Transaction Hash:
Block:
11520630 at Dec-25-2020 04:34:55 AM +UTC
Transaction Fee:
0.0052374608 ETH
$11.88
Gas Used:
91,564 Gas / 57.2 Gwei
Emitted Events:
| 273 |
Pool.Unbond( account=[Sender] 0xc805ffbbaa991ae30ce0c71c012ebdbc0d4e646e, start=351, value=6353282708947901, newClaimable=4763153963850727444537 )
|
Account State Difference:
| Address | Before | After | State Difference | ||
|---|---|---|---|---|---|
| 0x70A87e1b...c7521C70f | |||||
| 0xC805fFbb...C0D4e646E |
4.912228473177028945 Eth
Nonce: 50
|
4.906991012377028945 Eth
Nonce: 51
| 0.0052374608 | ||
|
0xEA674fdD...16B898ec8
Miner
| (Ethermine) | 835.503641887653738925 Eth | 835.508879348453738925 Eth | 0.0052374608 |
Execution Trace
Pool.unbond( value=6353282708947901 )
Root.STATICCALL( )
-
Implementation.DELEGATECALL( )
-
-
Dollar.balanceOf( account=0x70A87e1b97436D2F194B8B9EBF337bFc7521C70f ) => ( 35185199591857222799543662 )
-
UniswapV2Pair.balanceOf( 0x70A87e1b97436D2F194B8B9EBF337bFc7521C70f ) => ( 19549790089112895085 )
- Root.STATICCALL( )
-
Implementation.DELEGATECALL( )
-
unbond[Pool (ln:2494)]
unfreeze[Pool (ln:2495)]balanceOfBonded[Pool (ln:2497)]that[Pool (ln:2498)]revert[Require (ln:951)]stringifyTruncated[Require (ln:954)]stringifyTruncated[Require (ln:956)]
div[Pool (ln:2504)]mul[Pool (ln:2504)]balanceOfRewarded[Pool (ln:2504)]div[Pool (ln:2505)]mul[Pool (ln:2505)]balanceOfPhantom[Pool (ln:2505)]incrementBalanceOfStaged[Pool (ln:2507)]incrementBalanceOfClaimable[Pool (ln:2508)]decrementBalanceOfBonded[Pool (ln:2509)]decrementBalanceOfPhantom[Pool (ln:2510)]balanceCheck[Pool (ln:2512)]that[Pool (ln:2559)]revert[Require (ln:951)]stringifyTruncated[Require (ln:954)]stringifyTruncated[Require (ln:956)]
balanceOf[Pool (ln:2560)]univ2[Pool (ln:2560)]add[Pool (ln:2560)]totalStaged[Pool (ln:2560)]totalBonded[Pool (ln:2560)]
Unbond[Pool (ln:2514)]add[Pool (ln:2514)]epoch[Pool (ln:2514)]
File 1 of 5: Pool
File 2 of 5: Root
File 3 of 5: Implementation
File 4 of 5: Dollar
File 5 of 5: UniswapV2Pair
/**
*Submitted for verification at Etherscan.io on 2020-11-28
*/
pragma solidity ^0.5.17;
pragma experimental ABIEncoderV2;
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*
* _Available since v2.4.0._
*/
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
// Solidity only automatically asserts when dividing by 0
require(b > 0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b != 0, errorMessage);
return a % b;
}
}
/*
Copyright 2019 dYdX Trading Inc.
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
/**
* @title Decimal
* @author dYdX
*
* Library that defines a fixed-point number with 18 decimal places.
*/
library Decimal {
using SafeMath for uint256;
// ============ Constants ============
uint256 constant BASE = 10**18;
// ============ Structs ============
struct D256 {
uint256 value;
}
// ============ Static Functions ============
function zero()
internal
pure
returns (D256 memory)
{
return D256({ value: 0 });
}
function one()
internal
pure
returns (D256 memory)
{
return D256({ value: BASE });
}
function from(
uint256 a
)
internal
pure
returns (D256 memory)
{
return D256({ value: a.mul(BASE) });
}
function ratio(
uint256 a,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: getPartial(a, BASE, b) });
}
// ============ Self Functions ============
function add(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.add(b.mul(BASE)) });
}
function sub(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.sub(b.mul(BASE)) });
}
function sub(
D256 memory self,
uint256 b,
string memory reason
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.sub(b.mul(BASE), reason) });
}
function mul(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.mul(b) });
}
function div(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.div(b) });
}
function pow(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
if (b == 0) {
return from(1);
}
D256 memory temp = D256({ value: self.value });
for (uint256 i = 1; i < b; i++) {
temp = mul(temp, self);
}
return temp;
}
function add(
D256 memory self,
D256 memory b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.add(b.value) });
}
function sub(
D256 memory self,
D256 memory b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.sub(b.value) });
}
function sub(
D256 memory self,
D256 memory b,
string memory reason
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.sub(b.value, reason) });
}
function mul(
D256 memory self,
D256 memory b
)
internal
pure
returns (D256 memory)
{
return D256({ value: getPartial(self.value, b.value, BASE) });
}
function div(
D256 memory self,
D256 memory b
)
internal
pure
returns (D256 memory)
{
return D256({ value: getPartial(self.value, BASE, b.value) });
}
function equals(D256 memory self, D256 memory b) internal pure returns (bool) {
return self.value == b.value;
}
function greaterThan(D256 memory self, D256 memory b) internal pure returns (bool) {
return compareTo(self, b) == 2;
}
function lessThan(D256 memory self, D256 memory b) internal pure returns (bool) {
return compareTo(self, b) == 0;
}
function greaterThanOrEqualTo(D256 memory self, D256 memory b) internal pure returns (bool) {
return compareTo(self, b) > 0;
}
function lessThanOrEqualTo(D256 memory self, D256 memory b) internal pure returns (bool) {
return compareTo(self, b) < 2;
}
function isZero(D256 memory self) internal pure returns (bool) {
return self.value == 0;
}
function asUint256(D256 memory self) internal pure returns (uint256) {
return self.value.div(BASE);
}
// ============ Core Methods ============
function getPartial(
uint256 target,
uint256 numerator,
uint256 denominator
)
private
pure
returns (uint256)
{
return target.mul(numerator).div(denominator);
}
function compareTo(
D256 memory a,
D256 memory b
)
private
pure
returns (uint256)
{
if (a.value == b.value) {
return 1;
}
return a.value > b.value ? 2 : 0;
}
}
/*
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with GSN meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
contract Context {
// Empty internal constructor, to prevent people from mistakenly deploying
// an instance of this contract, which should be used via inheritance.
constructor () internal { }
// solhint-disable-previous-line no-empty-blocks
function _msgSender() internal view returns (address payable) {
return msg.sender;
}
function _msgData() internal view returns (bytes memory) {
this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691
return msg.data;
}
}
/**
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include
* the optional functions; to access them see {ERC20Detailed}.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20Mintable}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20 is Context, IERC20 {
using SafeMath for uint256;
mapping (address => uint256) private _balances;
mapping (address => mapping (address => uint256)) private _allowances;
uint256 private _totalSupply;
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address recipient, uint256 amount) public returns (bool) {
_transfer(_msgSender(), recipient, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public returns (bool) {
_approve(_msgSender(), spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20};
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
* - the caller must have allowance for `sender`'s tokens of at least
* `amount`.
*/
function transferFrom(address sender, address recipient, uint256 amount) public returns (bool) {
_transfer(sender, recipient, amount);
_approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public returns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].add(addedValue));
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public returns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].sub(subtractedValue, "ERC20: decreased allowance below zero"));
return true;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/
function _transfer(address sender, address recipient, uint256 amount) internal {
require(sender != address(0), "ERC20: transfer from the zero address");
require(recipient != address(0), "ERC20: transfer to the zero address");
_balances[sender] = _balances[sender].sub(amount, "ERC20: transfer amount exceeds balance");
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements
*
* - `to` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal {
require(account != address(0), "ERC20: mint to the zero address");
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal {
require(account != address(0), "ERC20: burn from the zero address");
_balances[account] = _balances[account].sub(amount, "ERC20: burn amount exceeds balance");
_totalSupply = _totalSupply.sub(amount);
emit Transfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens.
*
* This is internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(address owner, address spender, uint256 amount) internal {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Destroys `amount` tokens from `account`.`amount` is then deducted
* from the caller's allowance.
*
* See {_burn} and {_approve}.
*/
function _burnFrom(address account, uint256 amount) internal {
_burn(account, amount);
_approve(account, _msgSender(), _allowances[account][_msgSender()].sub(amount, "ERC20: burn amount exceeds allowance"));
}
}
/**
* @dev Extension of {ERC20} that allows token holders to destroy both their own
* tokens and those that they have an allowance for, in a way that can be
* recognized off-chain (via event analysis).
*/
contract ERC20Burnable is Context, ERC20 {
/**
* @dev Destroys `amount` tokens from the caller.
*
* See {ERC20-_burn}.
*/
function burn(uint256 amount) public {
_burn(_msgSender(), amount);
}
/**
* @dev See {ERC20-_burnFrom}.
*/
function burnFrom(address account, uint256 amount) public {
_burnFrom(account, amount);
}
}
/**
* @dev Optional functions from the ERC20 standard.
*/
contract ERC20Detailed is IERC20 {
string private _name;
string private _symbol;
uint8 private _decimals;
/**
* @dev Sets the values for `name`, `symbol`, and `decimals`. All three of
* these values are immutable: they can only be set once during
* construction.
*/
constructor (string memory name, string memory symbol, uint8 decimals) public {
_name = name;
_symbol = symbol;
_decimals = decimals;
}
/**
* @dev Returns the name of the token.
*/
function name() public view returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5,05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view returns (uint8) {
return _decimals;
}
}
/**
* @title Roles
* @dev Library for managing addresses assigned to a Role.
*/
library Roles {
struct Role {
mapping (address => bool) bearer;
}
/**
* @dev Give an account access to this role.
*/
function add(Role storage role, address account) internal {
require(!has(role, account), "Roles: account already has role");
role.bearer[account] = true;
}
/**
* @dev Remove an account's access to this role.
*/
function remove(Role storage role, address account) internal {
require(has(role, account), "Roles: account does not have role");
role.bearer[account] = false;
}
/**
* @dev Check if an account has this role.
* @return bool
*/
function has(Role storage role, address account) internal view returns (bool) {
require(account != address(0), "Roles: account is the zero address");
return role.bearer[account];
}
}
contract MinterRole is Context {
using Roles for Roles.Role;
event MinterAdded(address indexed account);
event MinterRemoved(address indexed account);
Roles.Role private _minters;
constructor () internal {
_addMinter(_msgSender());
}
modifier onlyMinter() {
require(isMinter(_msgSender()), "MinterRole: caller does not have the Minter role");
_;
}
function isMinter(address account) public view returns (bool) {
return _minters.has(account);
}
function addMinter(address account) public onlyMinter {
_addMinter(account);
}
function renounceMinter() public {
_removeMinter(_msgSender());
}
function _addMinter(address account) internal {
_minters.add(account);
emit MinterAdded(account);
}
function _removeMinter(address account) internal {
_minters.remove(account);
emit MinterRemoved(account);
}
}
/*
Copyright 2019 dYdX Trading Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
/**
* @title Require
* @author dYdX
*
* Stringifies parameters to pretty-print revert messages. Costs more gas than regular require()
*/
library Require {
// ============ Constants ============
uint256 constant ASCII_ZERO = 48; // '0'
uint256 constant ASCII_RELATIVE_ZERO = 87; // 'a' - 10
uint256 constant ASCII_LOWER_EX = 120; // 'x'
bytes2 constant COLON = 0x3a20; // ': '
bytes2 constant COMMA = 0x2c20; // ', '
bytes2 constant LPAREN = 0x203c; // ' <'
byte constant RPAREN = 0x3e; // '>'
uint256 constant FOUR_BIT_MASK = 0xf;
// ============ Library Functions ============
function that(
bool must,
bytes32 file,
bytes32 reason
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason)
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
uint256 payloadA
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
uint256 payloadA,
uint256 payloadB
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
COMMA,
stringify(payloadB),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
address payloadA
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
address payloadA,
uint256 payloadB
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
COMMA,
stringify(payloadB),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
address payloadA,
uint256 payloadB,
uint256 payloadC
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
COMMA,
stringify(payloadB),
COMMA,
stringify(payloadC),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
bytes32 payloadA
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
bytes32 payloadA,
uint256 payloadB,
uint256 payloadC
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
COMMA,
stringify(payloadB),
COMMA,
stringify(payloadC),
RPAREN
)
)
);
}
}
// ============ Private Functions ============
function stringifyTruncated(
bytes32 input
)
private
pure
returns (bytes memory)
{
// put the input bytes into the result
bytes memory result = abi.encodePacked(input);
// determine the length of the input by finding the location of the last non-zero byte
for (uint256 i = 32; i > 0; ) {
// reverse-for-loops with unsigned integer
/* solium-disable-next-line security/no-modify-for-iter-var */
i--;
// find the last non-zero byte in order to determine the length
if (result[i] != 0) {
uint256 length = i + 1;
/* solium-disable-next-line security/no-inline-assembly */
assembly {
mstore(result, length) // r.length = length;
}
return result;
}
}
// all bytes are zero
return new bytes(0);
}
function stringify(
uint256 input
)
private
pure
returns (bytes memory)
{
if (input == 0) {
return "0";
}
// get the final string length
uint256 j = input;
uint256 length;
while (j != 0) {
length++;
j /= 10;
}
// allocate the string
bytes memory bstr = new bytes(length);
// populate the string starting with the least-significant character
j = input;
for (uint256 i = length; i > 0; ) {
// reverse-for-loops with unsigned integer
/* solium-disable-next-line security/no-modify-for-iter-var */
i--;
// take last decimal digit
bstr[i] = byte(uint8(ASCII_ZERO + (j % 10)));
// remove the last decimal digit
j /= 10;
}
return bstr;
}
function stringify(
address input
)
private
pure
returns (bytes memory)
{
uint256 z = uint256(input);
// addresses are "0x" followed by 20 bytes of data which take up 2 characters each
bytes memory result = new bytes(42);
// populate the result with "0x"
result[0] = byte(uint8(ASCII_ZERO));
result[1] = byte(uint8(ASCII_LOWER_EX));
// for each byte (starting from the lowest byte), populate the result with two characters
for (uint256 i = 0; i < 20; i++) {
// each byte takes two characters
uint256 shift = i * 2;
// populate the least-significant character
result[41 - shift] = char(z & FOUR_BIT_MASK);
z = z >> 4;
// populate the most-significant character
result[40 - shift] = char(z & FOUR_BIT_MASK);
z = z >> 4;
}
return result;
}
function stringify(
bytes32 input
)
private
pure
returns (bytes memory)
{
uint256 z = uint256(input);
// bytes32 are "0x" followed by 32 bytes of data which take up 2 characters each
bytes memory result = new bytes(66);
// populate the result with "0x"
result[0] = byte(uint8(ASCII_ZERO));
result[1] = byte(uint8(ASCII_LOWER_EX));
// for each byte (starting from the lowest byte), populate the result with two characters
for (uint256 i = 0; i < 32; i++) {
// each byte takes two characters
uint256 shift = i * 2;
// populate the least-significant character
result[65 - shift] = char(z & FOUR_BIT_MASK);
z = z >> 4;
// populate the most-significant character
result[64 - shift] = char(z & FOUR_BIT_MASK);
z = z >> 4;
}
return result;
}
function char(
uint256 input
)
private
pure
returns (byte)
{
// return ASCII digit (0-9)
if (input < 10) {
return byte(uint8(input + ASCII_ZERO));
}
// return ASCII letter (a-f)
return byte(uint8(input + ASCII_RELATIVE_ZERO));
}
}
/*
Copyright 2019 ZeroEx Intl.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
library LibEIP712 {
// Hash of the EIP712 Domain Separator Schema
// keccak256(abi.encodePacked(
// "EIP712Domain(",
// "string name,",
// "string version,",
// "uint256 chainId,",
// "address verifyingContract",
// ")"
// ))
bytes32 constant internal _EIP712_DOMAIN_SEPARATOR_SCHEMA_HASH = 0x8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f;
/// @dev Calculates a EIP712 domain separator.
/// @param name The EIP712 domain name.
/// @param version The EIP712 domain version.
/// @param verifyingContract The EIP712 verifying contract.
/// @return EIP712 domain separator.
function hashEIP712Domain(
string memory name,
string memory version,
uint256 chainId,
address verifyingContract
)
internal
pure
returns (bytes32 result)
{
bytes32 schemaHash = _EIP712_DOMAIN_SEPARATOR_SCHEMA_HASH;
// Assembly for more efficient computing:
// keccak256(abi.encodePacked(
// _EIP712_DOMAIN_SEPARATOR_SCHEMA_HASH,
// keccak256(bytes(name)),
// keccak256(bytes(version)),
// chainId,
// uint256(verifyingContract)
// ))
assembly {
// Calculate hashes of dynamic data
let nameHash := keccak256(add(name, 32), mload(name))
let versionHash := keccak256(add(version, 32), mload(version))
// Load free memory pointer
let memPtr := mload(64)
// Store params in memory
mstore(memPtr, schemaHash)
mstore(add(memPtr, 32), nameHash)
mstore(add(memPtr, 64), versionHash)
mstore(add(memPtr, 96), chainId)
mstore(add(memPtr, 128), verifyingContract)
// Compute hash
result := keccak256(memPtr, 160)
}
return result;
}
/// @dev Calculates EIP712 encoding for a hash struct with a given domain hash.
/// @param eip712DomainHash Hash of the domain domain separator data, computed
/// with getDomainHash().
/// @param hashStruct The EIP712 hash struct.
