Created
September 25, 2020 08:29
-
-
Save rahuldamodar94/47344086a915941d754fb617c66b9015 to your computer and use it in GitHub Desktop.
ERC20MintablePredicate.sol
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// File: @openzeppelin/contracts/token/ERC20/IERC20.sol | |
// SPDX-License-Identifier: MIT | |
pragma solidity ^0.6.0; | |
/** | |
* @dev Interface of the ERC20 standard as defined in the EIP. | |
*/ | |
interface IERC20 { | |
/** | |
* @dev Returns the amount of tokens in existence. | |
*/ | |
function totalSupply() external view returns (uint256); | |
/** | |
* @dev Returns the amount of tokens owned by `account`. | |
*/ | |
function balanceOf(address account) external view returns (uint256); | |
/** | |
* @dev Moves `amount` tokens from the caller's account to `recipient`. | |
* | |
* Returns a boolean value indicating whether the operation succeeded. | |
* | |
* Emits a {Transfer} event. | |
*/ | |
function transfer(address recipient, uint256 amount) external returns (bool); | |
/** | |
* @dev Returns the remaining number of tokens that `spender` will be | |
* allowed to spend on behalf of `owner` through {transferFrom}. This is | |
* zero by default. | |
* | |
* This value changes when {approve} or {transferFrom} are called. | |
*/ | |
function allowance(address owner, address spender) external view returns (uint256); | |
/** | |
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens. | |
* | |
* Returns a boolean value indicating whether the operation succeeded. | |
* | |
* IMPORTANT: Beware that changing an allowance with this method brings the risk | |
* that someone may use both the old and the new allowance by unfortunate | |
* transaction ordering. One possible solution to mitigate this race | |
* condition is to first reduce the spender's allowance to 0 and set the | |
* desired value afterwards: | |
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 | |
* | |
* Emits an {Approval} event. | |
*/ | |
function approve(address spender, uint256 amount) external returns (bool); | |
/** | |
* @dev Moves `amount` tokens from `sender` to `recipient` using the | |
* allowance mechanism. `amount` is then deducted from the caller's | |
* allowance. | |
* | |
* Returns a boolean value indicating whether the operation succeeded. | |
* | |
* Emits a {Transfer} event. | |
*/ | |
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool); | |
/** | |
* @dev Emitted when `value` tokens are moved from one account (`from`) to | |
* another (`to`). | |
* | |
* Note that `value` may be zero. | |
*/ | |
event Transfer(address indexed from, address indexed to, uint256 value); | |
/** | |
* @dev Emitted when the allowance of a `spender` for an `owner` is set by | |
* a call to {approve}. `value` is the new allowance. | |
*/ | |
event Approval(address indexed owner, address indexed spender, uint256 value); | |
} | |
pragma solidity ^0.6.0; | |
interface IMintableERC20 is IERC20{ | |
/** | |
* @notice called by predicate contract to mint tokens while withdrawing | |
* @dev Should be callable only by MintableERC20Predicate | |
* Make sure minting is done only by this function | |
* @param user user address for whom token is being minted | |
* @param amount amount being minted | |
*/ | |
function mint(address user, uint256 amount) external; | |
} | |
// File: @openzeppelin/contracts/math/SafeMath.sol | |
// SPDX-License-Identifier: MIT | |
pragma solidity ^0.6.0; | |
/** | |
* @dev Wrappers over Solidity's arithmetic operations with added overflow | |
* checks. | |
* | |
* Arithmetic operations in Solidity wrap on overflow. This can easily result | |
* in bugs, because programmers usually assume that an overflow raises an | |
* error, which is the standard behavior in high level programming languages. | |
* `SafeMath` restores this intuition by reverting the transaction when an | |
* operation overflows. | |
* | |
* Using this library instead of the unchecked operations eliminates an entire | |
* class of bugs, so it's recommended to use it always. | |
*/ | |
library SafeMath { | |
/** | |
* @dev Returns the addition of two unsigned integers, reverting on | |
* overflow. | |
* | |
* Counterpart to Solidity's `+` operator. | |
* | |
* Requirements: | |
* | |
* - Addition cannot overflow. | |
*/ | |
function add(uint256 a, uint256 b) internal pure returns (uint256) { | |
uint256 c = a + b; | |
require(c >= a, "SafeMath: addition overflow"); | |
return c; | |
} | |
/** | |
* @dev Returns the subtraction of two unsigned integers, reverting on | |
* overflow (when the result is negative). | |
* | |
* Counterpart to Solidity's `-` operator. | |
* | |
* Requirements: | |
* | |
* - Subtraction cannot overflow. | |
*/ | |
function sub(uint256 a, uint256 b) internal pure returns (uint256) { | |
return sub(a, b, "SafeMath: subtraction overflow"); | |
} | |
/** | |
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on | |
* overflow (when the result is negative). | |
* | |
* Counterpart to Solidity's `-` operator. | |
* | |
* Requirements: | |
* | |
* - Subtraction cannot overflow. | |
*/ | |
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) { | |
require(b <= a, errorMessage); | |
uint256 c = a - b; | |
return c; | |
} | |
/** | |
* @dev Returns the multiplication of two unsigned integers, reverting on | |
* overflow. | |
* | |
* Counterpart to Solidity's `*` operator. | |
* | |
* Requirements: | |
* | |
* - Multiplication cannot overflow. | |
*/ | |
function mul(uint256 a, uint256 b) internal pure returns (uint256) { | |
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the | |
