Contract Name:
CurveConvexPeriphery
Contract Source Code:
<i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.20;
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Storage of the initializable contract.
*
* It's implemented on a custom ERC-7201 namespace to reduce the risk of storage collisions
* when using with upgradeable contracts.
*
* @custom:storage-location erc7201:openzeppelin.storage.Initializable
*/
struct InitializableStorage {
/**
* @dev Indicates that the contract has been initialized.
*/
uint64 _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool _initializing;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Initializable")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant INITIALIZABLE_STORAGE = 0xf0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00;
/**
* @dev The contract is already initialized.
*/
error InvalidInitialization();
/**
* @dev The contract is not initializing.
*/
error NotInitializing();
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint64 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that in the context of a constructor an `initializer` may be invoked any
* number of times. This behavior in the constructor can be useful during testing and is not expected to be used in
* production.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
// Cache values to avoid duplicated sloads
bool isTopLevelCall = !$._initializing;
uint64 initialized = $._initialized;
// Allowed calls:
// - initialSetup: the contract is not in the initializing state and no previous version was
// initialized
// - construction: the contract is initialized at version 1 (no reininitialization) and the
// current contract is just being deployed
bool initialSetup = initialized == 0 && isTopLevelCall;
bool construction = initialized == 1 && address(this).code.length == 0;
if (!initialSetup && !construction) {
revert InvalidInitialization();
}
$._initialized = 1;
if (isTopLevelCall) {
$._initializing = true;
}
_;
if (isTopLevelCall) {
$._initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: Setting the version to 2**64 - 1 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint64 version) {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing || $._initialized >= version) {
revert InvalidInitialization();
}
$._initialized = version;
$._initializing = true;
_;
$._initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
_checkInitializing();
_;
}
/**
* @dev Reverts if the contract is not in an initializing state. See {onlyInitializing}.
*/
function _checkInitializing() internal view virtual {
if (!_isInitializing()) {
revert NotInitializing();
}
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing) {
revert InvalidInitialization();
}
if ($._initialized != type(uint64).max) {
$._initialized = type(uint64).max;
emit Initialized(type(uint64).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint64) {
return _getInitializableStorage()._initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _getInitializableStorage()._initializing;
}
/**
* @dev Returns a pointer to the storage namespace.
*/
// solhint-disable-next-line var-name-mixedcase
function _getInitializableStorage() private pure returns (InitializableStorage storage $) {
assembly {
$.slot := INITIALIZABLE_STORAGE
}
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
import {Initializable} from "../proxy/utils/Initializable.sol";
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract ContextUpgradeable is Initializable {
function __Context_init() internal onlyInitializing {
}
function __Context_init_unchained() internal onlyInitializing {
}
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (interfaces/draft-IERC6093.sol)
pragma solidity ^0.8.20;
/**
* @dev Standard ERC-20 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-20 tokens.
*/
interface IERC20Errors {
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
*/
error ERC20InsufficientBalance(address sender, uint256 balance, uint256 needed);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC20InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC20InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `spender`’s `allowance`. Used in transfers.
* @param spender Address that may be allowed to operate on tokens without being their owner.
* @param allowance Amount of tokens a `spender` is allowed to operate with.
* @param needed Minimum amount required to perform a transfer.
*/
error ERC20InsufficientAllowance(address spender, uint256 allowance, uint256 needed);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC20InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `spender` to be approved. Used in approvals.
* @param spender Address that may be allowed to operate on tokens without being their owner.
*/
error ERC20InvalidSpender(address spender);
}
/**
* @dev Standard ERC-721 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-721 tokens.
*/
interface IERC721Errors {
/**
* @dev Indicates that an address can't be an owner. For example, `address(0)` is a forbidden owner in ERC-20.
* Used in balance queries.
* @param owner Address of the current owner of a token.
*/
error ERC721InvalidOwner(address owner);
/**
* @dev Indicates a `tokenId` whose `owner` is the zero address.
* @param tokenId Identifier number of a token.
*/
error ERC721NonexistentToken(uint256 tokenId);
/**
* @dev Indicates an error related to the ownership over a particular token. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param tokenId Identifier number of a token.
* @param owner Address of the current owner of a token.
*/
error ERC721IncorrectOwner(address sender, uint256 tokenId, address owner);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC721InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC721InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param tokenId Identifier number of a token.
*/
error ERC721InsufficientApproval(address operator, uint256 tokenId);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC721InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/
error ERC721InvalidOperator(address operator);
}
/**
* @dev Standard ERC-1155 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-1155 tokens.
*/
interface IERC1155Errors {
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
* @param tokenId Identifier number of a token.
*/
error ERC1155InsufficientBalance(address sender, uint256 balance, uint256 needed, uint256 tokenId);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC1155InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC1155InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param owner Address of the current owner of a token.
*/
error ERC1155MissingApprovalForAll(address operator, address owner);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC1155InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/
error ERC1155InvalidOperator(address operator);
/**
* @dev Indicates an array length mismatch between ids and values in a safeBatchTransferFrom operation.
* Used in batch transfers.
* @param idsLength Length of the array of token identifiers
* @param valuesLength Length of the array of token amounts
*/
error ERC1155InvalidArrayLength(uint256 idsLength, uint256 valuesLength);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (interfaces/IERC1363.sol)
pragma solidity ^0.8.20;
import {IERC20} from "./IERC20.sol";
import {IERC165} from "./IERC165.sol";
/**
* @title IERC1363
* @dev Interface of the ERC-1363 standard as defined in the https://eips.ethereum.org/EIPS/eip-1363[ERC-1363].
*
* Defines an extension interface for ERC-20 tokens that supports executing code on a recipient contract
* after `transfer` or `transferFrom`, or code on a spender contract after `approve`, in a single transaction.
*/
interface IERC1363 is IERC20, IERC165 {
/*
* Note: the ERC-165 identifier for this interface is 0xb0202a11.
* 0xb0202a11 ===
* bytes4(keccak256('transferAndCall(address,uint256)')) ^
* bytes4(keccak256('transferAndCall(address,uint256,bytes)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256,bytes)')) ^
* bytes4(keccak256('approveAndCall(address,uint256)')) ^
* bytes4(keccak256('approveAndCall(address,uint256,bytes)'))
*/
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @param data Additional data with no specified format, sent in call to `spender`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value, bytes calldata data) external returns (bool);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "../utils/introspection/IERC165.sol"; <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../token/ERC20/IERC20.sol"; <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC-20 standard.
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC-20 standard as defined in the ERC.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
import {IERC1363} from "../../../interfaces/IERC1363.sol";
import {Address} from "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC-20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
/**
* @dev An operation with an ERC-20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*
* NOTE: If the token implements ERC-7674, this function will not modify any temporary allowance. This function
* only sets the "standard" allowance. Any temporary allowance will remain active, in addition to the value being
* set here.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value));
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeCall(token.approve, (spender, 0)));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Performs an {ERC1363} transferAndCall, with a fallback to the simple {ERC20} transfer if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
safeTransfer(token, to, value);
} else if (!token.transferAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} transferFromAndCall, with a fallback to the simple {ERC20} transferFrom if the target
* has no code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferFromAndCallRelaxed(
IERC1363 token,
address from,
address to,
uint256 value,
bytes memory data
) internal {
if (to.code.length == 0) {
safeTransferFrom(token, from, to, value);
} else if (!token.transferFromAndCall(from, to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} approveAndCall, with a fallback to the simple {ERC20} approve if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* NOTE: When the recipient address (`to`) has no code (i.e. is an EOA), this function behaves as {forceApprove}.
* Opposedly, when the recipient address (`to`) has code, this function only attempts to call {ERC1363-approveAndCall}
* once without retrying, and relies on the returned value to be true.
*
* Reverts if the returned value is other than `true`.
*/
function approveAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
forceApprove(token, to, value);
} else if (!token.approveAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturnBool} that reverts if call fails to meet the requirements.
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
uint256 returnSize;
uint256 returnValue;
assembly ("memory-safe") {
let success := call(gas(), token, 0, add(data, 0x20), mload(data), 0, 0x20)
// bubble errors
if iszero(success) {
let ptr := mload(0x40)
returndatacopy(ptr, 0, returndatasize())
revert(ptr, returndatasize())
}
returnSize := returndatasize()
returnValue := mload(0)
}
if (returnSize == 0 ? address(token).code.length == 0 : returnValue != 1) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silently catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
bool success;
uint256 returnSize;
uint256 returnValue;
assembly ("memory-safe") {
success := call(gas(), token, 0, add(data, 0x20), mload(data), 0, 0x20)
returnSize := returndatasize()
returnValue := mload(0)
}
return success && (returnSize == 0 ? address(token).code.length > 0 : returnValue == 1);
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Address.sol)
pragma solidity ^0.8.20;
import {Errors} from "./Errors.sol";
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev There's no code at `target` (it is not a contract).
*/
error AddressEmptyCode(address target);
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
if (address(this).balance < amount) {
revert Errors.InsufficientBalance(address(this).balance, amount);
}
(bool success, ) = recipient.call{value: amount}("");
if (!success) {
revert Errors.FailedCall();
}
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason or custom error, it is bubbled
* up by this function (like regular Solidity function calls). However, if
* the call reverted with no returned reason, this function reverts with a
* {Errors.FailedCall} error.
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
if (address(this).balance < value) {
revert Errors.InsufficientBalance(address(this).balance, value);
}
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target
* was not a contract or bubbling up the revert reason (falling back to {Errors.FailedCall}) in case
* of an unsuccessful call.
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata
) internal view returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
// only check if target is a contract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
if (returndata.length == 0 && target.code.length == 0) {
revert AddressEmptyCode(target);
}
return returndata;
}
}
/**
* @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the
* revert reason or with a default {Errors.FailedCall} error.
*/
function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
return returndata;
}
}
/**
* @dev Reverts with returndata if present. Otherwise reverts with {Errors.FailedCall}.
*/
function _revert(bytes memory returndata) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
assembly ("memory-safe") {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert Errors.FailedCall();
}
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Errors.sol)
pragma solidity ^0.8.20;
/**
* @dev Collection of common custom errors used in multiple contracts
*
* IMPORTANT: Backwards compatibility is not guaranteed in future versions of the library.
* It is recommended to avoid relying on the error API for critical functionality.
*
* _Available since v5.1._
*/
library Errors {
/**
* @dev The ETH balance of the account is not enough to perform the operation.
*/
error InsufficientBalance(uint256 balance, uint256 needed);
/**
* @dev A call to an address target failed. The target may have reverted.
*/
error FailedCall();
/**
* @dev The deployment failed.
*/
error FailedDeployment();
/**
* @dev A necessary precompile is missing.
*/
error MissingPrecompile(address);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/introspection/IERC165.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC-165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[ERC].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/Math.sol)
pragma solidity ^0.8.20;
import {Panic} from "../Panic.sol";
import {SafeCast} from "./SafeCast.sol";
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
enum Rounding {
Floor, // Toward negative infinity
Ceil, // Toward positive infinity
Trunc, // Toward zero
Expand // Away from zero
}
/**
* @dev Returns the addition of two unsigned integers, with an success flag (no overflow).
*/
function tryAdd(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
uint256 c = a + b;
if (c < a) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with an success flag (no overflow).
*/
function trySub(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
if (b > a) return (false, 0);
return (true, a - b);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with an success flag (no overflow).
*/
function tryMul(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) return (true, 0);
uint256 c = a * b;
if (c / a != b) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the division of two unsigned integers, with a success flag (no division by zero).
*/
function tryDiv(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
if (b == 0) return (false, 0);
return (true, a / b);
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a success flag (no division by zero).
*/
function tryMod(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
if (b == 0) return (false, 0);
return (true, a % b);
}
}
/**
* @dev Branchless ternary evaluation for `a ? b : c`. Gas costs are constant.
*
* IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone.
* However, the compiler may optimize Solidity ternary operations (i.e. `a ? b : c`) to only compute
* one branch when needed, making this function more expensive.
*/
function ternary(bool condition, uint256 a, uint256 b) internal pure returns (uint256) {
unchecked {
// branchless ternary works because:
// b ^ (a ^ b) == a
// b ^ 0 == b
return b ^ ((a ^ b) * SafeCast.toUint(condition));
}
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return ternary(a > b, a, b);
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return ternary(a < b, a, b);
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds towards infinity instead
* of rounding towards zero.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
if (b == 0) {
// Guarantee the same behavior as in a regular Solidity division.
Panic.panic(Panic.DIVISION_BY_ZERO);
}
// The following calculation ensures accurate ceiling division without overflow.
// Since a is non-zero, (a - 1) / b will not overflow.
// The largest possible result occurs when (a - 1) / b is type(uint256).max,
// but the largest value we can obtain is type(uint256).max - 1, which happens
// when a = type(uint256).max and b = 1.
unchecked {
return SafeCast.toUint(a > 0) * ((a - 1) / b + 1);
}
}
/**
* @dev Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
* denominator == 0.
*
* Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
* Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2²⁵⁶ and mod 2²⁵⁶ - 1, then use
// the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2²⁵⁶ + prod0.
uint256 prod0 = x * y; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return prod0 / denominator;
}
// Make sure the result is less than 2²⁵⁶. Also prevents denominator == 0.
if (denominator <= prod1) {
Panic.panic(ternary(denominator == 0, Panic.DIVISION_BY_ZERO, Panic.UNDER_OVERFLOW));
}
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator.
// Always >= 1. See https://cs.stackexchange.com/q/138556/92363.
uint256 twos = denominator & (0 - denominator);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2²⁵⁶ / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2²⁵⁶. Now that denominator is an odd number, it has an inverse modulo 2²⁵⁶ such
// that denominator * inv ≡ 1 mod 2²⁵⁶. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv ≡ 1 mod 2⁴.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
// works in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2⁸
inverse *= 2 - denominator * inverse; // inverse mod 2¹⁶
inverse *= 2 - denominator * inverse; // inverse mod 2³²
inverse *= 2 - denominator * inverse; // inverse mod 2⁶⁴
inverse *= 2 - denominator * inverse; // inverse mod 2¹²⁸
inverse *= 2 - denominator * inverse; // inverse mod 2²⁵⁶
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2²⁵⁶. Since the preconditions guarantee that the outcome is
// less than 2²⁵⁶, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @dev Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
return mulDiv(x, y, denominator) + SafeCast.toUint(unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0);
}
/**
* @dev Calculate the modular multiplicative inverse of a number in Z/nZ.
*
* If n is a prime, then Z/nZ is a field. In that case all elements are inversible, except 0.
* If n is not a prime, then Z/nZ is not a field, and some elements might not be inversible.
*
* If the input value is not inversible, 0 is returned.
*
* NOTE: If you know for sure that n is (big) a prime, it may be cheaper to use Fermat's little theorem and get the
* inverse using `Math.modExp(a, n - 2, n)`. See {invModPrime}.
*/
function invMod(uint256 a, uint256 n) internal pure returns (uint256) {
unchecked {
if (n == 0) return 0;
// The inverse modulo is calculated using the Extended Euclidean Algorithm (iterative version)
// Used to compute integers x and y such that: ax + ny = gcd(a, n).
// When the gcd is 1, then the inverse of a modulo n exists and it's x.
// ax + ny = 1
// ax = 1 + (-y)n
// ax ≡ 1 (mod n) # x is the inverse of a modulo n
// If the remainder is 0 the gcd is n right away.
uint256 remainder = a % n;
uint256 gcd = n;
// Therefore the initial coefficients are:
// ax + ny = gcd(a, n) = n
// 0a + 1n = n
int256 x = 0;
int256 y = 1;
while (remainder != 0) {
uint256 quotient = gcd / remainder;
(gcd, remainder) = (
// The old remainder is the next gcd to try.
remainder,
// Compute the next remainder.
// Can't overflow given that (a % gcd) * (gcd // (a % gcd)) <= gcd
// where gcd is at most n (capped to type(uint256).max)
gcd - remainder * quotient
);
(x, y) = (
// Increment the coefficient of a.
y,
// Decrement the coefficient of n.
// Can overflow, but the result is casted to uint256 so that the
// next value of y is "wrapped around" to a value between 0 and n - 1.
x - y * int256(quotient)
);
}
if (gcd != 1) return 0; // No inverse exists.
return ternary(x < 0, n - uint256(-x), uint256(x)); // Wrap the result if it's negative.
}
}
/**
* @dev Variant of {invMod}. More efficient, but only works if `p` is known to be a prime greater than `2`.
*
* From https://en.wikipedia.org/wiki/Fermat%27s_little_theorem[Fermat's little theorem], we know that if p is
* prime, then `a**(p-1) ≡ 1 mod p`. As a consequence, we have `a * a**(p-2) ≡ 1 mod p`, which means that
* `a**(p-2)` is the modular multiplicative inverse of a in Fp.
*
* NOTE: this function does NOT check that `p` is a prime greater than `2`.
*/
function invModPrime(uint256 a, uint256 p) internal view returns (uint256) {
unchecked {
return Math.modExp(a, p - 2, p);
}
}
/**
* @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m)
*
* Requirements:
* - modulus can't be zero
* - underlying staticcall to precompile must succeed
*
* IMPORTANT: The result is only valid if the underlying call succeeds. When using this function, make
* sure the chain you're using it on supports the precompiled contract for modular exponentiation
* at address 0x05 as specified in https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise,
* the underlying function will succeed given the lack of a revert, but the result may be incorrectly
* interpreted as 0.
*/
function modExp(uint256 b, uint256 e, uint256 m) internal view returns (uint256) {
(bool success, uint256 result) = tryModExp(b, e, m);
if (!success) {
Panic.panic(Panic.DIVISION_BY_ZERO);
}
return result;
}
/**
* @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m).
* It includes a success flag indicating if the operation succeeded. Operation will be marked as failed if trying
* to operate modulo 0 or if the underlying precompile reverted.
*
* IMPORTANT: The result is only valid if the success flag is true. When using this function, make sure the chain
* you're using it on supports the precompiled contract for modular exponentiation at address 0x05 as specified in
* https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise, the underlying function will succeed given the lack
* of a revert, but the result may be incorrectly interpreted as 0.
*/
function tryModExp(uint256 b, uint256 e, uint256 m) internal view returns (bool success, uint256 result) {
if (m == 0) return (false, 0);
assembly ("memory-safe") {
let ptr := mload(0x40)
// | Offset | Content | Content (Hex) |
// |-----------|------------|--------------------------------------------------------------------|
// | 0x00:0x1f | size of b | 0x0000000000000000000000000000000000000000000000000000000000000020 |
// | 0x20:0x3f | size of e | 0x0000000000000000000000000000000000000000000000000000000000000020 |
// | 0x40:0x5f | size of m | 0x0000000000000000000000000000000000000000000000000000000000000020 |
// | 0x60:0x7f | value of b | 0x<.............................................................b> |
// | 0x80:0x9f | value of e | 0x<.............................................................e> |
// | 0xa0:0xbf | value of m | 0x<.............................................................m> |
mstore(ptr, 0x20)
mstore(add(ptr, 0x20), 0x20)
mstore(add(ptr, 0x40), 0x20)
mstore(add(ptr, 0x60), b)
mstore(add(ptr, 0x80), e)
mstore(add(ptr, 0xa0), m)
// Given the result < m, it's guaranteed to fit in 32 bytes,
// so we can use the memory scratch space located at offset 0.
success := staticcall(gas(), 0x05, ptr, 0xc0, 0x00, 0x20)
result := mload(0x00)
}
}
/**
* @dev Variant of {modExp} that supports inputs of arbitrary length.
*/
function modExp(bytes memory b, bytes memory e, bytes memory m) internal view returns (bytes memory) {
(bool success, bytes memory result) = tryModExp(b, e, m);
if (!success) {
Panic.panic(Panic.DIVISION_BY_ZERO);
}
return result;
}
/**
* @dev Variant of {tryModExp} that supports inputs of arbitrary length.
*/
function tryModExp(
bytes memory b,
bytes memory e,
bytes memory m
) internal view returns (bool success, bytes memory result) {
if (_zeroBytes(m)) return (false, new bytes(0));
uint256 mLen = m.length;
// Encode call args in result and move the free memory pointer
result = abi.encodePacked(b.length, e.length, mLen, b, e, m);
assembly ("memory-safe") {
let dataPtr := add(result, 0x20)
// Write result on top of args to avoid allocating extra memory.
success := staticcall(gas(), 0x05, dataPtr, mload(result), dataPtr, mLen)
// Overwrite the length.
// result.length > returndatasize() is guaranteed because returndatasize() == m.length
mstore(result, mLen)
// Set the memory pointer after the returned data.
mstore(0x40, add(dataPtr, mLen))
}
}
/**
* @dev Returns whether the provided byte array is zero.
*/
function _zeroBytes(bytes memory byteArray) private pure returns (bool) {
for (uint256 i = 0; i < byteArray.length; ++i) {
if (byteArray[i] != 0) {
return false;
}
}
return true;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded
* towards zero.
*
* This method is based on Newton's method for computing square roots; the algorithm is restricted to only
* using integer operations.
*/
function sqrt(uint256 a) internal pure returns (uint256) {
unchecked {
// Take care of easy edge cases when a == 0 or a == 1
if (a <= 1) {
return a;
}
// In this function, we use Newton's method to get a root of `f(x) := x² - a`. It involves building a
// sequence x_n that converges toward sqrt(a). For each iteration x_n, we also define the error between
// the current value as `ε_n = | x_n - sqrt(a) |`.
//
// For our first estimation, we consider `e` the smallest power of 2 which is bigger than the square root
// of the target. (i.e. `2**(e-1) ≤ sqrt(a) < 2**e`). We know that `e ≤ 128` because `(2¹²⁸)² = 2²⁵⁶` is
// bigger than any uint256.
