-
-
Save andrecronje/a786fa7379e095cb0689b8d6909edf6a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// SPDX-License-Identifier: MIT | |
pragma solidity >=0.6.12; | |
pragma experimental ABIEncoderV2; | |
/** | |
* @dev Interface of the ERC165 standard, as defined in the | |
* https://eips.ethereum.org/EIPS/eip-165[EIP]. | |
* | |
* Implementers can declare support of contract interfaces, which can then be | |
* queried by others ({ERC165Checker}). | |
* | |
* For an implementation, see {ERC165}. | |
*/ | |
interface IERC165 { | |
/** | |
* @dev Returns true if this contract implements the interface defined by | |
* `interfaceId`. See the corresponding | |
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section] | |
* to learn more about how these ids are created. | |
* | |
* This function call must use less than 30 000 gas. | |
*/ | |
function supportsInterface(bytes4 interfaceId) external view returns (bool); | |
} | |
/** | |
* @dev Required interface of an ERC721 compliant contract. | |
*/ | |
interface IERC721 is IERC165 { | |
/** | |
* @dev Emitted when `tokenId` token is transferred from `from` to `to`. | |
*/ | |
event Transfer(address indexed from, address indexed to, uint256 indexed tokenId); | |
/** | |
* @dev Emitted when `owner` enables `approved` to manage the `tokenId` token. | |
*/ | |
event Approval(address indexed owner, address indexed approved, uint256 indexed tokenId); | |
/** | |
* @dev Emitted when `owner` enables or disables (`approved`) `operator` to manage all of its assets. | |
*/ | |
event ApprovalForAll(address indexed owner, address indexed operator, bool approved); | |
/** | |
* @dev Returns the number of tokens in ``owner``'s account. | |
*/ | |
function balanceOf(address owner) external view returns (uint256 balance); | |
/** | |
* @dev Returns the owner of the `tokenId` token. | |
* | |
* Requirements: | |
* | |
* - `tokenId` must exist. | |
*/ | |
function ownerOf(uint256 tokenId) external view returns (address owner); | |
/** | |
* @dev Safely transfers `tokenId` token from `from` to `to`, checking first that contract recipients | |
* are aware of the ERC721 protocol to prevent tokens from being forever locked. | |
* | |
* Requirements: | |
* | |
* - `from` cannot be the zero address. | |
* - `to` cannot be the zero address. | |
* - `tokenId` token must exist and be owned by `from`. | |
* - If the caller is not `from`, it must be have been allowed to move this token by either {approve} or {setApprovalForAll}. | |
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer. | |
* | |
* Emits a {Transfer} event. | |
*/ | |
function safeTransferFrom(address from, address to, uint256 tokenId) external; | |
/** | |
* @dev Transfers `tokenId` token from `from` to `to`. | |
* | |
* WARNING: Usage of this method is discouraged, use {safeTransferFrom} whenever possible. | |
* | |
* Requirements: | |
* | |
* - `from` cannot be the zero address. | |
* - `to` cannot be the zero address. | |
* - `tokenId` token must be owned by `from`. | |
* - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}. | |
* | |
* Emits a {Transfer} event. | |
*/ | |
function transferFrom(address from, address to, uint256 tokenId) external; | |
/** | |
* @dev Gives permission to `to` to transfer `tokenId` token to another account. | |
* The approval is cleared when the token is transferred. | |
* | |
* Only a single account can be approved at a time, so approving the zero address clears previous approvals. | |
* | |
* Requirements: | |
* | |
* - The caller must own the token or be an approved operator. | |
* - `tokenId` must exist. | |
* | |
* Emits an {Approval} event. | |
*/ | |
function approve(address to, uint256 tokenId) external; | |
/** | |
* @dev Returns the account approved for `tokenId` token. | |
* | |
* Requirements: | |
* | |
* - `tokenId` must exist. | |
*/ | |
function getApproved(uint256 tokenId) external view returns (address operator); | |
/** | |
* @dev Approve or remove `operator` as an operator for the caller. | |
* Operators can call {transferFrom} or {safeTransferFrom} for any token owned by the caller. | |
* | |
* Requirements: | |
* | |
* - The `operator` cannot be the caller. | |
* | |
* Emits an {ApprovalForAll} event. | |
*/ | |
function setApprovalForAll(address operator, bool _approved) external; | |
/** | |
* @dev Returns if the `operator` is allowed to manage all of the assets of `owner`. | |
* | |
* See {setApprovalForAll} | |
*/ | |
function isApprovedForAll(address owner, address operator) external view returns (bool); | |
/** | |
* @dev Safely transfers `tokenId` token from `from` to `to`. | |
* | |
* Requirements: | |
* | |
* - `from` cannot be the zero address. | |
* - `to` cannot be the zero address. | |
* - `tokenId` token must exist and be owned by `from`. | |
* - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}. | |
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer. | |
* | |
* Emits a {Transfer} event. | |
*/ | |
function safeTransferFrom(address from, address to, uint256 tokenId, bytes calldata data) external; | |
} | |
/** | |
* @title ERC-721 Non-Fungible Token Standard, optional metadata extension | |
* @dev See https://eips.ethereum.org/EIPS/eip-721 | |
*/ | |
interface IERC721Metadata is IERC721 { | |
/** | |
* @dev Returns the token collection name. | |
*/ | |
function name() external view returns (string memory); | |
/** | |
* @dev Returns the token collection symbol. | |
*/ | |
function symbol() external view returns (string memory); | |
/** | |
* @dev Returns the Uniform Resource Identifier (URI) for `tokenId` token. | |
*/ | |
function tokenURI(uint256 tokenId) external view returns (string memory); | |
} | |
/** | |
* @title ERC-721 Non-Fungible Token Standard, optional enumeration extension | |
* @dev See https://eips.ethereum.org/EIPS/eip-721 | |
*/ | |
interface IERC721Enumerable is IERC721 { | |
/** | |
* @dev Returns the total amount of tokens stored by the contract. | |
*/ | |
function totalSupply() external view returns (uint256); | |
/** | |
* @dev Returns a token ID owned by `owner` at a given `index` of its token list. | |
* Use along with {balanceOf} to enumerate all of ``owner``'s tokens. | |
*/ | |
function tokenOfOwnerByIndex(address owner, uint256 index) external view returns (uint256 tokenId); | |
/** | |
* @dev Returns a token ID at a given `index` of all the tokens stored by the contract. | |
* Use along with {totalSupply} to enumerate all tokens. | |
*/ | |
function tokenByIndex(uint256 index) external view returns (uint256); | |
} | |
/** | |
* @title ERC721 token receiver interface | |
* @dev Interface for any contract that wants to support safeTransfers | |
* from ERC721 asset contracts. | |
*/ | |
interface IERC721Receiver { | |
/** | |
* @dev Whenever an {IERC721} `tokenId` token is transferred to this contract via {IERC721-safeTransferFrom} | |
* by `operator` from `from`, this function is called. | |
* | |
* It must return its Solidity selector to confirm the token transfer. | |
* If any other value is returned or the interface is not implemented by the recipient, the transfer will be reverted. | |
* | |
* The selector can be obtained in Solidity with `IERC721.onERC721Received.selector`. | |
*/ | |
function onERC721Received(address operator, address from, uint256 tokenId, bytes calldata data) | |
external returns (bytes4); | |
} | |
/** | |
* @dev Implementation of the {IERC165} interface. | |
* | |
* Contracts may inherit from this and call {_registerInterface} to declare | |
* their support of an interface. | |
*/ | |
contract ERC165 is IERC165 { | |
/* | |
* bytes4(keccak256('supportsInterface(bytes4)')) == 0x01ffc9a7 | |
*/ | |
bytes4 private constant _INTERFACE_ID_ERC165 = 0x01ffc9a7; | |
/** | |
* @dev Mapping of interface ids to whether or not it's supported. | |
*/ | |
mapping(bytes4 => bool) private _supportedInterfaces; | |
constructor () internal { | |
// Derived contracts need only register support for their own interfaces, | |
// we register support for ERC165 itself here | |
_registerInterface(_INTERFACE_ID_ERC165); | |
} | |
/** | |
* @dev See {IERC165-supportsInterface}. | |
* | |
* Time complexity O(1), guaranteed to always use less than 30 000 gas. | |
*/ | |
function supportsInterface(bytes4 interfaceId) public view override returns (bool) { | |
return _supportedInterfaces[interfaceId]; | |
} | |
/** | |
* @dev Registers the contract as an implementer of the interface defined by | |
* `interfaceId`. Support of the actual ERC165 interface is automatic and | |
* registering its interface id is not required. | |
* | |
* See {IERC165-supportsInterface}. | |
* | |
* Requirements: | |
* | |
* - `interfaceId` cannot be the ERC165 invalid interface (`0xffffffff`). | |
*/ | |
function _registerInterface(bytes4 interfaceId) internal virtual { | |
require(interfaceId != 0xffffffff, "ERC165: invalid interface id"); | |
_supportedInterfaces[interfaceId] = true; | |
} | |
} | |
/** | |
* @dev Wrappers over Solidity's arithmetic operations with added overflow | |
* checks. | |
* | |
* Arithmetic operations in Solidity wrap on overflow. This can easily result | |
* in bugs, because programmers usually assume that an overflow raises an | |
* error, which is the standard behavior in high level programming languages. | |
* `SafeMath` restores this intuition by reverting the transaction when an | |
* operation overflows. | |
* | |
* Using this library instead of the unchecked operations eliminates an entire | |
* class of bugs, so it's recommended to use it always. | |
*/ | |
library SafeMath { | |
/** | |
* @dev Returns the addition of two unsigned integers, reverting on | |
* overflow. | |
* | |
* Counterpart to Solidity's `+` operator. | |
* | |
* Requirements: | |
* | |
* - Addition cannot overflow. | |
*/ | |
function add(uint256 a, uint256 b) internal pure returns (uint256) { | |
uint256 c = a + b; | |
require(c >= a, "SafeMath: addition overflow"); | |
return c; | |
} | |
/** | |
* @dev Returns the subtraction of two unsigned integers, reverting on | |
* overflow (when the result is negative). | |
* | |
* Counterpart to Solidity's `-` operator. | |
* | |
* Requirements: | |
* | |
* - Subtraction cannot overflow. | |
*/ | |
function sub(uint256 a, uint256 b) internal pure returns (uint256) { | |
return sub(a, b, "SafeMath: subtraction overflow"); | |
} | |
/** | |
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on | |
* overflow (when the result is negative). | |
* | |
* Counterpart to Solidity's `-` operator. | |
* | |
* Requirements: | |
* | |
* - Subtraction cannot overflow. | |
*/ | |
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) { | |
require(b <= a, errorMessage); | |
uint256 c = a - b; | |
return c; | |
} | |
/** | |
* @dev Returns the multiplication of two unsigned integers, reverting on | |
* overflow. | |
* | |
* Counterpart to Solidity's `*` operator. | |
* | |
* Requirements: | |
* | |
* - Multiplication cannot overflow. | |
*/ | |
function mul(uint256 a, uint256 b) internal pure returns (uint256) { | |
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the | |
// benefit is lost if 'b' is also tested. | |
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522 | |
if (a == 0) { | |
return 0; | |
} | |
uint256 c = a * b; | |
require(c / a == b, "SafeMath: multiplication overflow"); | |
return c; | |
} | |
/** | |
* @dev Returns the integer division of two unsigned integers. Reverts on | |
* division by zero. The result is rounded towards zero. | |
* | |
* Counterpart to Solidity's `/` operator. Note: this function uses a | |
* `revert` opcode (which leaves remaining gas untouched) while Solidity | |
* uses an invalid opcode to revert (consuming all remaining gas). | |
* | |
* Requirements: | |
* | |
* - The divisor cannot be zero. | |
*/ | |
function div(uint256 a, uint256 b) internal pure returns (uint256) { | |
return div(a, b, "SafeMath: division by zero"); | |
} | |
/** | |
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on | |
* division by zero. The result is rounded towards zero. | |
* | |
* Counterpart to Solidity's `/` operator. Note: this function uses a | |
* `revert` opcode (which leaves remaining gas untouched) while Solidity | |
* uses an invalid opcode to revert (consuming all remaining gas). | |
* | |
* Requirements: | |
* | |
* - The divisor cannot be zero. | |
*/ | |
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) { | |
require(b > 0, errorMessage); | |
uint256 c = a / b; | |
// assert(a == b * c + a % b); // There is no case in which this doesn't hold | |
return c; | |
} | |
/** | |
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo), | |
* Reverts when dividing by zero. | |
* | |
* Counterpart to Solidity's `%` operator. This function uses a `revert` | |
* opcode (which leaves remaining gas untouched) while Solidity uses an | |
* invalid opcode to revert (consuming all remaining gas). | |
* | |
* Requirements: | |
* | |
* - The divisor cannot be zero. | |
*/ | |
function mod(uint256 a, uint256 b) internal pure returns (uint256) { | |
return mod(a, b, "SafeMath: modulo by zero"); | |
} | |
/** | |
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo), | |
* Reverts with custom message when dividing by zero. | |
* | |
* Counterpart to Solidity's `%` operator. This function uses a `revert` | |
* opcode (which leaves remaining gas untouched) while Solidity uses an | |
* invalid opcode to revert (consuming all remaining gas). | |
* | |
* Requirements: | |
* | |
* - The divisor cannot be zero. | |
*/ | |
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) { | |
require(b != 0, errorMessage); | |
return a % b; | |
} | |
} | |
/** | |
* @dev Collection of functions related to the address type | |
*/ | |
library Address { | |
/** | |
* @dev Returns true if `account` is a contract. | |
* | |
* [IMPORTANT] | |
* ==== | |
* It is unsafe to assume that an address for which this function returns | |
* false is an externally-owned account (EOA) and not a contract. | |
* | |
* Among others, `isContract` will return false for the following | |
* types of addresses: | |
* | |
* - an externally-owned account | |
* - a contract in construction | |
* - an address where a contract will be created | |
* - an address where a contract lived, but was destroyed | |
* ==== | |
*/ | |
function isContract(address account) internal view returns (bool) { | |
// This method relies in extcodesize, which returns 0 for contracts in | |
// construction, since the code is only stored at the end of the | |
// constructor execution. | |
uint256 size; | |
// solhint-disable-next-line no-inline-assembly | |
assembly { size := extcodesize(account) } | |
return size > 0; | |
} | |
/** | |
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to | |
* `recipient`, forwarding all available gas and reverting on errors. | |
* | |
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost | |
* of certain opcodes, possibly making contracts go over the 2300 gas limit | |
* imposed by `transfer`, making them unable to receive funds via | |
* `transfer`. {sendValue} removes this limitation. | |
* | |
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more]. | |
* | |
* IMPORTANT: because control is transferred to `recipient`, care must be | |
* taken to not create reentrancy vulnerabilities. Consider using | |
* {ReentrancyGuard} or the | |
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern]. | |
*/ | |
function sendValue(address payable recipient, uint256 amount) internal { | |
require(address(this).balance >= amount, "Address: insufficient balance"); | |
// solhint-disable-next-line avoid-low-level-calls, avoid-call-value | |
(bool success, ) = recipient.call{ value: amount }(""); | |
require(success, "Address: unable to send value, recipient may have reverted"); | |
} | |
/** | |
* @dev Performs a Solidity function call using a low level `call`. A | |
* plain`call` is an unsafe replacement for a function call: use this | |
* function instead. | |
* | |
* If `target` reverts with a revert reason, it is bubbled up by this | |
* function (like regular Solidity function calls). | |
* | |
* Returns the raw returned data. To convert to the expected return value, | |
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`]. | |
* | |
* Requirements: | |
* | |
* - `target` must be a contract. | |
* - calling `target` with `data` must not revert. | |
* | |
* _Available since v3.1._ | |
*/ | |
function functionCall(address target, bytes memory data) internal returns (bytes memory) { | |
return functionCall(target, data, "Address: low-level call failed"); | |
} | |
/** | |
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with | |
* `errorMessage` as a fallback revert reason when `target` reverts. | |
* | |
* _Available since v3.1._ | |
*/ | |
function functionCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) { | |
return _functionCallWithValue(target, data, 0, errorMessage); | |
} | |
/** | |
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], | |
* but also transferring `value` wei to `target`. | |
* | |
* Requirements: | |
* | |
* - the calling contract must have an ETH balance of at least `value`. | |
* - the called Solidity function must be `payable`. | |
* | |
* _Available since v3.1._ | |
*/ | |
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) { | |
return functionCallWithValue(target, data, value, "Address: low-level call with value failed"); | |
} | |
/** | |
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but | |
* with `errorMessage` as a fallback revert reason when `target` reverts. | |
* | |
* _Available since v3.1._ | |
*/ | |
function functionCallWithValue(address target, bytes memory data, uint256 value, string memory errorMessage) internal returns (bytes memory) { | |
require(address(this).balance >= value, "Address: insufficient balance for call"); | |
return _functionCallWithValue(target, data, value, errorMessage); | |
} | |
function _functionCallWithValue(address target, bytes memory data, uint256 weiValue, string memory errorMessage) private returns (bytes memory) { | |
require(isContract(target), "Address: call to non-contract"); | |
// solhint-disable-next-line avoid-low-level-calls | |
(bool success, bytes memory returndata) = target.call{ value: weiValue }(data); | |
if (success) { | |
return returndata; | |
} else { | |
// Look for revert reason and bubble it up if present | |
if (returndata.length > 0) { | |
// The easiest way to bubble the revert reason is using memory via assembly | |
// solhint-disable-next-line no-inline-assembly | |
assembly { | |
let returndata_size := mload(returndata) | |
revert(add(32, returndata), returndata_size) | |
} | |
} else { | |
revert(errorMessage); | |
} | |
} | |
} | |
} | |
/** | |
* @dev Library for managing | |
* https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive | |
* types. | |
* | |
* Sets have the following properties: | |
* | |
* - Elements are added, removed, and checked for existence in constant time | |
* (O(1)). | |
* - Elements are enumerated in O(n). No guarantees are made on the ordering. | |
* | |
* ``` | |
* contract Example { | |
* // Add the library methods | |
* using EnumerableSet for EnumerableSet.AddressSet; | |
* | |
* // Declare a set state variable | |
* EnumerableSet.AddressSet private mySet; | |
* } | |
* ``` | |
* | |
* As of v3.0.0, only sets of type `address` (`AddressSet`) and `uint256` | |
* (`UintSet`) are supported. | |
*/ | |
library EnumerableSet { | |
// To implement this library for multiple types with as little code | |
// repetition as possible, we write it in terms of a generic Set type with | |
// bytes32 values. | |
// The Set implementation uses private functions, and user-facing | |
// implementations (such as AddressSet) are just wrappers around the | |
// underlying Set. | |
// This means that we can only create new EnumerableSets for types that fit | |
// in bytes32. | |
struct Set { | |
// Storage of set values | |
bytes32[] _values; | |
// Position of the value in the `values` array, plus 1 because index 0 | |
// means a value is not in the set. | |
mapping (bytes32 => uint256) _indexes; | |
} | |
/** | |
* @dev Add a value to a set. O(1). | |
* | |
* Returns true if the value was added to the set, that is if it was not | |
* already present. | |
*/ | |
function _add(Set storage set, bytes32 value) private returns (bool) { | |
if (!_contains(set, value)) { | |
set._values.push(value); | |
// The value is stored at length-1, but we add 1 to all indexes | |
// and use 0 as a sentinel value | |
set._indexes[value] = set._values.length; | |
return true; | |
} else { | |
return false; | |
} | |
} | |
/** | |
* @dev Removes a value from a set. O(1). | |
* | |
* Returns true if the value was removed from the set, that is if it was | |
* present. | |
*/ | |
function _remove(Set storage set, bytes32 value) private returns (bool) { | |
// We read and store the value's index to prevent multiple reads from the same storage slot | |
uint256 valueIndex = set._indexes[value]; | |
if (valueIndex != 0) { // Equivalent to contains(set, value) | |
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in | |
// the array, and then remove the last element (sometimes called as 'swap and pop'). | |
// This modifies the order of the array, as noted in {at}. | |
uint256 toDeleteIndex = valueIndex - 1; | |
uint256 lastIndex = set._values.length - 1; | |
// When the value to delete is the last one, the swap operation is unnecessary. However, since this occurs | |
// so rarely, we still do the swap anyway to avoid the gas cost of adding an 'if' statement. | |
bytes32 lastvalue = set._values[lastIndex]; | |
// Move the last value to the index where the value to delete is | |
