// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.7.0) (utils/Address.sol)pragmasolidity ^0.8.1;/**
* @dev Collection of functions related to the address type
*/libraryAddress{
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/functionisContract(address account) internalviewreturns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0// for contracts in construction, since the code is only stored at the end// of the constructor execution.return account.code.length>0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/functionsendValue(addresspayable recipient, uint256 amount) internal{
require(address(this).balance>= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/functionfunctionCall(address target, bytesmemory data) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCall(address target,
bytesmemory data,
stringmemory errorMessage
) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target,
bytesmemory data,
uint256 value
) internalreturns (bytesmemory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/functionfunctionCallWithValue(address target,
bytesmemory data,
uint256 value,
stringmemory errorMessage
) internalreturns (bytesmemory) {
require(address(this).balance>= value, "Address: insufficient balance for call");
(bool success, bytesmemory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/functionfunctionStaticCall(address target, bytesmemory data) internalviewreturns (bytesmemory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/functionfunctionStaticCall(address target,
bytesmemory data,
stringmemory errorMessage
) internalviewreturns (bytesmemory) {
(bool success, bytesmemory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/functionfunctionDelegateCall(address target, bytesmemory data) internalreturns (bytesmemory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/functionfunctionDelegateCall(address target,
bytesmemory data,
stringmemory errorMessage
) internalreturns (bytesmemory) {
(bool success, bytesmemory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/functionverifyCallResultFromTarget(address target,
bool success,
bytesmemory returndata,
stringmemory errorMessage
) internalviewreturns (bytesmemory) {
if (success) {
if (returndata.length==0) {
// only check isContract if the call was successful and the return data is empty// otherwise we already know that it was a contractrequire(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/functionverifyCallResult(bool success,
bytesmemory returndata,
stringmemory errorMessage
) internalpurereturns (bytesmemory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function_revert(bytesmemory returndata, stringmemory errorMessage) privatepure{
// Look for revert reason and bubble it up if presentif (returndata.length>0) {
// The easiest way to bubble the revert reason is using memory via assembly/// @solidity memory-safe-assemblyassembly {
let returndata_size :=mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
Código Fuente del Contrato
Archivo 3 de 30: Assimilators.sol
// SPDX-License-Identifier: MIT// This program is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.// This program is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.// You should have received a copy of the GNU General Public License// along with this program. If not, see <http://www.gnu.org/licenses/>.pragmasolidity ^0.8.13;import"../lib/openzeppelin-contracts/contracts/utils/Address.sol";
import"./interfaces/IAssimilator.sol";
import"./lib/ABDKMath64x64.sol";
libraryAssimilators{
usingABDKMath64x64forint128;
usingAddressforaddress;
IAssimilator publicconstant iAsmltr = IAssimilator(address(0));
functiondelegate(address _callee, bytesmemory _data) internalreturns (bytesmemory) {
require(_callee.isContract(), "Assimilators/callee-is-not-a-contract");
// solhint-disable-next-line
(bool _success, bytesmemory returnData_) = _callee.delegatecall(_data);
// solhint-disable-next-lineassembly {
ifeq(_success, 0) {
revert(add(returnData_, 0x20), returndatasize())
}
}
return returnData_;
}
functiongetRate(address _assim) internalviewreturns (uint256 amount_) {
amount_ = IAssimilator(_assim).getRate();
}
functionviewRawAmount(address _assim, int128 _amt) internalviewreturns (uint256 amount_) {
amount_ = IAssimilator(_assim).viewRawAmount(_amt);
}
functionviewRawAmountLPRatio(address _assim,
uint256 _baseWeight,
uint256 _quoteWeight,
int128 _amount
) internalviewreturns (uint256 amount_) {
amount_ = IAssimilator(_assim).viewRawAmountLPRatio(_baseWeight, _quoteWeight, address(this), _amount);
}
functionviewNumeraireAmount(address _assim, uint256 _amt) internalviewreturns (int128 amt_) {
amt_ = IAssimilator(_assim).viewNumeraireAmount(_amt);
}
functionviewNumeraireAmountAndBalance(address _assim, uint256 _amt)
internalviewreturns (int128 amt_, int128 bal_)
{
(amt_, bal_) = IAssimilator(_assim).viewNumeraireAmountAndBalance(address(this), _amt);
}
functionviewNumeraireBalance(address _assim) internalviewreturns (int128 bal_) {
bal_ = IAssimilator(_assim).viewNumeraireBalance(address(this));
}
functionviewNumeraireBalanceLPRatio(uint256 _baseWeight,
uint256 _quoteWeight,
address _assim
) internalviewreturns (int128 bal_) {
bal_ = IAssimilator(_assim).viewNumeraireBalanceLPRatio(_baseWeight, _quoteWeight, address(this));
}
functionintakeRaw(address _assim, uint256 _amt) internalreturns (int128 amt_) {
bytesmemory data =abi.encodeWithSelector(iAsmltr.intakeRaw.selector, _amt);
amt_ =abi.decode(delegate(_assim, data), (int128));
}
functionintakeRawAndGetBalance(address _assim, uint256 _amt) internalreturns (int128 amt_, int128 bal_) {
bytesmemory data =abi.encodeWithSelector(iAsmltr.intakeRawAndGetBalance.selector, _amt);
(amt_, bal_) =abi.decode(delegate(_assim, data), (int128, int128));
}
functionintakeNumeraire(address _assim, int128 _amt) internalreturns (uint256 amt_) {
bytesmemory data =abi.encodeWithSelector(iAsmltr.intakeNumeraire.selector, _amt);
amt_ =abi.decode(delegate(_assim, data), (uint256));
}
functionintakeNumeraireLPRatio(address _assim,
uint256 _baseWeight,
uint256 _quoteWeight,
int128 _amount
) internalreturns (uint256 amt_) {
bytesmemory data =abi.encodeWithSelector(
iAsmltr.intakeNumeraireLPRatio.selector,
_baseWeight,
_quoteWeight,
address(this),
_amount
);
amt_ =abi.decode(delegate(_assim, data), (uint256));
}
functionoutputRaw(address _assim,
address _dst,
uint256 _amt
) internalreturns (int128 amt_) {
bytesmemory data =abi.encodeWithSelector(iAsmltr.outputRaw.selector, _dst, _amt);
amt_ =abi.decode(delegate(_assim, data), (int128));
amt_ = amt_.neg();
}
functionoutputRawAndGetBalance(address _assim,
address _dst,
uint256 _amt
) internalreturns (int128 amt_, int128 bal_) {
bytesmemory data =abi.encodeWithSelector(iAsmltr.outputRawAndGetBalance.selector, _dst, _amt);
(amt_, bal_) =abi.decode(delegate(_assim, data), (int128, int128));
amt_ = amt_.neg();
}
functionoutputNumeraire(address _assim,
address _dst,
int128 _amt
) internalreturns (uint256 amt_) {
bytesmemory data =abi.encodeWithSelector(iAsmltr.outputNumeraire.selector, _dst, _amt.abs());
amt_ =abi.decode(delegate(_assim, data), (uint256));
}
functiontransferFee(address _assim,
int128 _amt,
address _treasury
) internal{
bytesmemory data =abi.encodeWithSelector(iAsmltr.transferFee.selector, _amt, _treasury);
delegate(_assim, data);
}
}
Código Fuente del Contrato
Archivo 4 de 30: Context.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)pragmasolidity ^0.8.0;/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/abstractcontractContext{
function_msgSender() internalviewvirtualreturns (address) {
returnmsg.sender;
}
function_msgData() internalviewvirtualreturns (bytescalldata) {
returnmsg.data;
}
}
Código Fuente del Contrato
Archivo 5 de 30: Curve.sol
// SPDX-License-Identifier: MIT// This program is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.// This program is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.// You should have received a copy of the GNU General Public License// along with this program. If not, see <http://www.gnu.org/licenses/>.pragmasolidity ^0.8.13;pragmaexperimentalABIEncoderV2;import'./interfaces/IFlashCallback.sol';
import"../lib/openzeppelin-contracts/contracts/token/ERC20/utils/SafeERC20.sol";
import"./lib/ABDKMath64x64.sol";
import"./lib/FullMath.sol";
import"./lib/NoDelegateCall.sol";
import"./Orchestrator.sol";
import"./ProportionalLiquidity.sol";
import"./Swaps.sol";
import"./ViewLiquidity.sol";
import"./Storage.sol";
import"./MerkleProver.sol";
import"./interfaces/IFreeFromUpTo.sol";
import"./interfaces/ICurveFactory.sol";
import"./Structs.sol";
libraryCurves{
usingABDKMath64x64forint128;
eventApproval(addressindexed _owner, addressindexed spender, uint256 value);
eventTransfer(addressindexedfrom, addressindexed to, uint256 value);
functionadd(uint256 x,
uint256 y,
stringmemory errorMessage
) privatepurereturns (uint256 z) {
require((z = x + y) >= x, errorMessage);
}
functionsub(uint256 x,
uint256 y,
stringmemory errorMessage
) privatepurereturns (uint256 z) {
require((z = x - y) <= x, errorMessage);
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/functiontransfer(
Storage.Curve storage curve,
address recipient,
uint256 amount
) externalreturns (bool) {
_transfer(curve, msg.sender, recipient, amount);
returntrue;
}
/**
* @dev See {IERC20-approve}.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionapprove(
Storage.Curve storage curve,
address spender,
uint256 amount
) externalreturns (bool) {
_approve(curve, msg.sender, spender, amount);
returntrue;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20};
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
* - the caller must have allowance for `sender`'s tokens of at least
* `amount`
*/functiontransferFrom(
Storage.Curve storage curve,
address sender,
address recipient,
uint256 amount
) externalreturns (bool) {
_transfer(curve, sender, recipient, amount);
_approve(
curve,
sender,
msg.sender,
sub(curve.allowances[sender][msg.sender], amount, "Curve/insufficient-allowance")
);
returntrue;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionincreaseAllowance(
Storage.Curve storage curve,
address spender,
uint256 addedValue
) externalreturns (bool) {
_approve(
curve,
msg.sender,
spender,
add(curve.allowances[msg.sender][spender], addedValue, "Curve/approval-overflow")
);
returntrue;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/functiondecreaseAllowance(
Storage.Curve storage curve,
address spender,
uint256 subtractedValue
) externalreturns (bool) {
_approve(
curve,
msg.sender,
spender,
sub(curve.allowances[msg.sender][spender], subtractedValue, "Curve/allowance-decrease-underflow")
);
returntrue;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is public function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/function_transfer(
Storage.Curve storage curve,
address sender,
address recipient,
uint256 amount
) private{
require(sender !=address(0), "ERC20: transfer from the zero address");
require(recipient !=address(0), "ERC20: transfer to the zero address");
curve.balances[sender] = sub(curve.balances[sender], amount, "Curve/insufficient-balance");
curve.balances[recipient] = add(curve.balances[recipient], amount, "Curve/transfer-overflow");
emit Transfer(sender, recipient, amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `_owner`s tokens.
*
* This is public function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `_owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/function_approve(
Storage.Curve storage curve,
address _owner,
address spender,
uint256 amount
) private{
require(_owner !=address(0), "ERC20: approve from the zero address");
require(spender !=address(0), "ERC20: approve to the zero address");
curve.allowances[_owner][spender] = amount;
emit Approval(_owner, spender, amount);
}
}
contractCurveisStorage, MerkleProver, NoDelegateCall{
usingSafeMathforuint256;
usingABDKMath64x64forint128;
usingSafeERC20forIERC20;
addressprivate curveFactory;
eventApproval(addressindexed _owner, addressindexed spender, uint256 value);
eventParametersSet(uint256 alpha, uint256 beta, uint256 delta, uint256 epsilon, uint256 lambda);
eventAssetIncluded(addressindexed numeraire, addressindexed reserve, uint256 weight);
eventAssimilatorIncluded(addressindexed derivative,
addressindexed numeraire,
addressindexed reserve,
address assimilator
);
eventPartitionRedeemed(addressindexed token, addressindexed redeemer, uint256 value);
eventOwnershipTransfered(addressindexed previousOwner, addressindexed newOwner);
eventFrozenSet(bool isFrozen);
eventEmergencyAlarm(bool isEmergency);
eventWhitelistingStopped();
eventTrade(addressindexed trader,
addressindexed origin,
addressindexed target,
uint256 originAmount,
uint256 targetAmount
);
eventTransfer(addressindexedfrom, addressindexed to, uint256 value);
eventFlash(addressindexedfrom, addressindexed to, uint256 value0, uint256 value1, uint256 paid0, uint256 paid1);
modifieronlyOwner() {
require(msg.sender== owner, "Curve/caller-is-not-owner");
_;
}
modifiernonReentrant() {
require(notEntered, "Curve/re-entered");
notEntered =false;
_;
notEntered =true;
}
modifiertransactable() {
require(!frozen, "Curve/frozen-only-allowing-proportional-withdraw");
_;
}
modifierisEmergency() {
require(emergency, "Curve/emergency-only-allowing-emergency-proportional-withdraw");
_;
}
modifierisNotEmergency() {
require(!emergency, "Curve/emergency-only-allowing-emergency-proportional-withdraw");
_;
}
modifierdeadline(uint256 _deadline) {
require(block.timestamp< _deadline, "Curve/tx-deadline-passed");
_;
}
modifierinWhitelistingStage() {
require(whitelistingStage, "Curve/whitelist-stage-stopped");
_;
}
modifiernotInWhitelistingStage() {
require(!whitelistingStage, "Curve/whitelist-stage-on-going");
_;
}
constructor(stringmemory _name,
stringmemory _symbol,
address[] memory _assets,
uint256[] memory _assetWeights,
address _factory
) {
owner =msg.sender;
name = _name;
symbol = _symbol;
curveFactory = _factory;
emit OwnershipTransfered(address(0), msg.sender);
Orchestrator.initialize(curve, numeraires, reserves, derivatives, _assets, _assetWeights);
}
/// @notice sets the parameters for the pool/// @param _alpha the value for alpha (halt threshold) must be less than or equal to 1 and greater than 0/// @param _beta the value for beta must be less than alpha and greater than 0/// @param _feeAtHalt the maximum value for the fee at the halt point/// @param _epsilon the base fee for the pool/// @param _lambda the value for lambda must be less than or equal to 1 and greater than zerofunctionsetParams(uint256 _alpha,
uint256 _beta,
uint256 _feeAtHalt,
uint256 _epsilon,
uint256 _lambda
) externalonlyOwner{
Orchestrator.setParams(curve, _alpha, _beta, _feeAtHalt, _epsilon, _lambda);
}
/// @notice excludes an assimilator from the curve/// @param _derivative the address of the assimilator to excludefunctionexcludeDerivative(address _derivative) externalonlyOwner{
for (uint256 i =0; i < numeraires.length; i++) {
if (_derivative == numeraires[i]) revert("Curve/cannot-delete-numeraire");
if (_derivative == reserves[i]) revert("Curve/cannot-delete-reserve");
}
delete curve.assimilators[_derivative];
}
/// @notice view the current parameters of the curve/// @return alpha_ the current alpha value/// beta_ the current beta value/// delta_ the current delta value/// epsilon_ the current epsilon value/// lambda_ the current lambda value/// omega_ the current omega valuefunctionviewCurve()
externalviewreturns (uint256 alpha_,
uint256 beta_,
uint256 delta_,
uint256 epsilon_,
uint256 lambda_
)
{
return Orchestrator.viewCurve(curve);
}
functionturnOffWhitelisting() externalonlyOwner{
emit WhitelistingStopped();
whitelistingStage =false;
}
functionsetEmergency(bool _emergency) externalonlyOwner{
emit EmergencyAlarm(_emergency);
emergency = _emergency;
}
functionsetFrozen(bool _toFreezeOrNotToFreeze) externalonlyOwner{
emit FrozenSet(_toFreezeOrNotToFreeze);
frozen = _toFreezeOrNotToFreeze;
}
functiontransferOwnership(address _newOwner) externalonlyOwner{
require(_newOwner !=address(0), "Curve/new-owner-cannot-be-zeroth-address");
emit OwnershipTransfered(owner, _newOwner);
owner = _newOwner;
}
/// @notice swap a dynamic origin amount for a fixed target amount/// @param _origin the address of the origin/// @param _target the address of the target/// @param _originAmount the origin amount/// @param _minTargetAmount the minimum target amount/// @param _deadline deadline in block number after which the trade will not execute/// @return targetAmount_ the amount of target that has been swapped for the origin amountfunctionoriginSwap(address _origin,
address _target,
uint256 _originAmount,
uint256 _minTargetAmount,
uint256 _deadline
) externaldeadline(_deadline) transactablenoDelegateCallisNotEmergencynonReentrantreturns (uint256 targetAmount_) {
OriginSwapData memory _swapData;
_swapData._origin = _origin;
_swapData._target = _target;
_swapData._originAmount = _originAmount;
_swapData._recipient =msg.sender;
_swapData._curveFactory = curveFactory;
targetAmount_ = Swaps.originSwap(curve, _swapData);
// targetAmount_ = Swaps.originSwap(curve, _origin, _target, _originAmount, msg.sender,curveFactory);require(targetAmount_ >= _minTargetAmount, "Curve/below-min-target-amount");
}
/// @notice view how much target amount a fixed origin amount will swap for/// @param _origin the address of the origin/// @param _target the address of the target/// @param _originAmount the origin amount/// @return targetAmount_ the target amount that would have been swapped for the origin amountfunctionviewOriginSwap(address _origin,
address _target,
uint256 _originAmount
) externalviewtransactablereturns (uint256 targetAmount_) {
targetAmount_ = Swaps.viewOriginSwap(curve, _origin, _target, _originAmount);
}
/// @notice swap a dynamic origin amount for a fixed target amount/// @param _origin the address of the origin/// @param _target the address of the target/// @param _maxOriginAmount the maximum origin amount/// @param _targetAmount the target amount/// @param _deadline deadline in block number after which the trade will not execute/// @return originAmount_ the amount of origin that has been swapped for the targetfunctiontargetSwap(address _origin,
address _target,
uint256 _maxOriginAmount,
uint256 _targetAmount,
uint256 _deadline
) externaldeadline(_deadline) transactablenoDelegateCallisNotEmergencynonReentrantreturns (uint256 originAmount_) {
TargetSwapData memory _swapData;
_swapData._origin = _origin;
_swapData._target = _target;
_swapData._targetAmount = _targetAmount;
_swapData._recipient =msg.sender;
_swapData._curveFactory = curveFactory;
originAmount_ = Swaps.targetSwap(curve, _swapData);
// originAmount_ = Swaps.targetSwap(curve, _origin, _target, _targetAmount, msg.sender,curveFactory);require(originAmount_ <= _maxOriginAmount, "Curve/above-max-origin-amount");
}
/// @notice view how much of the origin currency the target currency will take/// @param _origin the address of the origin/// @param _target the address of the target/// @param _targetAmount the target amount/// @return originAmount_ the amount of target that has been swapped for the originfunctionviewTargetSwap(address _origin,
address _target,
uint256 _targetAmount
) externalviewtransactablereturns (uint256 originAmount_) {
originAmount_ = Swaps.viewTargetSwap(curve, _origin, _target, _targetAmount);
}
/// @notice deposit into the pool with no slippage from the numeraire assets the pool supports/// @param index Index corresponding to the merkleProof/// @param account Address coorresponding to the merkleProof/// @param amount Amount coorresponding to the merkleProof, should always be 1/// @param merkleProof Merkle proof/// @param _deposit the full amount you want to deposit into the pool which will be divided up evenly amongst/// the numeraire assets of the pool/// @return (the amount of curves you receive in return for your deposit,/// the amount deposited for each numeraire)functiondepositWithWhitelist(uint256 index,
address account,
uint256 amount,
bytes32[] calldata merkleProof,
uint256 _deposit,
uint256 _deadline
) externaldeadline(_deadline) transactablenonReentrantnoDelegateCallinWhitelistingStagereturns (uint256, uint256[] memory) {
require(amount ==1, "Curve/invalid-amount");
require(index <=473, "Curve/index-out-of-range" );
require(isWhitelisted(index, account, amount, merkleProof), "Curve/not-whitelisted");
require(msg.sender== account, "Curve/not-approved-user");
(uint256 curvesMinted_, uint256[] memory deposits_) =
ProportionalLiquidity.proportionalDeposit(curve, _deposit);
whitelistedDeposited[msg.sender] = whitelistedDeposited[msg.sender].add(curvesMinted_);
// 10k max depositif (whitelistedDeposited[msg.sender] >10000e18) {
revert("Curve/exceed-whitelist-maximum-deposit");
}
return (curvesMinted_, deposits_);
}
/// @notice deposit into the pool with no slippage from the numeraire assets the pool supports/// @param _deposit the full amount you want to deposit into the pool which will be divided up evenly amongst/// the numeraire assets of the pool/// @return (the amount of curves you receive in return for your deposit,/// the amount deposited for each numeraire)functiondeposit(uint256 _deposit, uint256 _deadline)
externaldeadline(_deadline)
transactablenonReentrantnoDelegateCallnotInWhitelistingStageisNotEmergencyreturns (uint256, uint256[] memory)
{
// (curvesMinted_, deposits_)return ProportionalLiquidity.proportionalDeposit(curve, _deposit);
}
/// @notice view deposits and curves minted a given deposit would return/// @param _deposit the full amount of stablecoins you want to deposit. Divided evenly according to the/// prevailing proportions of the numeraire assets of the pool/// @return (the amount of curves you receive in return for your deposit,/// the amount deposited for each numeraire)functionviewDeposit(uint256 _deposit) externalviewtransactablereturns (uint256, uint256[] memory) {
// curvesToMint_, depositsToMake_return ProportionalLiquidity.viewProportionalDeposit(curve, _deposit);
}
/// @notice Emergency withdraw tokens in the event that the oracle somehow bugs out/// and no one is able to withdraw due to the invariant check/// @param _curvesToBurn the full amount you want to withdraw from the pool which will be withdrawn from evenly amongst the/// numeraire assets of the pool/// @return withdrawals_ the amonts of numeraire assets withdrawn from the poolfunctionemergencyWithdraw(uint256 _curvesToBurn, uint256 _deadline)