/// @return EIP712 hash applied to the given EIP712 Domain.
function hashEIP712Message(bytes32 eip712DomainHash, bytes32 hashStruct)
internal
pure
returns (bytes32 result)
{
// Assembly for more efficient computing:
// keccak256(abi.encodePacked(
// EIP191_HEADER,
// EIP712_DOMAIN_HASH,
// hashStruct
// ));
assembly {
// Load free memory pointer
let memPtr := mload(64)
mstore(memPtr, 0x1901000000000000000000000000000000000000000000000000000000000000) // EIP191 header
mstore(add(memPtr, 2), eip712DomainHash) // EIP712 domain hash
mstore(add(memPtr, 34), hashStruct) // Hash of struct
// Compute hash
result := keccak256(memPtr, 66)
}
return result;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
library Constants {
/* Chain */
uint256 private constant CHAIN_ID = 1; // Mainnet
/* Bootstrapping */
uint256 private constant BOOTSTRAPPING_PERIOD = 150; // 150 epochs
uint256 private constant BOOTSTRAPPING_PRICE = 154e16; // 1.54 USDC (targeting 4.5% inflation)
/* Oracle */
address private constant USDC = address(0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48);
uint256 private constant ORACLE_RESERVE_MINIMUM = 1e10; // 10,000 USDC
/* Bonding */
uint256 private constant INITIAL_STAKE_MULTIPLE = 1e6; // 100 DSD -> 100M DSDS
/* Epoch */
struct EpochStrategy {
uint256 offset;
uint256 start;
uint256 period;
}
uint256 private constant EPOCH_OFFSET = 0;
uint256 private constant EPOCH_START = 1606348800;
uint256 private constant EPOCH_PERIOD = 7200;
/* Governance */
uint256 private constant GOVERNANCE_PERIOD = 36;
uint256 private constant GOVERNANCE_QUORUM = 33e16; // 33%
uint256 private constant GOVERNANCE_SUPER_MAJORITY = 66e16; // 66%
uint256 private constant GOVERNANCE_EMERGENCY_DELAY = 6; // 6 epochs
/* DAO */
uint256 private constant ADVANCE_INCENTIVE = 1e20; // 100 DSD
uint256 private constant DAO_EXIT_LOCKUP_EPOCHS = 36; // 36 epochs fluid
/* Pool */
uint256 private constant POOL_EXIT_LOCKUP_EPOCHS = 12; // 12 epochs fluid
/* Market */
uint256 private constant COUPON_EXPIRATION = 360;
uint256 private constant DEBT_RATIO_CAP = 35e16; // 35%
/* Regulator */
uint256 private constant SUPPLY_CHANGE_DIVISOR = 12e18; // 12
uint256 private constant SUPPLY_CHANGE_LIMIT = 10e16; // 10%
uint256 private constant ORACLE_POOL_RATIO = 40; // 40%
/**
* Getters
*/
function getUsdcAddress() internal pure returns (address) {
return USDC;
}
function getOracleReserveMinimum() internal pure returns (uint256) {
return ORACLE_RESERVE_MINIMUM;
}
function getEpochStrategy() internal pure returns (EpochStrategy memory) {
return EpochStrategy({
offset: EPOCH_OFFSET,
start: EPOCH_START,
period: EPOCH_PERIOD
});
}
function getInitialStakeMultiple() internal pure returns (uint256) {
return INITIAL_STAKE_MULTIPLE;
}
function getBootstrappingPeriod() internal pure returns (uint256) {
return BOOTSTRAPPING_PERIOD;
}
function getBootstrappingPrice() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: BOOTSTRAPPING_PRICE});
}
function getGovernancePeriod() internal pure returns (uint256) {
return GOVERNANCE_PERIOD;
}
function getGovernanceQuorum() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: GOVERNANCE_QUORUM});
}
function getGovernanceSuperMajority() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: GOVERNANCE_SUPER_MAJORITY});
}
function getGovernanceEmergencyDelay() internal pure returns (uint256) {
return GOVERNANCE_EMERGENCY_DELAY;
}
function getAdvanceIncentive() internal pure returns (uint256) {
return ADVANCE_INCENTIVE;
}
function getDAOExitLockupEpochs() internal pure returns (uint256) {
return DAO_EXIT_LOCKUP_EPOCHS;
}
function getPoolExitLockupEpochs() internal pure returns (uint256) {
return POOL_EXIT_LOCKUP_EPOCHS;
}
function getCouponExpiration() internal pure returns (uint256) {
return COUPON_EXPIRATION;
}
function getDebtRatioCap() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: DEBT_RATIO_CAP});
}
function getSupplyChangeLimit() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: SUPPLY_CHANGE_LIMIT});
}
function getSupplyChangeDivisor() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: SUPPLY_CHANGE_DIVISOR});
}
function getOraclePoolRatio() internal pure returns (uint256) {
return ORACLE_POOL_RATIO;
}
function getChainId() internal pure returns (uint256) {
return CHAIN_ID;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Permittable is ERC20Detailed, ERC20 {
bytes32 constant FILE = "Permittable";
// keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");
bytes32 public constant EIP712_PERMIT_TYPEHASH = 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9;
string private constant EIP712_VERSION = "1";
bytes32 public EIP712_DOMAIN_SEPARATOR;
mapping(address => uint256) nonces;
constructor() public {
EIP712_DOMAIN_SEPARATOR = LibEIP712.hashEIP712Domain(name(), EIP712_VERSION, Constants.getChainId(), address(this));
}
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external {
bytes32 digest = LibEIP712.hashEIP712Message(
EIP712_DOMAIN_SEPARATOR,
keccak256(abi.encode(
EIP712_PERMIT_TYPEHASH,
owner,
spender,
value,
nonces[owner]++,
deadline
))
);
address recovered = ecrecover(digest, v, r, s);
Require.that(
recovered == owner,
FILE,
"Invalid signature"
);
Require.that(
recovered != address(0),
FILE,
"Zero address"
);
Require.that(
now <= deadline,
FILE,
"Expired"
);
_approve(owner, spender, value);
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract IDollar is IERC20 {
function burn(uint256 amount) public;
function burnFrom(address account, uint256 amount) public;
function mint(address account, uint256 amount) public returns (bool);
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Dollar is IDollar, MinterRole, ERC20Detailed, Permittable, ERC20Burnable {
constructor()
ERC20Detailed("Dynamic Set Dollar", "DSD", 18)
Permittable()
public
{ }
function mint(address account, uint256 amount) public onlyMinter returns (bool) {
_mint(account, amount);
return true;
}
function transferFrom(address sender, address recipient, uint256 amount) public returns (bool) {
_transfer(sender, recipient, amount);
if (allowance(sender, _msgSender()) != uint256(-1)) {
_approve(
sender,
_msgSender(),
allowance(sender, _msgSender()).sub(amount, "Dollar: transfer amount exceeds allowance"));
}
return true;
}
}
interface IUniswapV2Factory {
event PairCreated(address indexed token0, address indexed token1, address pair, uint);
function feeTo() external view returns (address);
function feeToSetter() external view returns (address);
function getPair(address tokenA, address tokenB) external view returns (address pair);
function allPairs(uint) external view returns (address pair);
function allPairsLength() external view returns (uint);
function createPair(address tokenA, address tokenB) external returns (address pair);
function setFeeTo(address) external;
function setFeeToSetter(address) external;
}
interface IUniswapV2Pair {
event Approval(address indexed owner, address indexed spender, uint value);
event Transfer(address indexed from, address indexed to, uint value);
function name() external pure returns (string memory);
function symbol() external pure returns (string memory);
function decimals() external pure returns (uint8);
function totalSupply() external view returns (uint);
function balanceOf(address owner) external view returns (uint);
function allowance(address owner, address spender) external view returns (uint);
function approve(address spender, uint value) external returns (bool);
function transfer(address to, uint value) external returns (bool);
function transferFrom(address from, address to, uint value) external returns (bool);
function DOMAIN_SEPARATOR() external view returns (bytes32);
function PERMIT_TYPEHASH() external pure returns (bytes32);
function nonces(address owner) external view returns (uint);
function permit(address owner, address spender, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external;
event Mint(address indexed sender, uint amount0, uint amount1);
event Burn(address indexed sender, uint amount0, uint amount1, address indexed to);
event Swap(
address indexed sender,
uint amount0In,
uint amount1In,
uint amount0Out,
uint amount1Out,
address indexed to
);
event Sync(uint112 reserve0, uint112 reserve1);
function MINIMUM_LIQUIDITY() external pure returns (uint);
function factory() external view returns (address);
function token0() external view returns (address);
function token1() external view returns (address);
function getReserves() external view returns (uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast);
function price0CumulativeLast() external view returns (uint);
function price1CumulativeLast() external view returns (uint);
function kLast() external view returns (uint);
function mint(address to) external returns (uint liquidity);
function burn(address to) external returns (uint amount0, uint amount1);
function swap(uint amount0Out, uint amount1Out, address to, bytes calldata data) external;
function skim(address to) external;
function sync() external;
function initialize(address, address) external;
}
// computes square roots using the babylonian method
// https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_method
library Babylonian {
function sqrt(uint y) internal pure returns (uint z) {
if (y > 3) {
z = y;
uint x = y / 2 + 1;
while (x < z) {
z = x;
x = (y / x + x) / 2;
}
} else if (y != 0) {
z = 1;
}
// else z = 0
}
}
// a library for handling binary fixed point numbers (https://en.wikipedia.org/wiki/Q_(number_format))
library FixedPoint {
// range: [0, 2**112 - 1]
// resolution: 1 / 2**112
struct uq112x112 {
uint224 _x;
}
// range: [0, 2**144 - 1]
// resolution: 1 / 2**112
struct uq144x112 {
uint _x;
}
uint8 private constant RESOLUTION = 112;
uint private constant Q112 = uint(1) << RESOLUTION;
uint private constant Q224 = Q112 << RESOLUTION;
// encode a uint112 as a UQ112x112
function encode(uint112 x) internal pure returns (uq112x112 memory) {
return uq112x112(uint224(x) << RESOLUTION);
}
// encodes a uint144 as a UQ144x112
function encode144(uint144 x) internal pure returns (uq144x112 memory) {
return uq144x112(uint256(x) << RESOLUTION);
}
// divide a UQ112x112 by a uint112, returning a UQ112x112
function div(uq112x112 memory self, uint112 x) internal pure returns (uq112x112 memory) {
require(x != 0, 'FixedPoint: DIV_BY_ZERO');
return uq112x112(self._x / uint224(x));
}
// multiply a UQ112x112 by a uint, returning a UQ144x112
// reverts on overflow
function mul(uq112x112 memory self, uint y) internal pure returns (uq144x112 memory) {
uint z;
require(y == 0 || (z = uint(self._x) * y) / y == uint(self._x), "FixedPoint: MULTIPLICATION_OVERFLOW");
return uq144x112(z);
}
// returns a UQ112x112 which represents the ratio of the numerator to the denominator
// equivalent to encode(numerator).div(denominator)
function fraction(uint112 numerator, uint112 denominator) internal pure returns (uq112x112 memory) {
require(denominator > 0, "FixedPoint: DIV_BY_ZERO");
return uq112x112((uint224(numerator) << RESOLUTION) / denominator);
}
// decode a UQ112x112 into a uint112 by truncating after the radix point
function decode(uq112x112 memory self) internal pure returns (uint112) {
return uint112(self._x >> RESOLUTION);
}
// decode a UQ144x112 into a uint144 by truncating after the radix point
function decode144(uq144x112 memory self) internal pure returns (uint144) {
return uint144(self._x >> RESOLUTION);
}
// take the reciprocal of a UQ112x112
function reciprocal(uq112x112 memory self) internal pure returns (uq112x112 memory) {
require(self._x != 0, 'FixedPoint: ZERO_RECIPROCAL');
return uq112x112(uint224(Q224 / self._x));
}
// square root of a UQ112x112
function sqrt(uq112x112 memory self) internal pure returns (uq112x112 memory) {
return uq112x112(uint224(Babylonian.sqrt(uint256(self._x)) << 56));
}
}
// library with helper methods for oracles that are concerned with computing average prices
library UniswapV2OracleLibrary {
using FixedPoint for *;
// helper function that returns the current block timestamp within the range of uint32, i.e. [0, 2**32 - 1]
function currentBlockTimestamp() internal view returns (uint32) {
return uint32(block.timestamp % 2 ** 32);
}
// produces the cumulative price using counterfactuals to save gas and avoid a call to sync.
function currentCumulativePrices(address pair)
internal
view
returns (uint price0Cumulative, uint price1Cumulative, uint32 blockTimestamp) {
blockTimestamp = currentBlockTimestamp();
price0Cumulative = IUniswapV2Pair(pair).price0CumulativeLast();
price1Cumulative = IUniswapV2Pair(pair).price1CumulativeLast();
// if time has elapsed since the last update on the pair, mock the accumulated price values
(uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast) = IUniswapV2Pair(pair).getReserves();
if (blockTimestampLast != blockTimestamp) {
// subtraction overflow is desired
uint32 timeElapsed = blockTimestamp - blockTimestampLast;
// addition overflow is desired
// counterfactual
price0Cumulative += uint(FixedPoint.fraction(reserve1, reserve0)._x) * timeElapsed;
// counterfactual
price1Cumulative += uint(FixedPoint.fraction(reserve0, reserve1)._x) * timeElapsed;
}
}
}
library UniswapV2Library {
using SafeMath for uint;
// returns sorted token addresses, used to handle return values from pairs sorted in this order
function sortTokens(address tokenA, address tokenB) internal pure returns (address token0, address token1) {
require(tokenA != tokenB, 'UniswapV2Library: IDENTICAL_ADDRESSES');
(token0, token1) = tokenA < tokenB ? (tokenA, tokenB) : (tokenB, tokenA);
require(token0 != address(0), 'UniswapV2Library: ZERO_ADDRESS');
}
// calculates the CREATE2 address for a pair without making any external calls
function pairFor(address factory, address tokenA, address tokenB) internal pure returns (address pair) {
(address token0, address token1) = sortTokens(tokenA, tokenB);
pair = address(uint(keccak256(abi.encodePacked(
hex'ff',
factory,
keccak256(abi.encodePacked(token0, token1)),
hex'96e8ac4277198ff8b6f785478aa9a39f403cb768dd02cbee326c3e7da348845f' // init code hash
))));
}
// fetches and sorts the reserves for a pair
function getReserves(address factory, address tokenA, address tokenB) internal view returns (uint reserveA, uint reserveB) {
(address token0,) = sortTokens(tokenA, tokenB);
(uint reserve0, uint reserve1,) = IUniswapV2Pair(pairFor(factory, tokenA, tokenB)).getReserves();
(reserveA, reserveB) = tokenA == token0 ? (reserve0, reserve1) : (reserve1, reserve0);
}
// given some amount of an asset and pair reserves, returns an equivalent amount of the other asset
function quote(uint amountA, uint reserveA, uint reserveB) internal pure returns (uint amountB) {
require(amountA > 0, 'UniswapV2Library: INSUFFICIENT_AMOUNT');
require(reserveA > 0 && reserveB > 0, 'UniswapV2Library: INSUFFICIENT_LIQUIDITY');
amountB = amountA.mul(reserveB) / reserveA;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract IOracle {
function setup() public;
function capture() public returns (Decimal.D256 memory, bool);
function pair() external view returns (address);
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract IUSDC {
function isBlacklisted(address _account) external view returns (bool);
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Oracle is IOracle {
using Decimal for Decimal.D256;
bytes32 private constant FILE = "Oracle";
address private constant UNISWAP_FACTORY = address(0x5C69bEe701ef814a2B6a3EDD4B1652CB9cc5aA6f);
address internal _dao;
address internal _dollar;
bool internal _initialized;
IUniswapV2Pair internal _pair;
uint256 internal _index;
uint256 internal _cumulative;
uint32 internal _timestamp;
uint256 internal _reserve;
constructor (address dollar) public {
_dao = msg.sender;
_dollar = dollar;
}
function setup() public onlyDao {
_pair = IUniswapV2Pair(IUniswapV2Factory(UNISWAP_FACTORY).createPair(_dollar, usdc()));
(address token0, address token1) = (_pair.token0(), _pair.token1());
_index = _dollar == token0 ? 0 : 1;
Require.that(
_index == 0 || _dollar == token1,
FILE,
"Døllar not found"
);
}
/**
* Trades/Liquidity: (1) Initializes reserve and blockTimestampLast (can calculate a price)
* (2) Has non-zero cumulative prices
*
* Steps: (1) Captures a reference blockTimestampLast
* (2) First reported value
*/
function capture() public onlyDao returns (Decimal.D256 memory, bool) {
if (_initialized) {
return updateOracle();
} else {
initializeOracle();
return (Decimal.one(), false);
}
}
function initializeOracle() private {
IUniswapV2Pair pair = _pair;
uint256 priceCumulative = _index == 0 ?
pair.price0CumulativeLast() :
pair.price1CumulativeLast();
(uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast) = pair.getReserves();
if(reserve0 != 0 && reserve1 != 0 && blockTimestampLast != 0) {
_cumulative = priceCumulative;
_timestamp = blockTimestampLast;
_initialized = true;
_reserve = _index == 0 ? reserve1 : reserve0; // get counter's reserve
}
}
function updateOracle() private returns (Decimal.D256 memory, bool) {
Decimal.D256 memory price = updatePrice();
uint256 lastReserve = updateReserve();
bool isBlacklisted = IUSDC(usdc()).isBlacklisted(address(_pair));
bool valid = true;
if (lastReserve < Constants.getOracleReserveMinimum()) {
valid = false;
}
if (_reserve < Constants.getOracleReserveMinimum()) {
valid = false;
}
if (isBlacklisted) {
valid = false;
}
return (price, valid);
}
function updatePrice() private returns (Decimal.D256 memory) {
(uint256 price0Cumulative, uint256 price1Cumulative, uint32 blockTimestamp) =
UniswapV2OracleLibrary.currentCumulativePrices(address(_pair));
uint32 timeElapsed = blockTimestamp - _timestamp; // overflow is desired
uint256 priceCumulative = _index == 0 ? price0Cumulative : price1Cumulative;
Decimal.D256 memory price = Decimal.ratio((priceCumulative - _cumulative) / timeElapsed, 2**112);
_timestamp = blockTimestamp;
_cumulative = priceCumulative;
return price.mul(1e12);
}
function updateReserve() private returns (uint256) {
uint256 lastReserve = _reserve;
(uint112 reserve0, uint112 reserve1,) = _pair.getReserves();
_reserve = _index == 0 ? reserve1 : reserve0; // get counter's reserve
return lastReserve;
}
function usdc() internal view returns (address) {
return Constants.getUsdcAddress();
}
function pair() external view returns (address) {
return address(_pair);
}
function reserve() external view returns (uint256) {
return _reserve;
}
modifier onlyDao() {
Require.that(
msg.sender == _dao,
FILE,
"Not dao"
);
_;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract IDAO {
function epoch() external view returns (uint256);
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract PoolAccount {
enum Status {
Frozen,
Fluid,
Locked
}
struct State {
uint256 staged;
uint256 claimable;
uint256 bonded;
uint256 phantom;
uint256 fluidUntil;
}
}
contract PoolStorage {
struct Provider {
IDAO dao;
IDollar dollar;
IERC20 univ2;
}
struct Balance {
uint256 staged;
uint256 claimable;
uint256 bonded;
uint256 phantom;
}
struct State {
Balance balance;
Provider provider;
bool paused;
mapping(address => PoolAccount.State) accounts;
}
}
contract PoolState {
PoolStorage.State _state;
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract PoolGetters is PoolState {
using SafeMath for uint256;
/**
* Global
*/
function usdc() public view returns (address) {
return Constants.getUsdcAddress();
}
function dao() public view returns (IDAO) {
return _state.provider.dao;
}
function dollar() public view returns (IDollar) {
return _state.provider.dollar;
}
function univ2() public view returns (IERC20) {
return _state.provider.univ2;
}
function totalBonded() public view returns (uint256) {
return _state.balance.bonded;
}
function totalStaged() public view returns (uint256) {
return _state.balance.staged;
}
function totalClaimable() public view returns (uint256) {
return _state.balance.claimable;
}
function totalPhantom() public view returns (uint256) {
return _state.balance.phantom;
}
function totalRewarded() public view returns (uint256) {
return dollar().balanceOf(address(this)).sub(totalClaimable());
}
function paused() public view returns (bool) {
return _state.paused;
}
/**
* Account
*/
function balanceOfStaged(address account) public view returns (uint256) {
return _state.accounts[account].staged;
}
function balanceOfClaimable(address account) public view returns (uint256) {
return _state.accounts[account].claimable;
}
function balanceOfBonded(address account) public view returns (uint256) {
return _state.accounts[account].bonded;
}
function balanceOfPhantom(address account) public view returns (uint256) {
return _state.accounts[account].phantom;
}
function balanceOfRewarded(address account) public view returns (uint256) {
uint256 totalBonded = totalBonded();
if (totalBonded == 0) {
return 0;
}
uint256 totalRewardedWithPhantom = totalRewarded().add(totalPhantom());
uint256 balanceOfRewardedWithPhantom = totalRewardedWithPhantom
.mul(balanceOfBonded(account))
.div(totalBonded);
uint256 balanceOfPhantom = balanceOfPhantom(account);
if (balanceOfRewardedWithPhantom > balanceOfPhantom) {
return balanceOfRewardedWithPhantom.sub(balanceOfPhantom);
}
return 0;
}
function statusOf(address account) public view returns (PoolAccount.Status) {
return epoch() >= _state.accounts[account].fluidUntil ?
PoolAccount.Status.Frozen :
PoolAccount.Status.Fluid;
}
/**
* Epoch
*/
function epoch() internal view returns (uint256) {
return dao().epoch();
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract PoolSetters is PoolState, PoolGetters {
using SafeMath for uint256;
/**
* Global
*/
function pause() internal {
_state.paused = true;
}
/**
* Account
*/
function incrementBalanceOfBonded(address account, uint256 amount) internal {
_state.accounts[account].bonded = _state.accounts[account].bonded.add(amount);
_state.balance.bonded = _state.balance.bonded.add(amount);
}
function decrementBalanceOfBonded(address account, uint256 amount, string memory reason) internal {
_state.accounts[account].bonded = _state.accounts[account].bonded.sub(amount, reason);
_state.balance.bonded = _state.balance.bonded.sub(amount, reason);
}
function incrementBalanceOfStaged(address account, uint256 amount) internal {
_state.accounts[account].staged = _state.accounts[account].staged.add(amount);
_state.balance.staged = _state.balance.staged.add(amount);
}
function decrementBalanceOfStaged(address account, uint256 amount, string memory reason) internal {
_state.accounts[account].staged = _state.accounts[account].staged.sub(amount, reason);
_state.balance.staged = _state.balance.staged.sub(amount, reason);
}
function incrementBalanceOfClaimable(address account, uint256 amount) internal {
_state.accounts[account].claimable = _state.accounts[account].claimable.add(amount);
_state.balance.claimable = _state.balance.claimable.add(amount);
}
function decrementBalanceOfClaimable(address account, uint256 amount, string memory reason) internal {
_state.accounts[account].claimable = _state.accounts[account].claimable.sub(amount, reason);
_state.balance.claimable = _state.balance.claimable.sub(amount, reason);
}
function incrementBalanceOfPhantom(address account, uint256 amount) internal {
_state.accounts[account].phantom = _state.accounts[account].phantom.add(amount);
_state.balance.phantom = _state.balance.phantom.add(amount);
}
function decrementBalanceOfPhantom(address account, uint256 amount, string memory reason) internal {
_state.accounts[account].phantom = _state.accounts[account].phantom.sub(amount, reason);
_state.balance.phantom = _state.balance.phantom.sub(amount, reason);
}
function unfreeze(address account) internal {
_state.accounts[account].fluidUntil = epoch().add(Constants.getPoolExitLockupEpochs());
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Liquidity is PoolGetters {
address private constant UNISWAP_FACTORY = address(0x5C69bEe701ef814a2B6a3EDD4B1652CB9cc5aA6f);
function addLiquidity(uint256 dollarAmount) internal returns (uint256, uint256) {
(address dollar, address usdc) = (address(dollar()), usdc());
(uint reserveA, uint reserveB) = getReserves(dollar, usdc);
uint256 usdcAmount = (reserveA == 0 && reserveB == 0) ?
dollarAmount :
UniswapV2Library.quote(dollarAmount, reserveA, reserveB);
address pair = address(univ2());
IERC20(dollar).transfer(pair, dollarAmount);
IERC20(usdc).transferFrom(msg.sender, pair, usdcAmount);
return (usdcAmount, IUniswapV2Pair(pair).mint(address(this)));
}
// overridable for testing
function getReserves(address tokenA, address tokenB) internal view returns (uint reserveA, uint reserveB) {
(address token0,) = UniswapV2Library.sortTokens(tokenA, tokenB);
(uint reserve0, uint reserve1,) = IUniswapV2Pair(UniswapV2Library.pairFor(UNISWAP_FACTORY, tokenA, tokenB)).getReserves();
(reserveA, reserveB) = tokenA == token0 ? (reserve0, reserve1) : (reserve1, reserve0);
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Pool is PoolSetters, Liquidity {
using SafeMath for uint256;
constructor(address dollar, address univ2) public {
_state.provider.dao = IDAO(msg.sender);
_state.provider.dollar = IDollar(dollar);
_state.provider.univ2 = IERC20(univ2);
}
bytes32 private constant FILE = "Pool";
event Deposit(address indexed account, uint256 value);
event Withdraw(address indexed account, uint256 value);
event Claim(address indexed account, uint256 value);
event Bond(address indexed account, uint256 start, uint256 value);
event Unbond(address indexed account, uint256 start, uint256 value, uint256 newClaimable);
event Provide(address indexed account, uint256 value, uint256 lessUsdc, uint256 newUniv2);
function deposit(uint256 value) external onlyFrozen(msg.sender) notPaused {
univ2().transferFrom(msg.sender, address(this), value);
incrementBalanceOfStaged(msg.sender, value);
balanceCheck();
emit Deposit(msg.sender, value);
}
function withdraw(uint256 value) external onlyFrozen(msg.sender) {
univ2().transfer(msg.sender, value);
decrementBalanceOfStaged(msg.sender, value, "Pool: insufficient staged balance");
balanceCheck();
emit Withdraw(msg.sender, value);
}
function claim(uint256 value) external onlyFrozen(msg.sender) {
dollar().transfer(msg.sender, value);
decrementBalanceOfClaimable(msg.sender, value, "Pool: insufficient claimable balance");
balanceCheck();
emit Claim(msg.sender, value);
}
function bond(uint256 value) external notPaused {
unfreeze(msg.sender);
uint256 totalRewardedWithPhantom = totalRewarded().add(totalPhantom());
uint256 newPhantom = totalBonded() == 0 ?
totalRewarded() == 0 ? Constants.getInitialStakeMultiple().mul(value) : 0 :
totalRewardedWithPhantom.mul(value).div(totalBonded());
incrementBalanceOfBonded(msg.sender, value);
incrementBalanceOfPhantom(msg.sender, newPhantom);
decrementBalanceOfStaged(msg.sender, value, "Pool: insufficient staged balance");
balanceCheck();
emit Bond(msg.sender, epoch().add(1), value);
}
function unbond(uint256 value) external {
unfreeze(msg.sender);
uint256 balanceOfBonded = balanceOfBonded(msg.sender);
Require.that(
balanceOfBonded > 0,
FILE,
"insufficient bonded balance"
);
uint256 newClaimable = balanceOfRewarded(msg.sender).mul(value).div(balanceOfBonded);
uint256 lessPhantom = balanceOfPhantom(msg.sender).mul(value).div(balanceOfBonded);
incrementBalanceOfStaged(msg.sender, value);
incrementBalanceOfClaimable(msg.sender, newClaimable);
decrementBalanceOfBonded(msg.sender, value, "Pool: insufficient bonded balance");
decrementBalanceOfPhantom(msg.sender, lessPhantom, "Pool: insufficient phantom balance");
balanceCheck();
emit Unbond(msg.sender, epoch().add(1), value, newClaimable);
}
function provide(uint256 value) external onlyFrozen(msg.sender) notPaused {
Require.that(
totalBonded() > 0,
FILE,
"insufficient total bonded"
);
Require.that(
totalRewarded() > 0,
FILE,
"insufficient total rewarded"
);
Require.that(
balanceOfRewarded(msg.sender) >= value,
FILE,
"insufficient rewarded balance"
);
(uint256 lessUsdc, uint256 newUniv2) = addLiquidity(value);
uint256 totalRewardedWithPhantom = totalRewarded().add(totalPhantom()).add(value);
uint256 newPhantomFromBonded = totalRewardedWithPhantom.mul(newUniv2).div(totalBonded());
incrementBalanceOfBonded(msg.sender, newUniv2);
incrementBalanceOfPhantom(msg.sender, value.add(newPhantomFromBonded));
balanceCheck();
emit Provide(msg.sender, value, lessUsdc, newUniv2);
}
function emergencyWithdraw(address token, uint256 value) external onlyDao {
IERC20(token).transfer(address(dao()), value);
}
function emergencyPause() external onlyDao {
pause();
}
function balanceCheck() private {
Require.that(
univ2().balanceOf(address(this)) >= totalStaged().add(totalBonded()),
FILE,
"Inconsistent UNI-V2 balances"
);
}
modifier onlyFrozen(address account) {
Require.that(
statusOf(account) == PoolAccount.Status.Frozen,
FILE,
"Not frozen"
);
_;
}
modifier onlyDao() {
Require.that(
msg.sender == address(dao()),
FILE,
"Not dao"
);
_;
}
modifier notPaused() {
Require.that(
!paused(),
FILE,
"Paused"
);
_;
}
}
/**
* Utility library of inline functions on addresses
*
* Source https://raw.githubusercontent.com/OpenZeppelin/openzeppelin-solidity/v2.1.3/contracts/utils/Address.sol
* This contract is copied here and renamed from the original to avoid clashes in the compiled artifacts
* when the user imports a zos-lib contract (that transitively causes this contract to be compiled and added to the
* build/artifacts folder) as well as the vanilla Address implementation from an openzeppelin version.
*/
library OpenZeppelinUpgradesAddress {
/**
* Returns whether the target address is a contract
* @dev This function will return false if invoked during the constructor of a contract,
* as the code is not actually created until after the constructor finishes.
* @param account address of the account to check
* @return whether the target address is a contract
*/
function isContract(address account) internal view returns (bool) {
uint256 size;
// XXX Currently there is no better way to check if there is a contract in an address
// than to check the size of the code at that address.
// See https://ethereum.stackexchange.com/a/14016/36603
// for more details about how this works.
// TODO Check this again before the Serenity release, because all addresses will be
// contracts then.
// solhint-disable-next-line no-inline-assembly
assembly { size := extcodesize(account) }
return size > 0;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Account {
enum Status {
Frozen,
Fluid,
Locked
}
struct State {
uint256 staged;
uint256 balance;
mapping(uint256 => uint256) coupons;
mapping(address => uint256) couponAllowances;
uint256 fluidUntil;
uint256 lockedUntil;
}
}
contract Epoch {
struct Global {
uint256 start;
uint256 period;
uint256 current;
}
struct Coupons {
uint256 outstanding;
uint256 expiration;
uint256[] expiring;
}
struct State {
uint256 bonded;
Coupons coupons;
}
}
contract Candidate {
enum Vote {
UNDECIDED,
APPROVE,
REJECT
}
struct State {
uint256 start;
uint256 period;
uint256 approve;
uint256 reject;
mapping(address => Vote) votes;
bool initialized;
}
}
contract Storage {
struct Provider {
IDollar dollar;
IOracle oracle;
address pool;
}
struct Balance {
uint256 supply;
uint256 bonded;
uint256 staged;
uint256 redeemable;
uint256 debt;
uint256 coupons;
}
struct State {
Epoch.Global epoch;
Balance balance;
Provider provider;
mapping(address => Account.State) accounts;
mapping(uint256 => Epoch.State) epochs;
mapping(address => Candidate.State) candidates;
}
}
contract State {
Storage.State _state;
}
/*
Copyright 2018-2019 zOS Global Limited
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
/**
* Based off of, and designed to interface with, openzeppelin/upgrades package
*/
contract Upgradeable is State {
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 private constant IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Emitted when the implementation is upgraded.
* @param implementation Address of the new implementation.
*/
event Upgraded(address indexed implementation);
function initialize() public;
/**
* @dev Upgrades the proxy to a new implementation.
* @param newImplementation Address of the new implementation.
*/
function upgradeTo(address newImplementation) internal {
setImplementation(newImplementation);
(bool success, bytes memory reason) = newImplementation.delegatecall(abi.encodeWithSignature("initialize()"));
require(success, string(reason));
emit Upgraded(newImplementation);
}
/**
* @dev Sets the implementation address of the proxy.
* @param newImplementation Address of the new implementation.
*/
function setImplementation(address newImplementation) private {
require(OpenZeppelinUpgradesAddress.isContract(newImplementation), "Cannot set a proxy implementation to a non-contract address");
bytes32 slot = IMPLEMENTATION_SLOT;
assembly {
sstore(slot, newImplementation)
}
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Getters is State {
using SafeMath for uint256;
using Decimal for Decimal.D256;
bytes32 private constant IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* ERC20 Interface
*/
function name() public view returns (string memory) {
return "Dynamic Set Dollar Stake";
}
function symbol() public view returns (string memory) {
return "DSDS";
}
function decimals() public view returns (uint8) {
return 18;
}
function balanceOf(address account) public view returns (uint256) {
return _state.accounts[account].balance;
}
function totalSupply() public view returns (uint256) {
return _state.balance.supply;
}
function allowance(address owner, address spender) external view returns (uint256) {
return 0;
}
/**
* Global
*/
function dollar() public view returns (IDollar) {
return _state.provider.dollar;
}
function oracle() public view returns (IOracle) {
return _state.provider.oracle;
}
function pool() public view returns (address) {
return _state.provider.pool;
}
function totalBonded() public view returns (uint256) {
return _state.balance.bonded;
}
function totalStaged() public view returns (uint256) {
return _state.balance.staged;
}
function totalDebt() public view returns (uint256) {
return _state.balance.debt;
}
function totalRedeemable() public view returns (uint256) {
return _state.balance.redeemable;
}
function totalCoupons() public view returns (uint256) {
return _state.balance.coupons;
}
function totalNet() public view returns (uint256) {
return dollar().totalSupply().sub(totalDebt());
}
/**
* Account
*/
function balanceOfStaged(address account) public view returns (uint256) {
return _state.accounts[account].staged;
}
function balanceOfBonded(address account) public view returns (uint256) {
uint256 totalSupply = totalSupply();
if (totalSupply == 0) {
return 0;
}
return totalBonded().mul(balanceOf(account)).div(totalSupply);
}
function balanceOfCoupons(address account, uint256 epoch) public view returns (uint256) {
if (outstandingCoupons(epoch) == 0) {
return 0;
}
return _state.accounts[account].coupons[epoch];
}
function statusOf(address account) public view returns (Account.Status) {
if (_state.accounts[account].lockedUntil > epoch()) {
return Account.Status.Locked;
}
return epoch() >= _state.accounts[account].fluidUntil ? Account.Status.Frozen : Account.Status.Fluid;
}
function allowanceCoupons(address owner, address spender) public view returns (uint256) {
return _state.accounts[owner].couponAllowances[spender];
}
/**
* Epoch
*/
function epoch() public view returns (uint256) {
return _state.epoch.current;
}
function epochTime() public view returns (uint256) {
Constants.EpochStrategy memory current = Constants.getEpochStrategy();
return epochTimeWithStrategy(current);
}
function epochTimeWithStrategy(Constants.EpochStrategy memory strategy) private view returns (uint256) {
return blockTimestamp()
.sub(strategy.start)
.div(strategy.period)
.add(strategy.offset);
}
// Overridable for testing
function blockTimestamp() internal view returns (uint256) {
return block.timestamp;
}
function outstandingCoupons(uint256 epoch) public view returns (uint256) {
return _state.epochs[epoch].coupons.outstanding;
}
function couponsExpiration(uint256 epoch) public view returns (uint256) {
return _state.epochs[epoch].coupons.expiration;
}
function expiringCoupons(uint256 epoch) public view returns (uint256) {
return _state.epochs[epoch].coupons.expiring.length;
}
function expiringCouponsAtIndex(uint256 epoch, uint256 i) public view returns (uint256) {
return _state.epochs[epoch].coupons.expiring[i];
}
function totalBondedAt(uint256 epoch) public view returns (uint256) {
return _state.epochs[epoch].bonded;
}
function bootstrappingAt(uint256 epoch) public view returns (bool) {
return epoch <= Constants.getBootstrappingPeriod();
}
/**
* Governance
*/
function recordedVote(address account, address candidate) public view returns (Candidate.Vote) {
return _state.candidates[candidate].votes[account];
}
function startFor(address candidate) public view returns (uint256) {
return _state.candidates[candidate].start;
}
function periodFor(address candidate) public view returns (uint256) {
return _state.candidates[candidate].period;
}
function approveFor(address candidate) public view returns (uint256) {
return _state.candidates[candidate].approve;
}
function rejectFor(address candidate) public view returns (uint256) {
return _state.candidates[candidate].reject;
}
function votesFor(address candidate) public view returns (uint256) {
return approveFor(candidate).add(rejectFor(candidate));
}
function isNominated(address candidate) public view returns (bool) {
return _state.candidates[candidate].start > 0;
}
function isInitialized(address candidate) public view returns (bool) {
return _state.candidates[candidate].initialized;
}
function implementation() public view returns (address impl) {
bytes32 slot = IMPLEMENTATION_SLOT;
assembly {
impl := sload(slot)
}
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Setters is State, Getters {
using SafeMath for uint256;
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* ERC20 Interface
*/
function transfer(address recipient, uint256 amount) external returns (bool) {
return false;
}
function approve(address spender, uint256 amount) external returns (bool) {
return false;
}
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool) {
return false;
}
/**
* Global
*/
function incrementTotalBonded(uint256 amount) internal {
_state.balance.bonded = _state.balance.bonded.add(amount);
}
function decrementTotalBonded(uint256 amount, string memory reason) internal {
_state.balance.bonded = _state.balance.bonded.sub(amount, reason);
}
function incrementTotalDebt(uint256 amount) internal {
_state.balance.debt = _state.balance.debt.add(amount);
}
function decrementTotalDebt(uint256 amount, string memory reason) internal {
_state.balance.debt = _state.balance.debt.sub(amount, reason);
}
function setDebtToZero() internal {
_state.balance.debt = 0;
}
function incrementTotalRedeemable(uint256 amount) internal {
_state.balance.redeemable = _state.balance.redeemable.add(amount);
}
function decrementTotalRedeemable(uint256 amount, string memory reason) internal {
_state.balance.redeemable = _state.balance.redeemable.sub(amount, reason);
}
/**
* Account
*/
function incrementBalanceOf(address account, uint256 amount) internal {
_state.accounts[account].balance = _state.accounts[account].balance.add(amount);
_state.balance.supply = _state.balance.supply.add(amount);
emit Transfer(address(0), account, amount);
}
function decrementBalanceOf(address account, uint256 amount, string memory reason) internal {
_state.accounts[account].balance = _state.accounts[account].balance.sub(amount, reason);
_state.balance.supply = _state.balance.supply.sub(amount, reason);
emit Transfer(account, address(0), amount);
}
function incrementBalanceOfStaged(address account, uint256 amount) internal {
_state.accounts[account].staged = _state.accounts[account].staged.add(amount);
_state.balance.staged = _state.balance.staged.add(amount);
}
function decrementBalanceOfStaged(address account, uint256 amount, string memory reason) internal {
_state.accounts[account].staged = _state.accounts[account].staged.sub(amount, reason);
_state.balance.staged = _state.balance.staged.sub(amount, reason);
}
function incrementBalanceOfCoupons(address account, uint256 epoch, uint256 amount) internal {
_state.accounts[account].coupons[epoch] = _state.accounts[account].coupons[epoch].add(amount);
_state.epochs[epoch].coupons.outstanding = _state.epochs[epoch].coupons.outstanding.add(amount);
_state.balance.coupons = _state.balance.coupons.add(amount);
}
function decrementBalanceOfCoupons(address account, uint256 epoch, uint256 amount, string memory reason) internal {
_state.accounts[account].coupons[epoch] = _state.accounts[account].coupons[epoch].sub(amount, reason);
_state.epochs[epoch].coupons.outstanding = _state.epochs[epoch].coupons.outstanding.sub(amount, reason);
_state.balance.coupons = _state.balance.coupons.sub(amount, reason);
}
function unfreeze(address account) internal {
_state.accounts[account].fluidUntil = epoch().add(Constants.getDAOExitLockupEpochs());
}
function updateAllowanceCoupons(address owner, address spender, uint256 amount) internal {
_state.accounts[owner].couponAllowances[spender] = amount;
}
function decrementAllowanceCoupons(address owner, address spender, uint256 amount, string memory reason) internal {
_state.accounts[owner].couponAllowances[spender] =
_state.accounts[owner].couponAllowances[spender].sub(amount, reason);
}
/**
* Epoch
*/
function incrementEpoch() internal {
_state.epoch.current = _state.epoch.current.add(1);
}
function snapshotTotalBonded() internal {
_state.epochs[epoch()].bonded = totalSupply();
}
function initializeCouponsExpiration(uint256 epoch, uint256 expiration) internal {
_state.epochs[epoch].coupons.expiration = expiration;
_state.epochs[expiration].coupons.expiring.push(epoch);
}
function eliminateOutstandingCoupons(uint256 epoch) internal {
uint256 outstandingCouponsForEpoch = outstandingCoupons(epoch);
if(outstandingCouponsForEpoch == 0) {
return;
}
_state.balance.coupons = _state.balance.coupons.sub(outstandingCouponsForEpoch);
_state.epochs[epoch].coupons.outstanding = 0;
}
/**
* Governance
*/
function createCandidate(address candidate, uint256 period) internal {
_state.candidates[candidate].start = epoch();
_state.candidates[candidate].period = period;
}
function recordVote(address account, address candidate, Candidate.Vote vote) internal {
_state.candidates[candidate].votes[account] = vote;
}
function incrementApproveFor(address candidate, uint256 amount) internal {
_state.candidates[candidate].approve = _state.candidates[candidate].approve.add(amount);
}
function decrementApproveFor(address candidate, uint256 amount, string memory reason) internal {
_state.candidates[candidate].approve = _state.candidates[candidate].approve.sub(amount, reason);
}
function incrementRejectFor(address candidate, uint256 amount) internal {
_state.candidates[candidate].reject = _state.candidates[candidate].reject.add(amount);
}
function decrementRejectFor(address candidate, uint256 amount, string memory reason) internal {
_state.candidates[candidate].reject = _state.candidates[candidate].reject.sub(amount, reason);
}
function placeLock(address account, address candidate) internal {
uint256 currentLock = _state.accounts[account].lockedUntil;
uint256 newLock = startFor(candidate).add(periodFor(candidate));
if (newLock > currentLock) {
_state.accounts[account].lockedUntil = newLock;
}
}
function initialized(address candidate) internal {
_state.candidates[candidate].initialized = true;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Permission is Setters {
bytes32 private constant FILE = "Permission";
// Can modify account state
modifier onlyFrozenOrFluid(address account) {
Require.that(
statusOf(account) != Account.Status.Locked,
FILE,
"Not frozen or fluid"
);
_;
}
// Can participate in balance-dependant activities
modifier onlyFrozenOrLocked(address account) {
Require.that(
statusOf(account) != Account.Status.Fluid,
FILE,
"Not frozen or locked"
);
_;
}
modifier initializer() {
Require.that(
!isInitialized(implementation()),
FILE,
"Already initialized"
);
initialized(implementation());
_;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Deployer1 is State, Permission, Upgradeable {
function initialize() initializer public {
_state.provider.dollar = new Dollar();
}
function implement(address implementation) external {
upgradeTo(implementation);
}
}
contract Deployer2 is State, Permission, Upgradeable {
function initialize() initializer public {
_state.provider.oracle = new Oracle(address(dollar()));
oracle().setup();
}
function implement(address implementation) external {
upgradeTo(implementation);
}
}
contract Deployer3 is State, Permission, Upgradeable {
function initialize() initializer public {
_state.provider.pool = address(new Pool(address(dollar()), address(oracle().pair())));
}
function implement(address implementation) external {
upgradeTo(implementation);
}
}File 2 of 5: Root
pragma solidity ^0.5.17;
pragma experimental ABIEncoderV2;
/**
* @title Proxy
* @dev Implements delegation of calls to other contracts, with proper
* forwarding of return values and bubbling of failures.