//
// By noticing that
// `2**(e-1) ≤ sqrt(a) < 2**e → (2**(e-1))² ≤ a < (2**e)² → 2**(2*e-2) ≤ a < 2**(2*e)`
// we can deduce that `e - 1` is `log2(a) / 2`. We can thus compute `x_n = 2**(e-1)` using a method similar
// to the msb function.
uint256 aa = a;
uint256 xn = 1;
if (aa >= (1 << 128)) {
aa >>= 128;
xn <<= 64;
}
if (aa >= (1 << 64)) {
aa >>= 64;
xn <<= 32;
}
if (aa >= (1 << 32)) {
aa >>= 32;
xn <<= 16;
}
if (aa >= (1 << 16)) {
aa >>= 16;
xn <<= 8;
}
if (aa >= (1 << 8)) {
aa >>= 8;
xn <<= 4;
}
if (aa >= (1 << 4)) {
aa >>= 4;
xn <<= 2;
}
if (aa >= (1 << 2)) {
xn <<= 1;
}
// We now have x_n such that `x_n = 2**(e-1) ≤ sqrt(a) < 2**e = 2 * x_n`. This implies ε_n ≤ 2**(e-1).
//
// We can refine our estimation by noticing that the middle of that interval minimizes the error.
// If we move x_n to equal 2**(e-1) + 2**(e-2), then we reduce the error to ε_n ≤ 2**(e-2).
// This is going to be our x_0 (and ε_0)
xn = (3 * xn) >> 1; // ε_0 := | x_0 - sqrt(a) | ≤ 2**(e-2)
// From here, Newton's method give us:
// x_{n+1} = (x_n + a / x_n) / 2
//
// One should note that:
// x_{n+1}² - a = ((x_n + a / x_n) / 2)² - a
// = ((x_n² + a) / (2 * x_n))² - a
// = (x_n⁴ + 2 * a * x_n² + a²) / (4 * x_n²) - a
// = (x_n⁴ + 2 * a * x_n² + a² - 4 * a * x_n²) / (4 * x_n²)
// = (x_n⁴ - 2 * a * x_n² + a²) / (4 * x_n²)
// = (x_n² - a)² / (2 * x_n)²
// = ((x_n² - a) / (2 * x_n))²
// ≥ 0
// Which proves that for all n ≥ 1, sqrt(a) ≤ x_n
//
// This gives us the proof of quadratic convergence of the sequence:
// ε_{n+1} = | x_{n+1} - sqrt(a) |
// = | (x_n + a / x_n) / 2 - sqrt(a) |
// = | (x_n² + a - 2*x_n*sqrt(a)) / (2 * x_n) |
// = | (x_n - sqrt(a))² / (2 * x_n) |
// = | ε_n² / (2 * x_n) |
// = ε_n² / | (2 * x_n) |
//
// For the first iteration, we have a special case where x_0 is known:
// ε_1 = ε_0² / | (2 * x_0) |
// ≤ (2**(e-2))² / (2 * (2**(e-1) + 2**(e-2)))
// ≤ 2**(2*e-4) / (3 * 2**(e-1))
// ≤ 2**(e-3) / 3
// ≤ 2**(e-3-log2(3))
// ≤ 2**(e-4.5)
//
// For the following iterations, we use the fact that, 2**(e-1) ≤ sqrt(a) ≤ x_n:
// ε_{n+1} = ε_n² / | (2 * x_n) |
// ≤ (2**(e-k))² / (2 * 2**(e-1))
// ≤ 2**(2*e-2*k) / 2**e
// ≤ 2**(e-2*k)
xn = (xn + a / xn) >> 1; // ε_1 := | x_1 - sqrt(a) | ≤ 2**(e-4.5) -- special case, see above
xn = (xn + a / xn) >> 1; // ε_2 := | x_2 - sqrt(a) | ≤ 2**(e-9) -- general case with k = 4.5
xn = (xn + a / xn) >> 1; // ε_3 := | x_3 - sqrt(a) | ≤ 2**(e-18) -- general case with k = 9
xn = (xn + a / xn) >> 1; // ε_4 := | x_4 - sqrt(a) | ≤ 2**(e-36) -- general case with k = 18
xn = (xn + a / xn) >> 1; // ε_5 := | x_5 - sqrt(a) | ≤ 2**(e-72) -- general case with k = 36
xn = (xn + a / xn) >> 1; // ε_6 := | x_6 - sqrt(a) | ≤ 2**(e-144) -- general case with k = 72
// Because e ≤ 128 (as discussed during the first estimation phase), we know have reached a precision
// ε_6 ≤ 2**(e-144) < 1. Given we're operating on integers, then we can ensure that xn is now either
// sqrt(a) or sqrt(a) + 1.
return xn - SafeCast.toUint(xn > a / xn);
}
}
/**
* @dev Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && result * result < a);
}
}
/**
* @dev Return the log in base 2 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
uint256 exp;
unchecked {
exp = 128 * SafeCast.toUint(value > (1 << 128) - 1);
value >>= exp;
result += exp;
exp = 64 * SafeCast.toUint(value > (1 << 64) - 1);
value >>= exp;
result += exp;
exp = 32 * SafeCast.toUint(value > (1 << 32) - 1);
value >>= exp;
result += exp;
exp = 16 * SafeCast.toUint(value > (1 << 16) - 1);
value >>= exp;
result += exp;
exp = 8 * SafeCast.toUint(value > (1 << 8) - 1);
value >>= exp;
result += exp;
exp = 4 * SafeCast.toUint(value > (1 << 4) - 1);
value >>= exp;
result += exp;
exp = 2 * SafeCast.toUint(value > (1 << 2) - 1);
value >>= exp;
result += exp;
result += SafeCast.toUint(value > 1);
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << result < value);
}
}
/**
* @dev Return the log in base 10 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 10 ** result < value);
}
}
/**
* @dev Return the log in base 256 of a positive value rounded towards zero.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
uint256 isGt;
unchecked {
isGt = SafeCast.toUint(value > (1 << 128) - 1);
value >>= isGt * 128;
result += isGt * 16;
isGt = SafeCast.toUint(value > (1 << 64) - 1);
value >>= isGt * 64;
result += isGt * 8;
isGt = SafeCast.toUint(value > (1 << 32) - 1);
value >>= isGt * 32;
result += isGt * 4;
isGt = SafeCast.toUint(value > (1 << 16) - 1);
value >>= isGt * 16;
result += isGt * 2;
result += SafeCast.toUint(value > (1 << 8) - 1);
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << (result << 3) < value);
}
}
/**
* @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.
*/
function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) {
return uint8(rounding) % 2 == 1;
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/SafeCast.sol)
// This file was procedurally generated from scripts/generate/templates/SafeCast.js.
pragma solidity ^0.8.20;
/**
* @dev Wrappers over Solidity's uintXX/intXX/bool casting operators with added overflow
* checks.
*
* Downcasting from uint256/int256 in Solidity does not revert on overflow. This can
* easily result in undesired exploitation or bugs, since developers usually
* assume that overflows raise errors. `SafeCast` restores this intuition by
* reverting the transaction when such an operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeCast {
/**
* @dev Value doesn't fit in an uint of `bits` size.
*/
error SafeCastOverflowedUintDowncast(uint8 bits, uint256 value);
/**
* @dev An int value doesn't fit in an uint of `bits` size.
*/
error SafeCastOverflowedIntToUint(int256 value);
/**
* @dev Value doesn't fit in an int of `bits` size.
*/
error SafeCastOverflowedIntDowncast(uint8 bits, int256 value);
/**
* @dev An uint value doesn't fit in an int of `bits` size.
*/
error SafeCastOverflowedUintToInt(uint256 value);
/**
* @dev Returns the downcasted uint248 from uint256, reverting on
* overflow (when the input is greater than largest uint248).
*
* Counterpart to Solidity's `uint248` operator.
*
* Requirements:
*
* - input must fit into 248 bits
*/
function toUint248(uint256 value) internal pure returns (uint248) {
if (value > type(uint248).max) {
revert SafeCastOverflowedUintDowncast(248, value);
}
return uint248(value);
}
/**
* @dev Returns the downcasted uint240 from uint256, reverting on
* overflow (when the input is greater than largest uint240).
*
* Counterpart to Solidity's `uint240` operator.
*
* Requirements:
*
* - input must fit into 240 bits
*/
function toUint240(uint256 value) internal pure returns (uint240) {
if (value > type(uint240).max) {
revert SafeCastOverflowedUintDowncast(240, value);
}
return uint240(value);
}
/**
* @dev Returns the downcasted uint232 from uint256, reverting on
* overflow (when the input is greater than largest uint232).
*
* Counterpart to Solidity's `uint232` operator.
*
* Requirements:
*
* - input must fit into 232 bits
*/
function toUint232(uint256 value) internal pure returns (uint232) {
if (value > type(uint232).max) {
revert SafeCastOverflowedUintDowncast(232, value);
}
return uint232(value);
}
/**
* @dev Returns the downcasted uint224 from uint256, reverting on
* overflow (when the input is greater than largest uint224).
*
* Counterpart to Solidity's `uint224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*/
function toUint224(uint256 value) internal pure returns (uint224) {
if (value > type(uint224).max) {
revert SafeCastOverflowedUintDowncast(224, value);
}
return uint224(value);
}
/**
* @dev Returns the downcasted uint216 from uint256, reverting on
* overflow (when the input is greater than largest uint216).
*
* Counterpart to Solidity's `uint216` operator.
*
* Requirements:
*
* - input must fit into 216 bits
*/
function toUint216(uint256 value) internal pure returns (uint216) {
if (value > type(uint216).max) {
revert SafeCastOverflowedUintDowncast(216, value);
}
return uint216(value);
}
/**
* @dev Returns the downcasted uint208 from uint256, reverting on
* overflow (when the input is greater than largest uint208).
*
* Counterpart to Solidity's `uint208` operator.
*
* Requirements:
*
* - input must fit into 208 bits
*/
function toUint208(uint256 value) internal pure returns (uint208) {
if (value > type(uint208).max) {
revert SafeCastOverflowedUintDowncast(208, value);
}
return uint208(value);
}
/**
* @dev Returns the downcasted uint200 from uint256, reverting on
* overflow (when the input is greater than largest uint200).
*
* Counterpart to Solidity's `uint200` operator.
*
* Requirements:
*
* - input must fit into 200 bits
*/
function toUint200(uint256 value) internal pure returns (uint200) {
if (value > type(uint200).max) {
revert SafeCastOverflowedUintDowncast(200, value);
}
return uint200(value);
}
/**
* @dev Returns the downcasted uint192 from uint256, reverting on
* overflow (when the input is greater than largest uint192).
*
* Counterpart to Solidity's `uint192` operator.
*
* Requirements:
*
* - input must fit into 192 bits
*/
function toUint192(uint256 value) internal pure returns (uint192) {
if (value > type(uint192).max) {
revert SafeCastOverflowedUintDowncast(192, value);
}
return uint192(value);
}
/**
* @dev Returns the downcasted uint184 from uint256, reverting on
* overflow (when the input is greater than largest uint184).
*
* Counterpart to Solidity's `uint184` operator.
*
* Requirements:
*
* - input must fit into 184 bits
*/
function toUint184(uint256 value) internal pure returns (uint184) {
if (value > type(uint184).max) {
revert SafeCastOverflowedUintDowncast(184, value);
}
return uint184(value);
}
/**
* @dev Returns the downcasted uint176 from uint256, reverting on
* overflow (when the input is greater than largest uint176).
*
* Counterpart to Solidity's `uint176` operator.
*
* Requirements:
*
* - input must fit into 176 bits
*/
function toUint176(uint256 value) internal pure returns (uint176) {
if (value > type(uint176).max) {
revert SafeCastOverflowedUintDowncast(176, value);
}
return uint176(value);
}
/**
* @dev Returns the downcasted uint168 from uint256, reverting on
* overflow (when the input is greater than largest uint168).
*
* Counterpart to Solidity's `uint168` operator.
*
* Requirements:
*
* - input must fit into 168 bits
*/
function toUint168(uint256 value) internal pure returns (uint168) {
if (value > type(uint168).max) {
revert SafeCastOverflowedUintDowncast(168, value);
}
return uint168(value);
}
/**
* @dev Returns the downcasted uint160 from uint256, reverting on
* overflow (when the input is greater than largest uint160).
*
* Counterpart to Solidity's `uint160` operator.
*
* Requirements:
*
* - input must fit into 160 bits
*/
function toUint160(uint256 value) internal pure returns (uint160) {
if (value > type(uint160).max) {
revert SafeCastOverflowedUintDowncast(160, value);
}
return uint160(value);
}
/**
* @dev Returns the downcasted uint152 from uint256, reverting on
* overflow (when the input is greater than largest uint152).
*
* Counterpart to Solidity's `uint152` operator.
*
* Requirements:
*
* - input must fit into 152 bits
*/
function toUint152(uint256 value) internal pure returns (uint152) {
if (value > type(uint152).max) {
revert SafeCastOverflowedUintDowncast(152, value);
}
return uint152(value);
}
/**
* @dev Returns the downcasted uint144 from uint256, reverting on
* overflow (when the input is greater than largest uint144).
*
* Counterpart to Solidity's `uint144` operator.
*
* Requirements:
*
* - input must fit into 144 bits
*/
function toUint144(uint256 value) internal pure returns (uint144) {
if (value > type(uint144).max) {
revert SafeCastOverflowedUintDowncast(144, value);
}
return uint144(value);
}
/**
* @dev Returns the downcasted uint136 from uint256, reverting on
* overflow (when the input is greater than largest uint136).
*
* Counterpart to Solidity's `uint136` operator.
*
* Requirements:
*
* - input must fit into 136 bits
*/
function toUint136(uint256 value) internal pure returns (uint136) {
if (value > type(uint136).max) {
revert SafeCastOverflowedUintDowncast(136, value);
}
return uint136(value);
}
/**
* @dev Returns the downcasted uint128 from uint256, reverting on
* overflow (when the input is greater than largest uint128).
*
* Counterpart to Solidity's `uint128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*/
function toUint128(uint256 value) internal pure returns (uint128) {
if (value > type(uint128).max) {
revert SafeCastOverflowedUintDowncast(128, value);
}
return uint128(value);
}
/**
* @dev Returns the downcasted uint120 from uint256, reverting on
* overflow (when the input is greater than largest uint120).
*
* Counterpart to Solidity's `uint120` operator.
*
* Requirements:
*
* - input must fit into 120 bits
*/
function toUint120(uint256 value) internal pure returns (uint120) {
if (value > type(uint120).max) {
revert SafeCastOverflowedUintDowncast(120, value);
}
return uint120(value);
}
/**
* @dev Returns the downcasted uint112 from uint256, reverting on
* overflow (when the input is greater than largest uint112).
*
* Counterpart to Solidity's `uint112` operator.
*
* Requirements:
*
* - input must fit into 112 bits
*/
function toUint112(uint256 value) internal pure returns (uint112) {
if (value > type(uint112).max) {
revert SafeCastOverflowedUintDowncast(112, value);
}
return uint112(value);
}
/**
* @dev Returns the downcasted uint104 from uint256, reverting on
* overflow (when the input is greater than largest uint104).
*
* Counterpart to Solidity's `uint104` operator.
*
* Requirements:
*
* - input must fit into 104 bits
*/
function toUint104(uint256 value) internal pure returns (uint104) {
if (value > type(uint104).max) {
revert SafeCastOverflowedUintDowncast(104, value);
}
return uint104(value);
}
/**
* @dev Returns the downcasted uint96 from uint256, reverting on
* overflow (when the input is greater than largest uint96).
*
* Counterpart to Solidity's `uint96` operator.
*
* Requirements:
*
* - input must fit into 96 bits
*/
function toUint96(uint256 value) internal pure returns (uint96) {
if (value > type(uint96).max) {
revert SafeCastOverflowedUintDowncast(96, value);
}
return uint96(value);
}
/**
* @dev Returns the downcasted uint88 from uint256, reverting on
* overflow (when the input is greater than largest uint88).
*
* Counterpart to Solidity's `uint88` operator.
*
* Requirements:
*
* - input must fit into 88 bits
*/
function toUint88(uint256 value) internal pure returns (uint88) {
if (value > type(uint88).max) {
revert SafeCastOverflowedUintDowncast(88, value);
}
return uint88(value);
}
/**
* @dev Returns the downcasted uint80 from uint256, reverting on
* overflow (when the input is greater than largest uint80).
*
* Counterpart to Solidity's `uint80` operator.
*
* Requirements:
*
* - input must fit into 80 bits
*/
function toUint80(uint256 value) internal pure returns (uint80) {
if (value > type(uint80).max) {
revert SafeCastOverflowedUintDowncast(80, value);
}
return uint80(value);
}
/**
* @dev Returns the downcasted uint72 from uint256, reverting on
* overflow (when the input is greater than largest uint72).
*
* Counterpart to Solidity's `uint72` operator.
*
* Requirements:
*
* - input must fit into 72 bits
*/
function toUint72(uint256 value) internal pure returns (uint72) {
if (value > type(uint72).max) {
revert SafeCastOverflowedUintDowncast(72, value);
}
return uint72(value);
}
/**
* @dev Returns the downcasted uint64 from uint256, reverting on
* overflow (when the input is greater than largest uint64).
*
* Counterpart to Solidity's `uint64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*/
function toUint64(uint256 value) internal pure returns (uint64) {
if (value > type(uint64).max) {
revert SafeCastOverflowedUintDowncast(64, value);
}
return uint64(value);
}
/**
* @dev Returns the downcasted uint56 from uint256, reverting on
* overflow (when the input is greater than largest uint56).
*
* Counterpart to Solidity's `uint56` operator.
*
* Requirements:
*
* - input must fit into 56 bits
*/
function toUint56(uint256 value) internal pure returns (uint56) {
if (value > type(uint56).max) {
revert SafeCastOverflowedUintDowncast(56, value);
}
return uint56(value);
}
/**
* @dev Returns the downcasted uint48 from uint256, reverting on
* overflow (when the input is greater than largest uint48).
*
* Counterpart to Solidity's `uint48` operator.
*
* Requirements:
*
* - input must fit into 48 bits
*/
function toUint48(uint256 value) internal pure returns (uint48) {
if (value > type(uint48).max) {
revert SafeCastOverflowedUintDowncast(48, value);
}
return uint48(value);
}
/**
* @dev Returns the downcasted uint40 from uint256, reverting on
* overflow (when the input is greater than largest uint40).
*
* Counterpart to Solidity's `uint40` operator.
*
* Requirements:
*
* - input must fit into 40 bits
*/
function toUint40(uint256 value) internal pure returns (uint40) {
if (value > type(uint40).max) {
revert SafeCastOverflowedUintDowncast(40, value);
}
return uint40(value);
}
/**
* @dev Returns the downcasted uint32 from uint256, reverting on
* overflow (when the input is greater than largest uint32).
*
* Counterpart to Solidity's `uint32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*/
function toUint32(uint256 value) internal pure returns (uint32) {
if (value > type(uint32).max) {
revert SafeCastOverflowedUintDowncast(32, value);
}
return uint32(value);
}
/**
* @dev Returns the downcasted uint24 from uint256, reverting on
* overflow (when the input is greater than largest uint24).
*
* Counterpart to Solidity's `uint24` operator.
*
* Requirements:
*
* - input must fit into 24 bits
*/
function toUint24(uint256 value) internal pure returns (uint24) {
if (value > type(uint24).max) {
revert SafeCastOverflowedUintDowncast(24, value);
}
return uint24(value);
}
/**
* @dev Returns the downcasted uint16 from uint256, reverting on
* overflow (when the input is greater than largest uint16).
*
* Counterpart to Solidity's `uint16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*/
function toUint16(uint256 value) internal pure returns (uint16) {
if (value > type(uint16).max) {
revert SafeCastOverflowedUintDowncast(16, value);
}
return uint16(value);
}
/**
* @dev Returns the downcasted uint8 from uint256, reverting on
* overflow (when the input is greater than largest uint8).
*
* Counterpart to Solidity's `uint8` operator.
*
* Requirements:
*
* - input must fit into 8 bits
*/
function toUint8(uint256 value) internal pure returns (uint8) {
if (value > type(uint8).max) {
revert SafeCastOverflowedUintDowncast(8, value);
}
return uint8(value);
}
/**
* @dev Converts a signed int256 into an unsigned uint256.
*
* Requirements:
*
* - input must be greater than or equal to 0.
*/
function toUint256(int256 value) internal pure returns (uint256) {
if (value < 0) {
revert SafeCastOverflowedIntToUint(value);
}
return uint256(value);
}
/**
* @dev Returns the downcasted int248 from int256, reverting on
* overflow (when the input is less than smallest int248 or
* greater than largest int248).
*
* Counterpart to Solidity's `int248` operator.
*
* Requirements:
*
* - input must fit into 248 bits
*/
function toInt248(int256 value) internal pure returns (int248 downcasted) {
downcasted = int248(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(248, value);
}
}
/**
* @dev Returns the downcasted int240 from int256, reverting on
* overflow (when the input is less than smallest int240 or
* greater than largest int240).
*
* Counterpart to Solidity's `int240` operator.
*
* Requirements:
*
* - input must fit into 240 bits
*/
function toInt240(int256 value) internal pure returns (int240 downcasted) {
downcasted = int240(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(240, value);
}
}
/**
* @dev Returns the downcasted int232 from int256, reverting on
* overflow (when the input is less than smallest int232 or
* greater than largest int232).
*
* Counterpart to Solidity's `int232` operator.
*
* Requirements:
*
* - input must fit into 232 bits
*/
function toInt232(int256 value) internal pure returns (int232 downcasted) {
downcasted = int232(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(232, value);
}
}
/**
* @dev Returns the downcasted int224 from int256, reverting on
* overflow (when the input is less than smallest int224 or
* greater than largest int224).
*
* Counterpart to Solidity's `int224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*/
function toInt224(int256 value) internal pure returns (int224 downcasted) {
downcasted = int224(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(224, value);
}
}
/**
* @dev Returns the downcasted int216 from int256, reverting on
* overflow (when the input is less than smallest int216 or
* greater than largest int216).
*
* Counterpart to Solidity's `int216` operator.
*
* Requirements:
*
* - input must fit into 216 bits
*/
function toInt216(int256 value) internal pure returns (int216 downcasted) {
downcasted = int216(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(216, value);
}
}
/**
* @dev Returns the downcasted int208 from int256, reverting on
* overflow (when the input is less than smallest int208 or
* greater than largest int208).
*
* Counterpart to Solidity's `int208` operator.
*
* Requirements:
*
* - input must fit into 208 bits
*/
function toInt208(int256 value) internal pure returns (int208 downcasted) {
downcasted = int208(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(208, value);
}
}
/**
* @dev Returns the downcasted int200 from int256, reverting on
* overflow (when the input is less than smallest int200 or
* greater than largest int200).
*
* Counterpart to Solidity's `int200` operator.
*
* Requirements:
*
* - input must fit into 200 bits
*/
function toInt200(int256 value) internal pure returns (int200 downcasted) {
downcasted = int200(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(200, value);
}
}
/**
* @dev Returns the downcasted int192 from int256, reverting on
* overflow (when the input is less than smallest int192 or
* greater than largest int192).
*
* Counterpart to Solidity's `int192` operator.
*
* Requirements:
*
* - input must fit into 192 bits
*/
function toInt192(int256 value) internal pure returns (int192 downcasted) {
downcasted = int192(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(192, value);
}
}
/**
* @dev Returns the downcasted int184 from int256, reverting on
* overflow (when the input is less than smallest int184 or
* greater than largest int184).
*
* Counterpart to Solidity's `int184` operator.
*
* Requirements:
*
* - input must fit into 184 bits
*/
function toInt184(int256 value) internal pure returns (int184 downcasted) {
downcasted = int184(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(184, value);
}
}
/**
* @dev Returns the downcasted int176 from int256, reverting on
* overflow (when the input is less than smallest int176 or
* greater than largest int176).
*
* Counterpart to Solidity's `int176` operator.
*
* Requirements:
*
* - input must fit into 176 bits
*/
function toInt176(int256 value) internal pure returns (int176 downcasted) {
downcasted = int176(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(176, value);
}
}
/**
* @dev Returns the downcasted int168 from int256, reverting on
* overflow (when the input is less than smallest int168 or
* greater than largest int168).
*
* Counterpart to Solidity's `int168` operator.
*
* Requirements:
*
* - input must fit into 168 bits
*/
function toInt168(int256 value) internal pure returns (int168 downcasted) {
downcasted = int168(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(168, value);
}
}
/**
* @dev Returns the downcasted int160 from int256, reverting on
* overflow (when the input is less than smallest int160 or
* greater than largest int160).
*
* Counterpart to Solidity's `int160` operator.
*
* Requirements:
*
* - input must fit into 160 bits
*/
function toInt160(int256 value) internal pure returns (int160 downcasted) {
downcasted = int160(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(160, value);
}
}
/**
* @dev Returns the downcasted int152 from int256, reverting on
* overflow (when the input is less than smallest int152 or
* greater than largest int152).
*
* Counterpart to Solidity's `int152` operator.
*
* Requirements:
*
* - input must fit into 152 bits
*/
function toInt152(int256 value) internal pure returns (int152 downcasted) {
downcasted = int152(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(152, value);
}
}
/**
* @dev Returns the downcasted int144 from int256, reverting on
* overflow (when the input is less than smallest int144 or
* greater than largest int144).
*
* Counterpart to Solidity's `int144` operator.
*
* Requirements:
*
* - input must fit into 144 bits
*/
function toInt144(int256 value) internal pure returns (int144 downcasted) {
downcasted = int144(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(144, value);
}
}
/**
* @dev Returns the downcasted int136 from int256, reverting on
* overflow (when the input is less than smallest int136 or
* greater than largest int136).
*
* Counterpart to Solidity's `int136` operator.
*
* Requirements:
*
* - input must fit into 136 bits
*/
function toInt136(int256 value) internal pure returns (int136 downcasted) {
downcasted = int136(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(136, value);
}
}
/**
* @dev Returns the downcasted int128 from int256, reverting on
* overflow (when the input is less than smallest int128 or
* greater than largest int128).
*
* Counterpart to Solidity's `int128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*/
function toInt128(int256 value) internal pure returns (int128 downcasted) {
downcasted = int128(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(128, value);
}
}
/**
* @dev Returns the downcasted int120 from int256, reverting on
* overflow (when the input is less than smallest int120 or
* greater than largest int120).
*
* Counterpart to Solidity's `int120` operator.
*
* Requirements:
*
* - input must fit into 120 bits
*/
function toInt120(int256 value) internal pure returns (int120 downcasted) {
downcasted = int120(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(120, value);
}
}
/**
* @dev Returns the downcasted int112 from int256, reverting on
* overflow (when the input is less than smallest int112 or
* greater than largest int112).
*
* Counterpart to Solidity's `int112` operator.
*
* Requirements:
*
* - input must fit into 112 bits
*/
function toInt112(int256 value) internal pure returns (int112 downcasted) {
downcasted = int112(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(112, value);
}
}
/**
* @dev Returns the downcasted int104 from int256, reverting on
* overflow (when the input is less than smallest int104 or
* greater than largest int104).
*
* Counterpart to Solidity's `int104` operator.
*
* Requirements:
*
* - input must fit into 104 bits
*/
function toInt104(int256 value) internal pure returns (int104 downcasted) {
downcasted = int104(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(104, value);
}
}
/**
* @dev Returns the downcasted int96 from int256, reverting on
* overflow (when the input is less than smallest int96 or
* greater than largest int96).
*
* Counterpart to Solidity's `int96` operator.
*
* Requirements:
*
* - input must fit into 96 bits
*/
function toInt96(int256 value) internal pure returns (int96 downcasted) {
downcasted = int96(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(96, value);
}
}
/**
* @dev Returns the downcasted int88 from int256, reverting on
* overflow (when the input is less than smallest int88 or
* greater than largest int88).
*
* Counterpart to Solidity's `int88` operator.
*
* Requirements:
*
* - input must fit into 88 bits
*/
function toInt88(int256 value) internal pure returns (int88 downcasted) {
downcasted = int88(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(88, value);
}
}
/**
* @dev Returns the downcasted int80 from int256, reverting on
* overflow (when the input is less than smallest int80 or
* greater than largest int80).
*
* Counterpart to Solidity's `int80` operator.
*
* Requirements:
*
* - input must fit into 80 bits
*/
function toInt80(int256 value) internal pure returns (int80 downcasted) {
downcasted = int80(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(80, value);
}
}
/**
* @dev Returns the downcasted int72 from int256, reverting on
* overflow (when the input is less than smallest int72 or
* greater than largest int72).
*
* Counterpart to Solidity's `int72` operator.
*
* Requirements:
*
* - input must fit into 72 bits
*/
function toInt72(int256 value) internal pure returns (int72 downcasted) {
downcasted = int72(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(72, value);
}
}
/**
* @dev Returns the downcasted int64 from int256, reverting on
* overflow (when the input is less than smallest int64 or
* greater than largest int64).
*
* Counterpart to Solidity's `int64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*/
function toInt64(int256 value) internal pure returns (int64 downcasted) {
downcasted = int64(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(64, value);
}
}
/**
* @dev Returns the downcasted int56 from int256, reverting on
* overflow (when the input is less than smallest int56 or
* greater than largest int56).
*
* Counterpart to Solidity's `int56` operator.
*
* Requirements:
*
* - input must fit into 56 bits
*/
function toInt56(int256 value) internal pure returns (int56 downcasted) {
downcasted = int56(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(56, value);
}
}
/**
* @dev Returns the downcasted int48 from int256, reverting on
* overflow (when the input is less than smallest int48 or
* greater than largest int48).
*
* Counterpart to Solidity's `int48` operator.
*
* Requirements:
*
* - input must fit into 48 bits
*/
function toInt48(int256 value) internal pure returns (int48 downcasted) {
downcasted = int48(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(48, value);
}
}
/**
* @dev Returns the downcasted int40 from int256, reverting on
* overflow (when the input is less than smallest int40 or
* greater than largest int40).
*
* Counterpart to Solidity's `int40` operator.
*
* Requirements:
*
* - input must fit into 40 bits
*/
function toInt40(int256 value) internal pure returns (int40 downcasted) {
downcasted = int40(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(40, value);
}
}
/**
* @dev Returns the downcasted int32 from int256, reverting on
* overflow (when the input is less than smallest int32 or
* greater than largest int32).
*
* Counterpart to Solidity's `int32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*/
function toInt32(int256 value) internal pure returns (int32 downcasted) {
downcasted = int32(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(32, value);
}
}
/**
* @dev Returns the downcasted int24 from int256, reverting on
* overflow (when the input is less than smallest int24 or
* greater than largest int24).
*
* Counterpart to Solidity's `int24` operator.
*
* Requirements:
*
* - input must fit into 24 bits
*/
function toInt24(int256 value) internal pure returns (int24 downcasted) {
downcasted = int24(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(24, value);
}
}
/**
* @dev Returns the downcasted int16 from int256, reverting on
* overflow (when the input is less than smallest int16 or
* greater than largest int16).
*
* Counterpart to Solidity's `int16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*/
function toInt16(int256 value) internal pure returns (int16 downcasted) {
downcasted = int16(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(16, value);
}
}
/**
* @dev Returns the downcasted int8 from int256, reverting on
* overflow (when the input is less than smallest int8 or
* greater than largest int8).
*
* Counterpart to Solidity's `int8` operator.
*
* Requirements:
*
* - input must fit into 8 bits
*/
function toInt8(int256 value) internal pure returns (int8 downcasted) {
downcasted = int8(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(8, value);
}
}
/**
* @dev Converts an unsigned uint256 into a signed int256.
*
* Requirements:
*
* - input must be less than or equal to maxInt256.
*/
function toInt256(uint256 value) internal pure returns (int256) {
// Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive
if (value > uint256(type(int256).max)) {
revert SafeCastOverflowedUintToInt(value);
}
return int256(value);
}
/**
* @dev Cast a boolean (false or true) to a uint256 (0 or 1) with no jump.
*/
function toUint(bool b) internal pure returns (uint256 u) {
assembly ("memory-safe") {
u := iszero(iszero(b))
}
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/SignedMath.sol)
pragma solidity ^0.8.20;
import {SafeCast} from "./SafeCast.sol";
/**
* @dev Standard signed math utilities missing in the Solidity language.
*/
library SignedMath {
/**
* @dev Branchless ternary evaluation for `a ? b : c`. Gas costs are constant.
*
* IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone.
* However, the compiler may optimize Solidity ternary operations (i.e. `a ? b : c`) to only compute
* one branch when needed, making this function more expensive.
*/
function ternary(bool condition, int256 a, int256 b) internal pure returns (int256) {
unchecked {
// branchless ternary works because:
// b ^ (a ^ b) == a
// b ^ 0 == b
return b ^ ((a ^ b) * int256(SafeCast.toUint(condition)));
}
}
/**
* @dev Returns the largest of two signed numbers.
*/
function max(int256 a, int256 b) internal pure returns (int256) {
return ternary(a > b, a, b);
}
/**
* @dev Returns the smallest of two signed numbers.
*/
function min(int256 a, int256 b) internal pure returns (int256) {
return ternary(a < b, a, b);
}
/**
* @dev Returns the average of two signed numbers without overflow.
* The result is rounded towards zero.
*/
function average(int256 a, int256 b) internal pure returns (int256) {
// Formula from the book "Hacker's Delight"
int256 x = (a & b) + ((a ^ b) >> 1);
return x + (int256(uint256(x) >> 255) & (a ^ b));
}
/**
* @dev Returns the absolute unsigned value of a signed value.
*/
function abs(int256 n) internal pure returns (uint256) {
unchecked {
// Formula from the "Bit Twiddling Hacks" by Sean Eron Anderson.
// Since `n` is a signed integer, the generated bytecode will use the SAR opcode to perform the right shift,
// taking advantage of the most significant (or "sign" bit) in two's complement representation.
// This opcode adds new most significant bits set to the value of the previous most significant bit. As a result,
// the mask will either be `bytes32(0)` (if n is positive) or `~bytes32(0)` (if n is negative).
int256 mask = n >> 255;
// A `bytes32(0)` mask leaves the input unchanged, while a `~bytes32(0)` mask complements it.
return uint256((n + mask) ^ mask);
}
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Panic.sol)
pragma solidity ^0.8.20;
/**
* @dev Helper library for emitting standardized panic codes.
*
* ```solidity
* contract Example {
* using Panic for uint256;
*
* // Use any of the declared internal constants
* function foo() { Panic.GENERIC.panic(); }
*
* // Alternatively
* function foo() { Panic.panic(Panic.GENERIC); }
* }
* ```
*
* Follows the list from https://github.com/ethereum/solidity/blob/v0.8.24/libsolutil/ErrorCodes.h[libsolutil].
*
* _Available since v5.1._
*/
// slither-disable-next-line unused-state
library Panic {
/// @dev generic / unspecified error
uint256 internal constant GENERIC = 0x00;
/// @dev used by the assert() builtin
uint256 internal constant ASSERT = 0x01;
/// @dev arithmetic underflow or overflow
uint256 internal constant UNDER_OVERFLOW = 0x11;
/// @dev division or modulo by zero
uint256 internal constant DIVISION_BY_ZERO = 0x12;
/// @dev enum conversion error
uint256 internal constant ENUM_CONVERSION_ERROR = 0x21;
/// @dev invalid encoding in storage
uint256 internal constant STORAGE_ENCODING_ERROR = 0x22;
/// @dev empty array pop
uint256 internal constant EMPTY_ARRAY_POP = 0x31;
/// @dev array out of bounds access
uint256 internal constant ARRAY_OUT_OF_BOUNDS = 0x32;
/// @dev resource error (too large allocation or too large array)
uint256 internal constant RESOURCE_ERROR = 0x41;
/// @dev calling invalid internal function
uint256 internal constant INVALID_INTERNAL_FUNCTION = 0x51;
/// @dev Reverts with a panic code. Recommended to use with
/// the internal constants with predefined codes.
function panic(uint256 code) internal pure {
assembly ("memory-safe") {
mstore(0x00, 0x4e487b71)
mstore(0x20, code)
revert(0x1c, 0x24)
}
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Strings.sol)
pragma solidity ^0.8.20;
import {Math} from "./math/Math.sol";
import {SignedMath} from "./math/SignedMath.sol";
/**
* @dev String operations.
*/
library Strings {
bytes16 private constant HEX_DIGITS = "0123456789abcdef";
uint8 private constant ADDRESS_LENGTH = 20;
/**
* @dev The `value` string doesn't fit in the specified `length`.
*/
error StringsInsufficientHexLength(uint256 value, uint256 length);
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/
function toString(uint256 value) internal pure returns (string memory) {
unchecked {
uint256 length = Math.log10(value) + 1;
string memory buffer = new string(length);
uint256 ptr;
assembly ("memory-safe") {
ptr := add(buffer, add(32, length))
}
while (true) {
ptr--;
assembly ("memory-safe") {
mstore8(ptr, byte(mod(value, 10), HEX_DIGITS))
}
value /= 10;
if (value == 0) break;
}
return buffer;
}
}
/**
* @dev Converts a `int256` to its ASCII `string` decimal representation.
*/
function toStringSigned(int256 value) internal pure returns (string memory) {
return string.concat(value < 0 ? "-" : "", toString(SignedMath.abs(value)));
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/
function toHexString(uint256 value) internal pure returns (string memory) {
unchecked {
return toHexString(value, Math.log256(value) + 1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
uint256 localValue = value;
bytes memory buffer = new bytes(2 * length + 2);
buffer[0] = "0";
buffer[1] = "x";
for (uint256 i = 2 * length + 1; i > 1; --i) {
buffer[i] = HEX_DIGITS[localValue & 0xf];
localValue >>= 4;
}
if (localValue != 0) {
revert StringsInsufficientHexLength(value, length);
}
return string(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal
* representation.
*/
function toHexString(address addr) internal pure returns (string memory) {
return toHexString(uint256(uint160(addr)), ADDRESS_LENGTH);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its checksummed ASCII `string` hexadecimal
* representation, according to EIP-55.
*/
function toChecksumHexString(address addr) internal pure returns (string memory) {
bytes memory buffer = bytes(toHexString(addr));
// hash the hex part of buffer (skip length + 2 bytes, length 40)
uint256 hashValue;
assembly ("memory-safe") {
hashValue := shr(96, keccak256(add(buffer, 0x22), 40))
}
for (uint256 i = 41; i > 1; --i) {
// possible values for buffer[i] are 48 (0) to 57 (9) and 97 (a) to 102 (f)
if (hashValue & 0xf > 7 && uint8(buffer[i]) > 96) {
// case shift by xoring with 0x20
buffer[i] ^= 0x20;
}
hashValue >>= 4;
}
return string(buffer);
}
/**
* @dev Returns true if the two strings are equal.
*/
function equal(string memory a, string memory b) internal pure returns (bool) {
return bytes(a).length == bytes(b).length && keccak256(bytes(a)) == keccak256(bytes(b));
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// NOTE: This contract is modified version of ERC20Upgradeable from OpenZeppelin Contracts (v5.1.0)
// Changes: added constructor to support non-proxy initialization
//
pragma solidity ^0.8.20;
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {IERC20Metadata} from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import {ContextUpgradeable} from "@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol";
import {IERC20Errors} from "@openzeppelin/contracts/interfaces/draft-IERC6093.sol";
import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* The default value of {decimals} is 18. To change this, you should override
* this function so it returns a different value.
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC-20
* applications.
*/
abstract contract ERC20Upgradeable is
Initializable,
ContextUpgradeable,
IERC20,
IERC20Metadata,
IERC20Errors
{
/// @custom:storage-location erc7201:openzeppelin.storage.ERC20
struct ERC20Storage {
mapping(address account => uint256) _balances;
mapping(address account => mapping(address spender => uint256)) _allowances;
uint256 _totalSupply;
string _name;
string _symbol;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.ERC20")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant ERC20StorageLocation =
0x52c63247e1f47db19d5ce0460030c497f067ca4cebf71ba98eeadabe20bace00;
function _getERC20Storage() private pure returns (ERC20Storage storage $) {
assembly {
$.slot := ERC20StorageLocation
}
}
/**
* @dev Sets the values for {name} and {symbol}.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
function __ERC20_init(
string memory name_,
string memory symbol_
) internal onlyInitializing {
__ERC20_init_unchained(name_, symbol_);
}
function __ERC20_init_unchained(
string memory name_,
string memory symbol_
) internal onlyInitializing {
ERC20Storage storage $ = _getERC20Storage();
$._name = name_;
$._symbol = symbol_;
}
/// @custom:oz-upgrades-unsafe-allow constructor
constructor(string memory name_, string memory symbol_) {
ERC20Storage storage $ = _getERC20Storage();
$._name = name_;
$._symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual returns (string memory) {
ERC20Storage storage $ = _getERC20Storage();
return $._name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual returns (string memory) {
ERC20Storage storage $ = _getERC20Storage();
return $._symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the default value returned by this function, unless
* it's overridden.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual returns (uint256) {
ERC20Storage storage $ = _getERC20Storage();
return $._totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual returns (uint256) {
ERC20Storage storage $ = _getERC20Storage();
return $._balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `value`.
*/
function transfer(address to, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_transfer(owner, to, value);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(
address owner,
address spender
) public view virtual returns (uint256) {
ERC20Storage storage $ = _getERC20Storage();
return $._allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `value` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(
address spender,
uint256 value
) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, value);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Skips emitting an {Approval} event indicating an allowance update. This is not
* required by the ERC. See {xref-ERC20-_approve-address-address-uint256-bool-}[_approve].
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `value`.
* - the caller must have allowance for ``from``'s tokens of at least
* `value`.
*/
function transferFrom(
address from,
address to,
uint256 value
) public virtual returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, value);
_transfer(from, to, value);
return true;
}
/**
* @dev Moves a `value` amount of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _transfer(address from, address to, uint256 value) internal {
if (from == address(0)) {
revert ERC20InvalidSender(address(0));
}
if (to == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(from, to, value);
}
/**
* @dev Transfers a `value` amount of tokens from `from` to `to`, or alternatively mints (or burns) if `from`
* (or `to`) is the zero address. All customizations to transfers, mints, and burns should be done by overriding
* this function.
*
* Emits a {Transfer} event.
*/
function _update(address from, address to, uint256 value) internal virtual {
ERC20Storage storage $ = _getERC20Storage();
if (from == address(0)) {
// Overflow check required: The rest of the code assumes that totalSupply never overflows
$._totalSupply += value;
} else {
uint256 fromBalance = $._balances[from];
if (fromBalance < value) {
revert ERC20InsufficientBalance(from, fromBalance, value);
}
unchecked {
// Overflow not possible: value <= fromBalance <= totalSupply.
$._balances[from] = fromBalance - value;
}
}
if (to == address(0)) {
unchecked {
// Overflow not possible: value <= totalSupply or value <= fromBalance <= totalSupply.
$._totalSupply -= value;
}
} else {
unchecked {
// Overflow not possible: balance + value is at most totalSupply, which we know fits into a uint256.
$._balances[to] += value;
}
}
emit Transfer(from, to, value);
}
/**
* @dev Creates a `value` amount of tokens and assigns them to `account`, by transferring it from address(0).
* Relies on the `_update` mechanism
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _mint(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(address(0), account, value);
}
/**
* @dev Destroys a `value` amount of tokens from `account`, lowering the total supply.
* Relies on the `_update` mechanism.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead
*/
function _burn(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidSender(address(0));
}
_update(account, address(0), value);
}
/**
* @dev Sets `value` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*
* Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
*/
function _approve(address owner, address spender, uint256 value) internal {
_approve(owner, spender, value, true);
}
/**
* @dev Variant of {_approve} with an optional flag to enable or disable the {Approval} event.
*
* By default (when calling {_approve}) the flag is set to true. On the other hand, approval changes made by
* `_spendAllowance` during the `transferFrom` operation set the flag to false. This saves gas by not emitting any
* `Approval` event during `transferFrom` operations.
*
* Anyone who wishes to continue emitting `Approval` events on the`transferFrom` operation can force the flag to
* true using the following override:
*
* ```solidity
* function _approve(address owner, address spender, uint256 value, bool) internal virtual override {
* super._approve(owner, spender, value, true);
* }
* ```
*
* Requirements are the same as {_approve}.
