Last active
June 8, 2024 00:16
-
-
Save AE-0h/b87aae32f0c26a852c150565a91d8b3b to your computer and use it in GitHub Desktop.
Exorcist by Exorcist. Find it at https://www.cookbook.dev/contracts/Exorcist-Exorcist
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
██████ ██████ ██████ ██ ██ ██████ ██████ ██████ ██ ██ ██████ ███████ ██ ██ | |
██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ | |
██ ██ ██ ██ ██ █████ ██████ ██ ██ ██ ██ █████ ██ ██ █████ ██ ██ | |
██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ | |
██████ ██████ ██████ ██ ██ ██████ ██████ ██████ ██ ██ ██ ██████ ███████ ████ | |
Find any smart contract, and build your project faster: https://www.cookbook.dev | |
Twitter: https://twitter.com/cookbook_dev | |
Discord: https://discord.gg/WzsfPcfHrk | |
Find this contract on Cookbook: https://www.cookbook.dev/contracts/Exorcist-Exorcist/?utm=code | |
*/ | |
// SPDX-License-Identifier: MIT | |
pragma solidity ^0.8.4; | |
/// @notice Simple ERC20 + EIP-2612 implementation. | |
/// @author Solady (https://github.com/vectorized/solady/blob/main/src/tokens/ERC20.sol) | |
/// @author Modified from Solmate (https://github.com/transmissions11/solmate/blob/main/src/tokens/ERC20.sol) | |
/// @author Modified from OpenZeppelin (https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/ERC20.sol) | |
/// | |
/// @dev Note: | |
/// - The ERC20 standard allows minting and transferring to and from the zero address, | |
/// minting and transferring zero tokens, as well as self-approvals. | |
/// For performance, this implementation WILL NOT revert for such actions. | |
/// Please add any checks with overrides if desired. | |
/// - The `permit` function uses the ecrecover precompile (0x1). | |
/// | |
/// If you are overriding: | |
/// - NEVER violate the ERC20 invariant: | |
/// the total sum of all balances must be equal to `totalSupply()`. | |
/// - Check that the overridden function is actually used in the function you want to | |
/// change the behavior of. Much of the code has been manually inlined for performance. | |
abstract contract ERC20 { | |
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ | |
/* CUSTOM ERRORS */ | |
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ | |
/// @dev The total supply has overflowed. | |
error TotalSupplyOverflow(); | |
/// @dev The allowance has overflowed. | |
error AllowanceOverflow(); | |
/// @dev The allowance has underflowed. | |
error AllowanceUnderflow(); | |
/// @dev Insufficient balance. | |
error InsufficientBalance(); | |
/// @dev Insufficient allowance. | |
error InsufficientAllowance(); | |
/// @dev The permit is invalid. | |
error InvalidPermit(); | |
/// @dev The permit has expired. | |
error PermitExpired(); | |
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ | |
/* EVENTS */ | |
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ | |
/// @dev Emitted when `amount` tokens is transferred from `from` to `to`. | |
event Transfer(address indexed from, address indexed to, uint256 amount); | |
/// @dev Emitted when `amount` tokens is approved by `owner` to be used by `spender`. | |
event Approval(address indexed owner, address indexed spender, uint256 amount); | |
/// @dev `keccak256(bytes("Transfer(address,address,uint256)"))`. | |
uint256 private constant _TRANSFER_EVENT_SIGNATURE = | |
0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef; | |
/// @dev `keccak256(bytes("Approval(address,address,uint256)"))`. | |
uint256 private constant _APPROVAL_EVENT_SIGNATURE = | |
0x8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925; | |
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ | |
/* STORAGE */ | |
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ | |
/// @dev The storage slot for the total supply. | |