// benefit is lost if 'b' is also tested. | |
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522 | |
if (a == 0) { | |
return 0; | |
} | |
uint256 c = a * b; | |
require(c / a == b, "SafeMath: multiplication overflow"); | |
return c; | |
} | |
/** | |
* @dev Returns the integer division of two unsigned integers. Reverts on | |
* division by zero. The result is rounded towards zero. | |
* | |
* Counterpart to Solidity's `/` operator. Note: this function uses a | |
* `revert` opcode (which leaves remaining gas untouched) while Solidity | |
* uses an invalid opcode to revert (consuming all remaining gas). | |
* | |
* Requirements: | |
* | |
* - The divisor cannot be zero. | |
*/ | |
function div(uint256 a, uint256 b) internal pure returns (uint256) { | |
return div(a, b, "SafeMath: division by zero"); | |
} | |
/** | |
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on | |
* division by zero. The result is rounded towards zero. | |
* | |
* Counterpart to Solidity's `/` operator. Note: this function uses a | |
* `revert` opcode (which leaves remaining gas untouched) while Solidity | |
* uses an invalid opcode to revert (consuming all remaining gas). | |
* | |
* Requirements: | |
* | |
* - The divisor cannot be zero. | |
*/ | |
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) { | |
require(b > 0, errorMessage); | |
uint256 c = a / b; | |
// assert(a == b * c + a % b); // There is no case in which this doesn't hold | |
return c; | |
} | |
/** | |
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo), | |
* Reverts when dividing by zero. | |
* | |
* Counterpart to Solidity's `%` operator. This function uses a `revert` | |
* opcode (which leaves remaining gas untouched) while Solidity uses an | |
* invalid opcode to revert (consuming all remaining gas). | |
* | |
* Requirements: | |
* | |
* - The divisor cannot be zero. | |
*/ | |
function mod(uint256 a, uint256 b) internal pure returns (uint256) { | |
return mod(a, b, "SafeMath: modulo by zero"); | |
} | |
/** | |
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo), | |
* Reverts with custom message when dividing by zero. | |
* | |
* Counterpart to Solidity's `%` operator. This function uses a `revert` | |
* opcode (which leaves remaining gas untouched) while Solidity uses an | |
* invalid opcode to revert (consuming all remaining gas). | |
* | |
* Requirements: | |
* | |
* - The divisor cannot be zero. | |
*/ | |
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) { | |
require(b != 0, errorMessage); | |
return a % b; | |
} | |
} | |
// File: @openzeppelin/contracts/utils/Address.sol | |
// SPDX-License-Identifier: MIT | |
pragma solidity ^0.6.2; | |
/** | |
* @dev Collection of functions related to the address type | |
*/ | |
library Address { | |
/** | |
* @dev Returns true if `account` is a contract. | |
* | |
* [IMPORTANT] | |
* ==== | |
* It is unsafe to assume that an address for which this function returns | |
* false is an externally-owned account (EOA) and not a contract. | |
* | |
* Among others, `isContract` will return false for the following | |
* types of addresses: | |
* | |
* - an externally-owned account | |
* - a contract in construction | |
* - an address where a contract will be created | |
* - an address where a contract lived, but was destroyed | |
* ==== | |
*/ | |
function isContract(address account) internal view returns (bool) { | |
// According to EIP-1052, 0x0 is the value returned for not-yet created accounts | |
// and 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 is returned | |
// for accounts without code, i.e. `keccak256('')` | |
bytes32 codehash; | |
bytes32 accountHash = 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470; | |
// solhint-disable-next-line no-inline-assembly | |
assembly { codehash := extcodehash(account) } | |
return (codehash != accountHash && codehash != 0x0); | |
} | |
/** | |
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to | |
* `recipient`, forwarding all available gas and reverting on errors. | |
* | |
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost | |
* of certain opcodes, possibly making contracts go over the 2300 gas limit | |
* imposed by `transfer`, making them unable to receive funds via | |
* `transfer`. {sendValue} removes this limitation. | |
* | |
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more]. | |
* | |
* IMPORTANT: because control is transferred to `recipient`, care must be | |
* taken to not create reentrancy vulnerabilities. Consider using | |
* {ReentrancyGuard} or the | |
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern]. | |
*/ | |
function sendValue(address payable recipient, uint256 amount) internal { | |
require(address(this).balance >= amount, "Address: insufficient balance"); | |
// solhint-disable-next-line avoid-low-level-calls, avoid-call-value | |
(bool success, ) = recipient.call{ value: amount }(""); | |
require(success, "Address: unable to send value, recipient may have reverted"); | |
} | |
/** | |
* @dev Performs a Solidity function call using a low level `call`. A | |
* plain`call` is an unsafe replacement for a function call: use this | |
* function instead. | |
* | |
* If `target` reverts with a revert reason, it is bubbled up by this | |
* function (like regular Solidity function calls). | |
* | |
* Returns the raw returned data. To convert to the expected return value, | |
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`]. | |
* | |
* Requirements: | |
* | |
* - `target` must be a contract. | |
* - calling `target` with `data` must not revert. | |
* | |