* It defines a fallback function that delegates all calls to the address
* returned by the abstract _implementation() internal function.
*/
contract Proxy {
/**
* @dev Fallback function.
* Implemented entirely in `_fallback`.
*/
function () payable external {
_fallback();
}
/**
* @return The Address of the implementation.
*/
function _implementation() internal view returns (address);
/**
* @dev Delegates execution to an implementation contract.
* This is a low level function that doesn't return to its internal call site.
* It will return to the external caller whatever the implementation returns.
* @param implementation Address to delegate.
*/
function _delegate(address implementation) internal {
assembly {
// Copy msg.data. We take full control of memory in this inline assembly
// block because it will not return to Solidity code. We overwrite the
// Solidity scratch pad at memory position 0.
calldatacopy(0, 0, calldatasize)
// Call the implementation.
// out and outsize are 0 because we don't know the size yet.
let result := delegatecall(gas, implementation, 0, calldatasize, 0, 0)
// Copy the returned data.
returndatacopy(0, 0, returndatasize)
switch result
// delegatecall returns 0 on error.
case 0 { revert(0, returndatasize) }
default { return(0, returndatasize) }
}
}
/**
* @dev Function that is run as the first thing in the fallback function.
* Can be redefined in derived contracts to add functionality.
* Redefinitions must call super._willFallback().
*/
function _willFallback() internal {
}
/**
* @dev fallback implementation.
* Extracted to enable manual triggering.
*/
function _fallback() internal {
_willFallback();
_delegate(_implementation());
}
}
/**
* Utility library of inline functions on addresses
*
* Source https://raw.githubusercontent.com/OpenZeppelin/openzeppelin-solidity/v2.1.3/contracts/utils/Address.sol
* This contract is copied here and renamed from the original to avoid clashes in the compiled artifacts
* when the user imports a zos-lib contract (that transitively causes this contract to be compiled and added to the
* build/artifacts folder) as well as the vanilla Address implementation from an openzeppelin version.
*/
library OpenZeppelinUpgradesAddress {
/**
* Returns whether the target address is a contract
* @dev This function will return false if invoked during the constructor of a contract,
* as the code is not actually created until after the constructor finishes.
* @param account address of the account to check
* @return whether the target address is a contract
*/
function isContract(address account) internal view returns (bool) {
uint256 size;
// XXX Currently there is no better way to check if there is a contract in an address
// than to check the size of the code at that address.
// See https://ethereum.stackexchange.com/a/14016/36603
// for more details about how this works.
// TODO Check this again before the Serenity release, because all addresses will be
// contracts then.
// solhint-disable-next-line no-inline-assembly
assembly { size := extcodesize(account) }
return size > 0;
}
}
/**
* @title BaseUpgradeabilityProxy
* @dev This contract implements a proxy that allows to change the
* implementation address to which it will delegate.
* Such a change is called an implementation upgrade.
*/
contract BaseUpgradeabilityProxy is Proxy {
/**
* @dev Emitted when the implementation is upgraded.
* @param implementation Address of the new implementation.
*/
event Upgraded(address indexed implementation);
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Returns the current implementation.
* @return Address of the current implementation
*/
function _implementation() internal view returns (address impl) {
bytes32 slot = IMPLEMENTATION_SLOT;
assembly {
impl := sload(slot)
}
}
/**
* @dev Upgrades the proxy to a new implementation.
* @param newImplementation Address of the new implementation.
*/
function _upgradeTo(address newImplementation) internal {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Sets the implementation address of the proxy.
* @param newImplementation Address of the new implementation.
*/
function _setImplementation(address newImplementation) internal {
require(OpenZeppelinUpgradesAddress.isContract(newImplementation), "Cannot set a proxy implementation to a non-contract address");
bytes32 slot = IMPLEMENTATION_SLOT;
assembly {
sstore(slot, newImplementation)
}
}
}
/**
* @title UpgradeabilityProxy
* @dev Extends BaseUpgradeabilityProxy with a constructor for initializing
* implementation and init data.
*/
contract UpgradeabilityProxy is BaseUpgradeabilityProxy {
/**
* @dev Contract constructor.
* @param _logic Address of the initial implementation.
* @param _data Data to send as msg.data to the implementation to initialize the proxied contract.
* It should include the signature and the parameters of the function to be called, as described in
* https://solidity.readthedocs.io/en/v0.4.24/abi-spec.html#function-selector-and-argument-encoding.
* This parameter is optional, if no data is given the initialization call to proxied contract will be skipped.
*/
constructor(address _logic, bytes memory _data) public payable {
assert(IMPLEMENTATION_SLOT == bytes32(uint256(keccak256('eip1967.proxy.implementation')) - 1));
_setImplementation(_logic);
if(_data.length > 0) {
(bool success,) = _logic.delegatecall(_data);
require(success);
}
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Root is UpgradeabilityProxy {
constructor (address implementation) UpgradeabilityProxy(
implementation,
abi.encodeWithSignature("initialize()")
) public { }
}File 3 of 5: Implementation
pragma solidity ^0.5.17;
pragma experimental ABIEncoderV2;
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*
* _Available since v2.4.0._
*/
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
// Solidity only automatically asserts when dividing by 0
require(b > 0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b != 0, errorMessage);
return a % b;
}
}
/*
Copyright 2019 dYdX Trading Inc.
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
/**
* @title Decimal
* @author dYdX
*
* Library that defines a fixed-point number with 18 decimal places.
*/
library Decimal {
using SafeMath for uint256;
// ============ Constants ============
uint256 constant BASE = 10**18;
// ============ Structs ============
struct D256 {
uint256 value;
}
// ============ Static Functions ============
function zero()
internal
pure
returns (D256 memory)
{
return D256({ value: 0 });
}
function one()
internal
pure
returns (D256 memory)
{
return D256({ value: BASE });
}
function from(
uint256 a
)
internal
pure
returns (D256 memory)
{
return D256({ value: a.mul(BASE) });
}
function ratio(
uint256 a,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: getPartial(a, BASE, b) });
}
// ============ Self Functions ============
function add(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.add(b.mul(BASE)) });
}
function sub(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.sub(b.mul(BASE)) });
}
function sub(
D256 memory self,
uint256 b,
string memory reason
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.sub(b.mul(BASE), reason) });
}
function mul(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.mul(b) });
}
function div(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.div(b) });
}
function pow(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
if (b == 0) {
return from(1);
}
D256 memory temp = D256({ value: self.value });
for (uint256 i = 1; i < b; i++) {
temp = mul(temp, self);
}
return temp;
}
function add(
D256 memory self,
D256 memory b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.add(b.value) });
}
function sub(
D256 memory self,
D256 memory b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.sub(b.value) });
}
function sub(
D256 memory self,
D256 memory b,
string memory reason
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.sub(b.value, reason) });
}
function mul(
D256 memory self,
D256 memory b
)
internal
pure
returns (D256 memory)
{
return D256({ value: getPartial(self.value, b.value, BASE) });
}
function div(
D256 memory self,
D256 memory b
)
internal
pure
returns (D256 memory)
{
return D256({ value: getPartial(self.value, BASE, b.value) });
}
function equals(D256 memory self, D256 memory b) internal pure returns (bool) {
return self.value == b.value;
}
function greaterThan(D256 memory self, D256 memory b) internal pure returns (bool) {
return compareTo(self, b) == 2;
}
function lessThan(D256 memory self, D256 memory b) internal pure returns (bool) {
return compareTo(self, b) == 0;
}
function greaterThanOrEqualTo(D256 memory self, D256 memory b) internal pure returns (bool) {
return compareTo(self, b) > 0;
}
function lessThanOrEqualTo(D256 memory self, D256 memory b) internal pure returns (bool) {
return compareTo(self, b) < 2;
}
function isZero(D256 memory self) internal pure returns (bool) {
return self.value == 0;
}
function asUint256(D256 memory self) internal pure returns (uint256) {
return self.value.div(BASE);
}
// ============ Core Methods ============
function getPartial(
uint256 target,
uint256 numerator,
uint256 denominator
)
private
pure
returns (uint256)
{
return target.mul(numerator).div(denominator);
}
function compareTo(
D256 memory a,
D256 memory b
)
private
pure
returns (uint256)
{
if (a.value == b.value) {
return 1;
}
return a.value > b.value ? 2 : 0;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
library Constants {
/* Chain */
uint256 private constant CHAIN_ID = 1; // Mainnet
/* Bootstrapping */
uint256 private constant BOOTSTRAPPING_PERIOD = 150; // 150 epochs
uint256 private constant BOOTSTRAPPING_PRICE = 154e16; // 1.54 USDC (targeting 4.5% inflation)
/* Oracle */
address private constant USDC = address(0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48);
uint256 private constant ORACLE_RESERVE_MINIMUM = 1e10; // 10,000 USDC
/* Bonding */
uint256 private constant INITIAL_STAKE_MULTIPLE = 1e6; // 100 DSD -> 100M DSDS
/* Epoch */
struct EpochStrategy {
uint256 offset;
uint256 start;
uint256 period;
}
uint256 private constant EPOCH_OFFSET = 0;
uint256 private constant EPOCH_START = 1606348800;
uint256 private constant EPOCH_PERIOD = 7200;
/* Governance */
uint256 private constant GOVERNANCE_PERIOD = 36;
uint256 private constant GOVERNANCE_QUORUM = 33e16; // 33%
uint256 private constant GOVERNANCE_SUPER_MAJORITY = 66e16; // 66%
uint256 private constant GOVERNANCE_EMERGENCY_DELAY = 6; // 6 epochs
/* DAO */
uint256 private constant ADVANCE_INCENTIVE = 50e18; // 50 DSD
uint256 private constant DAO_EXIT_LOCKUP_EPOCHS = 36; // 36 epochs fluid
/* Pool */
uint256 private constant POOL_EXIT_LOCKUP_EPOCHS = 12; // 12 epochs fluid
/* Market */
uint256 private constant COUPON_EXPIRATION = 360;
uint256 private constant DEBT_RATIO_CAP = 35e16; // 35%
uint256 private constant INITIAL_COUPON_REDEMPTION_PENALTY = 50e16; // 50%
uint256 private constant COUPON_REDEMPTION_PENALTY_DECAY = 3600; // 1 hour
/* Regulator */
uint256 private constant SUPPLY_CHANGE_DIVISOR = 12e18; // 12
uint256 private constant SUPPLY_CHANGE_LIMIT = 10e16; // 10%
uint256 private constant ORACLE_POOL_RATIO = 40; // 40%
/**
* Getters
*/
function getUsdcAddress() internal pure returns (address) {
return USDC;
}
function getOracleReserveMinimum() internal pure returns (uint256) {
return ORACLE_RESERVE_MINIMUM;
}
function getEpochStrategy() internal pure returns (EpochStrategy memory) {
return EpochStrategy({
offset: EPOCH_OFFSET,
start: EPOCH_START,
period: EPOCH_PERIOD
});
}
function getInitialStakeMultiple() internal pure returns (uint256) {
return INITIAL_STAKE_MULTIPLE;
}
function getBootstrappingPeriod() internal pure returns (uint256) {
return BOOTSTRAPPING_PERIOD;
}
function getBootstrappingPrice() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: BOOTSTRAPPING_PRICE});
}
function getGovernancePeriod() internal pure returns (uint256) {
return GOVERNANCE_PERIOD;
}
function getGovernanceQuorum() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: GOVERNANCE_QUORUM});
}
function getGovernanceSuperMajority() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: GOVERNANCE_SUPER_MAJORITY});
}
function getGovernanceEmergencyDelay() internal pure returns (uint256) {
return GOVERNANCE_EMERGENCY_DELAY;
}
function getAdvanceIncentive() internal pure returns (uint256) {
return ADVANCE_INCENTIVE;
}
function getDAOExitLockupEpochs() internal pure returns (uint256) {
return DAO_EXIT_LOCKUP_EPOCHS;
}
function getPoolExitLockupEpochs() internal pure returns (uint256) {
return POOL_EXIT_LOCKUP_EPOCHS;
}
function getCouponExpiration() internal pure returns (uint256) {
return COUPON_EXPIRATION;
}
function getDebtRatioCap() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: DEBT_RATIO_CAP});
}
function getInitialCouponRedemptionPenalty() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: INITIAL_COUPON_REDEMPTION_PENALTY});
}
function getCouponRedemptionPenaltyDecay() internal pure returns (uint256) {
return COUPON_REDEMPTION_PENALTY_DECAY;
}
function getSupplyChangeLimit() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: SUPPLY_CHANGE_LIMIT});
}
function getSupplyChangeDivisor() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: SUPPLY_CHANGE_DIVISOR});
}
function getOraclePoolRatio() internal pure returns (uint256) {
return ORACLE_POOL_RATIO;
}
function getChainId() internal pure returns (uint256) {
return CHAIN_ID;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Curve {
using SafeMath for uint256;
using Decimal for Decimal.D256;
function calculateCouponPremium(
uint256 totalSupply,
uint256 totalDebt,
uint256 amount
) internal pure returns (uint256) {
return effectivePremium(totalSupply, totalDebt, amount).mul(amount).asUint256();
}
function effectivePremium(
uint256 totalSupply,
uint256 totalDebt,
uint256 amount
) private pure returns (Decimal.D256 memory) {
Decimal.D256 memory debtRatio = Decimal.ratio(totalDebt, totalSupply);
Decimal.D256 memory debtRatioUpperBound = Constants.getDebtRatioCap();
uint256 totalSupplyEnd = totalSupply.sub(amount);
uint256 totalDebtEnd = totalDebt.sub(amount);
Decimal.D256 memory debtRatioEnd = Decimal.ratio(totalDebtEnd, totalSupplyEnd);
if (debtRatio.greaterThan(debtRatioUpperBound)) {
if (debtRatioEnd.greaterThan(debtRatioUpperBound)) {
return curve(debtRatioUpperBound);
}
Decimal.D256 memory premiumCurve = curveMean(debtRatioEnd, debtRatioUpperBound);
Decimal.D256 memory premiumCurveDelta = debtRatioUpperBound.sub(debtRatioEnd);
Decimal.D256 memory premiumFlat = curve(debtRatioUpperBound);
Decimal.D256 memory premiumFlatDelta = debtRatio.sub(debtRatioUpperBound);
return (premiumCurve.mul(premiumCurveDelta)).add(premiumFlat.mul(premiumFlatDelta))
.div(premiumCurveDelta.add(premiumFlatDelta));
}
return curveMean(debtRatioEnd, debtRatio);
}
// 1/(3(1-R)^2)-1/3
function curve(Decimal.D256 memory debtRatio) private pure returns (Decimal.D256 memory) {
return Decimal.one().div(
Decimal.from(3).mul((Decimal.one().sub(debtRatio)).pow(2))
).sub(Decimal.ratio(1, 3));
}
// 1/(3(1-R)(1-R'))-1/3
function curveMean(
Decimal.D256 memory lower,
Decimal.D256 memory upper
) private pure returns (Decimal.D256 memory) {
if (lower.equals(upper)) {
return curve(lower);
}
return Decimal.one().div(
Decimal.from(3).mul(Decimal.one().sub(upper)).mul(Decimal.one().sub(lower))
).sub(Decimal.ratio(1, 3));
}
}
interface IUniswapV2Pair {
event Approval(address indexed owner, address indexed spender, uint value);
event Transfer(address indexed from, address indexed to, uint value);
function name() external pure returns (string memory);
function symbol() external pure returns (string memory);
function decimals() external pure returns (uint8);
function totalSupply() external view returns (uint);
function balanceOf(address owner) external view returns (uint);
function allowance(address owner, address spender) external view returns (uint);
function approve(address spender, uint value) external returns (bool);
function transfer(address to, uint value) external returns (bool);
function transferFrom(address from, address to, uint value) external returns (bool);
function DOMAIN_SEPARATOR() external view returns (bytes32);
function PERMIT_TYPEHASH() external pure returns (bytes32);
function nonces(address owner) external view returns (uint);
function permit(address owner, address spender, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external;
event Mint(address indexed sender, uint amount0, uint amount1);
event Burn(address indexed sender, uint amount0, uint amount1, address indexed to);
event Swap(
address indexed sender,
uint amount0In,
uint amount1In,
uint amount0Out,
uint amount1Out,
address indexed to
);
event Sync(uint112 reserve0, uint112 reserve1);
function MINIMUM_LIQUIDITY() external pure returns (uint);
function factory() external view returns (address);
function token0() external view returns (address);
function token1() external view returns (address);
function getReserves() external view returns (uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast);
function price0CumulativeLast() external view returns (uint);
function price1CumulativeLast() external view returns (uint);
function kLast() external view returns (uint);
function mint(address to) external returns (uint liquidity);
function burn(address to) external returns (uint amount0, uint amount1);
function swap(uint amount0Out, uint amount1Out, address to, bytes calldata data) external;
function skim(address to) external;
function sync() external;
function initialize(address, address) external;
}
/**
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include
* the optional functions; to access them see {ERC20Detailed}.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract IDollar is IERC20 {
function burn(uint256 amount) public;
function burnFrom(address account, uint256 amount) public;
function mint(address account, uint256 amount) public returns (bool);
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract IOracle {
function setup() public;
function capture() public returns (Decimal.D256 memory, bool);
function pair() external view returns (address);
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Account {
enum Status {
Frozen,
Fluid,
Locked
}
struct State {
uint256 staged;
uint256 balance;
mapping(uint256 => uint256) coupons;
mapping(address => uint256) couponAllowances;
uint256 fluidUntil;
uint256 lockedUntil;
}
}
contract Epoch {
struct Global {
uint256 start;
uint256 period;
uint256 current;
}
struct Coupons {
uint256 outstanding;
uint256 expiration;
uint256[] expiring;
}
struct State {
uint256 bonded;
Coupons coupons;
}
}
contract Candidate {
enum Vote {
UNDECIDED,
APPROVE,
REJECT
}
struct State {
uint256 start;
uint256 period;
uint256 approve;
uint256 reject;
mapping(address => Vote) votes;
bool initialized;
}
}
contract Storage {
struct Provider {
IDollar dollar;
IOracle oracle;
address pool;
}
struct Balance {
uint256 supply;
uint256 bonded;
uint256 staged;
uint256 redeemable;
uint256 debt;
uint256 coupons;
}
struct State {
Epoch.Global epoch;
Balance balance;
Provider provider;
mapping(address => Account.State) accounts;
mapping(uint256 => Epoch.State) epochs;
mapping(address => Candidate.State) candidates;
}
}
contract State {
Storage.State _state;
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Getters is State {
using SafeMath for uint256;
using Decimal for Decimal.D256;
bytes32 private constant IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* ERC20 Interface
*/
function name() public view returns (string memory) {
return "Dynamic Set Dollar Stake";
}
function symbol() public view returns (string memory) {
return "DSDS";
}
function decimals() public view returns (uint8) {
return 18;
}
function balanceOf(address account) public view returns (uint256) {
return _state.accounts[account].balance;
}
function totalSupply() public view returns (uint256) {
return _state.balance.supply;
}
function allowance(address owner, address spender) external view returns (uint256) {
return 0;
}
/**
* Global
*/
function dollar() public view returns (IDollar) {
return _state.provider.dollar;
}
function oracle() public view returns (IOracle) {
return _state.provider.oracle;
}
function pool() public view returns (address) {
return _state.provider.pool;
}
function totalBonded() public view returns (uint256) {
return _state.balance.bonded;
}
function totalStaged() public view returns (uint256) {
return _state.balance.staged;
}
function totalDebt() public view returns (uint256) {
return _state.balance.debt;
}
function totalRedeemable() public view returns (uint256) {
return _state.balance.redeemable;
}
function totalCoupons() public view returns (uint256) {
return _state.balance.coupons;
}
function totalNet() public view returns (uint256) {
return dollar().totalSupply().sub(totalDebt());
}
/**
* Account
*/
function balanceOfStaged(address account) public view returns (uint256) {
return _state.accounts[account].staged;
}
function balanceOfBonded(address account) public view returns (uint256) {
uint256 totalSupply = totalSupply();
if (totalSupply == 0) {
return 0;
}
return totalBonded().mul(balanceOf(account)).div(totalSupply);
}
function balanceOfCoupons(address account, uint256 epoch) public view returns (uint256) {
if (outstandingCoupons(epoch) == 0) {
return 0;
}
return _state.accounts[account].coupons[epoch];
}
function statusOf(address account) public view returns (Account.Status) {
if (_state.accounts[account].lockedUntil > epoch()) {
return Account.Status.Locked;
}
return epoch() >= _state.accounts[account].fluidUntil ? Account.Status.Frozen : Account.Status.Fluid;
}
function allowanceCoupons(address owner, address spender) public view returns (uint256) {
return _state.accounts[owner].couponAllowances[spender];
}
/**
* Epoch
*/
function epoch() public view returns (uint256) {
return _state.epoch.current;
}
function epochTime() public view returns (uint256) {
Constants.EpochStrategy memory current = Constants.getEpochStrategy();
return epochTimeWithStrategy(current);
}
function epochTimeWithStrategy(Constants.EpochStrategy memory strategy) private view returns (uint256) {
return blockTimestamp()
.sub(strategy.start)
.div(strategy.period)
.add(strategy.offset);
}
// Overridable for testing
function blockTimestamp() internal view returns (uint256) {
return block.timestamp;
}
function outstandingCoupons(uint256 epoch) public view returns (uint256) {
return _state.epochs[epoch].coupons.outstanding;
}
function couponsExpiration(uint256 epoch) public view returns (uint256) {
return _state.epochs[epoch].coupons.expiration;
}
function expiringCoupons(uint256 epoch) public view returns (uint256) {
return _state.epochs[epoch].coupons.expiring.length;
}
function expiringCouponsAtIndex(uint256 epoch, uint256 i) public view returns (uint256) {
return _state.epochs[epoch].coupons.expiring[i];
}
function totalBondedAt(uint256 epoch) public view returns (uint256) {
return _state.epochs[epoch].bonded;
}
function bootstrappingAt(uint256 epoch) public view returns (bool) {
return epoch <= Constants.getBootstrappingPeriod();
}
/**
* Governance
*/
function recordedVote(address account, address candidate) public view returns (Candidate.Vote) {
return _state.candidates[candidate].votes[account];
}
function startFor(address candidate) public view returns (uint256) {
return _state.candidates[candidate].start;
}
function periodFor(address candidate) public view returns (uint256) {
return _state.candidates[candidate].period;
}
function approveFor(address candidate) public view returns (uint256) {
return _state.candidates[candidate].approve;
}
function rejectFor(address candidate) public view returns (uint256) {
return _state.candidates[candidate].reject;
}
function votesFor(address candidate) public view returns (uint256) {
return approveFor(candidate).add(rejectFor(candidate));
}
function isNominated(address candidate) public view returns (bool) {
return _state.candidates[candidate].start > 0;
}
function isInitialized(address candidate) public view returns (bool) {
return _state.candidates[candidate].initialized;
}
function implementation() public view returns (address impl) {
bytes32 slot = IMPLEMENTATION_SLOT;
assembly {
impl := sload(slot)
}
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Setters is State, Getters {
using SafeMath for uint256;
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* ERC20 Interface
*/
function transfer(address recipient, uint256 amount) external returns (bool) {
return false;
}
function approve(address spender, uint256 amount) external returns (bool) {
return false;
}
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool) {
return false;
}
/**
* Global
*/
function incrementTotalBonded(uint256 amount) internal {
_state.balance.bonded = _state.balance.bonded.add(amount);
}
function decrementTotalBonded(uint256 amount, string memory reason) internal {
_state.balance.bonded = _state.balance.bonded.sub(amount, reason);
}
function incrementTotalDebt(uint256 amount) internal {
_state.balance.debt = _state.balance.debt.add(amount);
}
function decrementTotalDebt(uint256 amount, string memory reason) internal {
_state.balance.debt = _state.balance.debt.sub(amount, reason);
}
function setDebtToZero() internal {
_state.balance.debt = 0;
}
function incrementTotalRedeemable(uint256 amount) internal {
_state.balance.redeemable = _state.balance.redeemable.add(amount);
}
function decrementTotalRedeemable(uint256 amount, string memory reason) internal {
_state.balance.redeemable = _state.balance.redeemable.sub(amount, reason);
}
/**
* Account
*/
function incrementBalanceOf(address account, uint256 amount) internal {
_state.accounts[account].balance = _state.accounts[account].balance.add(amount);
_state.balance.supply = _state.balance.supply.add(amount);
emit Transfer(address(0), account, amount);
}
function decrementBalanceOf(address account, uint256 amount, string memory reason) internal {
_state.accounts[account].balance = _state.accounts[account].balance.sub(amount, reason);
_state.balance.supply = _state.balance.supply.sub(amount, reason);
emit Transfer(account, address(0), amount);
}
function incrementBalanceOfStaged(address account, uint256 amount) internal {
_state.accounts[account].staged = _state.accounts[account].staged.add(amount);
_state.balance.staged = _state.balance.staged.add(amount);
}
function decrementBalanceOfStaged(address account, uint256 amount, string memory reason) internal {
_state.accounts[account].staged = _state.accounts[account].staged.sub(amount, reason);
_state.balance.staged = _state.balance.staged.sub(amount, reason);
}
function incrementBalanceOfCoupons(address account, uint256 epoch, uint256 amount) internal {
_state.accounts[account].coupons[epoch] = _state.accounts[account].coupons[epoch].add(amount);
_state.epochs[epoch].coupons.outstanding = _state.epochs[epoch].coupons.outstanding.add(amount);
_state.balance.coupons = _state.balance.coupons.add(amount);
}
function decrementBalanceOfCoupons(address account, uint256 epoch, uint256 amount, string memory reason) internal {
_state.accounts[account].coupons[epoch] = _state.accounts[account].coupons[epoch].sub(amount, reason);
_state.epochs[epoch].coupons.outstanding = _state.epochs[epoch].coupons.outstanding.sub(amount, reason);
_state.balance.coupons = _state.balance.coupons.sub(amount, reason);
}
function unfreeze(address account) internal {
_state.accounts[account].fluidUntil = epoch().add(Constants.getDAOExitLockupEpochs());
}
function updateAllowanceCoupons(address owner, address spender, uint256 amount) internal {
_state.accounts[owner].couponAllowances[spender] = amount;
}
function decrementAllowanceCoupons(address owner, address spender, uint256 amount, string memory reason) internal {
_state.accounts[owner].couponAllowances[spender] =
_state.accounts[owner].couponAllowances[spender].sub(amount, reason);
}
/**
* Epoch
*/
function incrementEpoch() internal {
_state.epoch.current = _state.epoch.current.add(1);
}
function snapshotTotalBonded() internal {
_state.epochs[epoch()].bonded = totalSupply();
}
function initializeCouponsExpiration(uint256 epoch, uint256 expiration) internal {
_state.epochs[epoch].coupons.expiration = expiration;
_state.epochs[expiration].coupons.expiring.push(epoch);
}
function eliminateOutstandingCoupons(uint256 epoch) internal {
uint256 outstandingCouponsForEpoch = outstandingCoupons(epoch);
if(outstandingCouponsForEpoch == 0) {
return;
}
_state.balance.coupons = _state.balance.coupons.sub(outstandingCouponsForEpoch);
_state.epochs[epoch].coupons.outstanding = 0;
}
/**
* Governance
*/
function createCandidate(address candidate, uint256 period) internal {
_state.candidates[candidate].start = epoch();
_state.candidates[candidate].period = period;
}
function recordVote(address account, address candidate, Candidate.Vote vote) internal {
_state.candidates[candidate].votes[account] = vote;
}
function incrementApproveFor(address candidate, uint256 amount) internal {
_state.candidates[candidate].approve = _state.candidates[candidate].approve.add(amount);
}
function decrementApproveFor(address candidate, uint256 amount, string memory reason) internal {
_state.candidates[candidate].approve = _state.candidates[candidate].approve.sub(amount, reason);
}
function incrementRejectFor(address candidate, uint256 amount) internal {
_state.candidates[candidate].reject = _state.candidates[candidate].reject.add(amount);
}
function decrementRejectFor(address candidate, uint256 amount, string memory reason) internal {
_state.candidates[candidate].reject = _state.candidates[candidate].reject.sub(amount, reason);
}
function placeLock(address account, address candidate) internal {
uint256 currentLock = _state.accounts[account].lockedUntil;
uint256 newLock = startFor(candidate).add(periodFor(candidate));
if (newLock > currentLock) {
_state.accounts[account].lockedUntil = newLock;
}
}
function initialized(address candidate) internal {
_state.candidates[candidate].initialized = true;
}
}
/*
Copyright 2019 dYdX Trading Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
/**
* @title Require
* @author dYdX
*
* Stringifies parameters to pretty-print revert messages. Costs more gas than regular require()
*/
library Require {
// ============ Constants ============
uint256 constant ASCII_ZERO = 48; // '0'
uint256 constant ASCII_RELATIVE_ZERO = 87; // 'a' - 10
uint256 constant ASCII_LOWER_EX = 120; // 'x'
bytes2 constant COLON = 0x3a20; // ': '
bytes2 constant COMMA = 0x2c20; // ', '
bytes2 constant LPAREN = 0x203c; // ' <'
byte constant RPAREN = 0x3e; // '>'
uint256 constant FOUR_BIT_MASK = 0xf;
// ============ Library Functions ============
function that(
bool must,
bytes32 file,
bytes32 reason
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason)
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
uint256 payloadA
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
uint256 payloadA,
uint256 payloadB
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
COMMA,
stringify(payloadB),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
address payloadA
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
address payloadA,
uint256 payloadB
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
COMMA,
stringify(payloadB),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
address payloadA,
uint256 payloadB,
uint256 payloadC
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
COMMA,
stringify(payloadB),
COMMA,
stringify(payloadC),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
bytes32 payloadA
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
bytes32 payloadA,
uint256 payloadB,
uint256 payloadC
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
COMMA,
stringify(payloadB),
COMMA,
stringify(payloadC),
RPAREN
)
)
);
}
}
// ============ Private Functions ============
function stringifyTruncated(
bytes32 input
)
private
pure
returns (bytes memory)
{
// put the input bytes into the result
bytes memory result = abi.encodePacked(input);
// determine the length of the input by finding the location of the last non-zero byte
for (uint256 i = 32; i > 0; ) {
// reverse-for-loops with unsigned integer
/* solium-disable-next-line security/no-modify-for-iter-var */
i--;
// find the last non-zero byte in order to determine the length
if (result[i] != 0) {
uint256 length = i + 1;
/* solium-disable-next-line security/no-inline-assembly */
assembly {
mstore(result, length) // r.length = length;
}
return result;
}
}
// all bytes are zero
return new bytes(0);
}
function stringify(
uint256 input
)
private
pure
returns (bytes memory)
{
if (input == 0) {
return "0";
}
// get the final string length
uint256 j = input;
uint256 length;
while (j != 0) {
length++;
j /= 10;
}
// allocate the string
bytes memory bstr = new bytes(length);
// populate the string starting with the least-significant character
j = input;
for (uint256 i = length; i > 0; ) {
// reverse-for-loops with unsigned integer
/* solium-disable-next-line security/no-modify-for-iter-var */
i--;
// take last decimal digit
bstr[i] = byte(uint8(ASCII_ZERO + (j % 10)));
// remove the last decimal digit
j /= 10;
}
return bstr;
}
function stringify(
address input
)
private
pure
returns (bytes memory)
{
uint256 z = uint256(input);
// addresses are "0x" followed by 20 bytes of data which take up 2 characters each
bytes memory result = new bytes(42);
// populate the result with "0x"
result[0] = byte(uint8(ASCII_ZERO));
result[1] = byte(uint8(ASCII_LOWER_EX));
// for each byte (starting from the lowest byte), populate the result with two characters
for (uint256 i = 0; i < 20; i++) {
// each byte takes two characters
uint256 shift = i * 2;
// populate the least-significant character
result[41 - shift] = char(z & FOUR_BIT_MASK);
z = z >> 4;
// populate the most-significant character
result[40 - shift] = char(z & FOUR_BIT_MASK);
z = z >> 4;
}
return result;
}
function stringify(
bytes32 input
)
private
pure
returns (bytes memory)
{
uint256 z = uint256(input);
// bytes32 are "0x" followed by 32 bytes of data which take up 2 characters each
bytes memory result = new bytes(66);
// populate the result with "0x"
result[0] = byte(uint8(ASCII_ZERO));
result[1] = byte(uint8(ASCII_LOWER_EX));
// for each byte (starting from the lowest byte), populate the result with two characters
for (uint256 i = 0; i < 32; i++) {
// each byte takes two characters
uint256 shift = i * 2;
// populate the least-significant character
result[65 - shift] = char(z & FOUR_BIT_MASK);
z = z >> 4;
// populate the most-significant character
result[64 - shift] = char(z & FOUR_BIT_MASK);
z = z >> 4;
}
return result;
}
function char(
uint256 input
)
private
pure
returns (byte)
{
// return ASCII digit (0-9)
if (input < 10) {
return byte(uint8(input + ASCII_ZERO));
}
// return ASCII letter (a-f)
return byte(uint8(input + ASCII_RELATIVE_ZERO));
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Comptroller is Setters {
using SafeMath for uint256;
bytes32 private constant FILE = "Comptroller";
function mintToAccount(address account, uint256 amount) internal {
dollar().mint(account, amount);
if (!bootstrappingAt(epoch())) {
increaseDebt(amount);
}
balanceCheck();
}
function burnFromAccount(address account, uint256 amount) internal {
dollar().transferFrom(account, address(this), amount);
dollar().burn(amount);
decrementTotalDebt(amount, "Comptroller: not enough outstanding debt");
balanceCheck();
}
function redeemToAccount(address account, uint256 amount) internal {
dollar().transfer(account, amount);
decrementTotalRedeemable(amount, "Comptroller: not enough redeemable balance");
balanceCheck();
}
function burnRedeemable(uint256 amount) internal {
dollar().burn(amount);
decrementTotalRedeemable(amount, "Comptroller: not enough redeemable balance");
balanceCheck();
}
function increaseDebt(uint256 amount) internal {
incrementTotalDebt(amount);
resetDebt(Constants.getDebtRatioCap());
balanceCheck();
}
function decreaseDebt(uint256 amount) internal {
decrementTotalDebt(amount, "Comptroller: not enough debt");
balanceCheck();
}
function increaseSupply(uint256 newSupply) internal returns (uint256, uint256, uint256) {
(uint256 newRedeemable, uint256 lessDebt, uint256 poolReward) = (0, 0, 0);
// 1. True up redeemable pool
uint256 totalRedeemable = totalRedeemable();
uint256 totalCoupons = totalCoupons();
if (totalRedeemable < totalCoupons) {
// Get new redeemable coupons
newRedeemable = totalCoupons.sub(totalRedeemable);
// Pad with Pool's potential cut
newRedeemable = newRedeemable.mul(100).div(SafeMath.sub(100, Constants.getOraclePoolRatio()));
// Cap at newSupply
newRedeemable = newRedeemable > newSupply ? newSupply : newRedeemable;
// Determine Pool's final cut
poolReward = newRedeemable.mul(Constants.getOraclePoolRatio()).div(100);
// Determine Redeemable's final cut
newRedeemable = newRedeemable.sub(poolReward);
mintToPool(poolReward);
mintToRedeemable(newRedeemable);
newSupply = newSupply.sub(poolReward);
newSupply = newSupply.sub(newRedeemable);
}
// 2. Eliminate debt
uint256 totalDebt = totalDebt();
if (newSupply > 0 && totalDebt > 0) {
lessDebt = totalDebt > newSupply ? newSupply : totalDebt;
decreaseDebt(lessDebt);
newSupply = newSupply.sub(lessDebt);
}
// 3. Payout to bonded
if (totalBonded() == 0) {
newSupply = 0;
}
if (newSupply > 0) {
mintToBonded(newSupply);
}
return (newRedeemable, lessDebt, newSupply.add(poolReward));
}
function resetDebt(Decimal.D256 memory targetDebtRatio) internal {
uint256 targetDebt = targetDebtRatio.mul(dollar().totalSupply()).asUint256();
uint256 currentDebt = totalDebt();
if (currentDebt > targetDebt) {
uint256 lessDebt = currentDebt.sub(targetDebt);
decreaseDebt(lessDebt);
}
}
function balanceCheck() private {
Require.that(
dollar().balanceOf(address(this)) >= totalBonded().add(totalStaged()).add(totalRedeemable()),
FILE,
"Inconsistent balances"
);
}
function mintToBonded(uint256 amount) private {
Require.that(
totalBonded() > 0,
FILE,
"Cant mint to empty pool"
);
uint256 poolAmount = amount.mul(Constants.getOraclePoolRatio()).div(100);
uint256 daoAmount = amount > poolAmount ? amount.sub(poolAmount) : 0;
mintToPool(poolAmount);
mintToDAO(daoAmount);
balanceCheck();
}
function mintToDAO(uint256 amount) private {
if (amount > 0) {
dollar().mint(address(this), amount);
incrementTotalBonded(amount);
}
}
function mintToPool(uint256 amount) private {
if (amount > 0) {
dollar().mint(pool(), amount);
}
}
function mintToRedeemable(uint256 amount) private {
dollar().mint(address(this), amount);
incrementTotalRedeemable(amount);
balanceCheck();
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Market is Comptroller, Curve {
using SafeMath for uint256;
bytes32 private constant FILE = "Market";
event CouponExpiration(uint256 indexed epoch, uint256 couponsExpired, uint256 lessRedeemable, uint256 lessDebt, uint256 newBonded);
event CouponPurchase(address indexed account, uint256 indexed epoch, uint256 dollarAmount, uint256 couponAmount);
event CouponRedemption(address indexed account, uint256 indexed epoch, uint256 couponAmount);
event CouponBurn(address indexed account, uint256 indexed epoch, uint256 couponAmount);
event CouponTransfer(address indexed from, address indexed to, uint256 indexed epoch, uint256 value);
event CouponApproval(address indexed owner, address indexed spender, uint256 value);
function step() internal {
// Expire prior coupons
for (uint256 i = 0; i < expiringCoupons(epoch()); i++) {
expireCouponsForEpoch(expiringCouponsAtIndex(epoch(), i));
}
// Record expiry for current epoch's coupons
uint256 expirationEpoch = epoch().add(Constants.getCouponExpiration());
initializeCouponsExpiration(epoch(), expirationEpoch);
}
function expireCouponsForEpoch(uint256 epoch) private {
uint256 couponsForEpoch = outstandingCoupons(epoch);
(uint256 lessRedeemable, uint256 lessDebt, uint256 newBonded) = (0, 0, 0);
eliminateOutstandingCoupons(epoch);
uint256 totalRedeemable = totalRedeemable();
uint256 totalCoupons = totalCoupons();
if (totalRedeemable > totalCoupons) {
lessRedeemable = totalRedeemable.sub(totalCoupons);
burnRedeemable(lessRedeemable);
(, lessDebt, newBonded) = increaseSupply(lessRedeemable);
}
emit CouponExpiration(epoch, couponsForEpoch, lessRedeemable, lessDebt, newBonded);
}
function couponPremium(uint256 amount) public view returns (uint256) {
return calculateCouponPremium(dollar().totalSupply(), totalDebt(), amount);
}
function couponRedemptionPenalty(uint256 couponEpoch, uint256 couponAmount) public view returns (uint256) {
uint timeIntoEpoch = block.timestamp % Constants.getEpochStrategy().period;
uint couponAge = epoch() - couponEpoch;
uint couponEpochDecay = Constants.getCouponRedemptionPenaltyDecay() * (Constants.getCouponExpiration() - couponAge) / Constants.getCouponExpiration();
if(timeIntoEpoch > couponEpochDecay) {
return 0;
}
Decimal.D256 memory couponEpochInitialPenalty = Constants.getInitialCouponRedemptionPenalty().div(Decimal.D256({value: Constants.getCouponExpiration() })).mul(Decimal.D256({value: Constants.getCouponExpiration() - couponAge}));
Decimal.D256 memory couponEpochDecayedPenalty = couponEpochInitialPenalty.div(Decimal.D256({value: couponEpochDecay})).mul(Decimal.D256({value: couponEpochDecay - timeIntoEpoch}));
return Decimal.D256({value: couponAmount}).mul(couponEpochDecayedPenalty).value;
}
function purchaseCoupons(uint256 dollarAmount) external returns (uint256) {
Require.that(
dollarAmount > 0,
FILE,
"Must purchase non-zero amount"
);
Require.that(
totalDebt() >= dollarAmount,
FILE,
"Not enough debt"
);
uint256 epoch = epoch();
uint256 couponAmount = dollarAmount.add(couponPremium(dollarAmount));
burnFromAccount(msg.sender, dollarAmount);
incrementBalanceOfCoupons(msg.sender, epoch, couponAmount);
emit CouponPurchase(msg.sender, epoch, dollarAmount, couponAmount);
return couponAmount;
}
function redeemCoupons(uint256 couponEpoch, uint256 couponAmount) external {
require(epoch().sub(couponEpoch) >= 2, "Market: Too early to redeem");
decrementBalanceOfCoupons(msg.sender, couponEpoch, couponAmount, "Market: Insufficient coupon balance");
uint burnAmount = couponRedemptionPenalty(couponEpoch, couponAmount);
uint256 redeemAmount = couponAmount - burnAmount;
redeemToAccount(msg.sender, redeemAmount);
if(burnAmount > 0){
emit CouponBurn(msg.sender, couponEpoch, burnAmount);
}
emit CouponRedemption(msg.sender, couponEpoch, redeemAmount);
}
function redeemCoupons(uint256 couponEpoch, uint256 couponAmount, uint256 minOutput) external {
require(epoch().sub(couponEpoch) >= 2, "Market: Too early to redeem");
decrementBalanceOfCoupons(msg.sender, couponEpoch, couponAmount, "Market: Insufficient coupon balance");
uint burnAmount = couponRedemptionPenalty(couponEpoch, couponAmount);
uint256 redeemAmount = couponAmount - burnAmount;
Require.that(
redeemAmount >= minOutput,
FILE,
"Insufficient output amount"
);
redeemToAccount(msg.sender, redeemAmount);
if(burnAmount > 0){
emit CouponBurn(msg.sender, couponEpoch, burnAmount);
}
emit CouponRedemption(msg.sender, couponEpoch, redeemAmount);
}
function approveCoupons(address spender, uint256 amount) external {
require(spender != address(0), "Market: Coupon approve to the zero address");
updateAllowanceCoupons(msg.sender, spender, amount);
emit CouponApproval(msg.sender, spender, amount);
}
function transferCoupons(address sender, address recipient, uint256 epoch, uint256 amount) external {
require(sender != address(0), "Market: Coupon transfer from the zero address");
require(recipient != address(0), "Market: Coupon transfer to the zero address");
decrementBalanceOfCoupons(sender, epoch, amount, "Market: Insufficient coupon balance");
incrementBalanceOfCoupons(recipient, epoch, amount);
if (msg.sender != sender && allowanceCoupons(sender, msg.sender) != uint256(-1)) {
decrementAllowanceCoupons(sender, msg.sender, amount, "Market: Insufficient coupon approval");
}
emit CouponTransfer(sender, recipient, epoch, amount);
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Regulator is Comptroller {
using SafeMath for uint256;
using Decimal for Decimal.D256;
event SupplyIncrease(uint256 indexed epoch, uint256 price, uint256 newRedeemable, uint256 lessDebt, uint256 newBonded);
event SupplyDecrease(uint256 indexed epoch, uint256 price, uint256 newDebt);
event SupplyNeutral(uint256 indexed epoch);
function step() internal {
Decimal.D256 memory price = oracleCapture();
if (price.greaterThan(Decimal.one())) {
setDebtToZero();
growSupply(price);
return;
}
if (price.lessThan(Decimal.one())) {
shrinkSupply(price);
return;
}
emit SupplyNeutral(epoch());
}
function shrinkSupply(Decimal.D256 memory price) private {
Decimal.D256 memory delta = limit(Decimal.one().sub(price));
uint256 newDebt = delta.mul(totalNet()).asUint256();
increaseDebt(newDebt);
emit SupplyDecrease(epoch(), price.value, newDebt);
return;
}
function growSupply(Decimal.D256 memory price) private {
Decimal.D256 memory delta = limit(price.sub(Decimal.one()).div(Constants.getSupplyChangeDivisor()));
uint256 newSupply = delta.mul(totalNet()).asUint256();
(uint256 newRedeemable, uint256 lessDebt, uint256 newBonded) = increaseSupply(newSupply);
emit SupplyIncrease(epoch(), price.value, newRedeemable, lessDebt, newBonded);
}
function limit(Decimal.D256 memory delta) private view returns (Decimal.D256 memory) {
Decimal.D256 memory supplyChangeLimit = Constants.getSupplyChangeLimit();
return delta.greaterThan(supplyChangeLimit) ? supplyChangeLimit : delta;
}
function oracleCapture() private returns (Decimal.D256 memory) {
(Decimal.D256 memory price, bool valid) = oracle().capture();
if (bootstrappingAt(epoch().sub(1))) {
return Constants.getBootstrappingPrice();
}
if (!valid) {
return Decimal.one();
}
return price;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Permission is Setters {
bytes32 private constant FILE = "Permission";
// Can modify account state
modifier onlyFrozenOrFluid(address account) {
Require.that(
statusOf(account) != Account.Status.Locked,
FILE,
"Not frozen or fluid"
);
_;
}
// Can participate in balance-dependant activities
modifier onlyFrozenOrLocked(address account) {
Require.that(
statusOf(account) != Account.Status.Fluid,
FILE,
"Not frozen or locked"
);
_;
}
modifier initializer() {
Require.that(
!isInitialized(implementation()),
FILE,
"Already initialized"
);
initialized(implementation());
_;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Bonding is Setters, Permission {
using SafeMath for uint256;
bytes32 private constant FILE = "Bonding";
event Deposit(address indexed account, uint256 value);
event Withdraw(address indexed account, uint256 value);
event Bond(address indexed account, uint256 start, uint256 value, uint256 valueUnderlying);
event Unbond(address indexed account, uint256 start, uint256 value, uint256 valueUnderlying);
function step() internal {
Require.that(
epochTime() > epoch(),
FILE,
"Still current epoch"
);
snapshotTotalBonded();
incrementEpoch();
}
function deposit(uint256 value) external onlyFrozenOrLocked(msg.sender) {
dollar().transferFrom(msg.sender, address(this), value);
incrementBalanceOfStaged(msg.sender, value);
emit Deposit(msg.sender, value);
}
function withdraw(uint256 value) external onlyFrozenOrLocked(msg.sender) {
dollar().transfer(msg.sender, value);
decrementBalanceOfStaged(msg.sender, value, "Bonding: insufficient staged balance");
emit Withdraw(msg.sender, value);
}
function bond(uint256 value) external onlyFrozenOrFluid(msg.sender) {
unfreeze(msg.sender);
uint256 balance = totalBonded() == 0 ?
value.mul(Constants.getInitialStakeMultiple()) :
value.mul(totalSupply()).div(totalBonded());
incrementBalanceOf(msg.sender, balance);
incrementTotalBonded(value);
decrementBalanceOfStaged(msg.sender, value, "Bonding: insufficient staged balance");
emit Bond(msg.sender, epoch().add(1), balance, value);
}
function unbond(uint256 value) external onlyFrozenOrFluid(msg.sender) {
unfreeze(msg.sender);
uint256 staged = value.mul(balanceOfBonded(msg.sender)).div(balanceOf(msg.sender));
incrementBalanceOfStaged(msg.sender, staged);
decrementTotalBonded(staged, "Bonding: insufficient total bonded");
decrementBalanceOf(msg.sender, value, "Bonding: insufficient balance");
emit Unbond(msg.sender, epoch().add(1), value, staged);
}
function unbondUnderlying(uint256 value) external onlyFrozenOrFluid(msg.sender) {
unfreeze(msg.sender);
uint256 balance = value.mul(totalSupply()).div(totalBonded());
incrementBalanceOfStaged(msg.sender, value);
decrementTotalBonded(value, "Bonding: insufficient total bonded");
decrementBalanceOf(msg.sender, balance, "Bonding: insufficient balance");
emit Unbond(msg.sender, epoch().add(1), balance, value);
}
}
/**
* Utility library of inline functions on addresses
*
* Source https://raw.githubusercontent.com/OpenZeppelin/openzeppelin-solidity/v2.1.3/contracts/utils/Address.sol
* This contract is copied here and renamed from the original to avoid clashes in the compiled artifacts
* when the user imports a zos-lib contract (that transitively causes this contract to be compiled and added to the
* build/artifacts folder) as well as the vanilla Address implementation from an openzeppelin version.
*/
library OpenZeppelinUpgradesAddress {
/**
* Returns whether the target address is a contract
* @dev This function will return false if invoked during the constructor of a contract,
* as the code is not actually created until after the constructor finishes.
* @param account address of the account to check
* @return whether the target address is a contract
*/
function isContract(address account) internal view returns (bool) {
uint256 size;
// XXX Currently there is no better way to check if there is a contract in an address
// than to check the size of the code at that address.
// See https://ethereum.stackexchange.com/a/14016/36603
// for more details about how this works.
// TODO Check this again before the Serenity release, because all addresses will be
// contracts then.
// solhint-disable-next-line no-inline-assembly
assembly { size := extcodesize(account) }
return size > 0;
}
}
/*
Copyright 2018-2019 zOS Global Limited
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
/**
* Based off of, and designed to interface with, openzeppelin/upgrades package
*/
contract Upgradeable is State {
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 private constant IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Emitted when the implementation is upgraded.
* @param implementation Address of the new implementation.
*/
event Upgraded(address indexed implementation);
function initialize() public;
/**
* @dev Upgrades the proxy to a new implementation.
* @param newImplementation Address of the new implementation.
*/
function upgradeTo(address newImplementation) internal {
setImplementation(newImplementation);
(bool success, bytes memory reason) = newImplementation.delegatecall(abi.encodeWithSignature("initialize()"));
require(success, string(reason));
emit Upgraded(newImplementation);
}
/**
* @dev Sets the implementation address of the proxy.
* @param newImplementation Address of the new implementation.
*/
function setImplementation(address newImplementation) private {
require(OpenZeppelinUpgradesAddress.isContract(newImplementation), "Cannot set a proxy implementation to a non-contract address");
bytes32 slot = IMPLEMENTATION_SLOT;
assembly {
sstore(slot, newImplementation)
}
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Govern is Setters, Permission, Upgradeable {
using SafeMath for uint256;
using Decimal for Decimal.D256;
bytes32 private constant FILE = "Govern";
event Proposal(address indexed candidate, address indexed account, uint256 indexed start, uint256 period);
event Vote(address indexed account, address indexed candidate, Candidate.Vote vote, uint256 bonded);
event Commit(address indexed account, address indexed candidate);
function vote(address candidate, Candidate.Vote vote) external onlyFrozenOrLocked(msg.sender) {
Require.that(
balanceOf(msg.sender) > 0,
FILE,
"Must have stake"
);
if (!isNominated(candidate)) {
Require.that(
canPropose(msg.sender),
FILE,
"Not enough stake to propose"
);
createCandidate(candidate, Constants.getGovernancePeriod());
emit Proposal(candidate, msg.sender, epoch(), Constants.getGovernancePeriod());
}
Require.that(
epoch() < startFor(candidate).add(periodFor(candidate)),
FILE,
"Ended"
);
uint256 bonded = balanceOf(msg.sender);
Candidate.Vote recordedVote = recordedVote(msg.sender, candidate);
if (vote == recordedVote) {
return;
}
if (recordedVote == Candidate.Vote.REJECT) {
decrementRejectFor(candidate, bonded, "Govern: Insufficient reject");
}
if (recordedVote == Candidate.Vote.APPROVE) {
decrementApproveFor(candidate, bonded, "Govern: Insufficient approve");
}
if (vote == Candidate.Vote.REJECT) {
incrementRejectFor(candidate, bonded);
}
if (vote == Candidate.Vote.APPROVE) {
incrementApproveFor(candidate, bonded);
}
recordVote(msg.sender, candidate, vote);
placeLock(msg.sender, candidate);
emit Vote(msg.sender, candidate, vote, bonded);
}
function commit(address candidate) external {
Require.that(
isNominated(candidate),
FILE,
"Not nominated"
);
uint256 endsAfter = startFor(candidate).add(periodFor(candidate)).sub(1);
Require.that(
epoch() > endsAfter,
FILE,
"Not ended"
);
Require.that(
Decimal.ratio(votesFor(candidate), totalBondedAt(endsAfter)).greaterThan(Constants.getGovernanceQuorum()),
FILE,
"Must have quorom"
);
Require.that(
approveFor(candidate) > rejectFor(candidate),
FILE,
"Not approved"
);
upgradeTo(candidate);
emit Commit(msg.sender, candidate);
}
function emergencyCommit(address candidate) external {
Require.that(
isNominated(candidate),
FILE,
"Not nominated"
);
Require.that(
epochTime() > epoch().add(Constants.getGovernanceEmergencyDelay()),
FILE,
"Epoch synced"
);
Require.that(
Decimal.ratio(approveFor(candidate), totalSupply()).greaterThan(Constants.getGovernanceSuperMajority()),
FILE,
"Must have super majority"
);
Require.that(
approveFor(candidate) > rejectFor(candidate),
FILE,
"Not approved"
);
upgradeTo(candidate);
emit Commit(msg.sender, candidate);
}
function canPropose(address account) private view returns (bool) {
if (totalBonded() == 0) {
return false;
}
Decimal.D256 memory stake = Decimal.ratio(balanceOf(account), totalSupply());
return stake.greaterThan(Decimal.ratio(1, 100)); // 1%
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Implementation is State, Bonding, Market, Regulator, Govern {
using SafeMath for uint256;
event Advance(uint256 indexed epoch, uint256 block, uint256 timestamp);
event Incentivization(address indexed account, uint256 amount);
function initialize() initializer public {
// committer reward:
mintToAccount(msg.sender, 100e18); // 100 DSD to committer
// contributor rewards:
mintToAccount(0xF414CFf71eCC35320Df0BB577E3Bc9B69c9E1f07, 1000e18); // 1000 DSD to devnull
mintToAccount(0x8908b99821967e7f321b1D8e485658e48F10E483, 800e18); // 800 DSD to AlexL
mintToAccount(0x7a03b2e8ACe63164896717C1b22647aA450954A7, 500e18); // 500 DSD to Dr Disben
}
function advance() external incentivized {
Bonding.step();
Regulator.step();
Market.step();
emit Advance(epoch(), block.number, block.timestamp);
}
modifier incentivized {
// Mint advance reward to sender
uint256 incentive = Constants.getAdvanceIncentive();
mintToAccount(msg.sender, incentive);
emit Incentivization(msg.sender, incentive);
_;
}
}File 4 of 5: Dollar
pragma solidity ^0.5.17;
pragma experimental ABIEncoderV2;
/*
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with GSN meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
contract Context {
// Empty internal constructor, to prevent people from mistakenly deploying
// an instance of this contract, which should be used via inheritance.
constructor () internal { }
// solhint-disable-previous-line no-empty-blocks
function _msgSender() internal view returns (address payable) {
return msg.sender;
}
function _msgData() internal view returns (bytes memory) {
this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691
return msg.data;
}
}
/**
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include
* the optional functions; to access them see {ERC20Detailed}.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*
* _Available since v2.4.0._
*/
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
// Solidity only automatically asserts when dividing by 0
require(b > 0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b != 0, errorMessage);
return a % b;
}
}
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20Mintable}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20 is Context, IERC20 {
using SafeMath for uint256;
mapping (address => uint256) private _balances;
mapping (address => mapping (address => uint256)) private _allowances;
uint256 private _totalSupply;
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address recipient, uint256 amount) public returns (bool) {
_transfer(_msgSender(), recipient, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public returns (bool) {
_approve(_msgSender(), spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20};
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
* - the caller must have allowance for `sender`'s tokens of at least
* `amount`.
*/
function transferFrom(address sender, address recipient, uint256 amount) public returns (bool) {
_transfer(sender, recipient, amount);
_approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public returns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].add(addedValue));
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public returns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].sub(subtractedValue, "ERC20: decreased allowance below zero"));
return true;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/
function _transfer(address sender, address recipient, uint256 amount) internal {
require(sender != address(0), "ERC20: transfer from the zero address");
require(recipient != address(0), "ERC20: transfer to the zero address");
_balances[sender] = _balances[sender].sub(amount, "ERC20: transfer amount exceeds balance");
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements
*
* - `to` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal {
require(account != address(0), "ERC20: mint to the zero address");
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal {
require(account != address(0), "ERC20: burn from the zero address");
_balances[account] = _balances[account].sub(amount, "ERC20: burn amount exceeds balance");
_totalSupply = _totalSupply.sub(amount);
emit Transfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens.
*
* This is internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(address owner, address spender, uint256 amount) internal {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Destroys `amount` tokens from `account`.`amount` is then deducted
* from the caller's allowance.
*
* See {_burn} and {_approve}.
*/
function _burnFrom(address account, uint256 amount) internal {
_burn(account, amount);
_approve(account, _msgSender(), _allowances[account][_msgSender()].sub(amount, "ERC20: burn amount exceeds allowance"));
}
}
/**
* @dev Extension of {ERC20} that allows token holders to destroy both their own
* tokens and those that they have an allowance for, in a way that can be
* recognized off-chain (via event analysis).
*/
contract ERC20Burnable is Context, ERC20 {
/**
* @dev Destroys `amount` tokens from the caller.
*
* See {ERC20-_burn}.
*/
function burn(uint256 amount) public {
_burn(_msgSender(), amount);
}
/**
* @dev See {ERC20-_burnFrom}.
*/
function burnFrom(address account, uint256 amount) public {
_burnFrom(account, amount);
}
}
/**
* @dev Optional functions from the ERC20 standard.
*/
contract ERC20Detailed is IERC20 {
string private _name;
string private _symbol;
uint8 private _decimals;
/**
* @dev Sets the values for `name`, `symbol`, and `decimals`. All three of
* these values are immutable: they can only be set once during
* construction.
*/
constructor (string memory name, string memory symbol, uint8 decimals) public {
_name = name;
_symbol = symbol;
_decimals = decimals;
}
/**
* @dev Returns the name of the token.
*/
function name() public view returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5,05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view returns (uint8) {
return _decimals;
}
}
/**
* @title Roles
* @dev Library for managing addresses assigned to a Role.
*/
library Roles {
struct Role {
mapping (address => bool) bearer;
}
/**
* @dev Give an account access to this role.
*/
function add(Role storage role, address account) internal {
require(!has(role, account), "Roles: account already has role");
role.bearer[account] = true;
}
/**
* @dev Remove an account's access to this role.
*/
function remove(Role storage role, address account) internal {
require(has(role, account), "Roles: account does not have role");
role.bearer[account] = false;
}
/**
* @dev Check if an account has this role.
* @return bool
*/
function has(Role storage role, address account) internal view returns (bool) {
require(account != address(0), "Roles: account is the zero address");
return role.bearer[account];
}
}
contract MinterRole is Context {
using Roles for Roles.Role;
event MinterAdded(address indexed account);
event MinterRemoved(address indexed account);
Roles.Role private _minters;
constructor () internal {
_addMinter(_msgSender());
}
modifier onlyMinter() {
require(isMinter(_msgSender()), "MinterRole: caller does not have the Minter role");
_;
}
function isMinter(address account) public view returns (bool) {
return _minters.has(account);
}
function addMinter(address account) public onlyMinter {
_addMinter(account);
}
function renounceMinter() public {
_removeMinter(_msgSender());
}
function _addMinter(address account) internal {
_minters.add(account);
emit MinterAdded(account);
}
function _removeMinter(address account) internal {
_minters.remove(account);
emit MinterRemoved(account);
}
}
/*
Copyright 2019 dYdX Trading Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
/**
* @title Require
* @author dYdX
*
* Stringifies parameters to pretty-print revert messages. Costs more gas than regular require()
*/
library Require {
// ============ Constants ============
uint256 constant ASCII_ZERO = 48; // '0'
uint256 constant ASCII_RELATIVE_ZERO = 87; // 'a' - 10
uint256 constant ASCII_LOWER_EX = 120; // 'x'
bytes2 constant COLON = 0x3a20; // ': '
bytes2 constant COMMA = 0x2c20; // ', '
bytes2 constant LPAREN = 0x203c; // ' <'
byte constant RPAREN = 0x3e; // '>'
uint256 constant FOUR_BIT_MASK = 0xf;
// ============ Library Functions ============
function that(
bool must,
bytes32 file,
bytes32 reason
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason)
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
uint256 payloadA
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
uint256 payloadA,
uint256 payloadB
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
COMMA,
stringify(payloadB),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
address payloadA
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
address payloadA,
uint256 payloadB
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
COMMA,
stringify(payloadB),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
address payloadA,
uint256 payloadB,
uint256 payloadC
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
COMMA,
stringify(payloadB),
COMMA,
stringify(payloadC),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
bytes32 payloadA
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
RPAREN
)
)
);
}
}
function that(
bool must,
bytes32 file,
bytes32 reason,
bytes32 payloadA,
uint256 payloadB,
uint256 payloadC
)
internal
pure
{
if (!must) {
revert(
string(
abi.encodePacked(
stringifyTruncated(file),
COLON,
stringifyTruncated(reason),
LPAREN,
stringify(payloadA),
COMMA,
stringify(payloadB),
COMMA,
stringify(payloadC),
RPAREN
)
)
);
}
}
// ============ Private Functions ============
function stringifyTruncated(
bytes32 input
)
private
pure
returns (bytes memory)
{
// put the input bytes into the result
bytes memory result = abi.encodePacked(input);
// determine the length of the input by finding the location of the last non-zero byte
for (uint256 i = 32; i > 0; ) {
// reverse-for-loops with unsigned integer
/* solium-disable-next-line security/no-modify-for-iter-var */
i--;
// find the last non-zero byte in order to determine the length
if (result[i] != 0) {
uint256 length = i + 1;
/* solium-disable-next-line security/no-inline-assembly */
assembly {
mstore(result, length) // r.length = length;
}
return result;
}
}
// all bytes are zero
return new bytes(0);
}
function stringify(
uint256 input
)
private
pure
returns (bytes memory)
{
if (input == 0) {
return "0";
}
// get the final string length
uint256 j = input;
uint256 length;
while (j != 0) {
length++;
j /= 10;
}
// allocate the string
bytes memory bstr = new bytes(length);
// populate the string starting with the least-significant character
j = input;
for (uint256 i = length; i > 0; ) {
// reverse-for-loops with unsigned integer
/* solium-disable-next-line security/no-modify-for-iter-var */
i--;
// take last decimal digit
bstr[i] = byte(uint8(ASCII_ZERO + (j % 10)));
// remove the last decimal digit
j /= 10;
}
return bstr;
}
function stringify(
address input
)
private
pure
returns (bytes memory)
{
uint256 z = uint256(input);
// addresses are "0x" followed by 20 bytes of data which take up 2 characters each
bytes memory result = new bytes(42);
// populate the result with "0x"
result[0] = byte(uint8(ASCII_ZERO));
result[1] = byte(uint8(ASCII_LOWER_EX));
// for each byte (starting from the lowest byte), populate the result with two characters
for (uint256 i = 0; i < 20; i++) {
// each byte takes two characters
uint256 shift = i * 2;
// populate the least-significant character
result[41 - shift] = char(z & FOUR_BIT_MASK);
z = z >> 4;
// populate the most-significant character
result[40 - shift] = char(z & FOUR_BIT_MASK);
z = z >> 4;
}
return result;
}
function stringify(
bytes32 input
)
private
pure
returns (bytes memory)
{
uint256 z = uint256(input);
// bytes32 are "0x" followed by 32 bytes of data which take up 2 characters each
bytes memory result = new bytes(66);
// populate the result with "0x"
result[0] = byte(uint8(ASCII_ZERO));
result[1] = byte(uint8(ASCII_LOWER_EX));
// for each byte (starting from the lowest byte), populate the result with two characters
for (uint256 i = 0; i < 32; i++) {
// each byte takes two characters
uint256 shift = i * 2;
// populate the least-significant character
result[65 - shift] = char(z & FOUR_BIT_MASK);
z = z >> 4;
// populate the most-significant character
result[64 - shift] = char(z & FOUR_BIT_MASK);
z = z >> 4;
}
return result;
}
function char(
uint256 input
)
private
pure
returns (byte)
{
// return ASCII digit (0-9)
if (input < 10) {
return byte(uint8(input + ASCII_ZERO));
}
// return ASCII letter (a-f)
return byte(uint8(input + ASCII_RELATIVE_ZERO));
}
}
/*
Copyright 2019 ZeroEx Intl.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
library LibEIP712 {
// Hash of the EIP712 Domain Separator Schema
// keccak256(abi.encodePacked(
// "EIP712Domain(",
// "string name,",
// "string version,",
// "uint256 chainId,",
// "address verifyingContract",
// ")"
// ))
bytes32 constant internal _EIP712_DOMAIN_SEPARATOR_SCHEMA_HASH = 0x8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f;
/// @dev Calculates a EIP712 domain separator.
/// @param name The EIP712 domain name.
/// @param version The EIP712 domain version.
/// @param verifyingContract The EIP712 verifying contract.
/// @return EIP712 domain separator.
function hashEIP712Domain(
string memory name,
string memory version,
uint256 chainId,
address verifyingContract
)
internal
pure
returns (bytes32 result)
{
bytes32 schemaHash = _EIP712_DOMAIN_SEPARATOR_SCHEMA_HASH;
// Assembly for more efficient computing:
// keccak256(abi.encodePacked(
// _EIP712_DOMAIN_SEPARATOR_SCHEMA_HASH,
// keccak256(bytes(name)),
// keccak256(bytes(version)),
// chainId,
// uint256(verifyingContract)
// ))
assembly {
// Calculate hashes of dynamic data
let nameHash := keccak256(add(name, 32), mload(name))
let versionHash := keccak256(add(version, 32), mload(version))
// Load free memory pointer
let memPtr := mload(64)
// Store params in memory
mstore(memPtr, schemaHash)
mstore(add(memPtr, 32), nameHash)
mstore(add(memPtr, 64), versionHash)
mstore(add(memPtr, 96), chainId)
mstore(add(memPtr, 128), verifyingContract)
// Compute hash
result := keccak256(memPtr, 160)
}
return result;
}
/// @dev Calculates EIP712 encoding for a hash struct with a given domain hash.
/// @param eip712DomainHash Hash of the domain domain separator data, computed
/// with getDomainHash().
/// @param hashStruct The EIP712 hash struct.
/// @return EIP712 hash applied to the given EIP712 Domain.
function hashEIP712Message(bytes32 eip712DomainHash, bytes32 hashStruct)
internal
pure
returns (bytes32 result)
{
// Assembly for more efficient computing:
// keccak256(abi.encodePacked(
// EIP191_HEADER,
// EIP712_DOMAIN_HASH,
// hashStruct
// ));
assembly {
// Load free memory pointer
let memPtr := mload(64)
mstore(memPtr, 0x1901000000000000000000000000000000000000000000000000000000000000) // EIP191 header
mstore(add(memPtr, 2), eip712DomainHash) // EIP712 domain hash
mstore(add(memPtr, 34), hashStruct) // Hash of struct
// Compute hash
result := keccak256(memPtr, 66)
}
return result;
}
}
/*
Copyright 2019 dYdX Trading Inc.
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
/**
* @title Decimal
* @author dYdX
*
* Library that defines a fixed-point number with 18 decimal places.
*/
library Decimal {
using SafeMath for uint256;
// ============ Constants ============
uint256 constant BASE = 10**18;
// ============ Structs ============
struct D256 {
uint256 value;
}
// ============ Static Functions ============
function zero()
internal
pure
returns (D256 memory)
{
return D256({ value: 0 });
}
function one()
internal
pure
returns (D256 memory)
{
return D256({ value: BASE });
}
function from(
uint256 a
)
internal
pure
returns (D256 memory)
{
return D256({ value: a.mul(BASE) });
}
function ratio(
uint256 a,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: getPartial(a, BASE, b) });
}
// ============ Self Functions ============
function add(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.add(b.mul(BASE)) });
}
function sub(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.sub(b.mul(BASE)) });
}
function sub(
D256 memory self,
uint256 b,
string memory reason
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.sub(b.mul(BASE), reason) });
}
function mul(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.mul(b) });
}
function div(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.div(b) });
}
function pow(
D256 memory self,
uint256 b
)
internal
pure
returns (D256 memory)
{
if (b == 0) {
return from(1);
}
D256 memory temp = D256({ value: self.value });
for (uint256 i = 1; i < b; i++) {
temp = mul(temp, self);
}
return temp;
}
function add(
D256 memory self,
D256 memory b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.add(b.value) });
}
function sub(
D256 memory self,
D256 memory b
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.sub(b.value) });
}
function sub(
D256 memory self,
D256 memory b,
string memory reason
)
internal
pure
returns (D256 memory)
{
return D256({ value: self.value.sub(b.value, reason) });
}
function mul(
D256 memory self,
D256 memory b
)
internal
pure
returns (D256 memory)
{
return D256({ value: getPartial(self.value, b.value, BASE) });
}
function div(
D256 memory self,
D256 memory b
)
internal
pure
returns (D256 memory)
{
return D256({ value: getPartial(self.value, BASE, b.value) });
}
function equals(D256 memory self, D256 memory b) internal pure returns (bool) {
return self.value == b.value;
}
function greaterThan(D256 memory self, D256 memory b) internal pure returns (bool) {
return compareTo(self, b) == 2;
}
function lessThan(D256 memory self, D256 memory b) internal pure returns (bool) {
return compareTo(self, b) == 0;
}
function greaterThanOrEqualTo(D256 memory self, D256 memory b) internal pure returns (bool) {
return compareTo(self, b) > 0;
}
function lessThanOrEqualTo(D256 memory self, D256 memory b) internal pure returns (bool) {
return compareTo(self, b) < 2;
}
function isZero(D256 memory self) internal pure returns (bool) {
return self.value == 0;
}
function asUint256(D256 memory self) internal pure returns (uint256) {
return self.value.div(BASE);
}
// ============ Core Methods ============
function getPartial(
uint256 target,
uint256 numerator,
uint256 denominator
)
private
pure
returns (uint256)
{
return target.mul(numerator).div(denominator);
}
function compareTo(
D256 memory a,
D256 memory b
)
private
pure
returns (uint256)
{
if (a.value == b.value) {
return 1;
}
return a.value > b.value ? 2 : 0;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
library Constants {
/* Chain */
uint256 private constant CHAIN_ID = 1; // Mainnet
/* Bootstrapping */
uint256 private constant BOOTSTRAPPING_PERIOD = 150; // 150 epochs
uint256 private constant BOOTSTRAPPING_PRICE = 154e16; // 1.54 USDC (targeting 4.5% inflation)
/* Oracle */
address private constant USDC = address(0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48);
uint256 private constant ORACLE_RESERVE_MINIMUM = 1e10; // 10,000 USDC
/* Bonding */
uint256 private constant INITIAL_STAKE_MULTIPLE = 1e6; // 100 DSD -> 100M DSDS
/* Epoch */
struct EpochStrategy {
uint256 offset;
uint256 start;
uint256 period;
}
uint256 private constant EPOCH_OFFSET = 0;
uint256 private constant EPOCH_START = 1606348800;
uint256 private constant EPOCH_PERIOD = 7200;
/* Governance */
uint256 private constant GOVERNANCE_PERIOD = 36;
uint256 private constant GOVERNANCE_QUORUM = 33e16; // 33%
uint256 private constant GOVERNANCE_SUPER_MAJORITY = 66e16; // 66%
uint256 private constant GOVERNANCE_EMERGENCY_DELAY = 6; // 6 epochs
/* DAO */
uint256 private constant ADVANCE_INCENTIVE = 1e20; // 100 DSD
uint256 private constant DAO_EXIT_LOCKUP_EPOCHS = 36; // 36 epochs fluid
/* Pool */
uint256 private constant POOL_EXIT_LOCKUP_EPOCHS = 12; // 12 epochs fluid
/* Market */
uint256 private constant COUPON_EXPIRATION = 360;
uint256 private constant DEBT_RATIO_CAP = 35e16; // 35%
/* Regulator */
uint256 private constant SUPPLY_CHANGE_DIVISOR = 12e18; // 12
uint256 private constant SUPPLY_CHANGE_LIMIT = 10e16; // 10%
uint256 private constant ORACLE_POOL_RATIO = 40; // 40%
/**
* Getters
*/
function getUsdcAddress() internal pure returns (address) {
return USDC;
}
function getOracleReserveMinimum() internal pure returns (uint256) {
return ORACLE_RESERVE_MINIMUM;
}
function getEpochStrategy() internal pure returns (EpochStrategy memory) {
return EpochStrategy({
offset: EPOCH_OFFSET,
start: EPOCH_START,
period: EPOCH_PERIOD
});
}
function getInitialStakeMultiple() internal pure returns (uint256) {
return INITIAL_STAKE_MULTIPLE;
}
function getBootstrappingPeriod() internal pure returns (uint256) {
return BOOTSTRAPPING_PERIOD;
}
function getBootstrappingPrice() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: BOOTSTRAPPING_PRICE});
}
function getGovernancePeriod() internal pure returns (uint256) {
return GOVERNANCE_PERIOD;
}
function getGovernanceQuorum() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: GOVERNANCE_QUORUM});
}
function getGovernanceSuperMajority() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: GOVERNANCE_SUPER_MAJORITY});
}
function getGovernanceEmergencyDelay() internal pure returns (uint256) {
return GOVERNANCE_EMERGENCY_DELAY;
}
function getAdvanceIncentive() internal pure returns (uint256) {
return ADVANCE_INCENTIVE;
}
function getDAOExitLockupEpochs() internal pure returns (uint256) {
return DAO_EXIT_LOCKUP_EPOCHS;
}
function getPoolExitLockupEpochs() internal pure returns (uint256) {
return POOL_EXIT_LOCKUP_EPOCHS;
}
function getCouponExpiration() internal pure returns (uint256) {
return COUPON_EXPIRATION;
}
function getDebtRatioCap() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: DEBT_RATIO_CAP});
}
function getSupplyChangeLimit() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: SUPPLY_CHANGE_LIMIT});
}
function getSupplyChangeDivisor() internal pure returns (Decimal.D256 memory) {
return Decimal.D256({value: SUPPLY_CHANGE_DIVISOR});
}
function getOraclePoolRatio() internal pure returns (uint256) {
return ORACLE_POOL_RATIO;
}
function getChainId() internal pure returns (uint256) {
return CHAIN_ID;
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Permittable is ERC20Detailed, ERC20 {
bytes32 constant FILE = "Permittable";
// keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");
bytes32 public constant EIP712_PERMIT_TYPEHASH = 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9;
string private constant EIP712_VERSION = "1";
bytes32 public EIP712_DOMAIN_SEPARATOR;
mapping(address => uint256) nonces;
constructor() public {
EIP712_DOMAIN_SEPARATOR = LibEIP712.hashEIP712Domain(name(), EIP712_VERSION, Constants.getChainId(), address(this));
}
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external {
bytes32 digest = LibEIP712.hashEIP712Message(
EIP712_DOMAIN_SEPARATOR,
keccak256(abi.encode(
EIP712_PERMIT_TYPEHASH,
owner,
spender,
value,
nonces[owner]++,
deadline
))
);
address recovered = ecrecover(digest, v, r, s);
Require.that(
recovered == owner,
FILE,
"Invalid signature"
);
Require.that(
recovered != address(0),
FILE,
"Zero address"
);
Require.that(
now <= deadline,
FILE,
"Expired"
);
_approve(owner, spender, value);
}
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract IDollar is IERC20 {
function burn(uint256 amount) public;
function burnFrom(address account, uint256 amount) public;
function mint(address account, uint256 amount) public returns (bool);
}
/*
Copyright 2020 Dynamic Dollar Devs, based on the works of the Empty Set Squad
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
contract Dollar is IDollar, MinterRole, ERC20Detailed, Permittable, ERC20Burnable {
constructor()
ERC20Detailed("Dynamic Set Dollar", "DSD", 18)
Permittable()
public
{ }
function mint(address account, uint256 amount) public onlyMinter returns (bool) {
_mint(account, amount);
return true;
}
function transferFrom(address sender, address recipient, uint256 amount) public returns (bool) {
_transfer(sender, recipient, amount);
if (allowance(sender, _msgSender()) != uint256(-1)) {
_approve(
sender,
_msgSender(),
allowance(sender, _msgSender()).sub(amount, "Dollar: transfer amount exceeds allowance"));
}
return true;
}
}File 5 of 5: UniswapV2Pair
// File: contracts/interfaces/IUniswapV2Pair.sol
pragma solidity >=0.5.0;
interface IUniswapV2Pair {
event Approval(address indexed owner, address indexed spender, uint value);
event Transfer(address indexed from, address indexed to, uint value);
function name() external pure returns (string memory);
function symbol() external pure returns (string memory);
function decimals() external pure returns (uint8);
function totalSupply() external view returns (uint);
function balanceOf(address owner) external view returns (uint);
function allowance(address owner, address spender) external view returns (uint);
function approve(address spender, uint value) external returns (bool);
function transfer(address to, uint value) external returns (bool);
function transferFrom(address from, address to, uint value) external returns (bool);
function DOMAIN_SEPARATOR() external view returns (bytes32);
function PERMIT_TYPEHASH() external pure returns (bytes32);
function nonces(address owner) external view returns (uint);
function permit(address owner, address spender, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external;
event Mint(address indexed sender, uint amount0, uint amount1);
event Burn(address indexed sender, uint amount0, uint amount1, address indexed to);
event Swap(
address indexed sender,
uint amount0In,
uint amount1In,
uint amount0Out,
uint amount1Out,
address indexed to
);
event Sync(uint112 reserve0, uint112 reserve1);
function MINIMUM_LIQUIDITY() external pure returns (uint);
function factory() external view returns (address);
function token0() external view returns (address);
function token1() external view returns (address);
function getReserves() external view returns (uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast);
function price0CumulativeLast() external view returns (uint);
function price1CumulativeLast() external view returns (uint);
function kLast() external view returns (uint);
function mint(address to) external returns (uint liquidity);
function burn(address to) external returns (uint amount0, uint amount1);
function swap(uint amount0Out, uint amount1Out, address to, bytes calldata data) external;
function skim(address to) external;
function sync() external;
function initialize(address, address) external;
}
// File: contracts/interfaces/IUniswapV2ERC20.sol
pragma solidity >=0.5.0;
interface IUniswapV2ERC20 {
event Approval(address indexed owner, address indexed spender, uint value);
event Transfer(address indexed from, address indexed to, uint value);
function name() external pure returns (string memory);
function symbol() external pure returns (string memory);
function decimals() external pure returns (uint8);
function totalSupply() external view returns (uint);
function balanceOf(address owner) external view returns (uint);
function allowance(address owner, address spender) external view returns (uint);
function approve(address spender, uint value) external returns (bool);
function transfer(address to, uint value) external returns (bool);
function transferFrom(address from, address to, uint value) external returns (bool);
function DOMAIN_SEPARATOR() external view returns (bytes32);
function PERMIT_TYPEHASH() external pure returns (bytes32);
function nonces(address owner) external view returns (uint);
function permit(address owner, address spender, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external;
}
// File: contracts/libraries/SafeMath.sol
pragma solidity =0.5.16;
// a library for performing overflow-safe math, courtesy of DappHub (https://github.com/dapphub/ds-math)
library SafeMath {
function add(uint x, uint y) internal pure returns (uint z) {
require((z = x + y) >= x, 'ds-math-add-overflow');
}
function sub(uint x, uint y) internal pure returns (uint z) {
require((z = x - y) <= x, 'ds-math-sub-underflow');
}
function mul(uint x, uint y) internal pure returns (uint z) {
require(y == 0 || (z = x * y) / y == x, 'ds-math-mul-overflow');
}
}
// File: contracts/UniswapV2ERC20.sol
pragma solidity =0.5.16;
contract UniswapV2ERC20 is IUniswapV2ERC20 {
using SafeMath for uint;
string public constant name = 'Uniswap V2';
string public constant symbol = 'UNI-V2';
uint8 public constant decimals = 18;
uint public totalSupply;
mapping(address => uint) public balanceOf;
mapping(address => mapping(address => uint)) public allowance;
bytes32 public DOMAIN_SEPARATOR;
// keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");
bytes32 public constant PERMIT_TYPEHASH = 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9;
mapping(address => uint) public nonces;
event Approval(address indexed owner, address indexed spender, uint value);
event Transfer(address indexed from, address indexed to, uint value);
constructor() public {
uint chainId;
assembly {
chainId := chainid
}
DOMAIN_SEPARATOR = keccak256(
abi.encode(
keccak256('EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)'),
keccak256(bytes(name)),
keccak256(bytes('1')),
chainId,
address(this)
)
);
}
function _mint(address to, uint value) internal {
totalSupply = totalSupply.add(value);
balanceOf[to] = balanceOf[to].add(value);
emit Transfer(address(0), to, value);
}
function _burn(address from, uint value) internal {
balanceOf[from] = balanceOf[from].sub(value);
totalSupply = totalSupply.sub(value);
emit Transfer(from, address(0), value);
}
function _approve(address owner, address spender, uint value) private {
allowance[owner][spender] = value;
emit Approval(owner, spender, value);
}
function _transfer(address from, address to, uint value) private {
balanceOf[from] = balanceOf[from].sub(value);
balanceOf[to] = balanceOf[to].add(value);
emit Transfer(from, to, value);
}
function approve(address spender, uint value) external returns (bool) {
_approve(msg.sender, spender, value);
return true;
}
function transfer(address to, uint value) external returns (bool) {
_transfer(msg.sender, to, value);
return true;
}
function transferFrom(address from, address to, uint value) external returns (bool) {
if (allowance[from][msg.sender] != uint(-1)) {
allowance[from][msg.sender] = allowance[from][msg.sender].sub(value);
}
_transfer(from, to, value);
return true;
}
function permit(address owner, address spender, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external {
require(deadline >= block.timestamp, 'UniswapV2: EXPIRED');
bytes32 digest = keccak256(
abi.encodePacked(
'\x19\x01',
DOMAIN_SEPARATOR,
keccak256(abi.encode(PERMIT_TYPEHASH, owner, spender, value, nonces[owner]++, deadline))
)
);
address recoveredAddress = ecrecover(digest, v, r, s);
require(recoveredAddress != address(0) && recoveredAddress == owner, 'UniswapV2: INVALID_SIGNATURE');
_approve(owner, spender, value);
}
}
// File: contracts/libraries/Math.sol
pragma solidity =0.5.16;
// a library for performing various math operations
library Math {
function min(uint x, uint y) internal pure returns (uint z) {
z = x < y ? x : y;
}
// babylonian method (https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_method)
function sqrt(uint y) internal pure returns (uint z) {
if (y > 3) {
z = y;
uint x = y / 2 + 1;
while (x < z) {
z = x;
x = (y / x + x) / 2;
}
} else if (y != 0) {
z = 1;
}
}
}
// File: contracts/libraries/UQ112x112.sol
pragma solidity =0.5.16;
// a library for handling binary fixed point numbers (https://en.wikipedia.org/wiki/Q_(number_format))
// range: [0, 2**112 - 1]
// resolution: 1 / 2**112
library UQ112x112 {
uint224 constant Q112 = 2**112;
// encode a uint112 as a UQ112x112
function encode(uint112 y) internal pure returns (uint224 z) {
z = uint224(y) * Q112; // never overflows
}
// divide a UQ112x112 by a uint112, returning a UQ112x112
function uqdiv(uint224 x, uint112 y) internal pure returns (uint224 z) {
z = x / uint224(y);
}
}
// File: contracts/interfaces/IERC20.sol
pragma solidity >=0.5.0;
interface IERC20 {
event Approval(address indexed owner, address indexed spender, uint value);
event Transfer(address indexed from, address indexed to, uint value);
function name() external view returns (string memory);
function symbol() external view returns (string memory);
function decimals() external view returns (uint8);
function totalSupply() external view returns (uint);
function balanceOf(address owner) external view returns (uint);
function allowance(address owner, address spender) external view returns (uint);
function approve(address spender, uint value) external returns (bool);
function transfer(address to, uint value) external returns (bool);
function transferFrom(address from, address to, uint value) external returns (bool);
}
// File: contracts/interfaces/IUniswapV2Factory.sol
pragma solidity >=0.5.0;
interface IUniswapV2Factory {
event PairCreated(address indexed token0, address indexed token1, address pair, uint);
function feeTo() external view returns (address);
function feeToSetter() external view returns (address);
function getPair(address tokenA, address tokenB) external view returns (address pair);
function allPairs(uint) external view returns (address pair);
function allPairsLength() external view returns (uint);
function createPair(address tokenA, address tokenB) external returns (address pair);
function setFeeTo(address) external;
function setFeeToSetter(address) external;
}
// File: contracts/interfaces/IUniswapV2Callee.sol
pragma solidity >=0.5.0;
interface IUniswapV2Callee {
function uniswapV2Call(address sender, uint amount0, uint amount1, bytes calldata data) external;
}
// File: contracts/UniswapV2Pair.sol
pragma solidity =0.5.16;
contract UniswapV2Pair is IUniswapV2Pair, UniswapV2ERC20 {
using SafeMath for uint;
using UQ112x112 for uint224;
uint public constant MINIMUM_LIQUIDITY = 10**3;
bytes4 private constant SELECTOR = bytes4(keccak256(bytes('transfer(address,uint256)')));
address public factory;
address public token0;
address public token1;
uint112 private reserve0; // uses single storage slot, accessible via getReserves
uint112 private reserve1; // uses single storage slot, accessible via getReserves
uint32 private blockTimestampLast; // uses single storage slot, accessible via getReserves
uint public price0CumulativeLast;
uint public price1CumulativeLast;
uint public kLast; // reserve0 * reserve1, as of immediately after the most recent liquidity event
uint private unlocked = 1;
modifier lock() {
require(unlocked == 1, 'UniswapV2: LOCKED');
unlocked = 0;
_;
unlocked = 1;
}
function getReserves() public view returns (uint112 _reserve0, uint112 _reserve1, uint32 _blockTimestampLast) {
_reserve0 = reserve0;
_reserve1 = reserve1;
_blockTimestampLast = blockTimestampLast;
}
function _safeTransfer(address token, address to, uint value) private {
(bool success, bytes memory data) = token.call(abi.encodeWithSelector(SELECTOR, to, value));
require(success && (data.length == 0 || abi.decode(data, (bool))), 'UniswapV2: TRANSFER_FAILED');
}
event Mint(address indexed sender, uint amount0, uint amount1);
event Burn(address indexed sender, uint amount0, uint amount1, address indexed to);
event Swap(
address indexed sender,
uint amount0In,
uint amount1In,
uint amount0Out,
uint amount1Out,
address indexed to
);
event Sync(uint112 reserve0, uint112 reserve1);
constructor() public {
factory = msg.sender;
}
// called once by the factory at time of deployment
function initialize(address _token0, address _token1) external {
require(msg.sender == factory, 'UniswapV2: FORBIDDEN'); // sufficient check
token0 = _token0;
token1 = _token1;
}
// update reserves and, on the first call per block, price accumulators
function _update(uint balance0, uint balance1, uint112 _reserve0, uint112 _reserve1) private {
require(balance0 <= uint112(-1) && balance1 <= uint112(-1), 'UniswapV2: OVERFLOW');
uint32 blockTimestamp = uint32(block.timestamp % 2**32);
uint32 timeElapsed = blockTimestamp - blockTimestampLast; // overflow is desired
if (timeElapsed > 0 && _reserve0 != 0 && _reserve1 != 0) {
// * never overflows, and + overflow is desired
price0CumulativeLast += uint(UQ112x112.encode(_reserve1).uqdiv(_reserve0)) * timeElapsed;
price1CumulativeLast += uint(UQ112x112.encode(_reserve0).uqdiv(_reserve1)) * timeElapsed;
}
reserve0 = uint112(balance0);
reserve1 = uint112(balance1);
blockTimestampLast = blockTimestamp;
emit Sync(reserve0, reserve1);
}
// if fee is on, mint liquidity equivalent to 1/6th of the growth in sqrt(k)
function _mintFee(uint112 _reserve0, uint112 _reserve1) private returns (bool feeOn) {
address feeTo = IUniswapV2Factory(factory).feeTo();
feeOn = feeTo != address(0);
uint _kLast = kLast; // gas savings
if (feeOn) {
if (_kLast != 0) {
uint rootK = Math.sqrt(uint(_reserve0).mul(_reserve1));
uint rootKLast = Math.sqrt(_kLast);
if (rootK > rootKLast) {
uint numerator = totalSupply.mul(rootK.sub(rootKLast));
uint denominator = rootK.mul(5).add(rootKLast);
uint liquidity = numerator / denominator;
if (liquidity > 0) _mint(feeTo, liquidity);
}
}
} else if (_kLast != 0) {
kLast = 0;
}
}
// this low-level function should be called from a contract which performs important safety checks
function mint(address to) external lock returns (uint liquidity) {
(uint112 _reserve0, uint112 _reserve1,) = getReserves(); // gas savings
uint balance0 = IERC20(token0).balanceOf(address(this));
uint balance1 = IERC20(token1).balanceOf(address(this));
uint amount0 = balance0.sub(_reserve0);
uint amount1 = balance1.sub(_reserve1);
bool feeOn = _mintFee(_reserve0, _reserve1);
uint _totalSupply = totalSupply; // gas savings, must be defined here since totalSupply can update in _mintFee
if (_totalSupply == 0) {
liquidity = Math.sqrt(amount0.mul(amount1)).sub(MINIMUM_LIQUIDITY);
_mint(address(0), MINIMUM_LIQUIDITY); // permanently lock the first MINIMUM_LIQUIDITY tokens
} else {
liquidity = Math.min(amount0.mul(_totalSupply) / _reserve0, amount1.mul(_totalSupply) / _reserve1);
}
require(liquidity > 0, 'UniswapV2: INSUFFICIENT_LIQUIDITY_MINTED');
_mint(to, liquidity);
_update(balance0, balance1, _reserve0, _reserve1);
if (feeOn) kLast = uint(reserve0).mul(reserve1); // reserve0 and reserve1 are up-to-date
emit Mint(msg.sender, amount0, amount1);
}
// this low-level function should be called from a contract which performs important safety checks
function burn(address to) external lock returns (uint amount0, uint amount1) {
(uint112 _reserve0, uint112 _reserve1,) = getReserves(); // gas savings
address _token0 = token0; // gas savings
address _token1 = token1; // gas savings
uint balance0 = IERC20(_token0).balanceOf(address(this));
uint balance1 = IERC20(_token1).balanceOf(address(this));
uint liquidity = balanceOf[address(this)];
bool feeOn = _mintFee(_reserve0, _reserve1);
uint _totalSupply = totalSupply; // gas savings, must be defined here since totalSupply can update in _mintFee
amount0 = liquidity.mul(balance0) / _totalSupply; // using balances ensures pro-rata distribution
amount1 = liquidity.mul(balance1) / _totalSupply; // using balances ensures pro-rata distribution
require(amount0 > 0 && amount1 > 0, 'UniswapV2: INSUFFICIENT_LIQUIDITY_BURNED');
_burn(address(this), liquidity);
_safeTransfer(_token0, to, amount0);
_safeTransfer(_token1, to, amount1);
balance0 = IERC20(_token0).balanceOf(address(this));
balance1 = IERC20(_token1).balanceOf(address(this));
_update(balance0, balance1, _reserve0, _reserve1);
if (feeOn) kLast = uint(reserve0).mul(reserve1); // reserve0 and reserve1 are up-to-date
emit Burn(msg.sender, amount0, amount1, to);
}
// this low-level function should be called from a contract which performs important safety checks
function swap(uint amount0Out, uint amount1Out, address to, bytes calldata data) external lock {
require(amount0Out > 0 || amount1Out > 0, 'UniswapV2: INSUFFICIENT_OUTPUT_AMOUNT');
(uint112 _reserve0, uint112 _reserve1,) = getReserves(); // gas savings
require(amount0Out < _reserve0 && amount1Out < _reserve1, 'UniswapV2: INSUFFICIENT_LIQUIDITY');
uint balance0;
uint balance1;
{ // scope for _token{0,1}, avoids stack too deep errors
address _token0 = token0;
address _token1 = token1;
require(to != _token0 && to != _token1, 'UniswapV2: INVALID_TO');
if (amount0Out > 0) _safeTransfer(_token0, to, amount0Out); // optimistically transfer tokens
if (amount1Out > 0) _safeTransfer(_token1, to, amount1Out); // optimistically transfer tokens
if (data.length > 0) IUniswapV2Callee(to).uniswapV2Call(msg.sender, amount0Out, amount1Out, data);
balance0 = IERC20(_token0).balanceOf(address(this));
balance1 = IERC20(_token1).balanceOf(address(this));
}
uint amount0In = balance0 > _reserve0 - amount0Out ? balance0 - (_reserve0 - amount0Out) : 0;
uint amount1In = balance1 > _reserve1 - amount1Out ? balance1 - (_reserve1 - amount1Out) : 0;
require(amount0In > 0 || amount1In > 0, 'UniswapV2: INSUFFICIENT_INPUT_AMOUNT');
{ // scope for reserve{0,1}Adjusted, avoids stack too deep errors
uint balance0Adjusted = balance0.mul(1000).sub(amount0In.mul(3));
uint balance1Adjusted = balance1.mul(1000).sub(amount1In.mul(3));
require(balance0Adjusted.mul(balance1Adjusted) >= uint(_reserve0).mul(_reserve1).mul(1000**2), 'UniswapV2: K');
}
_update(balance0, balance1, _reserve0, _reserve1);
emit Swap(msg.sender, amount0In, amount1In, amount0Out, amount1Out, to);
}
// force balances to match reserves
function skim(address to) external lock {
address _token0 = token0; // gas savings
address _token1 = token1; // gas savings
_safeTransfer(_token0, to, IERC20(_token0).balanceOf(address(this)).sub(reserve0));
_safeTransfer(_token1, to, IERC20(_token1).balanceOf(address(this)).sub(reserve1));
}
// force reserves to match balances
function sync() external lock {
_update(IERC20(token0).balanceOf(address(this)), IERC20(token1).balanceOf(address(this)), reserve0, reserve1);
}
}