*/
function _approve(
address owner,
address spender,
uint256 value,
bool emitEvent
) internal virtual {
ERC20Storage storage $ = _getERC20Storage();
if (owner == address(0)) {
revert ERC20InvalidApprover(address(0));
}
if (spender == address(0)) {
revert ERC20InvalidSpender(address(0));
}
$._allowances[owner][spender] = value;
if (emitEvent) {
emit Approval(owner, spender, value);
}
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `value`.
*
* Does not update the allowance value in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Does not emit an {Approval} event.
*/
function _spendAllowance(
address owner,
address spender,
uint256 value
) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
if (currentAllowance < value) {
revert ERC20InsufficientAllowance(
spender,
currentAllowance,
value
);
}
unchecked {
_approve(owner, spender, currentAllowance - value, false);
}
}
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// NOTE: This contract is modified version of ERC4626Upgradable from OpenZeppelin Contracts (v5.1.0)
// Changes: deposit, withdraw and redeem methods are payable ; added constructor to support non-proxy initialization
pragma solidity ^0.8.20;
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {IERC20Metadata} from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {ERC20Upgradeable} from "./ERC20Upgradeable.sol";
import {IERC4626} from "../interfaces/IERC4626.sol";
import {Math} from "@openzeppelin/contracts/utils/math/Math.sol";
import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
/**
* @dev Implementation of the ERC-4626 "Tokenized Vault Standard" as defined in
* https://eips.ethereum.org/EIPS/eip-4626[ERC-4626].
*
* This extension allows the minting and burning of "shares" (represented using the ERC-20 inheritance) in exchange for
* underlying "assets" through standardized {deposit}, {mint}, {redeem} and {burn} workflows. This contract extends
* the ERC-20 standard. Any additional extensions included along it would affect the "shares" token represented by this
* contract and not the "assets" token which is an independent contract.
*
* [CAUTION]
* ====
* In empty (or nearly empty) ERC-4626 vaults, deposits are at high risk of being stolen through frontrunning
* with a "donation" to the vault that inflates the price of a share. This is variously known as a donation or inflation
* attack and is essentially a problem of slippage. Vault deployers can protect against this attack by making an initial
* deposit of a non-trivial amount of the asset, such that price manipulation becomes infeasible. Withdrawals may
* similarly be affected by slippage. Users can protect against this attack as well as unexpected slippage in general by
* verifying the amount received is as expected, using a wrapper that performs these checks such as
* https://github.com/fei-protocol/ERC4626#erc4626router-and-base[ERC4626Router].
*
* Since v4.9, this implementation introduces configurable virtual assets and shares to help developers mitigate that risk.
* The `_decimalsOffset()` corresponds to an offset in the decimal representation between the underlying asset's decimals
* and the vault decimals. This offset also determines the rate of virtual shares to virtual assets in the vault, which
* itself determines the initial exchange rate. While not fully preventing the attack, analysis shows that the default
* offset (0) makes it non-profitable even if an attacker is able to capture value from multiple user deposits, as a result
* of the value being captured by the virtual shares (out of the attacker's donation) matching the attacker's expected gains.
* With a larger offset, the attack becomes orders of magnitude more expensive than it is profitable. More details about the
* underlying math can be found xref:erc4626.adoc#inflation-attack[here].
*
* The drawback of this approach is that the virtual shares do capture (a very small) part of the value being accrued
* to the vault. Also, if the vault experiences losses, the users try to exit the vault, the virtual shares and assets
* will cause the first user to exit to experience reduced losses in detriment to the last users that will experience
* bigger losses. Developers willing to revert back to the pre-v4.9 behavior just need to override the
* `_convertToShares` and `_convertToAssets` functions.
*
* To learn more, check out our xref:ROOT:erc4626.adoc[ERC-4626 guide].
* ====
*/
abstract contract ERC4626Upgradable is
Initializable,
ERC20Upgradeable,
IERC4626
{
using Math for uint256;
/// @custom:storage-location erc7201:openzeppelin.storage.ERC4626
struct ERC4626Storage {
IERC20 _asset;
uint8 _underlyingDecimals;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.ERC4626")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant ERC4626StorageLocation =
0x0773e532dfede91f04b12a73d3d2acd361424f41f76b4fb79f090161e36b4e00;
function _getERC4626Storage()
private
pure
returns (ERC4626Storage storage $)
{
assembly {
$.slot := ERC4626StorageLocation
}
}
/**
* @dev Attempted to deposit more assets than the max amount for `receiver`.
*/
error ERC4626ExceededMaxDeposit(
address receiver,
uint256 assets,
uint256 max
);
/**
* @dev Attempted to mint more shares than the max amount for `receiver`.
*/
error ERC4626ExceededMaxMint(address receiver, uint256 shares, uint256 max);
/**
* @dev Attempted to withdraw more assets than the max amount for `receiver`.
*/
error ERC4626ExceededMaxWithdraw(
address owner,
uint256 assets,
uint256 max
);
/**
* @dev Attempted to redeem more shares than the max amount for `receiver`.
*/
error ERC4626ExceededMaxRedeem(address owner, uint256 shares, uint256 max);
/**
* @dev Set the underlying asset contract. This must be an ERC20-compatible contract (ERC-20 or ERC-777).
*/
function __ERC4626_init(IERC20 asset_) internal onlyInitializing {
__ERC4626_init_unchained(asset_);
}
function __ERC4626_init_unchained(IERC20 asset_) internal onlyInitializing {
ERC4626Storage storage $ = _getERC4626Storage();
(bool success, uint8 assetDecimals) = _tryGetAssetDecimals(asset_);
$._underlyingDecimals = success ? assetDecimals : 18;
$._asset = asset_;
}
/// @custom:oz-upgrades-unsafe-allow constructor
constructor(IERC20 asset_) {
ERC4626Storage storage $ = _getERC4626Storage();
(bool success, uint8 assetDecimals) = _tryGetAssetDecimals(asset_);
$._underlyingDecimals = success ? assetDecimals : 18;
$._asset = asset_;
}
/**
* @dev Attempts to fetch the asset decimals. A return value of false indicates that the attempt failed in some way.
*/
function _tryGetAssetDecimals(
IERC20 asset_
) private view returns (bool ok, uint8 assetDecimals) {
(bool success, bytes memory encodedDecimals) = address(asset_)
.staticcall(abi.encodeCall(IERC20Metadata.decimals, ()));
if (success && encodedDecimals.length >= 32) {
uint256 returnedDecimals = abi.decode(encodedDecimals, (uint256));
if (returnedDecimals <= type(uint8).max) {
return (true, uint8(returnedDecimals));
}
}
return (false, 0);
}
/**
* @dev Decimals are computed by adding the decimal offset on top of the underlying asset's decimals. This
* "original" value is cached during construction of the vault contract. If this read operation fails (e.g., the
* asset has not been created yet), a default of 18 is used to represent the underlying asset's decimals.
*
* See {IERC20Metadata-decimals}.
*/
function decimals()
public
view
virtual
override(IERC20Metadata, ERC20Upgradeable)
returns (uint8)
{
ERC4626Storage storage $ = _getERC4626Storage();
return $._underlyingDecimals + _decimalsOffset();
}
/** @dev See {IERC4626-asset}. */
function asset() public view virtual returns (address) {
ERC4626Storage storage $ = _getERC4626Storage();
return address($._asset);
}
/** @dev See {IERC4626-totalAssets}. */
function totalAssets() public view virtual returns (uint256) {
ERC4626Storage storage $ = _getERC4626Storage();
return $._asset.balanceOf(address(this));
}
/** @dev See {IERC4626-convertToShares}. */
function convertToShares(
uint256 assets
) public view virtual returns (uint256) {
return _convertToShares(assets, Math.Rounding.Floor);
}
/** @dev See {IERC4626-convertToAssets}. */
function convertToAssets(
uint256 shares
) public view virtual returns (uint256) {
return _convertToAssets(shares, Math.Rounding.Floor);
}
/** @dev See {IERC4626-maxDeposit}. */
function maxDeposit(address) public view virtual returns (uint256) {
return type(uint256).max;
}
/** @dev See {IERC4626-maxMint}. */
function maxMint(address) public view virtual returns (uint256) {
return type(uint256).max;
}
/** @dev See {IERC4626-maxWithdraw}. */
function maxWithdraw(address owner) public view virtual returns (uint256) {
return _convertToAssets(balanceOf(owner), Math.Rounding.Floor);
}
/** @dev See {IERC4626-maxRedeem}. */
function maxRedeem(address owner) public view virtual returns (uint256) {
return balanceOf(owner);
}
/** @dev See {IERC4626-previewDeposit}. */
function previewDeposit(
uint256 assets
) public view virtual returns (uint256) {
return _convertToShares(assets, Math.Rounding.Floor);
}
/** @dev See {IERC4626-previewMint}. */
function previewMint(uint256 shares) public view virtual returns (uint256) {
return _convertToAssets(shares, Math.Rounding.Ceil);
}
/** @dev See {IERC4626-previewWithdraw}. */
function previewWithdraw(
uint256 assets
) public view virtual returns (uint256) {
return _convertToShares(assets, Math.Rounding.Ceil);
}
/** @dev See {IERC4626-previewRedeem}. */
function previewRedeem(
uint256 shares
) public view virtual returns (uint256) {
return _convertToAssets(shares, Math.Rounding.Floor);
}
/** @dev See {IERC4626-deposit}. */
function deposit(
uint256 assets,
address receiver
) public payable virtual returns (uint256) {
uint256 maxAssets = maxDeposit(receiver);
if (assets > maxAssets) {
revert ERC4626ExceededMaxDeposit(receiver, assets, maxAssets);
}
uint256 shares = previewDeposit(assets);
_deposit(_msgSender(), receiver, assets, shares);
return shares;
}
/** @dev See {IERC4626-mint}. */
function mint(
uint256 shares,
address receiver
) public virtual returns (uint256) {
uint256 maxShares = maxMint(receiver);
if (shares > maxShares) {
revert ERC4626ExceededMaxMint(receiver, shares, maxShares);
}
uint256 assets = previewMint(shares);
_deposit(_msgSender(), receiver, assets, shares);
return assets;
}
/** @dev See {IERC4626-withdraw}. */
function withdraw(
uint256 assets,
address receiver,
address owner
) public payable virtual returns (uint256) {
uint256 maxAssets = maxWithdraw(owner);
if (assets > maxAssets) {
revert ERC4626ExceededMaxWithdraw(owner, assets, maxAssets);
}
uint256 shares = previewWithdraw(assets);
_withdraw(_msgSender(), receiver, owner, assets, shares);
return shares;
}
/** @dev See {IERC4626-redeem}. */
function redeem(
uint256 shares,
address receiver,
address owner
) public payable virtual returns (uint256) {
uint256 maxShares = maxRedeem(owner);
if (shares > maxShares) {
revert ERC4626ExceededMaxRedeem(owner, shares, maxShares);
}
uint256 assets = previewRedeem(shares);
_withdraw(_msgSender(), receiver, owner, assets, shares);
return assets;
}
/**
* @dev Internal conversion function (from assets to shares) with support for rounding direction.
*/
function _convertToShares(
uint256 assets,
Math.Rounding rounding
) internal view virtual returns (uint256) {
return
assets.mulDiv(
totalSupply() + 10 ** _decimalsOffset(),
totalAssets() + 1,
rounding
);
}
/**
* @dev Internal conversion function (from shares to assets) with support for rounding direction.
*/
function _convertToAssets(
uint256 shares,
Math.Rounding rounding
) internal view virtual returns (uint256) {
return
shares.mulDiv(
totalAssets() + 1,
totalSupply() + 10 ** _decimalsOffset(),
rounding
);
}
/**
* @dev Deposit/mint common workflow.
*/
function _deposit(
address caller,
address receiver,
uint256 assets,
uint256 shares
) internal virtual {
ERC4626Storage storage $ = _getERC4626Storage();
// If _asset is ERC-777, `transferFrom` can trigger a reentrancy BEFORE the transfer happens through the
// `tokensToSend` hook. On the other hand, the `tokenReceived` hook, that is triggered after the transfer,
// calls the vault, which is assumed not malicious.
//
// Conclusion: we need to do the transfer before we mint so that any reentrancy would happen before the
// assets are transferred and before the shares are minted, which is a valid state.
// slither-disable-next-line reentrancy-no-eth
SafeERC20.safeTransferFrom($._asset, caller, address(this), assets);
_mint(receiver, shares);
emit Deposit(caller, receiver, assets, shares);
}
/**
* @dev Withdraw/redeem common workflow.
*/
function _withdraw(
address caller,
address receiver,
address owner,
uint256 assets,
uint256 shares
) internal virtual {
ERC4626Storage storage $ = _getERC4626Storage();
if (caller != owner) {
_spendAllowance(owner, caller, shares);
}
// If _asset is ERC-777, `transfer` can trigger a reentrancy AFTER the transfer happens through the
// `tokensReceived` hook. On the other hand, the `tokensToSend` hook, that is triggered before the transfer,
// calls the vault, which is assumed not malicious.
//
// Conclusion: we need to do the transfer after the burn so that any reentrancy would happen after the
// shares are burned and after the assets are transferred, which is a valid state.
_burn(owner, shares);
SafeERC20.safeTransfer($._asset, receiver, assets);
emit Withdraw(caller, receiver, owner, assets, shares);
}
function _decimalsOffset() internal view virtual returns (uint8) {
return 0;
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
// FijaVault errors
error VaultNoAssetMatching();
error VaultNotWhitelisted();
error VaultNoUpdateCandidate();
error VaultUpdateStrategyTimeError();
error VaultStrategyUndefined();
error VaultUnauthorizedAccess();
error VaultUnauthorizedCaller();
error VaultMaxRedeemExceeded();
error VaultMaxWithdrawalExceeded();
// FijaACL errors
error ACLOwnerZero();
error ACLGovZero();
error ACLResellZero();
error ACLNotOwner();
error ACLNotGov();
error ACLNotGovOwner();
error ACLNotReseller();
error ACLNotWhitelist();
error ACLTransferUserNotWhitelist();
error ACLDepositReceiverNotWhitelist();
error ACLRedeemWithdrawReceiverOwnerNotWhitelist();
error ACLWhitelistAddressZero();
// Strategy errors
error FijaUnauthorizedFlash();
error FijaInvalidAssetFlash();
error FijaStrategyUpdateInProgress();
// Transfer errors
error TransferDisbalance();
error TransferFailed();
// emergency mode restriction
error FijaInEmergencyMode();
error FijaInsufficientAmountToWithdraw();
error FijaZeroInput();
<i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
import "../interfaces/IFijaACL.sol";
import "./errors.sol";
import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
///
/// @title Access control contract
/// @author Fija
/// @notice Provides access rights management to child contracts
/// @dev some of the methods have default access modifiers and
/// some do not have restrictions. Please verify and override to have expected behaviour
/// *********** IMPORTANT **************
/// whitelist functions in the contract are not protected
/// it is responsibility of child contracts to define access rights
///
abstract contract FijaACL is Initializable, IFijaACL {
///
/// @dev contract storage variables
/// @param _owner owner of the contract
/// @param _governance governance of the contract
/// @param _reseller reseller of the contract
/// @custom:storage-location erc7201:fija.storage.FijaACL
///
struct FijaACLStorage {
address _owner;
address _governance;
address _reseller;
mapping(address => bool) _whitelist;
}
// keccak256(abi.encode(uint256(keccak256("fija.storage.FijaACL")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant FijaACLStorageLocation =
0xa9e08d0625107a284aa761b5aa390aa577728a439bcf82bf068948ac82bb6c00;
function _getFijaACLStorage()
internal
pure
returns (FijaACLStorage storage $)
{
assembly {
$.slot := FijaACLStorageLocation
}
}
function __FijaACL_init(
address governance_,
address reseller_
) internal onlyInitializing {
__FijaACL_init_unchained(governance_, reseller_);
}
function __FijaACL_init_unchained(
address governance_,
address reseller_
) internal onlyInitializing {
_transferOwnership(msg.sender);
_transferGovernance(governance_);
_transferReseller(reseller_);
}
/// @custom:oz-upgrades-unsafe-allow constructor
constructor(address governance_, address reseller_) {
_transferOwnership(msg.sender);
_transferGovernance(governance_);
_transferReseller(reseller_);
}
///
/// @dev Throws if called by any account that's not whitelisted.
///
modifier onlyWhitelisted() {
_checkWhitelist();
_;
}
///
/// @dev Throws if called by any account other than the owner.
///
modifier onlyOwner() {
_checkOwner();
_;
}
///
/// @dev Throws if called by any account other than the Governance.
///
modifier onlyGovernance() {
_checkGovernance();
_;
}
///
/// @dev Throws if called by any account other than the Reseller.
///
modifier onlyReseller() {
_checkReseller();
_;
}
///
/// @dev Throws if called by any account other than the Governance or Owner.
///
modifier onlyOwnerOrGovernance() {
_checkOwnerOrGovernance();
_;
}
///
/// @dev Throws if receiver and owner are not in the whitelist
///
modifier onlyReceiverOwnerWhitelisted(address receiver, address owner_) {
_checkReceiverOwnerWhitelisted(receiver, owner_);
_;
}
///
/// @dev Throws if receiver is not in the whitelist
///
modifier onlyReceiverWhitelisted(address receiver) {
_checkReceiverWhitelisted(receiver);
_;
}
///
/// NOTE: emits IFijaACL.WhitelistedAddressAdded
/// @inheritdoc IFijaACL
///
function addAddressToWhitelist(
address addr
) public virtual override returns (bool) {
if (isWhitelisted(addr)) {
return false;
}
_addAddressToWhitelist(addr);
return true;
}
///
/// NOTE: emits IFijaACL.WhitelistedAddressRemoved
/// @inheritdoc IFijaACL
///
function removeAddressFromWhitelist(
address addr
) public virtual override returns (bool) {
if (!isWhitelisted(addr)) {
return false;
}
_removeAddressFromWhitelist(addr);
return true;
}
///
/// @inheritdoc IFijaACL
///
function owner() public view virtual override returns (address) {
FijaACLStorage storage $ = _getFijaACLStorage();
return $._owner;
}
///
/// @inheritdoc IFijaACL
///
function governance() public view virtual override returns (address) {
FijaACLStorage storage $ = _getFijaACLStorage();
return $._governance;
}
///
/// @inheritdoc IFijaACL
///
function reseller() public view virtual override returns (address) {
FijaACLStorage storage $ = _getFijaACLStorage();
return $._reseller;
}
///
/// @inheritdoc IFijaACL
///
function isWhitelisted(
address addr
) public view virtual override returns (bool) {
FijaACLStorage storage $ = _getFijaACLStorage();
return $._whitelist[addr];
}
///
/// NOTE: only owner access, emits IFijaACL.OwnershipTransferred
/// @inheritdoc IFijaACL
///
function transferOwnership(
address newOwner
) external virtual override onlyOwner {
_transferOwnership(newOwner);
}
///
/// NOTE: only owner or governance access, emits IFijaACL.GovernanceTransferred
/// @inheritdoc IFijaACL
///
function transferGovernance(
address newGovernance
) external virtual override onlyOwnerOrGovernance {
if (newGovernance == address(0)) {
revert ACLGovZero();
}
_transferGovernance(newGovernance);
}
///
/// NOTE: only governance access, emits IFijaACL.ResellerTransferred
/// @inheritdoc IFijaACL
///
function transferReseller(
address newReseller
) external virtual override onlyGovernance {
if (newReseller == address(0)) {
revert ACLResellZero();
}
_transferReseller(newReseller);
}
///
/// NOTE: only governance access, emits IFijaACL.GovernanceTransferred
/// @inheritdoc IFijaACL
///
function renounceGovernance() external virtual override onlyGovernance {
_transferGovernance(address(0));
}
///
/// NOTE: only reseller access, emits IFijaACL.ResellerTransferred
/// @inheritdoc IFijaACL
///
function renounceReseller() external virtual override onlyReseller {
_transferReseller(address(0));
}
///
/// NOTE: owner cannot be zero address
/// @dev Helper method for transferOwnership.
/// Changes ownership access to new owner address.
/// @param newOwner address of new owner
///
function _transferOwnership(address newOwner) internal virtual {
if (newOwner == address(0)) {
revert ACLOwnerZero();
}
FijaACLStorage storage $ = _getFijaACLStorage();
address oldOwner = $._owner;
$._owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
///
/// @dev Helper method for transferGovernance.
/// Changes governance access to new governance address.
/// @param newGovernance address of new governance
///
function _transferGovernance(address newGovernance) internal virtual {
FijaACLStorage storage $ = _getFijaACLStorage();
address oldGovernance = $._governance;
$._governance = newGovernance;
emit GovernanceTransferred(oldGovernance, newGovernance);
}
///
/// @dev Helper method for transferReseller.
/// Changes reseller access to new reseller address.
/// @param newReseller address of new reseller
///
function _transferReseller(address newReseller) internal virtual {
FijaACLStorage storage $ = _getFijaACLStorage();
address oldReseller = $._reseller;
$._reseller = newReseller;
emit ResellerTransferred(oldReseller, newReseller);
}
///
/// @dev Helper method for onlyOwner modifier
///
function _checkOwner() internal view virtual {
if (owner() != msg.sender) {
revert ACLNotOwner();
}
}
///
/// @dev Helper method for onlyGovernance modifier
///
function _checkGovernance() internal view virtual {
if (governance() != msg.sender) {
revert ACLNotGov();
}
}
///
/// @dev Helper method for onlyOwnerOrGovernance modifier
///
function _checkOwnerOrGovernance() internal view virtual {
if (governance() != msg.sender && owner() != msg.sender) {
revert ACLNotGovOwner();
}
}
///
/// @dev Helper method for onlyReseller modifier
///
function _checkReseller() internal view virtual {
if (reseller() != msg.sender) {
revert ACLNotReseller();
}
}
///
/// @dev Helper method for onlyWhitelisted modifier
///
function _checkWhitelist() internal view virtual {
if (!isWhitelisted(msg.sender) && msg.sender != address(this)) {
revert ACLNotWhitelist();
}
}
///
/// @dev Helper method for onlyReceiverOwnerWhitelisted modifier
///
function _checkReceiverOwnerWhitelisted(
address receiver,
address owner_
) internal view virtual {
if (!isWhitelisted(receiver) || !isWhitelisted(owner_)) {
revert ACLRedeemWithdrawReceiverOwnerNotWhitelist();
}
}
///
/// @dev Helper method for onlyReceiverWhitelisted modifier
///
function _checkReceiverWhitelisted(address receiver) internal view virtual {
if (!isWhitelisted(receiver)) {
revert ACLDepositReceiverNotWhitelist();
}
}
///
/// @dev Helper method for adding address to contract whitelist.
/// @param addr address to be added to the whitelist
///
function _addAddressToWhitelist(address addr) internal {
if (addr == address(0)) {
revert ACLWhitelistAddressZero();
}
FijaACLStorage storage $ = _getFijaACLStorage();
$._whitelist[addr] = true;
emit WhitelistedAddressAdded(addr);
}
///
/// @dev Helper method for removing address from contract whitelist.
/// @param addr address to be removed from the whitelist
///
function _removeAddressFromWhitelist(address addr) internal {
FijaACLStorage storage $ = _getFijaACLStorage();
$._whitelist[addr] = false;
emit WhitelistedAddressRemoved(addr);
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
import "./ERC4626Upgradable.sol";
import "./FijaACL.sol";
import "../interfaces/IERC20Extended.sol";
import "../interfaces/IFijaERC4626Base.sol";
import "@openzeppelin/contracts/utils/math/Math.sol";
///
/// @title Fija ERC4626 Base contract
/// @author Fija
/// @notice Used as template for implementing ERC4626
/// @dev This is mainly used for adding access rights to specific methods.
/// NOTE: All mint related methods are disabled from ERC4626
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable
///
abstract contract FijaERC4626Base is
FijaACL,
ERC4626Upgradable,
IFijaERC4626Base,
IERC20Extended
{
using Math for uint256;
address internal constant ETH = 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;
uint256 internal constant BASIS_POINTS_DIVISOR = 10000;
///
/// @dev maximum amount to deposit/redeem/withdraw in assets in single call
/// NOTE: if user wants to deposits/withdrawls/redeem with amounts above this limit
/// transaction will be rejected
///
uint256 internal immutable MAX_TICKET_SIZE;
///
/// @dev maximum value of vault in assets
/// NOTE: all deposits above this value will be rejected
///
uint256 internal immutable MAX_VAULT_VALUE;
///
/// @dev Indicates a failed `decreaseAllowance` request.
///
error ERC20FailedDecreaseAllowance(
address spender,
uint256 currentAllowance,
uint256 requestedDecrease
);
function __FijaERC4626Base_init(
IERC20 asset_,
address governance_,
address reseller_,
string memory tokenName_,
string memory tokenSymbol_
) internal onlyInitializing {
__FijaACL_init(governance_, reseller_);
__ERC20_init(tokenName_, tokenSymbol_);
__ERC4626_init(asset_);
__FijaERC4626Base_init_unchained(
asset_,
governance_,
address(0),
tokenName_,
tokenSymbol_
);
}
function __FijaERC4626Base_init_unchained(
IERC20 asset_,
address governance_,
address reseller_,
string memory tokenName_,
string memory tokenSymbol_
) internal onlyInitializing {}
/// @custom:oz-upgrades-unsafe-allow constructor
constructor(
IERC20 asset_,
address governance_,
address reseller_,
string memory tokenName_,
string memory tokenSymbol_,
uint256 maxTicketSize_,
uint256 maxVaultValue_
)
ERC4626Upgradable(asset_)
ERC20Upgradeable(tokenName_, tokenSymbol_)
FijaACL(governance_, reseller_)
{
MAX_TICKET_SIZE = maxTicketSize_;
MAX_VAULT_VALUE = maxVaultValue_;
}
///
/// @dev Throws if zero input amount (on deposit, withdraw, redeem)
///
modifier nonZeroAmount(uint256 amount) {
if (amount == 0) {
revert FijaZeroInput();
}
_;
}
///
/// @inheritdoc IERC4626
///
function totalAssets()
public
view
virtual
override(IERC4626, ERC4626Upgradable)
returns (uint256)
{
if (asset() == ETH) {
return address(this).balance;
} else {
return IERC20(asset()).balanceOf(address(this));
}
}
///
/// @inheritdoc IFijaERC4626Base
///
function convertToTokens(
uint256 assets
) public view virtual returns (uint256) {
return convertToShares(assets);
}
///
/// NOTE: caller and "to" must be whitelisted
/// @inheritdoc IERC20
///
function transfer(
address to,
uint256 amount
)
public
virtual
override(ERC20Upgradeable, IERC20)
onlyWhitelisted
returns (bool)
{
if (!isWhitelisted(to)) {
revert ACLTransferUserNotWhitelist();
}
super.transfer(to, amount);
return true;
}
///
/// NOTE: caller and "to" must be whitelisted
/// @inheritdoc IERC20
///
function transferFrom(
address from,
address to,
uint256 amount
)
public
virtual
override(ERC20Upgradeable, IERC20)
onlyWhitelisted
returns (bool)
{
if (!isWhitelisted(from) || !isWhitelisted(to)) {
revert ACLTransferUserNotWhitelist();
}
super.transferFrom(from, to, amount);
return true;
}
///
/// NOTE: only whitelisted access
/// @inheritdoc IERC20
///
function approve(
address spender,
uint256 amount
)
public
virtual
override(ERC20Upgradeable, IERC20)
onlyWhitelisted
returns (bool)
{
return super.approve(spender, amount);
}
///
/// NOTE: only whitelisted access
/// @inheritdoc IERC20Extended
///
function increaseAllowance(
address spender,
uint256 addedValue
) public virtual override onlyWhitelisted returns (bool) {
address owner = _msgSender();
_approve(owner, spender, allowance(owner, spender) + addedValue);
return true;
}
///
/// NOTE: only whitelisted access
/// @inheritdoc IERC20Extended
///
function decreaseAllowance(
address spender,
uint256 requestedDecrease
) public virtual override onlyWhitelisted returns (bool) {
address owner = _msgSender();
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance < requestedDecrease) {
revert ERC20FailedDecreaseAllowance(
spender,
currentAllowance,
requestedDecrease
);
}
unchecked {
_approve(owner, spender, currentAllowance - requestedDecrease);
}
return true;
}
///
/// NOTE: DISABLED
/// @return 0
/// @inheritdoc IERC4626
///
function mint(
uint256,
address
) public virtual override(ERC4626Upgradable, IERC4626) returns (uint256) {
return 0;
}
///
/// NOTE: DISABLED
/// @return 0
/// @inheritdoc IERC4626
///
function previewMint(
uint256
)
public
view
virtual
override(ERC4626Upgradable, IERC4626)
returns (uint256)
{
return 0;
}
///
/// NOTE: DISABLED
/// @return 0
/// @inheritdoc IERC4626
///
function maxMint(
address
)
public
view
virtual
override(ERC4626Upgradable, IERC4626)
returns (uint256)
{
return 0;
}
///
/// @dev calculates maximum amount user is allowed to deposit in assets,
/// this depends of current value of vault and user deposit amount.
/// It is controlled by MAX_TICKET_SIZE and MAX_VAULT_VALUE
/// @return maximum amount user can deposit to the vault in assets
///
function maxDeposit(
address receiver
)
public
view
virtual
override(ERC4626Upgradable, IERC4626)
returns (uint256)
{
return _maxDeposit(receiver, totalAssets());
}
///
/// @dev calculates maximum amount user is allowed to withdraw in assets,
/// this on user withdrawal amount request.
/// It is controlled by MAX_TICKET_SIZE
/// @return maximum amount user can withdraw from the vault in assets
///
function maxWithdraw(
address owner
)
public
view
virtual
override(ERC4626Upgradable, IERC4626)
returns (uint256)
{
uint256 assets = _convertToAssets(
balanceOf(owner),
Math.Rounding.Floor
);
return assets > MAX_TICKET_SIZE ? MAX_TICKET_SIZE : assets;
}
///
/// @dev calculates maximum amount user is allowed to redeem in tokens from the vault
/// It is controlled by MAX_TICKET_SIZE
/// @return maximum amount user can redeem from the vault in tokens
///
function maxRedeem(
address owner
)
public
view
virtual
override(ERC4626Upgradable, IERC4626)
returns (uint256)
{
uint256 tokens = balanceOf(owner);
uint256 assets = _convertToAssets(tokens, Math.Rounding.Floor);
return
assets > MAX_TICKET_SIZE
? convertToTokens(MAX_TICKET_SIZE)
: tokens;
}
///
/// @dev calculates amount of tokens receiver will get based on asset deposit.
/// @param assets amount of assets caller wants to deposit
/// @param receiver address of the owner of deposit once deposit completes, this address will receive tokens.
/// @return amount of tokens receiver will receive
/// NOTE: this is protected generic template method for deposits and child contracts
/// should provide necessary overriding.
/// Ensure to call super.deposit from child contract to enforce access rights.
/// Caller and receiver must be whitelisted
/// Emits IERC4626.Deposit
///
function deposit(
uint256 assets,
address receiver
)
public
payable
virtual
override(ERC4626Upgradable, IERC4626)
onlyWhitelisted
nonZeroAmount(assets)
onlyReceiverWhitelisted(receiver)
returns (uint256)
{
if (asset() == ETH) {
if (assets != msg.value) {
revert TransferDisbalance();
}
uint256 totalAssetBeforeDeposit = totalAssets() - msg.value;
uint256 maxAssets = _maxDeposit(receiver, totalAssetBeforeDeposit);
if (assets > maxAssets) {
revert ERC4626ExceededMaxDeposit(receiver, assets, maxAssets);
}
uint256 tokens = assets.mulDiv(
totalSupply() + 10 ** _decimalsOffset(),
totalAssetBeforeDeposit + 1,
Math.Rounding.Floor
);
_mint(receiver, tokens);
emit Deposit(msg.sender, receiver, assets, tokens);
return tokens;
} else {
return super.deposit(assets, receiver);
}
}
///
/// @dev Burns exact number of tokens from owner and sends assets to receiver.
/// @param tokens amount of tokens caller wants to redeem
/// @param receiver address of the asset receiver
/// @param owner address of the owner of tokens
/// @return amount of assets receiver will receive based on exact burnt tokens
/// NOTE: this is protected generic template method for redeeming and child contracts
/// should provide necessary overriding.
/// Ensure to call super.redeem from child contract to enforce access rights.
/// Caller, receiver and owner must be whitelisted
/// Emits IERC4626.Withdraw
///
function redeem(
uint256 tokens,
address receiver,
address owner
)
public
payable
virtual
override(ERC4626Upgradable, IERC4626)
onlyWhitelisted
nonZeroAmount(tokens)
onlyReceiverOwnerWhitelisted(receiver, owner)
returns (uint256)
{
if (asset() == ETH) {
uint256 assets = _redeemHelper(tokens, owner);
if (msg.sender != owner) {
_spendAllowance(owner, msg.sender, tokens);
}
_burn(owner, tokens);
(bool success, ) = payable(receiver).call{value: assets}("");
if (!success) {
revert TransferFailed();
}
emit Withdraw(msg.sender, receiver, owner, assets, tokens);
return assets;
} else {
uint256 assets = _redeemHelper(tokens, owner);
_withdraw(_msgSender(), receiver, owner, assets, tokens);
return assets;
}
}
///
/// @dev Burns tokens from owner and sends exact number of assets to receiver
/// @param assets amount of assets caller wants to withdraw
/// @param receiver address of the asset receiver
/// @param owner address of the owner of tokens
/// @return amount of tokens burnt based on exact assets requested
/// NOTE: this is protected generic template method for withdrawing and child contracts
/// should provide necessary overriding.
/// Ensure to call super.withdraw from child contract to enforce access rights.
/// Caller, receiver and owner must be whitelisted
/// Emits IERC4626.Withdraw
///
function withdraw(
uint256 assets,
address receiver,
address owner
)
public
payable
virtual
override(ERC4626Upgradable, IERC4626)
onlyWhitelisted
nonZeroAmount(assets)
onlyReceiverOwnerWhitelisted(receiver, owner)
returns (uint256)
{
if (asset() == ETH) {
uint256 tokens = _withdrawHelper(assets, owner);
if (msg.sender != owner) {
_spendAllowance(owner, msg.sender, tokens);
}
_burn(owner, tokens);
(bool success, ) = payable(receiver).call{value: assets}("");
if (!success) {
revert TransferFailed();
}
emit Withdraw(msg.sender, receiver, owner, assets, tokens);
return tokens;
} else {
uint256 tokens = _withdrawHelper(assets, owner);
_withdraw(_msgSender(), receiver, owner, assets, tokens);
return tokens;
}
}
///
/// @dev helper method - calculates maximum amount user is allowed to deposit in assets,
/// this depends of current value of vault and user deposit amount.
/// It is controlled by MAX_TICKET_SIZE and MAX_VAULT_VALUE
/// @param totalAsset total assets in deposit currency
/// @return maximum amount user can deposit to the vault in assets
///
function _maxDeposit(
address,
uint256 totalAsset
) internal view virtual returns (uint256) {
if (MAX_VAULT_VALUE >= totalAsset) {
uint256 maxValueDiff = MAX_VAULT_VALUE - totalAsset;
if (maxValueDiff <= MAX_TICKET_SIZE) {
return maxValueDiff;
} else {
return MAX_TICKET_SIZE;
}
} else {
return 0;
}
}
///
/// @dev helper method - to execute optimized withdraw logic
/// @param assets value of assets to withdraw
/// @param owner owner address of the tokens
///
function _withdrawHelper(
uint256 assets,
address owner
) internal view returns (uint256) {
uint256 supply = totalSupply();
uint256 totalAssets_ = totalAssets();
// max withdraw check
uint256 assets_ = balanceOf(owner).mulDiv(
totalAssets_ + 1,
supply + 10 ** _decimalsOffset(),
Math.Rounding.Floor
);
uint256 maxWithdrawalAssets = assets_ > MAX_TICKET_SIZE
? MAX_TICKET_SIZE
: assets_;
if (assets > maxWithdrawalAssets) {
revert ERC4626ExceededMaxWithdraw(
owner,
assets,
maxWithdrawalAssets
);
}
// preview withdraw
uint256 tokens = assets.mulDiv(
supply + 10 ** _decimalsOffset(),
totalAssets_ + 1,
Math.Rounding.Ceil
);
return tokens;
}
///
/// @dev helper method - to execute optimized redeem logic
/// @param tokens tokens amount to burn
/// @param owner owner address of the tokens
///
function _redeemHelper(
uint256 tokens,
address owner
) internal view returns (uint256) {
// max reedem check
uint256 tokens_ = balanceOf(owner);
uint256 totalAssets_ = totalAssets();
uint256 supply = totalSupply();
uint256 assets_ = tokens_.mulDiv(
totalAssets_ + 1,
supply + 10 ** _decimalsOffset(),
Math.Rounding.Floor
);
uint256 maxReedemTokens = assets_ > MAX_TICKET_SIZE
? convertToTokens(MAX_TICKET_SIZE)
: tokens_;
if (tokens > maxReedemTokens) {
revert ERC4626ExceededMaxRedeem(owner, tokens, maxReedemTokens);
}
// preview redeem
uint256 assets = tokens.mulDiv(
totalAssets_ + 1,
supply + 10 ** _decimalsOffset(),
Math.Rounding.Floor
);
return assets;
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
pragma abicoder v2;
import "@openzeppelin/contracts/utils/Strings.sol";
import "./FijaERC4626Base.sol";
import "../interfaces/IFijaStrategy.sol";
import "./FijaStrategyEvents.sol";
///
/// @title Strategy Base contract
/// @author Fija
/// @notice Used as template for implementing strategy
/// @dev there are methods with minimum or no functionality
/// it is responsibility of child contracts to override them
///
contract FijaStrategy is IFijaStrategy, FijaERC4626Base {
uint256 internal constant PROFIT_SHARE_BPS = 2500;
///
/// @dev contract storage variables
/// @param _lastHarvestTime time of last harvest in seconds from epoch
/// @param _tokenMintedLastHarvest number of tokens minted since last harvest
/// @param _tokenPriceLastHarvest token price since last harvest
/// @param _lastRebalanceTime time of last rebalance in seconds from epoch
/// @param _isEmergencyMode flag indicating if strategy is in emergency mode
/// @custom:storage-location erc7201:fija.storage.FijaStrategy
///
struct FijaStrategyStorage {
uint256 _lastHarvestTime;
uint256 _tokenMintedLastHarvest;
uint256 _tokenPriceLastHarvest;
uint256 _lastRebalanceTime;
bool _isEmergencyMode;
}
// keccak256(abi.encode(uint256(keccak256("fija.storage.FijaStrategy")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant FijaStrategyStorageLocation =
0xf869bf731a9a225cbc75cb3dd16db9e57210388f1a14dd23baeedf6089ad4a00;
function _getFijaStrategyStorage()
internal
pure
returns (FijaStrategyStorage storage $)
{
assembly {
$.slot := FijaStrategyStorageLocation
}
}
function __FijaStrategy_init(
IERC20 asset_,
address governance_,
string memory tokenName_,
string memory tokenSymbol_
) internal onlyInitializing {
__FijaERC4626Base_init(
asset_,
governance_,
address(0),
tokenName_,
tokenSymbol_
);
__FijaStrategy_init_unchained();
}
function __FijaStrategy_init_unchained() internal onlyInitializing {
FijaStrategyStorage storage $ = _getFijaStrategyStorage();
$._lastHarvestTime = block.timestamp;
$._lastRebalanceTime = block.timestamp;
$._isEmergencyMode = false;
}
/// @custom:oz-upgrades-unsafe-allow constructor
constructor(
IERC20 asset_,
address governance_,
string memory tokenName_,
string memory tokenSymbol_,
uint256 maxTicketSize_,
uint256 maxVaultValue_
)
FijaERC4626Base(
asset_,
governance_,
address(0),
tokenName_,
tokenSymbol_,
maxTicketSize_,
maxVaultValue_
)
{}
///
/// @dev Throws if strategy is emergency modes
///
modifier emergencyModeRestriction() {
_emergencyModeRestriction();
_;
}
///
/// NOTE: only governance access
/// @inheritdoc IFijaACL
///
function addAddressToWhitelist(
address addr
) public virtual override(FijaACL, IFijaACL) onlyGovernance returns (bool) {
return super.addAddressToWhitelist(addr);
}
///
/// NOTE: only governance access
/// @inheritdoc IFijaACL
///
function removeAddressFromWhitelist(
address addr
) public virtual override(FijaACL, IFijaACL) onlyGovernance returns (bool) {
return super.removeAddressFromWhitelist(addr);
}
function totalAssets()
public
view
virtual
override(FijaERC4626Base, IERC4626)
returns (uint256)
{
uint256 allAssets = _allAssets();
uint256 profitShare = _profitShare(allAssets);
return _allAssets() - profitShare;
}
///
/// @inheritdoc IFijaStrategy
///
function needRebalance() external view virtual override returns (bool) {
return false;
}
///
/// NOTE: Only governance access
/// Restricted in emergency mode
/// emits Rebalance
/// @inheritdoc IFijaStrategy
///
function rebalance()
public
payable
virtual
override
onlyGovernance
emergencyModeRestriction
{
emit FijaStrategyEvents.Rebalance(block.timestamp, "");
FijaStrategyStorage storage $ = _getFijaStrategyStorage();
$._lastRebalanceTime = block.timestamp;
_genericInvestmentLogic(0);
}
///
/// @inheritdoc IFijaStrategy
///
function needHarvest() external view virtual override returns (bool) {
return false;
}
///
/// NOTE: Only governance access
/// Restricted in emergency mode
/// emits Harvest
/// @inheritdoc IFijaStrategy
///
function harvest()
external
payable
virtual
override
onlyGovernance
emergencyModeRestriction
{
_harvest();
uint256 supply = totalSupply();
uint256 allAssets = _allAssets();
uint256 profitShare = _profitShare(allAssets);
uint256 currentTokenPrice = convertToAssets(10 ** decimals());
emit FijaStrategyEvents.Harvest(
block.timestamp,
(BASIS_POINTS_DIVISOR / PROFIT_SHARE_BPS) * profitShare,
profitShare,
asset(),
""
);
if (profitShare > 0) {
uint256 currentBalance;
if (asset() == ETH) {
currentBalance = address(this).balance;
} else {
currentBalance = IERC20(asset()).balanceOf(address(this));
}
if (currentBalance < profitShare) {
// withdraw to cover profit share
_genericInvestmentLogic(
int256(currentBalance) - int256(profitShare)
);
}
// send profit share
if (asset() == ETH) {
(bool success, ) = payable(governance()).call{
value: profitShare
}("");
if (!success) {
revert TransferFailed();
}
} else {
IERC20(asset()).transfer(governance(), profitShare);
}
}
FijaStrategyStorage storage $ = _getFijaStrategyStorage();
if (currentTokenPrice > $._tokenPriceLastHarvest) {
$._tokenPriceLastHarvest = currentTokenPrice;
}
$._lastHarvestTime = block.timestamp;
$._tokenMintedLastHarvest = supply;
}
///
/// @inheritdoc IFijaStrategy
///
function needEmergencyMode() external view virtual override returns (bool) {
return false;
}
///
/// NOTE: Only governance access
/// emits EmergencyMode
/// @inheritdoc IFijaStrategy
///
function setEmergencyMode(
bool turnOn
) external payable virtual override onlyGovernance {
_beforeEmeMode(turnOn);
uint256 currentBalance;
if (asset() == ETH) {
currentBalance = address(this).balance;
} else {
currentBalance = IERC20(asset()).balanceOf(address(this));
}
uint256 allAssets = _allAssets();
if (turnOn) {
if (allAssets > currentBalance) {
_genericInvestmentLogic(-int256(allAssets - currentBalance));
}
} else {
_genericInvestmentLogic(int256(currentBalance));
}
_afterEmeMode(turnOn);
FijaStrategyStorage storage $ = _getFijaStrategyStorage();
if (turnOn) {
$._isEmergencyMode = true;
} else {
$._isEmergencyMode = false;
}
emit FijaStrategyEvents.EmergencyMode(block.timestamp, turnOn);
}
///
/// @inheritdoc IFijaStrategy
///
function emergencyMode() external view virtual override returns (bool) {
FijaStrategyStorage storage $ = _getFijaStrategyStorage();
return $._isEmergencyMode;
}
///
/// @inheritdoc IFijaStrategy
///
function status() external view virtual override returns (string memory) {
return _status();
}
///
/// NOTE: emergency mode check
/// @inheritdoc FijaERC4626Base
///
function deposit(
uint256 assets,
address receiver
)
public
payable
virtual
override(FijaERC4626Base, IERC4626)
emergencyModeRestriction
returns (uint256)
{
uint256 tokensMinted = super.deposit(assets, receiver);
address depositCcy = asset();
uint256 amountToDeposit;
if (depositCcy == ETH) {
amountToDeposit = address(this).balance;
} else {
amountToDeposit = IERC20(depositCcy).balanceOf(address(this));
}
_genericInvestmentLogic(int256(amountToDeposit));
return tokensMinted;
}
///
/// @inheritdoc FijaERC4626Base
///
function redeem(
uint256 tokens,
address receiver,
address owner
)
public
payable
virtual
override(IERC4626, FijaERC4626Base)
returns (uint256)
{
uint256 withdrawAmount = previewRedeem(tokens);
address depositCcy = asset();
uint256 currentBalance;
if (depositCcy == ETH) {
currentBalance = address(this).balance;
} else {
currentBalance = IERC20(depositCcy).balanceOf(address(this));
}
if (withdrawAmount > currentBalance) {
_genericInvestmentLogic(
int256(currentBalance) - int256(withdrawAmount)
);
}
return super.redeem(tokens, receiver, owner);
}
///
/// @inheritdoc FijaERC4626Base
///
function withdraw(
uint256 assets,
address receiver,
address owner
)
public
payable
virtual
override(IERC4626, FijaERC4626Base)
returns (uint256)
{
address depositCcy = asset();
uint256 currentBalance;
if (depositCcy == ETH) {
currentBalance = address(this).balance;
} else {
currentBalance = IERC20(depositCcy).balanceOf(address(this));
}
if (assets > currentBalance) {
_genericInvestmentLogic(int256(currentBalance) - int256(assets));
}
return super.withdraw(assets, receiver, owner);
}
///
/// @dev helper for modifier - checks if strategy is in emergency mode
///
function _emergencyModeRestriction() internal view virtual {
FijaStrategyStorage storage $ = _getFijaStrategyStorage();
if ($._isEmergencyMode) {
revert FijaInEmergencyMode();
}
}
///
/// @dev helper to calculate governance profit share
/// @return amount of profit to share with governance
///
function _profitShare(
uint256 allAssets
) internal view virtual returns (uint256) {
uint256 supply = totalSupply();
if (supply == 0) {
return 0;
}
uint256 currentTokenPrice = (allAssets * 10 ** decimals()) / supply;
FijaStrategyStorage storage $ = _getFijaStrategyStorage();
if (currentTokenPrice <= $._tokenPriceLastHarvest) {
return 0;
}
uint256 profitShare = ((currentTokenPrice - $._tokenPriceLastHarvest) *
$._tokenMintedLastHarvest) / (10 ** decimals());
profitShare = (profitShare * PROFIT_SHARE_BPS) / BASIS_POINTS_DIVISOR;
return profitShare;
}
///
/// @dev deposits or withdraw assets from defi protocols
/// @param amount token amount to deposit or withdraw
///
function _genericInvestmentLogic(int256 amount) internal virtual {}
///
/// @dev total available assets on the strategy, this includes profit share
/// @return amount of total available assets
///
function _allAssets() internal view virtual returns (uint256) {
return super.totalAssets();
}
///
/// @dev implementation of harvest logic
/// NOTE: needs to override for strategy specific harvest
///
function _harvest() internal virtual {}
///
/// @dev hook for before emergency mode action was triggered on/off
///
function _beforeEmeMode(bool turnOn) internal virtual {}
///
/// @dev hook after emergency mode has triggered on/off
///
function _afterEmeMode(bool turnOn) internal virtual {}
///
/// @dev startegy status
/// NOTE: needs to override for strategy specific status
///
function _status() internal view virtual returns (string memory) {
string memory str = string(
abi.encodePacked("totalAssets=", Strings.toString(totalAssets()))
);
return str;
}
receive() external payable virtual {}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
///
/// @title Strategy events
/// @notice Generic events used by Fija strategies
///
library FijaStrategyEvents {
///
/// @dev emits when rebalance executes
/// @param timestamp current timestamp when rebalance is executed
/// @param data metadata associated with event
///
event Rebalance(uint256 indexed timestamp, string data);
///
/// @dev emits when harvest executes
/// @param timestamp current timestamp when harvest is executed
/// @param harvestResult amount of harvested funds
/// @param profitShare amount of profits
/// @param profitToken address of profit token
/// @param data metadata associated with event
///
event Harvest(
uint256 indexed timestamp,
uint256 harvestResult,
uint256 profitShare,
address profitToken,
string data
);
///
/// @dev emits when emergency mode is toggled
/// @param timestamp current timestamp when emergency mode is toggled
/// @param turnOn flag for turning on/off emergency mode
///
event EmergencyMode(uint256 indexed timestamp, bool turnOn);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import "@openzeppelin/contracts/interfaces/IERC20.sol";
interface IERC20Extended is IERC20 {
///
/// @dev Atomically increases the allowance granted to `spender` by the caller.
///
/// This is an alternative to {approve} that can be used as a mitigation for
/// problems described in {IERC20-approve}.
///
/// Emits an {Approval} event indicating the updated allowance.
///
/// Requirements:
///
/// - `spender` cannot be the zero address.
/// @param spender address for who allowance is increased
/// @param addedValue value by how much value to spend is increased
///
function increaseAllowance(
address spender,
uint256 addedValue
) external returns (bool);
///
/// @dev Atomically decreases the allowance granted to `spender` by the caller.
///
/// This is an alternative to {approve} that can be used as a mitigation for
/// problems described in {IERC20-approve}.
///
/// Emits an {Approval} event indicating the updated allowance.
///
/// Requirements:
///
/// - `spender` cannot be the zero address.
/// - `spender` must have allowance for the caller of at least
/// `requestedDecrease`.
///
/// NOTE: Although this function is designed to avoid double spending with {approval},
/// it can still be frontrunned, preventing any attempt of allowance reduction.
/// @param spender address for who allowance is decreased
/// @param requestedDecrease value by how much value to spend is decreased
///
function decreaseAllowance(
address spender,
uint256 requestedDecrease
) external returns (bool);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC4626.sol)
// NOTE ETH native compatibility -- Forked OZ contract and updated deposit, withdraw, redeem method to become payable.
pragma solidity ^0.8.20;
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {IERC20Metadata} from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
/**
* @dev Interface of the ERC4626 "Tokenized Vault Standard", as defined in
* https://eips.ethereum.org/EIPS/eip-4626[ERC-4626].
*/
interface IERC4626 is IERC20, IERC20Metadata {
event Deposit(
address indexed sender,
address indexed owner,
uint256 assets,
uint256 shares
);
event Withdraw(
address indexed sender,
address indexed receiver,
address indexed owner,
uint256 assets,
uint256 shares
);
/**
* @dev Returns the address of the underlying token used for the Vault for accounting, depositing, and withdrawing.
*
* - MUST be an ERC-20 token contract.
* - MUST NOT revert.
*/
function asset() external view returns (address assetTokenAddress);
/**
* @dev Returns the total amount of the underlying asset that is “managed” by Vault.
*
* - SHOULD include any compounding that occurs from yield.
* - MUST be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT revert.
*/
function totalAssets() external view returns (uint256 totalManagedAssets);
/**
* @dev Returns the amount of shares that the Vault would exchange for the amount of assets provided, in an ideal
* scenario where all the conditions are met.
*
* - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT show any variations depending on the caller.
* - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
* - MUST NOT revert.
*
* NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
* “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
* from.
*/
function convertToShares(
uint256 assets
) external view returns (uint256 shares);
/**
* @dev Returns the amount of assets that the Vault would exchange for the amount of shares provided, in an ideal
* scenario where all the conditions are met.
*
* - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT show any variations depending on the caller.
* - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
* - MUST NOT revert.
*
* NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
* “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
* from.
*/
function convertToAssets(
uint256 shares
) external view returns (uint256 assets);
/**
* @dev Returns the maximum amount of the underlying asset that can be deposited into the Vault for the receiver,
* through a deposit call.
*
* - MUST return a limited value if receiver is subject to some deposit limit.
* - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of assets that may be deposited.
* - MUST NOT revert.
*/
function maxDeposit(
address receiver
) external view returns (uint256 maxAssets);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their deposit at the current block, given
* current on-chain conditions.
*
* - MUST return as close to and no more than the exact amount of Vault shares that would be minted in a deposit
* call in the same transaction. I.e. deposit should return the same or more shares as previewDeposit if called
* in the same transaction.
* - MUST NOT account for deposit limits like those returned from maxDeposit and should always act as though the
* deposit would be accepted, regardless if the user has enough tokens approved, etc.
* - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToShares and previewDeposit SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by depositing.
*/
function previewDeposit(
uint256 assets
) external view returns (uint256 shares);
/**
* @dev Mints shares Vault shares to receiver by depositing exactly amount of underlying tokens.
*
* - MUST emit the Deposit event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* deposit execution, and are accounted for during deposit.
* - MUST revert if all of assets cannot be deposited (due to deposit limit being reached, slippage, the user not
* approving enough underlying tokens to the Vault contract, etc).
*
* NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
*/
function deposit(
uint256 assets,
address receiver
) external payable returns (uint256 shares);
/**
* @dev Returns the maximum amount of the Vault shares that can be minted for the receiver, through a mint call.
* - MUST return a limited value if receiver is subject to some mint limit.
* - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of shares that may be minted.
* - MUST NOT revert.
*/
function maxMint(
address receiver
) external view returns (uint256 maxShares);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their mint at the current block, given
* current on-chain conditions.
*
* - MUST return as close to and no fewer than the exact amount of assets that would be deposited in a mint call
* in the same transaction. I.e. mint should return the same or fewer assets as previewMint if called in the
* same transaction.
* - MUST NOT account for mint limits like those returned from maxMint and should always act as though the mint
* would be accepted, regardless if the user has enough tokens approved, etc.
* - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToAssets and previewMint SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by minting.
*/
function previewMint(uint256 shares) external view returns (uint256 assets);
/**
* @dev Mints exactly shares Vault shares to receiver by depositing amount of underlying tokens.
*
* - MUST emit the Deposit event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the mint
* execution, and are accounted for during mint.
* - MUST revert if all of shares cannot be minted (due to deposit limit being reached, slippage, the user not
* approving enough underlying tokens to the Vault contract, etc).
*
* NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
*/
function mint(
uint256 shares,
address receiver
) external returns (uint256 assets);
/**
* @dev Returns the maximum amount of the underlying asset that can be withdrawn from the owner balance in the
* Vault, through a withdraw call.
*
* - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
* - MUST NOT revert.
*/
function maxWithdraw(
address owner
) external view returns (uint256 maxAssets);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their withdrawal at the current block,
* given current on-chain conditions.
*
* - MUST return as close to and no fewer than the exact amount of Vault shares that would be burned in a withdraw
* call in the same transaction. I.e. withdraw should return the same or fewer shares as previewWithdraw if
* called
* in the same transaction.
* - MUST NOT account for withdrawal limits like those returned from maxWithdraw and should always act as though
* the withdrawal would be accepted, regardless if the user has enough shares, etc.
* - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToShares and previewWithdraw SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by depositing.
*/
function previewWithdraw(
uint256 assets
) external view returns (uint256 shares);
/**
* @dev Burns shares from owner and sends exactly assets of underlying tokens to receiver.
*
* - MUST emit the Withdraw event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* withdraw execution, and are accounted for during withdraw.
* - MUST revert if all of assets cannot be withdrawn (due to withdrawal limit being reached, slippage, the owner
* not having enough shares, etc).
*
* Note that some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
* Those methods should be performed separately.
*/
function withdraw(
uint256 assets,
address receiver,
address owner
) external payable returns (uint256 shares);
/**
* @dev Returns the maximum amount of Vault shares that can be redeemed from the owner balance in the Vault,
* through a redeem call.
*
* - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
* - MUST return balanceOf(owner) if owner is not subject to any withdrawal limit or timelock.
* - MUST NOT revert.
*/
function maxRedeem(address owner) external view returns (uint256 maxShares);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their redeemption at the current block,
* given current on-chain conditions.
*
* - MUST return as close to and no more than the exact amount of assets that would be withdrawn in a redeem call
* in the same transaction. I.e. redeem should return the same or more assets as previewRedeem if called in the
* same transaction.
* - MUST NOT account for redemption limits like those returned from maxRedeem and should always act as though the
* redemption would be accepted, regardless if the user has enough shares, etc.
* - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToAssets and previewRedeem SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by redeeming.
*/
function previewRedeem(
uint256 shares
) external view returns (uint256 assets);
/**
* @dev Burns exactly shares from owner and sends assets of underlying tokens to receiver.
*
* - MUST emit the Withdraw event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* redeem execution, and are accounted for during redeem.
* - MUST revert if all of shares cannot be redeemed (due to withdrawal limit being reached, slippage, the owner
* not having enough shares, etc).
*
* NOTE: some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
* Those methods should be performed separately.
*/
function redeem(
uint256 shares,
address receiver,
address owner
) external payable returns (uint256 assets);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
///
/// @title Access control interface
/// @author Fija
/// @notice Defines methods and events for access control manipulation in contracts
///
interface IFijaACL {
///
/// @dev emits when address is added to whitelist
/// @param addr address added to the whitelist
///
event WhitelistedAddressAdded(address addr);
///
/// @dev emits when address is removed from whitelist
/// @param addr address removed from the whitelist
///
event WhitelistedAddressRemoved(address addr);
///
/// @dev emits when owner is changed
/// @param previousOwner address of previous owner
/// @param newOwner address of new owner
///
event OwnershipTransferred(
address indexed previousOwner,
address indexed newOwner
);
///
/// @dev emits when governance is changed
/// @param previousGovernance address of previous governance
/// @param newGovernance address of new governance
///
event GovernanceTransferred(
address indexed previousGovernance,
address indexed newGovernance
);
///
/// @dev emits when reseller is changed
/// @param previousReseller address of previous reseller
/// @param newReseller address of new reseller
///
event ResellerTransferred(
address indexed previousReseller,
address indexed newReseller
);
///
/// @dev adds address to whitelist
/// @param addr address to be added to whitelist
/// @return true if address was added, false if it already in whitelist
///
function addAddressToWhitelist(address addr) external returns (bool);
///
/// @dev removes address from whitelist
/// @param addr address to be removed from whitelist
/// @return true if address was removed, false if it not in the whitelist
///
function removeAddressFromWhitelist(address addr) external returns (bool);
///
/// @dev contract owner
/// @return address of the current owner
///
function owner() external view returns (address);
///
/// @dev contract governance
/// @return address of the current governance
///
function governance() external view returns (address);
///
/// @dev contract reseller
/// @return address of the current reseller
///
function reseller() external view returns (address);
///
/// @dev checks if address is in whitelist
/// @param addr address to check if it is in whitelist
/// @return true if address is in contract whitelist, false if it is not.
///
function isWhitelisted(address addr) external view returns (bool);
///
/// @dev changes ownership to new owner address
/// @param newOwner address of new owner
///
function transferOwnership(address newOwner) external;
///
/// @dev changes governance to new governance address.
/// @param newGovernance address of new governance
///
function transferGovernance(address newGovernance) external;
///
/// @dev changes reseller to new reseller address.
/// @param newReseller address of new reseller
///
function transferReseller(address newReseller) external;
///
/// @dev Leaves the contract without governance.
/// It will not be possible to call `onlyGovernance` functions anymore.
/// Renouncing governance will leave the contract without governance,
/// thereby removing any functionality that is only available to the governance.
///
function renounceGovernance() external;
///
/// @dev Leaves the contract without reseller.
/// It will not be possible to call `onlyReseller` functions anymore.
/// Renouncing reseller will leave the contract without reseller,
/// thereby removing any functionality that is only available to the reseller.
///
function renounceReseller() external;
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
import "./IERC4626.sol";
import "./IFijaACL.sol";
///
/// @title Base interface
/// @author Fija
/// @notice Interface base layer for vault and strategy interfaces
///
interface IFijaERC4626Base is IFijaACL, IERC4626 {
///
/// @dev Returns the amount of tokens that the Vault would exchange for the amount of assets provided, in an ideal
/// scenario where all the conditions are met.
///
/// - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
/// - MUST NOT show any variations depending on the caller.
/// - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
/// - MUST NOT revert.
///
/// NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
/// “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
/// from.
/// @param assets amount to be converted to tokens amount
///
function convertToTokens(
uint256 assets
) external view returns (uint256 tokens);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
import "./IFijaERC4626Base.sol";
///
/// @title FijaStrategy interface
/// @author Fija
/// @notice Expanding base IFijaERC4626Base to support strategy specific methods
///
interface IFijaStrategy is IFijaERC4626Base {
///
/// @dev check if there is a need to rebalance strategy funds
/// @return bool indicating need for rebalance
///
function needRebalance() external view returns (bool);
///
/// @dev executes strategy rebalancing
///
function rebalance() external payable;
///
/// @dev check if there is a need to harvest strategy funds
/// @return bool indicating need for harvesting
///
function needHarvest() external view returns (bool);
///
/// @dev executes strategy harvesting
///
function harvest() external payable;
///
/// @dev gets emergency mode status of strategy
/// @return flag indicting emergency mode status
///
function emergencyMode() external view returns (bool);
///
/// @dev sets emergency mode on/off
/// @param turnOn toggle flag
///
function setEmergencyMode(bool turnOn) external payable;
///
/// @dev check if there is a need for setting strategy in emergency mode
/// @return bool indicating need for emergency mode
///
function needEmergencyMode() external view returns (bool);
///
/// @dev gets various strategy status parameters
/// @return status parameters as string
///
function status() external view returns (string memory);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
interface IApr {
function apr(
uint256 _rate,
uint256 _priceOfRewards,
uint256 _priceOfDeposits
) external view returns (uint256);
function rewardRates(
uint256 _pid
) external view returns (address[] calldata, uint256[] calldata);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
interface IBooster {
function owner() external view returns (address);
function feeToken() external view returns (address);
function feeDistro() external view returns (address);
function lockFees() external view returns (address);
function stakerRewards() external view returns (address);
function lockRewards() external view returns (address);
function setVoteDelegate(address _voteDelegate) external;
function vote(
uint256 _voteId,
address _votingAddress,
bool _support
) external returns (bool);
function voteGaugeWeight(
address[] calldata _gauge,
uint256[] calldata _weight
) external returns (bool);
function poolInfo(
uint256 _pid
)
external
view
returns (
address _lptoken,
address _token,
address _gauge,
address _crvRewards,
address _stash,
bool _shutdown
);
function earmarkRewards(uint256 _pid) external returns (bool);
function earmarkFees() external returns (bool);
function isShutdown() external view returns (bool);
function poolLength() external view returns (uint256);
function depositAll(uint256 _pid, bool _stake) external returns (bool);
function deposit(
uint256 _pid,
uint256 _amount,
bool _stake
) external returns (bool);
function withdraw(uint256 _pid, uint256 _amount) external returns (bool);
function withdrawAll(uint256 _pid) external returns (bool);
function withdrawTo(
uint256 _pid,
uint256 _amount,
address _to
) external returns (bool);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
interface ICvxMining {
function ConvertCrvToCvx(uint256 _amount) external view returns (uint256);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
interface IRewardStaking {
function stakeFor(address, uint256) external;
function stake(uint256) external;
function withdraw(uint256 amount, bool claim) external;
function withdrawAndUnwrap(uint256 amount, bool claim) external;
function earned(address account) external view returns (uint256);
function getReward() external;
function getReward(address _account, bool _claimExtras) external;
function extraRewardsLength() external view returns (uint256);
function extraRewards(uint256 _pid) external view returns (address);
function rewardToken() external view returns (address);
function balanceOf(address _account) external view returns (uint256);
function rewardRate() external view returns (uint256);
function totalSupply() external view returns (uint256);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
interface IAddressProvider {
function get_registry() external view returns (address);
function max_id() external view returns (uint256);
function get_address(uint256 _id) external view returns (address);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
interface ICurve {
// add liquidity
// 0
function add_liquidity(
uint256[3] calldata _amounts,
uint256 _min_mint_amount
) external payable;
// 1
function add_liquidity(
uint256[3] calldata _amounts,
uint256 _min_mint_amount,
bool _use_underlying_or_use_eth
) external payable;
// 2
function add_liquidity(
uint256[2] calldata _amounts,
uint256 _min_mint_amount
) external payable;
// 3
function add_liquidity(
uint256[4] calldata _amounts,
uint256 _min_mint_amount
) external;
// 4
function add_liquidity(
uint256[2] calldata _amounts,
uint256 _min_mint_amount,
bool _use_underlying_or_use_eth
) external payable;
// 5 meta zap
function add_liquidity(
address _pool,
uint256[4] calldata _amounts,
uint256 _min_mint_amount
) external;
// 6 meta zap
function add_liquidity(
address _pool,
uint256[3] calldata _amounts,
uint256 _min_mint_amount
) external;
// 7
function add_liquidity(
uint256[] calldata _amounts,
uint256 _min_mint_amount
) external;
// remove liquidity one coin
// 0
function remove_liquidity_one_coin(
uint256 _burn_amount,
int128 i,
uint256 _min_received
) external;
// 1
function remove_liquidity_one_coin(
uint256 _burn_amount,
int128 i,
uint256 _min_received,
bool _use_underlying
) external;
// 2
function remove_liquidity_one_coin(
uint256 _burn_amount,
uint256 i,
uint256 _min_received,
bool _use_eth
) external;
// 3
function remove_liquidity_one_coin(
uint256 _burn_amount,
uint256 i,
uint256 _min_received
) external;
// 4 meta zap
function remove_liquidity_one_coin(
address _pool,
uint256 _burn_amount,
int128 i,
uint256 _min_received
) external;
// calc token amount
// 0
function calc_token_amount(
uint256[3] calldata _amounts,
bool _is_deposit
) external view returns (uint256);
// 1
function calc_token_amount(
uint256[2] calldata _amounts,
bool _is_deposit
) external view returns (uint256);
// 2
function calc_token_amount(
uint256[4] calldata _amounts,
bool _is_deposit
) external view returns (uint256);
// 3
function calc_token_amount(
uint256[2] calldata _amounts
) external view returns (uint256);
// 4 meta zap
function calc_token_amount(
address _pool,
uint256[4] calldata _amounts,
bool _is_deposit
) external view returns (uint256);
// 5 meta zap
function calc_token_amount(
address _pool,
uint256[3] calldata _amounts,
bool _is_deposit
) external view returns (uint256);
// 6
function calc_token_amount(
uint256[] calldata _amounts,
bool _is_deposit
) external view returns (uint256);
// cal withdraw one coin
// 0
function calc_withdraw_one_coin(
uint256 _burn_amount,
int128 i
) external view returns (uint256);
// 1
function calc_withdraw_one_coin(
uint256 _burn_amount,
int128 i,
bool _use_underlying
) external view returns (uint256);
// 2
function calc_withdraw_one_coin(
uint256 _burn_amount,
uint256 i
) external view returns (uint256);
// 3
function calc_withdraw_one_coin(
address _pool,
uint256 _burn_amount,
int128 i
) external view returns (uint256);
// get exchange amount;
//
// 1
function get_dy(
uint256 i,
uint256 j,
uint256 dx
) external view returns (uint256);
// 4
function get_dy(
address pool,
uint256 i,
uint256 j,
uint256 dx
) external view returns (uint256);
// 5
function get_dy_underlying(
address pool,
uint256 i,
uint256 j,
uint256 dx
) external view returns (uint256);
// 6
function get_dy(
int128 i,
int128 j,
uint256 dx
) external view returns (uint256);
// 2
function get_dy_underlying(
int128 i,
int128 j,
uint256 dx
) external view returns (uint256);
// 3
function get_dy_underlying(
uint256 i,
uint256 j,
uint256 dx
) external view returns (uint256);
///
// exchange
// 3
function exchange_underlying(
uint256 i,
uint256 j,
uint256 dx,
uint256 min_dy
) external payable returns (uint256);
// 2
function exchange_underlying(
int128 i,
int128 j,
uint256 dx,
uint256 min_dy
) external payable returns (uint256);
// 5
function exchange(
int128 i,
int128 j,
uint256 dx,
uint256 min_dy
) external payable returns (uint256);
// 1
function exchange(
uint256 i,
uint256 j,
uint256 dx,
uint256 min_dy,
bool use_eth
) external payable returns (uint256);
// 4
function exchange(
address pool,
uint256 i,
uint256 j,
uint256 dx,
uint256 min_dy
) external payable returns (uint256);
// 6
function exchange(
uint256 i,
uint256 j,
uint256 dx,
uint256 min_dy
) external payable returns (uint256);
function coins(uint256 index) external view returns (address);
function underlying_coins(uint256 index) external view returns (address);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
interface ICurveMetaRegistry {
function get_lp_token(address pool) external view returns (address);
function get_underlying_coins(
address pool
) external view returns (address[8] calldata);
function is_meta(address pool) external view returns (bool);
function get_coins(
address pool
) external view returns (address[8] calldata);
function get_balances(
address pool
) external view returns (uint256[8] calldata);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
interface IExchangeRegistry {
function get_best_rate(
address _from,
address _to,
uint256 _amount
) external view returns (address, uint256);
function get_exchange_amount(
address _pool,
address _from,
address _to,
uint256 _amount
) external view returns (uint256);
function exchange(
address _pool,
address _from,
address _to,
uint256 _amount,
uint256 _expected,
address _receiver
) external payable returns (uint256);
function exchange_with_best_rate(
address _from,
address _to,
uint256 _amount,
uint256 _expected,
address _receiver
) external returns (uint256);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
import "../../base/FijaStrategy.sol";
import "./CurveConvexConstants.sol";
import "./errors.sol";
import "../../protocols/curve/interfaces/ICurve.sol";
import "./ICurveConvexPeriphery.sol";
struct CoinRating {
// token address used in liquidity pools
address coinAddr;
// rating of token used in liquidity pools
uint8 rating;
}
struct Pool {
// pool address
address addr;
// deposit zap for the pool
address deposit;
// pool category to reference correct interface
uint8[4] category;
}
struct EmergencyPool {
// pool address
address addr;
// deposit zap for pool
address deposit;
// exchange category to reference correct interface
uint8[2] exchangeCategory;
}
struct RewardPoolInput {
// address of pool used in reward route
address addr;
// deposit zap for the pool
address deposit;
// "from" address in exchange pair
address from;
// "to" address in exchange pair
address to;
// exchange category to reference correct interface
uint8[2] exchangeCategory;
}
struct RewardPool {
// address of pool used in reward route
address addr;
// "from" address in exchange pair
address from;
// "to" address in exchange pair
address to;
}
struct ConstructorData {
// flag for checking depeg
bool dePegCheck;
// flag for disabling emergency pool
bool isEmePoolDisabled;
// emergency token address
address emergencyCurrency;
//address used for linking contracts
address linkAddr;
// harvest time frequency
uint256 harvestTime;
// rebalance time param
uint256 rebalanceTimeLower;
// rebalance time param
uint256 rebalanceTimeUpper;
// depeg deviation in bps
uint256 depegDev;
// swap slippage in bps
uint256 slippageSwap;
// slippage during emergency mode in bps
uint256 slippageEmergency;
// threshold used in rebalance procedure
uint256 rebalanceThreshold1;
// threshold used in rebalance procedure
uint256 rebalanceThreshold2;
// liquidity threshold in bps
uint256 liquidityThresholdBps;
// list of liquidity pools used in strategy
Pool[] curvePools;
// list of token ratings used in strategy
CoinRating[] coinRating;
// emergency pool data
EmergencyPool emergencyPool;
// list of pools used in CRV reward route
RewardPoolInput[] crvRewardRoute;
// list of pools used in CVX reward route
RewardPoolInput[] cvxRewardRoute;
}
///
/// @title Curve Convex Base contrat
/// @author Fija
/// @notice Used to initalize main and periphery contract variables
/// @dev Enables spliting contracts to main and periphery with access to same data
/// NOTE: Parent contract to CurveConvexPeriphery and CurveConvexStrategy
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable
///
abstract contract CurveConvexBase is FijaStrategy {
///
/// @dev number of liquidity pools used in strategy
///
uint8 public immutable POOL_NUM;
///
/// @dev deposit token used in strategy
///
address public immutable DEPOSIT_CCY;
///
/// @dev contract storage variables
/// @custom:storage-location erc7201:fija.storage.CurveConvexBase.BaseConstants
///
struct BaseConstantsStorage {
// harvest time frequency
uint256 HARVEST_TIME;
// rebalance time parameter
uint256 REBALANCE_TIME_UPPER;
// rebalance time parameter
uint256 REBALANCE_TIME_LOWER;
// depeg deviation in bps
uint256 DEPEG_DEVIATION;
// slippage swap in bps
uint256 SLIPPAGE_SWAP;
// rebalance threshold used when calling needRebalance()
uint256 REBALANCE_THR1;
// rebalance threshold used when calling needRebalance()
uint256 REBALANCE_THR2;
// slippage when in emergency mode
uint256 SLIPPAGE_EMERGENCY;
// liquidity threshold for low-liquidity pool checks
uint256 LIQUIDITY_THR_BPS;
// emergency token address
address EMERGENCY_CCY;
// flag is depeg checked in the strategy
bool DE_PEG_CHECK;
// flag is emergency pool disabled
bool EME_POOL_DISABLED;
}
///
/// @dev contract storage variables
/// @custom:storage-location erc7201:fija.storage.CurveConvexBase.BasePool
///
struct BasePoolStorage {
// pool used to transfer assets to emergency token when emergency mode is triggered
address _emergencyPool;
// list of Curve pools used for providing liquidity
address[] _curvePools;
// list of pools data for CRV reward route
RewardPool[] _crvRewardRoute;
// list of pools data for CVX reward route
RewardPool[] _cvxRewardRoute;
}
///
/// @dev contract storage variables
/// @custom:storage-location erc7201:fija.storage.CurveConvexBase.BasePoolMeta
///
struct BasePoolMetaStorage {
// maps address of reward pool to token address index indicating
// token position in pool, used in reward route swaps
mapping(address => mapping(address => uint256)) _rewardPoolCoinIndex;
// maps pool to deposit contract, needed when providing liquidity and swaps requires use of seperate deposit contracts
mapping(address => address) _poolDepositCtr;
// maps Curve liquidity pool to corresponding reward contract on Convex
mapping(address => address) _poolRewardContract;
// maps Curve liquidity pool to it's LP token
mapping(address => address) _poolLpToken;
// maps Curve liquidity pool to it's rating. 2 decimals precision
mapping(address => uint256) _poolRating;
// maps Curve liquidity pool deposit token index, this indicates deposit token position in the pool, used for swaps
mapping(address => int128) _poolDepositCcyIndex;
// maps Curve liquidity pool to corresponding Convex pool id
mapping(address => uint16) _poolConvexPoolId;
// maps Curve liquidity pool to list of categories, used to invoke correct interface method when working with liquidity
mapping(address => uint8[4]) _poolCategory;
// maps emergency or reward route pool to list of exchange categories, used to invoke correct interface method when performing swaps
mapping(address => uint8[2]) _poolExchangeCategory;
}
// keccak256(abi.encode(uint256(keccak256("fija.storage.CurveConvexBase.BaseConstants")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant BaseConstantsStorageLocation =
0x7ca39ae480fa7caba1b7f176c68022a2fb01fbc8747535ab30013caf43d34000;
// keccak256(abi.encode(uint256(keccak256("fija.storage.CurveConvexBase.BasePool")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant BasePoolStorageLocation =
0x8d6a0d0564cfc6ef62f16a4e38c8870fa668bc41bf29f15cb2a7b016ca93f300;
// keccak256(abi.encode(uint256(keccak256("fija.storage.CurveConvexBase.BasePoolMeta")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant BasePoolMetaStorageLocation =
0x60de7b5056e1605740d7a2b4ff113ac715b2202a65fbc90c6203ef73cace0700;
struct StatusInput {
BasePoolMetaStorage meta;
BasePoolStorage pool;
BaseConstantsStorage constants;
address depositCcy;
uint poolNum;
}
function _getBaseConstantsStorage()
internal
pure
returns (BaseConstantsStorage storage $)
{
assembly {
$.slot := BaseConstantsStorageLocation
}
}
function _getBasePoolStorage()
internal
pure
returns (BasePoolStorage storage $)
{
assembly {
$.slot := BasePoolStorageLocation
}
}
function _getBasePoolMetaStorage()
internal
pure
returns (BasePoolMetaStorage storage $)
{
assembly {
$.slot := BasePoolMetaStorageLocation
}
}
function __CurveConvexBase_init(
address depositCurrency_,
address governance_,
string memory tokenName_,
string memory tokenSymbol_,
ConstructorData memory data_
) internal onlyInitializing {
__FijaStrategy_init(
IERC20(depositCurrency_),
governance_,
tokenName_,
tokenSymbol_
);
__CurveConvexBase_init_unchained(depositCurrency_, data_);
}
// NOTE only call from onlyInitializing method when using in proxy
function __CurveConvexBase_init_unchained(
address depositCurrency_,
ConstructorData memory data_
) internal {
FijaStrategyStorage storage s = _getFijaStrategyStorage();
s._lastRebalanceTime = block.timestamp;
{
BaseConstantsStorage storage $ = _getBaseConstantsStorage();
$.DEPEG_DEVIATION = data_.depegDev;
$.REBALANCE_TIME_LOWER = data_.rebalanceTimeLower;
$.REBALANCE_TIME_UPPER = data_.rebalanceTimeUpper;
$.HARVEST_TIME = data_.harvestTime;
$.REBALANCE_THR1 = data_.rebalanceThreshold1;
$.REBALANCE_THR2 = data_.rebalanceThreshold2;
$.SLIPPAGE_EMERGENCY = data_.slippageEmergency;
$.SLIPPAGE_SWAP = data_.slippageSwap;
$.LIQUIDITY_THR_BPS = data_.liquidityThresholdBps;
$.DE_PEG_CHECK = data_.dePegCheck;
$.EME_POOL_DISABLED = data_.isEmePoolDisabled;
$.EMERGENCY_CCY = data_.emergencyCurrency;
}
BasePoolMetaStorage storage $$ = _getBasePoolMetaStorage();
BasePoolStorage storage $$$ = _getBasePoolStorage();
// #### build CRV route storage var #####
{
RewardPoolInput[] memory crvRewardRoute = data_.crvRewardRoute;
for (uint8 i = 0; i < crvRewardRoute.length; i++) {
$$$._crvRewardRoute.push(
RewardPool(
crvRewardRoute[i].addr,
crvRewardRoute[i].from,
crvRewardRoute[i].to
)
);
$$._poolDepositCtr[crvRewardRoute[i].addr] = crvRewardRoute[i]
.deposit;
$$._poolExchangeCategory[
crvRewardRoute[i].addr
] = crvRewardRoute[i].exchangeCategory;
// no exchange support, build rewardRoute coin indexes for swaps
if (crvRewardRoute[i].exchangeCategory[0] != 0) {
address rewardRoutePool = crvRewardRoute[i].addr;
address[8] memory poolCoins = CurveConvexConstants
._underlyingCoins(rewardRoutePool);
for (uint8 j = 0; j < poolCoins.length; j++) {
if (poolCoins[j] == address(0)) {
break;
}
$$._rewardPoolCoinIndex[rewardRoutePool][
poolCoins[j]
] = j;
}
}
}
}
// #### build CVX route storage var #####
{
RewardPoolInput[] memory cvxRewardRoute = data_.cvxRewardRoute;
for (uint8 i = 0; i < cvxRewardRoute.length; i++) {
$$$._cvxRewardRoute.push(
RewardPool(
cvxRewardRoute[i].addr,
cvxRewardRoute[i].from,
cvxRewardRoute[i].to
)
);
$$._poolDepositCtr[cvxRewardRoute[i].addr] = cvxRewardRoute[i]
.deposit;
$$._poolExchangeCategory[
cvxRewardRoute[i].addr
] = cvxRewardRoute[i].exchangeCategory;
// no exchange support, build rewardRoute coin indexes
if (cvxRewardRoute[i].exchangeCategory[0] != 0) {
address rewardRoutePool = cvxRewardRoute[i].addr;
address[8] memory poolCoins = CurveConvexConstants
._underlyingCoins(rewardRoutePool);
for (uint8 j = 0; j < poolCoins.length; j++) {
if (poolCoins[j] == address(0)) {
break;
}
$$._rewardPoolCoinIndex[rewardRoutePool][
poolCoins[j]
] = j;
}
}
}
}
// #### build curve pool storage variables #####
Pool[] memory curvePools = data_.curvePools;
CoinRating[] memory coinRating = data_.coinRating;
for (uint8 i = 0; i < curvePools.length; i++) {
address curveAddr = curvePools[i].addr;
$$$._curvePools.push(curveAddr);
$$._poolDepositCtr[curveAddr] = curvePools[i].deposit;
$$._poolCategory[curveAddr] = curvePools[i].category;
$$._poolLpToken[curveAddr] = CurveConvexConstants
.Curve_ICurveMetaRegistry
.get_lp_token(curveAddr);
address[8] memory poolCoins = CurveConvexConstants._underlyingCoins(
curveAddr
);
$$._poolDepositCcyIndex[curveAddr] = CurveConvexConstants
._findCoinIndex(poolCoins, depositCurrency_);
// create pool ratings
bool isFound;
uint16 ratingSum = 0;
for (uint8 j = 0; j < poolCoins.length; j++) {
if (poolCoins[j] == address(0)) {
break;
}
isFound = false;
for (uint8 k = 0; k < coinRating.length; k++) {
if (poolCoins[j] == coinRating[k].coinAddr) {
isFound = true;
ratingSum += coinRating[k].rating;
break;
}
}
if (!isFound) {
revert FijaPoolRatingInvalid();
}
}
$$._poolRating[curveAddr] = (ratingSum * 100) / poolCoins.length;
// associate convex pool with curve pool through curve LP token
uint256 convexPoolLength = CurveConvexConstants
.Convex_IBooster
.poolLength();
isFound = false;
for (uint16 j = 0; j < convexPoolLength; j++) {
// gets curveLP token from convex pool
(
address clpToken,
,
,
address rewardContract,
,
bool isShutdown
) = CurveConvexConstants.Convex_IBooster.poolInfo(j);
// check if convex curveLP tokens matches with curve pool lp token
if (!isShutdown && clpToken == $$._poolLpToken[curveAddr]) {
isFound = true;
$$._poolConvexPoolId[curveAddr] = j;
$$._poolRewardContract[curveAddr] = rewardContract;
break;
}
}
if (!isFound) {
revert FijaConvexPoolUnknown();
}
}
// #### initalize emergency pool #####
$$$._emergencyPool = data_.emergencyPool.addr;
$$._poolExchangeCategory[$$$._emergencyPool] = data_
.emergencyPool
.exchangeCategory;
$$._poolDepositCtr[$$$._emergencyPool] = data_.emergencyPool.deposit;
// no exchange support, build emergency coin indexes
if (data_.emergencyPool.exchangeCategory[0] != 0) {
address[8] memory emeCoins = CurveConvexConstants._underlyingCoins(
$$$._emergencyPool
);
for (uint8 j = 0; j < emeCoins.length; j++) {
if (emeCoins[j] == address(0)) {
break;
}
$$._rewardPoolCoinIndex[$$$._emergencyPool][emeCoins[j]] = j;
}
}
}
/// @custom:oz-upgrades-unsafe-allow constructor
constructor(
address depositCurrency_,
address governance_,
string memory tokenName_,
string memory tokenSymbol_,
uint256 maxTicketSize_,
uint256 maxVaultValue_,
ConstructorData memory data_
)
FijaStrategy(
IERC20(depositCurrency_),
governance_,
tokenName_,
tokenSymbol_,
maxTicketSize_,
maxVaultValue_
)
{
DEPOSIT_CCY = depositCurrency_;
POOL_NUM = uint8(data_.curvePools.length);
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
import "../../protocols/convex/interfaces/IBooster.sol";
import "../../protocols/convex/interfaces/IApr.sol";
import "../../protocols/convex/interfaces/ICvxMining.sol";
import "../../protocols/convex/interfaces/IRewardStaking.sol";
import "../../protocols/curve/interfaces/IAddressProvider.sol";
import "../../protocols/curve/interfaces/IExchangeRegistry.sol";
import "../../protocols/curve/interfaces/ICurveMetaRegistry.sol";
import "../../protocols/curve/interfaces/ICurve.sol";
import "./errors.sol";
///
/// @title Curve Convex Strategy Protocol
/// @author Fija
/// @notice Hold protocol references and constants used in the strategy
/// @dev Inherited by both peripery and main strategy contract
///
library CurveConvexConstants {
uint256 internal constant CURVE_EXCHANGE_ID = 2;
uint256 internal constant PRECISION_18 = 10 ** 18;
uint256 internal constant PRECISION_30 = 10 ** 30;
uint256 internal constant BASIS_POINTS_DIVISOR = 10000;
address internal constant WETH = 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2;
address internal constant CRV = 0xD533a949740bb3306d119CC777fa900bA034cd52;
address internal constant CVX = 0x4e3FBD56CD56c3e72c1403e103b45Db9da5B9D2B;
address internal constant ETH = 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;
///
/// @dev Reference to Curve meta registry. Used for abstracting
/// operations on pools with different interfaces
///
ICurveMetaRegistry internal constant Curve_ICurveMetaRegistry =
ICurveMetaRegistry(0xF98B45FA17DE75FB1aD0e7aFD971b0ca00e379fC);
///
/// @dev Reference to Convex booster contract. Used when staking,
/// unstaking Curve LP tokens from Convex pools
///
IBooster internal constant Convex_IBooster =
IBooster(0xF403C135812408BFbE8713b5A23a04b3D48AAE31);
///
/// @dev Reference to Convex library. Used to calculate CVX rewards
/// based on CRV rewards
///
ICvxMining internal constant Convex_ICvxMining =
ICvxMining(0x3c75BFe6FbfDa3A94E7E7E8c2216AFc684dE5343);
///
/// @dev Reference to Curve address provider which is used to get
/// various Curve contracts consistently, specifically meta exchange
///
IAddressProvider internal constant Curve_IAddressProvider =
IAddressProvider(0x0000000022D53366457F9d5E68Ec105046FC4383);
///
/// @dev Reference to Curve APR contract used to calculate CRV and CVX
/// APR rates
///
IApr internal constant Convex_IApr =
IApr(0x5Fba69a794F395184b5760DAf1134028608e5Cd1);
///
/// @dev Helper method finding correct index in array of coins
/// @param coins array of token addresses
/// @param coin address of token for queried index
/// @return token index in coins array
/// NOTE: throws if index is not found
///
function _findCoinIndex(
address[8] memory coins,
address coin
) internal pure returns (int128) {
for (uint256 i = 0; i < coins.length; i++) {
if (coins[i] == coin && coins[i] != address(0)) {
return int128(int256(i));
}
}
revert FijaCoinIndexNotFound();
}
///
/// @dev Helper method to build array which is provided to liquidity methods
/// There is always 1 non-zero value in array, as there is only 1 token to
/// use as deposit token in strategy
/// @param amount array of token addresses
/// @param index indicating token position in the pool
/// @return array of values with 1 non-zero value on index which indicates
/// deposit token index inside pool
///
function _buildInputAmount(
uint256 amount,
int128 index
) internal pure returns (uint256[4] memory) {
uint256[4] memory inputs = [
uint256(0),
uint256(0),
uint256(0),
uint256(0)
];
inputs[uint256(uint128(index))] = amount;
return inputs;
}
///
/// @dev Helper method which finds address in array and replaces it with different address
/// @param inputAddrs array of token address on which to perform find and replace
/// @param find address of token to replace
/// @param replaceWith address of token to replace with
/// @return array of addresses modified with replaceWith if flag is true
///
function _findAddrReplace(
address[8] memory inputAddrs,
address find,
address replaceWith
) internal pure returns (address[8] memory) {
for (uint8 i = 0; i < inputAddrs.length; i++) {
if (inputAddrs[i] == find) {
inputAddrs[i] = replaceWith;
break;
}
}
return inputAddrs;
}
///
/// @dev Helper method which checks if token address exists in array
/// @param inputAddrs array of token address on which to perform find
/// @param token address of token to find
/// @return flag indicating if token is found in the inputAddrs
///
function _isTokenAddrIn(
address[8] memory inputAddrs,
address token
) internal pure returns (bool) {
for (uint8 i = 0; i < inputAddrs.length; i++) {
if (inputAddrs[i] == token) {
return true;
}
}
return false;
}
///
/// @dev Helper method to verify if 2 array are equal
/// @param A array of token addresses to compare
/// @param B array of token addresses to compare
/// @return flag indicting if arrays are equal
///
function _isEqualAddr(
address[8] memory A,
address[8] memory B
) internal pure returns (bool) {
for (uint8 i = 0; i < A.length; i++) {
if (A[i] != B[i]) {
return false;
}
}
return true;
}
///
/// @dev Helper method to verify if 2 array are different on all positions
/// @param A array of token addresses to compare
/// @param B array of token addresses to compare
/// @return flag indicting if arrays are not equal
///
function _isAllDiffAddr(
address[8] memory A,
address[8] memory B
) internal pure returns (bool) {
for (uint8 i = 0; i < A.length; i++) {
if (A[i] == B[i] && A[i] != address(0)) {
return false;
}
}
return true;
}
///
/// @dev Helper method querying which tokens pool supports. Only non-wrapped.
/// @param pool address for which addresses of pool tokens are fetched
/// @return array with token addresses inside pool
///
function _underlyingCoins(
address pool
) internal view returns (address[8] memory) {
bool isMeta = Curve_ICurveMetaRegistry.is_meta(pool);
address[8] memory underCoins = CurveConvexConstants
.Curve_ICurveMetaRegistry
.get_underlying_coins(pool);
if (!isMeta) {
address[8] memory coins = CurveConvexConstants
.Curve_ICurveMetaRegistry
.get_coins(pool);
if (_isEqualAddr(coins, underCoins)) {
if (!_isTokenAddrIn(coins, WETH)) {
// plain or plain eth pool
return coins;
} else {
// pool which takes eth and wrapped eth
// but replaces WETH with ETH address as it's underlying
address[8] memory replacedCoins = CurveConvexConstants
._findAddrReplace(coins, WETH, ETH);
return replacedCoins;
}
} else {
if (
_isTokenAddrIn(coins, ETH) &&
_isTokenAddrIn(underCoins, ETH)
) {
// plain eth pool
return coins;
} else {
// normal lending pool
if (_isAllDiffAddr(coins, underCoins)) {
return underCoins;
} else {
revert FijaUnknownPoolForCoins();
}
}
}
} else {
return underCoins;
}
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
import "./CurveConvexConstants.sol";
import "./errors.sol";
import "./ICurveConvexPeriphery.sol";
import "./CurveConvexBase.sol";
import "../../interfaces/IFijaStrategy.sol";
///
/// @title Curve Convex Periphery
/// @author Fija
/// @notice View methods to support main strategy contract operations
/// @dev To offload size and heavy view methods for off-chain usage
///
contract CurveConvexPeriphery is CurveConvexBase, ICurveConvexPeriphery {
///
/// @dev reference to main strategy contract
///
address internal STRATEGY;
constructor(
address depositCurrency_,
address governance_,
string memory tokenName_,
string memory tokenSymbol_,
uint256 maxTicketSize_,
uint256 maxVaultValue_,
ConstructorData memory data_
)
CurveConvexBase(
depositCurrency_,
governance_,
tokenName_,
tokenSymbol_,
maxTicketSize_,
maxVaultValue_,
data_
)
{
__CurveConvexBase_init_unchained(depositCurrency_, data_);
}
///
/// @dev link to base strategy contract
/// @param strategy address to associate periphery contract with main strategy contract
///
function setStrategy(address strategy) public onlyOwner {
STRATEGY = strategy;
}
///
/// NOTE: uses pool categories and deposit zap addresses to identify the interface and invoke methods on proper contracts
/// @inheritdoc ICurveConvexPeriphery
///
function calcTokenAmount(
address pool,
uint256 depositAmount,
bool isDeposit
) external view override returns (uint256) {
BasePoolMetaStorage storage $ = _getBasePoolMetaStorage();
uint8 id = $._poolCategory[pool][2];
uint256[4] memory amounts = CurveConvexConstants._buildInputAmount(
depositAmount,
$._poolDepositCcyIndex[pool]
);
if (id == 0) {
uint256[3] memory inputs = [amounts[0], amounts[1], amounts[2]];
return ICurve(pool).calc_token_amount(inputs, isDeposit);
} else if (id == 1) {
uint256[2] memory inputs = [amounts[0], amounts[1]];
return ICurve(pool).calc_token_amount(inputs, isDeposit);
} else if (id == 2) {
if ($._poolDepositCtr[pool] != address(0)) {
pool = $._poolDepositCtr[pool];
}
return ICurve(pool).calc_token_amount(amounts, isDeposit);
} else if (id == 3) {
uint256[2] memory inputs = [amounts[0], amounts[1]];
return ICurve(pool).calc_token_amount(inputs);
} else if (id == 4) {
return
ICurve($._poolDepositCtr[pool]).calc_token_amount(
pool,
amounts,
isDeposit
);
} else if (id == 5) {
uint256[3] memory inputs = [amounts[0], amounts[1], amounts[2]];
return
ICurve($._poolDepositCtr[pool]).calc_token_amount(
pool,
inputs,
isDeposit
);
} else if (id == 6) {
uint256[] memory inputs = new uint256[](2);
inputs[0] = amounts[0];
inputs[1] = amounts[1];
return ICurve(pool).calc_token_amount(inputs, isDeposit);
} else {
revert FijaInvalidPoolCategory();
}
}
///
/// NOTE: uses pool categories and deposit zap addresses to identify the interface and invoke methods on proper contracts
/// @inheritdoc ICurveConvexPeriphery
///
function calcWithdrawOneCoin(
address pool,
uint256 burnAmount,
int128 i
) public view returns (uint256) {
BasePoolMetaStorage storage $ = _getBasePoolMetaStorage();
uint8 id = $._poolCategory[pool][3];
if (id == 0) {
if ($._poolDepositCtr[pool] != address(0)) {
pool = $._poolDepositCtr[pool];
}
try ICurve(pool).calc_withdraw_one_coin(burnAmount, i) returns (
uint256 amount
) {
return amount;
} catch {
return 0;
}
} else if (id == 1) {
try
ICurve(pool).calc_withdraw_one_coin(burnAmount, i, true)
returns (uint256 amount) {
return amount;
} catch {
return 0;
}
} else if (id == 2) {
try
ICurve(pool).calc_withdraw_one_coin(
burnAmount,
uint256(int256(i))
)
returns (uint256 amount) {
return amount;
} catch {
return 0;
}
} else if (id == 3) {
try
ICurve($._poolDepositCtr[pool]).calc_withdraw_one_coin(
pool,
burnAmount,
i
)
returns (uint256 amount) {
return amount;
} catch {
return 0;
}
} else {
revert FijaInvalidPoolCategory();
}
}
///
/// NOTE: uses pool categories and deposit zap addresses to identify the interface and invoke methods on proper contracts
/// @inheritdoc ICurveConvexPeriphery
///
function getExchangeAmount(
address pool,
address from,
address to,
uint256 input
) public view override returns (uint256) {
BasePoolMetaStorage storage $ = _getBasePoolMetaStorage();
uint8 id = $._poolExchangeCategory[pool][0];
if (id == 0) {
IExchangeRegistry ex = IExchangeRegistry(
CurveConvexConstants.Curve_IAddressProvider.get_address(
CurveConvexConstants.CURVE_EXCHANGE_ID
)
);
try ex.get_exchange_amount(pool, from, to, input) returns (
uint256 amount
) {
return amount;
} catch {
return 0;
}
} else if (id == 1) {
address depo = pool;
if ($._poolDepositCtr[pool] != address(0)) {
depo = $._poolDepositCtr[pool];
}
try
ICurve(depo).get_dy(
$._rewardPoolCoinIndex[pool][from],
$._rewardPoolCoinIndex[pool][to],
input
)
returns (uint256 amount) {
return amount;
} catch {
return 0;
}
} else if (id == 2) {
address depo = pool;
if ($._poolDepositCtr[pool] != address(0)) {
depo = $._poolDepositCtr[pool];
}
try
ICurve(depo).get_dy_underlying(
int128(uint128($._rewardPoolCoinIndex[pool][from])),
int128(uint128($._rewardPoolCoinIndex[pool][to])),
input
)
returns (uint256 amount) {
return amount;
} catch {
return 0;
}
} else if (id == 3) {
// deposit zap
try
ICurve($._poolDepositCtr[pool]).get_dy_underlying(
$._rewardPoolCoinIndex[pool][from],
$._rewardPoolCoinIndex[pool][to],
input
)
returns (uint256 amount) {
return amount;
} catch {
return 0;
}
} else if (id == 4) {
// deposit zap
try
ICurve($._poolDepositCtr[pool]).get_dy(
pool,
$._rewardPoolCoinIndex[pool][from],
$._rewardPoolCoinIndex[pool][to],
input
)
returns (uint256 amount) {
return amount;
} catch {
return 0;
}
} else if (id == 5) {
// deposit zap
try
ICurve($._poolDepositCtr[pool]).get_dy_underlying(
pool,
$._rewardPoolCoinIndex[pool][from],
$._rewardPoolCoinIndex[pool][to],
input
)
returns (uint256 amount) {
return amount;
} catch {
return 0;
}
} else if (id == 6) {
try
ICurve(pool).get_dy(
int128(uint128($._rewardPoolCoinIndex[pool][from])),
int128(uint128($._rewardPoolCoinIndex[pool][to])),
input
)
returns (uint256 amount) {
return amount;
} catch {
return 0;
}
} else {
revert FijaInvalidPoolCategory();
}
}
///
/// @inheritdoc ICurveConvexPeriphery
///
function exposureDiff(
uint256 targetExposure
) external view override returns (int256[8] memory, uint256[] memory) {
(uint256[2] memory crvCvxInDepositCCy, , ) = crvCvxToDepositCcy(
[
CurveConvexConstants.PRECISION_18,
CurveConvexConstants.PRECISION_18
]
);
uint256[] memory numerators = new uint256[](POOL_NUM);
uint256 denominator = 0;
BasePoolStorage storage $ = _getBasePoolStorage();
BasePoolMetaStorage storage $$ = _getBasePoolMetaStorage();
for (uint8 i = 0; i < POOL_NUM; i++) {
address pool = $._curvePools[i];
numerators[i] =
_poolYield(crvCvxInDepositCCy[0], crvCvxInDepositCCy[1], pool) *
$$._poolRating[pool];
denominator += numerators[i];
}
// all pools have apy 0, allocate fund by pool rating
if (denominator == 0) {
for (uint8 i = 0; i < POOL_NUM; i++) {
numerators[i] = $$._poolRating[$._curvePools[i]];
denominator += numerators[i];
}
}
int256[8] memory poolExDiff;
uint256[] memory poolAllocationsLogBps = new uint256[](POOL_NUM);
for (uint8 i = 0; i < POOL_NUM; i++) {
address pool = $._curvePools[i];
uint256 currentPoolExp = calcWithdrawOneCoin(
pool,
IERC20($$._poolRewardContract[pool]).balanceOf(STRATEGY),
$$._poolDepositCcyIndex[pool]
);
poolAllocationsLogBps[i] =
(numerators[i] * BASIS_POINTS_DIVISOR) /
denominator;
poolExDiff[i] =
int256(currentPoolExp) -
int256(
((targetExposure *
(numerators[i] * CurveConvexConstants.PRECISION_30)) /
denominator) / CurveConvexConstants.PRECISION_30
);
}
return (poolExDiff, poolAllocationsLogBps);
}
///
/// NOTE: exchange hop results are used as part of harvest when exchanging CRV/CVX to deposit tokens, xwthrough reward routes
/// @inheritdoc ICurveConvexPeriphery
///
function crvCvxToDepositCcy(
uint256[2] memory inputs
)
public
view
returns (uint256[2] memory, uint256[] memory, uint256[] memory)
{
BasePoolStorage storage $ = _getBasePoolStorage();
BaseConstantsStorage storage c = _getBaseConstantsStorage();
uint8 poolNum = uint8($._crvRewardRoute.length);
bool isEmergencyMode = IFijaStrategy(STRATEGY).emergencyMode();
uint256[] memory crvIntermed = new uint256[](poolNum);
// calculate CRV to deposit currency amount
for (uint8 i = 0; i < poolNum; i++) {
uint256 amount = getExchangeAmount(
$._crvRewardRoute[i].addr,
$._crvRewardRoute[i].from,
$._crvRewardRoute[i].to,
inputs[0]
);
uint256 slippage = c.SLIPPAGE_SWAP;
if (isEmergencyMode) {
slippage = c.SLIPPAGE_EMERGENCY;
}
inputs[0] =
(amount * (BASIS_POINTS_DIVISOR - slippage)) /
BASIS_POINTS_DIVISOR;
if (inputs[0] == 0) {
break;
}
crvIntermed[i] = inputs[0];
}
poolNum = uint8($._cvxRewardRoute.length);
uint256[] memory cvxIntermed = new uint256[](poolNum);
// save intermed exchange values to use for swaps
// calculate CVX to deposit currency amount
for (uint8 i = 0; i < poolNum; i++) {
uint256 amount = getExchangeAmount(
$._cvxRewardRoute[i].addr,
$._cvxRewardRoute[i].from,
$._cvxRewardRoute[i].to,
inputs[1]
);
uint256 slippage = c.SLIPPAGE_SWAP;
if (isEmergencyMode) {
slippage = c.SLIPPAGE_EMERGENCY;
}
inputs[1] =
(amount * (BASIS_POINTS_DIVISOR - slippage)) /
BASIS_POINTS_DIVISOR;
if (inputs[1] == 0) {
break;
}
cvxIntermed[i] = inputs[1];
}
// amount in depositCCy
return ([inputs[0], inputs[1]], crvIntermed, cvxIntermed);
}
///
/// @inheritdoc ICurveConvexPeriphery
///
function needEmergencyMode()
external
view
override(FijaStrategy, ICurveConvexPeriphery)
returns (bool)
{
uint256 depositDec = decimals();
BasePoolStorage storage $ = _getBasePoolStorage();
BasePoolMetaStorage storage $$ = _getBasePoolMetaStorage();
BaseConstantsStorage storage c = _getBaseConstantsStorage();
for (uint8 i = 0; i < POOL_NUM; i++) {
address pool = $._curvePools[i];
uint256 lpTokenInDepositCCy = calcWithdrawOneCoin(
pool,
CurveConvexConstants.PRECISION_18,
$$._poolDepositCcyIndex[pool]
);
// check de-peg
if (c.DE_PEG_CHECK) {
address[8] memory coins = CurveConvexConstants._underlyingCoins(
pool
);
for (uint8 j = 0; j < coins.length; j++) {
if (coins[j] == address(0)) {
break;
}
if (coins[j] != DEPOSIT_CCY) {
int128 coinIndex = CurveConvexConstants._findCoinIndex(
coins,
coins[j]
);
uint256 nonDepositDec = ERC20Upgradeable(coins[j])
.decimals();
uint256 value = calcWithdrawOneCoin(
pool,
CurveConvexConstants.PRECISION_18,
coinIndex
);
value =
(((value * 10 ** depositDec) /
(10 ** nonDepositDec)) * 10000) /
lpTokenInDepositCCy;
// 4 decimals precision
if (
value < (10000 - c.DEPEG_DEVIATION) ||
value > (10000 + c.DEPEG_DEVIATION)
) {
return true;
}
}
}
}
// check low liquidity
uint256 currentPoolExposure = (lpTokenInDepositCCy *
IERC20($$._poolRewardContract[pool]).balanceOf(STRATEGY)) /
CurveConvexConstants.PRECISION_18;
uint256 tvlPoolPerc = (((lpTokenInDepositCCy *
IERC20($$._poolLpToken[pool]).totalSupply()) /
CurveConvexConstants.PRECISION_18) * c.LIQUIDITY_THR_BPS) /
BASIS_POINTS_DIVISOR;
if (currentPoolExposure > tvlPoolPerc) {
return true;
}
}
return false;
}
///
/// @inheritdoc ICurveConvexPeriphery
///
function totalAssets()
public
view
override(FijaStrategy, ICurveConvexPeriphery)
returns (uint256)
{
uint256 emergencyCcyValue = 0;
BasePoolMetaStorage storage $ = _getBasePoolMetaStorage();
BasePoolStorage storage $$ = _getBasePoolStorage();
BaseConstantsStorage storage c = _getBaseConstantsStorage();
if (IFijaStrategy(STRATEGY).emergencyMode()) {
// calculate value in emergencyCCy
emergencyCcyValue = getExchangeAmount(
$$._emergencyPool,
c.EMERGENCY_CCY,
DEPOSIT_CCY,
IERC20(c.EMERGENCY_CCY).balanceOf(STRATEGY)
);
}
uint256 depositCcyValue;
if (DEPOSIT_CCY == ETH) {
depositCcyValue = STRATEGY.balance;
} else {
depositCcyValue = IERC20(DEPOSIT_CCY).balanceOf(STRATEGY);
}
// calculate value of lp tokens
uint256 valueOfLpTokens = 0;
for (uint8 i = 0; i < POOL_NUM; i++) {
address pool = $$._curvePools[i];
valueOfLpTokens += calcWithdrawOneCoin(
pool,
IERC20($._poolRewardContract[pool]).balanceOf(STRATEGY),
$._poolDepositCcyIndex[pool]
);
}
return valueOfLpTokens + emergencyCcyValue + depositCcyValue;
}
///
/// @dev Helper method to calculatee pool yield
/// @param crvInDepositCCy exchange rate CRV/deposit token
/// @param cvxInDepositCcy exchange rate CVX/deposit token
/// @param pool address of pool
/// @return APR of the pool in bps (14 decimals precision)
/// NOTE: APR is sum of CRV reward apr and CVX reward apr
///
function _poolYield(
uint256 crvInDepositCCy,
uint256 cvxInDepositCcy,
address pool
) private view returns (uint256) {
BasePoolMetaStorage storage $ = _getBasePoolMetaStorage();
uint256 lpTokenPriceInDepositCcy = calcWithdrawOneCoin(
pool,
CurveConvexConstants.PRECISION_18,
$._poolDepositCcyIndex[pool]
);
(, uint256[] memory rates) = CurveConvexConstants
.Convex_IApr
.rewardRates($._poolConvexPoolId[pool]);
uint256 crvApr = CurveConvexConstants.Convex_IApr.apr(
rates[0],
crvInDepositCCy,
lpTokenPriceInDepositCcy
);
uint256 cvxApr = CurveConvexConstants.Convex_IApr.apr(
rates[1],
cvxInDepositCcy,
lpTokenPriceInDepositCcy
);
return crvApr + cvxApr;
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
error FijaInvalidPoolCategory();
error FijaEthInputDisbalance();
error FijaEthInputNotFound();
error FijaUnknownPoolForCoins();
error FijaPoolRatingInvalid();
error FijaConvexPoolUnknown();
error FijaCoinIndexNotFound();
error FijaInvalidTargetExposure();
error FijaExceededMaxWithdraw();
error Unauthorized();
<i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity 0.8.28;
interface ICurveConvexPeriphery {
///
/// @dev calculates amount of LP token to receive from the pool based on deposit amount
/// @param pool address providing LP tokens
/// @param depositAmount amount of deposit tokens to provide to pool. Amount is always in deposit tokens.
/// @param isDeposit flag to check is the operation for removing or adding the liquidity
/// @return amount of LP tokens to receive
///
function calcTokenAmount(
address pool,
uint256 depositAmount,
bool isDeposit
) external view returns (uint256);
///
/// @dev calculates amount of token on index i inside the pool to receive when burning LP tokens
/// @param pool address LP token's pool
/// @param burnAmount amount of LP tokens to burn
/// @param i token index in the pool
/// @return amount of token to receive
///
function calcWithdrawOneCoin(
address pool,
uint256 burnAmount,
int128 i
) external view returns (uint256);
///
/// @dev calculates amount to receive when swapping "from" "to"
/// @param pool address of swap pool
/// @param from token address exchanging "from"
/// @param to token address exchanging "to"
/// @param input amount of "from" token to exchange
/// @return amount of "to" token to receive after exchange
///
function getExchangeAmount(
address pool,
address from,
address to,
uint256 input
) external view returns (uint256);
///
/// @dev Calculates pool exposure in deposit tokens, used as a part of rebalancing process
/// @param targetExposure target exposure in deposit tokens
/// @return array of pool exposure difference between current and target exposure in deposit tokens
/// @return pool allocation in bps
///
function exposureDiff(
uint256 targetExposure
) external view returns (int256[8] memory, uint256[] memory);
///
/// @dev Calculates exchange from CRV and CVX amount to deposit tokens amount
/// @param inputs array [CRV amount, CVX amount]
/// @return array [CRV in deposit token amount, CVX in deposit token amount]
/// @return array which stores results of each exchange hop from CRV to target deposit token
/// @return array which stores results of each exchange hop from CVX to target deposit token
///
function crvCvxToDepositCcy(
uint256[2] memory inputs
)
external
view
returns (uint256[2] memory, uint256[] memory, uint256[] memory);
///
/// @dev Used as supporting method to main strategy contract totalAssets()
/// Includes all assets under strategy management, includes amount deployed in staked LP tokens,
/// emergency mode assets and to be deployed assets
/// @return total amount of assets in deposit tokens
///
function totalAssets() external view returns (uint256);
///
/// @dev Used as supporting method to main strategy contract needEmergencyMode().
/// Checks if there is a need for emergency mode, verifies depeg and low-liquidity conditions
/// @return flag indicating if there is need to go into emergency mode
///
function needEmergencyMode() external view returns (bool);
}