set._values[toDeleteIndex] = lastvalue; | |
// Update the index for the moved value | |
set._indexes[lastvalue] = toDeleteIndex + 1; // All indexes are 1-based | |
// Delete the slot where the moved value was stored | |
set._values.pop(); | |
// Delete the index for the deleted slot | |
delete set._indexes[value]; | |
return true; | |
} else { | |
return false; | |
} | |
} | |
/** | |
* @dev Returns true if the value is in the set. O(1). | |
*/ | |
function _contains(Set storage set, bytes32 value) private view returns (bool) { | |
return set._indexes[value] != 0; | |
} | |
/** | |
* @dev Returns the number of values on the set. O(1). | |
*/ | |
function _length(Set storage set) private view returns (uint256) { | |
return set._values.length; | |
} | |
/** | |
* @dev Returns the value stored at position `index` in the set. O(1). | |
* | |
* Note that there are no guarantees on the ordering of values inside the | |
* array, and it may change when more values are added or removed. | |
* | |
* Requirements: | |
* | |
* - `index` must be strictly less than {length}. | |
*/ | |
function _at(Set storage set, uint256 index) private view returns (bytes32) { | |
require(set._values.length > index, "EnumerableSet: index out of bounds"); | |
return set._values[index]; | |
} | |
// AddressSet | |
struct AddressSet { | |
Set _inner; | |
} | |
/** | |
* @dev Add a value to a set. O(1). | |
* | |
* Returns true if the value was added to the set, that is if it was not | |
* already present. | |
*/ | |
function add(AddressSet storage set, address value) internal returns (bool) { | |
return _add(set._inner, bytes32(uint256(value))); | |
} | |
/** | |
* @dev Removes a value from a set. O(1). | |
* | |
* Returns true if the value was removed from the set, that is if it was | |
* present. | |
*/ | |
function remove(AddressSet storage set, address value) internal returns (bool) { | |
return _remove(set._inner, bytes32(uint256(value))); | |
} | |
/** | |
* @dev Returns true if the value is in the set. O(1). | |
*/ | |
function contains(AddressSet storage set, address value) internal view returns (bool) { | |
return _contains(set._inner, bytes32(uint256(value))); | |
} | |
/** | |
* @dev Returns the number of values in the set. O(1). | |
*/ | |
function length(AddressSet storage set) internal view returns (uint256) { | |
return _length(set._inner); | |
} | |
/** | |
* @dev Returns the value stored at position `index` in the set. O(1). | |
* | |
* Note that there are no guarantees on the ordering of values inside the | |
* array, and it may change when more values are added or removed. | |
* | |
* Requirements: | |
* | |
* - `index` must be strictly less than {length}. | |
*/ | |
function at(AddressSet storage set, uint256 index) internal view returns (address) { | |
return address(uint256(_at(set._inner, index))); | |
} | |
// UintSet | |
struct UintSet { | |
Set _inner; | |
} | |
/** | |
* @dev Add a value to a set. O(1). | |
* | |
* Returns true if the value was added to the set, that is if it was not | |
* already present. | |
*/ | |
function add(UintSet storage set, uint256 value) internal returns (bool) { | |
return _add(set._inner, bytes32(value)); | |
} | |
/** | |
* @dev Removes a value from a set. O(1). | |
* | |
* Returns true if the value was removed from the set, that is if it was | |
* present. | |
*/ | |
function remove(UintSet storage set, uint256 value) internal returns (bool) { | |
return _remove(set._inner, bytes32(value)); | |
} | |
/** | |
* @dev Returns true if the value is in the set. O(1). | |
*/ | |
function contains(UintSet storage set, uint256 value) internal view returns (bool) { | |
return _contains(set._inner, bytes32(value)); | |
} | |
/** | |
* @dev Returns the number of values on the set. O(1). | |
*/ | |
function length(UintSet storage set) internal view returns (uint256) { | |
return _length(set._inner); | |
} | |
/** | |
* @dev Returns the value stored at position `index` in the set. O(1). | |
* | |
* Note that there are no guarantees on the ordering of values inside the | |
* array, and it may change when more values are added or removed. | |
* | |
* Requirements: | |
* | |
* - `index` must be strictly less than {length}. | |
*/ | |
function at(UintSet storage set, uint256 index) internal view returns (uint256) { | |
return uint256(_at(set._inner, index)); | |
} | |
} | |
/** | |
* @dev Library for managing an enumerable variant of Solidity's | |
* https://solidity.readthedocs.io/en/latest/types.html#mapping-types[`mapping`] | |
* type. | |
* | |
* Maps have the following properties: | |
* | |
* - Entries are added, removed, and checked for existence in constant time | |
* (O(1)). | |
* - Entries are enumerated in O(n). No guarantees are made on the ordering. | |
* | |
* ``` | |
* contract Example { | |
* // Add the library methods | |
* using EnumerableMap for EnumerableMap.UintToAddressMap; | |
* | |
* // Declare a set state variable | |
* EnumerableMap.UintToAddressMap private myMap; | |
* } | |
* ``` | |
* | |
* As of v3.0.0, only maps of type `uint256 -> address` (`UintToAddressMap`) are | |
* supported. | |
*/ | |
library EnumerableMap { | |
// To implement this library for multiple types with as little code | |
// repetition as possible, we write it in terms of a generic Map type with | |
// bytes32 keys and values. | |
// The Map implementation uses private functions, and user-facing | |
// implementations (such as Uint256ToAddressMap) are just wrappers around | |
// the underlying Map. | |
// This means that we can only create new EnumerableMaps for types that fit | |
// in bytes32. | |
struct MapEntry { | |
bytes32 _key; | |
bytes32 _value; | |
} | |
struct Map { | |
// Storage of map keys and values | |
MapEntry[] _entries; | |
// Position of the entry defined by a key in the `entries` array, plus 1 | |
// because index 0 means a key is not in the map. | |
mapping (bytes32 => uint256) _indexes; | |
} | |
/** | |
* @dev Adds a key-value pair to a map, or updates the value for an existing | |
* key. O(1). | |
* | |
* Returns true if the key was added to the map, that is if it was not | |
* already present. | |
*/ | |
function _set(Map storage map, bytes32 key, bytes32 value) private returns (bool) { | |
// We read and store the key's index to prevent multiple reads from the same storage slot | |
uint256 keyIndex = map._indexes[key]; | |
if (keyIndex == 0) { // Equivalent to !contains(map, key) | |
map._entries.push(MapEntry({ _key: key, _value: value })); | |
// The entry is stored at length-1, but we add 1 to all indexes | |
// and use 0 as a sentinel value | |
map._indexes[key] = map._entries.length; | |
return true; | |
} else { | |
map._entries[keyIndex - 1]._value = value; | |
return false; | |
} | |
} | |
/** | |
* @dev Removes a key-value pair from a map. O(1). | |
* | |
* Returns true if the key was removed from the map, that is if it was present. | |
*/ | |
function _remove(Map storage map, bytes32 key) private returns (bool) { | |
// We read and store the key's index to prevent multiple reads from the same storage slot | |
uint256 keyIndex = map._indexes[key]; | |
if (keyIndex != 0) { // Equivalent to contains(map, key) | |
// To delete a key-value pair from the _entries array in O(1), we swap the entry to delete with the last one | |
// in the array, and then remove the last entry (sometimes called as 'swap and pop'). | |
// This modifies the order of the array, as noted in {at}. | |
uint256 toDeleteIndex = keyIndex - 1; | |
uint256 lastIndex = map._entries.length - 1; | |
// When the entry to delete is the last one, the swap operation is unnecessary. However, since this occurs | |
// so rarely, we still do the swap anyway to avoid the gas cost of adding an 'if' statement. | |
MapEntry storage lastEntry = map._entries[lastIndex]; | |
// Move the last entry to the index where the entry to delete is | |
map._entries[toDeleteIndex] = lastEntry; | |
// Update the index for the moved entry | |
map._indexes[lastEntry._key] = toDeleteIndex + 1; // All indexes are 1-based | |
// Delete the slot where the moved entry was stored | |
map._entries.pop(); | |
// Delete the index for the deleted slot | |
delete map._indexes[key]; | |
return true; | |
} else { | |
return false; | |
} | |
} | |
/** | |
* @dev Returns true if the key is in the map. O(1). | |
*/ | |
function _contains(Map storage map, bytes32 key) private view returns (bool) { | |
return map._indexes[key] != 0; | |
} | |
/** | |
* @dev Returns the number of key-value pairs in the map. O(1). | |
*/ | |
function _length(Map storage map) private view returns (uint256) { | |
return map._entries.length; | |
} | |
/** | |
* @dev Returns the key-value pair stored at position `index` in the map. O(1). | |
* | |
* Note that there are no guarantees on the ordering of entries inside the | |
* array, and it may change when more entries are added or removed. | |
* | |
* Requirements: | |
* | |
* - `index` must be strictly less than {length}. | |
*/ | |
function _at(Map storage map, uint256 index) private view returns (bytes32, bytes32) { | |
require(map._entries.length > index, "EnumerableMap: index out of bounds"); | |
MapEntry storage entry = map._entries[index]; | |
return (entry._key, entry._value); | |
} | |
/** | |
* @dev Returns the value associated with `key`. O(1). | |
* | |
* Requirements: | |
* | |
* - `key` must be in the map. | |
*/ | |
function _get(Map storage map, bytes32 key) private view returns (bytes32) { | |
return _get(map, key, "EnumerableMap: nonexistent key"); | |
} | |
/** | |
* @dev Same as {_get}, with a custom error message when `key` is not in the map. | |
*/ | |
function _get(Map storage map, bytes32 key, string memory errorMessage) private view returns (bytes32) { | |
uint256 keyIndex = map._indexes[key]; | |
require(keyIndex != 0, errorMessage); // Equivalent to contains(map, key) | |
return map._entries[keyIndex - 1]._value; // All indexes are 1-based | |
} | |
// UintToAddressMap | |
struct UintToAddressMap { | |
Map _inner; | |
} | |
/** | |
* @dev Adds a key-value pair to a map, or updates the value for an existing | |
* key. O(1). | |
* | |
* Returns true if the key was added to the map, that is if it was not | |
* already present. | |
*/ | |
function set(UintToAddressMap storage map, uint256 key, address value) internal returns (bool) { | |
return _set(map._inner, bytes32(key), bytes32(uint256(value))); | |
} | |
/** | |
* @dev Removes a value from a set. O(1). | |
* | |
* Returns true if the key was removed from the map, that is if it was present. | |
*/ | |
function remove(UintToAddressMap storage map, uint256 key) internal returns (bool) { | |
return _remove(map._inner, bytes32(key)); | |
} | |
/** | |
* @dev Returns true if the key is in the map. O(1). | |
*/ | |
function contains(UintToAddressMap storage map, uint256 key) internal view returns (bool) { | |
return _contains(map._inner, bytes32(key)); | |
} | |
/** | |
* @dev Returns the number of elements in the map. O(1). | |
*/ | |
function length(UintToAddressMap storage map) internal view returns (uint256) { | |
return _length(map._inner); | |
} | |
/** | |
* @dev Returns the element stored at position `index` in the set. O(1). | |
* Note that there are no guarantees on the ordering of values inside the | |
* array, and it may change when more values are added or removed. | |
* | |
* Requirements: | |
* | |
* - `index` must be strictly less than {length}. | |
*/ | |
function at(UintToAddressMap storage map, uint256 index) internal view returns (uint256, address) { | |
(bytes32 key, bytes32 value) = _at(map._inner, index); | |
return (uint256(key), address(uint256(value))); | |
} | |
/** | |
* @dev Returns the value associated with `key`. O(1). | |
* | |
* Requirements: | |
* | |
* - `key` must be in the map. | |
*/ | |
function get(UintToAddressMap storage map, uint256 key) internal view returns (address) { | |
return address(uint256(_get(map._inner, bytes32(key)))); | |
} | |
/** | |
* @dev Same as {get}, with a custom error message when `key` is not in the map. | |
*/ | |
function get(UintToAddressMap storage map, uint256 key, string memory errorMessage) internal view returns (address) { | |
return address(uint256(_get(map._inner, bytes32(key), errorMessage))); | |
} | |
} | |
/** | |
* @dev String operations. | |
*/ | |
library Strings { | |
/** | |
* @dev Converts a `uint256` to its ASCII `string` representation. | |
*/ | |
function toString(uint256 value) internal pure returns (string memory) { | |
// Inspired by OraclizeAPI's implementation - MIT licence | |
// https://github.com/oraclize/ethereum-api/blob/b42146b063c7d6ee1358846c198246239e9360e8/oraclizeAPI_0.4.25.sol | |
if (value == 0) { | |
return "0"; | |
} | |
uint256 temp = value; | |
uint256 digits; | |
while (temp != 0) { | |
digits++; | |
temp /= 10; | |
} | |
bytes memory buffer = new bytes(digits); | |
uint256 index = digits - 1; | |
temp = value; | |
while (temp != 0) { | |
buffer[index--] = byte(uint8(48 + temp % 10)); | |
temp /= 10; | |
} | |
return string(buffer); | |
} | |
} | |
/** | |
* @title ERC721 Non-Fungible Token Standard basic implementation | |
* @dev see https://eips.ethereum.org/EIPS/eip-721 | |
*/ | |
contract ERC721 is ERC165, IERC721, IERC721Metadata, IERC721Enumerable { | |
using SafeMath for uint256; | |
using Address for address; | |
using EnumerableSet for EnumerableSet.UintSet; | |
using EnumerableMap for EnumerableMap.UintToAddressMap; | |
using Strings for uint256; | |
// Equals to `bytes4(keccak256("onERC721Received(address,address,uint256,bytes)"))` | |
// which can be also obtained as `IERC721Receiver(0).onERC721Received.selector` | |
bytes4 private constant _ERC721_RECEIVED = 0x150b7a02; | |
// Mapping from holder address to their (enumerable) set of owned tokens | |
mapping (address => EnumerableSet.UintSet) private _holderTokens; | |
// Enumerable mapping from token ids to their owners | |
EnumerableMap.UintToAddressMap private _tokenOwners; | |
// Mapping from token ID to approved address | |
mapping (uint256 => address) private _tokenApprovals; | |
// Mapping from owner to operator approvals | |
mapping (address => mapping (address => bool)) private _operatorApprovals; | |
// Token name | |
string private _name; | |
// Token symbol | |
string private _symbol; | |
// Optional mapping for token URIs | |
mapping (uint256 => string) private _tokenURIs; | |
// Base URI | |
string private _baseURI; | |
/* | |
* bytes4(keccak256('balanceOf(address)')) == 0x70a08231 | |
* bytes4(keccak256('ownerOf(uint256)')) == 0x6352211e | |
* bytes4(keccak256('approve(address,uint256)')) == 0x095ea7b3 | |
* bytes4(keccak256('getApproved(uint256)')) == 0x081812fc | |
* bytes4(keccak256('setApprovalForAll(address,bool)')) == 0xa22cb465 | |
* bytes4(keccak256('isApprovedForAll(address,address)')) == 0xe985e9c5 | |
* bytes4(keccak256('transferFrom(address,address,uint256)')) == 0x23b872dd | |
* bytes4(keccak256('safeTransferFrom(address,address,uint256)')) == 0x42842e0e | |
* bytes4(keccak256('safeTransferFrom(address,address,uint256,bytes)')) == 0xb88d4fde | |
* | |
* => 0x70a08231 ^ 0x6352211e ^ 0x095ea7b3 ^ 0x081812fc ^ | |
* 0xa22cb465 ^ 0xe985e9c5 ^ 0x23b872dd ^ 0x42842e0e ^ 0xb88d4fde == 0x80ac58cd | |
*/ | |
bytes4 private constant _INTERFACE_ID_ERC721 = 0x80ac58cd; | |
/* | |
* bytes4(keccak256('name()')) == 0x06fdde03 | |
* bytes4(keccak256('symbol()')) == 0x95d89b41 | |
* bytes4(keccak256('tokenURI(uint256)')) == 0xc87b56dd | |
* | |
* => 0x06fdde03 ^ 0x95d89b41 ^ 0xc87b56dd == 0x5b5e139f | |
*/ | |
bytes4 private constant _INTERFACE_ID_ERC721_METADATA = 0x5b5e139f; | |
/* | |
* bytes4(keccak256('totalSupply()')) == 0x18160ddd | |
* bytes4(keccak256('tokenOfOwnerByIndex(address,uint256)')) == 0x2f745c59 | |
* bytes4(keccak256('tokenByIndex(uint256)')) == 0x4f6ccce7 | |
* | |
* => 0x18160ddd ^ 0x2f745c59 ^ 0x4f6ccce7 == 0x780e9d63 | |
*/ | |
bytes4 private constant _INTERFACE_ID_ERC721_ENUMERABLE = 0x780e9d63; | |
/** | |
* @dev Initializes the contract by setting a `name` and a `symbol` to the token collection. | |
*/ | |
constructor (string memory name, string memory symbol) public { | |
_name = name; | |
_symbol = symbol; | |
// register the supported interfaces to conform to ERC721 via ERC165 | |
_registerInterface(_INTERFACE_ID_ERC721); | |
_registerInterface(_INTERFACE_ID_ERC721_METADATA); | |
_registerInterface(_INTERFACE_ID_ERC721_ENUMERABLE); | |
} | |
/** | |
* @dev See {IERC721-balanceOf}. | |
*/ | |
function balanceOf(address owner) public view override returns (uint256) { | |
require(owner != address(0), "ERC721: balance query for the zero address"); | |
return _holderTokens[owner].length(); | |
} | |
/** | |
* @dev See {IERC721-ownerOf}. | |
*/ | |
function ownerOf(uint256 tokenId) public view override returns (address) { | |
return _tokenOwners.get(tokenId, "ERC721: owner query for nonexistent token"); | |
} | |
/** | |
* @dev See {IERC721Metadata-name}. | |
*/ | |
function name() public view override returns (string memory) { | |
return _name; | |
} | |
/** | |
* @dev See {IERC721Metadata-symbol}. | |
*/ | |
function symbol() public view override returns (string memory) { | |
return _symbol; | |
} | |
/** | |
* @dev See {IERC721Metadata-tokenURI}. | |
*/ | |
function tokenURI(uint256 tokenId) public view override returns (string memory) { | |
require(_exists(tokenId), "ERC721Metadata: URI query for nonexistent token"); | |
string memory _tokenURI = _tokenURIs[tokenId]; | |
// If there is no base URI, return the token URI. | |
if (bytes(_baseURI).length == 0) { | |
return _tokenURI; | |
} | |
// If both are set, concatenate the baseURI and tokenURI (via abi.encodePacked). | |
if (bytes(_tokenURI).length > 0) { | |
return string(abi.encodePacked(_baseURI, _tokenURI)); | |
} | |
// If there is a baseURI but no tokenURI, concatenate the tokenID to the baseURI. | |
return string(abi.encodePacked(_baseURI, tokenId.toString())); | |
} | |
/** | |
* @dev Returns the base URI set via {_setBaseURI}. This will be | |
* automatically added as a prefix in {tokenURI} to each token's URI, or | |
* to the token ID if no specific URI is set for that token ID. | |
*/ | |
function baseURI() public view returns (string memory) { | |
return _baseURI; | |
} | |
/** | |
* @dev See {IERC721Enumerable-tokenOfOwnerByIndex}. | |
*/ | |
function tokenOfOwnerByIndex(address owner, uint256 index) public view override returns (uint256) { | |
return _holderTokens[owner].at(index); | |
} | |
/** | |
* @dev See {IERC721Enumerable-totalSupply}. | |
*/ | |
function totalSupply() public view override returns (uint256) { | |
// _tokenOwners are indexed by tokenIds, so .length() returns the number of tokenIds | |
return _tokenOwners.length(); | |
} | |
/** | |
* @dev See {IERC721Enumerable-tokenByIndex}. | |
*/ | |
function tokenByIndex(uint256 index) public view override returns (uint256) { | |
(uint256 tokenId, ) = _tokenOwners.at(index); | |
return tokenId; | |
} | |
/** | |
* @dev See {IERC721-approve}. | |
*/ | |
function approve(address to, uint256 tokenId) public virtual override { | |
address owner = ownerOf(tokenId); | |
require(to != owner, "ERC721: approval to current owner"); | |
require(msg.sender == owner || isApprovedForAll(owner, msg.sender), | |
"ERC721: approve caller is not owner nor approved for all" | |
); | |
_approve(to, tokenId); | |
} | |
/** | |
* @dev See {IERC721-getApproved}. | |
*/ | |
function getApproved(uint256 tokenId) public view override returns (address) { | |
require(_exists(tokenId), "ERC721: approved query for nonexistent token"); | |
return _tokenApprovals[tokenId]; | |
} | |
/** | |
* @dev See {IERC721-setApprovalForAll}. | |
*/ | |
function setApprovalForAll(address operator, bool approved) public virtual override { | |
require(operator != msg.sender, "ERC721: approve to caller"); | |
_operatorApprovals[msg.sender][operator] = approved; | |
emit ApprovalForAll(msg.sender, operator, approved); | |
} | |
/** | |
* @dev See {IERC721-isApprovedForAll}. | |
*/ | |
function isApprovedForAll(address owner, address operator) public view override returns (bool) { | |
return _operatorApprovals[owner][operator]; | |
} | |
/** | |
* @dev See {IERC721-transferFrom}. | |
*/ | |
function transferFrom(address from, address to, uint256 tokenId) public virtual override { | |
//solhint-disable-next-line max-line-length | |
require(_isApprovedOrOwner(msg.sender, tokenId), "ERC721: transfer caller is not owner nor approved"); | |
_transfer(from, to, tokenId); | |
} | |
/** | |
* @dev See {IERC721-safeTransferFrom}. | |
*/ | |
function safeTransferFrom(address from, address to, uint256 tokenId) public virtual override { | |
safeTransferFrom(from, to, tokenId, ""); | |
} | |
/** | |
* @dev See {IERC721-safeTransferFrom}. | |
*/ | |
function safeTransferFrom(address from, address to, uint256 tokenId, bytes memory _data) public virtual override { | |
require(_isApprovedOrOwner(msg.sender, tokenId), "ERC721: transfer caller is not owner nor approved"); | |
_safeTransfer(from, to, tokenId, _data); | |
} | |
/** | |
* @dev Safely transfers `tokenId` token from `from` to `to`, checking first that contract recipients | |
* are aware of the ERC721 protocol to prevent tokens from being forever locked. | |
* | |
* `_data` is additional data, it has no specified format and it is sent in call to `to`. | |
* | |
* This internal function is equivalent to {safeTransferFrom}, and can be used to e.g. | |
* implement alternative mechanisms to perform token transfer, such as signature-based. | |
* | |
* Requirements: | |
* | |
* - `from` cannot be the zero address. | |
* - `to` cannot be the zero address. | |
* - `tokenId` token must exist and be owned by `from`. | |