* _Available since v3.1._ | |
*/ | |
function functionCall(address target, bytes memory data) internal returns (bytes memory) { | |
return functionCall(target, data, "Address: low-level call failed"); | |
} | |
/** | |
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with | |
* `errorMessage` as a fallback revert reason when `target` reverts. | |
* | |
* _Available since v3.1._ | |
*/ | |
function functionCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) { | |
return _functionCallWithValue(target, data, 0, errorMessage); | |
} | |
/** | |
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], | |
* but also transferring `value` wei to `target`. | |
* | |
* Requirements: | |
* | |
* - the calling contract must have an ETH balance of at least `value`. | |
* - the called Solidity function must be `payable`. | |
* | |
* _Available since v3.1._ | |
*/ | |
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) { | |
return functionCallWithValue(target, data, value, "Address: low-level call with value failed"); | |
} | |
/** | |
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but | |
* with `errorMessage` as a fallback revert reason when `target` reverts. | |
* | |
* _Available since v3.1._ | |
*/ | |
function functionCallWithValue(address target, bytes memory data, uint256 value, string memory errorMessage) internal returns (bytes memory) { | |
require(address(this).balance >= value, "Address: insufficient balance for call"); | |
return _functionCallWithValue(target, data, value, errorMessage); | |
} | |
function _functionCallWithValue(address target, bytes memory data, uint256 weiValue, string memory errorMessage) private returns (bytes memory) { | |
require(isContract(target), "Address: call to non-contract"); | |
// solhint-disable-next-line avoid-low-level-calls | |
(bool success, bytes memory returndata) = target.call{ value: weiValue }(data); | |
if (success) { | |
return returndata; | |
} else { | |
// Look for revert reason and bubble it up if present | |
if (returndata.length > 0) { | |
// The easiest way to bubble the revert reason is using memory via assembly | |
// solhint-disable-next-line no-inline-assembly | |
assembly { | |
let returndata_size := mload(returndata) | |
revert(add(32, returndata), returndata_size) | |
} | |
} else { | |
revert(errorMessage); | |
} | |
} | |
} | |
} | |
// File: @openzeppelin/contracts/token/ERC20/SafeERC20.sol | |
// SPDX-License-Identifier: MIT | |
pragma solidity ^0.6.0; | |
/** | |
* @title SafeERC20 | |
* @dev Wrappers around ERC20 operations that throw on failure (when the token | |
* contract returns false). Tokens that return no value (and instead revert or | |
* throw on failure) are also supported, non-reverting calls are assumed to be | |
* successful. | |
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract, | |
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc. | |
*/ | |
library SafeERC20 { | |
using SafeMath for uint256; | |
using Address for address; | |
function safeTransfer(IERC20 token, address to, uint256 value) internal { | |
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value)); | |
} | |
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal { | |
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value)); | |
} | |
/** | |
* @dev Deprecated. This function has issues similar to the ones found in | |
* {IERC20-approve}, and its usage is discouraged. | |
* | |
* Whenever possible, use {safeIncreaseAllowance} and | |
* {safeDecreaseAllowance} instead. | |
*/ | |
function safeApprove(IERC20 token, address spender, uint256 value) internal { | |
// safeApprove should only be called when setting an initial allowance, | |
// or when resetting it to zero. To increase and decrease it, use | |
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance' | |
// solhint-disable-next-line max-line-length | |
require((value == 0) || (token.allowance(address(this), spender) == 0), | |
"SafeERC20: approve from non-zero to non-zero allowance" | |
); | |
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value)); | |
} | |
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal { | |
uint256 newAllowance = token.allowance(address(this), spender).add(value); | |
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance)); | |
} | |
function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal { | |
uint256 newAllowance = token.allowance(address(this), spender).sub(value, "SafeERC20: decreased allowance below zero"); | |
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance)); | |
} | |
/** | |
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement | |
* on the return value: the return value is optional (but if data is returned, it must not be false). | |
* @param token The token targeted by the call. | |
* @param data The call data (encoded using abi.encode or one of its variants). | |
*/ | |
function _callOptionalReturn(IERC20 token, bytes memory data) private { | |
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since | |
// we're implementing it ourselves. We use {Address.functionCall} to perform this call, which verifies that | |
// the target address contains contract code and also asserts for success in the low-level call. | |
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed"); | |
if (returndata.length > 0) { // Return data is optional | |
// solhint-disable-next-line max-line-length | |
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed"); | |
} | |
} | |
} | |
// File: @openzeppelin/contracts/utils/EnumerableSet.sol | |
// SPDX-License-Identifier: MIT | |
pragma solidity ^0.6.0; | |
/** | |
* @dev Library for managing | |
* https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive | |
* types. | |
* | |
* Sets have the following properties: | |
* | |
* - Elements are added, removed, and checked for existence in constant time | |
* (O(1)). | |
* - Elements are enumerated in O(n). No guarantees are made on the ordering. | |
* | |
* ``` | |
* contract Example { | |
* // Add the library methods | |
* using EnumerableSet for EnumerableSet.AddressSet; | |
* | |
* // Declare a set state variable | |
* EnumerableSet.AddressSet private mySet; | |
* } | |
* ``` | |
* | |
* As of v3.0.0, only sets of type `address` (`AddressSet`) and `uint256` | |
* (`UintSet`) are supported. | |
*/ | |
library EnumerableSet { | |
// To implement this library for multiple types with as little code | |
// repetition as possible, we write it in terms of a generic Set type with | |
// bytes32 values. | |
// The Set implementation uses private functions, and user-facing | |
// implementations (such as AddressSet) are just wrappers around the | |
// underlying Set. | |
// This means that we can only create new EnumerableSets for types that fit | |
// in bytes32. | |
struct Set { | |
// Storage of set values | |
bytes32[] _values; | |
// Position of the value in the `values` array, plus 1 because index 0 | |
// means a value is not in the set. | |
mapping (bytes32 => uint256) _indexes; | |
} | |
/** | |
* @dev Add a value to a set. O(1). | |
* | |
* Returns true if the value was added to the set, that is if it was not | |
* already present. | |
*/ | |
function _add(Set storage set, bytes32 value) private returns (bool) { | |
if (!_contains(set, value)) { | |
set._values.push(value); | |
// The value is stored at length-1, but we add 1 to all indexes | |
// and use 0 as a sentinel value | |
set._indexes[value] = set._values.length; | |
return true; | |
} else { | |
return false; | |
} | |
} | |
/** | |
* @dev Removes a value from a set. O(1). | |
* | |
* Returns true if the value was removed from the set, that is if it was | |
* present. | |
*/ | |
function _remove(Set storage set, bytes32 value) private returns (bool) { | |
// We read and store the value's index to prevent multiple reads from the same storage slot | |
uint256 valueIndex = set._indexes[value]; | |
if (valueIndex != 0) { // Equivalent to contains(set, value) | |
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in | |
// the array, and then remove the last element (sometimes called as 'swap and pop'). | |
// This modifies the order of the array, as noted in {at}. | |
uint256 toDeleteIndex = valueIndex - 1; | |
uint256 lastIndex = set._values.length - 1; | |
// When the value to delete is the last one, the swap operation is unnecessary. However, since this occurs | |
// so rarely, we still do the swap anyway to avoid the gas cost of adding an 'if' statement. | |
bytes32 lastvalue = set._values[lastIndex]; | |
// Move the last value to the index where the value to delete is | |
set._values[toDeleteIndex] = lastvalue; | |
// Update the index for the moved value | |
set._indexes[lastvalue] = toDeleteIndex + 1; // All indexes are 1-based | |
// Delete the slot where the moved value was stored | |
set._values.pop(); | |
// Delete the index for the deleted slot | |
delete set._indexes[value]; | |
return true; | |
} else { | |
return false; | |
} | |
} | |
/** | |
* @dev Returns true if the value is in the set. O(1). | |
*/ | |
function _contains(Set storage set, bytes32 value) private view returns (bool) { | |
return set._indexes[value] != 0; | |
} | |
/** | |
* @dev Returns the number of values on the set. O(1). | |
*/ | |
function _length(Set storage set) private view returns (uint256) { | |
return set._values.length; | |
} | |
/** | |
* @dev Returns the value stored at position `index` in the set. O(1). | |
* | |
* Note that there are no guarantees on the ordering of values inside the | |
* array, and it may change when more values are added or removed. | |
* | |
* Requirements: | |
* | |
* - `index` must be strictly less than {length}. | |
*/ | |
function _at(Set storage set, uint256 index) private view returns (bytes32) { | |
require(set._values.length > index, "EnumerableSet: index out of bounds"); | |
return set._values[index]; | |
} | |
// AddressSet | |
struct AddressSet { | |
Set _inner; | |
} | |
/** | |
* @dev Add a value to a set. O(1). | |
* | |
* Returns true if the value was added to the set, that is if it was not | |
* already present. | |
*/ | |
function add(AddressSet storage set, address value) internal returns (bool) { | |
return _add(set._inner, bytes32(uint256(value))); | |
} | |
/** | |
* @dev Removes a value from a set. O(1). | |
* | |
* Returns true if the value was removed from the set, that is if it was | |
* present. | |
*/ | |
function remove(AddressSet storage set, address value) internal returns (bool) { | |
return _remove(set._inner, bytes32(uint256(value))); | |
} | |
/** | |
* @dev Returns true if the value is in the set. O(1). | |
*/ | |
function contains(AddressSet storage set, address value) internal view returns (bool) { | |
return _contains(set._inner, bytes32(uint256(value))); | |
} | |
/** | |
* @dev Returns the number of values in the set. O(1). | |
*/ | |
function length(AddressSet storage set) internal view returns (uint256) { | |
return _length(set._inner); | |
} | |
/** | |
* @dev Returns the value stored at position `index` in the set. O(1). | |
* | |
* Note that there are no guarantees on the ordering of values inside the | |
* array, and it may change when more values are added or removed. | |
* | |
* Requirements: | |
* | |
* - `index` must be strictly less than {length}. | |
*/ | |
function at(AddressSet storage set, uint256 index) internal view returns (address) { | |
return address(uint256(_at(set._inner, index))); | |
} | |
// UintSet | |
struct UintSet { | |
Set _inner; | |
} | |
/** | |
* @dev Add a value to a set. O(1). | |
* | |
* Returns true if the value was added to the set, that is if it was not | |
* already present. | |
*/ | |
function add(UintSet storage set, uint256 value) internal returns (bool) { | |
return _add(set._inner, bytes32(value)); | |
} | |
/** | |
* @dev Removes a value from a set. O(1). | |
* | |
* Returns true if the value was removed from the set, that is if it was | |
* present. | |
*/ | |
function remove(UintSet storage set, uint256 value) internal returns (bool) { | |
return _remove(set._inner, bytes32(value)); | |
} | |
/** | |
* @dev Returns true if the value is in the set. O(1). | |
*/ | |
function contains(UintSet storage set, uint256 value) internal view returns (bool) { | |
return _contains(set._inner, bytes32(value)); | |
} | |
/** | |
* @dev Returns the number of values on the set. O(1). | |
*/ | |
function length(UintSet storage set) internal view returns (uint256) { | |
return _length(set._inner); | |
} | |
/** | |
* @dev Returns the value stored at position `index` in the set. O(1). | |
* | |
* Note that there are no guarantees on the ordering of values inside the | |
* array, and it may change when more values are added or removed. | |
* | |
* Requirements: | |
* | |
* - `index` must be strictly less than {length}. | |
*/ | |
function at(UintSet storage set, uint256 index) internal view returns (uint256) { | |
return uint256(_at(set._inner, index)); | |
} | |
} | |
// File: @openzeppelin/contracts/GSN/Context.sol | |
// SPDX-License-Identifier: MIT | |
pragma solidity ^0.6.0; | |
/* | |
* @dev Provides information about the current execution context, including the | |
* sender of the transaction and its data. While these are generally available | |
* via msg.sender and msg.data, they should not be accessed in such a direct | |
* manner, since when dealing with GSN meta-transactions the account sending and | |
* paying for execution may not be the actual sender (as far as an application | |
* is concerned). | |
* | |
* This contract is only required for intermediate, library-like contracts. | |
*/ | |
abstract contract Context { | |
function _msgSender() internal view virtual returns (address payable) { | |
return msg.sender; | |
} | |
function _msgData() internal view virtual returns (bytes memory) { | |
this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691 | |
return msg.data; | |
} | |
} | |
// File: @openzeppelin/contracts/access/AccessControl.sol | |
// SPDX-License-Identifier: MIT | |
pragma solidity ^0.6.0; | |
/** | |
* @dev Contract module that allows children to implement role-based access | |
* control mechanisms. | |
* | |
* Roles are referred to by their `bytes32` identifier. These should be exposed | |
* in the external API and be unique. The best way to achieve this is by | |
* using `public constant` hash digests: | |
* | |
* ``` | |
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE"); | |
* ``` | |
* | |
* Roles can be used to represent a set of permissions. To restrict access to a | |
* function call, use {hasRole}: | |
* | |
* ``` | |
* function foo() public { | |
* require(hasRole(MY_ROLE, msg.sender)); | |
* ... | |
* } | |
* ``` | |
* | |
* Roles can be granted and revoked dynamically via the {grantRole} and | |
* {revokeRole} functions. Each role has an associated admin role, and only | |
* accounts that have a role's admin role can call {grantRole} and {revokeRole}. | |
* | |
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means | |
* that only accounts with this role will be able to grant or revoke other | |
* roles. More complex role relationships can be created by using | |
* {_setRoleAdmin}. | |
* | |
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to | |
* grant and revoke this role. Extra precautions should be taken to secure | |
* accounts that have been granted it. | |
*/ | |
abstract contract AccessControl is Context { | |
using EnumerableSet for EnumerableSet.AddressSet; | |
using Address for address; | |
struct RoleData { | |
EnumerableSet.AddressSet members; | |
bytes32 adminRole; | |
} | |
mapping (bytes32 => RoleData) private _roles; | |
bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00; | |
/** | |
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole` | |
* | |
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite | |
* {RoleAdminChanged} not being emitted signaling this. | |
* | |
* _Available since v3.1._ | |
*/ | |
event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole); | |
/** | |
* @dev Emitted when `account` is granted `role`. | |
* | |
* `sender` is the account that originated the contract call, an admin role | |
* bearer except when using {_setupRole}. | |
*/ | |
event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender); | |
/** | |
* @dev Emitted when `account` is revoked `role`. | |
* | |
* `sender` is the account that originated the contract call: | |
* - if using `revokeRole`, it is the admin role bearer | |
* - if using `renounceRole`, it is the role bearer (i.e. `account`) | |
*/ | |
event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender); | |
/** | |
* @dev Returns `true` if `account` has been granted `role`. | |
*/ | |
function hasRole(bytes32 role, address account) public view returns (bool) { | |
return _roles[role].members.contains(account); | |
} | |
/** | |
* @dev Returns the number of accounts that have `role`. Can be used | |
* together with {getRoleMember} to enumerate all bearers of a role. | |
*/ | |
function getRoleMemberCount(bytes32 role) public view returns (uint256) { | |
return _roles[role].members.length(); | |
} | |
/** | |
* @dev Returns one of the accounts that have `role`. `index` must be a | |
* value between 0 and {getRoleMemberCount}, non-inclusive. | |
* | |
* Role bearers are not sorted in any particular way, and their ordering may | |
* change at any point. | |
* | |
* WARNING: When using {getRoleMember} and {getRoleMemberCount}, make sure | |
* you perform all queries on the same block. See the following | |
* https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post] | |
* for more information. | |
*/ | |
function getRoleMember(bytes32 role, uint256 index) public view returns (address) { | |
return _roles[role].members.at(index); | |
} | |
/** | |
* @dev Returns the admin role that controls `role`. See {grantRole} and | |
* {revokeRole}. | |
* | |
* To change a role's admin, use {_setRoleAdmin}. | |
*/ | |
function getRoleAdmin(bytes32 role) public view returns (bytes32) { | |
return _roles[role].adminRole; | |
} | |
/** | |
* @dev Grants `role` to `account`. | |
* | |
* If `account` had not been already granted `role`, emits a {RoleGranted} | |
* event. | |
* | |
* Requirements: | |
* | |
* - the caller must have ``role``'s admin role. | |
*/ | |
function grantRole(bytes32 role, address account) public virtual { | |
require(hasRole(_roles[role].adminRole, _msgSender()), "AccessControl: sender must be an admin to grant"); | |
_grantRole(role, account); | |
} | |
/** | |
* @dev Revokes `role` from `account`. | |
* | |
* If `account` had been granted `role`, emits a {RoleRevoked} event. | |
* | |
* Requirements: | |
* | |
* - the caller must have ``role``'s admin role. | |
*/ | |
function revokeRole(bytes32 role, address account) public virtual { | |
require(hasRole(_roles[role].adminRole, _msgSender()), "AccessControl: sender must be an admin to revoke"); | |
_revokeRole(role, account); | |
} | |
/** | |
* @dev Revokes `role` from the calling account. | |
* | |
* Roles are often managed via {grantRole} and {revokeRole}: this function's | |
* purpose is to provide a mechanism for accounts to lose their privileges | |
* if they are compromised (such as when a trusted device is misplaced). | |
* | |
* If the calling account had been granted `role`, emits a {RoleRevoked} | |
* event. | |
* | |
* Requirements: | |
* | |
* - the caller must be `account`. | |
*/ | |
function renounceRole(bytes32 role, address account) public virtual { | |
require(account == _msgSender(), "AccessControl: can only renounce roles for self"); | |
_revokeRole(role, account); | |
} | |
/** | |
* @dev Grants `role` to `account`. | |
* | |
* If `account` had not been already granted `role`, emits a {RoleGranted} | |
* event. Note that unlike {grantRole}, this function doesn't perform any | |
* checks on the calling account. | |
* | |
* [WARNING] | |
* ==== | |
* This function should only be called from the constructor when setting | |
* up the initial roles for the system. | |
* | |
* Using this function in any other way is effectively circumventing the admin | |
* system imposed by {AccessControl}. | |
* ==== | |
*/ | |
function _setupRole(bytes32 role, address account) internal virtual { | |
_grantRole(role, account); | |
} | |
/** | |
* @dev Sets `adminRole` as ``role``'s admin role. | |
* | |
* Emits a {RoleAdminChanged} event. | |
*/ | |
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual { | |
emit RoleAdminChanged(role, _roles[role].adminRole, adminRole); | |
_roles[role].adminRole = adminRole; | |
} | |
function _grantRole(bytes32 role, address account) private { | |
if (_roles[role].members.add(account)) { | |
emit RoleGranted(role, account, _msgSender()); | |
} | |
} | |
function _revokeRole(bytes32 role, address account) private { | |
if (_roles[role].members.remove(account)) { | |
emit RoleRevoked(role, account, _msgSender()); | |
} | |
} | |
} | |
// File: contracts/common/AccessControlMixin.sol | |
pragma solidity 0.6.6; | |
contract AccessControlMixin is AccessControl { | |
string private _revertMsg; | |
function _setupContractId(string memory contractId) internal { | |
_revertMsg = string(abi.encodePacked(contractId, ": INSUFFICIENT_PERMISSIONS")); | |
} | |
modifier only(bytes32 role) { | |
require( | |
hasRole(role, _msgSender()), | |
_revertMsg | |
); | |
_; | |
} | |
} | |
// File: contracts/lib/RLPReader.sol | |
/* | |
* @author Hamdi Allam hamdi.allam97@gmail.com | |
* Please reach out with any questions or concerns | |
* https://github.com/hamdiallam/Solidity-RLP/blob/e681e25a376dbd5426b509380bc03446f05d0f97/contracts/RLPReader.sol | |
*/ | |
pragma solidity 0.6.6; | |
library RLPReader { | |
uint8 constant STRING_SHORT_START = 0x80; | |
uint8 constant STRING_LONG_START = 0xb8; | |
uint8 constant LIST_SHORT_START = 0xc0; | |
uint8 constant LIST_LONG_START = 0xf8; | |
uint8 constant WORD_SIZE = 32; | |
struct RLPItem { | |
uint256 len; | |
uint256 memPtr; | |
} | |
/* | |
* @param item RLP encoded bytes | |
*/ | |
function toRlpItem(bytes memory item) | |
internal | |
pure | |
returns (RLPItem memory) | |
{ | |
require(item.length > 0, "RLPReader: INVALID_BYTES_LENGTH"); | |
uint256 memPtr; | |
assembly { | |
memPtr := add(item, 0x20) | |
} | |
return RLPItem(item.length, memPtr); | |
} | |
/* | |
* @param item RLP encoded list in bytes | |
*/ | |
function toList(RLPItem memory item) | |
internal | |
pure | |
returns (RLPItem[] memory) | |
{ | |
require(isList(item), "RLPReader: ITEM_NOT_LIST"); | |
uint256 items = numItems(item); | |
RLPItem[] memory result = new RLPItem[](items); | |
uint256 listLength = _itemLength(item.memPtr); | |
require(listLength == item.len, "RLPReader: LIST_DECODED_LENGTH_MISMATCH"); | |
uint256 memPtr = item.memPtr + _payloadOffset(item.memPtr); | |
uint256 dataLen; | |
for (uint256 i = 0; i < items; i++) { | |
dataLen = _itemLength(memPtr); | |
result[i] = RLPItem(dataLen, memPtr); | |
memPtr = memPtr + dataLen; | |
} | |
return result; | |
} | |
// @return indicator whether encoded payload is a list. negate this function call for isData. | |
function isList(RLPItem memory item) internal pure returns (bool) { | |
uint8 byte0; | |
uint256 memPtr = item.memPtr; | |
assembly { | |
byte0 := byte(0, mload(memPtr)) | |
} | |
if (byte0 < LIST_SHORT_START) return false; | |
return true; | |
} | |
/** RLPItem conversions into data types **/ | |
// @returns raw rlp encoding in bytes | |
function toRlpBytes(RLPItem memory item) | |
internal | |
pure | |
returns (bytes memory) | |
{ | |
bytes memory result = new bytes(item.len); | |
uint256 ptr; | |
assembly { | |
ptr := add(0x20, result) | |
} | |
copy(item.memPtr, ptr, item.len); | |
return result; | |
} | |
function toAddress(RLPItem memory item) internal pure returns (address) { | |
require(!isList(item), "RLPReader: DECODING_LIST_AS_ADDRESS"); | |
// 1 byte for the length prefix | |
require(item.len == 21, "RLPReader: INVALID_ADDRESS_LENGTH"); | |
return address(toUint(item)); | |
} | |
function toUint(RLPItem memory item) internal pure returns (uint256) { | |
require(!isList(item), "RLPReader: DECODING_LIST_AS_UINT"); | |
require(item.len <= 33, "RLPReader: INVALID_UINT_LENGTH"); | |
uint256 itemLength = _itemLength(item.memPtr); | |
require(itemLength == item.len, "RLPReader: UINT_DECODED_LENGTH_MISMATCH"); | |
uint256 offset = _payloadOffset(item.memPtr); | |
uint256 len = item.len - offset; | |
uint256 result; | |
uint256 memPtr = item.memPtr + offset; | |
assembly { | |
result := mload(memPtr) | |
// shfit to the correct location if neccesary | |
if lt(len, 32) { | |
result := div(result, exp(256, sub(32, len))) | |
} | |
} | |
return result; | |
} | |
// enforces 32 byte length | |
function toUintStrict(RLPItem memory item) internal pure returns (uint256) { | |
uint256 itemLength = _itemLength(item.memPtr); | |
require(itemLength == item.len, "RLPReader: UINT_STRICT_DECODED_LENGTH_MISMATCH"); | |
// one byte prefix | |
require(item.len == 33, "RLPReader: INVALID_UINT_STRICT_LENGTH"); | |
uint256 result; | |
uint256 memPtr = item.memPtr + 1; | |
assembly { | |
result := mload(memPtr) | |
} | |
return result; | |
} | |
function toBytes(RLPItem memory item) internal pure returns (bytes memory) { | |
uint256 listLength = _itemLength(item.memPtr); | |
require(listLength == item.len, "RLPReader: BYTES_DECODED_LENGTH_MISMATCH"); | |
uint256 offset = _payloadOffset(item.memPtr); | |
uint256 len = item.len - offset; // data length | |
bytes memory result = new bytes(len); | |
uint256 destPtr; | |
assembly { | |
destPtr := add(0x20, result) | |
} | |
copy(item.memPtr + offset, destPtr, len); | |
return result; | |
} | |
/* | |
* Private Helpers | |
*/ | |
// @return number of payload items inside an encoded list. | |
function numItems(RLPItem memory item) private pure returns (uint256) { | |
// add `isList` check if `item` is expected to be passsed without a check from calling function | |
// require(isList(item), "RLPReader: NUM_ITEMS_NOT_LIST"); | |
uint256 count = 0; | |
uint256 currPtr = item.memPtr + _payloadOffset(item.memPtr); | |
uint256 endPtr = item.memPtr + item.len; | |
while (currPtr < endPtr) { | |
currPtr = currPtr + _itemLength(currPtr); // skip over an item | |
require(currPtr <= endPtr, "RLPReader: NUM_ITEMS_DECODED_LENGTH_MISMATCH"); | |
count++; | |
} | |
return count; | |
} | |
// @return entire rlp item byte length | |
function _itemLength(uint256 memPtr) private pure returns (uint256) { | |
uint256 itemLen; | |
uint256 byte0; | |
assembly { | |
byte0 := byte(0, mload(memPtr)) | |
} | |
if (byte0 < STRING_SHORT_START) itemLen = 1; | |
else if (byte0 < STRING_LONG_START) | |
itemLen = byte0 - STRING_SHORT_START + 1; | |
else if (byte0 < LIST_SHORT_START) { | |
assembly { | |
let byteLen := sub(byte0, 0xb7) // # of bytes the actual length is | |
memPtr := add(memPtr, 1) // skip over the first byte | |
/* 32 byte word size */ | |
let dataLen := div(mload(memPtr), exp(256, sub(32, byteLen))) // right shifting to get the len | |
itemLen := add(dataLen, add(byteLen, 1)) | |
} | |
} else if (byte0 < LIST_LONG_START) { | |
itemLen = byte0 - LIST_SHORT_START + 1; | |
} else { | |
assembly { | |
let byteLen := sub(byte0, 0xf7) | |
memPtr := add(memPtr, 1) | |
let dataLen := div(mload(memPtr), exp(256, sub(32, byteLen))) // right shifting to the correct length | |
itemLen := add(dataLen, add(byteLen, 1)) | |
} | |
} | |
return itemLen; | |
} | |
// @return number of bytes until the data | |
function _payloadOffset(uint256 memPtr) private pure returns (uint256) { | |
uint256 byte0; | |
assembly { | |
byte0 := byte(0, mload(memPtr)) | |
} | |
if (byte0 < STRING_SHORT_START) return 0; | |
else if ( | |
byte0 < STRING_LONG_START || | |
(byte0 >= LIST_SHORT_START && byte0 < LIST_LONG_START) | |
) return 1; | |
else if (byte0 < LIST_SHORT_START) | |
// being explicit | |
return byte0 - (STRING_LONG_START - 1) + 1; | |
else return byte0 - (LIST_LONG_START - 1) + 1; | |
} | |
/* | |
* @param src Pointer to source | |
* @param dest Pointer to destination | |
* @param len Amount of memory to copy from the source | |
*/ | |
function copy( | |
uint256 src, | |
uint256 dest, | |
uint256 len | |
) private pure { | |
if (len == 0) return; | |
// copy as many word sizes as possible | |
for (; len >= WORD_SIZE; len -= WORD_SIZE) { | |
assembly { | |
mstore(dest, mload(src)) | |
} | |
src += WORD_SIZE; | |
dest += WORD_SIZE; | |
} | |
// left over bytes. Mask is used to remove unwanted bytes from the word | |
uint256 mask = 256**(WORD_SIZE - len) - 1; | |
assembly { | |
let srcpart := and(mload(src), not(mask)) // zero out src | |
let destpart := and(mload(dest), mask) // retrieve the bytes | |
mstore(dest, or(destpart, srcpart)) | |
} | |
} | |
} | |
// File: contracts/root/TokenPredicates/ITokenPredicate.sol | |
pragma solidity 0.6.6; | |
/// @title Token predicate interface for all pos portal predicates | |
/// @notice Abstract interface that defines methods for custom predicates | |
interface ITokenPredicate { | |
/** | |
* @notice Deposit tokens into pos portal | |
* @dev When `depositor` deposits tokens into pos portal, tokens get locked into predicate contract. | |
* @param depositor Address who wants to deposit tokens | |
* @param depositReceiver Address (address) who wants to receive tokens on side chain | |
* @param rootToken Token which gets deposited | |
* @param depositData Extra data for deposit (amount for ERC20, token id for ERC721 etc.) [ABI encoded] | |
*/ | |
function lockTokens( | |
address depositor, | |
address depositReceiver, | |
address rootToken, | |
bytes calldata depositData | |
) external; | |
/** | |
* @notice Validates and processes exit while withdraw process | |
* @dev Validates exit log emitted on sidechain. Reverts if validation fails. | |
* @dev Processes withdraw based on custom logic. Example: transfer ERC20/ERC721, mint ERC721 if mintable withdraw | |
* @param withdrawer Address who wants to withdraw tokens | |
* @param rootToken Token which gets withdrawn | |
* @param logRLPList Valid sidechain log for data like amount, token id etc. | |
*/ | |
function exitTokens( | |
address withdrawer, | |
address rootToken, | |
bytes calldata logRLPList | |
) external; | |
} | |
// File: contracts/common/Initializable.sol | |
pragma solidity 0.6.6; | |
contract Initializable { | |
bool inited = false; | |
modifier initializer() { | |
require(!inited, "already inited"); | |
_; | |
inited = true; | |
} | |
} | |
// File: contracts/root/TokenPredicates/ERC20Predicate.sol | |
pragma solidity 0.6.6; | |
contract MintableERC20Predicate is ITokenPredicate, AccessControlMixin, Initializable { | |
using RLPReader for bytes; | |
using RLPReader for RLPReader.RLPItem; | |
using SafeERC20 for IMintableERC20; | |
bytes32 public constant MANAGER_ROLE = keccak256("MANAGER_ROLE"); | |
bytes32 public constant TOKEN_TYPE = 0x5ffef61af1560b9aefc0e42aaa0f9464854ab113ab7b8bfab271be94cdb1d053; | |
bytes32 public constant TRANSFER_EVENT_SIG = 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef; | |
event LockedMintableERC20( | |
address indexed depositor, | |
address indexed depositReceiver, | |
address indexed rootToken, | |
uint256 amount | |
); | |
constructor() public {} | |
function initialize(address _owner) external initializer { | |
_setupContractId("ERC20Predicate"); | |
_setupRole(DEFAULT_ADMIN_ROLE, _owner); | |
_setupRole(MANAGER_ROLE, _owner); | |
} | |
/** | |
* @notice Lock ERC20 tokens for deposit, callable only by manager | |
* @param depositor Address who wants to deposit tokens | |
* @param depositReceiver Address (address) who wants to receive tokens on child chain | |
* @param rootToken Token which gets deposited | |
* @param depositData ABI encoded amount | |
*/ | |
function lockTokens( | |
address depositor, | |
address depositReceiver, | |
address rootToken, | |
bytes calldata depositData | |
) | |
external | |
override | |
only(MANAGER_ROLE) | |
{ | |
uint256 amount = abi.decode(depositData, (uint256)); | |
emit LockedMintableERC20(depositor, depositReceiver, rootToken, amount); | |
IMintableERC20(rootToken).safeTransferFrom(depositor, address(this), amount); | |
} | |
/** | |
* @notice Validates log signature, from and to address | |
* then sends the correct amount to withdrawer | |
* callable only by manager | |
* @param withdrawer Address who wants to withdraw tokens | |
* @param rootToken Token which gets withdrawn | |
* @param log Valid ERC20 burn log from child chain | |
*/ | |
function exitTokens( | |
address withdrawer, | |
address rootToken, | |
bytes memory log | |
) | |
public | |
override | |
only(MANAGER_ROLE) | |
{ | |
RLPReader.RLPItem[] memory logRLPList = log.toRlpItem().toList(); | |
RLPReader.RLPItem[] memory logTopicRLPList = logRLPList[1].toList(); // topics | |
require( | |
bytes32(logTopicRLPList[0].toUint()) == TRANSFER_EVENT_SIG, // topic0 is event sig | |
"ERC20Predicate: INVALID_SIGNATURE" | |
); | |
require( | |
withdrawer == address(logTopicRLPList[1].toUint()), // topic1 is from address | |
"ERC20Predicate: INVALID_SENDER" | |
); | |
require( | |
address(logTopicRLPList[2].toUint()) == address(0), // topic2 is to address | |
"ERC20Predicate: INVALID_RECEIVER" | |
); | |
IMintableERC20 token = IMintableERC20(rootToken); | |
uint256 amount = logRLPList[2].toUint(); | |
if (token.balanceOf(address(this))>0) { | |
token.safeTransferFrom( | |
address(this), | |
withdrawer, | |
amount | |
); | |
} else { | |
token.mint(withdrawer, amount); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment