Contract Name:
ShadowSettlement
Contract Source Code:
<i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;
import {ReentrancyGuard} from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
import {Pausable} from "@openzeppelin/contracts/utils/Pausable.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
/**
* @title ShadowSettlement
* @notice Privacy-preserving cross-chain settlement contract (EVM side)
* @dev Bidirectional — acts as SOURCE (commitment storage) and DESTINATION (token release)
*
* ARCHITECTURE:
* - Source side: Relayer batches commitments into Merkle tree for anonymity set
* - Destination side: NEAR 1Click bridges tokens TO this contract via standard
* ERC20 transfer, then relayer verifies delivery and calls settleAndRelease
* - Cross-chain sync: Stores remote chain Merkle roots for auditability
* - Per-user view keys for private tracking (derived from wallet signature)
*
* TOKEN FLOW (when this chain is DESTINATION):
* 1. User initiates swap on source chain → commitment stored in source Merkle tree
* 2. User sends tokens to NEAR 1Click via unique depositAddress
* 3. NEAR 1Click swaps + bridges → tokens arrive at THIS contract via standard ERC20 transfer
* 4. Relayer polls NEAR status API → gets destinationChainTxHashes
* 5. Relayer verifies Transfer event on-chain (correct amount to this contract)
* 6. Relayer calls settleAndRelease(nullifier, recipient, token, amount)
* → Contract verifies nullifier, transfers ERC20 to user
* 7. Relayer calls markSettled(commitment, nullifier) on SOURCE chain contract
*
* TRUST MODEL:
* - Relayer trusted to verify NEAR delivery before releasing (centralized MVP)
* - Relayer cannot double-spend (nullifier prevents)
* - Relayer cannot release more than contract balance (safeTransfer reverts)
* - Owner can pause in emergencies and manage relayers
*
* PRIVACY:
* - View keys are NEVER exposed on-chain or in events
* - NEAR intent IDs stored internally, not publicly queryable
* - Commitment tree position not leaked in events
* - Batch fill level not leaked in events
* - settleAndRelease reveals recipient but NOT linked to source commitment
* (same model as Tornado Cash withdrawals)
*
* COMMITMENT FORMULA (enforced client-side):
* Frontend MUST generate commitments as:
* commitment = keccak256(abi.encodePacked(secret, nullifier, amount, token, destChain))
*
* Including amount, token, and destChain prevents:
* - Cross-swap attacks (same secret can't be reused for different amounts/chains)
* - Commitment reuse across different swap parameters
* - This is the industry standard (Tornado Cash, Aztec, etc.)
*
* Note: Contract does NOT validate the commitment formula (it's a hash).
* Security comes from frontend generating correctly + Merkle proof verification.
*/
contract ShadowSettlement is ReentrancyGuard, Ownable, Pausable {
using SafeERC20 for IERC20;
// ===== STRUCTS =====
/// @dev Internal struct — never returned to external callers with viewKey
struct Intent {
bytes32 commitment;
bytes32 nearIntentsId;
bytes32 viewKey;
uint64 submittedAt;
bool settled;
}
/// @notice Public-safe intent data (no viewKey, no nearIntentsId)
struct IntentPublic {
bytes32 commitment;
uint64 submittedAt;
bool settled;
}
/// @notice Full intent data returned to view key holder
struct IntentDetail {
bytes32 commitment;
bytes32 nearIntentsId;
uint64 submittedAt;
bool settled;
}
/// @notice Remote chain Merkle root snapshot
struct RemoteRootSnapshot {
bytes32 root;
uint256 leafCount;
uint64 syncedAt;
bool verified;
}
// ===== STATE VARIABLES =====
// --- Source side (commitment storage) ---
/// @dev Internal — use getIntent() which strips sensitive fields
mapping(bytes32 => Intent) internal intents;
mapping(bytes32 => bool) public usedNullifiers;
/// @dev Internal — only queryable by providing the correct view key
mapping(bytes32 => bytes32[]) internal viewKeyToCommitments;
uint256 public constant TREE_HEIGHT = 20;
uint256 public nextLeafIndex;
mapping(uint256 => bytes32) internal filledSubtrees;
bytes32 public currentRoot;
bytes32[TREE_HEIGHT] internal zeros;
/// @dev Internal — tree position is privacy-sensitive
mapping(bytes32 => uint256) internal commitmentToIndex;
/// @dev Mapping-based batch avoids gas bomb on delete
mapping(uint256 => bytes32) internal batchCommitments;
