文件 1 的 1:Light.sol
pragma solidity >=0.6.0 <0.8.0;
interface IERC20 {
function totalSupply() external view returns (uint256);
function balanceOf(address account) external view returns (uint256);
function transfer(address recipient, uint256 amount) external returns (bool);
function allowance(address owner, address spender) external view returns (uint256);
function approve(address spender, uint256 amount) external returns (bool);
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
event Transfer(address indexed from, address indexed to, uint256 value);
event Approval(address indexed owner, address indexed spender, uint256 value);
}
pragma solidity >=0.6.0 <0.8.0;
library SafeMath {
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b > 0, errorMessage);
uint256 c = a / b;
return c;
}
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b != 0, errorMessage);
return a % b;
}
}
pragma solidity >=0.6.2 <0.8.0;
library Address {
function isContract(address account) internal view returns (bool) {
uint256 size;
assembly { size := extcodesize(account) }
return size > 0;
}
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{ value: amount }("");
require(success, "Address: unable to send value, recipient may have reverted");
}
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCall(target, data, "Address: low-level call failed");
}
function functionCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
function functionCallWithValue(address target, bytes memory data, uint256 value, string memory errorMessage) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
require(isContract(target), "Address: call to non-contract");
(bool success, bytes memory returndata) = target.call{ value: value }(data);
return _verifyCallResult(success, returndata, errorMessage);
}
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
function functionStaticCall(address target, bytes memory data, string memory errorMessage) internal view returns (bytes memory) {
require(isContract(target), "Address: static call to non-contract");
(bool success, bytes memory returndata) = target.staticcall(data);
return _verifyCallResult(success, returndata, errorMessage);
}
function _verifyCallResult(bool success, bytes memory returndata, string memory errorMessage) private pure returns(bytes memory) {
if (success) {
return returndata;
} else {
if (returndata.length > 0) {
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}
pragma solidity >=0.6.0 <0.8.0;
library SafeERC20 {
using SafeMath for uint256;
using Address for address;
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
function safeApprove(IERC20 token, address spender, uint256 value) internal {
require((value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 newAllowance = token.allowance(address(this), spender).add(value);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 newAllowance = token.allowance(address(this), spender).sub(value, "SafeERC20: decreased allowance below zero");
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function _callOptionalReturn(IERC20 token, bytes memory data) private {
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length > 0) {
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}
pragma solidity >=0.6.0 <0.8.0;
library ECDSA {
function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
if (signature.length != 65) {
revert("ECDSA: invalid signature length");
}
bytes32 r;
bytes32 s;
uint8 v;
assembly {
r := mload(add(signature, 0x20))
s := mload(add(signature, 0x40))
v := byte(0, mload(add(signature, 0x60)))
}
require(uint256(s) <= 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0, "ECDSA: invalid signature 's' value");
require(v == 27 || v == 28, "ECDSA: invalid signature 'v' value");
address signer = ecrecover(hash, v, r, s);
require(signer != address(0), "ECDSA: invalid signature");
return signer;
}
function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", hash));
}
}
interface ILight {
event Swap(
uint256 indexed nonce,
uint256 timestamp,
address indexed signerWallet,
address indexed senderWallet,
IERC20 signerToken,
IERC20 senderToken,
uint256 signerAmount,
uint256 senderAmount
);
event Cancel(uint256 indexed nonce, address indexed signerWallet);
event CancelUpTo(uint256 indexed nonce, address indexed signerWallet);
function swap(
uint256 nonce,
uint256 expiry,
IERC20 signerToken,
uint256 signerAmount,
IERC20 senderToken,
uint256 senderAmount,
bytes calldata signature
) external;
function cancel(uint256[] calldata nonces) external;
function cancelUpTo(uint256 minimumNonce) external;
function nonceUsed(address, uint256) external view returns (bool);
function signerMinimumNonce(address) external view returns (uint256);
}
contract Light is ILight {
using SafeERC20 for IERC20;
using ECDSA for bytes32;
bytes32 public constant DOMAIN_TYPEHASH = keccak256(
abi.encodePacked(
"EIP712Domain(",
"string name,",
"string version,",
"uint256 chainId,",
"address verifyingContract",
")"
)
);
bytes32 public constant ORDER_TYPEHASH = keccak256(
abi.encodePacked(
"LightOrder(",
"uint256 nonce,",
"uint256 expiry,",
"address senderWallet,",
"address signerToken,",
"uint256 signerAmount,",
"address senderToken,",
"uint256 senderAmount",
")"
)
);
bytes32 public constant DOMAIN_NAME = keccak256("SWAP_LIGHT");
bytes32 public constant DOMAIN_VERSION = keccak256("3");
uint256 public immutable DOMAIN_CHAIN_ID;
bytes32 public immutable DOMAIN_SEPARATOR;
mapping(address => mapping(uint256 => uint256)) internal _nonceGroups;
mapping(address => uint256) public override signerMinimumNonce;
constructor() public {
uint256 currentChainId = getChainId();
DOMAIN_CHAIN_ID = currentChainId;
DOMAIN_SEPARATOR = keccak256(
abi.encode(
DOMAIN_TYPEHASH,
DOMAIN_NAME,
DOMAIN_VERSION,
currentChainId,
this
)
);
}
function swap(
uint256 nonce,
uint256 expiry,
IERC20 signerToken,
uint256 signerAmount,
IERC20 senderToken,
uint256 senderAmount,
bytes calldata signature
) external override {
require(DOMAIN_CHAIN_ID == getChainId(), "CHAIN_ID_CHANGED");
require(expiry > block.timestamp, "EXPIRY_PASSED");
bytes32 hashed = _getHash(
nonce,
expiry,
signerToken,
signerAmount,
senderToken,
senderAmount
);
address signer = _getSigner(hashed, signature);
require(nonce >= signerMinimumNonce[signer], "NONCE_TOO_LOW");
require(_markNonceAsUsed(signer, nonce), "NONCE_ALREADY_USED");
senderToken.safeTransferFrom(msg.sender, signer, senderAmount);
signerToken.safeTransferFrom(signer, msg.sender, signerAmount);
emit Swap(
nonce,
block.timestamp,
signer,
msg.sender,
signerToken,
senderToken,
signerAmount,
senderAmount
);
}
function cancel(uint256[] calldata nonces) external override {
for (uint256 i = 0; i < nonces.length; i++) {
uint256 nonce = nonces[i];
if (_markNonceAsUsed(msg.sender, nonce)) {
emit Cancel(nonce, msg.sender);
}
}
}
function cancelUpTo(uint256 minimumNonce) external override {
signerMinimumNonce[msg.sender] = minimumNonce;
emit CancelUpTo(minimumNonce, msg.sender);
}
function nonceUsed(address signer, uint256 nonce)
public
override
view
returns (bool)
{
uint256 groupKey = nonce / 256;
uint256 indexInGroup = nonce % 256;
return (_nonceGroups[signer][groupKey] >> indexInGroup) & 1 == 1;
}
function getChainId() public pure returns (uint256 id) {
assembly {
id := chainid()
}
}
function _markNonceAsUsed(address signer, uint256 nonce)
internal
returns (bool)
{
uint256 groupKey = nonce / 256;
uint256 indexInGroup = nonce % 256;
uint256 group = _nonceGroups[signer][groupKey];
if ((group >> indexInGroup) & 1 == 1) {
return false;
}
_nonceGroups[signer][groupKey] = group | (uint256(1) << indexInGroup);
return true;
}
function _getHash(
uint256 nonce,
uint256 expiry,
IERC20 signerToken,
uint256 signerAmount,
IERC20 senderToken,
uint256 senderAmount
) internal view returns (bytes32) {
return
keccak256(
abi.encode(
ORDER_TYPEHASH,
nonce,
expiry,
msg.sender,
signerToken,
signerAmount,
senderToken,
senderAmount
)
);
}
function _getSigner(bytes32 orderHash, bytes calldata signature)
internal
view
returns (address)
{
bytes32 digest = keccak256(
abi.encodePacked("\x19\x01", DOMAIN_SEPARATOR, orderHash)
);
return digest.recover(signature);
}
}