uint256 private constant _TOTAL_SUPPLY_SLOT = 0x05345cdf77eb68f44c; | |
/// @dev The balance slot of `owner` is given by: | |
/// ``` | |
/// mstore(0x0c, _BALANCE_SLOT_SEED) | |
/// mstore(0x00, owner) | |
/// let balanceSlot := keccak256(0x0c, 0x20) | |
/// ``` | |
uint256 private constant _BALANCE_SLOT_SEED = 0x87a211a2; | |
/// @dev The allowance slot of (`owner`, `spender`) is given by: | |
/// ``` | |
/// mstore(0x20, spender) | |
/// mstore(0x0c, _ALLOWANCE_SLOT_SEED) | |
/// mstore(0x00, owner) | |
/// let allowanceSlot := keccak256(0x0c, 0x34) | |
/// ``` | |
uint256 private constant _ALLOWANCE_SLOT_SEED = 0x7f5e9f20; | |
/// @dev The nonce slot of `owner` is given by: | |
/// ``` | |
/// mstore(0x0c, _NONCES_SLOT_SEED) | |
/// mstore(0x00, owner) | |
/// let nonceSlot := keccak256(0x0c, 0x20) | |
/// ``` | |
uint256 private constant _NONCES_SLOT_SEED = 0x38377508; | |
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ | |
/* CONSTANTS */ | |
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ | |
/// @dev `(_NONCES_SLOT_SEED << 16) | 0x1901`. | |
uint256 private constant _NONCES_SLOT_SEED_WITH_SIGNATURE_PREFIX = 0x383775081901; | |
/// @dev `keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)")`. | |
bytes32 private constant _DOMAIN_TYPEHASH = | |
0x8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f; | |
/// @dev `keccak256("1")`. | |
bytes32 private constant _VERSION_HASH = | |
0xc89efdaa54c0f20c7adf612882df0950f5a951637e0307cdcb4c672f298b8bc6; | |
/// @dev `keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)")`. | |
bytes32 private constant _PERMIT_TYPEHASH = | |
0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9; | |
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ | |
/* ERC20 METADATA */ | |
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ | |
/// @dev Returns the name of the token. | |
function name() public view virtual returns (string memory); | |
/// @dev Returns the symbol of the token. | |
function symbol() public view virtual returns (string memory); | |
/// @dev Returns the decimals places of the token. | |
function decimals() public view virtual returns (uint8) { | |
return 18; | |
} | |
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ | |
/* ERC20 */ | |
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ | |
/// @dev Returns the amount of tokens in existence. | |
function totalSupply() public view virtual returns (uint256 result) { | |
/// @solidity memory-safe-assembly | |
assembly { | |
result := sload(_TOTAL_SUPPLY_SLOT) | |
} | |
} | |
/// @dev Returns the amount of tokens owned by `owner`. | |
function balanceOf(address owner) public view virtual returns (uint256 result) { | |
/// @solidity memory-safe-assembly | |
assembly { | |
mstore(0x0c, _BALANCE_SLOT_SEED) | |
mstore(0x00, owner) | |
result := sload(keccak256(0x0c, 0x20)) | |
} | |
} | |
/// @dev Returns the amount of tokens that `spender` can spend on behalf of `owner`. | |
function allowance(address owner, address spender) | |
public | |
view | |
virtual | |
returns (uint256 result) | |
{ | |
/// @solidity memory-safe-assembly | |
assembly { | |
mstore(0x20, spender) | |
mstore(0x0c, _ALLOWANCE_SLOT_SEED) | |
mstore(0x00, owner) | |
result := sload(keccak256(0x0c, 0x34)) | |
} | |
} | |
/// @dev Sets `amount` as the allowance of `spender` over the caller's tokens. | |
/// | |
/// Emits a {Approval} event. | |
function approve(address spender, uint256 amount) public virtual returns (bool) { | |
/// @solidity memory-safe-assembly | |
assembly { | |
// Compute the allowance slot and store the amount. | |
mstore(0x20, spender) | |
mstore(0x0c, _ALLOWANCE_SLOT_SEED) | |
mstore(0x00, caller()) | |
sstore(keccak256(0x0c, 0x34), amount) | |
// Emit the {Approval} event. | |
mstore(0x00, amount) | |