externalisEmergencydeadline(_deadline)
nonReentrantnoDelegateCallreturns (uint256[] memory withdrawals_)
{
return ProportionalLiquidity.proportionalWithdraw(curve, _curvesToBurn);
}
/// @notice withdrawas amount of curve tokens from the the pool equally from the numeraire assets of the pool with no slippage/// @param _curvesToBurn the full amount you want to withdraw from the pool which will be withdrawn from evenly amongst the/// numeraire assets of the pool/// @return withdrawals_ the amonts of numeraire assets withdrawn from the poolfunctionwithdraw(uint256 _curvesToBurn, uint256 _deadline)
externaldeadline(_deadline)
nonReentrantnoDelegateCallisNotEmergencyreturns (uint256[] memory withdrawals_)
{
if (whitelistingStage) {
whitelistedDeposited[msg.sender] = whitelistedDeposited[msg.sender].sub(_curvesToBurn);
}
return ProportionalLiquidity.proportionalWithdraw(curve, _curvesToBurn);
}
/// @notice views the withdrawal information from the pool/// @param _curvesToBurn the full amount you want to withdraw from the pool which will be withdrawn from evenly amongst the/// numeraire assets of the pool/// @return the amonnts of numeraire assets withdrawn from the poolfunctionviewWithdraw(uint256 _curvesToBurn) externalviewtransactablereturns (uint256[] memory) {
return ProportionalLiquidity.viewProportionalWithdraw(curve, _curvesToBurn);
}
functionsupportsInterface(bytes4 _interface) publicpurereturns (bool supports_) {
supports_ =this.supportsInterface.selector== _interface ||// erc165bytes4(0x7f5828d0) == _interface ||// eip173bytes4(0x36372b07) == _interface; // erc20
}
/// @notice transfers curve tokens/// @param _recipient the address of where to send the curve tokens/// @param _amount the amount of curve tokens to send/// @return success_ the success bool of the callfunctiontransfer(address _recipient, uint256 _amount) publicnonReentrantnoDelegateCallisNotEmergencyreturns (bool success_) {
success_ = Curves.transfer(curve, _recipient, _amount);
}
/// @notice transfers curve tokens from one address to another address/// @param _sender the account from which the curve tokens will be sent/// @param _recipient the account to which the curve tokens will be sent/// @param _amount the amount of curve tokens to transfer/// @return success_ the success bool of the callfunctiontransferFrom(address _sender,
address _recipient,
uint256 _amount
) publicnonReentrantnoDelegateCallisNotEmergencyreturns (bool success_) {
success_ = Curves.transferFrom(curve, _sender, _recipient, _amount);
}
/// @notice approves a user to spend curve tokens on their behalf/// @param _spender the account to allow to spend from msg.sender/// @param _amount the amount to specify the spender can spend/// @return success_ the success bool of this callfunctionapprove(address _spender, uint256 _amount) publicnonReentrantnoDelegateCallreturns (bool success_) {
success_ = Curves.approve(curve, _spender, _amount);
}
functionflash(address recipient,
uint256 amount0,
uint256 amount1,
bytescalldata data
) externaltransactablenoDelegateCallisNotEmergency{
uint256 fee = curve.epsilon.mulu(1e18);
require(IERC20(derivatives[0]).balanceOf(address(this)) >0, 'Curve/token0-zero-liquidity-depth');
require(IERC20(derivatives[1]).balanceOf(address(this)) >0, 'Curve/token1-zero-liquidity-depth');
uint256 fee0 = FullMath.mulDivRoundingUp(amount0, fee, 1e18);
uint256 fee1 = FullMath.mulDivRoundingUp(amount1, fee, 1e18);
uint256 balance0Before = IERC20(derivatives[0]).balanceOf(address(this));
uint256 balance1Before = IERC20(derivatives[1]).balanceOf(address(this));
if (amount0 >0) IERC20(derivatives[0]).safeTransfer(recipient, amount0);
if (amount1 >0) IERC20(derivatives[1]).safeTransfer(recipient, amount1);
IFlashCallback(msg.sender).flashCallback(fee0, fee1, data);
uint256 balance0After = IERC20(derivatives[0]).balanceOf(address(this));
uint256 balance1After = IERC20(derivatives[1]).balanceOf(address(this));
require(balance0Before.add(fee0) <= balance0After, 'Curve/insufficient-token0-returned');
require(balance1Before.add(fee1) <= balance1After, 'Curve/insufficient-token1-returned');
// sub is safe because we know balanceAfter is gt balanceBefore by at least feeuint256 paid0 = balance0After - balance0Before;
uint256 paid1 = balance1After - balance1Before;
IERC20(derivatives[0]).safeTransfer(owner, paid0);
IERC20(derivatives[1]).safeTransfer(owner, paid1);
emit Flash(msg.sender, recipient, amount0, amount1, paid0, paid1);
}
/// @notice view the curve token balance of a given account/// @param _account the account to view the balance of/// @return balance_ the curve token ballance of the given accountfunctionbalanceOf(address _account) publicviewreturns (uint256 balance_) {
balance_ = curve.balances[_account];
}
/// @notice views the total curve supply of the pool/// @return totalSupply_ the total supply of curve tokensfunctiontotalSupply() publicviewreturns (uint256 totalSupply_) {
totalSupply_ = curve.totalSupply;
}
/// @notice views the total allowance one address has to spend from another address/// @param _owner the address of the owner/// @param _spender the address of the spender/// @return allowance_ the amount the owner has allotted the spenderfunctionallowance(address _owner, address _spender) publicviewreturns (uint256 allowance_) {
allowance_ = curve.allowances[_owner][_spender];
}
/// @notice views the total amount of liquidity in the curve in numeraire value and format - 18 decimals/// @return total_ the total value in the curve/// @return individual_ the individual values in the curvefunctionliquidity() publicviewreturns (uint256 total_, uint256[] memory individual_) {
return ViewLiquidity.viewLiquidity(curve);
}
/// @notice view the assimilator address for a derivative/// @return assimilator_ the assimilator addressfunctionassimilator(address _derivative) publicviewreturns (address assimilator_) {
assimilator_ = curve.assimilators[_derivative].addr;
}
}
Código Fuente del Contrato
Archivo 6 de 30: CurveFactory.sol
// SPDX-License-Identifier: MIT// This program is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.// This program is disstributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.// You should have received a copy of the GNU General Public License// along with this program. If not, see <http://www.gnu.org/licenses/>.pragmasolidity ^0.8.13;// Finds new Curves! logs their addresses and provides `isCurve(address) -> (bool)`import"./Curve.sol";
import"./interfaces/IFreeFromUpTo.sol";
import"../lib/openzeppelin-contracts/contracts/access/Ownable.sol";
contractCurveFactoryisOwnable{
eventNewCurve(addressindexed caller, bytes32indexed id, addressindexed curve);
mapping(bytes32=>address) public curves;
functiongetCurve(address _baseCurrency, address _quoteCurrency) externalviewreturns (address) {
bytes32 curveId =keccak256(abi.encode(_baseCurrency, _quoteCurrency));
return (curves[curveId]);
}
functionnewCurve(stringmemory _name,
stringmemory _symbol,
address _baseCurrency,
address _quoteCurrency,
uint256 _baseWeight,
uint256 _quoteWeight,
address _baseAssimilator,
address _quoteAssimilator
) publiconlyOwnerreturns (Curve) {
bytes32 curveId =keccak256(abi.encode(_baseCurrency, _quoteCurrency));
if (curves[curveId] !=address(0)) revert("CurveFactory/currency-pair-already-exists");
address[] memory _assets =newaddress[](10);
uint256[] memory _assetWeights =newuint256[](2);
// Base Currency
_assets[0] = _baseCurrency;
_assets[1] = _baseAssimilator;
_assets[2] = _baseCurrency;
_assets[3] = _baseAssimilator;
_assets[4] = _baseCurrency;
// Quote Currency (typically USDC)
_assets[5] = _quoteCurrency;
_assets[6] = _quoteAssimilator;
_assets[7] = _quoteCurrency;
_assets[8] = _quoteAssimilator;
_assets[9] = _quoteCurrency;
// Weights
_assetWeights[0] = _baseWeight;
_assetWeights[1] = _quoteWeight;
// New curve
Curve curve =new Curve(_name, _symbol, _assets, _assetWeights, address(this));
curve.transferOwnership(msg.sender);
curves[curveId] =address(curve);
emit NewCurve(msg.sender, curveId, address(curve));
return curve;
}
}
Código Fuente del Contrato
Archivo 7 de 30: CurveMath.sol
// SPDX-License-Identifier: MIT// This program is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.// This program is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.// You should have received a copy of the GNU General Public License// along with this program. If not, see <http://www.gnu.org/licenses/>.pragmasolidity ^0.8.13;import"./Storage.sol";
import"./lib/UnsafeMath64x64.sol";
import"./lib/ABDKMath64x64.sol";
libraryCurveMath{
int128privateconstant ONE =0x10000000000000000;
int128privateconstant MAX =0x4000000000000000; // .25 in layman's termsint128privateconstant MAX_DIFF =-0x10C6F7A0B5EE;
int128privateconstant ONE_WEI =0x12;
usingABDKMath64x64forint128;
usingUnsafeMath64x64forint128;
usingABDKMath64x64foruint256;
// This is used to prevent stack too deep errorsfunctioncalculateFee(int128 _gLiq,
int128[] memory _bals,
Storage.Curve storage curve,
int128[] memory _weights
) internalviewreturns (int128 psi_) {
int128 _beta = curve.beta;
int128 _delta = curve.delta;
psi_ = calculateFee(_gLiq, _bals, _beta, _delta, _weights);
}
functioncalculateFee(int128 _gLiq,
int128[] memory _bals,
int128 _beta,
int128 _delta,
int128[] memory _weights
) internalpurereturns (int128 psi_) {
uint256 _length = _bals.length;
for (uint256 i =0; i < _length; i++) {
int128 _ideal = _gLiq.mul(_weights[i]);
psi_ += calculateMicroFee(_bals[i], _ideal, _beta, _delta);
}
}
functioncalculateMicroFee(int128 _bal,
int128 _ideal,
int128 _beta,
int128 _delta
) privatepurereturns (int128 fee_) {
if (_bal < _ideal) {
int128 _threshold = _ideal.mul(ONE - _beta);
if (_bal < _threshold) {
int128 _feeMargin = _threshold - _bal;
fee_ = _feeMargin.mul(_delta);
fee_ = fee_.div(_ideal);
if (fee_ > MAX) fee_ = MAX;
fee_ = fee_.mul(_feeMargin);
} else fee_ =0;
} else {
int128 _threshold = _ideal.mul(ONE + _beta);
if (_bal > _threshold) {
int128 _feeMargin = _bal - _threshold;
fee_ = _feeMargin.mul(_delta);
fee_ = fee_.div(_ideal);
if (fee_ > MAX) fee_ = MAX;
fee_ = fee_.mul(_feeMargin);
} else fee_ =0;
}
}
functioncalculateTrade(
Storage.Curve storage curve,
int128 _oGLiq,
int128 _nGLiq,
int128[] memory _oBals,
int128[] memory _nBals,
int128 _inputAmt,
uint256 _outputIndex
) internalviewreturns (int128 outputAmt_) {
outputAmt_ =-_inputAmt;
int128 _lambda = curve.lambda;
int128[] memory _weights = curve.weights;
int128 _omega = calculateFee(_oGLiq, _oBals, curve, _weights);
int128 _psi;
for (uint256 i =0; i <32; i++) {
_psi = calculateFee(_nGLiq, _nBals, curve, _weights);
int128 prevAmount;
{
prevAmount = outputAmt_;
outputAmt_ = _omega < _psi ? -(_inputAmt + _omega - _psi) : -(_inputAmt + _lambda.mul(_omega - _psi));
// outputAmt_ = _omega < _psi ? -(_inputAmt + _omega - _psi) : -(_inputAmt +_omega - _psi);
}
if (outputAmt_ /1e13== prevAmount /1e13) {
_nGLiq = _oGLiq + _inputAmt + outputAmt_;
_nBals[_outputIndex] = _oBals[_outputIndex] + outputAmt_;
enforceHalts(curve, _oGLiq, _nGLiq, _oBals, _nBals, _weights);
enforceSwapInvariant(_oGLiq, _omega, _nGLiq, _psi);
return outputAmt_;
} else {
_nGLiq = _oGLiq + _inputAmt + outputAmt_;
_nBals[_outputIndex] = _oBals[_outputIndex].add(outputAmt_);
}
}
revert("Curve/swap-convergence-failed");
}
functioncalculateLiquidityMembrane(
Storage.Curve storage curve,
int128 _oGLiq,
int128 _nGLiq,
int128[] memory _oBals,
int128[] memory _nBals
) internalviewreturns (int128 curves_) {
enforceHalts(curve, _oGLiq, _nGLiq, _oBals, _nBals, curve.weights);
int128 _omega;
int128 _psi;
{
int128 _beta = curve.beta;
int128 _delta = curve.delta;
int128[] memory _weights = curve.weights;
_omega = calculateFee(_oGLiq, _oBals, _beta, _delta, _weights);
_psi = calculateFee(_nGLiq, _nBals, _beta, _delta, _weights);
}
int128 _feeDiff = _psi.sub(_omega);
int128 _liqDiff = _nGLiq.sub(_oGLiq);
int128 _oUtil = _oGLiq.sub(_omega);
int128 _totalShells = curve.totalSupply.divu(1e18);
int128 _curveMultiplier;
if (_totalShells ==0) {
curves_ = _nGLiq.sub(_psi);
} elseif (_feeDiff >=0) {
_curveMultiplier = _liqDiff.sub(_feeDiff).div(_oUtil);
} else {
_curveMultiplier = _liqDiff.sub(curve.lambda.mul(_feeDiff));
_curveMultiplier = _curveMultiplier.div(_oUtil);
}
if (_totalShells !=0) {
curves_ = _totalShells.mul(_curveMultiplier);
}
}
functionenforceSwapInvariant(int128 _oGLiq,
int128 _omega,
int128 _nGLiq,
int128 _psi
) privatepure{
int128 _nextUtil = _nGLiq - _psi;
int128 _prevUtil = _oGLiq - _omega;
int128 _diff = _nextUtil - _prevUtil;
require(0< _diff || _diff >= MAX_DIFF, "Curve/swap-invariant-violation");
}
functionenforceHalts(
Storage.Curve storage curve,
int128 _oGLiq,
int128 _nGLiq,
int128[] memory _oBals,
int128[] memory _nBals,
int128[] memory _weights
) privateview{
uint256 _length = _nBals.length;
int128 _alpha = curve.alpha;
for (uint256 i =0; i < _length; i++) {
int128 _nIdeal = _nGLiq.mul(_weights[i]);
if (_nBals[i] > _nIdeal) {
int128 _upperAlpha = ONE + _alpha;
int128 _nHalt = _nIdeal.mul(_upperAlpha);
if (_nBals[i] > _nHalt) {
int128 _oHalt = _oGLiq.mul(_weights[i]).mul(_upperAlpha);
if (_oBals[i] < _oHalt) revert("Curve/upper-halt");
if (_nBals[i] - _nHalt > _oBals[i] - _oHalt) revert("Curve/upper-halt");
}
} else {
int128 _lowerAlpha = ONE - _alpha;
int128 _nHalt = _nIdeal.mul(_lowerAlpha);
if (_nBals[i] < _nHalt) {
int128 _oHalt = _oGLiq.mul(_weights[i]);
_oHalt = _oHalt.mul(_lowerAlpha);
if (_oBals[i] > _oHalt) revert("Curve/lower-halt");
if (_nHalt - _nBals[i] > _oHalt - _oBals[i]) revert("Curve/lower-halt");
}
}
}
}
}
Código Fuente del Contrato
Archivo 8 de 30: ERC20.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.7.0) (token/ERC20/ERC20.sol)pragmasolidity ^0.8.0;import"./IERC20.sol";
import"./extensions/IERC20Metadata.sol";
import"../../utils/Context.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/contractERC20isContext, IERC20, IERC20Metadata{
mapping(address=>uint256) private _balances;
mapping(address=>mapping(address=>uint256)) private _allowances;
uint256private _totalSupply;
stringprivate _name;
stringprivate _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* The default value of {decimals} is 18. To select a different value for
* {decimals} you should overload it.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/constructor(stringmemory name_, stringmemory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/functionname() publicviewvirtualoverridereturns (stringmemory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/functionsymbol() publicviewvirtualoverridereturns (stringmemory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless this function is
* overridden;
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/functiondecimals() publicviewvirtualoverridereturns (uint8) {
return18;
}
/**
* @dev See {IERC20-totalSupply}.
*/functiontotalSupply() publicviewvirtualoverridereturns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/functionbalanceOf(address account) publicviewvirtualoverridereturns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/functiontransfer(address to, uint256 amount) publicvirtualoverridereturns (bool) {
address owner = _msgSender();
_transfer(owner, to, amount);
returntrue;
}
/**
* @dev See {IERC20-allowance}.
*/functionallowance(address owner, address spender) publicviewvirtualoverridereturns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionapprove(address spender, uint256 amount) publicvirtualoverridereturns (bool) {
address owner = _msgSender();
_approve(owner, spender, amount);
returntrue;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
* - the caller must have allowance for ``from``'s tokens of at least
* `amount`.
*/functiontransferFrom(addressfrom,
address to,
uint256 amount
) publicvirtualoverridereturns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, amount);
_transfer(from, to, amount);
returntrue;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/functionincreaseAllowance(address spender, uint256 addedValue) publicvirtualreturns (bool) {
address owner = _msgSender();
_approve(owner, spender, allowance(owner, spender) + addedValue);
returntrue;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/functiondecreaseAllowance(address spender, uint256 subtractedValue) publicvirtualreturns (bool) {
address owner = _msgSender();
uint256 currentAllowance = allowance(owner, spender);
require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
unchecked {
_approve(owner, spender, currentAllowance - subtractedValue);
}
returntrue;
}
/**
* @dev Moves `amount` of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
*/function_transfer(addressfrom,
address to,
uint256 amount
) internalvirtual{
require(from!=address(0), "ERC20: transfer from the zero address");
require(to !=address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(from, to, amount);
uint256 fromBalance = _balances[from];
require(fromBalance >= amount, "ERC20: transfer amount exceeds balance");
unchecked {
_balances[from] = fromBalance - amount;
// Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by// decrementing then incrementing.
_balances[to] += amount;
}
emit Transfer(from, to, amount);
_afterTokenTransfer(from, to, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/function_mint(address account, uint256 amount) internalvirtual{
require(account !=address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply += amount;
unchecked {
// Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
_balances[account] += amount;
}
emit Transfer(address(0), account, amount);
_afterTokenTransfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/function_burn(address account, uint256 amount) internalvirtual{
require(account !=address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
uint256 accountBalance = _balances[account];
require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
unchecked {
_balances[account] = accountBalance - amount;
// Overflow not possible: amount <= accountBalance <= totalSupply.
_totalSupply -= amount;
}
emit Transfer(account, address(0), amount);
_afterTokenTransfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/function_approve(address owner,
address spender,
uint256 amount
) internalvirtual{
require(owner !=address(0), "ERC20: approve from the zero address");
require(spender !=address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `amount`.
*
* Does not update the allowance amount in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Might emit an {Approval} event.
*/function_spendAllowance(address owner,
address spender,
uint256 amount
) internalvirtual{
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance !=type(uint256).max) {
require(currentAllowance >= amount, "ERC20: insufficient allowance");
unchecked {
_approve(owner, spender, currentAllowance - amount);
}
}
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/function_beforeTokenTransfer(addressfrom,
address to,
uint256 amount
) internalvirtual{}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* has been transferred to `to`.
* - when `from` is zero, `amount` tokens have been minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens have been burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/function_afterTokenTransfer(addressfrom,
address to,
uint256 amount
) internalvirtual{}
}
Código Fuente del Contrato
Archivo 9 de 30: FullMath.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.13;/// @title Contains 512-bit math functions/// @notice Facilitates multiplication and division that can have overflow of an intermediate value without any loss of precision/// @dev Handles "phantom overflow" i.e., allows multiplication and division where an intermediate value overflows 256 bitslibraryFullMath{
/// @notice Calculates floor(a×b÷denominator) with full precision. Throws if result overflows a uint256 or denominator == 0/// @param a The multiplicand/// @param b The multiplier/// @param denominator The divisor/// @return result The 256-bit result/// @dev Credit to Remco Bloemen under MIT license https://xn--2-umb.com/21/muldivfunctionmulDiv(uint256 a,
uint256 b,
uint256 denominator
) internalpurereturns (uint256 result) {
// 512-bit multiply [prod1 prod0] = a * b// Compute the product mod 2**256 and mod 2**256 - 1// then use the Chinese Remainder Theorem to reconstruct// the 512 bit result. The result is stored in two 256// variables such that product = prod1 * 2**256 + prod0uint256 prod0; // Least significant 256 bits of the productuint256 prod1; // Most significant 256 bits of the productassembly {
let mm :=mulmod(a, b, not(0))
prod0 :=mul(a, b)
prod1 :=sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 divisionif (prod1 ==0) {
require(denominator >0);
assembly {
result :=div(prod0, denominator)
}
return result;
}
// Make sure the result is less than 2**256.// Also prevents denominator == 0require(denominator > prod1);
///////////////////////////////////////////////// 512 by 256 division.///////////////////////////////////////////////// Make division exact by subtracting the remainder from [prod1 prod0]// Compute remainder using mulmoduint256 remainder;
assembly {
remainder :=mulmod(a, b, denominator)
}
// Subtract 256 bit number from 512 bit numberassembly {
prod1 :=sub(prod1, gt(remainder, prod0))
prod0 :=sub(prod0, remainder)
}
// Factor powers of two out of denominator// Compute largest power of two divisor of denominator.// Always >= 1.uint256 twos = denominator & (~denominator +1);
// Divide denominator by power of twoassembly {
denominator :=div(denominator, twos)
}
// Divide [prod1 prod0] by the factors of twoassembly {
prod0 :=div(prod0, twos)
}
// Shift in bits from prod1 into prod0. For this we need// to flip `twos` such that it is 2**256 / twos.// If twos is zero, then it becomes oneassembly {
twos :=add(div(sub(0, twos), twos), 1)
}
prod0 |= prod1 * twos;
// Invert denominator mod 2**256// Now that denominator is an odd number, it has an inverse// modulo 2**256 such that denominator * inv = 1 mod 2**256.// Compute the inverse by starting with a seed that is correct// correct for four bits. That is, denominator * inv = 1 mod 2**4uint256 inv = (3* denominator) ^2;
// Now use Newton-Raphson iteration to improve the precision.// Thanks to Hensel's lifting lemma, this also works in modular// arithmetic, doubling the correct bits in each step.
inv *=2- denominator * inv; // inverse mod 2**8
inv *=2- denominator * inv; // inverse mod 2**16
inv *=2- denominator * inv; // inverse mod 2**32
inv *=2- denominator * inv; // inverse mod 2**64
inv *=2- denominator * inv; // inverse mod 2**128
inv *=2- denominator * inv; // inverse mod 2**256// Because the division is now exact we can divide by multiplying// with the modular inverse of denominator. This will give us the// correct result modulo 2**256. Since the precoditions guarantee// that the outcome is less than 2**256, this is the final result.// We don't need to compute the high bits of the result and prod1// is no longer required.
result = prod0 * inv;
return result;
}
/// @notice Calculates ceil(a×b÷denominator) with full precision. Throws if result overflows a uint256 or denominator == 0/// @param a The multiplicand/// @param b The multiplier/// @param denominator The divisor/// @return result The 256-bit resultfunctionmulDivRoundingUp(uint256 a,
uint256 b,
uint256 denominator
) internalpurereturns (uint256 result) {
result = mulDiv(a, b, denominator);
if (mulmod(a, b, denominator) >0) {
require(result <type(uint256).max);
result++;
}
}
}
Código Fuente del Contrato
Archivo 10 de 30: IAssimilator.sol
// SPDX-License-Identifier: MIT// This program is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.// This program is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.// You should have received a copy of the GNU General Public License// along with this program. If not, see <http://www.gnu.org/licenses/>.pragmasolidity ^0.8.13;interfaceIAssimilator{
functiongetRate() externalviewreturns (uint256);
functionintakeRaw(uint256 amount) externalreturns (int128);
functionintakeRawAndGetBalance(uint256 amount) externalreturns (int128, int128);
functionintakeNumeraire(int128 amount) externalreturns (uint256);
functionintakeNumeraireLPRatio(uint256,
uint256,
address,
int128) externalreturns (uint256);
functionoutputRaw(address dst, uint256 amount) externalreturns (int128);
functionoutputRawAndGetBalance(address dst, uint256 amount) externalreturns (int128, int128);
functionoutputNumeraire(address dst, int128 amount) externalreturns (uint256);
functionviewRawAmount(int128) externalviewreturns (uint256);
functionviewRawAmountLPRatio(uint256,
uint256,
address,
int128) externalviewreturns (uint256);
functionviewNumeraireAmount(uint256) externalviewreturns (int128);
functionviewNumeraireBalanceLPRatio(uint256,
uint256,
address) externalviewreturns (int128);
functionviewNumeraireBalance(address) externalviewreturns (int128);
functionviewNumeraireAmountAndBalance(address, uint256) externalviewreturns (int128, int128);
functiontransferFee(int128, address) externalreturns (bool);
}
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)pragmasolidity ^0.8.0;/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/interfaceIERC20{
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/eventTransfer(addressindexedfrom, addressindexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/eventApproval(addressindexed owner, addressindexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/functiontotalSupply() externalviewreturns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/functionbalanceOf(address account) externalviewreturns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransfer(address to, uint256 amount) externalreturns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/functionallowance(address owner, address spender) externalviewreturns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/functionapprove(address spender, uint256 amount) externalreturns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/functiontransferFrom(addressfrom,
address to,
uint256 amount
) externalreturns (bool);
}
Código Fuente del Contrato
Archivo 13 de 30: IERC20Metadata.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)pragmasolidity ^0.8.0;import"../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*
* _Available since v4.1._
*/interfaceIERC20MetadataisIERC20{
/**
* @dev Returns the name of the token.
*/functionname() externalviewreturns (stringmemory);
/**
* @dev Returns the symbol of the token.
*/functionsymbol() externalviewreturns (stringmemory);
/**
* @dev Returns the decimals places of the token.
*/functiondecimals() externalviewreturns (uint8);
}
// SPDX-License-Identifier: MIT// This program is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.// This program is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.// You should have received a copy of the GNU General Public License// along with this program. If not, see <http://www.gnu.org/licenses/>.pragmasolidity ^0.8.13;interfaceIFreeFromUpTo{
functionfreeFromUpTo(addressfrom, uint256 value) externalreturns (uint256 freed);
}
Código Fuente del Contrato
Archivo 16 de 30: IOracle.sol
// SPDX-License-Identifier: MIT// This program is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.// This program is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.// You should have received a copy of the GNU General Public License// along with this program. If not, see <http://www.gnu.org/licenses/>.pragmasolidity ^0.8.13;interfaceIOracle{
functionacceptOwnership() external;
functionaccessController() externalviewreturns (address);
functionaggregator() externalviewreturns (address);
functionconfirmAggregator(address _aggregator) external;
functiondecimals() externalviewreturns (uint8);
functiondescription() externalviewreturns (stringmemory);
functiongetAnswer(uint256 _roundId) externalviewreturns (int256);
functiongetRoundData(uint80 _roundId)
externalviewreturns (uint80 roundId,
int256 answer,
uint256 startedAt,
uint256 updatedAt,
uint80 answeredInRound
);
functiongetTimestamp(uint256 _roundId) externalviewreturns (uint256);
functionlatestAnswer() externalviewreturns (int256);
functionlatestRound() externalviewreturns (uint256);
functionlatestRoundData()
externalviewreturns (uint80 roundId,
int256 answer,
uint256 startedAt,
uint256 updatedAt,
uint80 answeredInRound
);
functionlatestTimestamp() externalviewreturns (uint256);
functionowner() externalviewreturns (address);
functionphaseAggregators(uint16) externalviewreturns (address);
functionphaseId() externalviewreturns (uint16);
functionproposeAggregator(address _aggregator) external;
functionproposedAggregator() externalviewreturns (address);
functionproposedGetRoundData(uint80 _roundId)
externalviewreturns (uint80 roundId,
int256 answer,
uint256 startedAt,
uint256 updatedAt,
uint80 answeredInRound
);
functionproposedLatestRoundData()
externalviewreturns (uint80 roundId,
int256 answer,
uint256 startedAt,
uint256 updatedAt,
uint80 answeredInRound
);
functionsetController(address _accessController) external;
functiontransferOwnership(address _to) external;
functionversion() externalviewreturns (uint256);
}
Código Fuente del Contrato
Archivo 17 de 30: MerkleProof.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.7.0) (utils/cryptography/MerkleProof.sol)pragmasolidity ^0.8.0;/**
* @dev These functions deal with verification of Merkle Tree proofs.
*
* The proofs can be generated using the JavaScript library
* https://github.com/miguelmota/merkletreejs[merkletreejs].
* Note: the hashing algorithm should be keccak256 and pair sorting should be enabled.
*
* See `test/utils/cryptography/MerkleProof.test.js` for some examples.
*
* WARNING: You should avoid using leaf values that are 64 bytes long prior to
* hashing, or use a hash function other than keccak256 for hashing leaves.
* This is because the concatenation of a sorted pair of internal nodes in
* the merkle tree could be reinterpreted as a leaf value.
*/libraryMerkleProof{
/**
* @dev Returns true if a `leaf` can be proved to be a part of a Merkle tree
* defined by `root`. For this, a `proof` must be provided, containing
* sibling hashes on the branch from the leaf to the root of the tree. Each
* pair of leaves and each pair of pre-images are assumed to be sorted.
*/functionverify(bytes32[] memory proof,
bytes32 root,
bytes32 leaf
) internalpurereturns (bool) {
return processProof(proof, leaf) == root;
}
/**
* @dev Calldata version of {verify}
*
* _Available since v4.7._
*/functionverifyCalldata(bytes32[] calldata proof,
bytes32 root,
bytes32 leaf
) internalpurereturns (bool) {
return processProofCalldata(proof, leaf) == root;
}
/**
* @dev Returns the rebuilt hash obtained by traversing a Merkle tree up
* from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt
* hash matches the root of the tree. When processing the proof, the pairs
* of leafs & pre-images are assumed to be sorted.
*
* _Available since v4.4._
*/functionprocessProof(bytes32[] memory proof, bytes32 leaf) internalpurereturns (bytes32) {
bytes32 computedHash = leaf;
for (uint256 i =0; i < proof.length; i++) {
computedHash = _hashPair(computedHash, proof[i]);
}
return computedHash;
}
/**
* @dev Calldata version of {processProof}
*
* _Available since v4.7._
*/functionprocessProofCalldata(bytes32[] calldata proof, bytes32 leaf) internalpurereturns (bytes32) {
bytes32 computedHash = leaf;
for (uint256 i =0; i < proof.length; i++) {
computedHash = _hashPair(computedHash, proof[i]);
}
return computedHash;
}
/**
* @dev Returns true if the `leaves` can be simultaneously proven to be a part of a merkle tree defined by
* `root`, according to `proof` and `proofFlags` as described in {processMultiProof}.
*
* CAUTION: Not all merkle trees admit multiproofs. See {processMultiProof} for details.
*
* _Available since v4.7._
*/functionmultiProofVerify(bytes32[] memory proof,
bool[] memory proofFlags,
bytes32 root,
bytes32[] memory leaves
) internalpurereturns (bool) {
return processMultiProof(proof, proofFlags, leaves) == root;
}
/**
* @dev Calldata version of {multiProofVerify}
*
* CAUTION: Not all merkle trees admit multiproofs. See {processMultiProof} for details.
*
* _Available since v4.7._
*/functionmultiProofVerifyCalldata(bytes32[] calldata proof,
bool[] calldata proofFlags,
bytes32 root,
bytes32[] memory leaves
) internalpurereturns (bool) {
return processMultiProofCalldata(proof, proofFlags, leaves) == root;
}
/**
* @dev Returns the root of a tree reconstructed from `leaves` and sibling nodes in `proof`. The reconstruction
* proceeds by incrementally reconstructing all inner nodes by combining a leaf/inner node with either another
* leaf/inner node or a proof sibling node, depending on whether each `proofFlags` item is true or false
* respectively.
*
* CAUTION: Not all merkle trees admit multiproofs. To use multiproofs, it is sufficient to ensure that: 1) the tree
* is complete (but not necessarily perfect), 2) the leaves to be proven are in the opposite order they are in the
* tree (i.e., as seen from right to left starting at the deepest layer and continuing at the next layer).
*
* _Available since v4.7._
*/functionprocessMultiProof(bytes32[] memory proof,
bool[] memory proofFlags,
bytes32[] memory leaves
) internalpurereturns (bytes32 merkleRoot) {
// This function rebuild the root hash by traversing the tree up from the leaves. The root is rebuilt by// consuming and producing values on a queue. The queue starts with the `leaves` array, then goes onto the// `hashes` array. At the end of the process, the last hash in the `hashes` array should contain the root of// the merkle tree.uint256 leavesLen = leaves.length;
uint256 totalHashes = proofFlags.length;
// Check proof validity.require(leavesLen + proof.length-1== totalHashes, "MerkleProof: invalid multiproof");
// The xxxPos values are "pointers" to the next value to consume in each array. All accesses are done using// `xxx[xxxPos++]`, which return the current value and increment the pointer, thus mimicking a queue's "pop".bytes32[] memory hashes =newbytes32[](totalHashes);
uint256 leafPos =0;
uint256 hashPos =0;
uint256 proofPos =0;
// At each step, we compute the next hash using two values:// - a value from the "main queue". If not all leaves have been consumed, we get the next leaf, otherwise we// get the next hash.// - depending on the flag, either another value for the "main queue" (merging branches) or an element from the// `proof` array.for (uint256 i =0; i < totalHashes; i++) {
bytes32 a = leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++];
bytes32 b = proofFlags[i] ? leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++] : proof[proofPos++];
hashes[i] = _hashPair(a, b);
}
if (totalHashes >0) {
return hashes[totalHashes -1];
} elseif (leavesLen >0) {
return leaves[0];
} else {
return proof[0];
}
}
/**
* @dev Calldata version of {processMultiProof}.
*
* CAUTION: Not all merkle trees admit multiproofs. See {processMultiProof} for details.
*
* _Available since v4.7._
*/functionprocessMultiProofCalldata(bytes32[] calldata proof,
bool[] calldata proofFlags,
bytes32[] memory leaves
) internalpurereturns (bytes32 merkleRoot) {
// This function rebuild the root hash by traversing the tree up from the leaves. The root is rebuilt by// consuming and producing values on a queue. The queue starts with the `leaves` array, then goes onto the// `hashes` array. At the end of the process, the last hash in the `hashes` array should contain the root of// the merkle tree.uint256 leavesLen = leaves.length;
uint256 totalHashes = proofFlags.length;
// Check proof validity.require(leavesLen + proof.length-1== totalHashes, "MerkleProof: invalid multiproof");
// The xxxPos values are "pointers" to the next value to consume in each array. All accesses are done using// `xxx[xxxPos++]`, which return the current value and increment the pointer, thus mimicking a queue's "pop".bytes32[] memory hashes =newbytes32[](totalHashes);
uint256 leafPos =0;
uint256 hashPos =0;
uint256 proofPos =0;
// At each step, we compute the next hash using two values:// - a value from the "main queue". If not all leaves have been consumed, we get the next leaf, otherwise we// get the next hash.// - depending on the flag, either another value for the "main queue" (merging branches) or an element from the// `proof` array.for (uint256 i =0; i < totalHashes; i++) {
bytes32 a = leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++];
bytes32 b = proofFlags[i] ? leafPos < leavesLen ? leaves[leafPos++] : hashes[hashPos++] : proof[proofPos++];
hashes[i] = _hashPair(a, b);
}
if (totalHashes >0) {
return hashes[totalHashes -1];
} elseif (leavesLen >0) {
return leaves[0];
} else {
return proof[0];
}
}
function_hashPair(bytes32 a, bytes32 b) privatepurereturns (bytes32) {
return a < b ? _efficientHash(a, b) : _efficientHash(b, a);
}
function_efficientHash(bytes32 a, bytes32 b) privatepurereturns (bytes32 value) {
/// @solidity memory-safe-assemblyassembly {
mstore(0x00, a)
mstore(0x20, b)
value :=keccak256(0x00, 0x40)
}
}
}
// SPDX-License-Identifier: BUSL-1.1pragmasolidity ^0.8.13;/// @title Prevents delegatecall to a contract/// @notice Base contract that provides a modifier for preventing delegatecall to methods in a child contractabstractcontractNoDelegateCall{
/// @dev The original address of this contractaddressprivateimmutable original;
constructor() {
// Immutables are computed in the init code of the contract, and then inlined into the deployed bytecode.// In other words, this variable won't change when it's checked at runtime.
original =address(this);
}
/// @dev Private method is used instead of inlining into modifier because modifiers are copied into each method,/// and the use of immutable means the address bytes are copied in every place the modifier is used.functioncheckNotDelegateCall() privateview{
require(address(this) == original);
}
/// @notice Prevents delegatecall into the modified methodmodifiernoDelegateCall() {
checkNotDelegateCall();
_;
}
}
Código Fuente del Contrato
Archivo 20 de 30: Orchestrator.sol
// SPDX-License-Identifier: MIT// This program is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.// This program is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.// You should have received a copy of the GNU General Public License// along with this program. If not, see <http://www.gnu.org/licenses/>.pragmasolidity ^0.8.13;import"../lib/openzeppelin-contracts/contracts/token/ERC20/ERC20.sol";
import"../lib/openzeppelin-contracts/contracts/token/ERC20/utils/SafeERC20.sol";
import"./lib/ABDKMath64x64.sol";
import"./Storage.sol";
import"./CurveMath.sol";
libraryOrchestrator{
usingSafeERC20forIERC20;
usingABDKMath64x64forint128;
usingABDKMath64x64foruint256;
int128privateconstant ONE_WEI =0x12;
eventParametersSet(uint256 alpha, uint256 beta, uint256 delta, uint256 epsilon, uint256 lambda);
eventAssetIncluded(addressindexed numeraire, addressindexed reserve, uint256 weight);
eventAssimilatorIncluded(addressindexed derivative,
addressindexed numeraire,
addressindexed reserve,
address assimilator
);
functionsetParams(
Storage.Curve storage curve,
uint256 _alpha,
uint256 _beta,
uint256 _feeAtHalt,
uint256 _epsilon,
uint256 _lambda
) external{
require(0< _alpha && _alpha <1e18, "Curve/parameter-invalid-alpha");
require(_beta < _alpha, "Curve/parameter-invalid-beta");
require(_feeAtHalt <=5e17, "Curve/parameter-invalid-max");
require(_epsilon <=1e16, "Curve/parameter-invalid-epsilon");
require(_lambda <=1e18, "Curve/parameter-invalid-lambda");
int128 _omega = getFee(curve);
curve.alpha = (_alpha +1).divu(1e18);
curve.beta = (_beta +1).divu(1e18);
curve.delta = (_feeAtHalt).divu(1e18).div(uint256(2).fromUInt().mul(curve.alpha.sub(curve.beta))) + ONE_WEI;
curve.epsilon = (_epsilon +1).divu(1e18);
curve.lambda = (_lambda +1).divu(1e18);
int128 _psi = getFee(curve);
require(_omega >= _psi, "Curve/parameters-increase-fee");
emit ParametersSet(_alpha, _beta, curve.delta.mulu(1e18), _epsilon, _lambda);
}
functiongetFee(Storage.Curve storage curve) privateviewreturns (int128 fee_) {
int128 _gLiq;
// Always pairsint128[] memory _bals =newint128[](2);
for (uint256 i =0; i < _bals.length; i++) {
int128 _bal = Assimilators.viewNumeraireBalance(curve.assets[i].addr);
_bals[i] = _bal;
_gLiq += _bal;
}
fee_ = CurveMath.calculateFee(_gLiq, _bals, curve.beta, curve.delta, curve.weights);
}
functioninitialize(
Storage.Curve storage curve,
address[] storage numeraires,
address[] storage reserves,
address[] storage derivatives,
address[] calldata _assets,
uint256[] calldata _assetWeights
) external{
require(_assetWeights.length==2, "Curve/assetWeights-must-be-length-two");
require(_assets.length%5==0, "Curve/assets-must-be-divisible-by-five");
for (uint256 i =0; i < _assetWeights.length; i++) {
uint256 ix = i *5;
numeraires.push(_assets[ix]);
derivatives.push(_assets[ix]);
reserves.push(_assets[2+ ix]);
if (_assets[ix] != _assets[2+ ix]) derivatives.push(_assets[2+ ix]);
includeAsset(
curve,
_assets[ix], // numeraire
_assets[1+ ix], // numeraire assimilator
_assets[2+ ix], // reserve
_assets[3+ ix], // reserve assimilator
_assets[4+ ix], // reserve approve to
_assetWeights[i]
);
}
}
functionincludeAsset(
Storage.Curve storage curve,
address _numeraire,
address _numeraireAssim,
address _reserve,
address _reserveAssim,
address _reserveApproveTo,
uint256 _weight
) private{
require(_numeraire !=address(0), "Curve/numeraire-cannot-be-zeroth-address");
require(_numeraireAssim !=address(0), "Curve/numeraire-assimilator-cannot-be-zeroth-address");
require(_reserve !=address(0), "Curve/reserve-cannot-be-zeroth-address");
require(_reserveAssim !=address(0), "Curve/reserve-assimilator-cannot-be-zeroth-address");
require(_weight <1e18, "Curve/weight-must-be-less-than-one");
if (_numeraire != _reserve) IERC20(_numeraire).safeApprove(_reserveApproveTo, type(uint).max);
Storage.Assimilator storage _numeraireAssimilator = curve.assimilators[_numeraire];
_numeraireAssimilator.addr = _numeraireAssim;
_numeraireAssimilator.ix =uint8(curve.assets.length);
Storage.Assimilator storage _reserveAssimilator = curve.assimilators[_reserve];
_reserveAssimilator.addr = _reserveAssim;
_reserveAssimilator.ix =uint8(curve.assets.length);
int128 __weight = _weight.divu(1e18).add(uint256(1).divu(1e18));
curve.weights.push(__weight);
curve.assets.push(_numeraireAssimilator);
emit AssetIncluded(_numeraire, _reserve, _weight);
emit AssimilatorIncluded(_numeraire, _numeraire, _reserve, _numeraireAssim);
if (_numeraireAssim != _reserveAssim) {
emit AssimilatorIncluded(_reserve, _numeraire, _reserve, _reserveAssim);
}
}
functionviewCurve(Storage.Curve storage curve)
externalviewreturns (uint256 alpha_,
uint256 beta_,
uint256 delta_,
uint256 epsilon_,
uint256 lambda_
)
{
alpha_ = curve.alpha.mulu(1e18);
beta_ = curve.beta.mulu(1e18);
delta_ = curve.delta.mulu(1e18);
epsilon_ = curve.epsilon.mulu(1e18);
lambda_ = curve.lambda.mulu(1e18);
}
}
Código Fuente del Contrato
Archivo 21 de 30: Ownable.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol)pragmasolidity ^0.8.0;import"../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/abstractcontractOwnableisContext{
addressprivate _owner;
eventOwnershipTransferred(addressindexed previousOwner, addressindexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/modifieronlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/functionowner() publicviewvirtualreturns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/function_checkOwner() internalviewvirtual{
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/functionrenounceOwnership() publicvirtualonlyOwner{
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/functiontransferOwnership(address newOwner) publicvirtualonlyOwner{
require(newOwner !=address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/function_transferOwnership(address newOwner) internalvirtual{
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.7.0) (token/ERC20/utils/SafeERC20.sol)pragmasolidity ^0.8.0;import"../IERC20.sol";
import"../extensions/draft-IERC20Permit.sol";
import"../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/librarySafeERC20{
usingAddressforaddress;
functionsafeTransfer(
IERC20 token,
address to,
uint256 value
) internal{
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
functionsafeTransferFrom(
IERC20 token,
addressfrom,
address to,
uint256 value
) internal{
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/functionsafeApprove(
IERC20 token,
address spender,
uint256 value
) internal{
// safeApprove should only be called when setting an initial allowance,// or when resetting it to zero. To increase and decrease it, use// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'require(
(value ==0) || (token.allowance(address(this), spender) ==0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
functionsafeIncreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal{
uint256 newAllowance = token.allowance(address(this), spender) + value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
functionsafeDecreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal{
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
uint256 newAllowance = oldAllowance - value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
}
functionsafePermit(
IERC20Permit token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal{
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore +1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/function_callOptionalReturn(IERC20 token, bytesmemory data) private{
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that// the target address contains contract code and also asserts for success in the low-level call.bytesmemory returndata =address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length>0) {
// Return data is optionalrequire(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}
Código Fuente del Contrato
Archivo 24 de 30: SafeMath.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v4.6.0) (utils/math/SafeMath.sol)pragmasolidity ^0.8.0;// CAUTION// This version of SafeMath should only be used with Solidity 0.8 or later,// because it relies on the compiler's built in overflow checks./**
* @dev Wrappers over Solidity's arithmetic operations.
*
* NOTE: `SafeMath` is generally not needed starting with Solidity 0.8, since the compiler
* now has built in overflow checking.
*/librarySafeMath{
/**
* @dev Returns the addition of two unsigned integers, with an overflow flag.
*
* _Available since v3.4._
*/functiontryAdd(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
uint256 c = a + b;
if (c < a) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with an overflow flag.
*
* _Available since v3.4._
*/functiontrySub(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
if (b > a) return (false, 0);
return (true, a - b);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with an overflow flag.
*
* _Available since v3.4._
*/functiontryMul(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the// benefit is lost if 'b' is also tested.// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522if (a ==0) return (true, 0);
uint256 c = a * b;
if (c / a != b) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the division of two unsigned integers, with a division by zero flag.
*
* _Available since v3.4._
*/functiontryDiv(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
if (b ==0) return (false, 0);
return (true, a / b);
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a division by zero flag.
*
* _Available since v3.4._
*/functiontryMod(uint256 a, uint256 b) internalpurereturns (bool, uint256) {
unchecked {
if (b ==0) return (false, 0);
return (true, a % b);
}
}
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
*
* - Addition cannot overflow.
*/functionadd(uint256 a, uint256 b) internalpurereturns (uint256) {
return a + b;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/functionsub(uint256 a, uint256 b) internalpurereturns (uint256) {
return a - b;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
*
* - Multiplication cannot overflow.
*/functionmul(uint256 a, uint256 b) internalpurereturns (uint256) {
return a * b;
}
/**
* @dev Returns the integer division of two unsigned integers, reverting on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator.
*
* Requirements:
*
* - The divisor cannot be zero.
*/functiondiv(uint256 a, uint256 b) internalpurereturns (uint256) {
return a / b;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* reverting when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/functionmod(uint256 a, uint256 b) internalpurereturns (uint256) {
return a % b;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* CAUTION: This function is deprecated because it requires allocating memory for the error
* message unnecessarily. For custom revert reasons use {trySub}.
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/functionsub(uint256 a,
uint256 b,
stringmemory errorMessage
) internalpurereturns (uint256) {
unchecked {
require(b <= a, errorMessage);
return a - b;
}
}
/**
* @dev Returns the integer division of two unsigned integers, reverting with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/functiondiv(uint256 a,
uint256 b,
stringmemory errorMessage
) internalpurereturns (uint256) {
unchecked {
require(b >0, errorMessage);
return a / b;
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* reverting with custom message when dividing by zero.
*
* CAUTION: This function is deprecated because it requires allocating memory for the error
* message unnecessarily. For custom revert reasons use {tryMod}.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/functionmod(uint256 a,
uint256 b,
stringmemory errorMessage
) internalpurereturns (uint256) {
unchecked {
require(b >0, errorMessage);
return a % b;
}
}
}
Código Fuente del Contrato
Archivo 25 de 30: Storage.sol
// SPDX-License-Identifier: MIT// This program is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.// This program is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.// You should have received a copy of the GNU General Public License// along with this program. If not, see <http://www.gnu.org/licenses/>.pragmasolidity ^0.8.13;import"./interfaces/IOracle.sol";
import"./Assimilators.sol";
contractStorage{
structCurve {
// Curve parametersint128 alpha;
int128 beta;
int128 delta;
int128 epsilon;
int128 lambda;
int128[] weights;
// Assets and their assimilators
Assimilator[] assets;
mapping(address=> Assimilator) assimilators;
// Oracles to determine the price// Note that 0'th index should always be USDC 1e18// Oracle's pricing should be denominated in Currency/USDCmapping(address=> IOracle) oracles;
// ERC20 Interfaceuint256 totalSupply;
mapping(address=>uint256) balances;
mapping(address=>mapping(address=>uint256)) allowances;
}
structAssimilator {
address addr;
uint8 ix;
}
// Curve parameters
Curve public curve;
// Ownableaddresspublic owner;
stringpublic name;
stringpublic symbol;
uint8publicconstant decimals =18;
address[] public derivatives;
address[] public numeraires;
address[] public reserves;
// Curve operational stateboolpublic frozen =false;
boolpublic emergency =false;
boolpublic whitelistingStage =true;
boolinternal notEntered =true;
mapping(address=>uint256) public whitelistedDeposited;
}
// SPDX-License-Identifier: MITpragmasolidity ^0.8.13;pragmaexperimentalABIEncoderV2;import"./Assimilators.sol";
import"./Storage.sol";
import"./CurveMath.sol";
import"./lib/UnsafeMath64x64.sol";
import"./lib/ABDKMath64x64.sol";
import"../lib/openzeppelin-contracts/contracts/utils/math/SafeMath.sol";
import"../lib/openzeppelin-contracts/contracts/token/ERC20/IERC20.sol";
import"./CurveFactory.sol";
import"./Structs.sol";
librarySwaps{
usingABDKMath64x64forint128;
usingABDKMath64x64forint256;
usingUnsafeMath64x64forint128;
usingABDKMath64x64foruint256;
usingSafeMathforuint256;
eventTrade(addressindexed trader,
addressindexed origin,
addressindexed target,
uint256 originAmount,
uint256 targetAmount
);
int128publicconstant ONE =0x10000000000000000;
functiongetOriginAndTarget(
Storage.Curve storage curve,
address _o,
address _t
) privateviewreturns (Storage.Assimilator memory, Storage.Assimilator memory) {
Storage.Assimilator memory o_ = curve.assimilators[_o];
Storage.Assimilator memory t_ = curve.assimilators[_t];
require(o_.addr !=address(0), "Curve/origin-not-supported");
require(t_.addr !=address(0), "Curve/target-not-supported");
return (o_, t_);
}
functionoriginSwap(Storage.Curve storage curve, OriginSwapData memory _swapData)
externalreturns (uint256 tAmt_
)
{
(Storage.Assimilator memory _o, Storage.Assimilator memory _t) =
getOriginAndTarget(curve, _swapData._origin, _swapData._target);
if (_o.ix == _t.ix)
return
Assimilators.outputNumeraire(
_t.addr,
_swapData._recipient,
Assimilators.intakeRaw(_o.addr, _swapData._originAmount)
);
SwapInfo memory _swapInfo;
(int128 _amt, int128 _oGLiq, int128 _nGLiq, int128[] memory _oBals, int128[] memory _nBals) =
getOriginSwapData(curve, _o.ix, _t.ix, _o.addr, _swapData._originAmount);
_swapInfo.totalAmount = _amt;
_amt = CurveMath.calculateTrade(curve, _oGLiq, _nGLiq, _oBals, _nBals, _amt, _t.ix);
_swapInfo.curveFactory = ICurveFactory(_swapData._curveFactory);
_swapInfo.amountToUser = _amt.us_mul(ONE - curve.epsilon);
_swapInfo.totalFee = _swapInfo.totalAmount + _swapInfo.amountToUser;
_swapInfo.protocolFeePercentage = _swapInfo.curveFactory.getProtocolFee();
_swapInfo.treasury = _swapInfo.curveFactory.getProtocolTreasury();
_swapInfo.amountToTreasury = _swapInfo.totalFee.muli(_swapInfo.protocolFeePercentage).divi(100000);
Assimilators.transferFee(_t.addr, _swapInfo.amountToTreasury, _swapInfo.treasury);
tAmt_ = Assimilators.outputNumeraire(_t.addr, _swapData._recipient, _swapInfo.amountToUser);
emit Trade(msg.sender, _swapData._origin, _swapData._target, _swapData._originAmount, tAmt_);
}
functionviewOriginSwap(
Storage.Curve storage curve,
address _origin,
address _target,
uint256 _originAmount
) externalviewreturns (uint256 tAmt_) {
(Storage.Assimilator memory _o, Storage.Assimilator memory _t) = getOriginAndTarget(curve, _origin, _target);
if (_o.ix == _t.ix)
return Assimilators.viewRawAmount(_t.addr, Assimilators.viewNumeraireAmount(_o.addr, _originAmount));
(int128 _amt, int128 _oGLiq, int128 _nGLiq, int128[] memory _nBals, int128[] memory _oBals) =
viewOriginSwapData(curve, _o.ix, _t.ix, _originAmount, _o.addr);
_amt = CurveMath.calculateTrade(curve, _oGLiq, _nGLiq, _oBals, _nBals, _amt, _t.ix);
_amt = _amt.us_mul(ONE - curve.epsilon);
tAmt_ = Assimilators.viewRawAmount(_t.addr, _amt.abs());
}
functiontargetSwap(Storage.Curve storage curve, TargetSwapData memory _swapData)
externalreturns (uint256 oAmt_
)
{
(Storage.Assimilator memory _o, Storage.Assimilator memory _t) =
getOriginAndTarget(curve, _swapData._origin, _swapData._target);
if (_o.ix == _t.ix)
return
Assimilators.intakeNumeraire(
_o.addr,
Assimilators.outputRaw(_t.addr, _swapData._recipient, _swapData._targetAmount)
);
// If the origin is the quote currency (i.e. usdc)// we need to make sure to massage the _targetAmount// by dividing it by the exchange rate (so it gets// multiplied later to reach the same target amount).// Inelegant solution, but this way we don't need to// re-write large chunks of the code-base// curve.assets[1].addr = quoteCurrency// no variable assignment due to stack too deepif (curve.assets[1].addr == _o.addr) {
_swapData._targetAmount = _swapData._targetAmount.mul(1e8).div(Assimilators.getRate(_t.addr));
}
(int128 _amt, int128 _oGLiq, int128 _nGLiq, int128[] memory _oBals, int128[] memory _nBals) =
getTargetSwapData(curve, _t.ix, _o.ix, _t.addr, _swapData._recipient, _swapData._targetAmount);
_amt = CurveMath.calculateTrade(curve, _oGLiq, _nGLiq, _oBals, _nBals, _amt, _o.ix);
// If the origin is the quote currency (i.e. usdc)// we need to make sure to massage the _amt too// curve.assets[1].addr = quoteCurrencyif (curve.assets[1].addr == _o.addr) {
_amt = _amt.mul(Assimilators.getRate(_t.addr).divu(1e8));
}
SwapInfo memory _swapInfo;
_swapInfo.totalAmount = _amt;
_swapInfo.curveFactory = ICurveFactory(_swapData._curveFactory);
_swapInfo.amountToUser = _amt.us_mul(ONE + curve.epsilon);
_swapInfo.totalFee = _swapInfo.amountToUser - _amt;
_swapInfo.protocolFeePercentage = _swapInfo.curveFactory.getProtocolFee();
_swapInfo.treasury = _swapInfo.curveFactory.getProtocolTreasury();
_swapInfo.amountToTreasury = _swapInfo.totalFee.muli(_swapInfo.protocolFeePercentage).divi(100000);
Assimilators.transferFee(_o.addr, _swapInfo.amountToTreasury, _swapInfo.treasury);
oAmt_ = Assimilators.intakeNumeraire(_o.addr, _swapInfo.amountToUser);
emit Trade(msg.sender, _swapData._origin, _swapData._target, oAmt_, _swapData._targetAmount);
}
functionviewTargetSwap(
Storage.Curve storage curve,
address _origin,
address _target,
uint256 _targetAmount
) externalviewreturns (uint256 oAmt_) {
(Storage.Assimilator memory _o, Storage.Assimilator memory _t) = getOriginAndTarget(curve, _origin, _target);
if (_o.ix == _t.ix)
return Assimilators.viewRawAmount(_o.addr, Assimilators.viewNumeraireAmount(_t.addr, _targetAmount));
// If the origin is the quote currency (i.e. usdc)// we need to make sure to massage the _targetAmount// by dividing it by the exchange rate (so it gets// multiplied later to reach the same target amount).// Inelegant solution, but this way we don't need to// re-write large chunks of the code-base// curve.assets[1].addr = quoteCurrency// no variable assignment due to stack too deepif (curve.assets[1].addr == _o.addr) {
_targetAmount = _targetAmount.mul(1e8).div(Assimilators.getRate(_t.addr));
}
(int128 _amt, int128 _oGLiq, int128 _nGLiq, int128[] memory _nBals, int128[] memory _oBals) =
viewTargetSwapData(curve, _t.ix, _o.ix, _targetAmount, _t.addr);
_amt = CurveMath.calculateTrade(curve, _oGLiq, _nGLiq, _oBals, _nBals, _amt, _o.ix);
// If the origin is the quote currency (i.e. usdc)// we need to make sure to massage the _amt too// curve.assets[1].addr = quoteCurrencyif (curve.assets[1].addr == _o.addr) {
_amt = _amt.mul(Assimilators.getRate(_t.addr).divu(1e8));
}
_amt = _amt.us_mul(ONE + curve.epsilon);
oAmt_ = Assimilators.viewRawAmount(_o.addr, _amt);
}
functiongetOriginSwapData(
Storage.Curve storage curve,
uint256 _inputIx,
uint256 _outputIx,
address _assim,
uint256 _amt
)
privatereturns (int128 amt_,
int128 oGLiq_,
int128 nGLiq_,
int128[] memory,
int128[] memory)
{
uint256 _length = curve.assets.length;
int128[] memory oBals_ =newint128[](_length);
int128[] memory nBals_ =newint128[](_length);
Storage.Assimilator[] memory _reserves = curve.assets;
for (uint256 i =0; i < _length; i++) {
if (i != _inputIx) nBals_[i] = oBals_[i] = Assimilators.viewNumeraireBalance(_reserves[i].addr);
else {
int128 _bal;
(amt_, _bal) = Assimilators.intakeRawAndGetBalance(_assim, _amt);
oBals_[i] = _bal.sub(amt_);
nBals_[i] = _bal;
}
oGLiq_ += oBals_[i];
nGLiq_ += nBals_[i];
}
nGLiq_ = nGLiq_.sub(amt_);
nBals_[_outputIx] = ABDKMath64x64.sub(nBals_[_outputIx], amt_);
return (amt_, oGLiq_, nGLiq_, oBals_, nBals_);
}
functiongetTargetSwapData(
Storage.Curve storage curve,
uint256 _inputIx,
uint256 _outputIx,
address _assim,
address _recipient,
uint256 _amt
)
privatereturns (int128 amt_,
int128 oGLiq_,
int128 nGLiq_,
int128[] memory,
int128[] memory)
{
uint256 _length = curve.assets.length;
int128[] memory oBals_ =newint128[](_length);
int128[] memory nBals_ =newint128[](_length);
Storage.Assimilator[] memory _reserves = curve.assets;
for (uint256 i =0; i < _length; i++) {
if (i != _inputIx) nBals_[i] = oBals_[i] = Assimilators.viewNumeraireBalance(_reserves[i].addr);
else {
int128 _bal;
(amt_, _bal) = Assimilators.outputRawAndGetBalance(_assim, _recipient, _amt);
oBals_[i] = _bal.sub(amt_);
nBals_[i] = _bal;
}
oGLiq_ += oBals_[i];
nGLiq_ += nBals_[i];
}
nGLiq_ = nGLiq_.sub(amt_);
nBals_[_outputIx] = ABDKMath64x64.sub(nBals_[_outputIx], amt_);
return (amt_, oGLiq_, nGLiq_, oBals_, nBals_);
}
functionviewOriginSwapData(
Storage.Curve storage curve,
uint256 _inputIx,
uint256 _outputIx,
uint256 _amt,
address _assim
)
privateviewreturns (int128 amt_,
int128 oGLiq_,
int128 nGLiq_,
int128[] memory,
int128[] memory)
{
uint256 _length = curve.assets.length;
int128[] memory nBals_ =newint128[](_length);
int128[] memory oBals_ =newint128[](_length);
for (uint256 i =0; i < _length; i++) {
if (i != _inputIx) nBals_[i] = oBals_[i] = Assimilators.viewNumeraireBalance(curve.assets[i].addr);
else {
int128 _bal;
(amt_, _bal) = Assimilators.viewNumeraireAmountAndBalance(_assim, _amt);
oBals_[i] = _bal;
nBals_[i] = _bal.add(amt_);
}
oGLiq_ += oBals_[i];
nGLiq_ += nBals_[i];
}
nGLiq_ = nGLiq_.sub(amt_);
nBals_[_outputIx] = ABDKMath64x64.sub(nBals_[_outputIx], amt_);
return (amt_, oGLiq_, nGLiq_, nBals_, oBals_);
}
functionviewTargetSwapData(
Storage.Curve storage curve,
uint256 _inputIx,
uint256 _outputIx,
uint256 _amt,
address _assim
)
privateviewreturns (int128 amt_,
int128 oGLiq_,
int128 nGLiq_,
int128[] memory,
int128[] memory)
{
uint256 _length = curve.assets.length;
int128[] memory nBals_ =newint128[](_length);
int128[] memory oBals_ =newint128[](_length);
for (uint256 i =0; i < _length; i++) {
if (i != _inputIx) nBals_[i] = oBals_[i] = Assimilators.viewNumeraireBalance(curve.assets[i].addr);
else {
int128 _bal;
(amt_, _bal) = Assimilators.viewNumeraireAmountAndBalance(_assim, _amt);
amt_ = amt_.neg();
oBals_[i] = _bal;
nBals_[i] = _bal.add(amt_);
}
oGLiq_ += oBals_[i];
nGLiq_ += nBals_[i];
}
nGLiq_ = nGLiq_.sub(amt_);
nBals_[_outputIx] = ABDKMath64x64.sub(nBals_[_outputIx], amt_);
return (amt_, oGLiq_, nGLiq_, nBals_, oBals_);
}
}
Código Fuente del Contrato
Archivo 28 de 30: UnsafeMath64x64.sol
// SPDX-License-Identifier: MITpragmasolidity ^0.8.13;libraryUnsafeMath64x64{
/**
* Calculate x * y rounding down.
*
* @param x signed 64.64-bit fixed point number
* @param y signed 64.64-bit fixed point number
* @return signed 64.64-bit fixed point number
*/functionus_mul (int128 x, int128 y) internalpurereturns (int128) {
int256 result =int256(x) * y >>64;
returnint128 (result);
}
/**
* Calculate x / y rounding towards zero. Revert on overflow or when y is
* zero.
*
* @param x signed 64.64-bit fixed point number
* @param y signed 64.64-bit fixed point number
* @return signed 64.64-bit fixed point number
*/functionus_div (int128 x, int128 y) internalpurereturns (int128) {
int256 result = (int256 (x) <<64) / y;
returnint128 (result);
}
}
Código Fuente del Contrato
Archivo 29 de 30: ViewLiquidity.sol
// SPDX-License-Identifier: MIT// This program is free software: you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation, either version 3 of the License, or// (at your option) any later version.// This program is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.// You should have received a copy of the GNU General Public License// along with this program. If not, see <http://www.gnu.org/licenses/>.pragmasolidity ^0.8.13;import"./Storage.sol";
import"./Assimilators.sol";
import"./lib/ABDKMath64x64.sol";
libraryViewLiquidity{
usingABDKMath64x64forint128;
functionviewLiquidity(Storage.Curve storage curve)
externalviewreturns (uint256 total_, uint256[] memory individual_)
{
uint256 _length = curve.assets.length;
individual_ =newuint256[](_length);
for (uint256 i =0; i < _length; i++) {
uint256 _liquidity = Assimilators.viewNumeraireBalance(curve.assets[i].addr).mulu(1e18);
total_ += _liquidity;
individual_[i] = _liquidity;
}
return (total_, individual_);
}
}
Código Fuente del Contrato
Archivo 30 de 30: draft-IERC20Permit.sol
// SPDX-License-Identifier: MIT// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/draft-IERC20Permit.sol)pragmasolidity ^0.8.0;/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/interfaceIERC20Permit{
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*/functionpermit(address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/functionnonces(address owner) externalviewreturns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/// solhint-disable-next-line func-name-mixedcasefunctionDOMAIN_SEPARATOR() externalviewreturns (bytes32);
}