mapping(uint256 => bytes32) internal batchNearIntentsIds;
mapping(uint256 => bytes32) internal batchViewKeys;
uint256 public batchCount;
uint64 public batchFirstSubmissionTime;
// --- Cross-chain sync ---
/// @notice Remote chain identifier → root snapshot history
/// @dev chainId examples: "starknet-mainnet", "starknet-sepolia"
mapping(string => RemoteRootSnapshot[]) public remoteRootHistory;
/// @notice Quick lookup: chainId → latest root index
mapping(string => uint256) public latestRemoteRootIndex;
/// @notice Trusted root verifiers (can mark roots as verified)
mapping(address => bool) public rootVerifiers;
// --- Destination side (token release) ---
/// @notice Whitelisted tokens for settlement
mapping(address => bool) public whitelistedTokens;
// --- Config ---
uint256 public batchSize;
uint256 public batchTimeout;
mapping(address => bool) public authorizedRelayers;
// ===== CONSTANTS =====
uint256 public constant MIN_BATCH_SIZE = 1;
uint256 public constant MAX_BATCH_SIZE = 100;
uint256 public constant DEFAULT_BATCH_SIZE = 10;
uint256 public constant DEFAULT_TIMEOUT = 30;
/// @notice Sentinel address representing native ETH (industry standard)
address public constant ETH = 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;
// ===== EVENTS =====
// --- Source side events ---
/// @notice Emits only commitment hash — no tree position, no batch info
event CommitmentAdded(bytes32 indexed commitment);
event BatchProcessed(
uint256 indexed batchId,
uint256 commitmentsCount,
ProcessReason reason
);
event MerkleRootUpdated(bytes32 indexed newRoot);
/// @notice Source-side: commitment marked settled after dest-side release
event IntentMarkedSettled(
bytes32 indexed nullifierHash,
bytes32 indexed commitment,
uint64 timestamp
);
// --- Cross-chain sync events ---
event RemoteRootSynced(
string indexed chainId,
bytes32 indexed root,
uint256 leafCount,
uint256 snapshotIndex
);
event RemoteRootVerified(
string indexed chainId,
uint256 indexed snapshotIndex,
address verifier
);
// --- Destination side events ---
/// @notice Emitted when tokens are released to user
/// @dev recipient is visible but NOT linked to source commitment on-chain
event IntentSettled(
bytes32 indexed intentId,
bytes32 indexed nullifierHash,
address token,
uint256 amount,
uint64 timestamp
);
// --- Admin events ---
event BatchConfigUpdated(uint256 newBatchSize, uint256 newTimeout);
event RelayerStatusChanged(address indexed relayer, bool authorized);
event RootVerifierStatusChanged(address indexed verifier, bool authorized);
event TokenWhitelistUpdated(address indexed token, bool whitelisted);
// ===== ENUMS =====
enum ProcessReason {
BATCH_FULL,
TIMEOUT_REACHED
}
// ===== ERRORS =====
error Unauthorized();
error InvalidBatchSize();
error InvalidTimeout();
error CommitmentExists();
error CommitmentNotFound();
error NullifierUsed();
error BatchEmpty();
error InvalidCommitment();
error TreeFull();
error TimeoutNotReached();
error TokenNotWhitelisted();
error InvalidAmount();
error InvalidRecipient();
error InvalidChainId();
error InvalidRoot();
error RootAlreadyVerified();
error SnapshotNotFound();
error TokenWhitelistUnchanged();
error TransferFailed();
// ===== MODIFIERS =====
modifier onlyRelayer() {
if (!authorizedRelayers[msg.sender]) revert Unauthorized();
_;
}
modifier onlyRootVerifier() {
if (!rootVerifiers[msg.sender]) revert Unauthorized();
_;
}
// ===== CONSTRUCTOR =====
constructor(address _owner, address _initialRelayer) Ownable(_owner) {
authorizedRelayers[_initialRelayer] = true;
rootVerifiers[_initialRelayer] = true;
batchSize = DEFAULT_BATCH_SIZE;
batchTimeout = DEFAULT_TIMEOUT;
zeros[0] = bytes32(0);
for (uint256 i = 1; i < TREE_HEIGHT; i++) {
zeros[i] = _hashPair(zeros[i - 1], zeros[i - 1]);
}
}
/// @notice Accept native ETH — NEAR bridge delivers ETH directly to this contract
receive() external payable {}
/// @notice Reject unknown calls with calldata
fallback() external {
revert("Unknown function");
}
// ==============================================================
// SOURCE SIDE FUNCTIONS
// (when this chain is where the user starts)
// ==============================================================
/**
* @notice Add commitment to pending batch
* @dev Called by relayer when user submits intent via API.