log3(0x00, 0x20, _APPROVAL_EVENT_SIGNATURE, caller(), shr(96, mload(0x2c))) | |
} | |
return true; | |
} | |
/// @dev Transfer `amount` tokens from the caller to `to`. | |
/// | |
/// Requirements: | |
/// - `from` must at least have `amount`. | |
/// | |
/// Emits a {Transfer} event. | |
function transfer(address to, uint256 amount) public virtual returns (bool) { | |
_beforeTokenTransfer(msg.sender, to, amount); | |
/// @solidity memory-safe-assembly | |
assembly { | |
// Compute the balance slot and load its value. | |
mstore(0x0c, _BALANCE_SLOT_SEED) | |
mstore(0x00, caller()) | |
let fromBalanceSlot := keccak256(0x0c, 0x20) | |
let fromBalance := sload(fromBalanceSlot) | |
// Revert if insufficient balance. | |
if gt(amount, fromBalance) { | |
mstore(0x00, 0xf4d678b8) // `InsufficientBalance()`. | |
revert(0x1c, 0x04) | |
} | |
// Subtract and store the updated balance. | |
sstore(fromBalanceSlot, sub(fromBalance, amount)) | |
// Compute the balance slot of `to`. | |
mstore(0x00, to) | |
let toBalanceSlot := keccak256(0x0c, 0x20) | |
// Add and store the updated balance of `to`. | |
// Will not overflow because the sum of all user balances | |
// cannot exceed the maximum uint256 value. | |
sstore(toBalanceSlot, add(sload(toBalanceSlot), amount)) | |
// Emit the {Transfer} event. | |
mstore(0x20, amount) | |
log3(0x20, 0x20, _TRANSFER_EVENT_SIGNATURE, caller(), shr(96, mload(0x0c))) | |
} | |
_afterTokenTransfer(msg.sender, to, amount); | |
return true; | |
} | |
/// @dev Transfers `amount` tokens from `from` to `to`. | |
/// | |
/// Note: Does not update the allowance if it is the maximum uint256 value. | |
/// | |
/// Requirements: | |
/// - `from` must at least have `amount`. | |
/// - The caller must have at least `amount` of allowance to transfer the tokens of `from`. | |
/// | |
/// Emits a {Transfer} event. | |
function transferFrom(address from, address to, uint256 amount) public virtual returns (bool) { | |
_beforeTokenTransfer(from, to, amount); | |
/// @solidity memory-safe-assembly | |
assembly { | |
let from_ := shl(96, from) | |
// Compute the allowance slot and load its value. | |
mstore(0x20, caller()) | |
mstore(0x0c, or(from_, _ALLOWANCE_SLOT_SEED)) | |
let allowanceSlot := keccak256(0x0c, 0x34) | |
let allowance_ := sload(allowanceSlot) | |
// If the allowance is not the maximum uint256 value. | |
if add(allowance_, 1) { | |
// Revert if the amount to be transferred exceeds the allowance. | |
if gt(amount, allowance_) { | |
mstore(0x00, 0x13be252b) // `InsufficientAllowance()`. | |
revert(0x1c, 0x04) | |
} | |
// Subtract and store the updated allowance. | |
sstore(allowanceSlot, sub(allowance_, amount)) | |
} | |
// Compute the balance slot and load its value. | |
mstore(0x0c, or(from_, _BALANCE_SLOT_SEED)) | |
let fromBalanceSlot := keccak256(0x0c, 0x20) | |
let fromBalance := sload(fromBalanceSlot) | |
// Revert if insufficient balance. | |
if gt(amount, fromBalance) { | |
mstore(0x00, 0xf4d678b8) // `InsufficientBalance()`. | |
revert(0x1c, 0x04) | |
} | |
// Subtract and store the updated balance. | |
sstore(fromBalanceSlot, sub(fromBalance, amount)) | |
// Compute the balance slot of `to`. | |
mstore(0x00, to) | |
let toBalanceSlot := keccak256(0x0c, 0x20) | |
// Add and store the updated balance of `to`. | |
// Will not overflow because the sum of all user balances | |
// cannot exceed the maximum uint256 value. | |
sstore(toBalanceSlot, add(sload(toBalanceSlot), amount)) | |
// Emit the {Transfer} event. | |
mstore(0x20, amount) | |
log3(0x20, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, from_), shr(96, mload(0x0c))) | |
} | |
_afterTokenTransfer(from, to, amount); | |
return true; | |
} | |
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ | |
/* EIP-2612 */ | |
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ | |
/// @dev For more performance, override to return the constant value | |
/// of `keccak256(bytes(name()))` if `name()` will never change. | |
function _constantNameHash() internal view virtual returns (bytes32 result) {} | |
/// @dev Returns the current nonce for `owner`. | |
/// This value is used to compute the signature for EIP-2612 permit. | |
function nonces(address owner) public view virtual returns (uint256 result) { | |
/// @solidity memory-safe-assembly | |
assembly { | |
// Compute the nonce slot and load its value. | |
mstore(0x0c, _NONCES_SLOT_SEED) | |
mstore(0x00, owner) | |
result := sload(keccak256(0x0c, 0x20)) | |
} | |
} | |
/// @dev Sets `value` as the allowance of `spender` over the tokens of `owner`, | |
/// authorized by a signed approval by `owner`. | |
/// | |
/// Emits a {Approval} event. | |
function permit( | |
address owner, | |
address spender, | |
uint256 value, | |
uint256 deadline, | |
uint8 v, | |
bytes32 r, | |
bytes32 s | |
) public virtual { | |
bytes32 nameHash = _constantNameHash(); | |
// We simply calculate it on-the-fly to allow for cases where the `name` may change. | |
if (nameHash == bytes32(0)) nameHash = keccak256(bytes(name())); | |
/// @solidity memory-safe-assembly | |
assembly { | |
// Revert if the block timestamp is greater than `deadline`. | |
if gt(timestamp(), deadline) { | |
mstore(0x00, 0x1a15a3cc) // `PermitExpired()`. | |
revert(0x1c, 0x04) | |
} | |
let m := mload(0x40) // Grab the free memory pointer. | |
// Clean the upper 96 bits. | |
owner := shr(96, shl(96, owner)) | |
spender := shr(96, shl(96, spender)) | |
// Compute the nonce slot and load its value. | |
mstore(0x0e, _NONCES_SLOT_SEED_WITH_SIGNATURE_PREFIX) | |
mstore(0x00, owner) | |
let nonceSlot := keccak256(0x0c, 0x20) | |
let nonceValue := sload(nonceSlot) | |
// Prepare the domain separator. | |
mstore(m, _DOMAIN_TYPEHASH) | |
mstore(add(m, 0x20), nameHash) | |
mstore(add(m, 0x40), _VERSION_HASH) | |
mstore(add(m, 0x60), chainid()) | |
mstore(add(m, 0x80), address()) | |
mstore(0x2e, keccak256(m, 0xa0)) | |
// Prepare the struct hash. | |
mstore(m, _PERMIT_TYPEHASH) | |
mstore(add(m, 0x20), owner) | |
mstore(add(m, 0x40), spender) | |
mstore(add(m, 0x60), value) | |
mstore(add(m, 0x80), nonceValue) | |
mstore(add(m, 0xa0), deadline) | |
mstore(0x4e, keccak256(m, 0xc0)) | |
// Prepare the ecrecover calldata. | |
mstore(0x00, keccak256(0x2c, 0x42)) | |
mstore(0x20, and(0xff, v)) | |
mstore(0x40, r) | |
mstore(0x60, s) | |
let t := staticcall(gas(), 1, 0, 0x80, 0x20, 0x20) | |
// If the ecrecover fails, the returndatasize will be 0x00, | |
// `owner` will be checked if it equals the hash at 0x00, | |
// which evaluates to false (i.e. 0), and we will revert. | |
// If the ecrecover succeeds, the returndatasize will be 0x20, | |
// `owner` will be compared against the returned address at 0x20. | |
if iszero(eq(mload(returndatasize()), owner)) { | |
mstore(0x00, 0xddafbaef) // `InvalidPermit()`. | |
revert(0x1c, 0x04) | |
} | |
// Increment and store the updated nonce. | |
sstore(nonceSlot, add(nonceValue, t)) // `t` is 1 if ecrecover succeeds. | |
// Compute the allowance slot and store the value. | |
// The `owner` is already at slot 0x20. | |
mstore(0x40, or(shl(160, _ALLOWANCE_SLOT_SEED), spender)) | |
sstore(keccak256(0x2c, 0x34), value) | |
// Emit the {Approval} event. | |
log3(add(m, 0x60), 0x20, _APPROVAL_EVENT_SIGNATURE, owner, spender) | |
mstore(0x40, m) // Restore the free memory pointer. | |
mstore(0x60, 0) // Restore the zero pointer. | |
} | |
} | |
/// @dev Returns the EIP-712 domain separator for the EIP-2612 permit. | |
function DOMAIN_SEPARATOR() public view virtual returns (bytes32 result) { | |
bytes32 nameHash = _constantNameHash(); | |
// We simply calculate it on-the-fly to allow for cases where the `name` may change. | |
if (nameHash == bytes32(0)) nameHash = keccak256(bytes(name())); | |
/// @solidity memory-safe-assembly | |
assembly { | |
let m := mload(0x40) // Grab the free memory pointer. | |
mstore(m, _DOMAIN_TYPEHASH) | |
mstore(add(m, 0x20), nameHash) | |
mstore(add(m, 0x40), _VERSION_HASH) | |
mstore(add(m, 0x60), chainid()) | |
mstore(add(m, 0x80), address()) | |
result := keccak256(m, 0xa0) | |
} | |
} | |
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ | |
/* INTERNAL MINT FUNCTIONS */ | |
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ | |
/// @dev Mints `amount` tokens to `to`, increasing the total supply. | |
/// | |
/// Emits a {Transfer} event. | |
function _mint(address to, uint256 amount) internal virtual { | |
_beforeTokenTransfer(address(0), to, amount); | |
/// @solidity memory-safe-assembly | |
assembly { | |
let totalSupplyBefore := sload(_TOTAL_SUPPLY_SLOT) | |
let totalSupplyAfter := add(totalSupplyBefore, amount) | |
// Revert if the total supply overflows. | |
if lt(totalSupplyAfter, totalSupplyBefore) { | |
mstore(0x00, 0xe5cfe957) // `TotalSupplyOverflow()`. | |
revert(0x1c, 0x04) | |
} | |
// Store the updated total supply. | |
sstore(_TOTAL_SUPPLY_SLOT, totalSupplyAfter) | |
// Compute the balance slot and load its value. | |
mstore(0x0c, _BALANCE_SLOT_SEED) | |
mstore(0x00, to) | |
let toBalanceSlot := keccak256(0x0c, 0x20) | |
// Add and store the updated balance. | |
sstore(toBalanceSlot, add(sload(toBalanceSlot), amount)) | |
// Emit the {Transfer} event. | |
mstore(0x20, amount) | |
log3(0x20, 0x20, _TRANSFER_EVENT_SIGNATURE, 0, shr(96, mload(0x0c))) | |
} | |
_afterTokenTransfer(address(0), to, amount); | |
} | |
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ | |
/* INTERNAL BURN FUNCTIONS */ | |
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ | |
/// @dev Burns `amount` tokens from `from`, reducing the total supply. | |
/// | |
/// Emits a {Transfer} event. | |
function _burn(address from, uint256 amount) internal virtual { | |
_beforeTokenTransfer(from, address(0), amount); | |
/// @solidity memory-safe-assembly | |
assembly { | |
// Compute the balance slot and load its value. | |
mstore(0x0c, _BALANCE_SLOT_SEED) | |
mstore(0x00, from) | |
let fromBalanceSlot := keccak256(0x0c, 0x20) | |
let fromBalance := sload(fromBalanceSlot) | |
// Revert if insufficient balance. | |
if gt(amount, fromBalance) { | |
mstore(0x00, 0xf4d678b8) // `InsufficientBalance()`. | |
revert(0x1c, 0x04) | |
} | |
// Subtract and store the updated balance. | |
sstore(fromBalanceSlot, sub(fromBalance, amount)) | |
// Subtract and store the updated total supply. | |
sstore(_TOTAL_SUPPLY_SLOT, sub(sload(_TOTAL_SUPPLY_SLOT), amount)) | |
// Emit the {Transfer} event. | |
mstore(0x00, amount) | |
log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, shl(96, from)), 0) | |
} | |
_afterTokenTransfer(from, address(0), amount); | |
} | |
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ | |
/* INTERNAL TRANSFER FUNCTIONS */ | |
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ | |
/// @dev Moves `amount` of tokens from `from` to `to`. | |
function _transfer(address from, address to, uint256 amount) internal virtual { | |
_beforeTokenTransfer(from, to, amount); | |
/// @solidity memory-safe-assembly | |
assembly { | |
let from_ := shl(96, from) | |
// Compute the balance slot and load its value. | |
mstore(0x0c, or(from_, _BALANCE_SLOT_SEED)) | |
let fromBalanceSlot := keccak256(0x0c, 0x20) | |
let fromBalance := sload(fromBalanceSlot) | |
// Revert if insufficient balance. | |
if gt(amount, fromBalance) { | |
mstore(0x00, 0xf4d678b8) // `InsufficientBalance()`. | |
revert(0x1c, 0x04) | |
} | |
// Subtract and store the updated balance. | |
sstore(fromBalanceSlot, sub(fromBalance, amount)) | |
// Compute the balance slot of `to`. | |
mstore(0x00, to) | |
let toBalanceSlot := keccak256(0x0c, 0x20) | |
// Add and store the updated balance of `to`. | |
// Will not overflow because the sum of all user balances | |
// cannot exceed the maximum uint256 value. | |
sstore(toBalanceSlot, add(sload(toBalanceSlot), amount)) | |
// Emit the {Transfer} event. | |
mstore(0x20, amount) | |
log3(0x20, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, from_), shr(96, mload(0x0c))) | |
} | |
_afterTokenTransfer(from, to, amount); | |
} | |
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ | |
/* INTERNAL ALLOWANCE FUNCTIONS */ | |
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ | |
/// @dev Updates the allowance of `owner` for `spender` based on spent `amount`. | |
function _spendAllowance(address owner, address spender, uint256 amount) internal virtual { | |
/// @solidity memory-safe-assembly | |
assembly { | |
// Compute the allowance slot and load its value. | |
mstore(0x20, spender) | |
mstore(0x0c, _ALLOWANCE_SLOT_SEED) | |
mstore(0x00, owner) | |
let allowanceSlot := keccak256(0x0c, 0x34) | |
let allowance_ := sload(allowanceSlot) | |
// If the allowance is not the maximum uint256 value. | |
if add(allowance_, 1) { | |
// Revert if the amount to be transferred exceeds the allowance. | |
if gt(amount, allowance_) { | |
mstore(0x00, 0x13be252b) // `InsufficientAllowance()`. | |
revert(0x1c, 0x04) | |
} | |
// Subtract and store the updated allowance. | |
sstore(allowanceSlot, sub(allowance_, amount)) | |
} | |
} | |
} | |
/// @dev Sets `amount` as the allowance of `spender` over the tokens of `owner`. | |
/// | |
/// Emits a {Approval} event. | |
function _approve(address owner, address spender, uint256 amount) internal virtual { | |
/// @solidity memory-safe-assembly | |
assembly { | |
let owner_ := shl(96, owner) | |
// Compute the allowance slot and store the amount. | |
mstore(0x20, spender) | |
mstore(0x0c, or(owner_, _ALLOWANCE_SLOT_SEED)) | |
sstore(keccak256(0x0c, 0x34), amount) | |
// Emit the {Approval} event. | |
mstore(0x00, amount) | |
log3(0x00, 0x20, _APPROVAL_EVENT_SIGNATURE, shr(96, owner_), shr(96, mload(0x2c))) | |
} | |
} | |
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ | |
/* HOOKS TO OVERRIDE */ | |
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ | |
/// @dev Hook that is called before any transfer of tokens. | |
/// This includes minting and burning. | |
function _beforeTokenTransfer(address from, address to, uint256 amount) internal virtual {} | |
/// @dev Hook that is called after any transfer of tokens. | |
/// This includes minting and burning. | |
function _afterTokenTransfer(address from, address to, uint256 amount) internal virtual {} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
██████ ██████ ██████ ██ ██ ██████ ██████ ██████ ██ ██ ██████ ███████ ██ ██ | |
██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ | |
██ ██ ██ ██ ██ █████ ██████ ██ ██ ██ ██ █████ ██ ██ █████ ██ ██ | |
██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ | |
██████ ██████ ██████ ██ ██ ██████ ██████ ██████ ██ ██ ██ ██████ ███████ ████ | |
Find any smart contract, and build your project faster: https://www.cookbook.dev | |
Twitter: https://twitter.com/cookbook_dev | |
Discord: https://discord.gg/WzsfPcfHrk | |
Find this contract on Cookbook: https://www.cookbook.dev/contracts/Exorcist-Exorcist/?utm=code | |
*/ | |
// SPDX-License-Identifier: MIT | |
pragma solidity 0.8.x; | |
import {ERC20} from "./ERC20.sol"; | |
// Exorcises a soulbound token from it's bounded address, enables transferability | |
contract Exorcist is ERC20 { | |
uint256 private constant _BALANCE_SLOT_SEED = 0x87a211a2; | |
uint256 private constant _BALANCE_OF_FUNCTION_SELECTOR = 0x70a08231; | |
uint256 private constant _LegionBalanceOfCallReverted_ERROR_SIGNATURE = 0xe037a455; | |
ERC20 immutable LEGION_CONTRACT; | |
uint8 immutable LEGION_DECIMALS; | |
string LEGION_NAME; | |
string LEGION_SYMBOL; | |
mapping(address => uint256) lastSoulboundBalance; | |
error LegionBalanceOfCallReverted(); | |
constructor(address _legionAddress) { | |
ERC20 _legion = ERC20(_legionAddress); | |
LEGION_CONTRACT = _legion; | |
LEGION_DECIMALS = _legion.decimals(); | |
LEGION_NAME = string.concat("Exorcised-", _legion.name()); | |
LEGION_SYMBOL = string.concat("E-", _legion.symbol()); | |
} | |
/// @dev Returns the name of the token. | |
function name() public view override returns (string memory) { | |
return LEGION_NAME; | |
} | |
/// @dev Returns the symbol of the token. | |
function symbol() public view override returns (string memory) { | |
return LEGION_SYMBOL; | |
} | |
/// @dev Returns the decimals places of the token. | |
function decimals() public view override returns (uint8) { | |
return LEGION_DECIMALS; | |
} | |
/// @dev Returns the amount of tokens in existence. | |
function totalSupply() public view override returns (uint256) { | |
return LEGION_CONTRACT.totalSupply(); | |
} | |
/// @dev Returns the amount of tokens owned by `owner`. | |
function balanceOf(address _addr) public view override returns (uint256 result) { | |
(uint256 _exorcised,) = _getExorcisable(_addr); | |
unchecked { | |
result = super.balanceOf(_addr) + _exorcised; | |
} | |
} | |
/// @dev Hook that is called before any transfer of tokens. | |
/// This includes minting and burning. | |
function _beforeTokenTransfer(address _from, address _to, uint256) internal virtual override { | |
_exorcise(_from); | |
_exorcise(_to); | |
} | |
/// @dev tops up the user's current balance by the new soulbound tokens they acquired since last updated (if any) | |
function _exorcise(address _addr) internal virtual { | |
(uint256 _exorcised, bytes32 _addrLastSoulboundBalanceSlot) = _getExorcisable(_addr); | |
/// @solidity memory-safe-assembly | |
assembly { | |
if _exorcised { | |
// update last known soulbound balance | |
let _addrLastSoulboundBalance := sload(_addrLastSoulboundBalanceSlot) | |
sstore(_addrLastSoulboundBalanceSlot, add(_addrLastSoulboundBalance, _exorcised)) // unchecked add is safe because the result is a valid value from the legion contract | |
// update balance | |
let addr_ := shl(96, _addr) | |
mstore(0x0c, or(addr_, _BALANCE_SLOT_SEED)) | |
let addrBalanceSlot := keccak256(0x0c, 0x20) | |
sstore(addrBalanceSlot, _exorcised) | |
} | |
} | |
} | |
function _getExorcisable(address _addr) | |
private | |
view | |
returns (uint256 _exorcised, bytes32 _addrLastSoulboundBalanceSlot) | |
{ | |
ERC20 _legionContract = LEGION_CONTRACT; | |
/// @solidity memory-safe-assembly | |
assembly { | |
// get _addr's balanceOf | |
mstore(0x00, _BALANCE_OF_FUNCTION_SELECTOR) | |
mstore(0x20, _addr) | |
if iszero(staticcall(gas(), _legionContract, 0x1c, 0x24, 0x00, 0x20)) { | |
mstore(0x00, _LegionBalanceOfCallReverted_ERROR_SIGNATURE) | |
revert(0x1c, 0x04) | |
} | |
let _soulboundBalance := mload(0x00) | |
// get _addr's lastSoulboundBalance | |
mstore(0x00, _addr) | |
mstore(0x20, lastSoulboundBalance.slot) | |
_addrLastSoulboundBalanceSlot := keccak256(0x00, 0x40) | |
let _addrLastSoulboundBalance := sload(_addrLastSoulboundBalanceSlot) | |
if gt(_soulboundBalance, _addrLastSoulboundBalance) { | |
// assume it increased since last checked, soulbound tokens shouldn't decrease in balance | |
// unchecked sub, will wrap around to type(uint256).max if soulbound balance reduces (should not be possible) | |
_exorcised := sub(_soulboundBalance, _addrLastSoulboundBalance) | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment