28ee88e75f9116172d73cd4d09c58046081166004830152602482018d90529192507f0000000000000000000000007a88b57bf741a3950e53421eaa6c1a3c89d066f99091169063095ea7b3906044016020604051808303816000875af1158015610895573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906108b99190610cec565b5060405163a9059cbb60e01b81526001600160a01b038481166004830152602482018390527f0000000000000000000000007a88b57bf741a3950e53421eaa6c1a3c89d066f9169063a9059cbb906044016020604051808303816000875af1158015610929573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061094d9190610cec565b507f439148f0bbc682ca079e46d6e2c2f0c1e3b820f1a291b069d8882abf8cf18dd99c9b505050505050505050505050565b604051633092af9360e11b8152600481018390527f000000000000000000000000ffa1950dc6d595ca272e937522bc8df22cb125bc6001600160a01b0316906361255f269060240161024f565b604051630e75722360e41b8152600481018390526000907f000000000000000000000000ffa1950dc6d595ca272e937522bc8df22cb125bc6001600160a01b03169063e757223090602401602060405180830381865afa158015610a34573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610a589190610c62565b90507f0000000000000000000000002ca1b6d28ee88e75f9116172d73cd4d09c5804606001600160a01b0316635cffe9de307f0000000000000000000000007a88b57bf741a3950e53421eaa6c1a3c89d066f984610ab7888833610b1f565b6040518563ffffffff1660e01b8152600401610ad69493929190610c7b565b6020604051808303816000875af1158015610af5573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190610b199190610cec565b50505050565b604080516020810194909452838101929092526001600160a01b0316606080840191909152815180840390910181526080909201905290565b600080600083806020019051810190610b719190610d3c565b9250925092509193909250565b60008060408385031215610b9157600080fd5b50508035926020909101359150565b6001600160a01b0381168114610bb557600080fd5b50565b60008060008060008060a08789031215610bd157600080fd5b8635610bdc81610ba0565b95506020870135610bec81610ba0565b94506040870135935060608701359250608087013567ffffffffffffffff80821115610c1757600080fd5b818901915089601f830112610c2b57600080fd5b813581811115610c3a57600080fd5b8a6020828501011115610c4c57600080fd5b6020830194508093505050509295509295509295565b600060208284031215610c7457600080fd5b5051919050565b600060018060a01b038087168352602081871681850152856040850152608060608501528451915081608085015260005b82811015610cc85785810182015185820160a001528101610cac565b5050600060a0828501015260a0601f19601f83011684010191505095945050505050565b600060208284031215610cfe57600080fd5b81518015158114610d0e57600080fd5b9392505050565b81810381811115610d3657634e487b7160e01b600052601160045260246000fd5b92915050565b600080600060608486031215610d5157600080fd5b83519250602084015191506040840151610d6a81610ba0565b80915050925092509256fea2646970667358221220d949dbe5afe06b6ce1f620fbcef65d1548eb62b9aef7d02f7e4e052013d78d3164736f6c63430008120033
Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)
0000000000000000000000007a88b57bf741a3950e53421eaa6c1a3c89d066f90000000000000000000000002ca1b6d28ee88e75f9116172d73cd4d09c5804600000000000000000000000001cd97ee98f3423222f7b4cddb383f2ee2907e628000000000000000000000000ffa1950dc6d595ca272e937522bc8df22cb125bc0000000000000000000000009dbbbaecacedf53d5caa295b8293c1def2055adc000000000000000000000000523920ee2e7a744b8bb76ecfc96f43b6403ed814
-----Decoded View---------------
Arg [0] : _stablecoin (address): 0x7A88B57BF741a3950E53421Eaa6C1a3c89d066f9
Arg [1] : _flashMintModule (address): 0x2ca1b6D28EE88E75F9116172D73Cd4D09c580460
Arg [2] : _cdpModule (address): 0x1Cd97ee98f3423222f7B4CDdb383f2EE2907E628
Arg [3] : _liquidatorModule (address): 0xFfA1950Dc6d595CA272E937522bc8DF22CB125Bc
Arg [4] : _collateral (address): 0x9dbbBaecACEDf53d5Caa295b8293c1def2055Adc
Arg [5] : _swapper (address): 0x523920eE2E7a744b8BB76eCfC96F43B6403Ed814
-----Encoded View---------------
6 Constructor Arguments found :
Arg [0] : 0000000000000000000000007a88b57bf741a3950e53421eaa6c1a3c89d066f9
Arg [1] : 0000000000000000000000002ca1b6d28ee88e75f9116172d73cd4d09c580460
Arg [2] : 0000000000000000000000001cd97ee98f3423222f7b4cddb383f2ee2907e628
Arg [3] : 000000000000000000000000ffa1950dc6d595ca272e937522bc8df22cb125bc
Arg [4] : 0000000000000000000000009dbbbaecacedf53d5caa295b8293c1def2055adc
Arg [5] : 000000000000000000000000523920ee2e7a744b8bb76ecfc96f43b6403ed814
Age | Block | Fee Address | BC Fee Address | Voting Power | Jailed | Incoming |
---|
Make sure to use the "Vote Down" button for any spammy posts, and the "Vote Up" for interesting conversations.