* Commitment is opaque bytes32 generated client-side:
* commitment = Poseidon(secret, nullifier, amount, destChain)
*
* @param commitment Privacy commitment (opaque bytes32 from client)
* @param nearIntentsId NEAR Intents tracking ID (internal, not publicly exposed)
* @param viewKey Optional per-user view key (bytes32(0) to skip)
*/
function addToPendingBatch(
bytes32 commitment,
bytes32 nearIntentsId,
bytes32 viewKey
) external onlyRelayer whenNotPaused {
if (commitment == bytes32(0)) revert InvalidCommitment();
if (intents[commitment].commitment != bytes32(0))
revert CommitmentExists();
if (nextLeafIndex >= (uint256(1) << TREE_HEIGHT)) revert TreeFull();
uint256 count = batchCount;
if (count == 0) {
batchFirstSubmissionTime = uint64(block.timestamp);
}
batchCommitments[count] = commitment;
batchNearIntentsIds[count] = nearIntentsId;
batchViewKeys[count] = viewKey;
batchCount = count + 1;
emit CommitmentAdded(commitment);
if (count + 1 >= batchSize) {
_processBatch(ProcessReason.BATCH_FULL);
}
}
/**
* @notice Process batch if timeout reached
* @dev Anyone can call — ensures liveness even if relayer is slow.
* Processes even single-item batches (liveness > privacy).
*/
function processBatchIfTimeout() external whenNotPaused {
if (batchCount == 0) revert BatchEmpty();
uint256 timeSinceFirst = block.timestamp - batchFirstSubmissionTime;
if (timeSinceFirst < batchTimeout) revert TimeoutNotReached();
_processBatch(ProcessReason.TIMEOUT_REACHED);
}
/**
* @notice Internal batch processing
* @dev Registers all pending commitments in Merkle tree.
* View key mapping is written here
* to ensure Intent struct exists before viewKey queries work.
*/
function _processBatch(ProcessReason reason) internal {
uint256 count = batchCount;
if (count == 0) revert BatchEmpty();
for (uint256 i = 0; i < count; i++) {
bytes32 commitment = batchCommitments[i];
bytes32 nearIntentsId = batchNearIntentsIds[i];
bytes32 viewKey = batchViewKeys[i];
intents[commitment] = Intent({
commitment: commitment,
nearIntentsId: nearIntentsId,
viewKey: viewKey,
submittedAt: uint64(block.timestamp),
settled: false
});
_insertCommitment(commitment);
if (viewKey != bytes32(0)) {
viewKeyToCommitments[viewKey].push(commitment);
}
}
emit BatchProcessed(nextLeafIndex, count, reason);
emit MerkleRootUpdated(currentRoot);
batchCount = 0;
}
/**
* @notice Mark a source-side commitment as settled
* @dev Called by relayer AFTER tokens were released on the destination chain.
* This updates the source-side intent status so view key queries
* reflect the completed settlement. Runs on the chain where the
* commitment was originally stored (source chain).
*
* Flow: settleAndRelease (dest) → relayer confirms → markSettled (source)
*
* @param commitment Intent commitment (must exist in this contract's tree)
* @param nullifierHash Hash of nullifier (prevents double-marking)
*/
function markSettled(
bytes32 commitment,
bytes32 nullifierHash
) external onlyRelayer whenNotPaused {
Intent storage intent = intents[commitment];
if (intent.commitment == bytes32(0)) revert CommitmentNotFound();
if (usedNullifiers[nullifierHash]) revert NullifierUsed();
intent.settled = true;
usedNullifiers[nullifierHash] = true;
emit IntentMarkedSettled(
nullifierHash,
commitment,
uint64(block.timestamp)
);
}
// ==============================================================
// CROSS-CHAIN SYNC FUNCTIONS
// ==============================================================
/**
* @notice Sync Merkle root from remote chain (e.g., StarkNet)
* @dev Called by relayer to store remote chain state for auditability.
* Enables cross-verification that commitments exist on both chains.
*
* @param chainId Remote chain identifier (e.g., "starknet-mainnet")
* @param root Merkle root from remote chain
* @param leafCount Number of commitments in remote tree at time of sync
*/
function syncMerkleRoot(
string calldata chainId,
bytes32 root,
uint256 leafCount
) external onlyRelayer whenNotPaused {
if (bytes(chainId).length == 0) revert InvalidChainId();
if (root == bytes32(0)) revert InvalidRoot();
if (leafCount == 0) revert InvalidAmount();
RemoteRootSnapshot memory snapshot = RemoteRootSnapshot({
root: root,
leafCount: leafCount,
syncedAt: uint64(block.timestamp),
verified: false
});
remoteRootHistory[chainId].push(snapshot);
uint256 newIndex = remoteRootHistory[chainId].length - 1;
latestRemoteRootIndex[chainId] = newIndex;
emit RemoteRootSynced(chainId, root, leafCount, newIndex);
}
/**
* @notice Mark a synced root as verified
* @dev Called by trusted verifier (could be oracle, bridge, or multi-sig).
* Once verified, root is considered authoritative.
*
* @param chainId Remote chain identifier
* @param snapshotIndex Index in remoteRootHistory array
*/
function verifyRemoteRoot(
string calldata chainId,
uint256 snapshotIndex
) external onlyRootVerifier whenNotPaused {
RemoteRootSnapshot[] storage snapshots = remoteRootHistory[chainId];
if (snapshotIndex >= snapshots.length) revert SnapshotNotFound();
RemoteRootSnapshot storage snapshot = snapshots[snapshotIndex];
if (snapshot.verified) revert RootAlreadyVerified();
snapshot.verified = true;
emit RemoteRootVerified(chainId, snapshotIndex, msg.sender);
}
// ==============================================================
// DESTINATION SIDE FUNCTIONS
// (when this chain is where the user receives)
// ==============================================================
/**
* @notice Release tokens to user after NEAR bridge delivery is verified
* @dev Called by relayer after confirming token arrival via:
* 1. Poll NEAR status API → get destinationChainTxHashes
* 2. Verify Transfer event on-chain (amount + recipient = this contract)
* 3. Call this function to release tokens to user
*
* No on-chain deposit tracking — tokens arrive via standard ERC20
* transfer from NEAR 1Click bridge infrastructure. Relayer verifies
* the exact amount off-chain before calling.
*
* PRIVACY:
* - recipient address visible on-chain in this call
* - NOT linked to any source-chain commitment on-chain
* - Link exists only in relayer's off-chain DB
* - Same model as Tornado Cash withdrawals
*
* @param nullifierHash Hash of nullifier (prevents double-settlement)
* @param recipient User's destination address on this chain
* @param token ERC20 token to release
* @param amount Amount to release (verified by relayer against NEAR status)
*/
function settleAndRelease(
bytes32 intentId,
bytes32 nullifierHash,
address recipient,
address token,
uint256 amount
) external onlyRelayer nonReentrant whenNotPaused {
if (usedNullifiers[nullifierHash]) revert NullifierUsed();
if (recipient == address(0)) revert InvalidRecipient();
if (!whitelistedTokens[token]) revert TokenNotWhitelisted();
if (amount == 0) revert InvalidAmount();
usedNullifiers[nullifierHash] = true;
if (token == ETH) {
(bool ok, ) = payable(recipient).call{value: amount}("");
if (!ok) revert TransferFailed();
} else {
IERC20(token).safeTransfer(recipient, amount);
}
emit IntentSettled(
intentId,
nullifierHash,
token,
amount,
uint64(block.timestamp)
);
}
// ===== MERKLE TREE FUNCTIONS =====
/**
* @notice Insert commitment into incremental Merkle tree
* @dev Relayer replicates this logic off-chain for proof generation.
* Uses sorted hashing to prevent sibling-position leaks.
*/
function _insertCommitment(bytes32 commitment) internal {
uint256 index = nextLeafIndex;
commitmentToIndex[commitment] = index;
nextLeafIndex++;
bytes32 currentHash = commitment;
bytes32 left;
bytes32 right;
for (uint256 height = 0; height < TREE_HEIGHT; height++) {
if (index & 1 == 0) {
left = currentHash;
right = zeros[height];
filledSubtrees[height] = currentHash;
} else {
left = filledSubtrees[height];
right = currentHash;
}
currentHash = _hashPair(left, right);
index >>= 1;
}
currentRoot = currentHash;
}
function getMerkleRoot() external view returns (bytes32) {
return currentRoot;
}
/**
* @notice Hash pair of nodes with deterministic ordering
* @dev Sorted to prevent sibling-position information leaks
*/
function _hashPair(bytes32 a, bytes32 b) internal pure returns (bytes32) {
return
a < b
? keccak256(abi.encodePacked(a, b))
: keccak256(abi.encodePacked(b, a));
}
// ===== VIEW KEY FUNCTIONS =====
/**
* @notice Get intents for a view key with pagination (full details)
* @dev View key IS the auth — if you have it, you see everything.
* Returns empty array if view key has no intents (prevents existence probing).
* Compliance responsibility lies with the user via their view key.
*
* @param viewKey Per-user view key (derived from wallet signature client-side)
* @param offset Start index (0-based)
* @param limit Max results to return (0 = all from offset)
* @return userIntents Array of intent details for the requested page
* @return total Total number of intents for this view key
*/
function getIntentsByViewKey(
bytes32 viewKey,
uint256 offset,
uint256 limit
) external view returns (IntentDetail[] memory userIntents, uint256 total) {
bytes32[] storage commitments = viewKeyToCommitments[viewKey];
total = commitments.length;
if (total == 0 || offset >= total) {
userIntents = new IntentDetail[](0);
return (userIntents, total);
}
uint256 remaining = total - offset;
uint256 count = (limit == 0 || limit > remaining) ? remaining : limit;
userIntents = new IntentDetail[](count);
for (uint256 i = 0; i < count; i++) {
Intent storage intent = intents[commitments[offset + i]];
userIntents[i] = IntentDetail({
commitment: intent.commitment,
nearIntentsId: intent.nearIntentsId,
submittedAt: intent.submittedAt,
settled: intent.settled
});
}
return (userIntents, total);
}
// ===== PUBLIC VIEW FUNCTIONS =====
function getIntent(
bytes32 commitment
) external view returns (IntentPublic memory info) {
Intent storage intent = intents[commitment];
if (intent.commitment == bytes32(0)) revert CommitmentNotFound();
info = IntentPublic({
commitment: intent.commitment,
submittedAt: intent.submittedAt,
settled: intent.settled
});
}
function commitmentExists(
bytes32 commitment
) external view returns (bool exists) {
return intents[commitment].commitment != bytes32(0);
}
function isNullifierUsed(bytes32 nullifier) external view returns (bool) {
return usedNullifiers[nullifier];
}
function getPendingBatchInfo()
external
view
returns (
uint256 count,
uint64 firstSubmissionTime,
uint256 timeRemaining
)
{
count = batchCount;
firstSubmissionTime = batchFirstSubmissionTime;
if (count > 0) {
uint256 elapsed = block.timestamp - firstSubmissionTime;
timeRemaining = elapsed >= batchTimeout
? 0
: batchTimeout - elapsed;
}
}
function isRelayerAuthorized(address relayer) external view returns (bool) {
return authorizedRelayers[relayer];
}
function isRootVerifier(address verifier) external view returns (bool) {
return rootVerifiers[verifier];
}
function getLatestRemoteRoot(
string calldata chainId
) external view returns (RemoteRootSnapshot memory snapshot) {
RemoteRootSnapshot[] storage snapshots = remoteRootHistory[chainId];
if (snapshots.length == 0) revert SnapshotNotFound();
return snapshots[latestRemoteRootIndex[chainId]];
}
function getLatestVerifiedRemoteRoot(
string calldata chainId
) external view returns (RemoteRootSnapshot memory snapshot, uint256 index) {
RemoteRootSnapshot[] storage snapshots = remoteRootHistory[chainId];
if (snapshots.length == 0) revert SnapshotNotFound();
for (uint256 i = snapshots.length; i > 0; i--) {
if (snapshots[i - 1].verified) {
return (snapshots[i - 1], i - 1);
}
}
revert SnapshotNotFound();
}
function getRemoteRootSnapshot(
string calldata chainId,
uint256 snapshotIndex
) external view returns (RemoteRootSnapshot memory snapshot) {
RemoteRootSnapshot[] storage snapshots = remoteRootHistory[chainId];
if (snapshotIndex >= snapshots.length) revert SnapshotNotFound();
return snapshots[snapshotIndex];
}
function getRemoteRootCount(
string calldata chainId
) external view returns (uint256 count) {
return remoteRootHistory[chainId].length;
}
// ===== ADMIN FUNCTIONS =====
function updateBatchConfig(
uint256 newBatchSize,
uint256 newTimeout
) external onlyOwner {
if (newBatchSize < MIN_BATCH_SIZE || newBatchSize > MAX_BATCH_SIZE) {
revert InvalidBatchSize();
}
if (newTimeout == 0) revert InvalidTimeout();
batchSize = newBatchSize;
batchTimeout = newTimeout;
emit BatchConfigUpdated(newBatchSize, newTimeout);
}
function setRelayerStatus(
address relayer,
bool authorized
) external onlyOwner {
authorizedRelayers[relayer] = authorized;
emit RelayerStatusChanged(relayer, authorized);
}
function setRootVerifierStatus(
address verifier,
bool authorized
) external onlyOwner {
rootVerifiers[verifier] = authorized;
emit RootVerifierStatusChanged(verifier, authorized);
}
/**
* @notice Whitelist or delist a token for settlement
* @param token ERC20 token address
* @param whitelisted True to whitelist, false to delist
*/
function setTokenWhitelist(
address token,
bool whitelisted
) external onlyOwner {
if (whitelistedTokens[token] == whitelisted) revert TokenWhitelistUnchanged();
whitelistedTokens[token] = whitelisted;
emit TokenWhitelistUpdated(token, whitelisted);
}
/**
* @notice Emergency rescue stuck tokens
* @dev Only callable by owner. For recovering tokens from failed NEAR
* bridge transfers or tokens sent to contract by mistake.
*
* @param token ERC20 token address
* @param to Recipient address
* @param amount Amount to rescue
*/
function rescueTokens(
address token,
address to,
uint256 amount
) external onlyOwner {
if (token == ETH) {
(bool ok, ) = payable(to).call{value: amount}("");
if (!ok) revert TransferFailed();
} else {
IERC20(token).safeTransfer(to, amount);
}
}
function pause() external onlyOwner {
_pause();
}
function unpause() external onlyOwner {
_unpause();
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (utils/ReentrancyGuard.sol)
pragma solidity ^0.8.20;
import {StorageSlot} from "./StorageSlot.sol";
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If EIP-1153 (transient storage) is available on the chain you're deploying at,
* consider using {ReentrancyGuardTransient} instead.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*
* IMPORTANT: Deprecated. This storage-based reentrancy guard will be removed and replaced
* by the {ReentrancyGuardTransient} variant in v6.0.
*
* @custom:stateless
*/
abstract contract ReentrancyGuard {
using StorageSlot for bytes32;
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.ReentrancyGuard")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant REENTRANCY_GUARD_STORAGE =
0x9b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f00;
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant NOT_ENTERED = 1;
uint256 private constant ENTERED = 2;
/**
* @dev Unauthorized reentrant call.
*/
error ReentrancyGuardReentrantCall();
constructor() {
_reentrancyGuardStorageSlot().getUint256Slot().value = NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
/**
* @dev A `view` only version of {nonReentrant}. Use to block view functions
* from being called, preventing reading from inconsistent contract state.
*
* CAUTION: This is a "view" modifier and does not change the reentrancy
* status. Use it only on view functions. For payable or non-payable functions,
* use the standard {nonReentrant} modifier instead.
*/
modifier nonReentrantView() {
_nonReentrantBeforeView();
_;
}
function _nonReentrantBeforeView() private view {
if (_reentrancyGuardEntered()) {
revert ReentrancyGuardReentrantCall();
}
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be NOT_ENTERED
_nonReentrantBeforeView();
// Any calls to nonReentrant after this point will fail
_reentrancyGuardStorageSlot().getUint256Slot().value = ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_reentrancyGuardStorageSlot().getUint256Slot().value = NOT_ENTERED;
}
/**
* @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
* `nonReentrant` function in the call stack.
*/
function _reentrancyGuardEntered() internal view returns (bool) {
return _reentrancyGuardStorageSlot().getUint256Slot().value == ENTERED;
}
function _reentrancyGuardStorageSlot() internal pure virtual returns (bytes32) {
return REENTRANCY_GUARD_STORAGE;
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)
pragma solidity ^0.8.20;
import {Context} from "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* The initial owner is set to the address provided by the deployer. This can
* later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
/**
* @dev The caller account is not authorized to perform an operation.
*/
error OwnableUnauthorizedAccount(address account);
/**
* @dev The owner is not a valid owner account. (eg. `address(0)`)
*/
error OwnableInvalidOwner(address owner);
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the address provided by the deployer as the initial owner.
*/
constructor(address initialOwner) {
if (initialOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(initialOwner);
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
if (owner() != _msgSender()) {
revert OwnableUnauthorizedAccount(_msgSender());
}
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
if (newOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (utils/Pausable.sol)
pragma solidity ^0.8.20;
import {Context} from "../utils/Context.sol";
/**
* @dev Contract module which allows children to implement an emergency stop
* mechanism that can be triggered by an authorized account.
*
* This module is used through inheritance. It will make available the
* modifiers `whenNotPaused` and `whenPaused`, which can be applied to
* the functions of your contract. Note that they will not be pausable by
* simply including this module, only once the modifiers are put in place.
*/
abstract contract Pausable is Context {
bool private _paused;
/**
* @dev Emitted when the pause is triggered by `account`.
*/
event Paused(address account);
/**
* @dev Emitted when the pause is lifted by `account`.
*/
event Unpaused(address account);
/**
* @dev The operation failed because the contract is paused.
*/
error EnforcedPause();
/**
* @dev The operation failed because the contract is not paused.
*/
error ExpectedPause();
/**
* @dev Modifier to make a function callable only when the contract is not paused.
*
* Requirements:
*
* - The contract must not be paused.
*/
modifier whenNotPaused() {
_requireNotPaused();
_;
}
/**
* @dev Modifier to make a function callable only when the contract is paused.
*
* Requirements:
*
* - The contract must be paused.
*/
modifier whenPaused() {
_requirePaused();
_;
}
/**
* @dev Returns true if the contract is paused, and false otherwise.
*/
function paused() public view virtual returns (bool) {
return _paused;
}
/**
* @dev Throws if the contract is paused.
*/
function _requireNotPaused() internal view virtual {
if (paused()) {
revert EnforcedPause();
}
}
/**
* @dev Throws if the contract is not paused.
*/
function _requirePaused() internal view virtual {
if (!paused()) {
revert ExpectedPause();
}
}
/**
* @dev Triggers stopped state.
*
* Requirements:
*
* - The contract must not be paused.
*/
function _pause() internal virtual whenNotPaused {
_paused = true;
emit Paused(_msgSender());
}
/**
* @dev Returns to normal state.
*
* Requirements:
*
* - The contract must be paused.
*/
function _unpause() internal virtual whenPaused {
_paused = false;
emit Unpaused(_msgSender());
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (token/ERC20/IERC20.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-20 standard as defined in the ERC.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
import {IERC1363} from "../../../interfaces/IERC1363.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC-20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
/**
* @dev An operation with an ERC-20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
if (!_safeTransfer(token, to, value, true)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
if (!_safeTransferFrom(token, from, to, value, true)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Variant of {safeTransfer} that returns a bool instead of reverting if the operation is not successful.
*/
function trySafeTransfer(IERC20 token, address to, uint256 value) internal returns (bool) {
return _safeTransfer(token, to, value, false);
}
/**
* @dev Variant of {safeTransferFrom} that returns a bool instead of reverting if the operation is not successful.
*/
function trySafeTransferFrom(IERC20 token, address from, address to, uint256 value) internal returns (bool) {
return _safeTransferFrom(token, from, to, value, false);
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*
* NOTE: If the token implements ERC-7674, this function will not modify any temporary allowance. This function
* only sets the "standard" allowance. Any temporary allowance will remain active, in addition to the value being
* set here.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
if (!_safeApprove(token, spender, value, false)) {
if (!_safeApprove(token, spender, 0, true)) revert SafeERC20FailedOperation(address(token));
if (!_safeApprove(token, spender, value, true)) revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} transferAndCall, with a fallback to the simple {ERC20} transfer if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that relies on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
safeTransfer(token, to, value);
} else if (!token.transferAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} transferFromAndCall, with a fallback to the simple {ERC20} transferFrom if the target
* has no code. This can be used to implement an {ERC721}-like safe transfer that relies on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferFromAndCallRelaxed(
IERC1363 token,
address from,
address to,
uint256 value,
bytes memory data
) internal {
if (to.code.length == 0) {
safeTransferFrom(token, from, to, value);
} else if (!token.transferFromAndCall(from, to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} approveAndCall, with a fallback to the simple {ERC20} approve if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* NOTE: When the recipient address (`to`) has no code (i.e. is an EOA), this function behaves as {forceApprove}.
* Oppositely, when the recipient address (`to`) has code, this function only attempts to call {ERC1363-approveAndCall}
* once without retrying, and relies on the returned value to be true.
*
* Reverts if the returned value is other than `true`.
*/
function approveAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
forceApprove(token, to, value);
} else if (!token.approveAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity `token.transfer(to, value)` call, relaxing the requirement on the return value: the
* return value is optional (but if data is returned, it must not be false).
*
* @param token The token targeted by the call.
* @param to The recipient of the tokens
* @param value The amount of token to transfer
* @param bubble Behavior switch if the transfer call reverts: bubble the revert reason or return a false boolean.
*/
function _safeTransfer(IERC20 token, address to, uint256 value, bool bubble) private returns (bool success) {
bytes4 selector = IERC20.transfer.selector;
assembly ("memory-safe") {
let fmp := mload(0x40)
mstore(0x00, selector)
mstore(0x04, and(to, shr(96, not(0))))
mstore(0x24, value)
success := call(gas(), token, 0, 0x00, 0x44, 0x00, 0x20)
// if call success and return is true, all is good.
// otherwise (not success or return is not true), we need to perform further checks
if iszero(and(success, eq(mload(0x00), 1))) {
// if the call was a failure and bubble is enabled, bubble the error
if and(iszero(success), bubble) {
returndatacopy(fmp, 0x00, returndatasize())
revert(fmp, returndatasize())
}
// if the return value is not true, then the call is only successful if:
// - the token address has code
// - the returndata is empty
success := and(success, and(iszero(returndatasize()), gt(extcodesize(token), 0)))
}
mstore(0x40, fmp)
}
}
/**
* @dev Imitates a Solidity `token.transferFrom(from, to, value)` call, relaxing the requirement on the return
* value: the return value is optional (but if data is returned, it must not be false).
*
* @param token The token targeted by the call.
* @param from The sender of the tokens
* @param to The recipient of the tokens
* @param value The amount of token to transfer
* @param bubble Behavior switch if the transfer call reverts: bubble the revert reason or return a false boolean.
*/
function _safeTransferFrom(
IERC20 token,
address from,
address to,
uint256 value,
bool bubble
) private returns (bool success) {
bytes4 selector = IERC20.transferFrom.selector;
assembly ("memory-safe") {
let fmp := mload(0x40)
mstore(0x00, selector)
mstore(0x04, and(from, shr(96, not(0))))
mstore(0x24, and(to, shr(96, not(0))))
mstore(0x44, value)
success := call(gas(), token, 0, 0x00, 0x64, 0x00, 0x20)
// if call success and return is true, all is good.
// otherwise (not success or return is not true), we need to perform further checks
if iszero(and(success, eq(mload(0x00), 1))) {
// if the call was a failure and bubble is enabled, bubble the error
if and(iszero(success), bubble) {
returndatacopy(fmp, 0x00, returndatasize())
revert(fmp, returndatasize())
}
// if the return value is not true, then the call is only successful if:
// - the token address has code
// - the returndata is empty
success := and(success, and(iszero(returndatasize()), gt(extcodesize(token), 0)))
}
mstore(0x40, fmp)
mstore(0x60, 0)
}
}
/**
* @dev Imitates a Solidity `token.approve(spender, value)` call, relaxing the requirement on the return value:
* the return value is optional (but if data is returned, it must not be false).
*
* @param token The token targeted by the call.
* @param spender The spender of the tokens
* @param value The amount of token to transfer
* @param bubble Behavior switch if the transfer call reverts: bubble the revert reason or return a false boolean.
*/
function _safeApprove(IERC20 token, address spender, uint256 value, bool bubble) private returns (bool success) {
bytes4 selector = IERC20.approve.selector;
assembly ("memory-safe") {
let fmp := mload(0x40)
mstore(0x00, selector)
mstore(0x04, and(spender, shr(96, not(0))))
mstore(0x24, value)
success := call(gas(), token, 0, 0x00, 0x44, 0x00, 0x20)
// if call success and return is true, all is good.
// otherwise (not success or return is not true), we need to perform further checks
if iszero(and(success, eq(mload(0x00), 1))) {
// if the call was a failure and bubble is enabled, bubble the error
if and(iszero(success), bubble) {
returndatacopy(fmp, 0x00, returndatasize())
revert(fmp, returndatasize())
}
// if the return value is not true, then the call is only successful if:
// - the token address has code
// - the returndata is empty
success := and(success, and(iszero(returndatasize()), gt(extcodesize(token), 0)))
}
mstore(0x40, fmp)
}
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/StorageSlot.sol)
// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.
pragma solidity ^0.8.20;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC-1967 implementation slot:
* ```solidity
* contract ERC1967 {
* // Define the slot. Alternatively, use the SlotDerivation library to derive the slot.
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(newImplementation.code.length > 0);
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* TIP: Consider using this library along with {SlotDerivation}.
*/
library StorageSlot {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
struct Int256Slot {
int256 value;
}
struct StringSlot {
string value;
}
struct BytesSlot {
bytes value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns a `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns a `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns a `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns a `Int256Slot` with member `value` located at `slot`.
*/
function getInt256Slot(bytes32 slot) internal pure returns (Int256Slot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns a `StringSlot` with member `value` located at `slot`.
*/
function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` representation of the string storage pointer `store`.
*/
function getStringSlot(string storage store) internal pure returns (StringSlot storage r) {
assembly ("memory-safe") {
r.slot := store.slot
}
}
/**
* @dev Returns a `BytesSlot` with member `value` located at `slot`.
*/
function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) {
assembly ("memory-safe") {
r.slot := slot
}
}
/**
* @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.
*/
function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) {
assembly ("memory-safe") {
r.slot := store.slot
}
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC1363.sol)
pragma solidity >=0.6.2;
import {IERC20} from "./IERC20.sol";
import {IERC165} from "./IERC165.sol";
/**
* @title IERC1363
* @dev Interface of the ERC-1363 standard as defined in the https://eips.ethereum.org/EIPS/eip-1363[ERC-1363].
*
* Defines an extension interface for ERC-20 tokens that supports executing code on a recipient contract
* after `transfer` or `transferFrom`, or code on a spender contract after `approve`, in a single transaction.
*/
interface IERC1363 is IERC20, IERC165 {
/*
* Note: the ERC-165 identifier for this interface is 0xb0202a11.
* 0xb0202a11 ===
* bytes4(keccak256('transferAndCall(address,uint256)')) ^
* bytes4(keccak256('transferAndCall(address,uint256,bytes)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256,bytes)')) ^
* bytes4(keccak256('approveAndCall(address,uint256)')) ^
* bytes4(keccak256('approveAndCall(address,uint256,bytes)'))
*/
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @param data Additional data with no specified format, sent in call to `spender`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value, bytes calldata data) external returns (bool);
} <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC20.sol)
pragma solidity >=0.4.16;
import {IERC20} from "../token/ERC20/IERC20.sol"; <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC165.sol)
pragma solidity >=0.4.16;
import {IERC165} from "../utils/introspection/IERC165.sol"; <i class='far fa-question-circle text-muted ms-2' data-bs-trigger='hover' data-bs-toggle='tooltip' data-bs-html='true' data-bs-title='Click on the check box to select individual contract to compare. Only 1 contract can be selected from each side.'></i>
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (utils/introspection/IERC165.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[ERC].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}