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer. | |
* | |
* Emits a {Transfer} event. | |
*/ | |
function _safeTransfer(address from, address to, uint256 tokenId, bytes memory _data) internal virtual { | |
_transfer(from, to, tokenId); | |
require(_checkOnERC721Received(from, to, tokenId, _data), "ERC721: transfer to non ERC721Receiver implementer"); | |
} | |
/** | |
* @dev Returns whether `tokenId` exists. | |
* | |
* Tokens can be managed by their owner or approved accounts via {approve} or {setApprovalForAll}. | |
* | |
* Tokens start existing when they are minted (`_mint`), | |
* and stop existing when they are burned (`_burn`). | |
*/ | |
function _exists(uint256 tokenId) internal view returns (bool) { | |
return _tokenOwners.contains(tokenId); | |
} | |
/** | |
* @dev Returns whether `spender` is allowed to manage `tokenId`. | |
* | |
* Requirements: | |
* | |
* - `tokenId` must exist. | |
*/ | |
function _isApprovedOrOwner(address spender, uint256 tokenId) internal view returns (bool) { | |
require(_exists(tokenId), "ERC721: operator query for nonexistent token"); | |
address owner = ownerOf(tokenId); | |
return (spender == owner || getApproved(tokenId) == spender || isApprovedForAll(owner, spender)); | |
} | |
/** | |
* @dev Safely mints `tokenId` and transfers it to `to`. | |
* | |
* Requirements: | |
d* | |
* - `tokenId` must not exist. | |
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer. | |
* | |
* Emits a {Transfer} event. | |
*/ | |
function _safeMint(address to, uint256 tokenId) internal virtual { | |
_safeMint(to, tokenId, ""); | |
} | |
/** | |
* @dev Same as {xref-ERC721-_safeMint-address-uint256-}[`_safeMint`], with an additional `data` parameter which is | |
* forwarded in {IERC721Receiver-onERC721Received} to contract recipients. | |
*/ | |
function _safeMint(address to, uint256 tokenId, bytes memory _data) internal virtual { | |
_mint(to, tokenId); | |
require(_checkOnERC721Received(address(0), to, tokenId, _data), "ERC721: transfer to non ERC721Receiver implementer"); | |
} | |
/** | |
* @dev Mints `tokenId` and transfers it to `to`. | |
* | |
* WARNING: Usage of this method is discouraged, use {_safeMint} whenever possible | |
* | |
* Requirements: | |
* | |
* - `tokenId` must not exist. | |
* - `to` cannot be the zero address. | |
* | |
* Emits a {Transfer} event. | |
*/ | |
function _mint(address to, uint256 tokenId) internal virtual { | |
require(to != address(0), "ERC721: mint to the zero address"); | |
require(!_exists(tokenId), "ERC721: token already minted"); | |
_beforeTokenTransfer(address(0), to, tokenId); | |
_holderTokens[to].add(tokenId); | |
_tokenOwners.set(tokenId, to); | |
emit Transfer(address(0), to, tokenId); | |
} | |
/** | |
* @dev Destroys `tokenId`. | |
* The approval is cleared when the token is burned. | |
* | |
* Requirements: | |
* | |
* - `tokenId` must exist. | |
* | |
* Emits a {Transfer} event. | |
*/ | |
function _burn(uint256 tokenId) internal virtual { | |
address owner = ownerOf(tokenId); | |
_beforeTokenTransfer(owner, address(0), tokenId); | |
// Clear approvals | |
_approve(address(0), tokenId); | |
// Clear metadata (if any) | |
if (bytes(_tokenURIs[tokenId]).length != 0) { | |
delete _tokenURIs[tokenId]; | |
} | |
_holderTokens[owner].remove(tokenId); | |
_tokenOwners.remove(tokenId); | |
emit Transfer(owner, address(0), tokenId); | |
} | |
/** | |
* @dev Transfers `tokenId` from `from` to `to`. | |
* As opposed to {transferFrom}, this imposes no restrictions on msg.sender. | |
* | |
* Requirements: | |
* | |
* - `to` cannot be the zero address. | |
* - `tokenId` token must be owned by `from`. | |
* | |
* Emits a {Transfer} event. | |
*/ | |
function _transfer(address from, address to, uint256 tokenId) internal virtual { | |
require(ownerOf(tokenId) == from, "ERC721: transfer of token that is not own"); | |
require(to != address(0), "ERC721: transfer to the zero address"); | |
_beforeTokenTransfer(from, to, tokenId); | |
// Clear approvals from the previous owner | |
_approve(address(0), tokenId); | |
_holderTokens[from].remove(tokenId); | |
_holderTokens[to].add(tokenId); | |
_tokenOwners.set(tokenId, to); | |
emit Transfer(from, to, tokenId); | |
} | |
/** | |
* @dev Sets `_tokenURI` as the tokenURI of `tokenId`. | |
* | |
* Requirements: | |
* | |
* - `tokenId` must exist. | |
*/ | |
function _setTokenURI(uint256 tokenId, string memory _tokenURI) internal virtual { | |
require(_exists(tokenId), "ERC721Metadata: URI set of nonexistent token"); | |
_tokenURIs[tokenId] = _tokenURI; | |
} | |
/** | |
* @dev Internal function to set the base URI for all token IDs. It is | |
* automatically added as a prefix to the value returned in {tokenURI}, | |
* or to the token ID if {tokenURI} is empty. | |
*/ | |
function _setBaseURI(string memory baseURI_) internal virtual { | |
_baseURI = baseURI_; | |
} | |
/** | |
* @dev Internal function to invoke {IERC721Receiver-onERC721Received} on a target address. | |
* The call is not executed if the target address is not a contract. | |
* | |
* @param from address representing the previous owner of the given token ID | |
* @param to target address that will receive the tokens | |
* @param tokenId uint256 ID of the token to be transferred | |
* @param _data bytes optional data to send along with the call | |
* @return bool whether the call correctly returned the expected magic value | |
*/ | |
function _checkOnERC721Received(address from, address to, uint256 tokenId, bytes memory _data) | |
private returns (bool) | |
{ | |
if (!to.isContract()) { | |
return true; | |
} | |
bytes memory returndata = to.functionCall(abi.encodeWithSelector( | |
IERC721Receiver(to).onERC721Received.selector, | |
msg.sender, | |
from, | |
tokenId, | |
_data | |
), "ERC721: transfer to non ERC721Receiver implementer"); | |
bytes4 retval = abi.decode(returndata, (bytes4)); | |
return (retval == _ERC721_RECEIVED); | |
} | |
function _approve(address to, uint256 tokenId) private { | |
_tokenApprovals[tokenId] = to; | |
emit Approval(ownerOf(tokenId), to, tokenId); | |
} | |
/** | |
* @dev Hook that is called before any token transfer. This includes minting | |
* and burning. | |
* | |
* Calling conditions: | |
* | |
* - When `from` and `to` are both non-zero, ``from``'s `tokenId` will be | |
* transferred to `to`. | |
* - When `from` is zero, `tokenId` will be minted for `to`. | |
* - When `to` is zero, ``from``'s `tokenId` will be burned. | |
* - `from` cannot be the zero address. | |
* - `to` cannot be the zero address. | |
* | |
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks]. | |
*/ | |
function _beforeTokenTransfer(address from, address to, uint256 tokenId) internal virtual { } | |
} | |
/** | |
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include | |
* the optional functions; to access them see {ERC20Detailed}. | |
*/ | |
interface IERC20 { | |
/** | |
* @dev Returns the amount of tokens in existence. | |
*/ | |
function totalSupply() external view returns (uint); | |
/** | |
* @dev Returns the amount of tokens owned by `account`. | |
*/ | |
function balanceOf(address account) external view returns (uint); | |
function decimals() external view returns (uint); | |
function symbol() external view returns (string memory); | |
/** | |
* @dev Moves `amount` tokens from the caller's account to `recipient`. | |
* | |
* Returns a boolean value indicating whether the operation succeeded. | |
* | |
* Emits a {Transfer} event. | |
*/ | |
function transfer(address recipient, uint amount) external returns (bool); | |
/** | |
* @dev Returns the remaining number of tokens that `spender` will be | |
* allowed to spend on behalf of `owner` through {transferFrom}. This is | |
* zero by default. | |
* | |
* This value changes when {approve} or {transferFrom} are called. | |
*/ | |
function allowance(address owner, address spender) external view returns (uint); | |
/** | |
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens. | |
* | |
* Returns a boolean value indicating whether the operation succeeded. | |
* | |
* IMPORTANT: Beware that changing an allowance with this method brings the risk | |
* that someone may use both the old and the new allowance by unfortunate | |
* transaction ordering. One possible solution to mitigate this race | |
* condition is to first reduce the spender's allowance to 0 and set the | |
* desired value afterwards: | |
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 | |
* | |
* Emits an {Approval} event. | |
*/ | |
function approve(address spender, uint amount) external returns (bool); | |
/** | |
* @dev Moves `amount` tokens from `sender` to `recipient` using the | |
* allowance mechanism. `amount` is then deducted from the caller's | |
* allowance. | |
* | |
* Returns a boolean value indicating whether the operation succeeded. | |
* | |
* Emits a {Transfer} event. | |
*/ | |
function transferFrom(address sender, address recipient, uint amount) external returns (bool); | |
/** | |
* @dev Emitted when `value` tokens are moved from one account (`from`) to | |
* another (`to`). | |
* | |
* Note that `value` may be zero. | |
*/ | |
event Transfer(address indexed from, address indexed to, uint value); | |
/** | |
* @dev Emitted when the allowance of a `spender` for an `owner` is set by | |
* a call to {approve}. `value` is the new allowance. | |
*/ | |
event Approval(address indexed owner, address indexed spender, uint value); | |
} | |
// a library for performing various math operations | |
library Math { | |
/** | |
* @dev Returns the largest of two numbers. | |
*/ | |
function max(uint256 a, uint256 b) internal pure returns (uint256) { | |
return a >= b ? a : b; | |
} | |
function min(uint x, uint y) internal pure returns (uint z) { | |
z = x < y ? x : y; | |
} | |
// babylonian method (https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_method) | |
function sqrt(uint y) internal pure returns (uint z) { | |
if (y > 3) { | |
z = y; | |
uint x = y / 2 + 1; | |
while (x < z) { | |
z = x; | |
x = (y / x + x) / 2; | |
} | |
} else if (y != 0) { | |
z = 1; | |
} | |
} | |
} | |
// a library for handling binary fixed point numbers (https://en.wikipedia.org/wiki/Q_(number_format)) | |
// range: [0, 2**112 - 1] | |
// resolution: 1 / 2**112 | |
library UQ112x112 { | |
uint224 constant Q112 = 2**112; | |
// encode a uint112 as a UQ112x112 | |
function encode(uint112 y) internal pure returns (uint224 z) { | |
z = uint224(y) * Q112; // never overflows | |
} | |
// divide a UQ112x112 by a uint112, returning a UQ112x112 | |
function uqdiv(uint224 x, uint112 y) internal pure returns (uint224 z) { | |
z = x / uint224(y); | |
} | |
} | |
library SafeERC20 { | |
using SafeMath for uint256; | |
using Address for address; | |
function safeTransfer(IERC20 token, address to, uint256 value) internal { | |
callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value)); | |
} | |
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal { | |
callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value)); | |
} | |
function safeApprove(IERC20 token, address spender, uint256 value) internal { | |
require((value == 0) || (token.allowance(address(this), spender) == 0), | |
"SafeERC20: approve from non-zero to non-zero allowance" | |
); | |
callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value)); | |
} | |
function callOptionalReturn(IERC20 token, bytes memory data) private { | |
require(address(token).isContract(), "SafeERC20: call to non-contract"); | |
// solhint-disable-next-line avoid-low-level-calls | |
(bool success, bytes memory returndata) = address(token).call(data); | |
require(success, "SafeERC20: low-level call failed"); | |
if (returndata.length > 0) { // Return data is optional | |
// solhint-disable-next-line max-line-length | |
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed"); | |
} | |
} | |
} | |
// a library for handling binary fixed point numbers (https://en.wikipedia.org/wiki/Q_(number_format)) | |
library FixedPoint { | |
// range: [0, 2**112 - 1] | |
// resolution: 1 / 2**112 | |
struct uq112x112 { | |
uint224 _x; | |
} | |
// range: [0, 2**144 - 1] | |
// resolution: 1 / 2**112 | |
struct uq144x112 { | |
uint _x; | |
} | |
uint8 private constant RESOLUTION = 112; | |
// encode a uint112 as a UQ112x112 | |
function encode(uint112 x) internal pure returns (uq112x112 memory) { | |
return uq112x112(uint224(x) << RESOLUTION); | |
} | |
// encodes a uint144 as a UQ144x112 | |
function encode144(uint144 x) internal pure returns (uq144x112 memory) { | |
return uq144x112(uint256(x) << RESOLUTION); | |
} | |
// divide a UQ112x112 by a uint112, returning a UQ112x112 | |
function div(uq112x112 memory self, uint112 x) internal pure returns (uq112x112 memory) { | |
require(x != 0, 'FixedPoint: DIV_BY_ZERO'); | |
return uq112x112(self._x / uint224(x)); | |
} | |
// multiply a UQ112x112 by a uint, returning a UQ144x112 | |
// reverts on overflow | |
function mul(uq112x112 memory self, uint y) internal pure returns (uq144x112 memory) { | |
uint z; | |
require(y == 0 || (z = uint(self._x) * y) / y == uint(self._x), "FixedPoint: MULTIPLICATION_OVERFLOW"); | |
return uq144x112(z); | |
} | |
// returns a UQ112x112 which represents the ratio of the numerator to the denominator | |
// equivalent to encode(numerator).div(denominator) | |
function fraction(uint112 numerator, uint112 denominator) internal pure returns (uq112x112 memory) { | |
require(denominator > 0, "FixedPoint: DIV_BY_ZERO"); | |
return uq112x112((uint224(numerator) << RESOLUTION) / denominator); | |
} | |
// decode a UQ112x112 into a uint112 by truncating after the radix point | |
function decode(uq112x112 memory self) internal pure returns (uint112) { | |
return uint112(self._x >> RESOLUTION); | |
} | |
// decode a UQ144x112 into a uint144 by truncating after the radix point | |
function decode144(uq144x112 memory self) internal pure returns (uint144) { | |
return uint144(self._x >> RESOLUTION); | |
} | |
} | |
contract DeriswapV1OptionContracts is ERC721 { | |
address public immutable RESERVE; | |
constructor() ERC721("DeriswapV1Options", "DERIO") public { | |
RESERVE = msg.sender; | |
} | |
function mint(address owner, uint id) external { | |
require(msg.sender == RESERVE); | |
_mint(owner, id); | |
} | |
function isApprovedOrOwner(address spender, uint256 tokenId) external view returns (bool) { | |
return _isApprovedOrOwner(spender, tokenId); | |
} | |
} | |
contract DeriswapV1LoanContracts is ERC721 { | |
address public immutable RESERVE; | |
constructor() ERC721("DeriswapV1Loans", "DERIL") public { | |
RESERVE = msg.sender; | |
} | |
function mint(address owner, uint id) external { | |
require(msg.sender == RESERVE); | |
_mint(owner, id); | |
} | |
function isApprovedOrOwner(address spender, uint256 tokenId) external view returns (bool) { | |
return _isApprovedOrOwner(spender, tokenId); | |
} | |
} | |
library DeriswapV1Math { | |
using FixedPoint for *; | |
using SafeMath for uint; | |
using UQ112x112 for uint224; | |
uint private constant FIXED_1 = 0x080000000000000000000000000000000; | |
uint private constant FIXED_2 = 0x100000000000000000000000000000000; | |
uint private constant SQRT_1 = 13043817825332782212; | |
uint private constant LNX = 3988425491; | |
uint private constant LOG_10_2 = 3010299957; | |
uint private constant LOG_E_2 = 6931471806; | |
uint private constant BASE = 1e10; | |
function floorLog2(uint256 _n) internal pure returns (uint8) { | |
uint8 res = 0; | |
if (_n < 256) { | |
// At most 8 iterations | |
while (_n > 1) { | |
_n >>= 1; | |
res += 1; | |
} | |
} else { | |
// Exactly 8 iterations | |
for (uint8 s = 128; s > 0; s >>= 1) { | |
if (_n >= (uint(1) << s)) { | |
_n >>= s; | |
res |= s; | |
} | |
} | |
} | |
return res; | |
} | |
function ln(uint256 x) internal pure returns (uint) { | |
uint res = 0; | |
// If x >= 2, then we compute the integer part of log2(x), which is larger than 0. | |
if (x >= FIXED_2) { | |
uint8 count = floorLog2(x / FIXED_1); | |
x >>= count; // now x < 2 | |
res = count * FIXED_1; | |
} | |
// If x > 1, then we compute the fraction part of log2(x), which is larger than 0. | |
if (x > FIXED_1) { | |
for (uint8 i = 127; i > 0; --i) { | |
x = (x * x) / FIXED_1; // now 1 < x < 4 | |
if (x >= FIXED_2) { | |
x >>= 1; // now 1 < x < 2 | |
res += uint(1) << (i - 1); | |
} | |
} | |
} | |
return res * LOG_E_2 / BASE; | |
} | |
/** | |
* @dev computes e ^ (x / FIXED_1) * FIXED_1 | |
* input range: 0 <= x <= OPT_EXP_MAX_VAL - 1 | |
* auto-generated via 'PrintFunctionOptimalExp.py' | |
* Detailed description: | |
* - Rewrite the input as a sum of binary exponents and a single residual r, as small as possible | |
* - The exponentiation of each binary exponent is given (pre-calculated) | |
* - The exponentiation of r is calculated via Taylor series for e^x, where x = r | |
* - The exponentiation of the input is calculated by multiplying the intermediate results above | |
* - For example: e^5.521692859 = e^(4 + 1 + 0.5 + 0.021692859) = e^4 * e^1 * e^0.5 * e^0.021692859 | |
*/ | |
function optimalExp(uint256 x) internal pure returns (uint256) { | |
uint256 res = 0; | |
uint256 y; | |
uint256 z; | |
z = y = x % 0x10000000000000000000000000000000; // get the input modulo 2^(-3) | |
z = (z * y) / FIXED_1; | |
res += z * 0x10e1b3be415a0000; // add y^02 * (20! / 02!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x05a0913f6b1e0000; // add y^03 * (20! / 03!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x0168244fdac78000; // add y^04 * (20! / 04!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x004807432bc18000; // add y^05 * (20! / 05!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x000c0135dca04000; // add y^06 * (20! / 06!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x0001b707b1cdc000; // add y^07 * (20! / 07!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x000036e0f639b800; // add y^08 * (20! / 08!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x00000618fee9f800; // add y^09 * (20! / 09!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x0000009c197dcc00; // add y^10 * (20! / 10!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x0000000e30dce400; // add y^11 * (20! / 11!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x000000012ebd1300; // add y^12 * (20! / 12!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x0000000017499f00; // add y^13 * (20! / 13!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x0000000001a9d480; // add y^14 * (20! / 14!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x00000000001c6380; // add y^15 * (20! / 15!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x000000000001c638; // add y^16 * (20! / 16!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x0000000000001ab8; // add y^17 * (20! / 17!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x000000000000017c; // add y^18 * (20! / 18!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x0000000000000014; // add y^19 * (20! / 19!) | |
z = (z * y) / FIXED_1; | |
res += z * 0x0000000000000001; // add y^20 * (20! / 20!) | |
res = res / 0x21c3677c82b40000 + y + FIXED_1; // divide by 20! and then add y^1 / 1! + y^0 / 0! | |
if ((x & 0x010000000000000000000000000000000) != 0) | |
res = (res * 0x1c3d6a24ed82218787d624d3e5eba95f9) / 0x18ebef9eac820ae8682b9793ac6d1e776; // multiply by e^2^(-3) | |
if ((x & 0x020000000000000000000000000000000) != 0) | |
res = (res * 0x18ebef9eac820ae8682b9793ac6d1e778) / 0x1368b2fc6f9609fe7aceb46aa619baed4; // multiply by e^2^(-2) | |
if ((x & 0x040000000000000000000000000000000) != 0) | |
res = (res * 0x1368b2fc6f9609fe7aceb46aa619baed5) / 0x0bc5ab1b16779be3575bd8f0520a9f21f; // multiply by e^2^(-1) | |
if ((x & 0x080000000000000000000000000000000) != 0) | |
res = (res * 0x0bc5ab1b16779be3575bd8f0520a9f21e) / 0x0454aaa8efe072e7f6ddbab84b40a55c9; // multiply by e^2^(+0) | |
if ((x & 0x100000000000000000000000000000000) != 0) | |
res = (res * 0x0454aaa8efe072e7f6ddbab84b40a55c5) / 0x00960aadc109e7a3bf4578099615711ea; // multiply by e^2^(+1) | |
if ((x & 0x200000000000000000000000000000000) != 0) | |
res = (res * 0x00960aadc109e7a3bf4578099615711d7) / 0x0002bf84208204f5977f9a8cf01fdce3d; // multiply by e^2^(+2) | |
if ((x & 0x400000000000000000000000000000000) != 0) | |
res = (res * 0x0002bf84208204f5977f9a8cf01fdc307) / 0x0000003c6ab775dd0b95b4cbee7e65d11; // multiply by e^2^(+3) | |
return res; | |
} | |
function quoteOptionAll(uint t, uint v, uint sp, uint st) public pure returns (uint call, uint put) { | |
uint _c; | |
uint _p; | |
if (sp > st) { | |
_c = C(t, v, sp, st); | |
_p = st-sp+_c; | |
} else { | |
_p = C(t, v, st, sp); | |
_c = st-sp+_p; | |
} | |
return (_c, _p); | |
} | |
function C(uint t, uint v, uint sp, uint st) public pure returns (uint) { | |
if (sp == st) { | |
return LNX * sp / 1e10 * v / 1e18 * sqrt(1e18 * t / 365) / 1e9; | |
} | |
uint sigma = ((v**2)/2); | |
uint sigmaB = 1e36; | |
uint sig = 1e18 * sigma / sigmaB * t / 365; | |
uint sSQRT = v * sqrt(1e18 * t / 365) / 1e9; | |
uint d1 = 1e18 * ln(FIXED_1 * sp / st) / FIXED_1; | |
d1 = (d1 + sig) * 1e18 / sSQRT; | |
uint d2 = d1 - sSQRT; | |
uint cdfD1 = ncdf(FIXED_1 * d1 / 1e18); | |
uint cdfD2 = ncdf(FIXED_1 * d2 / 1e18); | |
return sp * cdfD1 / 1e14 - st * cdfD2 / 1e14; | |
} | |
function ncdf(uint x) internal pure returns (uint) { | |
int t1 = int(1e7 + (2315419 * x / FIXED_1)); | |
uint exp = x / 2 * x / FIXED_1; | |
int d = int(3989423 * FIXED_1 / optimalExp(uint(exp))); | |
uint prob = uint(d * (3193815 + ( -3565638 + (17814780 + (-18212560 + 13302740 * 1e7 / t1) * 1e7 / t1) * 1e7 / t1) * 1e7 / t1) * 1e7 / t1); | |
if( x > 0 ) prob = 1e14 - prob; | |
return prob; | |
} | |
function generalLog(uint256 x) internal pure returns (uint) { | |
uint res = 0; | |
// If x >= 2, then we compute the integer part of log2(x), which is larger than 0. | |
if (x >= FIXED_2) { | |
uint8 count = floorLog2(x / FIXED_1); | |
x >>= count; // now x < 2 | |
res = count * FIXED_1; | |
} | |
// If x > 1, then we compute the fraction part of log2(x), which is larger than 0. | |
if (x > FIXED_1) { | |
for (uint8 i = 127; i > 0; --i) { | |
x = (x * x) / FIXED_1; // now 1 < x < 4 | |
if (x >= FIXED_2) { | |
x >>= 1; // now 1 < x < 2 | |
res += uint(1) << (i - 1); | |
} | |
} | |
} | |
return res * LOG_10_2 / BASE; | |
} | |
function vol(uint[] memory p) public pure returns (uint x) { | |
for (uint8 i = 1; i <= (p.length-1); i++) { | |
x += ((generalLog(p[i] * FIXED_1) - generalLog(p[i-1] * FIXED_1)))**2; | |
//denom += FIXED_1**2; | |
} | |
//return (sum, denom); | |
x = sqrt(uint(252) * sqrt(x / (p.length-1))); | |
return uint(1e18) * x / SQRT_1; | |
} | |
/** | |
* @dev sqrt calculates the square root of a given number x | |
* @dev for precision into decimals the number must first | |
* @dev be multiplied by the precision factor desired | |
* @param x uint256 number for the calculation of square root | |
*/ | |
function sqrt(uint256 x) public pure returns (uint256) { | |
uint256 c = (x + 1) / 2; | |
uint256 b = x; | |
while (c < b) { | |
b = c; | |
c = (x / c + c) / 2; | |
} | |
return b; | |
} | |
/** | |
* @dev stddev calculates the standard deviation for an array of integers | |
* @dev precision is the same as sqrt above meaning for higher precision | |
* @dev the decimal place must be moved prior to passing the params | |
* @param numbers uint[] array of numbers to be used in calculation | |
*/ | |
function stddev(uint[] memory numbers) public pure returns (uint256 sd) { | |
uint sum = 0; | |
for(uint i = 0; i < numbers.length; i++) { | |
sum += numbers[i]; | |
} | |
uint256 mean = sum / numbers.length; // Integral value; float not supported in Solidity | |
sum = 0; | |
uint i; | |
for(i = 0; i < numbers.length; i++) { | |
sum += (numbers[i] - mean) ** 2; | |
} | |
sd = sqrt(sum / (numbers.length - 1)); //Integral value; float not supported in Solidity | |
return sd; | |
} | |
} | |
contract DeriswapV1Oracle { | |
using FixedPoint for *; | |
using SafeMath for uint; | |
using SafeERC20 for IERC20; | |
using UQ112x112 for uint224; | |
event Sync(uint112 reserve0, uint112 reserve1); | |
address public immutable TOKEN0; | |
address public immutable TOKEN1; | |
uint112 internal reserve0; | |
uint112 internal reserve1; | |
uint32 internal blockTimestampLast; | |
uint public price0CumulativeLast; | |
uint public price1CumulativeLast; | |
uint public kLast; // reserve0 * reserve1, as of immediately after the most recent liquidity event | |
constructor(address _token0, address _token1) public { | |
TOKEN0 = _token0; | |
TOKEN1 = _token1; | |
} | |
struct point { | |
uint timestamp; | |
uint price0Cumulative; | |
uint price1Cumulative; | |
} | |
point[] public points; | |
function length() external view returns (uint) { | |
return points.length; | |
} | |
function getReserves() public view returns (uint112 _reserve0, uint112 _reserve1, uint32 _blockTimestampLast) { | |
_reserve0 = reserve0; | |
_reserve1 = reserve1; | |
_blockTimestampLast = blockTimestampLast; | |
} | |
// update reserves and, on the first call per block, price accumulators | |
function _update(uint balance0, uint balance1, uint112 _reserve0, uint112 _reserve1) internal { | |
require(balance0 <= uint112(-1) && balance1 <= uint112(-1), 'UniswapV2: OVERFLOW'); | |
uint32 blockTimestamp = uint32(block.timestamp % 2**32); | |
uint32 timeElapsed = blockTimestamp - blockTimestampLast; // overflow is desired | |
if (timeElapsed > 0 && _reserve0 != 0 && _reserve1 != 0) { | |
// * never overflows, and + overflow is desired | |
price0CumulativeLast += uint(UQ112x112.encode(_reserve1).uqdiv(_reserve0)) * timeElapsed; | |
price1CumulativeLast += uint(UQ112x112.encode(_reserve0).uqdiv(_reserve1)) * timeElapsed; | |
points.push(point(block.timestamp, price0CumulativeLast, price1CumulativeLast)); | |
} | |
reserve0 = uint112(balance0); | |
reserve1 = uint112(balance1); | |
blockTimestampLast = blockTimestamp; | |
emit Sync(reserve0, reserve1); | |
} | |
function price(address token) public view returns (uint) { | |
return quotePrice(token, uint(10)**IERC20(token).decimals()); | |
} | |
function realizedVariance(address tokenIn, uint p, uint window) external view returns (uint) { | |
return DeriswapV1Math.stddev(sample(tokenIn, uint(10)**IERC20(tokenIn).decimals(), p, window)); | |
} | |
function realizedVolatility(address tokenIn, uint p, uint window) public view returns (uint) { | |
return DeriswapV1Math.vol(sample(tokenIn, uint(10)**IERC20(tokenIn).decimals(), p, window)); | |
} | |
function computeAmountOut( | |
uint priceCumulativeStart, uint priceCumulativeEnd, | |
uint timeElapsed, uint amountIn | |
) private pure returns (uint amountOut) { | |
// overflow is desired. | |
FixedPoint.uq112x112 memory priceAverage = FixedPoint.uq112x112( | |
uint224((priceCumulativeEnd - priceCumulativeStart) / timeElapsed) | |
); | |
amountOut = priceAverage.mul(amountIn).decode144(); | |
} | |
function quotePrice(address tokenIn, uint amountIn) public view returns (uint amountOut) { | |
point memory p = points[points.length-1]; | |
if (block.timestamp == p.timestamp) { | |
p = points[points.length-2]; | |
} | |
uint timeElapsed = block.timestamp - p.timestamp; | |
if (TOKEN0 == tokenIn) { | |
return computeAmountOut(p.price0Cumulative, price0CumulativeLast, timeElapsed, amountIn); | |
} else { | |
return computeAmountOut(p.price1Cumulative, price1CumulativeLast, timeElapsed, amountIn); | |
} | |
} | |
function sample(address tokenIn, uint amountIn, uint p, uint window) public view returns (uint[] memory) { | |
uint[] memory _prices = new uint[](p); | |
uint len = points.length-1; | |
uint i = len.sub(p * window); | |
uint nextIndex = 0; | |
uint index = 0; | |
if (TOKEN0 == tokenIn) { | |
for (; i < len; i+=window) { | |
nextIndex = i + window; | |
_prices[index] = computeAmountOut( | |
points[i].price0Cumulative, | |
points[nextIndex].price0Cumulative, | |
points[nextIndex].timestamp - points[i].timestamp, amountIn); | |
index = index + 1; | |
} | |
} else { | |
for (; i < len; i+=window) { | |
nextIndex = i + window; | |
_prices[index] = computeAmountOut( | |
points[i].price1Cumulative, | |
points[nextIndex].price1Cumulative, | |
points[nextIndex].timestamp - points[i].timestamp, amountIn); | |
index = index + 1; | |
} | |
} | |
return _prices; | |
} | |
} | |
contract DeriswapV1ERC20 is DeriswapV1Oracle { | |
using FixedPoint for *; | |
using SafeMath for uint; | |
using SafeERC20 for IERC20; | |
using UQ112x112 for uint224; | |
string public constant name = 'Deriswap V1'; | |
string public constant symbol = 'DERI-V1'; | |
uint8 public constant decimals = 18; | |
uint public totalSupply; | |
mapping(address => uint) public balanceOf; | |
mapping(address => mapping(address => uint)) public allowance; | |
bytes32 public immutable DOMAIN_SEPARATOR; | |
// keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)"); | |
bytes32 public constant PERMIT_TYPEHASH = 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9; | |
mapping(address => uint) public nonces; | |
constructor(address _token0, address _token1) DeriswapV1Oracle(_token0, _token1) public { | |
uint chainId; | |
assembly { chainId := chainid() } | |
DOMAIN_SEPARATOR = keccak256( | |
abi.encode( | |
keccak256('EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)'), | |
keccak256(bytes(name)), | |
keccak256(bytes('1')), | |
chainId, | |
address(this) | |
) | |
); | |
FACTORY = msg.sender; | |
} | |
event Approval(address indexed owner, address indexed spender, uint value); | |
event Transfer(address indexed from, address indexed to, uint value); | |
function _mint(address to, uint value) internal { | |
totalSupply = totalSupply.add(value); | |
balanceOf[to] = balanceOf[to].add(value); | |
emit Transfer(address(0), to, value); | |
} | |
function _burn(address from, uint value) internal { | |
balanceOf[from] = balanceOf[from].sub(value); | |
totalSupply = totalSupply.sub(value); | |
emit Transfer(from, address(0), value); | |
} | |
function _approve(address owner, address spender, uint value) private { | |
allowance[owner][spender] = value; | |
emit Approval(owner, spender, value); | |
} | |
function _transfer(address from, address to, uint value) private { | |
balanceOf[from] = balanceOf[from].sub(value); | |
balanceOf[to] = balanceOf[to].add(value); | |
emit Transfer(from, to, value); | |
} | |
function approve(address spender, uint value) external returns (bool) { | |
_approve(msg.sender, spender, value); | |
return true; | |
} | |
function transfer(address to, uint value) external returns (bool) { | |
_transfer(msg.sender, to, value); | |
return true; | |
} | |
function transferFrom(address from, address to, uint value) external returns (bool) { | |
if (allowance[from][msg.sender] != uint(-1)) { | |
allowance[from][msg.sender] = allowance[from][msg.sender].sub(value); | |
} | |
_transfer(from, to, value); | |
return true; | |
} | |
function permit(address owner, address spender, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external { | |
require(deadline >= block.timestamp, 'UniswapV2: EXPIRED'); | |
bytes32 digest = keccak256( | |
abi.encodePacked( | |
'\x19\x01', | |
DOMAIN_SEPARATOR, | |
keccak256(abi.encode(PERMIT_TYPEHASH, owner, spender, value, nonces[owner]++, deadline)) | |
) | |
); | |
address recoveredAddress = ecrecover(digest, v, r, s); | |
require(recoveredAddress != address(0) && recoveredAddress == owner, 'UniswapV2: INVALID_SIGNATURE'); | |
_approve(owner, spender, value); | |
} | |
uint public constant MINIMUM_LIQUIDITY = 10**3; | |
bytes4 private constant SELECTOR = bytes4(keccak256(bytes('transfer(address,uint256)'))); | |
address public immutable FACTORY; | |
uint private unlocked = 1; | |
modifier lock() { | |
require(unlocked == 1, 'DeriswapV1: LOCKED'); | |
unlocked = 0; | |
_; | |
unlocked = 1; | |
} | |
function _safeTransfer(address token, address to, uint value) private { | |
(bool success, bytes memory data) = token.call(abi.encodeWithSelector(SELECTOR, to, value)); | |
require(success && (data.length == 0 || abi.decode(data, (bool))), 'UniswapV2: TRANSFER_FAILED'); | |
} | |
event Mint(address indexed sender, uint amount0, uint amount1); | |
event Burn(address indexed sender, uint amount0, uint amount1, address indexed to); | |
event Swap( | |
address indexed sender, | |
uint amount0In, | |
uint amount1In, | |
uint amount0Out, | |
uint amount1Out, | |
address indexed to | |
); | |
// this low-level function should be called from a contract which performs important safety checks | |
function mint(uint amount0, uint amount1, address to) external lock returns (uint liquidity) { | |
(uint112 _reserve0, uint112 _reserve1,) = getReserves(); // gas savings | |
if (amount0 > 0) { | |
IERC20(TOKEN0).transferFrom(msg.sender, address(this), amount0); | |
} | |
if (amount1 > 0) { | |
IERC20(TOKEN1).transferFrom(msg.sender, address(this), amount1); | |
} | |
uint _totalSupply = totalSupply; // gas savings, must be defined here since totalSupply can update in _mintFee | |
if (_totalSupply == 0) { | |
liquidity = Math.sqrt(amount0.mul(amount1)).sub(MINIMUM_LIQUIDITY); | |
_mint(address(0), MINIMUM_LIQUIDITY); // permanently lock the first MINIMUM_LIQUIDITY tokens | |
} else { | |
liquidity = Math.min(amount0.mul(_totalSupply) / _reserve0, amount1.mul(_totalSupply) / _reserve1); | |
} | |
require(liquidity > 0, 'UniswapV2: INSUFFICIENT_LIQUIDITY_MINTED'); | |
_mint(to, liquidity); | |
_update(_reserve0 + amount0, _reserve1 + amount1, _reserve0, _reserve1); | |
emit Mint(msg.sender, amount0, amount1); | |
} | |
// this low-level function should be called from a contract which performs important safety checks | |
function burn(address to) external lock returns (uint amount0, uint amount1) { | |
(uint112 _reserve0, uint112 _reserve1,) = getReserves(); // gas savings | |
address _token0 = TOKEN0; // gas savings | |
address _token1 = TOKEN1; // gas savings | |
uint balance0 = IERC20(_token0).balanceOf(address(this)); | |
uint balance1 = IERC20(_token1).balanceOf(address(this)); | |
uint liquidity = balanceOf[address(this)]; | |
uint _totalSupply = totalSupply; // gas savings, must be defined here since totalSupply can update in _mintFee | |
amount0 = liquidity.mul(balance0) / _totalSupply; // using balances ensures pro-rata distribution | |
amount1 = liquidity.mul(balance1) / _totalSupply; // using balances ensures pro-rata distribution | |
require(amount0 > 0 && amount1 > 0, 'UniswapV2: INSUFFICIENT_LIQUIDITY_BURNED'); | |
_burn(address(this), liquidity); | |
_safeTransfer(_token0, to, amount0); | |
_safeTransfer(_token1, to, amount1); | |
_update(_reserve0 < amount0 ? 0 : _reserve0 - amount0, _reserve1 < amount1 ? 0 : _reserve1 - amount1, _reserve0, _reserve1); | |
emit Burn(msg.sender, amount0, amount1, to); | |
} | |
// this low-level function should be called from a contract which performs important safety checks | |
function swap(uint amount0In, uint amount1In, uint amount0Out, uint amount1Out, address to) external lock { | |
require(amount0Out > 0 || amount1Out > 0, 'UniswapV2: INSUFFICIENT_OUTPUT_AMOUNT'); | |
(uint112 _reserve0, uint112 _reserve1,) = getReserves(); // gas savings | |
require(amount0Out < _reserve0 && amount1Out < _reserve1, 'UniswapV2: INSUFFICIENT_LIQUIDITY'); | |
uint balance0 = _reserve0; | |
uint balance1 = _reserve1; | |
{ | |
address _token0 = TOKEN0; | |
address _token1 = TOKEN1; | |
require(to != _token0 && to != _token1, 'UniswapV2: INVALID_TO'); | |
if (amount0In > 0) { | |
IERC20(_token0).transferFrom(msg.sender, address(this), amount0In); | |
balance0 = balance0.add(amount0In); | |
} | |
if (amount1In > 0) { | |
IERC20(_token1).transferFrom(msg.sender, address(this), amount1In); | |
balance1 = balance1.add(amount1In); | |
} | |
if (amount0Out > 0) { | |
_safeTransfer(_token0, to, amount0Out); | |
balance0 = balance0.sub(amount0Out); | |
} | |
if (amount1Out > 0) { | |
_safeTransfer(_token1, to, amount1Out); | |
balance1 = balance1.sub(amount1Out); | |
} | |
} | |
{ // scope for reserve{0,1}Adjusted, avoids stack too deep errors | |
uint balance0Adjusted = balance0.mul(1000).sub(amount0In.mul(3)); | |
uint balance1Adjusted = balance1.mul(1000).sub(amount1In.mul(3)); | |
require(balance0Adjusted.mul(balance1Adjusted) >= uint(_reserve0).mul(_reserve1).mul(1000**2), 'UniswapV2: K'); | |
} | |
_update(balance0, balance1, _reserve0, _reserve1); | |
emit Swap(msg.sender, amount0In, amount1In, amount0Out, amount1Out, to); | |
} | |
} | |
contract DeriswapV1Pair is DeriswapV1ERC20 { | |
using FixedPoint for *; | |
using SafeMath for uint; | |
using SafeERC20 for IERC20; | |
using UQ112x112 for uint224; | |
DeriswapV1LoanContracts public immutable loansnft; | |
DeriswapV1OptionContracts public immutable optionsnft; | |
constructor(address _token0, address _token1) DeriswapV1ERC20(_token0, _token1) public { | |
loansnft = new DeriswapV1LoanContracts(); | |
optionsnft = new DeriswapV1OptionContracts(); | |
} | |
/// @notice The create option event | |
event Created(uint id, address indexed owner, address indexed token, uint amount, uint strike, uint created, uint expire); | |
/// @notice swap the position event when processing options | |
event Exercised(uint id, address indexed owner, address indexed token, uint amount, uint strike, uint excercised, uint expire); | |
uint private calls0; | |
uint private calls1; | |
uint private puts0; | |
uint private puts1; | |
function quoteOption(address tokenIn, uint t) public view returns (uint call, uint put) { | |
uint price = price(tokenIn); | |
return quoteOptionPrice(tokenIn, t, price, price); | |
} | |
function quoteOptionPrice(address tokenIn, uint t, uint sp, uint st) public view returns (uint call, uint put) { | |
uint v = realizedVolatility(tokenIn, t, 48); | |
return DeriswapV1Math.quoteOptionAll(t, v, sp, st); | |
} | |
struct ostore { | |
address asset; // 20 bytes | |
uint48 expire; // 5 bytes | |
uint8 call; // 1 byte | |
uint amount; | |
uint strike; | |
} | |
function options(uint _id) public view returns(opt memory _option) { | |
ostore memory _ostore = ostores[_id]; | |
_option.asset = _ostore.asset; | |
_option.amount = _ostore.amount; | |
_option.strike = _ostore.strike; | |
_option.expire = uint(_ostore.expire); | |
_option.optionType = uint(_ostore.call); | |
} | |
function store2opt(ostore memory _ostore) public pure returns(opt memory _option) { | |
_option.asset = _ostore.asset; | |
_option.amount = _ostore.amount; | |
_option.strike = _ostore.strike; | |
_option.expire = uint(_ostore.expire); | |
_option.optionType = uint(_ostore.call); | |
} | |
struct opt { | |
address asset; | |
uint amount; | |
uint strike; | |
uint expire; | |
uint optionType; | |
} | |
ostore[] public ostores; | |
function count() public view returns (uint) { | |
return ostores.length; | |
} | |
function option(uint _id) external view returns (address asset, uint amount, uint strike, uint expire, uint optionType) { | |
opt memory _o = options(_id); | |
return (_o.asset, _o.amount, _o.strike, _o.expire, _o.optionType); | |
} | |
function period(uint t) public pure returns (uint) { | |
return t * 1 days; | |
} | |
function feeDetail(address token, uint st, uint t, uint optionType) external view returns (uint _call, uint _put, uint _fee) { | |
(_call, _put) = quoteOptionPrice(token, t, price(token), st); | |
_fee = optionType == 0 ? _call : _put; | |
return (_call, _put, _fee); | |
} | |
function fee(address token, uint amount, uint st, uint t, uint optionType) public view returns (uint) { | |
(uint _call, uint _put) = quoteOptionPrice(token, t, price(token), st); | |
uint _fee = optionType == 0 ? _call : _put; | |
return utilization(token, optionType, _fee * amount / (uint(10)**IERC20(token).decimals())); | |
} | |
function callATM(address token, uint amount, uint t, uint maxFee) external { | |
createOption(token, amount, price(token), t, 0, maxFee); | |
} | |
function putATM(address token, uint amount, uint t, uint maxFee) external { | |
createOption(token, amount, price(token), t, 1, maxFee); | |
} | |
function createCall(address token, uint amount, uint st, uint t, uint maxFee) external { | |
createOption(token, amount, st, t, 0, maxFee); | |
} | |
function createPut(address token, uint amount, uint st, uint t, uint maxFee) external { | |
createOption(token, amount, st, t, 1, maxFee); | |
} | |
function utilization(address token, uint optionType, uint amount) public view returns (uint) { | |
if (token == TOKEN0) { | |
if (calls0 == 0 || puts0 == 0) | |
return amount; | |
if (optionType == 0) | |
return amount.mul(calls0).div(puts0); | |
else | |
return amount.mul(puts0).div(calls0); | |
} else { | |
if (calls1 == 0 || puts1 == 0) | |
return amount; | |
if (optionType == 0) | |
return amount.mul(calls1).div(puts1); | |
else | |
return amount.mul(puts1).div(calls1); | |
} | |
} | |
function createOption(address token, uint amount, uint st, uint t, uint optionType, uint maxFee) public { | |
address _t0 = TOKEN0; | |
optionType == 0 ? (_t0 == token ? calls0 = calls0.add(amount) : calls1 = calls1.add(amount)) : (_t0 == token ? puts0 = puts0.add(amount) : puts1 = puts1.add(amount)); | |
uint _fee = fee(token, amount, st, t, optionType); | |
require (_fee <= maxFee, "maxFee"); | |
IERC20(_t0 == token ? TOKEN1 : _t0).safeTransferFrom(msg.sender, address(this), _fee); | |
emit Created(ostores.length, msg.sender, token, amount, st, block.timestamp, block.timestamp.add(period(t))); | |
optionsnft.mint(msg.sender, ostores.length); | |
ostores.push(ostore(token, uint48(block.timestamp.add(period(t))), uint8(optionType), amount, st)); | |
} | |
function exerciseOptionProfitOnly(uint id) external { | |
require(optionsnft.isApprovedOrOwner(msg.sender, id)); | |
ostore storage _pos = ostores[id]; | |
opt memory _o = store2opt(_pos); | |
require(_o.expire > block.timestamp); | |
_pos.expire = uint48(block.timestamp); | |
uint _sp = price(_o.asset); | |
uint profit; | |
if (_o.optionType == 0) { | |
require(_o.strike <= _sp, "Current price is too low"); | |
profit = _sp.sub(_o.strike).mul(_o.amount); | |
} else if (_o.optionType == 1) { | |
require(_o.strike >= _sp, "Current price is too high"); | |
profit = _o.strike.sub(_sp).mul(_o.amount); | |
} | |
IERC20(TOKEN0 == _o.asset ? TOKEN1 : TOKEN0).transfer(msg.sender, profit); | |
emit Exercised(id, msg.sender, _o.asset, _o.amount, _o.strike, block.timestamp, _o.expire); | |
} | |
function excerciseOption(uint id) external { | |
require(optionsnft.isApprovedOrOwner(msg.sender, id)); | |
ostore storage _pos = ostores[id]; | |
opt memory _o = store2opt(_pos); | |
require(_o.expire > block.timestamp); | |
_pos.expire = uint48(block.timestamp); | |
uint _sp = price(_o.asset); | |
if (_o.optionType == 0) { // call asset | |
require(_o.strike <= _sp, "Current price is too low"); | |
IERC20(TOKEN0 == _o.asset ? TOKEN1 : TOKEN0).safeTransferFrom(msg.sender, address(this), _o.strike.mul(_o.amount).div(IERC20(_o.asset).decimals())); | |
IERC20(_o.asset).safeTransfer(msg.sender, _o.amount); | |
} else if (_o.optionType == 1) { // put asset | |
require(_o.strike >= _sp, "Current price is too high"); | |
IERC20(_o.asset).safeTransferFrom(msg.sender, address(this), _o.amount); | |
IERC20(TOKEN0 == _o.asset ? TOKEN1 : TOKEN0).safeTransfer(msg.sender, _o.strike.mul(_o.amount).div(IERC20(_o.asset).decimals())); | |
} | |
emit Exercised(id, msg.sender, _o.asset, _o.amount, _o.strike, block.timestamp, _o.expire); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment