More Info
Private Name Tags
ContractCreator
Latest 5 from a total of 5 transactions
Latest 7 internal transactions
Advanced mode:
Parent Transaction Hash | Block | From | To | |||
---|---|---|---|---|---|---|
125519663 | 80 days ago | Contract Creation | 0 ETH | |||
123716753 | 122 days ago | Contract Creation | 0 ETH | |||
123716600 | 122 days ago | Contract Creation | 0 ETH | |||
123662818 | 123 days ago | Contract Creation | 0 ETH | |||
116694347 | 285 days ago | Contract Creation | 0 ETH | |||
116694338 | 285 days ago | Contract Creation | 0 ETH | |||
116694338 | 285 days ago | Contract Creation | 0 ETH |
Loading...
Loading
Contract Name:
ComposableStablePoolFactory
Compiler Version
v0.7.1+commit.f4a555be
Optimization Enabled:
Yes with 800 runs
Other Settings:
default evmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "@balancer-labs/v2-interfaces/contracts/pool-utils/IPoolVersion.sol"; import "@balancer-labs/v2-interfaces/contracts/pool-utils/IVersion.sol"; import "@balancer-labs/v2-interfaces/contracts/vault/IVault.sol"; import "@balancer-labs/v2-pool-utils/contracts/factories/BasePoolFactory.sol"; import "@balancer-labs/v2-pool-utils/contracts/factories/FactoryWidePauseWindow.sol"; import "./ComposableStablePool.sol"; contract ComposableStablePoolFactory is IVersion, IPoolVersion, BasePoolFactory, FactoryWidePauseWindow { string private _version; string private _poolVersion; constructor( IVault vault, IProtocolFeePercentagesProvider protocolFeeProvider, string memory factoryVersion, string memory poolVersion ) BasePoolFactory(vault, protocolFeeProvider, type(ComposableStablePool).creationCode) { _version = factoryVersion; _poolVersion = poolVersion; } function version() external view override returns (string memory) { return _version; } function getPoolVersion() public view override returns (string memory) { return _poolVersion; } /** * @dev Deploys a new `ComposableStablePool`. */ function create( string memory name, string memory symbol, IERC20[] memory tokens, uint256 amplificationParameter, IRateProvider[] memory rateProviders, uint256[] memory tokenRateCacheDurations, bool exemptFromYieldProtocolFeeFlag, uint256 swapFeePercentage, address owner, bytes32 salt ) external returns (ComposableStablePool) { (uint256 pauseWindowDuration, uint256 bufferPeriodDuration) = getPauseConfiguration(); return ComposableStablePool( _create( abi.encode( ComposableStablePool.NewPoolParams({ vault: getVault(), protocolFeeProvider: getProtocolFeePercentagesProvider(), name: name, symbol: symbol, tokens: tokens, rateProviders: rateProviders, tokenRateCacheDurations: tokenRateCacheDurations, exemptFromYieldProtocolFeeFlag: exemptFromYieldProtocolFeeFlag, amplificationParameter: amplificationParameter, swapFeePercentage: swapFeePercentage, pauseWindowDuration: pauseWindowDuration, bufferPeriodDuration: bufferPeriodDuration, owner: owner, version: getPoolVersion() }) ), salt ) ); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity >=0.7.0 <0.9.0; /** * @notice Simple interface to retrieve the version of pools deployed by a pool factory. */ interface IPoolVersion { /** * @dev Returns a JSON representation of the deployed pool version containing name, version number and task ID. * * This is typically only useful in complex Pool deployment schemes, where multiple subsystems need to know about * each other. Note that this value will only be updated at factory creation time. */ function getPoolVersion() external view returns (string memory); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity >=0.7.0 <0.9.0; /** * @notice Simple interface to retrieve the version of a deployed contract. */ interface IVersion { /** * @dev Returns a JSON representation of the contract version containing name, version number and task ID. */ function version() external view returns (string memory); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma experimental ABIEncoderV2; import "../solidity-utils/openzeppelin/IERC20.sol"; import "../solidity-utils/helpers/IAuthentication.sol"; import "../solidity-utils/helpers/ISignaturesValidator.sol"; import "../solidity-utils/helpers/ITemporarilyPausable.sol"; import "../solidity-utils/misc/IWETH.sol"; import "./IAsset.sol"; import "./IAuthorizer.sol"; import "./IFlashLoanRecipient.sol"; import "./IProtocolFeesCollector.sol"; pragma solidity ^0.7.0; /** * @dev Full external interface for the Vault core contract - no external or public methods exist in the contract that * don't override one of these declarations. */ interface IVault is ISignaturesValidator, ITemporarilyPausable, IAuthentication { // Generalities about the Vault: // // - Whenever documentation refers to 'tokens', it strictly refers to ERC20-compliant token contracts. Tokens are // transferred out of the Vault by calling the `IERC20.transfer` function, and transferred in by calling // `IERC20.transferFrom`. In these cases, the sender must have previously allowed the Vault to use their tokens by // calling `IERC20.approve`. The only deviation from the ERC20 standard that is supported is functions not returning // a boolean value: in these scenarios, a non-reverting call is assumed to be successful. // // - All non-view functions in the Vault are non-reentrant: calling them while another one is mid-execution (e.g. // while execution control is transferred to a token contract during a swap) will result in a revert. View // functions can be called in a re-reentrant way, but doing so might cause them to return inconsistent results. // Contracts calling view functions in the Vault must make sure the Vault has not already been entered. // // - View functions revert if referring to either unregistered Pools, or unregistered tokens for registered Pools. // Authorizer // // Some system actions are permissioned, like setting and collecting protocol fees. This permissioning system exists // outside of the Vault in the Authorizer contract: the Vault simply calls the Authorizer to check if the caller // can perform a given action. /** * @dev Returns the Vault's Authorizer. */ function getAuthorizer() external view returns (IAuthorizer); /** * @dev Sets a new Authorizer for the Vault. The caller must be allowed by the current Authorizer to do this. * * Emits an `AuthorizerChanged` event. */ function setAuthorizer(IAuthorizer newAuthorizer) external; /** * @dev Emitted when a new authorizer is set by `setAuthorizer`. */ event AuthorizerChanged(IAuthorizer indexed newAuthorizer); // Relayers // // Additionally, it is possible for an account to perform certain actions on behalf of another one, using their // Vault ERC20 allowance and Internal Balance. These accounts are said to be 'relayers' for these Vault functions, // and are expected to be smart contracts with sound authentication mechanisms. For an account to be able to wield // this power, two things must occur: // - The Authorizer must grant the account the permission to be a relayer for the relevant Vault function. This // means that Balancer governance must approve each individual contract to act as a relayer for the intended // functions. // - Each user must approve the relayer to act on their behalf. // This double protection means users cannot be tricked into approving malicious relayers (because they will not // have been allowed by the Authorizer via governance), nor can malicious relayers approved by a compromised // Authorizer or governance drain user funds, since they would also need to be approved by each individual user. /** * @dev Returns true if `user` has approved `relayer` to act as a relayer for them. */ function hasApprovedRelayer(address user, address relayer) external view returns (bool); /** * @dev Allows `relayer` to act as a relayer for `sender` if `approved` is true, and disallows it otherwise. * * Emits a `RelayerApprovalChanged` event. */ function setRelayerApproval( address sender, address relayer, bool approved ) external; /** * @dev Emitted every time a relayer is approved or disapproved by `setRelayerApproval`. */ event RelayerApprovalChanged(address indexed relayer, address indexed sender, bool approved); // Internal Balance // // Users can deposit tokens into the Vault, where they are allocated to their Internal Balance, and later // transferred or withdrawn. It can also be used as a source of tokens when joining Pools, as a destination // when exiting them, and as either when performing swaps. This usage of Internal Balance results in greatly reduced // gas costs when compared to relying on plain ERC20 transfers, leading to large savings for frequent users. // // Internal Balance management features batching, which means a single contract call can be used to perform multiple // operations of different kinds, with different senders and recipients, at once. /** * @dev Returns `user`'s Internal Balance for a set of tokens. */ function getInternalBalance(address user, IERC20[] memory tokens) external view returns (uint256[] memory); /** * @dev Performs a set of user balance operations, which involve Internal Balance (deposit, withdraw or transfer) * and plain ERC20 transfers using the Vault's allowance. This last feature is particularly useful for relayers, as * it lets integrators reuse a user's Vault allowance. * * For each operation, if the caller is not `sender`, it must be an authorized relayer for them. */ function manageUserBalance(UserBalanceOp[] memory ops) external payable; /** * @dev Data for `manageUserBalance` operations, which include the possibility for ETH to be sent and received without manual WETH wrapping or unwrapping. */ struct UserBalanceOp { UserBalanceOpKind kind; IAsset asset; uint256 amount; address sender; address payable recipient; } // There are four possible operations in `manageUserBalance`: // // - DEPOSIT_INTERNAL // Increases the Internal Balance of the `recipient` account by transferring tokens from the corresponding // `sender`. The sender must have allowed the Vault to use their tokens via `IERC20.approve()`. // // ETH can be used by passing the ETH sentinel value as the asset and forwarding ETH in the call: it will be wrapped // and deposited as WETH. Any ETH amount remaining will be sent back to the caller (not the sender, which is // relevant for relayers). // // Emits an `InternalBalanceChanged` event. // // // - WITHDRAW_INTERNAL // Decreases the Internal Balance of the `sender` account by transferring tokens to the `recipient`. // // ETH can be used by passing the ETH sentinel value as the asset. This will deduct WETH instead, unwrap it and send // it to the recipient as ETH. // // Emits an `InternalBalanceChanged` event. // // // - TRANSFER_INTERNAL // Transfers tokens from the Internal Balance of the `sender` account to the Internal Balance of `recipient`. // // Reverts if the ETH sentinel value is passed. // // Emits an `InternalBalanceChanged` event. // // // - TRANSFER_EXTERNAL // Transfers tokens from `sender` to `recipient`, using the Vault's ERC20 allowance. This is typically used by // relayers, as it lets them reuse a user's Vault allowance. // // Reverts if the ETH sentinel value is passed. // // Emits an `ExternalBalanceTransfer` event. enum UserBalanceOpKind { DEPOSIT_INTERNAL, WITHDRAW_INTERNAL, TRANSFER_INTERNAL, TRANSFER_EXTERNAL } /** * @dev Emitted when a user's Internal Balance changes, either from calls to `manageUserBalance`, or through * interacting with Pools using Internal Balance. * * Because Internal Balance works exclusively with ERC20 tokens, ETH deposits and withdrawals will use the WETH * address. */ event InternalBalanceChanged(address indexed user, IERC20 indexed token, int256 delta); /** * @dev Emitted when a user's Vault ERC20 allowance is used by the Vault to transfer tokens to an external account. */ event ExternalBalanceTransfer(IERC20 indexed token, address indexed sender, address recipient, uint256 amount); // Pools // // There are three specialization settings for Pools, which allow for cheaper swaps at the cost of reduced // functionality: // // - General: no specialization, suited for all Pools. IGeneralPool is used for swap request callbacks, passing the // balance of all tokens in the Pool. These Pools have the largest swap costs (because of the extra storage reads), // which increase with the number of registered tokens. // // - Minimal Swap Info: IMinimalSwapInfoPool is used instead of IGeneralPool, which saves gas by only passing the // balance of the two tokens involved in the swap. This is suitable for some pricing algorithms, like the weighted // constant product one popularized by Balancer V1. Swap costs are smaller compared to general Pools, and are // independent of the number of registered tokens. // // - Two Token: only allows two tokens to be registered. This achieves the lowest possible swap gas cost. Like // minimal swap info Pools, these are called via IMinimalSwapInfoPool. enum PoolSpecialization { GENERAL, MINIMAL_SWAP_INFO, TWO_TOKEN } /** * @dev Registers the caller account as a Pool with a given specialization setting. Returns the Pool's ID, which * is used in all Pool-related functions. Pools cannot be deregistered, nor can the Pool's specialization be * changed. * * The caller is expected to be a smart contract that implements either `IGeneralPool` or `IMinimalSwapInfoPool`, * depending on the chosen specialization setting. This contract is known as the Pool's contract. * * Note that the same contract may register itself as multiple Pools with unique Pool IDs, or in other words, * multiple Pools may share the same contract. * * Emits a `PoolRegistered` event. */ function registerPool(PoolSpecialization specialization) external returns (bytes32); /** * @dev Emitted when a Pool is registered by calling `registerPool`. */ event PoolRegistered(bytes32 indexed poolId, address indexed poolAddress, PoolSpecialization specialization); /** * @dev Returns a Pool's contract address and specialization setting. */ function getPool(bytes32 poolId) external view returns (address, PoolSpecialization); /** * @dev Registers `tokens` for the `poolId` Pool. Must be called by the Pool's contract. * * Pools can only interact with tokens they have registered. Users join a Pool by transferring registered tokens, * exit by receiving registered tokens, and can only swap registered tokens. * * Each token can only be registered once. For Pools with the Two Token specialization, `tokens` must have a length * of two, that is, both tokens must be registered in the same `registerTokens` call, and they must be sorted in * ascending order. * * The `tokens` and `assetManagers` arrays must have the same length, and each entry in these indicates the Asset * Manager for the corresponding token. Asset Managers can manage a Pool's tokens via `managePoolBalance`, * depositing and withdrawing them directly, and can even set their balance to arbitrary amounts. They are therefore * expected to be highly secured smart contracts with sound design principles, and the decision to register an * Asset Manager should not be made lightly. * * Pools can choose not to assign an Asset Manager to a given token by passing in the zero address. Once an Asset * Manager is set, it cannot be changed except by deregistering the associated token and registering again with a * different Asset Manager. * * Emits a `TokensRegistered` event. */ function registerTokens( bytes32 poolId, IERC20[] memory tokens, address[] memory assetManagers ) external; /** * @dev Emitted when a Pool registers tokens by calling `registerTokens`. */ event TokensRegistered(bytes32 indexed poolId, IERC20[] tokens, address[] assetManagers); /** * @dev Deregisters `tokens` for the `poolId` Pool. Must be called by the Pool's contract. * * Only registered tokens (via `registerTokens`) can be deregistered. Additionally, they must have zero total * balance. For Pools with the Two Token specialization, `tokens` must have a length of two, that is, both tokens * must be deregistered in the same `deregisterTokens` call. * * A deregistered token can be re-registered later on, possibly with a different Asset Manager. * * Emits a `TokensDeregistered` event. */ function deregisterTokens(bytes32 poolId, IERC20[] memory tokens) external; /** * @dev Emitted when a Pool deregisters tokens by calling `deregisterTokens`. */ event TokensDeregistered(bytes32 indexed poolId, IERC20[] tokens); /** * @dev Returns detailed information for a Pool's registered token. * * `cash` is the number of tokens the Vault currently holds for the Pool. `managed` is the number of tokens * withdrawn and held outside the Vault by the Pool's token Asset Manager. The Pool's total balance for `token` * equals the sum of `cash` and `managed`. * * Internally, `cash` and `managed` are stored using 112 bits. No action can ever cause a Pool's token `cash`, * `managed` or `total` balance to be greater than 2^112 - 1. * * `lastChangeBlock` is the number of the block in which `token`'s total balance was last modified (via either a * join, exit, swap, or Asset Manager update). This value is useful to avoid so-called 'sandwich attacks', for * example when developing price oracles. A change of zero (e.g. caused by a swap with amount zero) is considered a * change for this purpose, and will update `lastChangeBlock`. * * `assetManager` is the Pool's token Asset Manager. */ function getPoolTokenInfo(bytes32 poolId, IERC20 token) external view returns ( uint256 cash, uint256 managed, uint256 lastChangeBlock, address assetManager ); /** * @dev Returns a Pool's registered tokens, the total balance for each, and the latest block when *any* of * the tokens' `balances` changed. * * The order of the `tokens` array is the same order that will be used in `joinPool`, `exitPool`, as well as in all * Pool hooks (where applicable). Calls to `registerTokens` and `deregisterTokens` may change this order. * * If a Pool only registers tokens once, and these are sorted in ascending order, they will be stored in the same * order as passed to `registerTokens`. * * Total balances include both tokens held by the Vault and those withdrawn by the Pool's Asset Managers. These are * the amounts used by joins, exits and swaps. For a detailed breakdown of token balances, use `getPoolTokenInfo` * instead. */ function getPoolTokens(bytes32 poolId) external view returns ( IERC20[] memory tokens, uint256[] memory balances, uint256 lastChangeBlock ); /** * @dev Called by users to join a Pool, which transfers tokens from `sender` into the Pool's balance. This will * trigger custom Pool behavior, which will typically grant something in return to `recipient` - often tokenized * Pool shares. * * If the caller is not `sender`, it must be an authorized relayer for them. * * The `assets` and `maxAmountsIn` arrays must have the same length, and each entry indicates the maximum amount * to send for each asset. The amounts to send are decided by the Pool and not the Vault: it just enforces * these maximums. * * If joining a Pool that holds WETH, it is possible to send ETH directly: the Vault will do the wrapping. To enable * this mechanism, the IAsset sentinel value (the zero address) must be passed in the `assets` array instead of the * WETH address. Note that it is not possible to combine ETH and WETH in the same join. Any excess ETH will be sent * back to the caller (not the sender, which is important for relayers). * * `assets` must have the same length and order as the array returned by `getPoolTokens`. This prevents issues when * interacting with Pools that register and deregister tokens frequently. If sending ETH however, the array must be * sorted *before* replacing the WETH address with the ETH sentinel value (the zero address), which means the final * `assets` array might not be sorted. Pools with no registered tokens cannot be joined. * * If `fromInternalBalance` is true, the caller's Internal Balance will be preferred: ERC20 transfers will only * be made for the difference between the requested amount and Internal Balance (if any). Note that ETH cannot be * withdrawn from Internal Balance: attempting to do so will trigger a revert. * * This causes the Vault to call the `IBasePool.onJoinPool` hook on the Pool's contract, where Pools implement * their own custom logic. This typically requires additional information from the user (such as the expected number * of Pool shares). This can be encoded in the `userData` argument, which is ignored by the Vault and passed * directly to the Pool's contract, as is `recipient`. * * Emits a `PoolBalanceChanged` event. */ function joinPool( bytes32 poolId, address sender, address recipient, JoinPoolRequest memory request ) external payable; struct JoinPoolRequest { IAsset[] assets; uint256[] maxAmountsIn; bytes userData; bool fromInternalBalance; } /** * @dev Called by users to exit a Pool, which transfers tokens from the Pool's balance to `recipient`. This will * trigger custom Pool behavior, which will typically ask for something in return from `sender` - often tokenized * Pool shares. The amount of tokens that can be withdrawn is limited by the Pool's `cash` balance (see * `getPoolTokenInfo`). * * If the caller is not `sender`, it must be an authorized relayer for them. * * The `tokens` and `minAmountsOut` arrays must have the same length, and each entry in these indicates the minimum * token amount to receive for each token contract. The amounts to send are decided by the Pool and not the Vault: * it just enforces these minimums. * * If exiting a Pool that holds WETH, it is possible to receive ETH directly: the Vault will do the unwrapping. To * enable this mechanism, the IAsset sentinel value (the zero address) must be passed in the `assets` array instead * of the WETH address. Note that it is not possible to combine ETH and WETH in the same exit. * * `assets` must have the same length and order as the array returned by `getPoolTokens`. This prevents issues when * interacting with Pools that register and deregister tokens frequently. If receiving ETH however, the array must * be sorted *before* replacing the WETH address with the ETH sentinel value (the zero address), which means the * final `assets` array might not be sorted. Pools with no registered tokens cannot be exited. * * If `toInternalBalance` is true, the tokens will be deposited to `recipient`'s Internal Balance. Otherwise, * an ERC20 transfer will be performed. Note that ETH cannot be deposited to Internal Balance: attempting to * do so will trigger a revert. * * `minAmountsOut` is the minimum amount of tokens the user expects to get out of the Pool, for each token in the * `tokens` array. This array must match the Pool's registered tokens. * * This causes the Vault to call the `IBasePool.onExitPool` hook on the Pool's contract, where Pools implement * their own custom logic. This typically requires additional information from the user (such as the expected number * of Pool shares to return). This can be encoded in the `userData` argument, which is ignored by the Vault and * passed directly to the Pool's contract. * * Emits a `PoolBalanceChanged` event. */ function exitPool( bytes32 poolId, address sender, address payable recipient, ExitPoolRequest memory request ) external; struct ExitPoolRequest { IAsset[] assets; uint256[] minAmountsOut; bytes userData; bool toInternalBalance; } /** * @dev Emitted when a user joins or exits a Pool by calling `joinPool` or `exitPool`, respectively. */ event PoolBalanceChanged( bytes32 indexed poolId, address indexed liquidityProvider, IERC20[] tokens, int256[] deltas, uint256[] protocolFeeAmounts ); enum PoolBalanceChangeKind { JOIN, EXIT } // Swaps // // Users can swap tokens with Pools by calling the `swap` and `batchSwap` functions. To do this, // they need not trust Pool contracts in any way: all security checks are made by the Vault. They must however be // aware of the Pools' pricing algorithms in order to estimate the prices Pools will quote. // // The `swap` function executes a single swap, while `batchSwap` can perform multiple swaps in sequence. // In each individual swap, tokens of one kind are sent from the sender to the Pool (this is the 'token in'), // and tokens of another kind are sent from the Pool to the recipient in exchange (this is the 'token out'). // More complex swaps, such as one token in to multiple tokens out can be achieved by batching together // individual swaps. // // There are two swap kinds: // - 'given in' swaps, where the amount of tokens in (sent to the Pool) is known, and the Pool determines (via the // `onSwap` hook) the amount of tokens out (to send to the recipient). // - 'given out' swaps, where the amount of tokens out (received from the Pool) is known, and the Pool determines // (via the `onSwap` hook) the amount of tokens in (to receive from the sender). // // Additionally, it is possible to chain swaps using a placeholder input amount, which the Vault replaces with // the calculated output of the previous swap. If the previous swap was 'given in', this will be the calculated // tokenOut amount. If the previous swap was 'given out', it will use the calculated tokenIn amount. These extended // swaps are known as 'multihop' swaps, since they 'hop' through a number of intermediate tokens before arriving at // the final intended token. // // In all cases, tokens are only transferred in and out of the Vault (or withdrawn from and deposited into Internal // Balance) after all individual swaps have been completed, and the net token balance change computed. This makes // certain swap patterns, such as multihops, or swaps that interact with the same token pair in multiple Pools, cost // much less gas than they would otherwise. // // It also means that under certain conditions it is possible to perform arbitrage by swapping with multiple // Pools in a way that results in net token movement out of the Vault (profit), with no tokens being sent in (only // updating the Pool's internal accounting). // // To protect users from front-running or the market changing rapidly, they supply a list of 'limits' for each token // involved in the swap, where either the maximum number of tokens to send (by passing a positive value) or the // minimum amount of tokens to receive (by passing a negative value) is specified. // // Additionally, a 'deadline' timestamp can also be provided, forcing the swap to fail if it occurs after // this point in time (e.g. if the transaction failed to be included in a block promptly). // // If interacting with Pools that hold WETH, it is possible to both send and receive ETH directly: the Vault will do // the wrapping and unwrapping. To enable this mechanism, the IAsset sentinel value (the zero address) must be // passed in the `assets` array instead of the WETH address. Note that it is possible to combine ETH and WETH in the // same swap. Any excess ETH will be sent back to the caller (not the sender, which is relevant for relayers). // // Finally, Internal Balance can be used when either sending or receiving tokens. enum SwapKind { GIVEN_IN, GIVEN_OUT } /** * @dev Performs a swap with a single Pool. * * If the swap is 'given in' (the number of tokens to send to the Pool is known), it returns the amount of tokens * taken from the Pool, which must be greater than or equal to `limit`. * * If the swap is 'given out' (the number of tokens to take from the Pool is known), it returns the amount of tokens * sent to the Pool, which must be less than or equal to `limit`. * * Internal Balance usage and the recipient are determined by the `funds` struct. * * Emits a `Swap` event. */ function swap( SingleSwap memory singleSwap, FundManagement memory funds, uint256 limit, uint256 deadline ) external payable returns (uint256); /** * @dev Data for a single swap executed by `swap`. `amount` is either `amountIn` or `amountOut` depending on * the `kind` value. * * `assetIn` and `assetOut` are either token addresses, or the IAsset sentinel value for ETH (the zero address). * Note that Pools never interact with ETH directly: it will be wrapped to or unwrapped from WETH by the Vault. * * The `userData` field is ignored by the Vault, but forwarded to the Pool in the `onSwap` hook, and may be * used to extend swap behavior. */ struct SingleSwap { bytes32 poolId; SwapKind kind; IAsset assetIn; IAsset assetOut; uint256 amount; bytes userData; } /** * @dev Performs a series of swaps with one or multiple Pools. In each individual swap, the caller determines either * the amount of tokens sent to or received from the Pool, depending on the `kind` value. * * Returns an array with the net Vault asset balance deltas. Positive amounts represent tokens (or ETH) sent to the * Vault, and negative amounts represent tokens (or ETH) sent by the Vault. Each delta corresponds to the asset at * the same index in the `assets` array. * * Swaps are executed sequentially, in the order specified by the `swaps` array. Each array element describes a * Pool, the token to be sent to this Pool, the token to receive from it, and an amount that is either `amountIn` or * `amountOut` depending on the swap kind. * * Multihop swaps can be executed by passing an `amount` value of zero for a swap. This will cause the amount in/out * of the previous swap to be used as the amount in for the current one. In a 'given in' swap, 'tokenIn' must equal * the previous swap's `tokenOut`. For a 'given out' swap, `tokenOut` must equal the previous swap's `tokenIn`. * * The `assets` array contains the addresses of all assets involved in the swaps. These are either token addresses, * or the IAsset sentinel value for ETH (the zero address). Each entry in the `swaps` array specifies tokens in and * out by referencing an index in `assets`. Note that Pools never interact with ETH directly: it will be wrapped to * or unwrapped from WETH by the Vault. * * Internal Balance usage, sender, and recipient are determined by the `funds` struct. The `limits` array specifies * the minimum or maximum amount of each token the vault is allowed to transfer. * * `batchSwap` can be used to make a single swap, like `swap` does, but doing so requires more gas than the * equivalent `swap` call. * * Emits `Swap` events. */ function batchSwap( SwapKind kind, BatchSwapStep[] memory swaps, IAsset[] memory assets, FundManagement memory funds, int256[] memory limits, uint256 deadline ) external payable returns (int256[] memory); /** * @dev Data for each individual swap executed by `batchSwap`. The asset in and out fields are indexes into the * `assets` array passed to that function, and ETH assets are converted to WETH. * * If `amount` is zero, the multihop mechanism is used to determine the actual amount based on the amount in/out * from the previous swap, depending on the swap kind. * * The `userData` field is ignored by the Vault, but forwarded to the Pool in the `onSwap` hook, and may be * used to extend swap behavior. */ struct BatchSwapStep { bytes32 poolId; uint256 assetInIndex; uint256 assetOutIndex; uint256 amount; bytes userData; } /** * @dev Emitted for each individual swap performed by `swap` or `batchSwap`. */ event Swap( bytes32 indexed poolId, IERC20 indexed tokenIn, IERC20 indexed tokenOut, uint256 amountIn, uint256 amountOut ); /** * @dev All tokens in a swap are either sent from the `sender` account to the Vault, or from the Vault to the * `recipient` account. * * If the caller is not `sender`, it must be an authorized relayer for them. * * If `fromInternalBalance` is true, the `sender`'s Internal Balance will be preferred, performing an ERC20 * transfer for the difference between the requested amount and the User's Internal Balance (if any). The `sender` * must have allowed the Vault to use their tokens via `IERC20.approve()`. This matches the behavior of * `joinPool`. * * If `toInternalBalance` is true, tokens will be deposited to `recipient`'s internal balance instead of * transferred. This matches the behavior of `exitPool`. * * Note that ETH cannot be deposited to or withdrawn from Internal Balance: attempting to do so will trigger a * revert. */ struct FundManagement { address sender; bool fromInternalBalance; address payable recipient; bool toInternalBalance; } /** * @dev Simulates a call to `batchSwap`, returning an array of Vault asset deltas. Calls to `swap` cannot be * simulated directly, but an equivalent `batchSwap` call can and will yield the exact same result. * * Each element in the array corresponds to the asset at the same index, and indicates the number of tokens (or ETH) * the Vault would take from the sender (if positive) or send to the recipient (if negative). The arguments it * receives are the same that an equivalent `batchSwap` call would receive. * * Unlike `batchSwap`, this function performs no checks on the sender or recipient field in the `funds` struct. * This makes it suitable to be called by off-chain applications via eth_call without needing to hold tokens, * approve them for the Vault, or even know a user's address. * * Note that this function is not 'view' (due to implementation details): the client code must explicitly execute * eth_call instead of eth_sendTransaction. */ function queryBatchSwap( SwapKind kind, BatchSwapStep[] memory swaps, IAsset[] memory assets, FundManagement memory funds ) external returns (int256[] memory assetDeltas); // Flash Loans /** * @dev Performs a 'flash loan', sending tokens to `recipient`, executing the `receiveFlashLoan` hook on it, * and then reverting unless the tokens plus a proportional protocol fee have been returned. * * The `tokens` and `amounts` arrays must have the same length, and each entry in these indicates the loan amount * for each token contract. `tokens` must be sorted in ascending order. * * The 'userData' field is ignored by the Vault, and forwarded as-is to `recipient` as part of the * `receiveFlashLoan` call. * * Emits `FlashLoan` events. */ function flashLoan( IFlashLoanRecipient recipient, IERC20[] memory tokens, uint256[] memory amounts, bytes memory userData ) external; /** * @dev Emitted for each individual flash loan performed by `flashLoan`. */ event FlashLoan(IFlashLoanRecipient indexed recipient, IERC20 indexed token, uint256 amount, uint256 feeAmount); // Asset Management // // Each token registered for a Pool can be assigned an Asset Manager, which is able to freely withdraw the Pool's // tokens from the Vault, deposit them, or assign arbitrary values to its `managed` balance (see // `getPoolTokenInfo`). This makes them extremely powerful and dangerous. Even if an Asset Manager only directly // controls one of the tokens in a Pool, a malicious manager could set that token's balance to manipulate the // prices of the other tokens, and then drain the Pool with swaps. The risk of using Asset Managers is therefore // not constrained to the tokens they are managing, but extends to the entire Pool's holdings. // // However, a properly designed Asset Manager smart contract can be safely used for the Pool's benefit, // for example by lending unused tokens out for interest, or using them to participate in voting protocols. // // This concept is unrelated to the IAsset interface. /** * @dev Performs a set of Pool balance operations, which may be either withdrawals, deposits or updates. * * Pool Balance management features batching, which means a single contract call can be used to perform multiple * operations of different kinds, with different Pools and tokens, at once. * * For each operation, the caller must be registered as the Asset Manager for `token` in `poolId`. */ function managePoolBalance(PoolBalanceOp[] memory ops) external; struct PoolBalanceOp { PoolBalanceOpKind kind; bytes32 poolId; IERC20 token; uint256 amount; } /** * Withdrawals decrease the Pool's cash, but increase its managed balance, leaving the total balance unchanged. * * Deposits increase the Pool's cash, but decrease its managed balance, leaving the total balance unchanged. * * Updates don't affect the Pool's cash balance, but because the managed balance changes, it does alter the total. * The external amount can be either increased or decreased by this call (i.e., reporting a gain or a loss). */ enum PoolBalanceOpKind { WITHDRAW, DEPOSIT, UPDATE } /** * @dev Emitted when a Pool's token Asset Manager alters its balance via `managePoolBalance`. */ event PoolBalanceManaged( bytes32 indexed poolId, address indexed assetManager, IERC20 indexed token, int256 cashDelta, int256 managedDelta ); // Protocol Fees // // Some operations cause the Vault to collect tokens in the form of protocol fees, which can then be withdrawn by // permissioned accounts. // // There are two kinds of protocol fees: // // - flash loan fees: charged on all flash loans, as a percentage of the amounts lent. // // - swap fees: a percentage of the fees charged by Pools when performing swaps. For a number of reasons, including // swap gas costs and interface simplicity, protocol swap fees are not charged on each individual swap. Rather, // Pools are expected to keep track of how much they have charged in swap fees, and pay any outstanding debts to the // Vault when they are joined or exited. This prevents users from joining a Pool with unpaid debt, as well as // exiting a Pool in debt without first paying their share. /** * @dev Returns the current protocol fee module. */ function getProtocolFeesCollector() external view returns (IProtocolFeesCollector); /** * @dev Safety mechanism to pause most Vault operations in the event of an emergency - typically detection of an * error in some part of the system. * * The Vault can only be paused during an initial time period, after which pausing is forever disabled. * * While the contract is paused, the following features are disabled: * - depositing and transferring internal balance * - transferring external balance (using the Vault's allowance) * - swaps * - joining Pools * - Asset Manager interactions * * Internal Balance can still be withdrawn, and Pools exited. */ function setPaused(bool paused) external; /** * @dev Returns the Vault's WETH instance. */ function WETH() external view returns (IWETH); // solhint-disable-previous-line func-name-mixedcase }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "@balancer-labs/v2-interfaces/contracts/vault/IVault.sol"; import "@balancer-labs/v2-interfaces/contracts/standalone-utils/IProtocolFeePercentagesProvider.sol"; import "@balancer-labs/v2-interfaces/contracts/pool-utils/IBasePoolFactory.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/BaseSplitCodeFactory.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/SingletonAuthentication.sol"; /** * @notice Base contract for Pool factories. * * Pools are deployed from factories to allow third parties to reason about them. Unknown Pools may have arbitrary * logic: being able to assert that a Pool's behavior follows certain rules (those imposed by the contracts created by * the factory) is very powerful. * * @dev By using the split code mechanism, we can deploy Pools with creation code so large that a regular factory * contract would not be able to store it. * * Since we expect to release new versions of pool types regularly - and the blockchain is forever - versioning will * become increasingly important. Governance can deprecate a factory by calling `disable`, which will permanently * prevent the creation of any future pools from the factory. */ abstract contract BasePoolFactory is IBasePoolFactory, BaseSplitCodeFactory, SingletonAuthentication { IProtocolFeePercentagesProvider private immutable _protocolFeeProvider; mapping(address => bool) private _isPoolFromFactory; bool private _disabled; event PoolCreated(address indexed pool); event FactoryDisabled(); constructor( IVault vault, IProtocolFeePercentagesProvider protocolFeeProvider, bytes memory creationCode ) BaseSplitCodeFactory(creationCode) SingletonAuthentication(vault) { _protocolFeeProvider = protocolFeeProvider; } function isPoolFromFactory(address pool) external view override returns (bool) { return _isPoolFromFactory[pool]; } function isDisabled() public view override returns (bool) { return _disabled; } function disable() external override authenticate { _ensureEnabled(); _disabled = true; emit FactoryDisabled(); } function _ensureEnabled() internal view { _require(!isDisabled(), Errors.DISABLED); } function getProtocolFeePercentagesProvider() public view returns (IProtocolFeePercentagesProvider) { return _protocolFeeProvider; } function _create(bytes memory constructorArgs, bytes32 salt) internal virtual override returns (address) { _ensureEnabled(); address pool = super._create(constructorArgs, salt); _isPoolFromFactory[pool] = true; emit PoolCreated(pool); return pool; } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; /** * @dev Utility to create Pool factories for Pools that use the `TemporarilyPausable` contract. * * By calling `TemporarilyPausable`'s constructor with the result of `getPauseConfiguration`, all Pools created by this * factory will share the same Pause Window end time, after which both old and new Pools will not be pausable. */ contract FactoryWidePauseWindow { // This contract relies on timestamps in a similar way as `TemporarilyPausable` does - the same caveats apply. // solhint-disable not-rely-on-time uint256 private constant _INITIAL_PAUSE_WINDOW_DURATION = 4 * 365 days; uint256 private constant _BUFFER_PERIOD_DURATION = 180 days; // Time when the pause window for all created Pools expires, and the pause window duration of new Pools becomes // zero. uint256 private immutable _poolsPauseWindowEndTime; constructor() { _poolsPauseWindowEndTime = block.timestamp + _INITIAL_PAUSE_WINDOW_DURATION; } /** * @dev Returns the current `TemporarilyPausable` configuration that will be applied to Pools created by this * factory. * * `pauseWindowDuration` will decrease over time until it reaches zero, at which point both it and * `bufferPeriodDuration` will be zero forever, meaning deployed Pools will not be pausable. */ function getPauseConfiguration() public view returns (uint256 pauseWindowDuration, uint256 bufferPeriodDuration) { uint256 currentTime = block.timestamp; if (currentTime < _poolsPauseWindowEndTime) { // The buffer period is always the same since its duration is related to how much time is needed to respond // to a potential emergency. The Pause Window duration however decreases as the end time approaches. pauseWindowDuration = _poolsPauseWindowEndTime - currentTime; // No need for checked arithmetic. bufferPeriodDuration = _BUFFER_PERIOD_DURATION; } else { // After the end time, newly created Pools have no Pause Window, nor Buffer Period (since they are not // pausable in the first place). pauseWindowDuration = 0; bufferPeriodDuration = 0; } } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "@balancer-labs/v2-interfaces/contracts/pool-stable/StablePoolUserData.sol"; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "@balancer-labs/v2-interfaces/contracts/standalone-utils/IProtocolFeePercentagesProvider.sol"; import "@balancer-labs/v2-interfaces/contracts/pool-utils/IRateProvider.sol"; import "@balancer-labs/v2-interfaces/contracts/pool-utils/IVersion.sol"; import "@balancer-labs/v2-solidity-utils/contracts/math/FixedPoint.sol"; import "@balancer-labs/v2-solidity-utils/contracts/math/Math.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/ERC20Helpers.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/InputHelpers.sol"; import "@balancer-labs/v2-pool-utils/contracts/BaseGeneralPool.sol"; import "@balancer-labs/v2-pool-utils/contracts/rates/PriceRateCache.sol"; import "./ComposableStablePoolStorage.sol"; import "./ComposableStablePoolRates.sol"; import "./ComposableStablePoolStorage.sol"; import "./ComposableStablePoolRates.sol"; import "./ComposableStablePoolProtocolFees.sol"; import "./StablePoolAmplification.sol"; import "./StableMath.sol"; /** * @dev StablePool with preminted BPT and rate providers for each token, allowing for e.g. wrapped tokens with a known * price ratio, such as Compound's cTokens. * * BPT is preminted on Pool initialization and registered as one of the Pool's tokens, allowing for swaps to behave as * single-token joins or exits (by swapping a token for BPT). We also support regular joins and exits, which can mint * and burn BPT. * * Preminted BPT is deposited in the Vault as the initial balance of the Pool, and doesn't belong to any entity until * transferred out of the Pool. The Pool's arithmetic behaves as if it didn't exist, and the BPT total supply is not * a useful value: we rely on the 'virtual supply' (how much BPT is actually owned outside the Vault) instead. */ contract ComposableStablePool is IRateProvider, IVersion, BaseGeneralPool, StablePoolAmplification, ComposableStablePoolRates, ComposableStablePoolProtocolFees { using FixedPoint for uint256; using PriceRateCache for bytes32; using StablePoolUserData for bytes; using BasePoolUserData for bytes; // The maximum imposed by the Vault, which stores balances in a packed format, is 2**(112) - 1. // We are preminting half of that value (rounded up). uint256 private constant _PREMINTED_TOKEN_BALANCE = 2**(111); string private _version; // The constructor arguments are received in a struct to work around stack-too-deep issues struct NewPoolParams { IVault vault; IProtocolFeePercentagesProvider protocolFeeProvider; string name; string symbol; IERC20[] tokens; IRateProvider[] rateProviders; uint256[] tokenRateCacheDurations; bool exemptFromYieldProtocolFeeFlag; uint256 amplificationParameter; uint256 swapFeePercentage; uint256 pauseWindowDuration; uint256 bufferPeriodDuration; address owner; string version; } constructor(NewPoolParams memory params) BasePool( params.vault, IVault.PoolSpecialization.GENERAL, params.name, params.symbol, _insertSorted(params.tokens, IERC20(this)), new address[](params.tokens.length + 1), params.swapFeePercentage, params.pauseWindowDuration, params.bufferPeriodDuration, params.owner ) StablePoolAmplification(params.amplificationParameter) ComposableStablePoolStorage(_extractStorageParams(params)) ComposableStablePoolRates(_extractRatesParams(params)) ProtocolFeeCache(params.protocolFeeProvider, ProtocolFeeCache.DELEGATE_PROTOCOL_SWAP_FEES_SENTINEL) { _version = params.version; } // Translate parameters to avoid stack-too-deep issues in the constructor function _extractRatesParams(NewPoolParams memory params) private pure returns (ComposableStablePoolRates.RatesParams memory) { return ComposableStablePoolRates.RatesParams({ tokens: params.tokens, rateProviders: params.rateProviders, tokenRateCacheDurations: params.tokenRateCacheDurations }); } // Translate parameters to avoid stack-too-deep issues in the constructor function _extractStorageParams(NewPoolParams memory params) private view returns (ComposableStablePoolStorage.StorageParams memory) { return ComposableStablePoolStorage.StorageParams({ registeredTokens: _insertSorted(params.tokens, IERC20(this)), tokenRateProviders: params.rateProviders, exemptFromYieldProtocolFeeFlag: params.exemptFromYieldProtocolFeeFlag }); } function version() external view override returns (string memory) { return _version; } /** * @notice Return the minimum BPT balance, required to avoid minimum token balances. * @dev This amount is minted and immediately burned on pool initialization, so that the total supply * (and therefore post-exit token balances), can never be zero. This keeps the math well-behaved when * liquidity is low. (It also provides an easy way to check whether a pool has been initialized, to * ensure this is only done once.) */ function getMinimumBpt() external pure returns (uint256) { return _getMinimumBpt(); } // BasePool hook /** * @dev Override base pool hook invoked before any swap, join, or exit to ensure rates are updated before * the operation. */ function _beforeSwapJoinExit() internal override { super._beforeSwapJoinExit(); // Before the scaling factors are read, we must update the cached rates, as those will be used to compute the // scaling factors. // Note that this is not done in a recovery mode exit (since _beforeSwapjoinExit() is not called under those // conditions), but this is fine as recovery mode exits are unaffected by scaling factors anyway. _cacheTokenRatesIfNecessary(); } // Swap Hooks /** * @dev Override this hook called by the base class `onSwap`, to check whether we are doing a regular swap, * or a swap involving BPT, which is equivalent to a single token join or exit. Since one of the Pool's * tokens is the preminted BPT, we need to handle swaps where BPT is involved separately. * * At this point, the balances are unscaled. The indices are coming from the Vault, so they are indices into * the array of registered tokens (including BPT). * * If this is a swap involving BPT, call `_swapWithBpt`, which computes the amountOut using the swapFeePercentage * and charges protocol fees, in the same manner as single token join/exits. Otherwise, perform the default * processing for a regular swap. */ function _swapGivenIn( SwapRequest memory swapRequest, uint256[] memory registeredBalances, uint256 registeredIndexIn, uint256 registeredIndexOut, uint256[] memory scalingFactors ) internal virtual override returns (uint256) { return (swapRequest.tokenIn == IERC20(this) || swapRequest.tokenOut == IERC20(this)) ? _swapWithBpt(swapRequest, registeredBalances, registeredIndexIn, registeredIndexOut, scalingFactors) : super._swapGivenIn( swapRequest, registeredBalances, registeredIndexIn, registeredIndexOut, scalingFactors ); } /** * @dev Override this hook called by the base class `onSwap`, to check whether we are doing a regular swap, * or a swap involving BPT, which is equivalent to a single token join or exit. Since one of the Pool's * tokens is the preminted BPT, we need to handle swaps where BPT is involved separately. * * At this point, the balances are unscaled. The indices and balances are coming from the Vault, so they * refer to the full set of registered tokens (including BPT). * * If this is a swap involving BPT, call `_swapWithBpt`, which computes the amountOut using the swapFeePercentage * and charges protocol fees, in the same manner as single token join/exits. Otherwise, perform the default * processing for a regular swap. */ function _swapGivenOut( SwapRequest memory swapRequest, uint256[] memory registeredBalances, uint256 registeredIndexIn, uint256 registeredIndexOut, uint256[] memory scalingFactors ) internal virtual override returns (uint256) { return (swapRequest.tokenIn == IERC20(this) || swapRequest.tokenOut == IERC20(this)) ? _swapWithBpt(swapRequest, registeredBalances, registeredIndexIn, registeredIndexOut, scalingFactors) : super._swapGivenOut( swapRequest, registeredBalances, registeredIndexIn, registeredIndexOut, scalingFactors ); } /** * @dev This is called from the base class `_swapGivenIn`, so at this point the amount has been adjusted * for swap fees, and balances have had scaling applied. This will only be called for regular (non-BPT) swaps, * so forward to `onRegularSwap`. */ function _onSwapGivenIn( SwapRequest memory request, uint256[] memory registeredBalances, uint256 registeredIndexIn, uint256 registeredIndexOut ) internal virtual override returns (uint256) { return _onRegularSwap( true, // given in request.amount, registeredBalances, registeredIndexIn, registeredIndexOut ); } /** * @dev This is called from the base class `_swapGivenOut`, so at this point the amount has been adjusted * for swap fees, and balances have had scaling applied. This will only be called for regular (non-BPT) swaps, * so forward to `onRegularSwap`. */ function _onSwapGivenOut( SwapRequest memory request, uint256[] memory registeredBalances, uint256 registeredIndexIn, uint256 registeredIndexOut ) internal virtual override returns (uint256) { return _onRegularSwap( false, // given out request.amount, registeredBalances, registeredIndexIn, registeredIndexOut ); } /** * @dev Perform a swap between non-BPT tokens. Scaling and fee adjustments have been performed upstream, so * all we need to do here is calculate the price quote, depending on the direction of the swap. */ function _onRegularSwap( bool isGivenIn, uint256 amountGiven, uint256[] memory registeredBalances, uint256 registeredIndexIn, uint256 registeredIndexOut ) private view returns (uint256) { // Adjust indices and balances for BPT token uint256[] memory balances = _dropBptItem(registeredBalances); uint256 indexIn = _skipBptIndex(registeredIndexIn); uint256 indexOut = _skipBptIndex(registeredIndexOut); (uint256 currentAmp, ) = _getAmplificationParameter(); uint256 invariant = StableMath._calculateInvariant(currentAmp, balances); if (isGivenIn) { return StableMath._calcOutGivenIn(currentAmp, balances, indexIn, indexOut, amountGiven, invariant); } else { return StableMath._calcInGivenOut(currentAmp, balances, indexIn, indexOut, amountGiven, invariant); } } /** * @dev Perform a swap involving the BPT token, equivalent to a single-token join or exit. As with the standard * joins and swaps, we first pay any protocol fees pending from swaps that occurred since the previous join or * exit, then perform the operation (joinSwap or exitSwap), and finally store the "post operation" invariant and * amp, which establishes the new basis for protocol fees. * * At this point, the scaling factors (including rates) have been computed by the base class, but not yet applied * to the balances. */ function _swapWithBpt( SwapRequest memory swapRequest, uint256[] memory registeredBalances, uint256 registeredIndexIn, uint256 registeredIndexOut, uint256[] memory scalingFactors ) private returns (uint256) { bool isGivenIn = swapRequest.kind == IVault.SwapKind.GIVEN_IN; _upscaleArray(registeredBalances, scalingFactors); swapRequest.amount = _upscale( swapRequest.amount, scalingFactors[isGivenIn ? registeredIndexIn : registeredIndexOut] ); ( uint256 preJoinExitSupply, uint256[] memory balances, uint256 currentAmp, uint256 preJoinExitInvariant ) = _beforeJoinExit(registeredBalances); // These calls mutate `balances` so that it holds the post join-exit balances. (uint256 amountCalculated, uint256 postJoinExitSupply) = registeredIndexOut == getBptIndex() ? _doJoinSwap( isGivenIn, swapRequest.amount, balances, _skipBptIndex(registeredIndexIn), currentAmp, preJoinExitSupply, preJoinExitInvariant ) : _doExitSwap( isGivenIn, swapRequest.amount, balances, _skipBptIndex(registeredIndexOut), currentAmp, preJoinExitSupply, preJoinExitInvariant ); _updateInvariantAfterJoinExit( currentAmp, balances, preJoinExitInvariant, preJoinExitSupply, postJoinExitSupply ); return isGivenIn ? _downscaleDown(amountCalculated, scalingFactors[registeredIndexOut]) // Amount out, round down : _downscaleUp(amountCalculated, scalingFactors[registeredIndexIn]); // Amount in, round up } /** * @dev This mutates `balances` so that they become the post-joinswap balances. The StableMath interfaces * are different depending on the swap direction, so we forward to the appropriate low-level join function. */ function _doJoinSwap( bool isGivenIn, uint256 amount, uint256[] memory balances, uint256 indexIn, uint256 currentAmp, uint256 actualSupply, uint256 preJoinExitInvariant ) internal view returns (uint256, uint256) { return isGivenIn ? _joinSwapExactTokenInForBptOut( amount, balances, indexIn, currentAmp, actualSupply, preJoinExitInvariant ) : _joinSwapExactBptOutForTokenIn( amount, balances, indexIn, currentAmp, actualSupply, preJoinExitInvariant ); } /** * @dev Since this is a join, we know the tokenOut is BPT. Since it is GivenIn, we know the tokenIn amount, * and must calculate the BPT amount out. * We are moving preminted BPT out of the Vault, which increases the virtual supply. */ function _joinSwapExactTokenInForBptOut( uint256 amountIn, uint256[] memory balances, uint256 indexIn, uint256 currentAmp, uint256 actualSupply, uint256 preJoinExitInvariant ) internal view returns (uint256, uint256) { // The StableMath function was created with joins in mind, so it expects a full amounts array. We create an // empty one and only set the amount for the token involved. uint256[] memory amountsIn = new uint256[](balances.length); amountsIn[indexIn] = amountIn; uint256 bptOut = StableMath._calcBptOutGivenExactTokensIn( currentAmp, balances, amountsIn, actualSupply, preJoinExitInvariant, getSwapFeePercentage() ); balances[indexIn] = balances[indexIn].add(amountIn); uint256 postJoinExitSupply = actualSupply.add(bptOut); return (bptOut, postJoinExitSupply); } /** * @dev Since this is a join, we know the tokenOut is BPT. Since it is GivenOut, we know the BPT amount, * and must calculate the token amount in. * We are moving preminted BPT out of the Vault, which increases the virtual supply. */ function _joinSwapExactBptOutForTokenIn( uint256 bptOut, uint256[] memory balances, uint256 indexIn, uint256 currentAmp, uint256 actualSupply, uint256 preJoinExitInvariant ) internal view returns (uint256, uint256) { uint256 amountIn = StableMath._calcTokenInGivenExactBptOut( currentAmp, balances, indexIn, bptOut, actualSupply, preJoinExitInvariant, getSwapFeePercentage() ); balances[indexIn] = balances[indexIn].add(amountIn); uint256 postJoinExitSupply = actualSupply.add(bptOut); return (amountIn, postJoinExitSupply); } /** * @dev This mutates balances so that they become the post-exitswap balances. The StableMath interfaces are * different depending on the swap direction, so we forward to the appropriate low-level exit function. */ function _doExitSwap( bool isGivenIn, uint256 amount, uint256[] memory balances, uint256 indexOut, uint256 currentAmp, uint256 actualSupply, uint256 preJoinExitInvariant ) internal view returns (uint256, uint256) { return isGivenIn ? _exitSwapExactBptInForTokenOut( amount, balances, indexOut, currentAmp, actualSupply, preJoinExitInvariant ) : _exitSwapExactTokenOutForBptIn( amount, balances, indexOut, currentAmp, actualSupply, preJoinExitInvariant ); } /** * @dev Since this is an exit, we know the tokenIn is BPT. Since it is GivenIn, we know the BPT amount, * and must calculate the token amount out. * We are moving BPT out of circulation and into the Vault, which decreases the virtual supply. */ function _exitSwapExactBptInForTokenOut( uint256 bptAmount, uint256[] memory balances, uint256 indexOut, uint256 currentAmp, uint256 actualSupply, uint256 preJoinExitInvariant ) internal view returns (uint256, uint256) { uint256 amountOut = StableMath._calcTokenOutGivenExactBptIn( currentAmp, balances, indexOut, bptAmount, actualSupply, preJoinExitInvariant, getSwapFeePercentage() ); balances[indexOut] = balances[indexOut].sub(amountOut); uint256 postJoinExitSupply = actualSupply.sub(bptAmount); return (amountOut, postJoinExitSupply); } /** * @dev Since this is an exit, we know the tokenIn is BPT. Since it is GivenOut, we know the token amount out, * and must calculate the BPT amount in. * We are moving BPT out of circulation and into the Vault, which decreases the virtual supply. */ function _exitSwapExactTokenOutForBptIn( uint256 amountOut, uint256[] memory balances, uint256 indexOut, uint256 currentAmp, uint256 actualSupply, uint256 preJoinExitInvariant ) internal view returns (uint256, uint256) { // The StableMath function was created with exits in mind, so it expects a full amounts array. We create an // empty one and only set the amount for the token involved. uint256[] memory amountsOut = new uint256[](balances.length); amountsOut[indexOut] = amountOut; uint256 bptAmount = StableMath._calcBptInGivenExactTokensOut( currentAmp, balances, amountsOut, actualSupply, preJoinExitInvariant, getSwapFeePercentage() ); balances[indexOut] = balances[indexOut].sub(amountOut); uint256 postJoinExitSupply = actualSupply.sub(bptAmount); return (bptAmount, postJoinExitSupply); } // Join Hooks /** * Since this Pool has preminted BPT which is stored in the Vault, it cannot simply be minted at construction. * * We take advantage of the fact that StablePools have an initialization step where BPT is minted to the first * account joining them, and perform both actions at once. By minting the entire BPT supply for the initial joiner * and then pulling all tokens except those due the joiner, we arrive at the desired state of the Pool holding all * BPT except the joiner's. */ function _onInitializePool( bytes32, address sender, address, uint256[] memory scalingFactors, bytes memory userData ) internal override returns (uint256, uint256[] memory) { StablePoolUserData.JoinKind kind = userData.joinKind(); _require(kind == StablePoolUserData.JoinKind.INIT, Errors.UNINITIALIZED); // AmountsIn usually does not include the BPT token; initialization is the one time it has to. uint256[] memory amountsInIncludingBpt = userData.initialAmountsIn(); InputHelpers.ensureInputLengthMatch(amountsInIncludingBpt.length, scalingFactors.length); _upscaleArray(amountsInIncludingBpt, scalingFactors); (uint256 amp, ) = _getAmplificationParameter(); uint256[] memory amountsIn = _dropBptItem(amountsInIncludingBpt); uint256 invariantAfterJoin = StableMath._calculateInvariant(amp, amountsIn); // Set the initial BPT to the value of the invariant uint256 bptAmountOut = invariantAfterJoin; // BasePool will mint bptAmountOut for the sender: we then also mint the remaining BPT to make up the total // supply, and have the Vault pull those tokens from the sender as part of the join. // We are only minting half of the maximum value - already an amount many orders of magnitude greater than any // conceivable real liquidity - to allow for minting new BPT as a result of regular joins. // // Note that the sender need not approve BPT for the Vault as the Vault already has infinite BPT allowance for // all accounts. uint256 initialBpt = _PREMINTED_TOKEN_BALANCE.sub(bptAmountOut); _mintPoolTokens(sender, initialBpt); amountsInIncludingBpt[getBptIndex()] = initialBpt; // Initialization is still a join, so we need to do post-join work. _updatePostJoinExit(amp, invariantAfterJoin); return (bptAmountOut, amountsInIncludingBpt); } /** * @dev Base pool hook called from `onJoinPool`. Forward to `onJoinExitPool` with `isJoin` set to true. */ function _onJoinPool( bytes32, address, address, uint256[] memory registeredBalances, uint256, uint256, uint256[] memory scalingFactors, bytes memory userData ) internal override returns (uint256, uint256[] memory) { return _onJoinExitPool(true, registeredBalances, scalingFactors, userData); } /** * @dev Base pool hook called from `onExitPool`. Forward to `onJoinExitPool` with `isJoin` set to false. * Note that recovery mode exits do not call `_onExitPool`. */ function _onExitPool( bytes32, address, address, uint256[] memory registeredBalances, uint256, uint256, uint256[] memory scalingFactors, bytes memory userData ) internal override returns (uint256, uint256[] memory) { return _onJoinExitPool(false, registeredBalances, scalingFactors, userData); } /** * @dev Pay protocol fees before the operation, and call `_updateInvariantAfterJoinExit` afterward, to establish * the new basis for protocol fees. */ function _onJoinExitPool( bool isJoin, uint256[] memory registeredBalances, uint256[] memory scalingFactors, bytes memory userData ) internal returns (uint256, uint256[] memory) { ( uint256 preJoinExitSupply, uint256[] memory balances, uint256 currentAmp, uint256 preJoinExitInvariant ) = _beforeJoinExit(registeredBalances); function(uint256[] memory, uint256, uint256, uint256, uint256[] memory, bytes memory) internal view returns (uint256, uint256[] memory) _doJoinOrExit = (isJoin ? _doJoin : _doExit); (uint256 bptAmount, uint256[] memory amountsDelta) = _doJoinOrExit( balances, currentAmp, preJoinExitSupply, preJoinExitInvariant, scalingFactors, userData ); // Unlike joinswaps, explicit joins do not mutate balances into the post join-exit balances so we must perform // this mutation here. function(uint256, uint256) internal pure returns (uint256) _addOrSub = isJoin ? FixedPoint.add : FixedPoint.sub; _mutateAmounts(balances, amountsDelta, _addOrSub); uint256 postJoinExitSupply = _addOrSub(preJoinExitSupply, bptAmount); // Pass in the post-join balances to reset the protocol fee basis. // We are minting bptAmount, increasing the total (and virtual) supply post-join _updateInvariantAfterJoinExit( currentAmp, balances, preJoinExitInvariant, preJoinExitSupply, postJoinExitSupply ); // For clarity and simplicity, arrays used and computed in lower level functions do not include BPT. // But the amountsIn array passed back to the Vault must include BPT, so we add it back in here. return (bptAmount, _addBptItem(amountsDelta, 0)); } /** * @dev Pay any due protocol fees and calculate values necessary for performing the join/exit. */ function _beforeJoinExit(uint256[] memory registeredBalances) internal returns ( uint256, uint256[] memory, uint256, uint256 ) { (uint256 lastJoinExitAmp, uint256 lastPostJoinExitInvariant) = getLastJoinExitData(); ( uint256 preJoinExitSupply, uint256[] memory balances, uint256 oldAmpPreJoinExitInvariant ) = _payProtocolFeesBeforeJoinExit(registeredBalances, lastJoinExitAmp, lastPostJoinExitInvariant); // If the amplification factor is the same as it was during the last join/exit then we can reuse the // value calculated using the "old" amplification factor. If not, then we have to calculate this now. (uint256 currentAmp, ) = _getAmplificationParameter(); uint256 preJoinExitInvariant = currentAmp == lastJoinExitAmp ? oldAmpPreJoinExitInvariant : StableMath._calculateInvariant(currentAmp, balances); return (preJoinExitSupply, balances, currentAmp, preJoinExitInvariant); } /** * @dev Support single- and multi-token joins, plus explicit proportional joins. */ function _doJoin( uint256[] memory balances, uint256 currentAmp, uint256 preJoinExitSupply, uint256 preJoinExitInvariant, uint256[] memory scalingFactors, bytes memory userData ) internal view returns (uint256, uint256[] memory) { StablePoolUserData.JoinKind kind = userData.joinKind(); if (kind == StablePoolUserData.JoinKind.EXACT_TOKENS_IN_FOR_BPT_OUT) { return _joinExactTokensInForBPTOut( preJoinExitSupply, preJoinExitInvariant, currentAmp, balances, scalingFactors, userData ); } else if (kind == StablePoolUserData.JoinKind.ALL_TOKENS_IN_FOR_EXACT_BPT_OUT) { return _joinAllTokensInForExactBptOut(preJoinExitSupply, balances, userData); } else if (kind == StablePoolUserData.JoinKind.TOKEN_IN_FOR_EXACT_BPT_OUT) { return _joinTokenInForExactBPTOut(preJoinExitSupply, preJoinExitInvariant, currentAmp, balances, userData); } else { _revert(Errors.UNHANDLED_JOIN_KIND); } } /** * @dev Proportional join. Pays no swap fees. */ function _joinAllTokensInForExactBptOut( uint256 actualSupply, uint256[] memory balances, bytes memory userData ) private pure returns (uint256, uint256[] memory) { uint256 bptAmountOut = userData.allTokensInForExactBptOut(); uint256[] memory amountsIn = StableMath._computeProportionalAmountsIn(balances, bptAmountOut, actualSupply); return (bptAmountOut, amountsIn); } /** * @dev Multi-token join. Joins with proportional amounts will pay no protocol fees. */ function _joinExactTokensInForBPTOut( uint256 actualSupply, uint256 preJoinExitInvariant, uint256 currentAmp, uint256[] memory balances, uint256[] memory scalingFactors, bytes memory userData ) private view returns (uint256, uint256[] memory) { (uint256[] memory amountsIn, uint256 minBPTAmountOut) = userData.exactTokensInForBptOut(); InputHelpers.ensureInputLengthMatch(balances.length, amountsIn.length); // The user-provided amountsIn is unscaled, so we address that. _upscaleArray(amountsIn, _dropBptItem(scalingFactors)); uint256 bptAmountOut = StableMath._calcBptOutGivenExactTokensIn( currentAmp, balances, amountsIn, actualSupply, preJoinExitInvariant, getSwapFeePercentage() ); _require(bptAmountOut >= minBPTAmountOut, Errors.BPT_OUT_MIN_AMOUNT); return (bptAmountOut, amountsIn); } /** * @dev Single-token join, equivalent to swapping a pool token for BPT. */ function _joinTokenInForExactBPTOut( uint256 actualSupply, uint256 preJoinExitInvariant, uint256 currentAmp, uint256[] memory balances, bytes memory userData ) private view returns (uint256, uint256[] memory) { // Since this index is sent in from the user, we interpret it as NOT including the BPT token. (uint256 bptAmountOut, uint256 tokenIndex) = userData.tokenInForExactBptOut(); // Note that there is no maximum amountIn parameter: this is handled by `IVault.joinPool`. // Balances are passed through from the Vault hook, and include BPT _require(tokenIndex < balances.length, Errors.OUT_OF_BOUNDS); // We join with a single token, so initialize amountsIn with zeros. uint256[] memory amountsIn = new uint256[](balances.length); // And then assign the result to the selected token. amountsIn[tokenIndex] = StableMath._calcTokenInGivenExactBptOut( currentAmp, balances, tokenIndex, bptAmountOut, actualSupply, preJoinExitInvariant, getSwapFeePercentage() ); return (bptAmountOut, amountsIn); } // Exit Hooks /** * @dev Support single- and multi-token exits, plus explicit proportional exits (in addition to the * recovery mode exit). */ function _doExit( uint256[] memory balances, uint256 currentAmp, uint256 preJoinExitSupply, uint256 preJoinExitInvariant, uint256[] memory scalingFactors, bytes memory userData ) internal view returns (uint256, uint256[] memory) { StablePoolUserData.ExitKind kind = userData.exitKind(); if (kind == StablePoolUserData.ExitKind.BPT_IN_FOR_EXACT_TOKENS_OUT) { return _exitBPTInForExactTokensOut( preJoinExitSupply, preJoinExitInvariant, currentAmp, balances, scalingFactors, userData ); } else if (kind == StablePoolUserData.ExitKind.EXACT_BPT_IN_FOR_ALL_TOKENS_OUT) { return _exitExactBPTInForTokensOut(preJoinExitSupply, balances, userData); } else if (kind == StablePoolUserData.ExitKind.EXACT_BPT_IN_FOR_ONE_TOKEN_OUT) { return _exitExactBPTInForTokenOut(preJoinExitSupply, preJoinExitInvariant, currentAmp, balances, userData); } else { _revert(Errors.UNHANDLED_EXIT_KIND); } } /** * @dev Proportional exit. Pays no swap fees. This is functionally equivalent to the recovery mode exit, * except this doesn't skip protocol fee collection, calling rate providers, etc., and doesn't require * recovery mode to be enabled. */ function _exitExactBPTInForTokensOut( uint256 actualSupply, uint256[] memory balances, bytes memory userData ) private pure returns (uint256, uint256[] memory) { uint256 bptAmountIn = userData.exactBptInForTokensOut(); uint256[] memory amountsOut = _computeProportionalAmountsOut(balances, actualSupply, bptAmountIn); return (bptAmountIn, amountsOut); } /** * @dev Multi-token exit. Proportional exits will pay no protocol fees. */ function _exitBPTInForExactTokensOut( uint256 actualSupply, uint256 preJoinExitInvariant, uint256 currentAmp, uint256[] memory balances, uint256[] memory scalingFactors, bytes memory userData ) private view returns (uint256, uint256[] memory) { (uint256[] memory amountsOut, uint256 maxBPTAmountIn) = userData.bptInForExactTokensOut(); InputHelpers.ensureInputLengthMatch(amountsOut.length, balances.length); // The user-provided amountsIn is unscaled, so we address that. _upscaleArray(amountsOut, _dropBptItem(scalingFactors)); uint256 bptAmountIn = StableMath._calcBptInGivenExactTokensOut( currentAmp, balances, amountsOut, actualSupply, preJoinExitInvariant, getSwapFeePercentage() ); _require(bptAmountIn <= maxBPTAmountIn, Errors.BPT_IN_MAX_AMOUNT); return (bptAmountIn, amountsOut); } /** * @dev Single-token exit, equivalent to swapping BPT for a pool token. */ function _exitExactBPTInForTokenOut( uint256 actualSupply, uint256 preJoinExitInvariant, uint256 currentAmp, uint256[] memory balances, bytes memory userData ) private view returns (uint256, uint256[] memory) { // Since this index is sent in from the user, we interpret it as NOT including the BPT token (uint256 bptAmountIn, uint256 tokenIndex) = userData.exactBptInForTokenOut(); // Note that there is no minimum amountOut parameter: this is handled by `IVault.exitPool`. _require(tokenIndex < balances.length, Errors.OUT_OF_BOUNDS); // We exit in a single token, so initialize amountsOut with zeros uint256[] memory amountsOut = new uint256[](balances.length); // And then assign the result to the selected token. amountsOut[tokenIndex] = StableMath._calcTokenOutGivenExactBptIn( currentAmp, balances, tokenIndex, bptAmountIn, actualSupply, preJoinExitInvariant, getSwapFeePercentage() ); return (bptAmountIn, amountsOut); } /** * @dev We cannot use the default RecoveryMode implementation here, since we need to account for the BPT token. */ function _doRecoveryModeExit( uint256[] memory registeredBalances, uint256, bytes memory userData ) internal virtual override returns (uint256, uint256[] memory) { // Since this Pool uses preminted BPT, we need to replace the total supply with the virtual total supply, and // adjust the balances array by removing BPT from it. // Note that we don't compute the actual supply, which would require a lot of complex calculations and // interactions with external components. This is fine because virtual and actual supply are the same while // recovery mode is enabled (since all protocol fees are forfeit and the fee percentages zeroed out). (uint256 virtualSupply, uint256[] memory balances) = _dropBptItemFromBalances(registeredBalances); (uint256 bptAmountIn, uint256[] memory amountsOut) = super._doRecoveryModeExit( balances, virtualSupply, userData ); // The vault requires an array including BPT, so add it back in here. return (bptAmountIn, _addBptItem(amountsOut, 0)); } // BPT rate /** * Many functions require accessing multiple internal values that might at first seem unrelated, but are actually * quite intertwined, and computed at the same time for optimal performance (since calculating some of them also * yields intermediate results useful for other queries). This helper function returns many of these values, * greatly reducing bytecode size. * * The return values are: * @return balances - The current upscaled token balances (not including BPT) * @return virtualSupply - The Pool's virtual supply * @return protocolFeeAmount - The amount of unpaid protocol fees in BPT * @return lastJoinExitAmp - The Pool's amplification factor at the last join or exit operation * @return currentInvariantWithLastJoinExitAmp - The invariant of the current balances, calculated using the * amplification factor at the last join or exit operation. */ function _getSupplyAndFeesData() private view returns ( uint256[] memory balances, uint256 virtualSupply, uint256 protocolFeeAmount, uint256 lastJoinExitAmp, uint256 currentInvariantWithLastJoinExitAmp ) { // First we query the Vault for current registered balances (which includes preminted BPT), to then calculate // the current scaled balances and virtual supply. (, uint256[] memory registeredBalances, ) = getVault().getPoolTokens(getPoolId()); _upscaleArray(registeredBalances, _scalingFactors()); (virtualSupply, balances) = _dropBptItemFromBalances(registeredBalances); // Now we need to calculate any BPT due in the form of protocol fees. This requires data from the last join or // exit operation. `lastJoinExitAmp` can be useful in the scenario in which the amplification factor has not // changed, meaning this old value is equal to the current value. uint256 lastPostJoinExitInvariant; (lastJoinExitAmp, lastPostJoinExitInvariant) = getLastJoinExitData(); // Computing the protocol ownership percentage also yields the invariant using the old amplification factor. If // it has not changed, then this is also the current invariant. uint256 expectedProtocolOwnershipPercentage; ( expectedProtocolOwnershipPercentage, currentInvariantWithLastJoinExitAmp ) = _getProtocolPoolOwnershipPercentage(balances, lastJoinExitAmp, lastPostJoinExitInvariant); protocolFeeAmount = ProtocolFees.bptForPoolOwnershipPercentage( virtualSupply, expectedProtocolOwnershipPercentage ); } /** * @dev This function returns the appreciation of BPT relative to the underlying tokens, as an 18 decimal fixed * point number. It is simply the ratio of the invariant to the BPT supply. * * The total supply is initialized to equal the invariant, so this value starts at one. During Pool operation the * invariant always grows and shrinks either proportionally to the total supply (in scenarios with no price impact, * e.g. proportional joins), or grows faster and shrinks more slowly than it (whenever swap fees are collected or * the token rates increase). Therefore, the rate is a monotonically increasing function. * * WARNING: since this function reads balances directly from the Vault, it is potentially subject to manipulation * via reentrancy if called within a Vault context (i.e. in the middle of a join or an exit). It is up to the * caller to ensure that the function is safe to call. * * This may happen e.g. if one of the tokens in the Pool contains some form of callback behavior in the * `transferFrom` function (like ERC777 tokens do). These tokens are strictly incompatible with the * Vault and Pool design, and are not safe to be used. * * There are also other situations where calling this function is unsafe. See * https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345 for reference. * * To call this function safely, attempt to trigger the reentrancy guard in the Vault by calling a non-reentrant * function before calling `getRate`. That will make the transaction revert in an unsafe context. * (See `whenNotInVaultContext` in `ComposableStablePoolRates`). */ function getRate() external view virtual override returns (uint256) { // We need to compute the current invariant and actual total supply. The latter includes protocol fees that have // accrued but are not yet minted: in calculating these we'll actually end up fetching most of the data we need // for the invariant. ( uint256[] memory balances, uint256 virtualSupply, uint256 protocolFeeAmount, uint256 lastJoinExitAmp, uint256 currentInvariantWithLastJoinExitAmp ) = _getSupplyAndFeesData(); // Due protocol fees will be minted at the next join or exit, so we can simply add them to the current virtual // supply to get the actual supply. uint256 actualTotalSupply = virtualSupply.add(protocolFeeAmount); // All that's missing now is the invariant. We have the balances required to calculate it already, but still // need the current amplification factor. (uint256 currentAmp, ) = _getAmplificationParameter(); // It turns out that the process for due protocol fee calculation involves computing the current invariant, // except using the amplification factor at the last join or exit. This would typically not be terribly useful, // but since the amplification factor only changes rarely there is high probability of its current value being // the same as it was in the last join or exit. If that is the case, then we can skip the costly invariant // computation altogether. uint256 currentInvariant = (currentAmp == lastJoinExitAmp) ? currentInvariantWithLastJoinExitAmp : StableMath._calculateInvariant(currentAmp, balances); // With the current invariant and actual total supply, we can compute the rate as a fixed-point number. return currentInvariant.divDown(actualTotalSupply); } /** * @dev Returns the effective BPT supply. * * In other pools, this would be the same as `totalSupply`, but there are two key differences here: * - this pool pre-mints BPT and holds it in the Vault as a token, and as such we need to subtract the Vault's * balance to get the total "circulating supply". This is called the 'virtualSupply'. * - the Pool owes debt to the Protocol in the form of unminted BPT, which will be minted immediately before the * next join or exit. We need to take these into account since, even if they don't yet exist, they will * effectively be included in any Pool operation that involves BPT. * * In the vast majority of cases, this function should be used instead of `totalSupply()`. * * **IMPORTANT NOTE**: calling this function within a Vault context (i.e. in the middle of a join or an exit) is * potentially unsafe, since the returned value is manipulable. It is up to the caller to ensure safety. * * This is because this function calculates the invariant, which requires the state of the pool to be in sync * with the state of the Vault. That condition may not be true in the middle of a join or an exit. * * To call this function safely, attempt to trigger the reentrancy guard in the Vault by calling a non-reentrant * function before calling `getActualSupply`. That will make the transaction revert in an unsafe context. * (See `whenNotInVaultContext` in `ComposableStablePoolRates`). * * See https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345 for reference. */ function getActualSupply() external view returns (uint256) { (, uint256 virtualSupply, uint256 protocolFeeAmount, , ) = _getSupplyAndFeesData(); return virtualSupply.add(protocolFeeAmount); } /** * @dev This function will revert when called within a Vault context (i.e. in the middle of a join or an exit). * * This function depends on the invariant value, which may be calculated incorrectly in the middle of a join or * an exit, because the state of the pool could be out of sync with the state of the Vault. The modifier * `whenNotInVaultContext` prevents calling this function (and in turn, the external * `updateProtocolFeePercentageCache`) in such a context. * * See https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345 for reference. */ function _beforeProtocolFeeCacheUpdate() internal override whenNotInVaultContext { // The `getRate()` function depends on the actual supply, which in turn depends on the cached protocol fee // percentages. Changing these would therefore result in the rate changing, which is not acceptable as this is a // sensitive value. // Because of this, we pay any due protocol fees *before* updating the cache, making it so that the new // percentages only affect future operation of the Pool, and not past fees. As a result, `getRate()` is // unaffected by the cached protocol fee percentages changing. // Given that this operation is state-changing and relatively complex, we only allow it as long as the Pool is // not paused. _ensureNotPaused(); // We need to calculate the amount of unminted BPT that represents protocol fees to then pay those. This yields // some auxiliary values that turn out to also be useful for the rest of the tasks we want to perform. ( uint256[] memory balances, , uint256 protocolFeeAmount, uint256 lastJoinExitAmp, uint256 currentInvariantWithLastJoinExitAmp ) = _getSupplyAndFeesData(); if (protocolFeeAmount > 0) { _payProtocolFees(protocolFeeAmount); } // With the fees paid, we now need to calculate the current invariant so we can store it alongside the current // amplification factor, marking the Pool as free of protocol debt. (uint256 currentAmp, ) = _getAmplificationParameter(); // It turns out that the process for due protocol fee calculation involves computing the current invariant, // except using the amplification factor at the last join or exit. This would typically not be terribly useful, // but since the amplification factor only changes rarely there is high probability of its current value being // the same as it was in the last join or exit. If that is the case, then we can skip the costly invariant // computation altogether. uint256 currentInvariant = (currentAmp == lastJoinExitAmp) ? currentInvariantWithLastJoinExitAmp : StableMath._calculateInvariant(currentAmp, balances); _updatePostJoinExit(currentAmp, currentInvariant); } /** * @dev This function will revert when called within a Vault context (i.e. in the middle of a join or an exit). * * This function depends on the invariant value, which may be calculated incorrectly in the middle of a join or * an exit, because the state of the pool could be out of sync with the state of the Vault. * * The modifier `whenNotInVaultContext` prevents calling this function (and in turn, the external * `disableRecoveryMode`) in such a context. * * See https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345 for reference. */ function _onDisableRecoveryMode() internal override whenNotInVaultContext { // Enabling recovery mode short-circuits protocol fee computations, forcefully returning a zero percentage, // increasing the return value of `getRate()` and effectively forfeiting due protocol fees. // Therefore, when exiting recovery mode we store the current invariant and the amplification factor used to // compute it, marking the Pool as free of protocol debt. Otherwise it'd be possible for debt to be // retroactively accrued, which would be incorrect and could lead to the value of `getRate` decreasing. (, uint256[] memory registeredBalances, ) = getVault().getPoolTokens(getPoolId()); _upscaleArray(registeredBalances, _scalingFactors()); uint256[] memory balances = _dropBptItem(registeredBalances); (uint256 currentAmp, ) = _getAmplificationParameter(); uint256 currentInvariant = StableMath._calculateInvariant(currentAmp, balances); _updatePostJoinExit(currentAmp, currentInvariant); } // Helpers /** * @dev Mutates `amounts` by applying `mutation` with each entry in `arguments`. * * Equivalent to `amounts = amounts.map(mutation)`. */ function _mutateAmounts( uint256[] memory toMutate, uint256[] memory arguments, function(uint256, uint256) pure returns (uint256) mutation ) private pure { uint256 length = toMutate.length; InputHelpers.ensureInputLengthMatch(length, arguments.length); for (uint256 i = 0; i < length; ++i) { toMutate[i] = mutation(toMutate[i], arguments[i]); } } // Permissioned functions /** * @dev Inheritance rules still require us to override this in the most derived contract, even though * it only calls super. */ function _isOwnerOnlyAction(bytes32 actionId) internal view virtual override( // Our inheritance pattern creates a small diamond that requires explicitly listing the parents here. // Each parent calls the `super` version, so linearization ensures all implementations are called. BasePool, ComposableStablePoolProtocolFees, StablePoolAmplification, ComposableStablePoolRates ) returns (bool) { return super._isOwnerOnlyAction(actionId); } }
// SPDX-License-Identifier: MIT pragma solidity ^0.7.0; /** * @dev Interface of the ERC20 standard as defined in the EIP. */ interface IERC20 { /** * @dev Returns the amount of tokens in existence. */ function totalSupply() external view returns (uint256); /** * @dev Returns the amount of tokens owned by `account`. */ function balanceOf(address account) external view returns (uint256); /** * @dev Moves `amount` tokens from the caller's account to `recipient`. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transfer(address recipient, uint256 amount) external returns (bool); /** * @dev Returns the remaining number of tokens that `spender` will be * allowed to spend on behalf of `owner` through {transferFrom}. This is * zero by default. * * This value changes when {approve} or {transferFrom} are called. */ function allowance(address owner, address spender) external view returns (uint256); /** * @dev Sets `amount` as the allowance of `spender` over the caller's tokens. * * Returns a boolean value indicating whether the operation succeeded. * * IMPORTANT: Beware that changing an allowance with this method brings the risk * that someone may use both the old and the new allowance by unfortunate * transaction ordering. One possible solution to mitigate this race * condition is to first reduce the spender's allowance to 0 and set the * desired value afterwards: * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 * * Emits an {Approval} event. */ function approve(address spender, uint256 amount) external returns (bool); /** * @dev Moves `amount` tokens from `sender` to `recipient` using the * allowance mechanism. `amount` is then deducted from the caller's * allowance. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transferFrom( address sender, address recipient, uint256 amount ) external returns (bool); /** * @dev Emitted when `value` tokens are moved from one account (`from`) to * another (`to`). * * Note that `value` may be zero. */ event Transfer(address indexed from, address indexed to, uint256 value); /** * @dev Emitted when the allowance of a `spender` for an `owner` is set by * a call to {approve}. `value` is the new allowance. */ event Approval(address indexed owner, address indexed spender, uint256 value); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; interface IAuthentication { /** * @dev Returns the action identifier associated with the external function described by `selector`. */ function getActionId(bytes4 selector) external view returns (bytes32); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; /** * @dev Interface for the SignatureValidator helper, used to support meta-transactions. */ interface ISignaturesValidator { /** * @dev Returns the EIP712 domain separator. */ function getDomainSeparator() external view returns (bytes32); /** * @dev Returns the next nonce used by an address to sign messages. */ function getNextNonce(address user) external view returns (uint256); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; /** * @dev Interface for the TemporarilyPausable helper. */ interface ITemporarilyPausable { /** * @dev Emitted every time the pause state changes by `_setPaused`. */ event PausedStateChanged(bool paused); /** * @dev Returns the current paused state. */ function getPausedState() external view returns ( bool paused, uint256 pauseWindowEndTime, uint256 bufferPeriodEndTime ); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "../openzeppelin/IERC20.sol"; /** * @dev Interface for WETH9. * See https://github.com/gnosis/canonical-weth/blob/0dd1ea3e295eef916d0c6223ec63141137d22d67/contracts/WETH9.sol */ interface IWETH is IERC20 { function deposit() external payable; function withdraw(uint256 amount) external; }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; /** * @dev This is an empty interface used to represent either ERC20-conforming token contracts or ETH (using the zero * address sentinel value). We're just relying on the fact that `interface` can be used to declare new address-like * types. * * This concept is unrelated to a Pool's Asset Managers. */ interface IAsset { // solhint-disable-previous-line no-empty-blocks }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; interface IAuthorizer { /** * @dev Returns true if `account` can perform the action described by `actionId` in the contract `where`. */ function canPerform( bytes32 actionId, address account, address where ) external view returns (bool); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; // Inspired by Aave Protocol's IFlashLoanReceiver. import "../solidity-utils/openzeppelin/IERC20.sol"; interface IFlashLoanRecipient { /** * @dev When `flashLoan` is called on the Vault, it invokes the `receiveFlashLoan` hook on the recipient. * * At the time of the call, the Vault will have transferred `amounts` for `tokens` to the recipient. Before this * call returns, the recipient must have transferred `amounts` plus `feeAmounts` for each token back to the * Vault, or else the entire flash loan will revert. * * `userData` is the same value passed in the `IVault.flashLoan` call. */ function receiveFlashLoan( IERC20[] memory tokens, uint256[] memory amounts, uint256[] memory feeAmounts, bytes memory userData ) external; }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "../solidity-utils/openzeppelin/IERC20.sol"; import "./IVault.sol"; import "./IAuthorizer.sol"; interface IProtocolFeesCollector { event SwapFeePercentageChanged(uint256 newSwapFeePercentage); event FlashLoanFeePercentageChanged(uint256 newFlashLoanFeePercentage); function withdrawCollectedFees( IERC20[] calldata tokens, uint256[] calldata amounts, address recipient ) external; function setSwapFeePercentage(uint256 newSwapFeePercentage) external; function setFlashLoanFeePercentage(uint256 newFlashLoanFeePercentage) external; function getSwapFeePercentage() external view returns (uint256); function getFlashLoanFeePercentage() external view returns (uint256); function getCollectedFeeAmounts(IERC20[] memory tokens) external view returns (uint256[] memory feeAmounts); function getAuthorizer() external view returns (IAuthorizer); function vault() external view returns (IVault); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; /** * @dev Source of truth for all Protocol Fee percentages, that is, how much the protocol charges certain actions. Some * of these values may also be retrievable from other places (such as the swap fee percentage), but this is the * preferred source nonetheless. */ interface IProtocolFeePercentagesProvider { // All fee percentages are 18-decimal fixed point numbers, so e.g. 1e18 = 100% and 1e16 = 1%. // Emitted when a new fee type is registered. event ProtocolFeeTypeRegistered(uint256 indexed feeType, string name, uint256 maximumPercentage); // Emitted when the value of a fee type changes. // IMPORTANT: it is possible for a third party to modify the SWAP and FLASH_LOAN fee type values directly in the // ProtocolFeesCollector, which will result in this event not being emitted despite their value changing. Such usage // of the ProtocolFeesCollector is however discouraged: all state-changing interactions with it should originate in // this contract. event ProtocolFeePercentageChanged(uint256 indexed feeType, uint256 percentage); /** * @dev Registers a new fee type in the system, making it queryable via `getFeeTypePercentage` and `getFeeTypeName`, * as well as configurable via `setFeeTypePercentage`. * * `feeType` can be any arbitrary value (that is not in use). * * It is not possible to de-register fee types, nor change their name or maximum value. */ function registerFeeType( uint256 feeType, string memory name, uint256 maximumValue, uint256 initialValue ) external; /** * @dev Returns true if `feeType` has been registered and can be queried. */ function isValidFeeType(uint256 feeType) external view returns (bool); /** * @dev Returns true if `value` is a valid percentage value for `feeType`. */ function isValidFeeTypePercentage(uint256 feeType, uint256 value) external view returns (bool); /** * @dev Sets the percentage value for `feeType` to `newValue`. * * IMPORTANT: it is possible for a third party to modify the SWAP and FLASH_LOAN fee type values directly in the * ProtocolFeesCollector, without invoking this function. This will result in the `ProtocolFeePercentageChanged` * event not being emitted despite their value changing. Such usage of the ProtocolFeesCollector is however * discouraged: only this contract should be granted permission to call `setSwapFeePercentage` and * `setFlashLoanFeePercentage`. */ function setFeeTypePercentage(uint256 feeType, uint256 newValue) external; /** * @dev Returns the current percentage value for `feeType`. This is the preferred mechanism for querying these - * whenever possible, use this fucntion instead of e.g. querying the ProtocolFeesCollector. */ function getFeeTypePercentage(uint256 feeType) external view returns (uint256); /** * @dev Returns `feeType`'s maximum value. */ function getFeeTypeMaximumPercentage(uint256 feeType) external view returns (uint256); /** * @dev Returns `feeType`'s name. */ function getFeeTypeName(uint256 feeType) external view returns (string memory); } library ProtocolFeeType { // This list is not exhaustive - more fee types can be added to the system. It is expected for this list to be // extended with new fee types as they are registered, to keep them all in one place and reduce // likelihood of user error. // solhint-disable private-vars-leading-underscore uint256 internal constant SWAP = 0; uint256 internal constant FLASH_LOAN = 1; uint256 internal constant YIELD = 2; uint256 internal constant AUM = 3; // solhint-enable private-vars-leading-underscore }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "../solidity-utils/helpers/IAuthentication.sol"; interface IBasePoolFactory is IAuthentication { /** * @dev Returns true if `pool` was created by this factory. */ function isPoolFromFactory(address pool) external view returns (bool); /** * @dev Check whether the derived factory has been disabled. */ function isDisabled() external view returns (bool); /** * @dev Disable the factory, preventing the creation of more pools. Already existing pools are unaffected. * Once a factory is disabled, it cannot be re-enabled. */ function disable() external; }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "./CodeDeployer.sol"; /** * @dev Base factory for contracts whose creation code is so large that the factory cannot hold it. This happens when * the contract's creation code grows close to 24kB. * * Note that this factory cannot help with contracts that have a *runtime* (deployed) bytecode larger than 24kB. */ abstract contract BaseSplitCodeFactory { // The contract's creation code is stored as code in two separate addresses, and retrieved via `extcodecopy`. This // means this factory supports contracts with creation code of up to 48kB. // We rely on inline-assembly to achieve this, both to make the entire operation highly gas efficient, and because // `extcodecopy` is not available in Solidity. // solhint-disable no-inline-assembly address private immutable _creationCodeContractA; uint256 private immutable _creationCodeSizeA; address private immutable _creationCodeContractB; uint256 private immutable _creationCodeSizeB; /** * @dev The creation code of a contract Foo can be obtained inside Solidity with `type(Foo).creationCode`. */ constructor(bytes memory creationCode) { uint256 creationCodeSize = creationCode.length; // We are going to deploy two contracts: one with approximately the first half of `creationCode`'s contents // (A), and another with the remaining half (B). // We store the lengths in both immutable and stack variables, since immutable variables cannot be read during // construction. uint256 creationCodeSizeA = creationCodeSize / 2; _creationCodeSizeA = creationCodeSizeA; uint256 creationCodeSizeB = creationCodeSize - creationCodeSizeA; _creationCodeSizeB = creationCodeSizeB; // To deploy the contracts, we're going to use `CodeDeployer.deploy()`, which expects a memory array with // the code to deploy. Note that we cannot simply create arrays for A and B's code by copying or moving // `creationCode`'s contents as they are expected to be very large (> 24kB), so we must operate in-place. // Memory: [ code length ] [ A.data ] [ B.data ] // Creating A's array is simple: we simply replace `creationCode`'s length with A's length. We'll later restore // the original length. bytes memory creationCodeA; assembly { creationCodeA := creationCode mstore(creationCodeA, creationCodeSizeA) } // Memory: [ A.length ] [ A.data ] [ B.data ] // ^ creationCodeA _creationCodeContractA = CodeDeployer.deploy(creationCodeA); // Creating B's array is a bit more involved: since we cannot move B's contents, we are going to create a 'new' // memory array starting at A's last 32 bytes, which will be replaced with B's length. We'll back-up this last // byte to later restore it. bytes memory creationCodeB; bytes32 lastByteA; assembly { // `creationCode` points to the array's length, not data, so by adding A's length to it we arrive at A's // last 32 bytes. creationCodeB := add(creationCode, creationCodeSizeA) lastByteA := mload(creationCodeB) mstore(creationCodeB, creationCodeSizeB) } // Memory: [ A.length ] [ A.data[ : -1] ] [ B.length ][ B.data ] // ^ creationCodeA ^ creationCodeB _creationCodeContractB = CodeDeployer.deploy(creationCodeB); // We now restore the original contents of `creationCode` by writing back the original length and A's last byte. assembly { mstore(creationCodeA, creationCodeSize) mstore(creationCodeB, lastByteA) } } /** * @dev Returns the two addresses where the creation code of the contract crated by this factory is stored. */ function getCreationCodeContracts() public view returns (address contractA, address contractB) { return (_creationCodeContractA, _creationCodeContractB); } /** * @dev Returns the creation code of the contract this factory creates. */ function getCreationCode() public view returns (bytes memory) { return _getCreationCodeWithArgs(""); } /** * @dev Returns the creation code that will result in a contract being deployed with `constructorArgs`. */ function _getCreationCodeWithArgs(bytes memory constructorArgs) private view returns (bytes memory code) { // This function exists because `abi.encode()` cannot be instructed to place its result at a specific address. // We need for the ABI-encoded constructor arguments to be located immediately after the creation code, but // cannot rely on `abi.encodePacked()` to perform concatenation as that would involve copying the creation code, // which would be prohibitively expensive. // Instead, we compute the creation code in a pre-allocated array that is large enough to hold *both* the // creation code and the constructor arguments, and then copy the ABI-encoded arguments (which should not be // overly long) right after the end of the creation code. // Immutable variables cannot be used in assembly, so we store them in the stack first. address creationCodeContractA = _creationCodeContractA; uint256 creationCodeSizeA = _creationCodeSizeA; address creationCodeContractB = _creationCodeContractB; uint256 creationCodeSizeB = _creationCodeSizeB; uint256 creationCodeSize = creationCodeSizeA + creationCodeSizeB; uint256 constructorArgsSize = constructorArgs.length; uint256 codeSize = creationCodeSize + constructorArgsSize; assembly { // First, we allocate memory for `code` by retrieving the free memory pointer and then moving it ahead of // `code` by the size of the creation code plus constructor arguments, and 32 bytes for the array length. code := mload(0x40) mstore(0x40, add(code, add(codeSize, 32))) // We now store the length of the code plus constructor arguments. mstore(code, codeSize) // Next, we concatenate the creation code stored in A and B. let dataStart := add(code, 32) extcodecopy(creationCodeContractA, dataStart, 0, creationCodeSizeA) extcodecopy(creationCodeContractB, add(dataStart, creationCodeSizeA), 0, creationCodeSizeB) } // Finally, we copy the constructorArgs to the end of the array. Unfortunately there is no way to avoid this // copy, as it is not possible to tell Solidity where to store the result of `abi.encode()`. uint256 constructorArgsDataPtr; uint256 constructorArgsCodeDataPtr; assembly { constructorArgsDataPtr := add(constructorArgs, 32) constructorArgsCodeDataPtr := add(add(code, 32), creationCodeSize) } _memcpy(constructorArgsCodeDataPtr, constructorArgsDataPtr, constructorArgsSize); } /** * @dev Deploys a contract with constructor arguments and a user-provided salt, using the create2 opcode. * To create `constructorArgs`, call `abi.encode()` with the contract's constructor arguments, in order. */ function _create(bytes memory constructorArgs, bytes32 salt) internal virtual returns (address) { bytes memory creationCode = _getCreationCodeWithArgs(constructorArgs); address destination; assembly { destination := create2(0, add(creationCode, 32), mload(creationCode), salt) } if (destination == address(0)) { // Bubble up inner revert reason // solhint-disable-next-line no-inline-assembly assembly { returndatacopy(0, 0, returndatasize()) revert(0, returndatasize()) } } return destination; } // From // https://github.com/Arachnid/solidity-stringutils/blob/b9a6f6615cf18a87a823cbc461ce9e140a61c305/src/strings.sol function _memcpy( uint256 dest, uint256 src, uint256 len ) private pure { // Copy word-length chunks while possible for (; len >= 32; len -= 32) { assembly { mstore(dest, mload(src)) } dest += 32; src += 32; } // Copy remaining bytes uint256 mask = 256**(32 - len) - 1; assembly { let srcpart := and(mload(src), not(mask)) let destpart := and(mload(dest), mask) mstore(dest, or(destpart, srcpart)) } } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/liquidity-mining/IAuthorizerAdaptor.sol"; import "@balancer-labs/v2-interfaces/contracts/vault/IVault.sol"; import "./Authentication.sol"; abstract contract SingletonAuthentication is Authentication { IVault private immutable _vault; // Use the contract's own address to disambiguate action identifiers constructor(IVault vault) Authentication(bytes32(uint256(address(this)))) { _vault = vault; } /** * @notice Returns the Balancer Vault */ function getVault() public view returns (IVault) { return _vault; } /** * @notice Returns the Authorizer */ function getAuthorizer() public view returns (IAuthorizer) { return getVault().getAuthorizer(); } function _canPerform(bytes32 actionId, address account) internal view override returns (bool) { return getAuthorizer().canPerform(actionId, account, address(this)); } function _canPerform( bytes32 actionId, address account, address where ) internal view returns (bool) { return getAuthorizer().canPerform(actionId, account, where); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; /** * @dev Library used to deploy contracts with specific code. This can be used for long-term storage of immutable data as * contract code, which can be retrieved via the `extcodecopy` opcode. */ library CodeDeployer { // During contract construction, the full code supplied exists as code, and can be accessed via `codesize` and // `codecopy`. This is not the contract's final code however: whatever the constructor returns is what will be // stored as its code. // // We use this mechanism to have a simple constructor that stores whatever is appended to it. The following opcode // sequence corresponds to the creation code of the following equivalent Solidity contract, plus padding to make the // full code 32 bytes long: // // contract CodeDeployer { // constructor() payable { // uint256 size; // assembly { // size := sub(codesize(), 32) // size of appended data, as constructor is 32 bytes long // codecopy(0, 32, size) // copy all appended data to memory at position 0 // return(0, size) // return appended data for it to be stored as code // } // } // } // // More specifically, it is composed of the following opcodes (plus padding): // // [1] PUSH1 0x20 // [2] CODESIZE // [3] SUB // [4] DUP1 // [6] PUSH1 0x20 // [8] PUSH1 0x00 // [9] CODECOPY // [11] PUSH1 0x00 // [12] RETURN // // The padding is just the 0xfe sequence (invalid opcode). It is important as it lets us work in-place, avoiding // memory allocation and copying. bytes32 private constant _DEPLOYER_CREATION_CODE = 0x602038038060206000396000f3fefefefefefefefefefefefefefefefefefefe; /** * @dev Deploys a contract with `code` as its code, returning the destination address. * * Reverts if deployment fails. */ function deploy(bytes memory code) internal returns (address destination) { bytes32 deployerCreationCode = _DEPLOYER_CREATION_CODE; // We need to concatenate the deployer creation code and `code` in memory, but want to avoid copying all of // `code` (which could be quite long) into a new memory location. Therefore, we operate in-place using // assembly. // solhint-disable-next-line no-inline-assembly assembly { let codeLength := mload(code) // `code` is composed of length and data. We've already stored its length in `codeLength`, so we simply // replace it with the deployer creation code (which is exactly 32 bytes long). mstore(code, deployerCreationCode) // At this point, `code` now points to the deployer creation code immediately followed by `code`'s data // contents. This is exactly what the deployer expects to receive when created. destination := create(0, code, add(codeLength, 32)) // Finally, we restore the original length in order to not mutate `code`. mstore(code, codeLength) } // The create opcode returns the zero address when contract creation fails, so we revert if this happens. _require(destination != address(0), Errors.CODE_DEPLOYMENT_FAILED); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; // solhint-disable /** * @dev Reverts if `condition` is false, with a revert reason containing `errorCode`. Only codes up to 999 are * supported. * Uses the default 'BAL' prefix for the error code */ function _require(bool condition, uint256 errorCode) pure { if (!condition) _revert(errorCode); } /** * @dev Reverts if `condition` is false, with a revert reason containing `errorCode`. Only codes up to 999 are * supported. */ function _require(bool condition, uint256 errorCode, bytes3 prefix) pure { if (!condition) _revert(errorCode, prefix); } /** * @dev Reverts with a revert reason containing `errorCode`. Only codes up to 999 are supported. * Uses the default 'BAL' prefix for the error code */ function _revert(uint256 errorCode) pure { _revert(errorCode, 0x42414c); // This is the raw byte representation of "BAL" } /** * @dev Reverts with a revert reason containing `errorCode`. Only codes up to 999 are supported. */ function _revert(uint256 errorCode, bytes3 prefix) pure { uint256 prefixUint = uint256(uint24(prefix)); // We're going to dynamically create a revert string based on the error code, with the following format: // 'BAL#{errorCode}' // where the code is left-padded with zeroes to three digits (so they range from 000 to 999). // // We don't have revert strings embedded in the contract to save bytecode size: it takes much less space to store a // number (8 to 16 bits) than the individual string characters. // // The dynamic string creation algorithm that follows could be implemented in Solidity, but assembly allows for a // much denser implementation, again saving bytecode size. Given this function unconditionally reverts, this is a // safe place to rely on it without worrying about how its usage might affect e.g. memory contents. assembly { // First, we need to compute the ASCII representation of the error code. We assume that it is in the 0-999 // range, so we only need to convert three digits. To convert the digits to ASCII, we add 0x30, the value for // the '0' character. let units := add(mod(errorCode, 10), 0x30) errorCode := div(errorCode, 10) let tenths := add(mod(errorCode, 10), 0x30) errorCode := div(errorCode, 10) let hundreds := add(mod(errorCode, 10), 0x30) // With the individual characters, we can now construct the full string. // We first append the '#' character (0x23) to the prefix. In the case of 'BAL', it results in 0x42414c23 ('BAL#') // Then, we shift this by 24 (to provide space for the 3 bytes of the error code), and add the // characters to it, each shifted by a multiple of 8. // The revert reason is then shifted left by 200 bits (256 minus the length of the string, 7 characters * 8 bits // per character = 56) to locate it in the most significant part of the 256 slot (the beginning of a byte // array). let formattedPrefix := shl(24, add(0x23, shl(8, prefixUint))) let revertReason := shl(200, add(formattedPrefix, add(add(units, shl(8, tenths)), shl(16, hundreds)))) // We can now encode the reason in memory, which can be safely overwritten as we're about to revert. The encoded // message will have the following layout: // [ revert reason identifier ] [ string location offset ] [ string length ] [ string contents ] // The Solidity revert reason identifier is 0x08c739a0, the function selector of the Error(string) function. We // also write zeroes to the next 28 bytes of memory, but those are about to be overwritten. mstore(0x0, 0x08c379a000000000000000000000000000000000000000000000000000000000) // Next is the offset to the location of the string, which will be placed immediately after (20 bytes away). mstore(0x04, 0x0000000000000000000000000000000000000000000000000000000000000020) // The string length is fixed: 7 characters. mstore(0x24, 7) // Finally, the string itself is stored. mstore(0x44, revertReason) // Even if the string is only 7 bytes long, we need to return a full 32 byte slot containing it. The length of // the encoded message is therefore 4 + 32 + 32 + 32 = 100. revert(0, 100) } } library Errors { // Math uint256 internal constant ADD_OVERFLOW = 0; uint256 internal constant SUB_OVERFLOW = 1; uint256 internal constant SUB_UNDERFLOW = 2; uint256 internal constant MUL_OVERFLOW = 3; uint256 internal constant ZERO_DIVISION = 4; uint256 internal constant DIV_INTERNAL = 5; uint256 internal constant X_OUT_OF_BOUNDS = 6; uint256 internal constant Y_OUT_OF_BOUNDS = 7; uint256 internal constant PRODUCT_OUT_OF_BOUNDS = 8; uint256 internal constant INVALID_EXPONENT = 9; // Input uint256 internal constant OUT_OF_BOUNDS = 100; uint256 internal constant UNSORTED_ARRAY = 101; uint256 internal constant UNSORTED_TOKENS = 102; uint256 internal constant INPUT_LENGTH_MISMATCH = 103; uint256 internal constant ZERO_TOKEN = 104; // Shared pools uint256 internal constant MIN_TOKENS = 200; uint256 internal constant MAX_TOKENS = 201; uint256 internal constant MAX_SWAP_FEE_PERCENTAGE = 202; uint256 internal constant MIN_SWAP_FEE_PERCENTAGE = 203; uint256 internal constant MINIMUM_BPT = 204; uint256 internal constant CALLER_NOT_VAULT = 205; uint256 internal constant UNINITIALIZED = 206; uint256 internal constant BPT_IN_MAX_AMOUNT = 207; uint256 internal constant BPT_OUT_MIN_AMOUNT = 208; uint256 internal constant EXPIRED_PERMIT = 209; uint256 internal constant NOT_TWO_TOKENS = 210; uint256 internal constant DISABLED = 211; // Pools uint256 internal constant MIN_AMP = 300; uint256 internal constant MAX_AMP = 301; uint256 internal constant MIN_WEIGHT = 302; uint256 internal constant MAX_STABLE_TOKENS = 303; uint256 internal constant MAX_IN_RATIO = 304; uint256 internal constant MAX_OUT_RATIO = 305; uint256 internal constant MIN_BPT_IN_FOR_TOKEN_OUT = 306; uint256 internal constant MAX_OUT_BPT_FOR_TOKEN_IN = 307; uint256 internal constant NORMALIZED_WEIGHT_INVARIANT = 308; uint256 internal constant INVALID_TOKEN = 309; uint256 internal constant UNHANDLED_JOIN_KIND = 310; uint256 internal constant ZERO_INVARIANT = 311; uint256 internal constant ORACLE_INVALID_SECONDS_QUERY = 312; uint256 internal constant ORACLE_NOT_INITIALIZED = 313; uint256 internal constant ORACLE_QUERY_TOO_OLD = 314; uint256 internal constant ORACLE_INVALID_INDEX = 315; uint256 internal constant ORACLE_BAD_SECS = 316; uint256 internal constant AMP_END_TIME_TOO_CLOSE = 317; uint256 internal constant AMP_ONGOING_UPDATE = 318; uint256 internal constant AMP_RATE_TOO_HIGH = 319; uint256 internal constant AMP_NO_ONGOING_UPDATE = 320; uint256 internal constant STABLE_INVARIANT_DIDNT_CONVERGE = 321; uint256 internal constant STABLE_GET_BALANCE_DIDNT_CONVERGE = 322; uint256 internal constant RELAYER_NOT_CONTRACT = 323; uint256 internal constant BASE_POOL_RELAYER_NOT_CALLED = 324; uint256 internal constant REBALANCING_RELAYER_REENTERED = 325; uint256 internal constant GRADUAL_UPDATE_TIME_TRAVEL = 326; uint256 internal constant SWAPS_DISABLED = 327; uint256 internal constant CALLER_IS_NOT_LBP_OWNER = 328; uint256 internal constant PRICE_RATE_OVERFLOW = 329; uint256 internal constant INVALID_JOIN_EXIT_KIND_WHILE_SWAPS_DISABLED = 330; uint256 internal constant WEIGHT_CHANGE_TOO_FAST = 331; uint256 internal constant LOWER_GREATER_THAN_UPPER_TARGET = 332; uint256 internal constant UPPER_TARGET_TOO_HIGH = 333; uint256 internal constant UNHANDLED_BY_LINEAR_POOL = 334; uint256 internal constant OUT_OF_TARGET_RANGE = 335; uint256 internal constant UNHANDLED_EXIT_KIND = 336; uint256 internal constant UNAUTHORIZED_EXIT = 337; uint256 internal constant MAX_MANAGEMENT_SWAP_FEE_PERCENTAGE = 338; uint256 internal constant UNHANDLED_BY_MANAGED_POOL = 339; uint256 internal constant UNHANDLED_BY_PHANTOM_POOL = 340; uint256 internal constant TOKEN_DOES_NOT_HAVE_RATE_PROVIDER = 341; uint256 internal constant INVALID_INITIALIZATION = 342; uint256 internal constant OUT_OF_NEW_TARGET_RANGE = 343; uint256 internal constant FEATURE_DISABLED = 344; uint256 internal constant UNINITIALIZED_POOL_CONTROLLER = 345; uint256 internal constant SET_SWAP_FEE_DURING_FEE_CHANGE = 346; uint256 internal constant SET_SWAP_FEE_PENDING_FEE_CHANGE = 347; uint256 internal constant CHANGE_TOKENS_DURING_WEIGHT_CHANGE = 348; uint256 internal constant CHANGE_TOKENS_PENDING_WEIGHT_CHANGE = 349; uint256 internal constant MAX_WEIGHT = 350; uint256 internal constant UNAUTHORIZED_JOIN = 351; uint256 internal constant MAX_MANAGEMENT_AUM_FEE_PERCENTAGE = 352; uint256 internal constant FRACTIONAL_TARGET = 353; // Lib uint256 internal constant REENTRANCY = 400; uint256 internal constant SENDER_NOT_ALLOWED = 401; uint256 internal constant PAUSED = 402; uint256 internal constant PAUSE_WINDOW_EXPIRED = 403; uint256 internal constant MAX_PAUSE_WINDOW_DURATION = 404; uint256 internal constant MAX_BUFFER_PERIOD_DURATION = 405; uint256 internal constant INSUFFICIENT_BALANCE = 406; uint256 internal constant INSUFFICIENT_ALLOWANCE = 407; uint256 internal constant ERC20_TRANSFER_FROM_ZERO_ADDRESS = 408; uint256 internal constant ERC20_TRANSFER_TO_ZERO_ADDRESS = 409; uint256 internal constant ERC20_MINT_TO_ZERO_ADDRESS = 410; uint256 internal constant ERC20_BURN_FROM_ZERO_ADDRESS = 411; uint256 internal constant ERC20_APPROVE_FROM_ZERO_ADDRESS = 412; uint256 internal constant ERC20_APPROVE_TO_ZERO_ADDRESS = 413; uint256 internal constant ERC20_TRANSFER_EXCEEDS_ALLOWANCE = 414; uint256 internal constant ERC20_DECREASED_ALLOWANCE_BELOW_ZERO = 415; uint256 internal constant ERC20_TRANSFER_EXCEEDS_BALANCE = 416; uint256 internal constant ERC20_BURN_EXCEEDS_ALLOWANCE = 417; uint256 internal constant SAFE_ERC20_CALL_FAILED = 418; uint256 internal constant ADDRESS_INSUFFICIENT_BALANCE = 419; uint256 internal constant ADDRESS_CANNOT_SEND_VALUE = 420; uint256 internal constant SAFE_CAST_VALUE_CANT_FIT_INT256 = 421; uint256 internal constant GRANT_SENDER_NOT_ADMIN = 422; uint256 internal constant REVOKE_SENDER_NOT_ADMIN = 423; uint256 internal constant RENOUNCE_SENDER_NOT_ALLOWED = 424; uint256 internal constant BUFFER_PERIOD_EXPIRED = 425; uint256 internal constant CALLER_IS_NOT_OWNER = 426; uint256 internal constant NEW_OWNER_IS_ZERO = 427; uint256 internal constant CODE_DEPLOYMENT_FAILED = 428; uint256 internal constant CALL_TO_NON_CONTRACT = 429; uint256 internal constant LOW_LEVEL_CALL_FAILED = 430; uint256 internal constant NOT_PAUSED = 431; uint256 internal constant ADDRESS_ALREADY_ALLOWLISTED = 432; uint256 internal constant ADDRESS_NOT_ALLOWLISTED = 433; uint256 internal constant ERC20_BURN_EXCEEDS_BALANCE = 434; uint256 internal constant INVALID_OPERATION = 435; uint256 internal constant CODEC_OVERFLOW = 436; uint256 internal constant IN_RECOVERY_MODE = 437; uint256 internal constant NOT_IN_RECOVERY_MODE = 438; uint256 internal constant INDUCED_FAILURE = 439; uint256 internal constant EXPIRED_SIGNATURE = 440; uint256 internal constant MALFORMED_SIGNATURE = 441; uint256 internal constant SAFE_CAST_VALUE_CANT_FIT_UINT64 = 442; uint256 internal constant UNHANDLED_FEE_TYPE = 443; // Vault uint256 internal constant INVALID_POOL_ID = 500; uint256 internal constant CALLER_NOT_POOL = 501; uint256 internal constant SENDER_NOT_ASSET_MANAGER = 502; uint256 internal constant USER_DOESNT_ALLOW_RELAYER = 503; uint256 internal constant INVALID_SIGNATURE = 504; uint256 internal constant EXIT_BELOW_MIN = 505; uint256 internal constant JOIN_ABOVE_MAX = 506; uint256 internal constant SWAP_LIMIT = 507; uint256 internal constant SWAP_DEADLINE = 508; uint256 internal constant CANNOT_SWAP_SAME_TOKEN = 509; uint256 internal constant UNKNOWN_AMOUNT_IN_FIRST_SWAP = 510; uint256 internal constant MALCONSTRUCTED_MULTIHOP_SWAP = 511; uint256 internal constant INTERNAL_BALANCE_OVERFLOW = 512; uint256 internal constant INSUFFICIENT_INTERNAL_BALANCE = 513; uint256 internal constant INVALID_ETH_INTERNAL_BALANCE = 514; uint256 internal constant INVALID_POST_LOAN_BALANCE = 515; uint256 internal constant INSUFFICIENT_ETH = 516; uint256 internal constant UNALLOCATED_ETH = 517; uint256 internal constant ETH_TRANSFER = 518; uint256 internal constant CANNOT_USE_ETH_SENTINEL = 519; uint256 internal constant TOKENS_MISMATCH = 520; uint256 internal constant TOKEN_NOT_REGISTERED = 521; uint256 internal constant TOKEN_ALREADY_REGISTERED = 522; uint256 internal constant TOKENS_ALREADY_SET = 523; uint256 internal constant TOKENS_LENGTH_MUST_BE_2 = 524; uint256 internal constant NONZERO_TOKEN_BALANCE = 525; uint256 internal constant BALANCE_TOTAL_OVERFLOW = 526; uint256 internal constant POOL_NO_TOKENS = 527; uint256 internal constant INSUFFICIENT_FLASH_LOAN_BALANCE = 528; // Fees uint256 internal constant SWAP_FEE_PERCENTAGE_TOO_HIGH = 600; uint256 internal constant FLASH_LOAN_FEE_PERCENTAGE_TOO_HIGH = 601; uint256 internal constant INSUFFICIENT_FLASH_LOAN_FEE_AMOUNT = 602; uint256 internal constant AUM_FEE_PERCENTAGE_TOO_HIGH = 603; // Misc uint256 internal constant UNIMPLEMENTED = 998; uint256 internal constant SHOULD_NOT_HAPPEN = 999; }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "../solidity-utils/helpers/IAuthentication.sol"; import "../vault/IVault.sol"; interface IAuthorizerAdaptor is IAuthentication { /** * @notice Returns the Balancer Vault */ function getVault() external view returns (IVault); /** * @notice Returns the Authorizer */ function getAuthorizer() external view returns (IAuthorizer); /** * @notice Performs an arbitrary function call on a target contract, provided the caller is authorized to do so. * @param target - Address of the contract to be called * @param data - Calldata to be sent to the target contract * @return The bytes encoded return value from the performed function call */ function performAction(address target, bytes calldata data) external payable returns (bytes memory); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/IAuthentication.sol"; /** * @dev Building block for performing access control on external functions. * * This contract is used via the `authenticate` modifier (or the `_authenticateCaller` function), which can be applied * to external functions to only make them callable by authorized accounts. * * Derived contracts must implement the `_canPerform` function, which holds the actual access control logic. */ abstract contract Authentication is IAuthentication { bytes32 private immutable _actionIdDisambiguator; /** * @dev The main purpose of the `actionIdDisambiguator` is to prevent accidental function selector collisions in * multi contract systems. * * There are two main uses for it: * - if the contract is a singleton, any unique identifier can be used to make the associated action identifiers * unique. The contract's own address is a good option. * - if the contract belongs to a family that shares action identifiers for the same functions, an identifier * shared by the entire family (and no other contract) should be used instead. */ constructor(bytes32 actionIdDisambiguator) { _actionIdDisambiguator = actionIdDisambiguator; } /** * @dev Reverts unless the caller is allowed to call this function. Should only be applied to external functions. */ modifier authenticate() { _authenticateCaller(); _; } /** * @dev Reverts unless the caller is allowed to call the entry point function. */ function _authenticateCaller() internal view { bytes32 actionId = getActionId(msg.sig); _require(_canPerform(actionId, msg.sender), Errors.SENDER_NOT_ALLOWED); } function getActionId(bytes4 selector) public view override returns (bytes32) { // Each external function is dynamically assigned an action identifier as the hash of the disambiguator and the // function selector. Disambiguation is necessary to avoid potential collisions in the function selectors of // multiple contracts. return keccak256(abi.encodePacked(_actionIdDisambiguator, selector)); } function _canPerform(bytes32 actionId, address user) internal view virtual returns (bool); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; library StablePoolUserData { enum JoinKind { INIT, EXACT_TOKENS_IN_FOR_BPT_OUT, TOKEN_IN_FOR_EXACT_BPT_OUT, ALL_TOKENS_IN_FOR_EXACT_BPT_OUT } enum ExitKind { EXACT_BPT_IN_FOR_ONE_TOKEN_OUT, BPT_IN_FOR_EXACT_TOKENS_OUT, EXACT_BPT_IN_FOR_ALL_TOKENS_OUT } function joinKind(bytes memory self) internal pure returns (JoinKind) { return abi.decode(self, (JoinKind)); } function exitKind(bytes memory self) internal pure returns (ExitKind) { return abi.decode(self, (ExitKind)); } // Joins function initialAmountsIn(bytes memory self) internal pure returns (uint256[] memory amountsIn) { (, amountsIn) = abi.decode(self, (JoinKind, uint256[])); } function exactTokensInForBptOut(bytes memory self) internal pure returns (uint256[] memory amountsIn, uint256 minBPTAmountOut) { (, amountsIn, minBPTAmountOut) = abi.decode(self, (JoinKind, uint256[], uint256)); } function tokenInForExactBptOut(bytes memory self) internal pure returns (uint256 bptAmountOut, uint256 tokenIndex) { (, bptAmountOut, tokenIndex) = abi.decode(self, (JoinKind, uint256, uint256)); } function allTokensInForExactBptOut(bytes memory self) internal pure returns (uint256 bptAmountOut) { (, bptAmountOut) = abi.decode(self, (JoinKind, uint256)); } // Exits function exactBptInForTokenOut(bytes memory self) internal pure returns (uint256 bptAmountIn, uint256 tokenIndex) { (, bptAmountIn, tokenIndex) = abi.decode(self, (ExitKind, uint256, uint256)); } function exactBptInForTokensOut(bytes memory self) internal pure returns (uint256 bptAmountIn) { (, bptAmountIn) = abi.decode(self, (ExitKind, uint256)); } function bptInForExactTokensOut(bytes memory self) internal pure returns (uint256[] memory amountsOut, uint256 maxBPTAmountIn) { (, amountsOut, maxBPTAmountIn) = abi.decode(self, (ExitKind, uint256[], uint256)); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; interface IRateProvider { /** * @dev Returns an 18 decimal fixed point number that is the exchange rate of the token to some other underlying * token. The meaning of this rate depends on the context. */ function getRate() external view returns (uint256); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "./LogExpMath.sol"; /* solhint-disable private-vars-leading-underscore */ library FixedPoint { uint256 internal constant ONE = 1e18; // 18 decimal places uint256 internal constant TWO = 2 * ONE; uint256 internal constant FOUR = 4 * ONE; uint256 internal constant MAX_POW_RELATIVE_ERROR = 10000; // 10^(-14) // Minimum base for the power function when the exponent is 'free' (larger than ONE). uint256 internal constant MIN_POW_BASE_FREE_EXPONENT = 0.7e18; function add(uint256 a, uint256 b) internal pure returns (uint256) { // Fixed Point addition is the same as regular checked addition uint256 c = a + b; _require(c >= a, Errors.ADD_OVERFLOW); return c; } function sub(uint256 a, uint256 b) internal pure returns (uint256) { // Fixed Point addition is the same as regular checked addition _require(b <= a, Errors.SUB_OVERFLOW); uint256 c = a - b; return c; } function mulDown(uint256 a, uint256 b) internal pure returns (uint256) { uint256 product = a * b; _require(a == 0 || product / a == b, Errors.MUL_OVERFLOW); return product / ONE; } function mulUp(uint256 a, uint256 b) internal pure returns (uint256) { uint256 product = a * b; _require(a == 0 || product / a == b, Errors.MUL_OVERFLOW); if (product == 0) { return 0; } else { // The traditional divUp formula is: // divUp(x, y) := (x + y - 1) / y // To avoid intermediate overflow in the addition, we distribute the division and get: // divUp(x, y) := (x - 1) / y + 1 // Note that this requires x != 0, which we already tested for. return ((product - 1) / ONE) + 1; } } function divDown(uint256 a, uint256 b) internal pure returns (uint256) { _require(b != 0, Errors.ZERO_DIVISION); if (a == 0) { return 0; } else { uint256 aInflated = a * ONE; _require(aInflated / a == ONE, Errors.DIV_INTERNAL); // mul overflow return aInflated / b; } } function divUp(uint256 a, uint256 b) internal pure returns (uint256) { _require(b != 0, Errors.ZERO_DIVISION); if (a == 0) { return 0; } else { uint256 aInflated = a * ONE; _require(aInflated / a == ONE, Errors.DIV_INTERNAL); // mul overflow // The traditional divUp formula is: // divUp(x, y) := (x + y - 1) / y // To avoid intermediate overflow in the addition, we distribute the division and get: // divUp(x, y) := (x - 1) / y + 1 // Note that this requires x != 0, which we already tested for. return ((aInflated - 1) / b) + 1; } } /** * @dev Returns x^y, assuming both are fixed point numbers, rounding down. The result is guaranteed to not be above * the true value (that is, the error function expected - actual is always positive). */ function powDown(uint256 x, uint256 y) internal pure returns (uint256) { // Optimize for when y equals 1.0, 2.0 or 4.0, as those are very simple to implement and occur often in 50/50 // and 80/20 Weighted Pools if (y == ONE) { return x; } else if (y == TWO) { return mulDown(x, x); } else if (y == FOUR) { uint256 square = mulDown(x, x); return mulDown(square, square); } else { uint256 raw = LogExpMath.pow(x, y); uint256 maxError = add(mulUp(raw, MAX_POW_RELATIVE_ERROR), 1); if (raw < maxError) { return 0; } else { return sub(raw, maxError); } } } /** * @dev Returns x^y, assuming both are fixed point numbers, rounding up. The result is guaranteed to not be below * the true value (that is, the error function expected - actual is always negative). */ function powUp(uint256 x, uint256 y) internal pure returns (uint256) { // Optimize for when y equals 1.0, 2.0 or 4.0, as those are very simple to implement and occur often in 50/50 // and 80/20 Weighted Pools if (y == ONE) { return x; } else if (y == TWO) { return mulUp(x, x); } else if (y == FOUR) { uint256 square = mulUp(x, x); return mulUp(square, square); } else { uint256 raw = LogExpMath.pow(x, y); uint256 maxError = add(mulUp(raw, MAX_POW_RELATIVE_ERROR), 1); return add(raw, maxError); } } /** * @dev Returns the complement of a value (1 - x), capped to 0 if x is larger than 1. * * Useful when computing the complement for values with some level of relative error, as it strips this error and * prevents intermediate negative values. */ function complement(uint256 x) internal pure returns (uint256) { return (x < ONE) ? (ONE - x) : 0; } }
// SPDX-License-Identifier: MIT pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; /** * @dev Wrappers over Solidity's arithmetic operations with added overflow checks. * Adapted from OpenZeppelin's SafeMath library. */ library Math { /** * @dev Returns the absolute value of a signed integer. */ function abs(int256 a) internal pure returns (uint256) { return a > 0 ? uint256(a) : uint256(-a); } /** * @dev Returns the addition of two unsigned integers of 256 bits, reverting on overflow. */ function add(uint256 a, uint256 b) internal pure returns (uint256) { uint256 c = a + b; _require(c >= a, Errors.ADD_OVERFLOW); return c; } /** * @dev Returns the addition of two signed integers, reverting on overflow. */ function add(int256 a, int256 b) internal pure returns (int256) { int256 c = a + b; _require((b >= 0 && c >= a) || (b < 0 && c < a), Errors.ADD_OVERFLOW); return c; } /** * @dev Returns the subtraction of two unsigned integers of 256 bits, reverting on overflow. */ function sub(uint256 a, uint256 b) internal pure returns (uint256) { _require(b <= a, Errors.SUB_OVERFLOW); uint256 c = a - b; return c; } /** * @dev Returns the subtraction of two signed integers, reverting on overflow. */ function sub(int256 a, int256 b) internal pure returns (int256) { int256 c = a - b; _require((b >= 0 && c <= a) || (b < 0 && c > a), Errors.SUB_OVERFLOW); return c; } /** * @dev Returns the largest of two numbers of 256 bits. */ function max(uint256 a, uint256 b) internal pure returns (uint256) { return a >= b ? a : b; } /** * @dev Returns the smallest of two numbers of 256 bits. */ function min(uint256 a, uint256 b) internal pure returns (uint256) { return a < b ? a : b; } function mul(uint256 a, uint256 b) internal pure returns (uint256) { uint256 c = a * b; _require(a == 0 || c / a == b, Errors.MUL_OVERFLOW); return c; } function div( uint256 a, uint256 b, bool roundUp ) internal pure returns (uint256) { return roundUp ? divUp(a, b) : divDown(a, b); } function divDown(uint256 a, uint256 b) internal pure returns (uint256) { _require(b != 0, Errors.ZERO_DIVISION); return a / b; } function divUp(uint256 a, uint256 b) internal pure returns (uint256) { _require(b != 0, Errors.ZERO_DIVISION); if (a == 0) { return 0; } else { return 1 + (a - 1) / b; } } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC20.sol"; import "@balancer-labs/v2-interfaces/contracts/vault/IAsset.sol"; // solhint-disable function _asIAsset(IERC20[] memory tokens) pure returns (IAsset[] memory assets) { // solhint-disable-next-line no-inline-assembly assembly { assets := tokens } } function _sortTokens( IERC20 tokenA, IERC20 tokenB, IERC20 tokenC ) pure returns (IERC20[] memory tokens) { (uint256 indexTokenA, uint256 indexTokenB, uint256 indexTokenC) = _getSortedTokenIndexes(tokenA, tokenB, tokenC); tokens = new IERC20[](3); tokens[indexTokenA] = tokenA; tokens[indexTokenB] = tokenB; tokens[indexTokenC] = tokenC; } function _insertSorted(IERC20[] memory tokens, IERC20 token) pure returns (IERC20[] memory sorted) { sorted = new IERC20[](tokens.length + 1); if (tokens.length == 0) { sorted[0] = token; return sorted; } uint256 i; for (i = tokens.length; i > 0 && tokens[i - 1] > token; i--) sorted[i] = tokens[i - 1]; for (uint256 j = 0; j < i; j++) sorted[j] = tokens[j]; sorted[i] = token; } function _appendToken(IERC20[] memory tokens, IERC20 newToken) pure returns (IERC20[] memory newTokens) { uint256 numTokens = tokens.length; newTokens = new IERC20[](numTokens + 1); for (uint256 i = 0; i < numTokens; ++i) newTokens[i] = tokens[i]; newTokens[numTokens] = newToken; } function _findTokenIndex(IERC20[] memory tokens, IERC20 token) pure returns (uint256) { // Note that while we know tokens are initially sorted, we cannot assume this will hold throughout // the pool's lifetime, as pools with mutable tokens can append and remove tokens in any order. uint256 tokensLength = tokens.length; for (uint256 i = 0; i < tokensLength; i++) { if (tokens[i] == token) { return i; } } _revert(Errors.INVALID_TOKEN); } function _getSortedTokenIndexes( IERC20 tokenA, IERC20 tokenB, IERC20 tokenC ) pure returns ( uint256 indexTokenA, uint256 indexTokenB, uint256 indexTokenC ) { if (tokenA < tokenB) { if (tokenB < tokenC) { // (tokenA, tokenB, tokenC) return (0, 1, 2); } else if (tokenA < tokenC) { // (tokenA, tokenC, tokenB) return (0, 2, 1); } else { // (tokenC, tokenA, tokenB) return (1, 2, 0); } } else { // tokenB < tokenA if (tokenC < tokenB) { // (tokenC, tokenB, tokenA) return (2, 1, 0); } else if (tokenC < tokenA) { // (tokenB, tokenC, tokenA) return (2, 0, 1); } else { // (tokenB, tokenA, tokenC) return (1, 0, 2); } } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC20.sol"; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; library InputHelpers { function ensureInputLengthMatch(uint256 a, uint256 b) internal pure { _require(a == b, Errors.INPUT_LENGTH_MISMATCH); } function ensureInputLengthMatch( uint256 a, uint256 b, uint256 c ) internal pure { _require(a == b && b == c, Errors.INPUT_LENGTH_MISMATCH); } function ensureArrayIsSorted(IERC20[] memory array) internal pure { address[] memory addressArray; // solhint-disable-next-line no-inline-assembly assembly { addressArray := array } ensureArrayIsSorted(addressArray); } function ensureArrayIsSorted(address[] memory array) internal pure { if (array.length < 2) { return; } address previous = array[0]; for (uint256 i = 1; i < array.length; ++i) { address current = array[i]; _require(previous < current, Errors.UNSORTED_ARRAY); previous = current; } } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "@balancer-labs/v2-interfaces/contracts/vault/IGeneralPool.sol"; import "./BasePool.sol"; /** * @dev Extension of `BasePool`, adding a handler for `IGeneralPool.onSwap`. * * Derived contracts must call `BasePool`'s constructor, and implement `_onSwapGivenIn` and `_onSwapGivenOut` along with * `BasePool`'s virtual functions. Inheriting from this contract lets derived contracts choose the General * specialization setting. */ abstract contract BaseGeneralPool is IGeneralPool, BasePool { // Swap Hooks function onSwap( SwapRequest memory swapRequest, uint256[] memory balances, uint256 indexIn, uint256 indexOut ) external override onlyVault(swapRequest.poolId) returns (uint256) { _beforeSwapJoinExit(); _validateIndexes(indexIn, indexOut, _getTotalTokens()); uint256[] memory scalingFactors = _scalingFactors(); return swapRequest.kind == IVault.SwapKind.GIVEN_IN ? _swapGivenIn(swapRequest, balances, indexIn, indexOut, scalingFactors) : _swapGivenOut(swapRequest, balances, indexIn, indexOut, scalingFactors); } function _swapGivenIn( SwapRequest memory swapRequest, uint256[] memory balances, uint256 indexIn, uint256 indexOut, uint256[] memory scalingFactors ) internal virtual returns (uint256) { // Fees are subtracted before scaling, to reduce the complexity of the rounding direction analysis. swapRequest.amount = _subtractSwapFeeAmount(swapRequest.amount); _upscaleArray(balances, scalingFactors); swapRequest.amount = _upscale(swapRequest.amount, scalingFactors[indexIn]); uint256 amountOut = _onSwapGivenIn(swapRequest, balances, indexIn, indexOut); // amountOut tokens are exiting the Pool, so we round down. return _downscaleDown(amountOut, scalingFactors[indexOut]); } function _swapGivenOut( SwapRequest memory swapRequest, uint256[] memory balances, uint256 indexIn, uint256 indexOut, uint256[] memory scalingFactors ) internal virtual returns (uint256) { _upscaleArray(balances, scalingFactors); swapRequest.amount = _upscale(swapRequest.amount, scalingFactors[indexOut]); uint256 amountIn = _onSwapGivenOut(swapRequest, balances, indexIn, indexOut); // amountIn tokens are entering the Pool, so we round up. amountIn = _downscaleUp(amountIn, scalingFactors[indexIn]); // Fees are added after scaling happens, to reduce the complexity of the rounding direction analysis. return _addSwapFeeAmount(amountIn); } /* * @dev Called when a swap with the Pool occurs, where the amount of tokens entering the Pool is known. * * Returns the amount of tokens that will be taken from the Pool in return. * * All amounts inside `swapRequest` and `balances` are upscaled. The swap fee has already been deducted from * `swapRequest.amount`. * * The return value is also considered upscaled, and will be downscaled (rounding down) before returning it to the * Vault. */ function _onSwapGivenIn( SwapRequest memory swapRequest, uint256[] memory balances, uint256 indexIn, uint256 indexOut ) internal virtual returns (uint256); /* * @dev Called when a swap with the Pool occurs, where the amount of tokens exiting the Pool is known. * * Returns the amount of tokens that will be granted to the Pool in return. * * All amounts inside `swapRequest` and `balances` are upscaled. * * The return value is also considered upscaled, and will be downscaled (rounding up) before applying the swap fee * and returning it to the Vault. */ function _onSwapGivenOut( SwapRequest memory swapRequest, uint256[] memory balances, uint256 indexIn, uint256 indexOut ) internal virtual returns (uint256); function _validateIndexes( uint256 indexIn, uint256 indexOut, uint256 limit ) private pure { _require(indexIn < limit && indexOut < limit, Errors.OUT_OF_BOUNDS); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/WordCodec.sol"; /** * Price rate caches are used to avoid querying the price rate for a token every time we need to work with it. It is * useful for slow changing rates, such as those that arise from interest-bearing tokens (e.g. waDAI into DAI). * * The cache data is packed into a single bytes32 value with the following structure: * [ 32 bits | 32 bits | 96 bits | 96 bits ] * [ expires | duration | old rate | current rate ] * |MSB LSB| * * 'rate' is an 18 decimal fixed point number, supporting rates of up to ~3e10. 'expires' is a Unix timestamp, and * 'duration' is expressed in seconds. */ library PriceRateCache { using WordCodec for bytes32; uint256 private constant _CURRENT_PRICE_RATE_OFFSET = 0; uint256 private constant _OLD_PRICE_RATE_OFFSET = 96; uint256 private constant _PRICE_RATE_CACHE_DURATION_OFFSET = 192; uint256 private constant _PRICE_RATE_CACHE_EXPIRES_OFFSET = 224; uint256 private constant _RATE_BIT_LENGTH = 96; uint256 private constant _DURATION_BIT_LENGTH = 32; /** * @dev Returns the current rate in the price rate cache. */ function getCurrentRate(bytes32 cache) internal pure returns (uint256) { return cache.decodeUint(_CURRENT_PRICE_RATE_OFFSET, _RATE_BIT_LENGTH); } /** * @dev Returns the old rate in the price rate cache. */ function getOldRate(bytes32 cache) internal pure returns (uint256) { return cache.decodeUint(_OLD_PRICE_RATE_OFFSET, _RATE_BIT_LENGTH); } /** * @dev Copies the current rate to the old rate. */ function updateOldRate(bytes32 cache) internal pure returns (bytes32) { return cache.insertUint(getCurrentRate(cache), _OLD_PRICE_RATE_OFFSET, _RATE_BIT_LENGTH); } /** * @dev Returns the duration of a price rate cache. */ function getDuration(bytes32 cache) internal pure returns (uint256) { return cache.decodeUint(_PRICE_RATE_CACHE_DURATION_OFFSET, _DURATION_BIT_LENGTH); } /** * @dev Returns the duration and expiration time of a price rate cache. */ function getTimestamps(bytes32 cache) internal pure returns (uint256 duration, uint256 expires) { duration = getDuration(cache); expires = cache.decodeUint(_PRICE_RATE_CACHE_EXPIRES_OFFSET, _DURATION_BIT_LENGTH); } /** * @dev Encodes rate and duration into a price rate cache. The expiration time is computed automatically, counting * from the current time. */ function updateRateAndDuration( bytes32 cache, uint256 rate, uint256 duration ) internal view returns (bytes32) { _require(rate >> _RATE_BIT_LENGTH == 0, Errors.PRICE_RATE_OVERFLOW); // solhint-disable not-rely-on-time return cache .insertUint(rate, _CURRENT_PRICE_RATE_OFFSET, _RATE_BIT_LENGTH) .insertUint(duration, _PRICE_RATE_CACHE_DURATION_OFFSET, _DURATION_BIT_LENGTH) .insertUint(block.timestamp + duration, _PRICE_RATE_CACHE_EXPIRES_OFFSET, _DURATION_BIT_LENGTH); } /** * @dev Update the current rate in a price rate cache. */ function updateCurrentRate(bytes32 cache, uint256 rate) internal pure returns (bytes32) { _require(rate >> _RATE_BIT_LENGTH == 0, Errors.PRICE_RATE_OVERFLOW); return cache.insertUint(rate, _CURRENT_PRICE_RATE_OFFSET, _RATE_BIT_LENGTH); } /** * @dev Update the duration (and expiration) in a price rate cache. */ function updateDuration(bytes32 cache, uint256 duration) internal view returns (bytes32) { return cache.insertUint(duration, _PRICE_RATE_CACHE_DURATION_OFFSET, _DURATION_BIT_LENGTH).insertUint( block.timestamp + duration, _PRICE_RATE_CACHE_EXPIRES_OFFSET, _DURATION_BIT_LENGTH ); } /** * @dev Returns rate, duration and expiration time of a price rate cache. */ function decode(bytes32 cache) internal pure returns ( uint256 rate, uint256 duration, uint256 expires ) { rate = getCurrentRate(cache); (duration, expires) = getTimestamps(cache); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC20.sol"; import "@balancer-labs/v2-interfaces/contracts/pool-utils/IRateProvider.sol"; import "@balancer-labs/v2-pool-utils/contracts/BasePool.sol"; import "./StableMath.sol"; abstract contract ComposableStablePoolStorage is BasePool { using FixedPoint for uint256; using WordCodec for bytes32; struct StorageParams { IERC20[] registeredTokens; IRateProvider[] tokenRateProviders; bool exemptFromYieldProtocolFeeFlag; } // This minimum refers not to the total tokens, but rather to the non-BPT tokens. The minimum value for _totalTokens // is therefore _MIN_NON_BPT_TOKENS + 1. uint256 private constant _MIN_NON_BPT_TOKENS = 2; // The Pool will register n+1 tokens, where n are the actual tokens in the Pool, and the other one is the BPT // itself. uint256 private immutable _totalTokens; // The index of BPT in the tokens and balances arrays, i.e. its index when calling IVault.registerTokens(). uint256 private immutable _bptIndex; // These are the registered tokens: one of them will be the BPT. IERC20 private immutable _token0; IERC20 private immutable _token1; IERC20 private immutable _token2; IERC20 private immutable _token3; IERC20 private immutable _token4; IERC20 private immutable _token5; // All token balances are normalized to behave as if the token had 18 decimals. We assume a token's decimals will // not change throughout its lifetime, and store the corresponding scaling factor for each at construction time. // These factors are always greater than or equal to one: tokens with more than 18 decimals are not supported. uint256 internal immutable _scalingFactor0; uint256 internal immutable _scalingFactor1; uint256 internal immutable _scalingFactor2; uint256 internal immutable _scalingFactor3; uint256 internal immutable _scalingFactor4; uint256 internal immutable _scalingFactor5; // Rate Providers accommodate tokens with a known price ratio, such as Compound's cTokens. IRateProvider internal immutable _rateProvider0; IRateProvider internal immutable _rateProvider1; IRateProvider internal immutable _rateProvider2; IRateProvider internal immutable _rateProvider3; IRateProvider internal immutable _rateProvider4; IRateProvider internal immutable _rateProvider5; // This is a bitmap which allows querying whether a token at a particular index: // - has a rate provider associated with it. // - is exempt from yield protocol fees. // This is required as the data stored in this bitmap is computed from values in immutable storage, // without this bitmap we would have to manually search through token by token to reach these values. // The data structure is as follows: // // [ unused | rate provider flags | exemption flags ] // [ 244 bits | 6 bits | 6 bits ] bytes32 private immutable _rateProviderInfoBitmap; // Indicates whether all the tokens from the pool are exempt from yield protocol fee or not. bool private immutable _exemptFromYieldProtocolFee; uint256 private constant _RATE_PROVIDER_FLAGS_OFFSET = 6; constructor(StorageParams memory params) { // BasePool checks that the Pool has at least two tokens, but since one of them is the BPT (this contract), we // need to check ourselves that there are at least creator-supplied tokens (i.e. the minimum number of total // tokens for this contract is actually three, including the BPT). uint256 totalTokens = params.registeredTokens.length; _require(totalTokens > _MIN_NON_BPT_TOKENS, Errors.MIN_TOKENS); InputHelpers.ensureInputLengthMatch(totalTokens - 1, params.tokenRateProviders.length); _totalTokens = totalTokens; // Immutable variables cannot be initialized inside an if statement, so we must do conditional assignments _token0 = params.registeredTokens[0]; _token1 = params.registeredTokens[1]; _token2 = params.registeredTokens[2]; _token3 = totalTokens > 3 ? params.registeredTokens[3] : IERC20(0); _token4 = totalTokens > 4 ? params.registeredTokens[4] : IERC20(0); _token5 = totalTokens > 5 ? params.registeredTokens[5] : IERC20(0); _scalingFactor0 = _computeScalingFactor(params.registeredTokens[0]); _scalingFactor1 = _computeScalingFactor(params.registeredTokens[1]); _scalingFactor2 = _computeScalingFactor(params.registeredTokens[2]); _scalingFactor3 = totalTokens > 3 ? _computeScalingFactor(params.registeredTokens[3]) : 0; _scalingFactor4 = totalTokens > 4 ? _computeScalingFactor(params.registeredTokens[4]) : 0; _scalingFactor5 = totalTokens > 5 ? _computeScalingFactor(params.registeredTokens[5]) : 0; // The Vault keeps track of all Pool tokens in a specific order: we need to know what the index of BPT is in // this ordering to be able to identify it when balances arrays are received. Since the tokens array is sorted, // we need to find the correct BPT index in the array returned by `_insertSorted()`. // See `IVault.getPoolTokens()` for more information regarding token ordering. uint256 bptIndex; for ( bptIndex = params.registeredTokens.length - 1; bptIndex > 0 && params.registeredTokens[bptIndex] > IERC20(this); bptIndex-- ) { // solhint-disable-previous-line no-empty-blocks } _bptIndex = bptIndex; // The rate providers are stored as immutable state variables, and for simplicity when accessing those we'll // reference them by token index in the full base tokens plus BPT set (i.e. the tokens the Pool registers). Due // to immutable variables requiring an explicit assignment instead of defaulting to an empty value, it is // simpler to create a new memory array with the values we want to assign to the immutable state variables. IRateProvider[] memory rateProviders = new IRateProvider[](params.registeredTokens.length); bytes32 rateProviderInfoBitmap; // The exemptFromYieldFlag should never be set on a token without a rate provider. // This would cause division by zero errors downstream. for (uint256 i = 0; i < params.registeredTokens.length; ++i) { if (i < bptIndex) { rateProviders[i] = params.tokenRateProviders[i]; } else if (i != bptIndex) { rateProviders[i] = params.tokenRateProviders[i - 1]; } else { // do nothing for i == bptIndex continue; } // Store whether token has rate provider rateProviderInfoBitmap = rateProviderInfoBitmap.insertBool( rateProviders[i] != IRateProvider(0), _RATE_PROVIDER_FLAGS_OFFSET + i ); // Store whether token is exempt from yield fees (only with rate providers). if (params.exemptFromYieldProtocolFeeFlag && rateProviders[i] != IRateProvider(0)) { rateProviderInfoBitmap = rateProviderInfoBitmap.insertBool(true, i); } } // Either all tokens are exempt, or none of them are. This is defined by the input parameter. _exemptFromYieldProtocolFee = params.exemptFromYieldProtocolFeeFlag; // Immutable variables cannot be initialized inside an if statement, so we must do conditional assignments _rateProvider0 = rateProviders[0]; _rateProvider1 = rateProviders[1]; _rateProvider2 = rateProviders[2]; _rateProvider3 = (rateProviders.length > 3) ? rateProviders[3] : IRateProvider(0); _rateProvider4 = (rateProviders.length > 4) ? rateProviders[4] : IRateProvider(0); _rateProvider5 = (rateProviders.length > 5) ? rateProviders[5] : IRateProvider(0); _rateProviderInfoBitmap = rateProviderInfoBitmap; } // Tokens function _getTotalTokens() internal view virtual override returns (uint256) { return _totalTokens; } function _getMaxTokens() internal pure override returns (uint256) { // The BPT will be one of the Pool tokens, but it is unaffected by the Stable 5 token limit. return StableMath._MAX_STABLE_TOKENS + 1; } function getBptIndex() public view returns (uint256) { return _bptIndex; } function _getTokenIndex(IERC20 token) internal view returns (uint256) { if (token == _token0) return 0; if (token == _token1) return 1; if (token == _token2) return 2; if (token == _token3) return 3; if (token == _token4) return 4; if (token == _token5) return 5; _revert(Errors.INVALID_TOKEN); } function _scalingFactor(IERC20) internal view virtual override returns (uint256) { // We never use a single token's scaling factor by itself, we always process the entire array at once. // Therefore we don't bother providing an implementation for this. _revert(Errors.UNIMPLEMENTED); } // Index helpers // Convert from an index into an array including BPT (the Vault's registered token list), to an index // into an array excluding BPT (usually from user input, such as amountsIn/Out). // `index` must not be the BPT token index itself. function _skipBptIndex(uint256 index) internal view returns (uint256) { // Currently this is never called with an index passed in from user input, so this check // should not be necessary. Included for completion (and future proofing). _require(index != getBptIndex(), Errors.OUT_OF_BOUNDS); return index < getBptIndex() ? index : index.sub(1); } /** * @dev Remove the item at `_bptIndex` from an arbitrary array (e.g., amountsIn). */ function _dropBptItem(uint256[] memory amounts) internal view returns (uint256[] memory) { uint256[] memory amountsWithoutBpt = new uint256[](amounts.length - 1); for (uint256 i = 0; i < amountsWithoutBpt.length; i++) { amountsWithoutBpt[i] = amounts[i < getBptIndex() ? i : i + 1]; } return amountsWithoutBpt; } /** * @dev Same as `_dropBptItem`, except the virtual supply is also returned, and `balances` is assumed to be the * current Pool balances (including BPT). */ function _dropBptItemFromBalances(uint256[] memory registeredBalances) internal view returns (uint256, uint256[] memory) { return (_getVirtualSupply(registeredBalances[getBptIndex()]), _dropBptItem(registeredBalances)); } // Convert from an index into an array excluding BPT (usually from user input, such as amountsIn/Out), // to an index into an array including BPT (the Vault's registered token list). // `index` must not be the BPT token index itself, if it is the last element, and the result must be // in the range of registered tokens. function _addBptIndex(uint256 index) internal view returns (uint256 registeredIndex) { // This can be called from an index passed in from user input. registeredIndex = index < getBptIndex() ? index : index.add(1); // TODO: `indexWithBpt != getBptIndex()` follows from above line and so can be removed. _require(registeredIndex < _totalTokens && registeredIndex != getBptIndex(), Errors.OUT_OF_BOUNDS); } /** * @dev Take an array of arbitrary values the size of the token set without BPT, and insert the given * bptAmount at the bptIndex location. * * The caller is responsible for ensuring the `amounts` input array is sized properly; this function * performs no checks. */ function _addBptItem(uint256[] memory amounts, uint256 bptAmount) internal view returns (uint256[] memory registeredTokenAmounts) { registeredTokenAmounts = new uint256[](amounts.length + 1); for (uint256 i = 0; i < registeredTokenAmounts.length; i++) { registeredTokenAmounts[i] = i == getBptIndex() ? bptAmount : amounts[i < getBptIndex() ? i : i - 1]; } } // Rate Providers function _getScalingFactor(uint256 index) internal view returns (uint256) { if (index == 0) return _scalingFactor0; if (index == 1) return _scalingFactor1; if (index == 2) return _scalingFactor2; if (index == 3) return _scalingFactor3; if (index == 4) return _scalingFactor4; if (index == 5) return _scalingFactor5; else { _revert(Errors.INVALID_TOKEN); } } /** * @dev Returns the rate providers configured for each token (in the same order as registered). */ function getRateProviders() external view returns (IRateProvider[] memory) { uint256 totalTokens = _getTotalTokens(); IRateProvider[] memory providers = new IRateProvider[](totalTokens); for (uint256 i = 0; i < totalTokens; ++i) { providers[i] = _getRateProvider(i); } return providers; } function _getRateProvider(uint256 index) internal view returns (IRateProvider) { if (index == 0) return _rateProvider0; if (index == 1) return _rateProvider1; if (index == 2) return _rateProvider2; if (index == 3) return _rateProvider3; if (index == 4) return _rateProvider4; if (index == 5) return _rateProvider5; else { _revert(Errors.INVALID_TOKEN); } } /** * @notice Return true if the token at this index has a rate provider */ function _hasRateProvider(uint256 tokenIndex) internal view returns (bool) { return _rateProviderInfoBitmap.decodeBool(_RATE_PROVIDER_FLAGS_OFFSET + tokenIndex); } /** * @notice Return true if all tokens are exempt from yield fees. */ function isExemptFromYieldProtocolFee() public view returns (bool) { return _exemptFromYieldProtocolFee; } /** * @dev Returns whether the token is exempt from protocol fees on the yield. * If the BPT token is passed in (which doesn't make much sense, but shouldn't fail, * since it is a valid pool token), the corresponding flag will be false. */ function isTokenExemptFromYieldProtocolFee(IERC20 token) external view returns (bool) { return _exemptFromYieldProtocolFee && _hasRateProvider(_getTokenIndex(token)); } // Virtual Supply /** * @dev Returns the number of tokens in circulation. * * WARNING: in the vast majority of cases this is not a useful value, since it does not include the debt the Pool * accrued in the form of unminted BPT for the ProtocolFeesCollector. Look into `getActualSupply()` and how that's * different. * * In other pools, this would be the same as `totalSupply`, but since this pool pre-mints BPT and holds it in the * Vault as a token, we need to subtract the Vault's balance to get the total "circulating supply". Both the * totalSupply and Vault balance can change. If users join or exit using swaps, some of the preminted BPT are * exchanged, so the Vault's balance increases after joins and decreases after exits. If users call the regular * joins/exit functions, the totalSupply can change as BPT are minted for joins or burned for exits. */ function _getVirtualSupply(uint256 bptBalance) internal view returns (uint256) { // The initial amount of BPT pre-minted is _PREMINTED_TOKEN_BALANCE, and it goes entirely to the pool balance in // the vault. So the virtualSupply (the amount of BPT supply in circulation) is defined as: // virtualSupply = totalSupply() - _balances[_bptIndex] return totalSupply().sub(bptBalance); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC20.sol"; import "@balancer-labs/v2-interfaces/contracts/pool-utils/IRateProvider.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/ERC20Helpers.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/InputHelpers.sol"; import "@balancer-labs/v2-pool-utils/contracts/rates/PriceRateCache.sol"; import "./ComposableStablePoolStorage.sol"; abstract contract ComposableStablePoolRates is ComposableStablePoolStorage { using PriceRateCache for bytes32; using FixedPoint for uint256; struct RatesParams { IERC20[] tokens; IRateProvider[] rateProviders; uint256[] tokenRateCacheDurations; } // Token rate caches are used to avoid querying the price rate for a token every time we need to work with it. // The "old rate" field is used for precise protocol fee calculation, to ensure that token yield is only // "taxed" once. The data structure is as follows: // // [ expires | duration | old rate | current rate ] // [ uint32 | uint32 | uint96 | uint96 ] // Since we never need just one cache but all of them at once, instead of making the mapping go from token address // to cache, we go from token index (including BPT), i.e. an array. We use a mapping however instead of a native // array to skip the extra read associated with the out-of-bounds check, as we have cheaper ways to guarantee the // indices are valid. mapping(uint256 => bytes32) internal _tokenRateCaches; event TokenRateCacheUpdated(uint256 indexed tokenIndex, uint256 rate); event TokenRateProviderSet(uint256 indexed tokenIndex, IRateProvider indexed provider, uint256 cacheDuration); constructor(RatesParams memory rateParams) { InputHelpers.ensureInputLengthMatch( rateParams.tokens.length, rateParams.rateProviders.length, rateParams.tokenRateCacheDurations.length ); IERC20[] memory registeredTokens = _insertSorted(rateParams.tokens, IERC20(this)); uint256 bptIndex; for ( bptIndex = registeredTokens.length - 1; bptIndex > 0 && registeredTokens[bptIndex] > IERC20(this); bptIndex-- ) { // solhint-disable-previous-line no-empty-blocks } uint256 skipBpt = 0; for (uint256 i = 0; i < rateParams.tokens.length; i++) { if (i == bptIndex) { skipBpt = 1; } uint256 k = i + skipBpt; if (rateParams.rateProviders[i] != IRateProvider(0)) { _updateTokenRateCache(k, rateParams.rateProviders[i], rateParams.tokenRateCacheDurations[i]); emit TokenRateProviderSet(k, rateParams.rateProviders[i], rateParams.tokenRateCacheDurations[i]); // Initialize the old rates as well, in case they are referenced before the first join. _updateOldRate(k); } } } /** * @dev Ensure we are not in a Vault context when this function is called, by attempting a no-op internal * balance operation. If we are already in a Vault transaction (e.g., a swap, join, or exit), the Vault's * reentrancy protection will cause this function to revert. * * The exact function call doesn't really matter: we're just trying to trigger the Vault reentrancy check * (and not hurt anything in case it works). An empty operation array with no specific operation at all works * for that purpose, and is also the least expensive in terms of gas and bytecode size. * * Use this modifier with any function that can cause a state change in a pool and is either public itself, * or called by a public function *outside* a Vault operation (e.g., join, exit, or swap). * See https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345 for reference. */ modifier whenNotInVaultContext() { _ensureNotInVaultContext(); _; } /** * @dev Reverts if called in the middle of a Vault operation; has no effect otherwise. */ function _ensureNotInVaultContext() private { IVault.UserBalanceOp[] memory noop = new IVault.UserBalanceOp[](0); getVault().manageUserBalance(noop); } /** * @dev Updates the old rate for the token at `index` (including BPT). Assumes `index` is valid. */ function _updateOldRate(uint256 index) internal { bytes32 cache = _tokenRateCaches[index]; _tokenRateCaches[index] = cache.updateOldRate(); } /** * @dev Returns the rate for a given token. All token rates are fixed-point values with 18 decimals. * If there is no rate provider for the provided token, it returns FixedPoint.ONE. */ function getTokenRate(IERC20 token) external view returns (uint256) { return _getTokenRate(_getTokenIndex(token)); } function _getTokenRate(uint256 index) internal view virtual returns (uint256) { // We optimize for the scenario where all tokens have rate providers, except the BPT (which never has a rate // provider). Therefore, we return early if `token` is the BPT, and otherwise optimistically read the cache // expecting that it will not be empty (instead of e.g. fetching the provider to avoid a cache read, since // we don't need the provider at all). if (index == getBptIndex()) { return FixedPoint.ONE; } bytes32 tokenRateCache = _tokenRateCaches[index]; return tokenRateCache == bytes32(0) ? FixedPoint.ONE : tokenRateCache.getCurrentRate(); } /** * @dev Returns the cached value for token's rate. Reverts if the token doesn't belong to the pool or has no rate * provider. */ function getTokenRateCache(IERC20 token) external view returns ( uint256 rate, uint256 oldRate, uint256 duration, uint256 expires ) { bytes32 cache = _tokenRateCaches[_getTokenIndex(token)]; // A zero cache indicates that the token doesn't have a rate provider associated with it. _require(cache != bytes32(0), Errors.TOKEN_DOES_NOT_HAVE_RATE_PROVIDER); rate = cache.getCurrentRate(); oldRate = cache.getOldRate(); (duration, expires) = cache.getTimestamps(); } /** * @dev Sets a new duration for a token rate cache. * Note this function also updates the current cached value. * * This function will revert when called within a Vault context (i.e. in the middle of a join or an exit). * * This function depends on `getRate` via the rate provider, which may be calculated incorrectly in the middle of a * join or an exit because the state of the pool could be out of sync with the state of the Vault. * * It will also revert if there was no rate provider set initially. * * See https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345 for reference. * * @param duration Number of seconds until the current token rate is fetched again. */ function setTokenRateCacheDuration(IERC20 token, uint256 duration) external authenticate whenNotInVaultContext { uint256 index = _getTokenIndex(token); IRateProvider provider = _getRateProvider(index); _require(address(provider) != address(0), Errors.TOKEN_DOES_NOT_HAVE_RATE_PROVIDER); _updateTokenRateCache(index, provider, duration); emit TokenRateProviderSet(index, provider, duration); } /** * @dev Forces a rate cache hit for a token. * * This function will revert when called within a Vault context (i.e. in the middle of a join or an exit). * * This function depends on `getRate` via the rate provider, which may be calculated incorrectly in the middle of a * join or an exit because the state of the pool could be out of sync with the state of the Vault. * * It will also revert if the requested token does not have an associated rate provider. * * See https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345 for reference. */ function updateTokenRateCache(IERC20 token) external whenNotInVaultContext { uint256 index = _getTokenIndex(token); IRateProvider provider = _getRateProvider(index); _require(address(provider) != address(0), Errors.TOKEN_DOES_NOT_HAVE_RATE_PROVIDER); uint256 duration = _tokenRateCaches[index].getDuration(); _updateTokenRateCache(index, provider, duration); } /** * @dev Internal function to update a token rate cache for a known provider and duration. * It trusts the given values, and does not perform any checks. */ function _updateTokenRateCache( uint256 index, IRateProvider provider, uint256 duration ) internal virtual { uint256 rate = provider.getRate(); bytes32 cache = _tokenRateCaches[index]; _tokenRateCaches[index] = cache.updateRateAndDuration(rate, duration); emit TokenRateCacheUpdated(index, rate); } /** * @dev Caches the rates of all tokens if necessary */ function _cacheTokenRatesIfNecessary() internal { uint256 totalTokens = _getTotalTokens(); for (uint256 i = 0; i < totalTokens; ++i) { _cacheTokenRateIfNecessary(i); } } /** * @dev Caches the rate for a token if necessary. It ignores the call if there is no provider set. */ function _cacheTokenRateIfNecessary(uint256 index) internal { // We optimize for the scenario where all tokens have rate providers, except the BPT (which never has a rate // provider). Therefore, we return early if token is BPT, and otherwise optimistically read the cache expecting // that it will not be empty (instead of e.g. fetching the provider to avoid a cache read in situations where // we might not need the provider if the cache is still valid). if (index == getBptIndex()) return; bytes32 cache = _tokenRateCaches[index]; if (cache != bytes32(0)) { (uint256 duration, uint256 expires) = cache.getTimestamps(); if (block.timestamp > expires) { // solhint-disable-previous-line not-rely-on-time _updateTokenRateCache(index, _getRateProvider(index), duration); } } } // To compute the yield protocol fees, we need the oldRate for all tokens, even if the exempt flag is not set. // We do need to ensure the token has a rate provider before updating; otherwise it will not be in the cache. function _updateOldRates() internal { uint256 totalTokens = _getTotalTokens(); for (uint256 i = 0; i < totalTokens; ++i) { if (_hasRateProvider(i)) _updateOldRate(i); } } /** * @dev Apply the token ratios to a set of balances, only if they have a rate provider. * The `balances` array is assumed to not include BPT to ensure that token indices align. */ function _getAdjustedBalances(uint256[] memory balances) internal view returns (uint256[] memory) { uint256 totalTokensWithoutBpt = balances.length; uint256[] memory adjustedBalances = new uint256[](totalTokensWithoutBpt); for (uint256 i = 0; i < totalTokensWithoutBpt; ++i) { uint256 skipBptIndex = i >= getBptIndex() ? i + 1 : i; adjustedBalances[i] = _hasRateProvider(skipBptIndex) ? _adjustedBalance(balances[i], _tokenRateCaches[skipBptIndex]) : balances[i]; } return adjustedBalances; } // Compute balance * oldRate/currentRate, doing division last to minimize rounding error. function _adjustedBalance(uint256 balance, bytes32 cache) private pure returns (uint256) { return Math.divDown(Math.mul(balance, cache.getOldRate()), cache.getCurrentRate()); } // Scaling Factors /** * @dev Overrides scaling factor getter to compute the tokens' rates. */ function _scalingFactors() internal view virtual override returns (uint256[] memory) { // There is no need to check the arrays length since both are based on `_getTotalTokens` uint256 totalTokens = _getTotalTokens(); uint256[] memory scalingFactors = new uint256[](totalTokens); for (uint256 i = 0; i < totalTokens; ++i) { scalingFactors[i] = _getScalingFactor(i).mulDown(_getTokenRate(i)); } return scalingFactors; } /** * @dev Overrides only owner action to allow setting the cache duration for the token rates */ function _isOwnerOnlyAction(bytes32 actionId) internal view virtual override returns (bool) { return (actionId == getActionId(this.setTokenRateCacheDuration.selector)) || super._isOwnerOnlyAction(actionId); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "@balancer-labs/v2-solidity-utils/contracts/math/FixedPoint.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/WordCodec.sol"; import "@balancer-labs/v2-pool-utils/contracts/protocol-fees/ProtocolFeeCache.sol"; import "@balancer-labs/v2-pool-utils/contracts/protocol-fees/InvariantGrowthProtocolSwapFees.sol"; import "./ComposableStablePoolStorage.sol"; import "./ComposableStablePoolRates.sol"; import "./StableMath.sol"; abstract contract ComposableStablePoolProtocolFees is ComposableStablePoolStorage, ComposableStablePoolRates, ProtocolFeeCache { using FixedPoint for uint256; using WordCodec for bytes32; // To track protocol fees, we measure and store the value of the invariant after every join and exit. // All invariant growth that happens between join and exit events is due to swap fees and yield. // For selected tokens, we exclude the yield portion from the computation. // Because the invariant depends on the amplification parameter, and this value may change over time, we should only // compare invariants that were computed using the same value. We therefore store both values together. // // These values reside in the same storage slot. The amplification factor is bound by _MAX_AMP * _AMP_PRECISION, or // 5e6, which fits in 23 bits. We use all remaining bits for the invariant: this is more than enough, as the // invariant is proportional to the total supply, which is capped at 112 bits. // The data structure is as follows: // // [ last join-exit amplification | last post join-exit invariant ] // [ 23 bits | 233 bits ] bytes32 private _lastJoinExitData; uint256 private constant _LAST_POST_JOIN_EXIT_INVARIANT_OFFSET = 0; uint256 private constant _LAST_POST_JOIN_EXIT_INVARIANT_SIZE = 233; uint256 private constant _LAST_JOIN_EXIT_AMPLIFICATION_OFFSET = _LAST_POST_JOIN_EXIT_INVARIANT_OFFSET + _LAST_POST_JOIN_EXIT_INVARIANT_SIZE; uint256 private constant _LAST_JOIN_EXIT_AMPLIFICATION_SIZE = 23; /** * @dev Calculates due protocol fees originating from accumulated swap fees and yield of non-exempt tokens, pays * them by minting BPT, and returns the actual supply and current balances. * * We also return the current invariant computed using the amplification factor at the last join or exit, which can * be useful to skip computations in scenarios where the amplification factor is not changing. */ function _payProtocolFeesBeforeJoinExit( uint256[] memory registeredBalances, uint256 lastJoinExitAmp, uint256 lastPostJoinExitInvariant ) internal returns ( uint256, uint256[] memory, uint256 ) { (uint256 virtualSupply, uint256[] memory balances) = _dropBptItemFromBalances(registeredBalances); // First, we'll compute what percentage of the Pool the protocol should own due to charging protocol fees on // swap fees and yield. ( uint256 expectedProtocolOwnershipPercentage, uint256 currentInvariantWithLastJoinExitAmp ) = _getProtocolPoolOwnershipPercentage(balances, lastJoinExitAmp, lastPostJoinExitInvariant); // Now that we know what percentage of the Pool's current value the protocol should own, we can compute how // much BPT we need to mint to get to this state. Since we're going to mint BPT for the protocol, the value // of each BPT is going to be reduced as all LPs get diluted. uint256 protocolFeeAmount = ProtocolFees.bptForPoolOwnershipPercentage( virtualSupply, expectedProtocolOwnershipPercentage ); if (protocolFeeAmount > 0) { _payProtocolFees(protocolFeeAmount); } // We pay fees before a join or exit to ensure the pool is debt-free. This increases the virtual supply (making // it match the actual supply). // // For this addition to overflow, `totalSupply` would also have already overflowed. return (virtualSupply + protocolFeeAmount, balances, currentInvariantWithLastJoinExitAmp); } function _getProtocolPoolOwnershipPercentage( uint256[] memory balances, uint256 lastJoinExitAmp, uint256 lastPostJoinExitInvariant ) internal view returns (uint256, uint256) { // We compute three invariants, adjusting the balances of tokens that have rate providers by undoing the current // rate adjustment and then applying the old rate. This is equivalent to multiplying by old rate / current rate. // // In all cases we compute invariants with the last join-exit amplification factor, so that changes to the // amplification are not translated into changes to the invariant. Since amplification factor changes are both // infrequent and slow, they should have little effect on the pool balances, making this a very good // approximation. // // With this technique we obtain an invariant that does not include yield at all, meaning any growth will be due // exclusively to swap fees. We call this the 'swap fee growth invariant'. // A second invariant will exclude the yield of exempt tokens, and therefore include both swap fees and // non-exempt yield. This is called the 'non exempt growth invariant'. // Finally, a third invariant includes the yield of all tokens by using only the current rates. We call this the // 'total growth invariant', since it includes both swap fee growth, non-exempt yield growth and exempt yield // growth. If the last join-exit amplification equals the current one, this invariant equals the current // invariant. ( uint256 swapFeeGrowthInvariant, uint256 totalNonExemptGrowthInvariant, uint256 totalGrowthInvariant ) = _getGrowthInvariants(balances, lastJoinExitAmp, lastPostJoinExitInvariant); // By comparing the invariant increase attributable to each source of growth to the total growth invariant, // we can calculate how much of the current Pool value originates from that source, and then apply the // corresponding protocol fee percentage to that amount. // We have two sources of growth: swap fees, and non-exempt yield. As we illustrate graphically below: // // growth due to swap fees = (swap fee growth invariant - last post join-exit invariant) // growth due to non-exempt yield = (non-exempt growth invariant - swap fee growth invariant) // // These can be converted to additive percentages by normalizing against the total growth invariant value: // growth due to swap fees / total growth invariant = % pool ownership due from swap fees // growth due to non-exempt yield / total growth invariant = % pool ownership due from non-exempt yield // // ┌───────────────────────┐ ──┐ // │ exempt yield │ │ total growth invariant // ├───────────────────────┤ │ ──┐ // │ non-exempt yield │ │ │ non-exempt growth invariant // ├───────────────────────┤ │ │ ──┐ // │ swap fees │ │ │ │ swap fee growth invariant // ├───────────────────────┤ │ │ │ ──┐ // │ original value │ │ │ │ │ last post join-exit invariant // └───────────────────────┘ ──┘ ──┘ ──┘ ──┘ // // Each invariant should be larger than its precedessor. In case any rounding error results in them being // smaller, we adjust the subtraction to equal 0. // Note: in the unexpected scenario where the rates of the tokens shrink over time instead of growing (i.e. if // the yield is negative), the non-exempt growth invariant might actually be *smaller* than the swap fee growth // invariant, and the total growth invariant might be *smaller* than the non-exempt growth invariant. Depending // on the order in which swaps, joins/exits and rate changes happen, as well as their relative magnitudes, it is // possible for the Pool to either pay more or less protocol fees than it should. // This patched version handles these edge cases gracefully, as it 1) forcibly bounds the swap fee growth // invariant between the total growth and last post join-exit invariant; 2) enforces "all or nothing" exempt // flags, which constrains the non-exempt growth invariant to be equal to either the total growth or swap // fee growth invariant. // // Furthermore, the protocol ownership percentage is hard-coded to zero (so protocol fees will be zero), // if the total growth invariant has gone *down* since the last join or exit, which is possible if rates // declined. Together, these measures ensure protocol fee amounts will be bound by the non-manipulable // swap fee growth, or zero in any pathological situations. // If the total invariant decreased or stayed the same, there is no growth to split between swap and yield fees. if (totalGrowthInvariant <= lastPostJoinExitInvariant) { return (0, totalGrowthInvariant); } // By now, the following inequality applies: // totalGrowthInvariant >= totalNonExemptGrowthInvariant >= swapFeeGrowthInvariant >= lastPostJoinExitInvariant // So these differences are safe to execute; their lower bound is 0 and they will not overflow. uint256 swapFeeGrowthInvariantDelta = swapFeeGrowthInvariant - lastPostJoinExitInvariant; uint256 nonExemptYieldGrowthInvariantDelta = totalNonExemptGrowthInvariant - swapFeeGrowthInvariant; // We can now derive what percentage of the Pool's total value each invariant delta represents by dividing by // the total growth invariant. These values, multiplied by the protocol fee percentage for each growth type, // represent the percentage of Pool ownership the protocol should have due to each source. uint256 protocolSwapFeePercentage = swapFeeGrowthInvariantDelta.divDown(totalGrowthInvariant).mulDown( getProtocolFeePercentageCache(ProtocolFeeType.SWAP) ); uint256 protocolYieldPercentage = nonExemptYieldGrowthInvariantDelta.divDown(totalGrowthInvariant).mulDown( getProtocolFeePercentageCache(ProtocolFeeType.YIELD) ); // These percentages can then be simply added to compute the total protocol Pool ownership percentage. // This is naturally bounded above by FixedPoint.ONE so this addition cannot overflow. return (protocolSwapFeePercentage + protocolYieldPercentage, totalGrowthInvariant); } /** * @dev Returns total growth invariant and swap / yield invariant approximations. * The calculated invariants are bounded such that: * * - if totalGrowthInvariant <= lastPostJoinExitInvariant, the total value has decreased, so we can skip all * other invariant calculations and just return `totalGrowthInvariant` for all. Protocol fees should be zero * in this case, so callers using this to compute fees must also check for this, and return zero for the * protocol ownership percentage. * * - Otherwise, totalGrowthInvariant >= totalNonExemptGrowthInvariant >= * swapFeeGrowthInvariant >= lastPostJoinExitInvariant * This was previously an assumption, but is now ensured by the logic in this function. */ function _getGrowthInvariants( uint256[] memory balances, uint256 lastJoinExitAmp, uint256 lastPostJoinExitInvariant ) internal view returns ( uint256 swapFeeGrowthInvariant, uint256 totalNonExemptGrowthInvariant, uint256 totalGrowthInvariant ) { // Total growth invariant is always calculated with the current (scaled / unadjusted) balances. totalGrowthInvariant = StableMath._calculateInvariant(lastJoinExitAmp, balances); // If total invariant decreased, calculating the other approximations is unnecessary. if (totalGrowthInvariant <= lastPostJoinExitInvariant) { return (totalGrowthInvariant, totalGrowthInvariant, totalGrowthInvariant); } // Swap fee invariant is calculated with adjusted balances, to discount the yield. swapFeeGrowthInvariant = StableMath._calculateInvariant( lastJoinExitAmp, _getAdjustedBalances(balances) // Adjust all token balances with rate providers. ); // The `swapFeeGrowthInvariant` cannot ever be outside the bounds: // totalGrowthInvariant >= swapFeeGrowthInvariant >= lastPostJoinExitInvariant swapFeeGrowthInvariant = Math.min(totalGrowthInvariant, swapFeeGrowthInvariant); // Set upper bound. swapFeeGrowthInvariant = Math.max(lastPostJoinExitInvariant, swapFeeGrowthInvariant); // Set lower bound. // The only two accepted possibilities are either all tokens exempt, or none tokens exempt. // totalNonExemptGrowthInvariant will either be totalGrowthInvariant or swapFeeGrowthInvariant. // At this point, // - totalGrowthInvariant > lastPostJoinExitInvariant // - totalGrowthInvariant >= swapFeeGrowthInvariant >= lastPostJoinExitInvariant // So the complete inequality will apply by the end of this function: // totalGrowthInvariant >= totalNonExemptGrowthInvariant >= swapFeeGrowthInvariant >= lastPostJoinExitInvariant if (isExemptFromYieldProtocolFee()) { // If no tokens are charged fees on yield, then the non-exempt growth is equal to the swap fee growth - no // yield fees will be collected. totalNonExemptGrowthInvariant = swapFeeGrowthInvariant; } else { // If there are no tokens with fee-exempt yield, then the total non-exempt growth will equal the total // growth: all yield growth is non-exempt. There's also no point in adjusting balances, since we // already know none are exempt. totalNonExemptGrowthInvariant = totalGrowthInvariant; } } /** * @dev Store the latest invariant based on the adjusted balances after the join or exit, using current rates. * Also cache the amp factor, so that the invariant is not affected by amp updates between joins and exits. * * Pay protocol fees due on any current join or exit swap. */ function _updateInvariantAfterJoinExit( uint256 currentAmp, uint256[] memory balances, uint256 preJoinExitInvariant, uint256 preJoinExitSupply, uint256 postJoinExitSupply ) internal { // `_payProtocolFeesBeforeJoinExit` paid protocol fees accumulated between the previous and current // join or exit, while this code pays any protocol fees due on the current join or exit. // The amp and rates are constant during a single transaction, so it doesn't matter if there // is an ongoing amp change, and we can ignore yield. // Compute the growth ratio between the pre- and post-join/exit balances. // Note that the pre-join/exit invariant is *not* the invariant from the last join, // but computed from the balances before this particular join/exit. uint256 postJoinExitInvariant = StableMath._calculateInvariant(currentAmp, balances); // Compute the portion of the invariant increase due to fees uint256 supplyGrowthRatio = postJoinExitSupply.divDown(preJoinExitSupply); uint256 feelessInvariant = preJoinExitInvariant.mulDown(supplyGrowthRatio); // The postJoinExitInvariant should always be greater than the feelessInvariant (since the invariant and total // supply move proportionally outside of fees, which the postJoinInvariant includes and the feelessInvariant // does not). However, in the unexpected case in which due to rounding errors this is not true, we simply skip // further computation of protocol fees. if (postJoinExitInvariant > feelessInvariant) { uint256 invariantDeltaFromFees = postJoinExitInvariant - feelessInvariant; // To convert to a percentage of pool ownership, multiply by the rate, // then normalize against the final invariant uint256 protocolOwnershipPercentage = Math.divDown( Math.mul(invariantDeltaFromFees, getProtocolFeePercentageCache(ProtocolFeeType.SWAP)), postJoinExitInvariant ); if (protocolOwnershipPercentage > 0) { uint256 protocolFeeAmount = ProtocolFees.bptForPoolOwnershipPercentage( postJoinExitSupply, protocolOwnershipPercentage ); _payProtocolFees(protocolFeeAmount); } } _updatePostJoinExit(currentAmp, postJoinExitInvariant); } /** * @dev Update the stored values of the amp and final post-join/exit invariant, to reset the basis for protocol * swap fees. Also copy the current rates to the old rates, to establish the new protocol yield basis for protocol * yield fees. */ function _updatePostJoinExit(uint256 currentAmp, uint256 postJoinExitInvariant) internal { _lastJoinExitData = WordCodec.encodeUint(currentAmp, _LAST_JOIN_EXIT_AMPLIFICATION_OFFSET, _LAST_JOIN_EXIT_AMPLIFICATION_SIZE) | WordCodec.encodeUint( postJoinExitInvariant, _LAST_POST_JOIN_EXIT_INVARIANT_OFFSET, _LAST_POST_JOIN_EXIT_INVARIANT_SIZE ); _updateOldRates(); } /** * @notice Return the amplification factor and invariant as of the most recent join or exit (including BPT swaps) */ function getLastJoinExitData() public view returns (uint256 lastJoinExitAmplification, uint256 lastPostJoinExitInvariant) { bytes32 rawData = _lastJoinExitData; lastJoinExitAmplification = rawData.decodeUint( _LAST_JOIN_EXIT_AMPLIFICATION_OFFSET, _LAST_JOIN_EXIT_AMPLIFICATION_SIZE ); lastPostJoinExitInvariant = rawData.decodeUint( _LAST_POST_JOIN_EXIT_INVARIANT_OFFSET, _LAST_POST_JOIN_EXIT_INVARIANT_SIZE ); } /** * @dev Inheritance rules still require us to override this in the most derived contract, even though * it only calls super. */ function _isOwnerOnlyAction(bytes32 actionId) internal view virtual override( // Our inheritance pattern creates a small diamond that requires explicitly listing the parents here. // Each parent calls the `super` version, so linearization ensures all implementations are called. BasePool, BasePoolAuthorization, ComposableStablePoolRates ) returns (bool) { return super._isOwnerOnlyAction(actionId); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-pool-utils/contracts/BasePoolAuthorization.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/WordCodec.sol"; import "./StableMath.sol"; abstract contract StablePoolAmplification is BasePoolAuthorization { using WordCodec for bytes32; // This contract uses timestamps to slowly update its Amplification parameter over time. These changes must occur // over a minimum time period much larger than the blocktime, making timestamp manipulation a non-issue. // solhint-disable not-rely-on-time // Amplification factor changes must happen over a minimum period of one day, and can at most divide or multiply the // current value by 2 every day. // WARNING: this only limits *a single* amplification change to have a maximum rate of change of twice the original // value daily. It is possible to perform multiple amplification changes in sequence to increase this value more // rapidly: for example, by doubling the value every day it can increase by a factor of 8 over three days (2^3). uint256 private constant _MIN_UPDATE_TIME = 1 days; uint256 private constant _MAX_AMP_UPDATE_DAILY_RATE = 2; // The amplification data structure is as follows: // [ 64 bits | 64 bits | 64 bits | 64 bits ] // [ end time | start time | end value | start value ] // |MSB LSB| uint256 private constant _AMP_START_VALUE_OFFSET = 0; uint256 private constant _AMP_END_VALUE_OFFSET = 64; uint256 private constant _AMP_START_TIME_OFFSET = 128; uint256 private constant _AMP_END_TIME_OFFSET = 192; uint256 private constant _AMP_VALUE_BIT_LENGTH = 64; uint256 private constant _AMP_TIMESTAMP_BIT_LENGTH = 64; bytes32 private _packedAmplificationData; event AmpUpdateStarted(uint256 startValue, uint256 endValue, uint256 startTime, uint256 endTime); event AmpUpdateStopped(uint256 currentValue); constructor(uint256 amplificationParameter) { _require(amplificationParameter >= StableMath._MIN_AMP, Errors.MIN_AMP); _require(amplificationParameter <= StableMath._MAX_AMP, Errors.MAX_AMP); uint256 initialAmp = Math.mul(amplificationParameter, StableMath._AMP_PRECISION); _setAmplificationData(initialAmp); } function getAmplificationParameter() external view returns ( uint256 value, bool isUpdating, uint256 precision ) { (value, isUpdating) = _getAmplificationParameter(); precision = StableMath._AMP_PRECISION; } // Return the current amp value, which will be an interpolation if there is an ongoing amp update. // Also return a flag indicating whether there is an ongoing update. function _getAmplificationParameter() internal view returns (uint256 value, bool isUpdating) { (uint256 startValue, uint256 endValue, uint256 startTime, uint256 endTime) = _getAmplificationData(); // Note that block.timestamp >= startTime, since startTime is set to the current time when an update starts if (block.timestamp < endTime) { isUpdating = true; // We can skip checked arithmetic as: // - block.timestamp is always larger or equal to startTime // - endTime is always larger than startTime // - the value delta is bounded by the largest amplification parameter, which never causes the // multiplication to overflow. // This also means that the following computation will never revert nor yield invalid results. if (endValue > startValue) { value = startValue + ((endValue - startValue) * (block.timestamp - startTime)) / (endTime - startTime); } else { value = startValue - ((startValue - endValue) * (block.timestamp - startTime)) / (endTime - startTime); } } else { isUpdating = false; value = endValue; } } // Unpack and return all amplification-related parameters. function _getAmplificationData() private view returns ( uint256 startValue, uint256 endValue, uint256 startTime, uint256 endTime ) { startValue = _packedAmplificationData.decodeUint(_AMP_START_VALUE_OFFSET, _AMP_VALUE_BIT_LENGTH); endValue = _packedAmplificationData.decodeUint(_AMP_END_VALUE_OFFSET, _AMP_VALUE_BIT_LENGTH); startTime = _packedAmplificationData.decodeUint(_AMP_START_TIME_OFFSET, _AMP_TIMESTAMP_BIT_LENGTH); endTime = _packedAmplificationData.decodeUint(_AMP_END_TIME_OFFSET, _AMP_TIMESTAMP_BIT_LENGTH); } /** * @dev Begin changing the amplification parameter to `rawEndValue` over time. The value will change linearly until * `endTime` is reached, when it will be `rawEndValue`. * * NOTE: Internally, the amplification parameter is represented using higher precision. The values returned by * `getAmplificationParameter` have to be corrected to account for this when comparing to `rawEndValue`. */ function startAmplificationParameterUpdate(uint256 rawEndValue, uint256 endTime) external authenticate { _require(rawEndValue >= StableMath._MIN_AMP, Errors.MIN_AMP); _require(rawEndValue <= StableMath._MAX_AMP, Errors.MAX_AMP); uint256 duration = Math.sub(endTime, block.timestamp); _require(duration >= _MIN_UPDATE_TIME, Errors.AMP_END_TIME_TOO_CLOSE); (uint256 currentValue, bool isUpdating) = _getAmplificationParameter(); _require(!isUpdating, Errors.AMP_ONGOING_UPDATE); uint256 endValue = Math.mul(rawEndValue, StableMath._AMP_PRECISION); // daily rate = (endValue / currentValue) / duration * 1 day // We perform all multiplications first to not reduce precision, and round the division up as we want to avoid // large rates. Note that these are regular integer multiplications and divisions, not fixed point. uint256 dailyRate = endValue > currentValue ? Math.divUp(Math.mul(1 days, endValue), Math.mul(currentValue, duration)) : Math.divUp(Math.mul(1 days, currentValue), Math.mul(endValue, duration)); _require(dailyRate <= _MAX_AMP_UPDATE_DAILY_RATE, Errors.AMP_RATE_TOO_HIGH); _setAmplificationData(currentValue, endValue, block.timestamp, endTime); } /** * @dev Stops the amplification parameter change process, keeping the current value. */ function stopAmplificationParameterUpdate() external authenticate { (uint256 currentValue, bool isUpdating) = _getAmplificationParameter(); _require(isUpdating, Errors.AMP_NO_ONGOING_UPDATE); _setAmplificationData(currentValue); } function _setAmplificationData(uint256 value) private { _storeAmplificationData(value, value, block.timestamp, block.timestamp); emit AmpUpdateStopped(value); } function _setAmplificationData( uint256 startValue, uint256 endValue, uint256 startTime, uint256 endTime ) private { _storeAmplificationData(startValue, endValue, startTime, endTime); emit AmpUpdateStarted(startValue, endValue, startTime, endTime); } function _storeAmplificationData( uint256 startValue, uint256 endValue, uint256 startTime, uint256 endTime ) private { _packedAmplificationData = WordCodec.encodeUint(startValue, _AMP_START_VALUE_OFFSET, _AMP_VALUE_BIT_LENGTH) | WordCodec.encodeUint(endValue, _AMP_END_VALUE_OFFSET, _AMP_VALUE_BIT_LENGTH) | WordCodec.encodeUint(startTime, _AMP_START_TIME_OFFSET, _AMP_TIMESTAMP_BIT_LENGTH) | WordCodec.encodeUint(endTime, _AMP_END_TIME_OFFSET, _AMP_TIMESTAMP_BIT_LENGTH); } // Permissioned functions /** * @dev Overrides only owner action to allow setting the cache duration for the token rates */ function _isOwnerOnlyAction(bytes32 actionId) internal view virtual override returns (bool) { return (actionId == getActionId(this.startAmplificationParameterUpdate.selector)) || (actionId == getActionId(this.stopAmplificationParameterUpdate.selector)) || super._isOwnerOnlyAction(actionId); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-solidity-utils/contracts/math/FixedPoint.sol"; import "@balancer-labs/v2-solidity-utils/contracts/math/Math.sol"; // These functions start with an underscore, as if they were part of a contract and not a library. At some point this // should be fixed. Additionally, some variables have non mixed case names (e.g. P_D) that relate to the mathematical // derivations. // solhint-disable private-vars-leading-underscore, var-name-mixedcase library StableMath { using FixedPoint for uint256; uint256 internal constant _MIN_AMP = 1; uint256 internal constant _MAX_AMP = 5000; uint256 internal constant _AMP_PRECISION = 1e3; uint256 internal constant _MAX_STABLE_TOKENS = 5; // Note on unchecked arithmetic: // This contract performs a large number of additions, subtractions, multiplications and divisions, often inside // loops. Since many of these operations are gas-sensitive (as they happen e.g. during a swap), it is important to // not make any unnecessary checks. We rely on a set of invariants to avoid having to use checked arithmetic (the // Math library), including: // - the number of tokens is bounded by _MAX_STABLE_TOKENS // - the amplification parameter is bounded by _MAX_AMP * _AMP_PRECISION, which fits in 23 bits // - the token balances are bounded by 2^112 (guaranteed by the Vault) times 1e18 (the maximum scaling factor), // which fits in 172 bits // // This means e.g. we can safely multiply a balance by the amplification parameter without worrying about overflow. // About swap fees on joins and exits: // Any join or exit that is not perfectly balanced (e.g. all single token joins or exits) is mathematically // equivalent to a perfectly balanced join or exit followed by a series of swaps. Since these swaps would charge // swap fees, it follows that (some) joins and exits should as well. // On these operations, we split the token amounts in 'taxable' and 'non-taxable' portions, where the 'taxable' part // is the one to which swap fees are applied. // Computes the invariant given the current balances, using the Newton-Raphson approximation. // The amplification parameter equals: A n^(n-1) // See: https://github.com/curvefi/curve-contract/blob/b0bbf77f8f93c9c5f4e415bce9cd71f0cdee960e/contracts/pool-templates/base/SwapTemplateBase.vy#L206 // solhint-disable-previous-line max-line-length function _calculateInvariant(uint256 amplificationParameter, uint256[] memory balances) internal pure returns (uint256) { /********************************************************************************************** // invariant // // D = invariant D^(n+1) // // A = amplification coefficient A n^n S + D = A D n^n + ----------- // // S = sum of balances n^n P // // P = product of balances // // n = number of tokens // **********************************************************************************************/ // Always round down, to match Vyper's arithmetic (which always truncates). uint256 sum = 0; // S in the Curve version uint256 numTokens = balances.length; for (uint256 i = 0; i < numTokens; i++) { sum = sum.add(balances[i]); } if (sum == 0) { return 0; } uint256 prevInvariant; // Dprev in the Curve version uint256 invariant = sum; // D in the Curve version uint256 ampTimesTotal = amplificationParameter * numTokens; // Ann in the Curve version for (uint256 i = 0; i < 255; i++) { uint256 D_P = invariant; for (uint256 j = 0; j < numTokens; j++) { // (D_P * invariant) / (balances[j] * numTokens) D_P = Math.divDown(Math.mul(D_P, invariant), Math.mul(balances[j], numTokens)); } prevInvariant = invariant; invariant = Math.divDown( Math.mul( // (ampTimesTotal * sum) / AMP_PRECISION + D_P * numTokens (Math.divDown(Math.mul(ampTimesTotal, sum), _AMP_PRECISION).add(Math.mul(D_P, numTokens))), invariant ), // ((ampTimesTotal - _AMP_PRECISION) * invariant) / _AMP_PRECISION + (numTokens + 1) * D_P ( Math.divDown(Math.mul((ampTimesTotal - _AMP_PRECISION), invariant), _AMP_PRECISION).add( Math.mul((numTokens + 1), D_P) ) ) ); if (invariant > prevInvariant) { if (invariant - prevInvariant <= 1) { return invariant; } } else if (prevInvariant - invariant <= 1) { return invariant; } } _revert(Errors.STABLE_INVARIANT_DIDNT_CONVERGE); } // Computes how many tokens can be taken out of a pool if `tokenAmountIn` are sent, given the current balances. // The amplification parameter equals: A n^(n-1) function _calcOutGivenIn( uint256 amplificationParameter, uint256[] memory balances, uint256 tokenIndexIn, uint256 tokenIndexOut, uint256 tokenAmountIn, uint256 invariant ) internal pure returns (uint256) { /************************************************************************************************************** // outGivenIn token x for y - polynomial equation to solve // // ay = amount out to calculate // // by = balance token out // // y = by - ay (finalBalanceOut) // // D = invariant D D^(n+1) // // A = amplification coefficient y^2 + ( S - ---------- - D) * y - ------------- = 0 // // n = number of tokens (A * n^n) A * n^2n * P // // S = sum of final balances but y // // P = product of final balances but y // **************************************************************************************************************/ // Amount out, so we round down overall. balances[tokenIndexIn] = balances[tokenIndexIn].add(tokenAmountIn); uint256 finalBalanceOut = _getTokenBalanceGivenInvariantAndAllOtherBalances( amplificationParameter, balances, invariant, tokenIndexOut ); // No need to use checked arithmetic since `tokenAmountIn` was actually added to the same balance right before // calling `_getTokenBalanceGivenInvariantAndAllOtherBalances` which doesn't alter the balances array. balances[tokenIndexIn] = balances[tokenIndexIn] - tokenAmountIn; return balances[tokenIndexOut].sub(finalBalanceOut).sub(1); } // Computes how many tokens must be sent to a pool if `tokenAmountOut` are sent given the // current balances, using the Newton-Raphson approximation. // The amplification parameter equals: A n^(n-1) function _calcInGivenOut( uint256 amplificationParameter, uint256[] memory balances, uint256 tokenIndexIn, uint256 tokenIndexOut, uint256 tokenAmountOut, uint256 invariant ) internal pure returns (uint256) { /************************************************************************************************************** // inGivenOut token x for y - polynomial equation to solve // // ax = amount in to calculate // // bx = balance token in // // x = bx + ax (finalBalanceIn) // // D = invariant D D^(n+1) // // A = amplification coefficient x^2 + ( S - ---------- - D) * x - ------------- = 0 // // n = number of tokens (A * n^n) A * n^2n * P // // S = sum of final balances but x // // P = product of final balances but x // **************************************************************************************************************/ // Amount in, so we round up overall. balances[tokenIndexOut] = balances[tokenIndexOut].sub(tokenAmountOut); uint256 finalBalanceIn = _getTokenBalanceGivenInvariantAndAllOtherBalances( amplificationParameter, balances, invariant, tokenIndexIn ); // No need to use checked arithmetic since `tokenAmountOut` was actually subtracted from the same balance right // before calling `_getTokenBalanceGivenInvariantAndAllOtherBalances` which doesn't alter the balances array. balances[tokenIndexOut] = balances[tokenIndexOut] + tokenAmountOut; return finalBalanceIn.sub(balances[tokenIndexIn]).add(1); } function _calcBptOutGivenExactTokensIn( uint256 amp, uint256[] memory balances, uint256[] memory amountsIn, uint256 bptTotalSupply, uint256 currentInvariant, uint256 swapFeePercentage ) internal pure returns (uint256) { // BPT out, so we round down overall. // First loop calculates the sum of all token balances, which will be used to calculate // the current weights of each token, relative to this sum uint256 sumBalances = 0; for (uint256 i = 0; i < balances.length; i++) { sumBalances = sumBalances.add(balances[i]); } // Calculate the weighted balance ratio without considering fees uint256[] memory balanceRatiosWithFee = new uint256[](amountsIn.length); // The weighted sum of token balance ratios with fee uint256 invariantRatioWithFees = 0; for (uint256 i = 0; i < balances.length; i++) { uint256 currentWeight = balances[i].divDown(sumBalances); balanceRatiosWithFee[i] = balances[i].add(amountsIn[i]).divDown(balances[i]); invariantRatioWithFees = invariantRatioWithFees.add(balanceRatiosWithFee[i].mulDown(currentWeight)); } // Second loop calculates new amounts in, taking into account the fee on the percentage excess uint256[] memory newBalances = new uint256[](balances.length); for (uint256 i = 0; i < balances.length; i++) { uint256 amountInWithoutFee; // Check if the balance ratio is greater than the ideal ratio to charge fees or not if (balanceRatiosWithFee[i] > invariantRatioWithFees) { uint256 nonTaxableAmount = balances[i].mulDown(invariantRatioWithFees.sub(FixedPoint.ONE)); uint256 taxableAmount = amountsIn[i].sub(nonTaxableAmount); // No need to use checked arithmetic for the swap fee, it is guaranteed to be lower than 50% amountInWithoutFee = nonTaxableAmount.add(taxableAmount.mulDown(FixedPoint.ONE - swapFeePercentage)); } else { amountInWithoutFee = amountsIn[i]; } newBalances[i] = balances[i].add(amountInWithoutFee); } uint256 newInvariant = _calculateInvariant(amp, newBalances); uint256 invariantRatio = newInvariant.divDown(currentInvariant); // If the invariant didn't increase for any reason, we simply don't mint BPT if (invariantRatio > FixedPoint.ONE) { return bptTotalSupply.mulDown(invariantRatio - FixedPoint.ONE); } else { return 0; } } function _calcTokenInGivenExactBptOut( uint256 amp, uint256[] memory balances, uint256 tokenIndex, uint256 bptAmountOut, uint256 bptTotalSupply, uint256 currentInvariant, uint256 swapFeePercentage ) internal pure returns (uint256) { // Token in, so we round up overall. uint256 newInvariant = bptTotalSupply.add(bptAmountOut).divUp(bptTotalSupply).mulUp(currentInvariant); // Calculate amount in without fee. uint256 newBalanceTokenIndex = _getTokenBalanceGivenInvariantAndAllOtherBalances( amp, balances, newInvariant, tokenIndex ); uint256 amountInWithoutFee = newBalanceTokenIndex.sub(balances[tokenIndex]); // First calculate the sum of all token balances, which will be used to calculate // the current weight of each token uint256 sumBalances = 0; for (uint256 i = 0; i < balances.length; i++) { sumBalances = sumBalances.add(balances[i]); } // We can now compute how much extra balance is being deposited and used in virtual swaps, and charge swap fees // accordingly. uint256 currentWeight = balances[tokenIndex].divDown(sumBalances); uint256 taxablePercentage = currentWeight.complement(); uint256 taxableAmount = amountInWithoutFee.mulUp(taxablePercentage); uint256 nonTaxableAmount = amountInWithoutFee.sub(taxableAmount); // No need to use checked arithmetic for the swap fee, it is guaranteed to be lower than 50% return nonTaxableAmount.add(taxableAmount.divUp(FixedPoint.ONE - swapFeePercentage)); } /* Flow of calculations: amountsTokenOut -> amountsOutProportional -> amountOutPercentageExcess -> amountOutBeforeFee -> newInvariant -> amountBPTIn */ function _calcBptInGivenExactTokensOut( uint256 amp, uint256[] memory balances, uint256[] memory amountsOut, uint256 bptTotalSupply, uint256 currentInvariant, uint256 swapFeePercentage ) internal pure returns (uint256) { // BPT in, so we round up overall. // First loop calculates the sum of all token balances, which will be used to calculate // the current weights of each token relative to this sum uint256 sumBalances = 0; for (uint256 i = 0; i < balances.length; i++) { sumBalances = sumBalances.add(balances[i]); } // Calculate the weighted balance ratio without considering fees uint256[] memory balanceRatiosWithoutFee = new uint256[](amountsOut.length); uint256 invariantRatioWithoutFees = 0; for (uint256 i = 0; i < balances.length; i++) { uint256 currentWeight = balances[i].divUp(sumBalances); balanceRatiosWithoutFee[i] = balances[i].sub(amountsOut[i]).divUp(balances[i]); invariantRatioWithoutFees = invariantRatioWithoutFees.add(balanceRatiosWithoutFee[i].mulUp(currentWeight)); } // Second loop calculates new amounts in, taking into account the fee on the percentage excess uint256[] memory newBalances = new uint256[](balances.length); for (uint256 i = 0; i < balances.length; i++) { // Swap fees are typically charged on 'token in', but there is no 'token in' here, so we apply it to // 'token out'. This results in slightly larger price impact. uint256 amountOutWithFee; if (invariantRatioWithoutFees > balanceRatiosWithoutFee[i]) { uint256 nonTaxableAmount = balances[i].mulDown(invariantRatioWithoutFees.complement()); uint256 taxableAmount = amountsOut[i].sub(nonTaxableAmount); // No need to use checked arithmetic for the swap fee, it is guaranteed to be lower than 50% amountOutWithFee = nonTaxableAmount.add(taxableAmount.divUp(FixedPoint.ONE - swapFeePercentage)); } else { amountOutWithFee = amountsOut[i]; } newBalances[i] = balances[i].sub(amountOutWithFee); } uint256 newInvariant = _calculateInvariant(amp, newBalances); uint256 invariantRatio = newInvariant.divDown(currentInvariant); // return amountBPTIn return bptTotalSupply.mulUp(invariantRatio.complement()); } function _calcTokenOutGivenExactBptIn( uint256 amp, uint256[] memory balances, uint256 tokenIndex, uint256 bptAmountIn, uint256 bptTotalSupply, uint256 currentInvariant, uint256 swapFeePercentage ) internal pure returns (uint256) { // Token out, so we round down overall. uint256 newInvariant = bptTotalSupply.sub(bptAmountIn).divUp(bptTotalSupply).mulUp(currentInvariant); // Calculate amount out without fee uint256 newBalanceTokenIndex = _getTokenBalanceGivenInvariantAndAllOtherBalances( amp, balances, newInvariant, tokenIndex ); uint256 amountOutWithoutFee = balances[tokenIndex].sub(newBalanceTokenIndex); // First calculate the sum of all token balances, which will be used to calculate // the current weight of each token uint256 sumBalances = 0; for (uint256 i = 0; i < balances.length; i++) { sumBalances = sumBalances.add(balances[i]); } // We can now compute how much excess balance is being withdrawn as a result of the virtual swaps, which result // in swap fees. uint256 currentWeight = balances[tokenIndex].divDown(sumBalances); uint256 taxablePercentage = currentWeight.complement(); // Swap fees are typically charged on 'token in', but there is no 'token in' here, so we apply it // to 'token out'. This results in slightly larger price impact. Fees are rounded up. uint256 taxableAmount = amountOutWithoutFee.mulUp(taxablePercentage); uint256 nonTaxableAmount = amountOutWithoutFee.sub(taxableAmount); // No need to use checked arithmetic for the swap fee, it is guaranteed to be lower than 50% return nonTaxableAmount.add(taxableAmount.mulDown(FixedPoint.ONE - swapFeePercentage)); } // This function calculates the balance of a given token (tokenIndex) // given all the other balances and the invariant function _getTokenBalanceGivenInvariantAndAllOtherBalances( uint256 amplificationParameter, uint256[] memory balances, uint256 invariant, uint256 tokenIndex ) internal pure returns (uint256) { // Rounds result up overall uint256 ampTimesTotal = amplificationParameter * balances.length; uint256 sum = balances[0]; uint256 P_D = balances[0] * balances.length; for (uint256 j = 1; j < balances.length; j++) { P_D = Math.divDown(Math.mul(Math.mul(P_D, balances[j]), balances.length), invariant); sum = sum.add(balances[j]); } // No need to use safe math, based on the loop above `sum` is greater than or equal to `balances[tokenIndex]` sum = sum - balances[tokenIndex]; uint256 inv2 = Math.mul(invariant, invariant); // We remove the balance from c by multiplying it uint256 c = Math.mul( Math.mul(Math.divUp(inv2, Math.mul(ampTimesTotal, P_D)), _AMP_PRECISION), balances[tokenIndex] ); uint256 b = sum.add(Math.mul(Math.divDown(invariant, ampTimesTotal), _AMP_PRECISION)); // We iterate to find the balance uint256 prevTokenBalance = 0; // We multiply the first iteration outside the loop with the invariant to set the value of the // initial approximation. uint256 tokenBalance = Math.divUp(inv2.add(c), invariant.add(b)); for (uint256 i = 0; i < 255; i++) { prevTokenBalance = tokenBalance; tokenBalance = Math.divUp( Math.mul(tokenBalance, tokenBalance).add(c), Math.mul(tokenBalance, 2).add(b).sub(invariant) ); if (tokenBalance > prevTokenBalance) { if (tokenBalance - prevTokenBalance <= 1) { return tokenBalance; } } else if (prevTokenBalance - tokenBalance <= 1) { return tokenBalance; } } _revert(Errors.STABLE_GET_BALANCE_DIDNT_CONVERGE); } function _computeProportionalAmountsIn( uint256[] memory balances, uint256 bptAmountOut, uint256 totalBPT ) internal pure returns (uint256[] memory) { /************************************************************************************ // tokensInForExactBptOut // // (per token) // // aI = amountIn / bptOut \ // // b = balance aI = b * | ------------ | // // bptOut = bptAmountOut \ totalBPT / // // bpt = totalBPT // ************************************************************************************/ // Tokens in, so we round up overall. uint256 bptRatio = bptAmountOut.divUp(totalBPT); uint256[] memory amountsIn = new uint256[](balances.length); for (uint256 i = 0; i < balances.length; i++) { amountsIn[i] = balances[i].mulUp(bptRatio); } return amountsIn; } }
// SPDX-License-Identifier: MIT // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated // documentation files (the “Software”), to deal in the Software without restriction, including without limitation the // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to // permit persons to whom the Software is furnished to do so, subject to the following conditions: // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the // Software. // THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE // WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR // COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; /* solhint-disable */ /** * @dev Exponentiation and logarithm functions for 18 decimal fixed point numbers (both base and exponent/argument). * * Exponentiation and logarithm with arbitrary bases (x^y and log_x(y)) are implemented by conversion to natural * exponentiation and logarithm (where the base is Euler's number). * * @author Fernando Martinelli - @fernandomartinelli * @author Sergio Yuhjtman - @sergioyuhjtman * @author Daniel Fernandez - @dmf7z */ library LogExpMath { // All fixed point multiplications and divisions are inlined. This means we need to divide by ONE when multiplying // two numbers, and multiply by ONE when dividing them. // All arguments and return values are 18 decimal fixed point numbers. int256 constant ONE_18 = 1e18; // Internally, intermediate values are computed with higher precision as 20 decimal fixed point numbers, and in the // case of ln36, 36 decimals. int256 constant ONE_20 = 1e20; int256 constant ONE_36 = 1e36; // The domain of natural exponentiation is bound by the word size and number of decimals used. // // Because internally the result will be stored using 20 decimals, the largest possible result is // (2^255 - 1) / 10^20, which makes the largest exponent ln((2^255 - 1) / 10^20) = 130.700829182905140221. // The smallest possible result is 10^(-18), which makes largest negative argument // ln(10^(-18)) = -41.446531673892822312. // We use 130.0 and -41.0 to have some safety margin. int256 constant MAX_NATURAL_EXPONENT = 130e18; int256 constant MIN_NATURAL_EXPONENT = -41e18; // Bounds for ln_36's argument. Both ln(0.9) and ln(1.1) can be represented with 36 decimal places in a fixed point // 256 bit integer. int256 constant LN_36_LOWER_BOUND = ONE_18 - 1e17; int256 constant LN_36_UPPER_BOUND = ONE_18 + 1e17; uint256 constant MILD_EXPONENT_BOUND = 2**254 / uint256(ONE_20); // 18 decimal constants int256 constant x0 = 128000000000000000000; // 2ˆ7 int256 constant a0 = 38877084059945950922200000000000000000000000000000000000; // eˆ(x0) (no decimals) int256 constant x1 = 64000000000000000000; // 2ˆ6 int256 constant a1 = 6235149080811616882910000000; // eˆ(x1) (no decimals) // 20 decimal constants int256 constant x2 = 3200000000000000000000; // 2ˆ5 int256 constant a2 = 7896296018268069516100000000000000; // eˆ(x2) int256 constant x3 = 1600000000000000000000; // 2ˆ4 int256 constant a3 = 888611052050787263676000000; // eˆ(x3) int256 constant x4 = 800000000000000000000; // 2ˆ3 int256 constant a4 = 298095798704172827474000; // eˆ(x4) int256 constant x5 = 400000000000000000000; // 2ˆ2 int256 constant a5 = 5459815003314423907810; // eˆ(x5) int256 constant x6 = 200000000000000000000; // 2ˆ1 int256 constant a6 = 738905609893065022723; // eˆ(x6) int256 constant x7 = 100000000000000000000; // 2ˆ0 int256 constant a7 = 271828182845904523536; // eˆ(x7) int256 constant x8 = 50000000000000000000; // 2ˆ-1 int256 constant a8 = 164872127070012814685; // eˆ(x8) int256 constant x9 = 25000000000000000000; // 2ˆ-2 int256 constant a9 = 128402541668774148407; // eˆ(x9) int256 constant x10 = 12500000000000000000; // 2ˆ-3 int256 constant a10 = 113314845306682631683; // eˆ(x10) int256 constant x11 = 6250000000000000000; // 2ˆ-4 int256 constant a11 = 106449445891785942956; // eˆ(x11) /** * @dev Exponentiation (x^y) with unsigned 18 decimal fixed point base and exponent. * * Reverts if ln(x) * y is smaller than `MIN_NATURAL_EXPONENT`, or larger than `MAX_NATURAL_EXPONENT`. */ function pow(uint256 x, uint256 y) internal pure returns (uint256) { if (y == 0) { // We solve the 0^0 indetermination by making it equal one. return uint256(ONE_18); } if (x == 0) { return 0; } // Instead of computing x^y directly, we instead rely on the properties of logarithms and exponentiation to // arrive at that result. In particular, exp(ln(x)) = x, and ln(x^y) = y * ln(x). This means // x^y = exp(y * ln(x)). // The ln function takes a signed value, so we need to make sure x fits in the signed 256 bit range. _require(x >> 255 == 0, Errors.X_OUT_OF_BOUNDS); int256 x_int256 = int256(x); // We will compute y * ln(x) in a single step. Depending on the value of x, we can either use ln or ln_36. In // both cases, we leave the division by ONE_18 (due to fixed point multiplication) to the end. // This prevents y * ln(x) from overflowing, and at the same time guarantees y fits in the signed 256 bit range. _require(y < MILD_EXPONENT_BOUND, Errors.Y_OUT_OF_BOUNDS); int256 y_int256 = int256(y); int256 logx_times_y; if (LN_36_LOWER_BOUND < x_int256 && x_int256 < LN_36_UPPER_BOUND) { int256 ln_36_x = _ln_36(x_int256); // ln_36_x has 36 decimal places, so multiplying by y_int256 isn't as straightforward, since we can't just // bring y_int256 to 36 decimal places, as it might overflow. Instead, we perform two 18 decimal // multiplications and add the results: one with the first 18 decimals of ln_36_x, and one with the // (downscaled) last 18 decimals. logx_times_y = ((ln_36_x / ONE_18) * y_int256 + ((ln_36_x % ONE_18) * y_int256) / ONE_18); } else { logx_times_y = _ln(x_int256) * y_int256; } logx_times_y /= ONE_18; // Finally, we compute exp(y * ln(x)) to arrive at x^y _require( MIN_NATURAL_EXPONENT <= logx_times_y && logx_times_y <= MAX_NATURAL_EXPONENT, Errors.PRODUCT_OUT_OF_BOUNDS ); return uint256(exp(logx_times_y)); } /** * @dev Natural exponentiation (e^x) with signed 18 decimal fixed point exponent. * * Reverts if `x` is smaller than MIN_NATURAL_EXPONENT, or larger than `MAX_NATURAL_EXPONENT`. */ function exp(int256 x) internal pure returns (int256) { _require(x >= MIN_NATURAL_EXPONENT && x <= MAX_NATURAL_EXPONENT, Errors.INVALID_EXPONENT); if (x < 0) { // We only handle positive exponents: e^(-x) is computed as 1 / e^x. We can safely make x positive since it // fits in the signed 256 bit range (as it is larger than MIN_NATURAL_EXPONENT). // Fixed point division requires multiplying by ONE_18. return ((ONE_18 * ONE_18) / exp(-x)); } // First, we use the fact that e^(x+y) = e^x * e^y to decompose x into a sum of powers of two, which we call x_n, // where x_n == 2^(7 - n), and e^x_n = a_n has been precomputed. We choose the first x_n, x0, to equal 2^7 // because all larger powers are larger than MAX_NATURAL_EXPONENT, and therefore not present in the // decomposition. // At the end of this process we will have the product of all e^x_n = a_n that apply, and the remainder of this // decomposition, which will be lower than the smallest x_n. // exp(x) = k_0 * a_0 * k_1 * a_1 * ... + k_n * a_n * exp(remainder), where each k_n equals either 0 or 1. // We mutate x by subtracting x_n, making it the remainder of the decomposition. // The first two a_n (e^(2^7) and e^(2^6)) are too large if stored as 18 decimal numbers, and could cause // intermediate overflows. Instead we store them as plain integers, with 0 decimals. // Additionally, x0 + x1 is larger than MAX_NATURAL_EXPONENT, which means they will not both be present in the // decomposition. // For each x_n, we test if that term is present in the decomposition (if x is larger than it), and if so deduct // it and compute the accumulated product. int256 firstAN; if (x >= x0) { x -= x0; firstAN = a0; } else if (x >= x1) { x -= x1; firstAN = a1; } else { firstAN = 1; // One with no decimal places } // We now transform x into a 20 decimal fixed point number, to have enhanced precision when computing the // smaller terms. x *= 100; // `product` is the accumulated product of all a_n (except a0 and a1), which starts at 20 decimal fixed point // one. Recall that fixed point multiplication requires dividing by ONE_20. int256 product = ONE_20; if (x >= x2) { x -= x2; product = (product * a2) / ONE_20; } if (x >= x3) { x -= x3; product = (product * a3) / ONE_20; } if (x >= x4) { x -= x4; product = (product * a4) / ONE_20; } if (x >= x5) { x -= x5; product = (product * a5) / ONE_20; } if (x >= x6) { x -= x6; product = (product * a6) / ONE_20; } if (x >= x7) { x -= x7; product = (product * a7) / ONE_20; } if (x >= x8) { x -= x8; product = (product * a8) / ONE_20; } if (x >= x9) { x -= x9; product = (product * a9) / ONE_20; } // x10 and x11 are unnecessary here since we have high enough precision already. // Now we need to compute e^x, where x is small (in particular, it is smaller than x9). We use the Taylor series // expansion for e^x: 1 + x + (x^2 / 2!) + (x^3 / 3!) + ... + (x^n / n!). int256 seriesSum = ONE_20; // The initial one in the sum, with 20 decimal places. int256 term; // Each term in the sum, where the nth term is (x^n / n!). // The first term is simply x. term = x; seriesSum += term; // Each term (x^n / n!) equals the previous one times x, divided by n. Since x is a fixed point number, // multiplying by it requires dividing by ONE_20, but dividing by the non-fixed point n values does not. term = ((term * x) / ONE_20) / 2; seriesSum += term; term = ((term * x) / ONE_20) / 3; seriesSum += term; term = ((term * x) / ONE_20) / 4; seriesSum += term; term = ((term * x) / ONE_20) / 5; seriesSum += term; term = ((term * x) / ONE_20) / 6; seriesSum += term; term = ((term * x) / ONE_20) / 7; seriesSum += term; term = ((term * x) / ONE_20) / 8; seriesSum += term; term = ((term * x) / ONE_20) / 9; seriesSum += term; term = ((term * x) / ONE_20) / 10; seriesSum += term; term = ((term * x) / ONE_20) / 11; seriesSum += term; term = ((term * x) / ONE_20) / 12; seriesSum += term; // 12 Taylor terms are sufficient for 18 decimal precision. // We now have the first a_n (with no decimals), and the product of all other a_n present, and the Taylor // approximation of the exponentiation of the remainder (both with 20 decimals). All that remains is to multiply // all three (one 20 decimal fixed point multiplication, dividing by ONE_20, and one integer multiplication), // and then drop two digits to return an 18 decimal value. return (((product * seriesSum) / ONE_20) * firstAN) / 100; } /** * @dev Logarithm (log(arg, base), with signed 18 decimal fixed point base and argument. */ function log(int256 arg, int256 base) internal pure returns (int256) { // This performs a simple base change: log(arg, base) = ln(arg) / ln(base). // Both logBase and logArg are computed as 36 decimal fixed point numbers, either by using ln_36, or by // upscaling. int256 logBase; if (LN_36_LOWER_BOUND < base && base < LN_36_UPPER_BOUND) { logBase = _ln_36(base); } else { logBase = _ln(base) * ONE_18; } int256 logArg; if (LN_36_LOWER_BOUND < arg && arg < LN_36_UPPER_BOUND) { logArg = _ln_36(arg); } else { logArg = _ln(arg) * ONE_18; } // When dividing, we multiply by ONE_18 to arrive at a result with 18 decimal places return (logArg * ONE_18) / logBase; } /** * @dev Natural logarithm (ln(a)) with signed 18 decimal fixed point argument. */ function ln(int256 a) internal pure returns (int256) { // The real natural logarithm is not defined for negative numbers or zero. _require(a > 0, Errors.OUT_OF_BOUNDS); if (LN_36_LOWER_BOUND < a && a < LN_36_UPPER_BOUND) { return _ln_36(a) / ONE_18; } else { return _ln(a); } } /** * @dev Internal natural logarithm (ln(a)) with signed 18 decimal fixed point argument. */ function _ln(int256 a) private pure returns (int256) { if (a < ONE_18) { // Since ln(a^k) = k * ln(a), we can compute ln(a) as ln(a) = ln((1/a)^(-1)) = - ln((1/a)). If a is less // than one, 1/a will be greater than one, and this if statement will not be entered in the recursive call. // Fixed point division requires multiplying by ONE_18. return (-_ln((ONE_18 * ONE_18) / a)); } // First, we use the fact that ln^(a * b) = ln(a) + ln(b) to decompose ln(a) into a sum of powers of two, which // we call x_n, where x_n == 2^(7 - n), which are the natural logarithm of precomputed quantities a_n (that is, // ln(a_n) = x_n). We choose the first x_n, x0, to equal 2^7 because the exponential of all larger powers cannot // be represented as 18 fixed point decimal numbers in 256 bits, and are therefore larger than a. // At the end of this process we will have the sum of all x_n = ln(a_n) that apply, and the remainder of this // decomposition, which will be lower than the smallest a_n. // ln(a) = k_0 * x_0 + k_1 * x_1 + ... + k_n * x_n + ln(remainder), where each k_n equals either 0 or 1. // We mutate a by subtracting a_n, making it the remainder of the decomposition. // For reasons related to how `exp` works, the first two a_n (e^(2^7) and e^(2^6)) are not stored as fixed point // numbers with 18 decimals, but instead as plain integers with 0 decimals, so we need to multiply them by // ONE_18 to convert them to fixed point. // For each a_n, we test if that term is present in the decomposition (if a is larger than it), and if so divide // by it and compute the accumulated sum. int256 sum = 0; if (a >= a0 * ONE_18) { a /= a0; // Integer, not fixed point division sum += x0; } if (a >= a1 * ONE_18) { a /= a1; // Integer, not fixed point division sum += x1; } // All other a_n and x_n are stored as 20 digit fixed point numbers, so we convert the sum and a to this format. sum *= 100; a *= 100; // Because further a_n are 20 digit fixed point numbers, we multiply by ONE_20 when dividing by them. if (a >= a2) { a = (a * ONE_20) / a2; sum += x2; } if (a >= a3) { a = (a * ONE_20) / a3; sum += x3; } if (a >= a4) { a = (a * ONE_20) / a4; sum += x4; } if (a >= a5) { a = (a * ONE_20) / a5; sum += x5; } if (a >= a6) { a = (a * ONE_20) / a6; sum += x6; } if (a >= a7) { a = (a * ONE_20) / a7; sum += x7; } if (a >= a8) { a = (a * ONE_20) / a8; sum += x8; } if (a >= a9) { a = (a * ONE_20) / a9; sum += x9; } if (a >= a10) { a = (a * ONE_20) / a10; sum += x10; } if (a >= a11) { a = (a * ONE_20) / a11; sum += x11; } // a is now a small number (smaller than a_11, which roughly equals 1.06). This means we can use a Taylor series // that converges rapidly for values of `a` close to one - the same one used in ln_36. // Let z = (a - 1) / (a + 1). // ln(a) = 2 * (z + z^3 / 3 + z^5 / 5 + z^7 / 7 + ... + z^(2 * n + 1) / (2 * n + 1)) // Recall that 20 digit fixed point division requires multiplying by ONE_20, and multiplication requires // division by ONE_20. int256 z = ((a - ONE_20) * ONE_20) / (a + ONE_20); int256 z_squared = (z * z) / ONE_20; // num is the numerator of the series: the z^(2 * n + 1) term int256 num = z; // seriesSum holds the accumulated sum of each term in the series, starting with the initial z int256 seriesSum = num; // In each step, the numerator is multiplied by z^2 num = (num * z_squared) / ONE_20; seriesSum += num / 3; num = (num * z_squared) / ONE_20; seriesSum += num / 5; num = (num * z_squared) / ONE_20; seriesSum += num / 7; num = (num * z_squared) / ONE_20; seriesSum += num / 9; num = (num * z_squared) / ONE_20; seriesSum += num / 11; // 6 Taylor terms are sufficient for 36 decimal precision. // Finally, we multiply by 2 (non fixed point) to compute ln(remainder) seriesSum *= 2; // We now have the sum of all x_n present, and the Taylor approximation of the logarithm of the remainder (both // with 20 decimals). All that remains is to sum these two, and then drop two digits to return a 18 decimal // value. return (sum + seriesSum) / 100; } /** * @dev Intrnal high precision (36 decimal places) natural logarithm (ln(x)) with signed 18 decimal fixed point argument, * for x close to one. * * Should only be used if x is between LN_36_LOWER_BOUND and LN_36_UPPER_BOUND. */ function _ln_36(int256 x) private pure returns (int256) { // Since ln(1) = 0, a value of x close to one will yield a very small result, which makes using 36 digits // worthwhile. // First, we transform x to a 36 digit fixed point value. x *= ONE_18; // We will use the following Taylor expansion, which converges very rapidly. Let z = (x - 1) / (x + 1). // ln(x) = 2 * (z + z^3 / 3 + z^5 / 5 + z^7 / 7 + ... + z^(2 * n + 1) / (2 * n + 1)) // Recall that 36 digit fixed point division requires multiplying by ONE_36, and multiplication requires // division by ONE_36. int256 z = ((x - ONE_36) * ONE_36) / (x + ONE_36); int256 z_squared = (z * z) / ONE_36; // num is the numerator of the series: the z^(2 * n + 1) term int256 num = z; // seriesSum holds the accumulated sum of each term in the series, starting with the initial z int256 seriesSum = num; // In each step, the numerator is multiplied by z^2 num = (num * z_squared) / ONE_36; seriesSum += num / 3; num = (num * z_squared) / ONE_36; seriesSum += num / 5; num = (num * z_squared) / ONE_36; seriesSum += num / 7; num = (num * z_squared) / ONE_36; seriesSum += num / 9; num = (num * z_squared) / ONE_36; seriesSum += num / 11; num = (num * z_squared) / ONE_36; seriesSum += num / 13; num = (num * z_squared) / ONE_36; seriesSum += num / 15; // 8 Taylor terms are sufficient for 36 decimal precision. // All that remains is multiplying by 2 (non fixed point). return seriesSum * 2; } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "./IBasePool.sol"; /** * @dev IPools with the General specialization setting should implement this interface. * * This is called by the Vault when a user calls `IVault.swap` or `IVault.batchSwap` to swap with this Pool. * Returns the number of tokens the Pool will grant to the user in a 'given in' swap, or that the user will * grant to the pool in a 'given out' swap. * * This can often be implemented by a `view` function, since many pricing algorithms don't need to track state * changes in swaps. However, contracts implementing this in non-view functions should check that the caller is * indeed the Vault. */ interface IGeneralPool is IBasePool { function onSwap( SwapRequest memory swapRequest, uint256[] memory balances, uint256 indexIn, uint256 indexOut ) external returns (uint256 amount); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "@balancer-labs/v2-interfaces/contracts/pool-utils/IAssetManager.sol"; import "@balancer-labs/v2-interfaces/contracts/pool-utils/IControlledPool.sol"; import "@balancer-labs/v2-interfaces/contracts/vault/IVault.sol"; import "@balancer-labs/v2-interfaces/contracts/vault/IBasePool.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/InputHelpers.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/WordCodec.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/TemporarilyPausable.sol"; import "@balancer-labs/v2-solidity-utils/contracts/openzeppelin/ERC20.sol"; import "@balancer-labs/v2-solidity-utils/contracts/math/FixedPoint.sol"; import "@balancer-labs/v2-solidity-utils/contracts/math/Math.sol"; import "./BalancerPoolToken.sol"; import "./BasePoolAuthorization.sol"; import "./RecoveryMode.sol"; // solhint-disable max-states-count /** * @notice Reference implementation for the base layer of a Pool contract. * @dev Reference implementation for the base layer of a Pool contract that manages a single Pool with optional * Asset Managers, an admin-controlled swap fee percentage, and an emergency pause mechanism. * * This Pool pays protocol fees by minting BPT directly to the ProtocolFeeCollector instead of using the * `dueProtocolFees` return value. This results in the underlying tokens continuing to provide liquidity * for traders, while still keeping gas usage to a minimum since only a single token (the BPT) is transferred. * * Note that neither swap fees nor the pause mechanism are used by this contract. They are passed through so that * derived contracts can use them via the `_addSwapFeeAmount` and `_subtractSwapFeeAmount` functions, and the * `whenNotPaused` modifier. * * No admin permissions are checked here: instead, this contract delegates that to the Vault's own Authorizer. * * Because this contract doesn't implement the swap hooks, derived contracts should generally inherit from * BaseGeneralPool or BaseMinimalSwapInfoPool. Otherwise, subclasses must inherit from the corresponding interfaces * and implement the swap callbacks themselves. */ abstract contract BasePool is IBasePool, IControlledPool, BasePoolAuthorization, BalancerPoolToken, TemporarilyPausable, RecoveryMode { using WordCodec for bytes32; using FixedPoint for uint256; using BasePoolUserData for bytes; uint256 private constant _MIN_TOKENS = 2; uint256 private constant _DEFAULT_MINIMUM_BPT = 1e6; // 1e18 corresponds to 1.0, or a 100% fee uint256 private constant _MIN_SWAP_FEE_PERCENTAGE = 1e12; // 0.0001% uint256 private constant _MAX_SWAP_FEE_PERCENTAGE = 1e17; // 10% - this fits in 64 bits // `_miscData` is a storage slot that can be used to store unrelated pieces of information. All pools store the // recovery mode flag and swap fee percentage, but `miscData` can be extended to store more pieces of information. // The most signficant bit is reserved for the recovery mode flag, and the swap fee percentage is stored in // the next most significant 63 bits, leaving the remaining 192 bits free to store any other information derived // pools might need. // // This slot is preferred for gas-sensitive operations as it is read in all joins, swaps and exits, // and therefore warm. // [ recovery | swap fee | available ] // [ 1 bit | 63 bits | 192 bits ] // [ MSB LSB ] bytes32 private _miscData; uint256 private constant _SWAP_FEE_PERCENTAGE_OFFSET = 192; uint256 private constant _RECOVERY_MODE_BIT_OFFSET = 255; // A fee can never be larger than FixedPoint.ONE, which fits in 60 bits, so 63 is more than enough. uint256 private constant _SWAP_FEE_PERCENTAGE_BIT_LENGTH = 63; bytes32 private immutable _poolId; // Note that this value is immutable in the Vault, so we can make it immutable here and save gas IProtocolFeesCollector private immutable _protocolFeesCollector; event SwapFeePercentageChanged(uint256 swapFeePercentage); constructor( IVault vault, IVault.PoolSpecialization specialization, string memory name, string memory symbol, IERC20[] memory tokens, address[] memory assetManagers, uint256 swapFeePercentage, uint256 pauseWindowDuration, uint256 bufferPeriodDuration, address owner ) // Base Pools are expected to be deployed using factories. By using the factory address as the action // disambiguator, we make all Pools deployed by the same factory share action identifiers. This allows for // simpler management of permissions (such as being able to manage granting the 'set fee percentage' action in // any Pool created by the same factory), while still making action identifiers unique among different factories // if the selectors match, preventing accidental errors. Authentication(bytes32(uint256(msg.sender))) BalancerPoolToken(name, symbol, vault) BasePoolAuthorization(owner) TemporarilyPausable(pauseWindowDuration, bufferPeriodDuration) { _require(tokens.length >= _MIN_TOKENS, Errors.MIN_TOKENS); _require(tokens.length <= _getMaxTokens(), Errors.MAX_TOKENS); // The Vault only requires the token list to be ordered for the Two Token Pools specialization. However, // to make the developer experience consistent, we are requiring this condition for all the native pools. // Also, since these Pools will register tokens only once, we can ensure the Pool tokens will follow the same // order. We rely on this property to make Pools simpler to write, as it lets us assume that the // order of token-specific parameters (such as token weights) will not change. InputHelpers.ensureArrayIsSorted(tokens); _setSwapFeePercentage(swapFeePercentage); bytes32 poolId = vault.registerPool(specialization); vault.registerTokens(poolId, tokens, assetManagers); // Set immutable state variables - these cannot be read from during construction _poolId = poolId; _protocolFeesCollector = vault.getProtocolFeesCollector(); } // Getters / Setters /** * @notice Return the pool id. */ function getPoolId() public view override returns (bytes32) { return _poolId; } function _getTotalTokens() internal view virtual returns (uint256); function _getMaxTokens() internal pure virtual returns (uint256); /** * @dev Returns the minimum BPT supply. This amount is minted to the zero address during initialization, effectively * locking it. * * This is useful to make sure Pool initialization happens only once, but derived Pools can change this value (even * to zero) by overriding this function. */ function _getMinimumBpt() internal pure virtual returns (uint256) { return _DEFAULT_MINIMUM_BPT; } /** * @notice Return the current value of the swap fee percentage. * @dev This is stored in `_miscData`. */ function getSwapFeePercentage() public view virtual override returns (uint256) { return _miscData.decodeUint(_SWAP_FEE_PERCENTAGE_OFFSET, _SWAP_FEE_PERCENTAGE_BIT_LENGTH); } /** * @notice Return the ProtocolFeesCollector contract. * @dev This is immutable, and retrieved from the Vault on construction. (It is also immutable in the Vault.) */ function getProtocolFeesCollector() public view returns (IProtocolFeesCollector) { return _protocolFeesCollector; } /** * @notice Set the swap fee percentage. * @dev This is a permissioned function, and disabled if the pool is paused. The swap fee must be within the * bounds set by MIN_SWAP_FEE_PERCENTAGE/MAX_SWAP_FEE_PERCENTAGE. Emits the SwapFeePercentageChanged event. */ function setSwapFeePercentage(uint256 swapFeePercentage) public virtual override authenticate whenNotPaused { _setSwapFeePercentage(swapFeePercentage); } function _setSwapFeePercentage(uint256 swapFeePercentage) internal virtual { _require(swapFeePercentage >= _getMinSwapFeePercentage(), Errors.MIN_SWAP_FEE_PERCENTAGE); _require(swapFeePercentage <= _getMaxSwapFeePercentage(), Errors.MAX_SWAP_FEE_PERCENTAGE); _miscData = _miscData.insertUint( swapFeePercentage, _SWAP_FEE_PERCENTAGE_OFFSET, _SWAP_FEE_PERCENTAGE_BIT_LENGTH ); emit SwapFeePercentageChanged(swapFeePercentage); } function _getMinSwapFeePercentage() internal pure virtual returns (uint256) { return _MIN_SWAP_FEE_PERCENTAGE; } function _getMaxSwapFeePercentage() internal pure virtual returns (uint256) { return _MAX_SWAP_FEE_PERCENTAGE; } /** * @notice Returns whether the pool is in Recovery Mode. */ function inRecoveryMode() public view override returns (bool) { return _miscData.decodeBool(_RECOVERY_MODE_BIT_OFFSET); } /** * @dev Sets the recoveryMode state, and emits the corresponding event. */ function _setRecoveryMode(bool enabled) internal virtual override { _miscData = _miscData.insertBool(enabled, _RECOVERY_MODE_BIT_OFFSET); emit RecoveryModeStateChanged(enabled); // Some pools need to update their state when leaving recovery mode to ensure proper functioning of the Pool. // We do not allow an `_onEnableRecoveryMode()` hook as this may jeopardize the ability to enable Recovery mode. if (!enabled) _onDisableRecoveryMode(); } /** * @dev Performs any necessary actions on the disabling of Recovery Mode. * This is usually to reset any fee collection mechanisms to ensure that they operate correctly going forward. */ function _onDisableRecoveryMode() internal virtual {} /** * @notice Set the asset manager parameters for the given token. * @dev This is a permissioned function, unavailable when the pool is paused. * The details of the configuration data are set by each Asset Manager. (For an example, see * `RewardsAssetManager`.) */ function setAssetManagerPoolConfig(IERC20 token, bytes memory poolConfig) public virtual override authenticate whenNotPaused { _setAssetManagerPoolConfig(token, poolConfig); } function _setAssetManagerPoolConfig(IERC20 token, bytes memory poolConfig) private { bytes32 poolId = getPoolId(); (, , , address assetManager) = getVault().getPoolTokenInfo(poolId, token); IAssetManager(assetManager).setConfig(poolId, poolConfig); } /** * @notice Pause the pool: an emergency action which disables all pool functions. * @dev This is a permissioned function that will only work during the Pause Window set during pool factory * deployment (see `TemporarilyPausable`). */ function pause() external authenticate { _setPaused(true); } /** * @notice Reverse a `pause` operation, and restore a pool to normal functionality. * @dev This is a permissioned function that will only work on a paused pool within the Buffer Period set during * pool factory deployment (see `TemporarilyPausable`). Note that any paused pools will automatically unpause * after the Buffer Period expires. */ function unpause() external authenticate { _setPaused(false); } function _isOwnerOnlyAction(bytes32 actionId) internal view virtual override returns (bool) { return (actionId == getActionId(this.setSwapFeePercentage.selector)) || (actionId == getActionId(this.setAssetManagerPoolConfig.selector)) || super._isOwnerOnlyAction(actionId); } function _getMiscData() internal view returns (bytes32) { return _miscData; } /** * @dev Inserts data into the least-significant 192 bits of the misc data storage slot. * Note that the remaining 64 bits are used for the swap fee percentage and cannot be overloaded. */ function _setMiscData(bytes32 newData) internal { _miscData = _miscData.insertBits192(newData, 0); } // Join / Exit Hooks modifier onlyVault(bytes32 poolId) { _require(msg.sender == address(getVault()), Errors.CALLER_NOT_VAULT); _require(poolId == getPoolId(), Errors.INVALID_POOL_ID); _; } /** * @notice Vault hook for adding liquidity to a pool (including the first time, "initializing" the pool). * @dev This function can only be called from the Vault, from `joinPool`. */ function onJoinPool( bytes32 poolId, address sender, address recipient, uint256[] memory balances, uint256 lastChangeBlock, uint256 protocolSwapFeePercentage, bytes memory userData ) external override onlyVault(poolId) returns (uint256[] memory, uint256[] memory) { _beforeSwapJoinExit(); uint256[] memory scalingFactors = _scalingFactors(); if (totalSupply() == 0) { (uint256 bptAmountOut, uint256[] memory amountsIn) = _onInitializePool( poolId, sender, recipient, scalingFactors, userData ); // On initialization, we lock _getMinimumBpt() by minting it for the zero address. This BPT acts as a // minimum as it will never be burned, which reduces potential issues with rounding, and also prevents the // Pool from ever being fully drained. _require(bptAmountOut >= _getMinimumBpt(), Errors.MINIMUM_BPT); _mintPoolTokens(address(0), _getMinimumBpt()); _mintPoolTokens(recipient, bptAmountOut - _getMinimumBpt()); // amountsIn are amounts entering the Pool, so we round up. _downscaleUpArray(amountsIn, scalingFactors); return (amountsIn, new uint256[](balances.length)); } else { _upscaleArray(balances, scalingFactors); (uint256 bptAmountOut, uint256[] memory amountsIn) = _onJoinPool( poolId, sender, recipient, balances, lastChangeBlock, inRecoveryMode() ? 0 : protocolSwapFeePercentage, // Protocol fees are disabled while in recovery mode scalingFactors, userData ); // Note we no longer use `balances` after calling `_onJoinPool`, which may mutate it. _mintPoolTokens(recipient, bptAmountOut); // amountsIn are amounts entering the Pool, so we round up. _downscaleUpArray(amountsIn, scalingFactors); // This Pool ignores the `dueProtocolFees` return value, so we simply return a zeroed-out array. return (amountsIn, new uint256[](balances.length)); } } /** * @notice Vault hook for removing liquidity from a pool. * @dev This function can only be called from the Vault, from `exitPool`. */ function onExitPool( bytes32 poolId, address sender, address recipient, uint256[] memory balances, uint256 lastChangeBlock, uint256 protocolSwapFeePercentage, bytes memory userData ) external override onlyVault(poolId) returns (uint256[] memory, uint256[] memory) { uint256[] memory amountsOut; uint256 bptAmountIn; // When a user calls `exitPool`, this is the first point of entry from the Vault. // We first check whether this is a Recovery Mode exit - if so, we proceed using this special lightweight exit // mechanism which avoids computing any complex values, interacting with external contracts, etc., and generally // should always work, even if the Pool's mathematics or a dependency break down. if (userData.isRecoveryModeExitKind()) { // This exit kind is only available in Recovery Mode. _ensureInRecoveryMode(); // Note that we don't upscale balances nor downscale amountsOut - we don't care about scaling factors during // a recovery mode exit. (bptAmountIn, amountsOut) = _doRecoveryModeExit(balances, totalSupply(), userData); } else { // Note that we only call this if we're not in a recovery mode exit. _beforeSwapJoinExit(); uint256[] memory scalingFactors = _scalingFactors(); _upscaleArray(balances, scalingFactors); (bptAmountIn, amountsOut) = _onExitPool( poolId, sender, recipient, balances, lastChangeBlock, inRecoveryMode() ? 0 : protocolSwapFeePercentage, // Protocol fees are disabled while in recovery mode scalingFactors, userData ); // amountsOut are amounts exiting the Pool, so we round down. _downscaleDownArray(amountsOut, scalingFactors); } // Note we no longer use `balances` after calling `_onExitPool`, which may mutate it. _burnPoolTokens(sender, bptAmountIn); // This Pool ignores the `dueProtocolFees` return value, so we simply return a zeroed-out array. return (amountsOut, new uint256[](balances.length)); } // Query functions /** * @notice "Dry run" `onJoinPool`. * @dev Returns the amount of BPT that would be granted to `recipient` if the `onJoinPool` hook were called by the * Vault with the same arguments, along with the number of tokens `sender` would have to supply. * * This function is not meant to be called directly, but rather from a helper contract that fetches current Vault * data, such as the protocol swap fee percentage and Pool balances. * * Like `IVault.queryBatchSwap`, this function is not view due to internal implementation details: the caller must * explicitly use eth_call instead of eth_sendTransaction. */ function queryJoin( bytes32 poolId, address sender, address recipient, uint256[] memory balances, uint256 lastChangeBlock, uint256 protocolSwapFeePercentage, bytes memory userData ) external override returns (uint256 bptOut, uint256[] memory amountsIn) { InputHelpers.ensureInputLengthMatch(balances.length, _getTotalTokens()); _queryAction( poolId, sender, recipient, balances, lastChangeBlock, protocolSwapFeePercentage, userData, _onJoinPool, _downscaleUpArray ); // The `return` opcode is executed directly inside `_queryAction`, so execution never reaches this statement, // and we don't need to return anything here - it just silences compiler warnings. return (bptOut, amountsIn); } /** * @notice "Dry run" `onExitPool`. * @dev Returns the amount of BPT that would be burned from `sender` if the `onExitPool` hook were called by the * Vault with the same arguments, along with the number of tokens `recipient` would receive. * * This function is not meant to be called directly, but rather from a helper contract that fetches current Vault * data, such as the protocol swap fee percentage and Pool balances. * * Like `IVault.queryBatchSwap`, this function is not view due to internal implementation details: the caller must * explicitly use eth_call instead of eth_sendTransaction. */ function queryExit( bytes32 poolId, address sender, address recipient, uint256[] memory balances, uint256 lastChangeBlock, uint256 protocolSwapFeePercentage, bytes memory userData ) external override returns (uint256 bptIn, uint256[] memory amountsOut) { InputHelpers.ensureInputLengthMatch(balances.length, _getTotalTokens()); _queryAction( poolId, sender, recipient, balances, lastChangeBlock, protocolSwapFeePercentage, userData, _onExitPool, _downscaleDownArray ); // The `return` opcode is executed directly inside `_queryAction`, so execution never reaches this statement, // and we don't need to return anything here - it just silences compiler warnings. return (bptIn, amountsOut); } // Internal hooks to be overridden by derived contracts - all token amounts (except BPT) in these interfaces are // upscaled. /** * @dev Called when the Pool is joined for the first time; that is, when the BPT total supply is zero. * * Returns the amount of BPT to mint, and the token amounts the Pool will receive in return. * * Minted BPT will be sent to `recipient`, except for _getMinimumBpt(), which will be deducted from this amount and * sent to the zero address instead. This will cause that BPT to remain forever locked there, preventing total BTP * from ever dropping below that value, and ensuring `_onInitializePool` can only be called once in the entire * Pool's lifetime. * * The tokens granted to the Pool will be transferred from `sender`. These amounts are considered upscaled and will * be downscaled (rounding up) before being returned to the Vault. */ function _onInitializePool( bytes32 poolId, address sender, address recipient, uint256[] memory scalingFactors, bytes memory userData ) internal virtual returns (uint256 bptAmountOut, uint256[] memory amountsIn); /** * @dev Called whenever the Pool is joined after the first initialization join (see `_onInitializePool`). * * Returns the amount of BPT to mint, the token amounts that the Pool will receive in return, and the number of * tokens to pay in protocol swap fees. * * Implementations of this function might choose to mutate the `balances` array to save gas (e.g. when * performing intermediate calculations, such as subtraction of due protocol fees). This can be done safely. * * Minted BPT will be sent to `recipient`. * * The tokens granted to the Pool will be transferred from `sender`. These amounts are considered upscaled and will * be downscaled (rounding up) before being returned to the Vault. * * Due protocol swap fees will be taken from the Pool's balance in the Vault (see `IBasePool.onJoinPool`). These * amounts are considered upscaled and will be downscaled (rounding down) before being returned to the Vault. */ function _onJoinPool( bytes32 poolId, address sender, address recipient, uint256[] memory balances, uint256 lastChangeBlock, uint256 protocolSwapFeePercentage, uint256[] memory scalingFactors, bytes memory userData ) internal virtual returns (uint256 bptAmountOut, uint256[] memory amountsIn); /** * @dev Called whenever the Pool is exited. * * Returns the amount of BPT to burn, the token amounts for each Pool token that the Pool will grant in return, and * the number of tokens to pay in protocol swap fees. * * Implementations of this function might choose to mutate the `balances` array to save gas (e.g. when * performing intermediate calculations, such as subtraction of due protocol fees). This can be done safely. * * BPT will be burnt from `sender`. * * The Pool will grant tokens to `recipient`. These amounts are considered upscaled and will be downscaled * (rounding down) before being returned to the Vault. * * Due protocol swap fees will be taken from the Pool's balance in the Vault (see `IBasePool.onExitPool`). These * amounts are considered upscaled and will be downscaled (rounding down) before being returned to the Vault. */ function _onExitPool( bytes32 poolId, address sender, address recipient, uint256[] memory balances, uint256 lastChangeBlock, uint256 protocolSwapFeePercentage, uint256[] memory scalingFactors, bytes memory userData ) internal virtual returns (uint256 bptAmountIn, uint256[] memory amountsOut); /** * @dev Called at the very beginning of swaps, joins and exits, even before the scaling factors are read. Derived * contracts can extend this implementation to perform any state-changing operations they might need (including e.g. * updating the scaling factors), * * The only scenario in which this function is not called is during a recovery mode exit. This makes it safe to * perform non-trivial computations or interact with external dependencies here, as recovery mode will not be * affected. * * Since this contract does not implement swaps, derived contracts must also make sure this function is called on * swap handlers. */ function _beforeSwapJoinExit() internal virtual { // All joins, exits and swaps are disabled (except recovery mode exits). _ensureNotPaused(); } // Internal functions /** * @dev Pays protocol fees by minting `bptAmount` to the Protocol Fee Collector. */ function _payProtocolFees(uint256 bptAmount) internal { _mintPoolTokens(address(getProtocolFeesCollector()), bptAmount); } /** * @dev Adds swap fee amount to `amount`, returning a higher value. */ function _addSwapFeeAmount(uint256 amount) internal view returns (uint256) { // This returns amount + fee amount, so we round up (favoring a higher fee amount). return amount.divUp(getSwapFeePercentage().complement()); } /** * @dev Subtracts swap fee amount from `amount`, returning a lower value. */ function _subtractSwapFeeAmount(uint256 amount) internal view returns (uint256) { // This returns amount - fee amount, so we round up (favoring a higher fee amount). uint256 feeAmount = amount.mulUp(getSwapFeePercentage()); return amount.sub(feeAmount); } // Scaling /** * @dev Returns a scaling factor that, when multiplied to a token amount for `token`, normalizes its balance as if * it had 18 decimals. */ function _computeScalingFactor(IERC20 token) internal view returns (uint256) { if (address(token) == address(this)) { return FixedPoint.ONE; } // Tokens that don't implement the `decimals` method are not supported. uint256 tokenDecimals = ERC20(address(token)).decimals(); // Tokens with more than 18 decimals are not supported. uint256 decimalsDifference = Math.sub(18, tokenDecimals); return FixedPoint.ONE * 10**decimalsDifference; } /** * @dev Returns the scaling factor for one of the Pool's tokens. Reverts if `token` is not a token registered by the * Pool. * * All scaling factors are fixed-point values with 18 decimals, to allow for this function to be overridden by * derived contracts that need to apply further scaling, making these factors potentially non-integer. * * The largest 'base' scaling factor (i.e. in tokens with less than 18 decimals) is 10**18, which in fixed-point is * 10**36. This value can be multiplied with a 112 bit Vault balance with no overflow by a factor of ~1e7, making * even relatively 'large' factors safe to use. * * The 1e7 figure is the result of 2**256 / (1e18 * 1e18 * 2**112). */ function _scalingFactor(IERC20 token) internal view virtual returns (uint256); /** * @dev Same as `_scalingFactor()`, except for all registered tokens (in the same order as registered). The Vault * will always pass balances in this order when calling any of the Pool hooks. */ function _scalingFactors() internal view virtual returns (uint256[] memory); function getScalingFactors() external view override returns (uint256[] memory) { return _scalingFactors(); } /** * @dev Applies `scalingFactor` to `amount`, resulting in a larger or equal value depending on whether it needed * scaling or not. */ function _upscale(uint256 amount, uint256 scalingFactor) internal pure returns (uint256) { // Upscale rounding wouldn't necessarily always go in the same direction: in a swap for example the balance of // token in should be rounded up, and that of token out rounded down. This is the only place where we round in // the same direction for all amounts, as the impact of this rounding is expected to be minimal (and there's no // rounding error unless `_scalingFactor()` is overriden). return FixedPoint.mulDown(amount, scalingFactor); } /** * @dev Same as `_upscale`, but for an entire array. This function does not return anything, but instead *mutates* * the `amounts` array. */ function _upscaleArray(uint256[] memory amounts, uint256[] memory scalingFactors) internal pure { uint256 length = amounts.length; InputHelpers.ensureInputLengthMatch(length, scalingFactors.length); for (uint256 i = 0; i < length; ++i) { amounts[i] = FixedPoint.mulDown(amounts[i], scalingFactors[i]); } } /** * @dev Reverses the `scalingFactor` applied to `amount`, resulting in a smaller or equal value depending on * whether it needed scaling or not. The result is rounded down. */ function _downscaleDown(uint256 amount, uint256 scalingFactor) internal pure returns (uint256) { return FixedPoint.divDown(amount, scalingFactor); } /** * @dev Same as `_downscaleDown`, but for an entire array. This function does not return anything, but instead * *mutates* the `amounts` array. */ function _downscaleDownArray(uint256[] memory amounts, uint256[] memory scalingFactors) internal pure { uint256 length = amounts.length; InputHelpers.ensureInputLengthMatch(length, scalingFactors.length); for (uint256 i = 0; i < length; ++i) { amounts[i] = FixedPoint.divDown(amounts[i], scalingFactors[i]); } } /** * @dev Reverses the `scalingFactor` applied to `amount`, resulting in a smaller or equal value depending on * whether it needed scaling or not. The result is rounded up. */ function _downscaleUp(uint256 amount, uint256 scalingFactor) internal pure returns (uint256) { return FixedPoint.divUp(amount, scalingFactor); } /** * @dev Same as `_downscaleUp`, but for an entire array. This function does not return anything, but instead * *mutates* the `amounts` array. */ function _downscaleUpArray(uint256[] memory amounts, uint256[] memory scalingFactors) internal pure { uint256 length = amounts.length; InputHelpers.ensureInputLengthMatch(length, scalingFactors.length); for (uint256 i = 0; i < length; ++i) { amounts[i] = FixedPoint.divUp(amounts[i], scalingFactors[i]); } } function _getAuthorizer() internal view override returns (IAuthorizer) { // Access control management is delegated to the Vault's Authorizer. This lets Balancer Governance manage which // accounts can call permissioned functions: for example, to perform emergency pauses. // If the owner is delegated, then *all* permissioned functions, including `setSwapFeePercentage`, will be under // Governance control. return getVault().getAuthorizer(); } function _queryAction( bytes32 poolId, address sender, address recipient, uint256[] memory balances, uint256 lastChangeBlock, uint256 protocolSwapFeePercentage, bytes memory userData, function(bytes32, address, address, uint256[] memory, uint256, uint256, uint256[] memory, bytes memory) internal returns (uint256, uint256[] memory) _action, function(uint256[] memory, uint256[] memory) internal view _downscaleArray ) private { // This uses the same technique used by the Vault in queryBatchSwap. Refer to that function for a detailed // explanation. if (msg.sender != address(this)) { // We perform an external call to ourselves, forwarding the same calldata. In this call, the else clause of // the preceding if statement will be executed instead. // solhint-disable-next-line avoid-low-level-calls (bool success, ) = address(this).call(msg.data); // solhint-disable-next-line no-inline-assembly assembly { // This call should always revert to decode the bpt and token amounts from the revert reason switch success case 0 { // Note we are manually writing the memory slot 0. We can safely overwrite whatever is // stored there as we take full control of the execution and then immediately return. // We copy the first 4 bytes to check if it matches with the expected signature, otherwise // there was another revert reason and we should forward it. returndatacopy(0, 0, 0x04) let error := and(mload(0), 0xffffffff00000000000000000000000000000000000000000000000000000000) // If the first 4 bytes don't match with the expected signature, we forward the revert reason. if eq(eq(error, 0x43adbafb00000000000000000000000000000000000000000000000000000000), 0) { returndatacopy(0, 0, returndatasize()) revert(0, returndatasize()) } // The returndata contains the signature, followed by the raw memory representation of the // `bptAmount` and `tokenAmounts` (array: length + data). We need to return an ABI-encoded // representation of these. // An ABI-encoded response will include one additional field to indicate the starting offset of // the `tokenAmounts` array. The `bptAmount` will be laid out in the first word of the // returndata. // // In returndata: // [ signature ][ bptAmount ][ tokenAmounts length ][ tokenAmounts values ] // [ 4 bytes ][ 32 bytes ][ 32 bytes ][ (32 * length) bytes ] // // We now need to return (ABI-encoded values): // [ bptAmount ][ tokeAmounts offset ][ tokenAmounts length ][ tokenAmounts values ] // [ 32 bytes ][ 32 bytes ][ 32 bytes ][ (32 * length) bytes ] // We copy 32 bytes for the `bptAmount` from returndata into memory. // Note that we skip the first 4 bytes for the error signature returndatacopy(0, 0x04, 32) // The offsets are 32-bytes long, so the array of `tokenAmounts` will start after // the initial 64 bytes. mstore(0x20, 64) // We now copy the raw memory array for the `tokenAmounts` from returndata into memory. // Since bpt amount and offset take up 64 bytes, we start copying at address 0x40. We also // skip the first 36 bytes from returndata, which correspond to the signature plus bpt amount. returndatacopy(0x40, 0x24, sub(returndatasize(), 36)) // We finally return the ABI-encoded uint256 and the array, which has a total length equal to // the size of returndata, plus the 32 bytes of the offset but without the 4 bytes of the // error signature. return(0, add(returndatasize(), 28)) } default { // This call should always revert, but we fail nonetheless if that didn't happen invalid() } } } else { // This imitates the relevant parts of the bodies of onJoin and onExit. Since they're not virtual, we know // that their implementations will match this regardless of what derived contracts might do. _beforeSwapJoinExit(); uint256[] memory scalingFactors = _scalingFactors(); _upscaleArray(balances, scalingFactors); (uint256 bptAmount, uint256[] memory tokenAmounts) = _action( poolId, sender, recipient, balances, lastChangeBlock, protocolSwapFeePercentage, scalingFactors, userData ); _downscaleArray(tokenAmounts, scalingFactors); // solhint-disable-next-line no-inline-assembly assembly { // We will return a raw representation of `bptAmount` and `tokenAmounts` in memory, which is composed of // a 32-byte uint256, followed by a 32-byte for the array length, and finally the 32-byte uint256 values // Because revert expects a size in bytes, we multiply the array length (stored at `tokenAmounts`) by 32 let size := mul(mload(tokenAmounts), 32) // We store the `bptAmount` in the previous slot to the `tokenAmounts` array. We can make sure there // will be at least one available slot due to how the memory scratch space works. // We can safely overwrite whatever is stored in this slot as we will revert immediately after that. let start := sub(tokenAmounts, 0x20) mstore(start, bptAmount) // We send one extra value for the error signature "QueryError(uint256,uint256[])" which is 0x43adbafb // We use the previous slot to `bptAmount`. mstore(sub(start, 0x20), 0x0000000000000000000000000000000000000000000000000000000043adbafb) start := sub(start, 0x04) // When copying from `tokenAmounts` into returndata, we copy the additional 68 bytes to also return // the `bptAmount`, the array 's length, and the error signature. revert(start, add(size, 68)) } } } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "./IVault.sol"; import "./IPoolSwapStructs.sol"; /** * @dev Interface for adding and removing liquidity that all Pool contracts should implement. Note that this is not * the complete Pool contract interface, as it is missing the swap hooks. Pool contracts should also inherit from * either IGeneralPool or IMinimalSwapInfoPool */ interface IBasePool is IPoolSwapStructs { /** * @dev Called by the Vault when a user calls `IVault.joinPool` to add liquidity to this Pool. Returns how many of * each registered token the user should provide, as well as the amount of protocol fees the Pool owes to the Vault. * The Vault will then take tokens from `sender` and add them to the Pool's balances, as well as collect * the reported amount in protocol fees, which the pool should calculate based on `protocolSwapFeePercentage`. * * Protocol fees are reported and charged on join events so that the Pool is free of debt whenever new users join. * * `sender` is the account performing the join (from which tokens will be withdrawn), and `recipient` is the account * designated to receive any benefits (typically pool shares). `balances` contains the total balances * for each token the Pool registered in the Vault, in the same order that `IVault.getPoolTokens` would return. * * `lastChangeBlock` is the last block in which *any* of the Pool's registered tokens last changed its total * balance. * * `userData` contains any pool-specific instructions needed to perform the calculations, such as the type of * join (e.g., proportional given an amount of pool shares, single-asset, multi-asset, etc.) * * Contracts implementing this function should check that the caller is indeed the Vault before performing any * state-changing operations, such as minting pool shares. */ function onJoinPool( bytes32 poolId, address sender, address recipient, uint256[] memory balances, uint256 lastChangeBlock, uint256 protocolSwapFeePercentage, bytes memory userData ) external returns (uint256[] memory amountsIn, uint256[] memory dueProtocolFeeAmounts); /** * @dev Called by the Vault when a user calls `IVault.exitPool` to remove liquidity from this Pool. Returns how many * tokens the Vault should deduct from the Pool's balances, as well as the amount of protocol fees the Pool owes * to the Vault. The Vault will then take tokens from the Pool's balances and send them to `recipient`, * as well as collect the reported amount in protocol fees, which the Pool should calculate based on * `protocolSwapFeePercentage`. * * Protocol fees are charged on exit events to guarantee that users exiting the Pool have paid their share. * * `sender` is the account performing the exit (typically the pool shareholder), and `recipient` is the account * to which the Vault will send the proceeds. `balances` contains the total token balances for each token * the Pool registered in the Vault, in the same order that `IVault.getPoolTokens` would return. * * `lastChangeBlock` is the last block in which *any* of the Pool's registered tokens last changed its total * balance. * * `userData` contains any pool-specific instructions needed to perform the calculations, such as the type of * exit (e.g., proportional given an amount of pool shares, single-asset, multi-asset, etc.) * * Contracts implementing this function should check that the caller is indeed the Vault before performing any * state-changing operations, such as burning pool shares. */ function onExitPool( bytes32 poolId, address sender, address recipient, uint256[] memory balances, uint256 lastChangeBlock, uint256 protocolSwapFeePercentage, bytes memory userData ) external returns (uint256[] memory amountsOut, uint256[] memory dueProtocolFeeAmounts); /** * @dev Returns this Pool's ID, used when interacting with the Vault (to e.g. join the Pool or swap with it). */ function getPoolId() external view returns (bytes32); /** * @dev Returns the current swap fee percentage as a 18 decimal fixed point number, so e.g. 1e17 corresponds to a * 10% swap fee. */ function getSwapFeePercentage() external view returns (uint256); /** * @dev Returns the scaling factors of each of the Pool's tokens. This is an implementation detail that is typically * not relevant for outside parties, but which might be useful for some types of Pools. */ function getScalingFactors() external view returns (uint256[] memory); function queryJoin( bytes32 poolId, address sender, address recipient, uint256[] memory balances, uint256 lastChangeBlock, uint256 protocolSwapFeePercentage, bytes memory userData ) external returns (uint256 bptOut, uint256[] memory amountsIn); function queryExit( bytes32 poolId, address sender, address recipient, uint256[] memory balances, uint256 lastChangeBlock, uint256 protocolSwapFeePercentage, bytes memory userData ) external returns (uint256 bptIn, uint256[] memory amountsOut); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "../solidity-utils/openzeppelin/IERC20.sol"; import "./IVault.sol"; interface IPoolSwapStructs { // This is not really an interface - it just defines common structs used by other interfaces: IGeneralPool and // IMinimalSwapInfoPool. // // This data structure represents a request for a token swap, where `kind` indicates the swap type ('given in' or // 'given out') which indicates whether or not the amount sent by the pool is known. // // The pool receives `tokenIn` and sends `tokenOut`. `amount` is the number of `tokenIn` tokens the pool will take // in, or the number of `tokenOut` tokens the Pool will send out, depending on the given swap `kind`. // // All other fields are not strictly necessary for most swaps, but are provided to support advanced scenarios in // some Pools. // // `poolId` is the ID of the Pool involved in the swap - this is useful for Pool contracts that implement more than // one Pool. // // The meaning of `lastChangeBlock` depends on the Pool specialization: // - Two Token or Minimal Swap Info: the last block in which either `tokenIn` or `tokenOut` changed its total // balance. // - General: the last block in which *any* of the Pool's registered tokens changed its total balance. // // `from` is the origin address for the funds the Pool receives, and `to` is the destination address // where the Pool sends the outgoing tokens. // // `userData` is extra data provided by the caller - typically a signature from a trusted party. struct SwapRequest { IVault.SwapKind kind; IERC20 tokenIn; IERC20 tokenOut; uint256 amount; // Misc data bytes32 poolId; uint256 lastChangeBlock; address from; address to; bytes userData; } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; pragma experimental ABIEncoderV2; import "../solidity-utils/openzeppelin/IERC20.sol"; interface IAssetManager { /** * @notice Emitted when asset manager is rebalanced */ event Rebalance(bytes32 poolId); /** * @notice Sets the config */ function setConfig(bytes32 poolId, bytes calldata config) external; /** * Note: No function to read the asset manager config is included in IAssetManager * as the signature is expected to vary between asset manager implementations */ /** * @notice Returns the asset manager's token */ function getToken() external view returns (IERC20); /** * @return the current assets under management of this asset manager */ function getAUM(bytes32 poolId) external view returns (uint256); /** * @return poolCash - The up-to-date cash balance of the pool * @return poolManaged - The up-to-date managed balance of the pool */ function getPoolBalances(bytes32 poolId) external view returns (uint256 poolCash, uint256 poolManaged); /** * @return The difference in tokens between the target investment * and the currently invested amount (i.e. the amount that can be invested) */ function maxInvestableBalance(bytes32 poolId) external view returns (int256); /** * @notice Updates the Vault on the value of the pool's investment returns */ function updateBalanceOfPool(bytes32 poolId) external; /** * @notice Determines whether the pool should rebalance given the provided balances */ function shouldRebalance(uint256 cash, uint256 managed) external view returns (bool); /** * @notice Rebalances funds between the pool and the asset manager to maintain target investment percentage. * @param poolId - the poolId of the pool to be rebalanced * @param force - a boolean representing whether a rebalance should be forced even when the pool is near balance */ function rebalance(bytes32 poolId, bool force) external; /** * @notice allows an authorized rebalancer to remove capital to facilitate large withdrawals * @param poolId - the poolId of the pool to withdraw funds back to * @param amount - the amount of tokens to withdraw back to the pool */ function capitalOut(bytes32 poolId, uint256 amount) external; }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "../solidity-utils/openzeppelin/IERC20.sol"; interface IControlledPool { function setSwapFeePercentage(uint256 swapFeePercentage) external; function setAssetManagerPoolConfig(IERC20 token, bytes memory poolConfig) external; }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "../math/Math.sol"; /** * @dev Library for encoding and decoding values stored inside a 256 bit word. Typically used to pack multiple values in * a single storage slot, saving gas by performing less storage accesses. * * Each value is defined by its size and the least significant bit in the word, also known as offset. For example, two * 128 bit values may be encoded in a word by assigning one an offset of 0, and the other an offset of 128. * * We could use Solidity structs to pack values together in a single storage slot instead of relying on a custom and * error-prone library, but unfortunately Solidity only allows for structs to live in either storage, calldata or * memory. Because a memory struct uses not just memory but also a slot in the stack (to store its memory location), * using memory for word-sized values (i.e. of 256 bits or less) is strictly less gas performant, and doesn't even * prevent stack-too-deep issues. This is compounded by the fact that Balancer contracts typically are memory-intensive, * and the cost of accesing memory increases quadratically with the number of allocated words. Manual packing and * unpacking is therefore the preferred approach. */ library WordCodec { // Masks are values with the least significant N bits set. They can be used to extract an encoded value from a word, // or to insert a new one replacing the old. uint256 private constant _MASK_1 = 2**(1) - 1; uint256 private constant _MASK_192 = 2**(192) - 1; // In-place insertion /** * @dev Inserts an unsigned integer of bitLength, shifted by an offset, into a 256 bit word, * replacing the old value. Returns the new word. */ function insertUint( bytes32 word, uint256 value, uint256 offset, uint256 bitLength ) internal pure returns (bytes32) { _validateEncodingParams(value, offset, bitLength); uint256 mask = (1 << bitLength) - 1; bytes32 clearedWord = bytes32(uint256(word) & ~(mask << offset)); return clearedWord | bytes32(value << offset); } /** * @dev Inserts a signed integer shifted by an offset into a 256 bit word, replacing the old value. Returns * the new word. * * Assumes `value` can be represented using `bitLength` bits. */ function insertInt( bytes32 word, int256 value, uint256 offset, uint256 bitLength ) internal pure returns (bytes32) { _validateEncodingParams(value, offset, bitLength); uint256 mask = (1 << bitLength) - 1; bytes32 clearedWord = bytes32(uint256(word) & ~(mask << offset)); // Integer values need masking to remove the upper bits of negative values. return clearedWord | bytes32((uint256(value) & mask) << offset); } // Encoding /** * @dev Encodes an unsigned integer shifted by an offset. Ensures value fits within * `bitLength` bits. * * The return value can be ORed bitwise with other encoded values to form a 256 bit word. */ function encodeUint( uint256 value, uint256 offset, uint256 bitLength ) internal pure returns (bytes32) { _validateEncodingParams(value, offset, bitLength); return bytes32(value << offset); } /** * @dev Encodes a signed integer shifted by an offset. * * The return value can be ORed bitwise with other encoded values to form a 256 bit word. */ function encodeInt( int256 value, uint256 offset, uint256 bitLength ) internal pure returns (bytes32) { _validateEncodingParams(value, offset, bitLength); uint256 mask = (1 << bitLength) - 1; // Integer values need masking to remove the upper bits of negative values. return bytes32((uint256(value) & mask) << offset); } // Decoding /** * @dev Decodes and returns an unsigned integer with `bitLength` bits, shifted by an offset, from a 256 bit word. */ function decodeUint( bytes32 word, uint256 offset, uint256 bitLength ) internal pure returns (uint256) { return uint256(word >> offset) & ((1 << bitLength) - 1); } /** * @dev Decodes and returns a signed integer with `bitLength` bits, shifted by an offset, from a 256 bit word. */ function decodeInt( bytes32 word, uint256 offset, uint256 bitLength ) internal pure returns (int256) { int256 maxInt = int256((1 << (bitLength - 1)) - 1); uint256 mask = (1 << bitLength) - 1; int256 value = int256(uint256(word >> offset) & mask); // In case the decoded value is greater than the max positive integer that can be represented with bitLength // bits, we know it was originally a negative integer. Therefore, we mask it to restore the sign in the 256 bit // representation. return value > maxInt ? (value | int256(~mask)) : value; } // Special cases /** * @dev Decodes and returns a boolean shifted by an offset from a 256 bit word. */ function decodeBool(bytes32 word, uint256 offset) internal pure returns (bool) { return (uint256(word >> offset) & _MASK_1) == 1; } /** * @dev Inserts a 192 bit value shifted by an offset into a 256 bit word, replacing the old value. * Returns the new word. * * Assumes `value` can be represented using 192 bits. */ function insertBits192( bytes32 word, bytes32 value, uint256 offset ) internal pure returns (bytes32) { bytes32 clearedWord = bytes32(uint256(word) & ~(_MASK_192 << offset)); return clearedWord | bytes32((uint256(value) & _MASK_192) << offset); } /** * @dev Inserts a boolean value shifted by an offset into a 256 bit word, replacing the old value. Returns the new * word. */ function insertBool( bytes32 word, bool value, uint256 offset ) internal pure returns (bytes32) { bytes32 clearedWord = bytes32(uint256(word) & ~(_MASK_1 << offset)); return clearedWord | bytes32(uint256(value ? 1 : 0) << offset); } // Helpers function _validateEncodingParams( uint256 value, uint256 offset, uint256 bitLength ) private pure { _require(offset < 256, Errors.OUT_OF_BOUNDS); // We never accept 256 bit values (which would make the codec pointless), and the larger the offset the smaller // the maximum bit length. _require(bitLength >= 1 && bitLength <= Math.min(255, 256 - offset), Errors.OUT_OF_BOUNDS); // Testing unsigned values for size is straightforward: their upper bits must be cleared. _require(value >> bitLength == 0, Errors.CODEC_OVERFLOW); } function _validateEncodingParams( int256 value, uint256 offset, uint256 bitLength ) private pure { _require(offset < 256, Errors.OUT_OF_BOUNDS); // We never accept 256 bit values (which would make the codec pointless), and the larger the offset the smaller // the maximum bit length. _require(bitLength >= 1 && bitLength <= Math.min(255, 256 - offset), Errors.OUT_OF_BOUNDS); // Testing signed values for size is a bit more involved. if (value >= 0) { // For positive values, we can simply check that the upper bits are clear. Notice we remove one bit from the // length for the sign bit. _require(value >> (bitLength - 1) == 0, Errors.CODEC_OVERFLOW); } else { // Negative values can receive the same treatment by making them positive, with the caveat that the range // for negative values in two's complement supports one more value than for the positive case. _require(Math.abs(value + 1) >> (bitLength - 1) == 0, Errors.CODEC_OVERFLOW); } } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/ITemporarilyPausable.sol"; /** * @dev Allows for a contract to be paused during an initial period after deployment, disabling functionality. Can be * used as an emergency switch in case a security vulnerability or threat is identified. * * The contract can only be paused during the Pause Window, a period that starts at deployment. It can also be * unpaused and repaused any number of times during this period. This is intended to serve as a safety measure: it lets * system managers react quickly to potentially dangerous situations, knowing that this action is reversible if careful * analysis later determines there was a false alarm. * * If the contract is paused when the Pause Window finishes, it will remain in the paused state through an additional * Buffer Period, after which it will be automatically unpaused forever. This is to ensure there is always enough time * to react to an emergency, even if the threat is discovered shortly before the Pause Window expires. * * Note that since the contract can only be paused within the Pause Window, unpausing during the Buffer Period is * irreversible. */ abstract contract TemporarilyPausable is ITemporarilyPausable { // The Pause Window and Buffer Period are timestamp-based: they should not be relied upon for sub-minute accuracy. // solhint-disable not-rely-on-time uint256 private constant _MAX_PAUSE_WINDOW_DURATION = 5 * 365 days; uint256 private constant _MAX_BUFFER_PERIOD_DURATION = 365 days; uint256 private immutable _pauseWindowEndTime; uint256 private immutable _bufferPeriodEndTime; bool private _paused; constructor(uint256 pauseWindowDuration, uint256 bufferPeriodDuration) { _require(pauseWindowDuration <= _MAX_PAUSE_WINDOW_DURATION, Errors.MAX_PAUSE_WINDOW_DURATION); _require(bufferPeriodDuration <= _MAX_BUFFER_PERIOD_DURATION, Errors.MAX_BUFFER_PERIOD_DURATION); uint256 pauseWindowEndTime = block.timestamp + pauseWindowDuration; _pauseWindowEndTime = pauseWindowEndTime; _bufferPeriodEndTime = pauseWindowEndTime + bufferPeriodDuration; } /** * @dev Reverts if the contract is paused. */ modifier whenNotPaused() { _ensureNotPaused(); _; } /** * @dev Returns the current contract pause status, as well as the end times of the Pause Window and Buffer * Period. */ function getPausedState() external view override returns ( bool paused, uint256 pauseWindowEndTime, uint256 bufferPeriodEndTime ) { paused = !_isNotPaused(); pauseWindowEndTime = _getPauseWindowEndTime(); bufferPeriodEndTime = _getBufferPeriodEndTime(); } /** * @dev Sets the pause state to `paused`. The contract can only be paused until the end of the Pause Window, and * unpaused until the end of the Buffer Period. * * Once the Buffer Period expires, this function reverts unconditionally. */ function _setPaused(bool paused) internal { if (paused) { _require(block.timestamp < _getPauseWindowEndTime(), Errors.PAUSE_WINDOW_EXPIRED); } else { _require(block.timestamp < _getBufferPeriodEndTime(), Errors.BUFFER_PERIOD_EXPIRED); } _paused = paused; emit PausedStateChanged(paused); } /** * @dev Reverts if the contract is paused. */ function _ensureNotPaused() internal view { _require(_isNotPaused(), Errors.PAUSED); } /** * @dev Reverts if the contract is not paused. */ function _ensurePaused() internal view { _require(!_isNotPaused(), Errors.NOT_PAUSED); } /** * @dev Returns true if the contract is unpaused. * * Once the Buffer Period expires, the gas cost of calling this function is reduced dramatically, as storage is no * longer accessed. */ function _isNotPaused() internal view returns (bool) { // After the Buffer Period, the (inexpensive) timestamp check short-circuits the storage access. return block.timestamp > _getBufferPeriodEndTime() || !_paused; } // These getters lead to reduced bytecode size by inlining the immutable variables in a single place. function _getPauseWindowEndTime() private view returns (uint256) { return _pauseWindowEndTime; } function _getBufferPeriodEndTime() private view returns (uint256) { return _bufferPeriodEndTime; } }
// SPDX-License-Identifier: MIT pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC20.sol"; import "./SafeMath.sol"; /** * @dev Implementation of the {IERC20} interface. * * This implementation is agnostic to the way tokens are created. This means * that a supply mechanism has to be added in a derived contract using {_mint}. * For a generic mechanism see {ERC20PresetMinterPauser}. * * TIP: For a detailed writeup see our guide * https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How * to implement supply mechanisms]. * * We have followed general OpenZeppelin guidelines: functions revert instead * of returning `false` on failure. This behavior is nonetheless conventional * and does not conflict with the expectations of ERC20 applications. * * Additionally, an {Approval} event is emitted on calls to {transferFrom}. * This allows applications to reconstruct the allowance for all accounts just * by listening to said events. Other implementations of the EIP may not emit * these events, as it isn't required by the specification. * * Finally, the non-standard {decreaseAllowance} and {increaseAllowance} * functions have been added to mitigate the well-known issues around setting * allowances. See {IERC20-approve}. */ contract ERC20 is IERC20 { using SafeMath for uint256; mapping(address => uint256) private _balances; mapping(address => mapping(address => uint256)) private _allowances; uint256 private _totalSupply; string private _name; string private _symbol; uint8 private _decimals; /** * @dev Sets the values for {name} and {symbol}, initializes {decimals} with * a default value of 18. * * To select a different value for {decimals}, use {_setupDecimals}. * * All three of these values are immutable: they can only be set once during * construction. */ constructor(string memory name_, string memory symbol_) { _name = name_; _symbol = symbol_; _decimals = 18; } /** * @dev Returns the name of the token. */ function name() public view returns (string memory) { return _name; } /** * @dev Returns the symbol of the token, usually a shorter version of the * name. */ function symbol() public view returns (string memory) { return _symbol; } /** * @dev Returns the number of decimals used to get its user representation. * For example, if `decimals` equals `2`, a balance of `505` tokens should * be displayed to a user as `5,05` (`505 / 10 ** 2`). * * Tokens usually opt for a value of 18, imitating the relationship between * Ether and Wei. This is the value {ERC20} uses, unless {_setupDecimals} is * called. * * NOTE: This information is only used for _display_ purposes: it in * no way affects any of the arithmetic of the contract, including * {IERC20-balanceOf} and {IERC20-transfer}. */ function decimals() public view returns (uint8) { return _decimals; } /** * @dev See {IERC20-totalSupply}. The total supply should only be read using this function * * Can be overridden by derived contracts to store the total supply in a different way (e.g. packed with other * storage values). */ function totalSupply() public view virtual override returns (uint256) { return _totalSupply; } /** * @dev Sets a new value for the total supply. It should only be set using this function. * * * Can be overridden by derived contracts to store the total supply in a different way (e.g. packed with other * storage values). */ function _setTotalSupply(uint256 value) internal virtual { _totalSupply = value; } /** * @dev See {IERC20-balanceOf}. */ function balanceOf(address account) public view override returns (uint256) { return _balances[account]; } /** * @dev See {IERC20-transfer}. * * Requirements: * * - `recipient` cannot be the zero address. * - the caller must have a balance of at least `amount`. */ function transfer(address recipient, uint256 amount) public virtual override returns (bool) { _transfer(msg.sender, recipient, amount); return true; } /** * @dev See {IERC20-allowance}. */ function allowance(address owner, address spender) public view virtual override returns (uint256) { return _allowances[owner][spender]; } /** * @dev See {IERC20-approve}. * * Requirements: * * - `spender` cannot be the zero address. */ function approve(address spender, uint256 amount) public virtual override returns (bool) { _approve(msg.sender, spender, amount); return true; } /** * @dev See {IERC20-transferFrom}. * * Emits an {Approval} event indicating the updated allowance. This is not * required by the EIP. See the note at the beginning of {ERC20}. * * Requirements: * * - `sender` and `recipient` cannot be the zero address. * - `sender` must have a balance of at least `amount`. * - the caller must have allowance for ``sender``'s tokens of at least * `amount`. */ function transferFrom( address sender, address recipient, uint256 amount ) public virtual override returns (bool) { _transfer(sender, recipient, amount); _approve( sender, msg.sender, _allowances[sender][msg.sender].sub(amount, Errors.ERC20_TRANSFER_EXCEEDS_ALLOWANCE) ); return true; } /** * @dev Atomically increases the allowance granted to `spender` by the caller. * * This is an alternative to {approve} that can be used as a mitigation for * problems described in {IERC20-approve}. * * Emits an {Approval} event indicating the updated allowance. * * Requirements: * * - `spender` cannot be the zero address. */ function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) { _approve(msg.sender, spender, _allowances[msg.sender][spender].add(addedValue)); return true; } /** * @dev Atomically decreases the allowance granted to `spender` by the caller. * * This is an alternative to {approve} that can be used as a mitigation for * problems described in {IERC20-approve}. * * Emits an {Approval} event indicating the updated allowance. * * Requirements: * * - `spender` cannot be the zero address. * - `spender` must have allowance for the caller of at least * `subtractedValue`. */ function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) { _approve( msg.sender, spender, _allowances[msg.sender][spender].sub(subtractedValue, Errors.ERC20_DECREASED_ALLOWANCE_BELOW_ZERO) ); return true; } /** * @dev Moves tokens `amount` from `sender` to `recipient`. * * This is internal function is equivalent to {transfer}, and can be used to * e.g. implement automatic token fees, slashing mechanisms, etc. * * Emits a {Transfer} event. * * Requirements: * * - `sender` cannot be the zero address. * - `recipient` cannot be the zero address. * - `sender` must have a balance of at least `amount`. */ function _transfer( address sender, address recipient, uint256 amount ) internal virtual { _require(sender != address(0), Errors.ERC20_TRANSFER_FROM_ZERO_ADDRESS); _require(recipient != address(0), Errors.ERC20_TRANSFER_TO_ZERO_ADDRESS); _beforeTokenTransfer(sender, recipient, amount); _balances[sender] = _balances[sender].sub(amount, Errors.ERC20_TRANSFER_EXCEEDS_BALANCE); _balances[recipient] = _balances[recipient].add(amount); emit Transfer(sender, recipient, amount); } /** @dev Creates `amount` tokens and assigns them to `account`, increasing * the total supply. * * Emits a {Transfer} event with `from` set to the zero address. * * Requirements: * * - `to` cannot be the zero address. */ function _mint(address account, uint256 amount) internal virtual { _beforeTokenTransfer(address(0), account, amount); _setTotalSupply(totalSupply().add(amount)); _balances[account] = _balances[account].add(amount); emit Transfer(address(0), account, amount); } /** * @dev Destroys `amount` tokens from `account`, reducing the * total supply. * * Emits a {Transfer} event with `to` set to the zero address. * * Requirements: * * - `account` cannot be the zero address. * - `account` must have at least `amount` tokens. */ function _burn(address account, uint256 amount) internal virtual { _require(account != address(0), Errors.ERC20_BURN_FROM_ZERO_ADDRESS); _beforeTokenTransfer(account, address(0), amount); _balances[account] = _balances[account].sub(amount, Errors.ERC20_BURN_EXCEEDS_BALANCE); _setTotalSupply(totalSupply().sub(amount)); emit Transfer(account, address(0), amount); } /** * @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens. * * This internal function is equivalent to `approve`, and can be used to * e.g. set automatic allowances for certain subsystems, etc. * * Emits an {Approval} event. * * Requirements: * * - `owner` cannot be the zero address. * - `spender` cannot be the zero address. */ function _approve( address owner, address spender, uint256 amount ) internal virtual { _allowances[owner][spender] = amount; emit Approval(owner, spender, amount); } /** * @dev Sets {decimals} to a value other than the default one of 18. * * WARNING: This function should only be called from the constructor. Most * applications that interact with token contracts will not expect * {decimals} to ever change, and may work incorrectly if it does. */ function _setupDecimals(uint8 decimals_) internal { _decimals = decimals_; } /** * @dev Hook that is called before any transfer of tokens. This includes * minting and burning. * * Calling conditions: * * - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens * will be to transferred to `to`. * - when `from` is zero, `amount` tokens will be minted for `to`. * - when `to` is zero, `amount` of ``from``'s tokens will be burned. * - `from` and `to` are never both zero. * * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks]. */ function _beforeTokenTransfer( address from, address to, uint256 amount ) internal virtual { // solhint-disable-previous-line no-empty-blocks } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/vault/IVault.sol"; import "@balancer-labs/v2-solidity-utils/contracts/openzeppelin/ERC20Permit.sol"; /** * @title Highly opinionated token implementation * @author Balancer Labs * @dev * - Includes functions to increase and decrease allowance as a workaround * for the well-known issue with `approve`: * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 * - Allows for 'infinite allowance', where an allowance of 0xff..ff is not * decreased by calls to transferFrom * - Lets a token holder use `transferFrom` to send their own tokens, * without first setting allowance * - Emits 'Approval' events whenever allowance is changed by `transferFrom` * - Assigns infinite allowance for all token holders to the Vault */ contract BalancerPoolToken is ERC20Permit { IVault private immutable _vault; constructor( string memory tokenName, string memory tokenSymbol, IVault vault ) ERC20(tokenName, tokenSymbol) ERC20Permit(tokenName) { _vault = vault; } function getVault() public view returns (IVault) { return _vault; } // Overrides /** * @dev Override to grant the Vault infinite allowance, causing for Pool Tokens to not require approval. * * This is sound as the Vault already provides authorization mechanisms when initiation token transfers, which this * contract inherits. */ function allowance(address owner, address spender) public view override returns (uint256) { if (spender == address(getVault())) { return uint256(-1); } else { return super.allowance(owner, spender); } } /** * @dev Override to allow for 'infinite allowance' and let the token owner use `transferFrom` with no self-allowance */ function transferFrom( address sender, address recipient, uint256 amount ) public override returns (bool) { uint256 currentAllowance = allowance(sender, msg.sender); _require(msg.sender == sender || currentAllowance >= amount, Errors.ERC20_TRANSFER_EXCEEDS_ALLOWANCE); _transfer(sender, recipient, amount); if (msg.sender != sender && currentAllowance != uint256(-1)) { // Because of the previous require, we know that if msg.sender != sender then currentAllowance >= amount _approve(sender, msg.sender, currentAllowance - amount); } return true; } /** * @dev Override to allow decreasing allowance by more than the current amount (setting it to zero) */ function decreaseAllowance(address spender, uint256 amount) public override returns (bool) { uint256 currentAllowance = allowance(msg.sender, spender); if (amount >= currentAllowance) { _approve(msg.sender, spender, 0); } else { // No risk of underflow due to if condition _approve(msg.sender, spender, currentAllowance - amount); } return true; } // Internal functions function _mintPoolTokens(address recipient, uint256 amount) internal { _mint(recipient, amount); } function _burnPoolTokens(address sender, uint256 amount) internal { _burn(sender, amount); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/vault/IAuthorizer.sol"; import "@balancer-labs/v2-solidity-utils/contracts/helpers/Authentication.sol"; /** * @dev Base authorization layer implementation for Pools. * * The owner account can call some of the permissioned functions - access control of the rest is delegated to the * Authorizer. Note that this owner is immutable: more sophisticated permission schemes, such as multiple ownership, * granular roles, etc., could be built on top of this by making the owner a smart contract. * * Access control of all other permissioned functions is delegated to an Authorizer. It is also possible to delegate * control of *all* permissioned functions to the Authorizer by setting the owner address to `_DELEGATE_OWNER`. */ abstract contract BasePoolAuthorization is Authentication { address private immutable _owner; address private constant _DELEGATE_OWNER = 0xBA1BA1ba1BA1bA1bA1Ba1BA1ba1BA1bA1ba1ba1B; constructor(address owner) { _owner = owner; } function getOwner() public view returns (address) { return _owner; } function getAuthorizer() external view returns (IAuthorizer) { return _getAuthorizer(); } function _canPerform(bytes32 actionId, address account) internal view override returns (bool) { if ((getOwner() != _DELEGATE_OWNER) && _isOwnerOnlyAction(actionId)) { // Only the owner can perform "owner only" actions, unless the owner is delegated. return msg.sender == getOwner(); } else { // Non-owner actions are always processed via the Authorizer, as "owner only" ones are when delegated. return _getAuthorizer().canPerform(actionId, account, address(this)); } } function _isOwnerOnlyAction(bytes32) internal view virtual returns (bool) { return false; } function _getAuthorizer() internal view virtual returns (IAuthorizer); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "@balancer-labs/v2-interfaces/contracts/pool-utils/BasePoolUserData.sol"; import "@balancer-labs/v2-interfaces/contracts/pool-utils/IRecoveryMode.sol"; import "@balancer-labs/v2-solidity-utils/contracts/math/FixedPoint.sol"; import "./BasePoolAuthorization.sol"; /** * @notice Handle storage and state changes for pools that support "Recovery Mode". * * @dev This is intended to provide a safe way to exit any pool during some kind of emergency, to avoid locking funds * in the event the pool enters a non-functional state (i.e., some code that normally runs during exits is causing * them to revert). * * Recovery Mode is *not* the same as pausing the pool. The pause function is only available during a short window * after factory deployment. Pausing can only be intentionally reversed during a buffer period, and the contract * will permanently unpause itself thereafter. Paused pools are completely disabled, in a kind of suspended animation, * until they are voluntarily or involuntarily unpaused. * * By contrast, a privileged account - typically a governance multisig - can place a pool in Recovery Mode at any * time, and it is always reversible. The pool is *not* disabled while in this mode: though of course whatever * condition prompted the transition to Recovery Mode has likely effectively disabled some functions. Rather, * a special "clean" exit is enabled, which runs the absolute minimum code necessary to exit proportionally. * In particular, stable pools do not attempt to compute the invariant (which is a complex, iterative calculation * that can fail in extreme circumstances), and no protocol fees are collected. * * It is critical to ensure that turning on Recovery Mode would do no harm, if activated maliciously or in error. */ abstract contract RecoveryMode is IRecoveryMode, BasePoolAuthorization { using FixedPoint for uint256; using BasePoolUserData for bytes; /** * @dev Reverts if the contract is in Recovery Mode. */ modifier whenNotInRecoveryMode() { _ensureNotInRecoveryMode(); _; } /** * @notice Enable recovery mode, which enables a special safe exit path for LPs. * @dev Does not otherwise affect pool operations (beyond deferring payment of protocol fees), though some pools may * perform certain operations in a "safer" manner that is less likely to fail, in an attempt to keep the pool * running, even in a pathological state. Unlike the Pause operation, which is only available during a short window * after factory deployment, Recovery Mode can always be enabled. */ function enableRecoveryMode() external override authenticate { _setRecoveryMode(true); } /** * @notice Disable recovery mode, which disables the special safe exit path for LPs. * @dev Protocol fees are not paid while in Recovery Mode, so it should only remain active for as long as strictly * necessary. * * This function will revert when called within a Vault context (i.e. in the middle of a join or an exit). * * This function depends on the invariant value, which may be calculated incorrectly in the middle of a join or * an exit, because the state of the pool could be out of sync with the state of the Vault. * `_onDisableRecoveryMode` will revert when called from such a context for composable stable pools, effectively * protecting this function. * * See https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345 for reference. */ function disableRecoveryMode() external override authenticate { _setRecoveryMode(false); } // Defer implementation for functions that require storage /** * @notice Override to check storage and return whether the pool is in Recovery Mode */ function inRecoveryMode() public view virtual override returns (bool); /** * @dev Override to update storage and emit the event * * No complex code or external calls that could fail should be placed in the implementations, * which could jeopardize the ability to enable and disable Recovery Mode. */ function _setRecoveryMode(bool enabled) internal virtual; /** * @dev Reverts if the contract is not in Recovery Mode. */ function _ensureInRecoveryMode() internal view { _require(inRecoveryMode(), Errors.NOT_IN_RECOVERY_MODE); } /** * @dev Reverts if the contract is in Recovery Mode. */ function _ensureNotInRecoveryMode() internal view { _require(!inRecoveryMode(), Errors.IN_RECOVERY_MODE); } /** * @dev A minimal proportional exit, suitable as is for most pools: though not for pools with preminted BPT * or other special considerations. Designed to be overridden if a pool needs to do extra processing, * such as scaling a stored invariant, or caching the new total supply. * * No complex code or external calls should be made in derived contracts that override this! */ function _doRecoveryModeExit( uint256[] memory balances, uint256 totalSupply, bytes memory userData ) internal virtual returns (uint256, uint256[] memory) { uint256 bptAmountIn = userData.recoveryModeExit(); uint256[] memory amountsOut = _computeProportionalAmountsOut(balances, totalSupply, bptAmountIn); return (bptAmountIn, amountsOut); } function _computeProportionalAmountsOut( uint256[] memory balances, uint256 totalSupply, uint256 bptAmountIn ) internal pure returns (uint256[] memory amountsOut) { /********************************************************************************************** // exactBPTInForTokensOut // // (per token) // // aO = tokenAmountOut / bptIn \ // // b = tokenBalance a0 = b * | --------------------- | // // bptIn = bptAmountIn \ bptTotalSupply / // // bpt = bptTotalSupply // **********************************************************************************************/ // Since we're computing an amount out, we round down overall. This means rounding down on both the // multiplication and division. uint256 bptRatio = bptAmountIn.divDown(totalSupply); amountsOut = new uint256[](balances.length); for (uint256 i = 0; i < balances.length; i++) { amountsOut[i] = balances[i].mulDown(bptRatio); } } }
// SPDX-License-Identifier: MIT pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; /** * @dev Wrappers over Solidity's arithmetic operations with added overflow * checks. * * Arithmetic operations in Solidity wrap on overflow. This can easily result * in bugs, because programmers usually assume that an overflow raises an * error, which is the standard behavior in high level programming languages. * `SafeMath` restores this intuition by reverting the transaction when an * operation overflows. * * Using this library instead of the unchecked operations eliminates an entire * class of bugs, so it's recommended to use it always. */ library SafeMath { /** * @dev Returns the addition of two unsigned integers, reverting on * overflow. * * Counterpart to Solidity's `+` operator. * * Requirements: * * - Addition cannot overflow. */ function add(uint256 a, uint256 b) internal pure returns (uint256) { uint256 c = a + b; _require(c >= a, Errors.ADD_OVERFLOW); return c; } /** * @dev Returns the subtraction of two unsigned integers, reverting on * overflow (when the result is negative). * * Counterpart to Solidity's `-` operator. * * Requirements: * * - Subtraction cannot overflow. */ function sub(uint256 a, uint256 b) internal pure returns (uint256) { return sub(a, b, Errors.SUB_OVERFLOW); } /** * @dev Returns the subtraction of two unsigned integers, reverting with custom message on * overflow (when the result is negative). * * Counterpart to Solidity's `-` operator. * * Requirements: * * - Subtraction cannot overflow. */ function sub( uint256 a, uint256 b, uint256 errorCode ) internal pure returns (uint256) { _require(b <= a, errorCode); uint256 c = a - b; return c; } }
// SPDX-License-Identifier: MIT pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC20Permit.sol"; import "./ERC20.sol"; import "../helpers/EOASignaturesValidator.sol"; /** * @dev Implementation of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in * https://eips.ethereum.org/EIPS/eip-2612[EIP-2612]. * * Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by * presenting a message signed by the account. By not relying on `{IERC20-approve}`, the token holder account doesn't * need to send a transaction, and thus is not required to hold Ether at all. * * _Available since v3.4._ */ abstract contract ERC20Permit is ERC20, IERC20Permit, EOASignaturesValidator { // solhint-disable-next-line var-name-mixedcase bytes32 private constant _PERMIT_TYPEHASH = keccak256( "Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)" ); /** * @dev Initializes the {EIP712} domain separator using the `name` parameter, and setting `version` to `"1"`. * * It's a good idea to use the same `name` that is defined as the ERC20 token name. */ constructor(string memory name) EIP712(name, "1") { // solhint-disable-previous-line no-empty-blocks } /** * @dev See {IERC20Permit-permit}. */ function permit( address owner, address spender, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s ) public virtual override { bytes32 structHash = keccak256( abi.encode(_PERMIT_TYPEHASH, owner, spender, value, getNextNonce(owner), deadline) ); _ensureValidSignature(owner, structHash, _toArraySignature(v, r, s), deadline, Errors.INVALID_SIGNATURE); _approve(owner, spender, value); } /** * @dev See {IERC20Permit-nonces}. */ function nonces(address owner) public view override returns (uint256) { return getNextNonce(owner); } /** * @dev See {IERC20Permit-DOMAIN_SEPARATOR}. */ // solhint-disable-next-line func-name-mixedcase function DOMAIN_SEPARATOR() external view override returns (bytes32) { return getDomainSeparator(); } }
// SPDX-License-Identifier: MIT pragma solidity ^0.7.0; /** * @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in * https://eips.ethereum.org/EIPS/eip-2612[EIP-2612]. * * Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by * presenting a message signed by the account. By not relying on `{IERC20-approve}`, the token holder account doesn't * need to send a transaction, and thus is not required to hold Ether at all. */ interface IERC20Permit { /** * @dev Sets `value` as the allowance of `spender` over `owner`'s tokens, * given `owner`'s signed approval. * * IMPORTANT: The same issues {IERC20-approve} has related to transaction * ordering also apply here. * * Emits an {Approval} event. * * Requirements: * * - `spender` cannot be the zero address. * - `deadline` must be a timestamp in the future. * - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner` * over the EIP712-formatted function arguments. * - the signature must use ``owner``'s current nonce (see {nonces}). * * For more information on the signature format, see the * https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP * section]. */ function permit( address owner, address spender, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s ) external; /** * @dev Returns the current nonce for `owner`. This value must be * included whenever a signature is generated for {permit}. * * Every successful call to {permit} increases ``owner``'s nonce by one. This * prevents a signature from being used multiple times. */ function nonces(address owner) external view returns (uint256); /** * @dev Returns the domain separator used in the encoding of the signature for `permit`, as defined by {EIP712}. */ // solhint-disable-next-line func-name-mixedcase function DOMAIN_SEPARATOR() external view returns (bytes32); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/ISignaturesValidator.sol"; import "../openzeppelin/EIP712.sol"; /** * @dev Utility for signing Solidity function calls. */ abstract contract EOASignaturesValidator is ISignaturesValidator, EIP712 { // Replay attack prevention for each account. mapping(address => uint256) internal _nextNonce; function getDomainSeparator() public view override returns (bytes32) { return _domainSeparatorV4(); } function getNextNonce(address account) public view override returns (uint256) { return _nextNonce[account]; } function _ensureValidSignature( address account, bytes32 structHash, bytes memory signature, uint256 errorCode ) internal { return _ensureValidSignature(account, structHash, signature, type(uint256).max, errorCode); } function _ensureValidSignature( address account, bytes32 structHash, bytes memory signature, uint256 deadline, uint256 errorCode ) internal { bytes32 digest = _hashTypedDataV4(structHash); _require(_isValidSignature(account, digest, signature), errorCode); // We could check for the deadline before validating the signature, but this leads to saner error processing (as // we only care about expired deadlines if the signature is correct) and only affects the gas cost of the revert // scenario, which will only occur infrequently, if ever. // The deadline is timestamp-based: it should not be relied upon for sub-minute accuracy. // solhint-disable-next-line not-rely-on-time _require(deadline >= block.timestamp, Errors.EXPIRED_SIGNATURE); // We only advance the nonce after validating the signature. This is irrelevant for this module, but it can be // important in derived contracts that override _isValidSignature (e.g. SignaturesValidator), as we want for // the observable state to still have the current nonce as the next valid one. _nextNonce[account] += 1; } function _isValidSignature( address account, bytes32 digest, bytes memory signature ) internal view virtual returns (bool) { _require(signature.length == 65, Errors.MALFORMED_SIGNATURE); bytes32 r; bytes32 s; uint8 v; // ecrecover takes the r, s and v signature parameters, and the only way to get them is to use assembly. // solhint-disable-next-line no-inline-assembly assembly { r := mload(add(signature, 0x20)) s := mload(add(signature, 0x40)) v := byte(0, mload(add(signature, 0x60))) } address recoveredAddress = ecrecover(digest, v, r, s); // ecrecover returns the zero address on recover failure, so we need to handle that explicitly. return (recoveredAddress != address(0) && recoveredAddress == account); } function _toArraySignature( uint8 v, bytes32 r, bytes32 s ) internal pure returns (bytes memory) { bytes memory signature = new bytes(65); // solhint-disable-next-line no-inline-assembly assembly { mstore(add(signature, 32), r) mstore(add(signature, 64), s) mstore8(add(signature, 96), v) } return signature; } }
// SPDX-License-Identifier: MIT pragma solidity ^0.7.0; /** * @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data. * * The encoding specified in the EIP is very generic, and such a generic implementation in Solidity is not feasible, * thus this contract does not implement the encoding itself. Protocols need to implement the type-specific encoding * they need in their contracts using a combination of `abi.encode` and `keccak256`. * * This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding * scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA * ({_hashTypedDataV4}). * * The implementation of the domain separator was designed to be as efficient as possible while still properly updating * the chain id to protect against replay attacks on an eventual fork of the chain. * * NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method * https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask]. * * _Available since v3.4._ */ abstract contract EIP712 { /* solhint-disable var-name-mixedcase */ bytes32 private immutable _HASHED_NAME; bytes32 private immutable _HASHED_VERSION; bytes32 private immutable _TYPE_HASH; /* solhint-enable var-name-mixedcase */ /** * @dev Initializes the domain separator and parameter caches. * * The meaning of `name` and `version` is specified in * https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]: * * - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol. * - `version`: the current major version of the signing domain. * * NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart * contract upgrade]. */ constructor(string memory name, string memory version) { _HASHED_NAME = keccak256(bytes(name)); _HASHED_VERSION = keccak256(bytes(version)); _TYPE_HASH = keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"); } /** * @dev Returns the domain separator for the current chain. */ function _domainSeparatorV4() internal view virtual returns (bytes32) { return keccak256(abi.encode(_TYPE_HASH, _HASHED_NAME, _HASHED_VERSION, _getChainId(), address(this))); } /** * @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this * function returns the hash of the fully encoded EIP712 message for this domain. * * This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example: * * ```solidity * bytes32 digest = _hashTypedDataV4(keccak256(abi.encode( * keccak256("Mail(address to,string contents)"), * mailTo, * keccak256(bytes(mailContents)) * ))); * address signer = ECDSA.recover(digest, signature); * ``` */ function _hashTypedDataV4(bytes32 structHash) internal view virtual returns (bytes32) { return keccak256(abi.encodePacked("\x19\x01", _domainSeparatorV4(), structHash)); } function _getChainId() private view returns (uint256 chainId) { // Silence state mutability warning without generating bytecode. // See https://github.com/ethereum/solidity/issues/10090#issuecomment-741789128 and // https://github.com/ethereum/solidity/issues/2691 this; // solhint-disable-next-line no-inline-assembly assembly { chainId := chainid() } } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; library BasePoolUserData { // Special ExitKind for all pools, used in Recovery Mode. Use the max 8-bit value to prevent conflicts // with future additions to the ExitKind enums (or any front-end code that maps to existing values) uint8 public constant RECOVERY_MODE_EXIT_KIND = 255; // Return true if this is the special exit kind. function isRecoveryModeExitKind(bytes memory self) internal pure returns (bool) { // Check for the "no data" case, or abi.decode would revert return self.length > 0 && abi.decode(self, (uint8)) == RECOVERY_MODE_EXIT_KIND; } // Parse the bptAmountIn out of the userData function recoveryModeExit(bytes memory self) internal pure returns (uint256 bptAmountIn) { (, bptAmountIn) = abi.decode(self, (uint8, uint256)); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; /** * @dev Interface for the RecoveryMode module. */ interface IRecoveryMode { /** * @dev Emitted when the Recovery Mode status changes. */ event RecoveryModeStateChanged(bool enabled); /** * @notice Enables Recovery Mode in the Pool, disabling protocol fee collection and allowing for safe proportional * exits with low computational complexity and no dependencies. */ function enableRecoveryMode() external; /** * @notice Disables Recovery Mode in the Pool, restoring protocol fee collection and disallowing proportional exits. */ function disableRecoveryMode() external; /** * @notice Returns true if the Pool is in Recovery Mode. */ function inRecoveryMode() external view returns (bool); }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; import "@balancer-labs/v2-interfaces/contracts/standalone-utils/IProtocolFeePercentagesProvider.sol"; import "@balancer-labs/v2-solidity-utils/contracts/openzeppelin/SafeCast.sol"; import "../RecoveryMode.sol"; /** * @dev The Vault does not provide the protocol swap fee percentage in swap hooks (as swaps don't typically need this * value), so for swaps that need this value, we would have to to fetch it ourselves from the * ProtocolFeePercentagesProvider. Additionally, other protocol fee types (such as Yield or AUM) can only be obtained * by making said call. * * However, these values change so rarely that it doesn't make sense to perform the required calls to get the current * values in every single user interaction. Instead, we keep a local copy that can be permissionlessly updated by anyone * with the real value. We also pack these values together, performing a single storage read to get them all. * * When initialized with a special sentinel value, the swap fee is delegated, meaning the mutable protocol swap fee * cache is set to the current value stored in the ProtocolFeePercentagesProvider, and can be updated by anyone with a * call to `updateProtocolFeePercentageCache`. Any other value means the protocol swap fee is fixed, so it is instead * stored in the immutable `_fixedProtocolSwapFeePercentage`. */ abstract contract ProtocolFeeCache is RecoveryMode { using SafeCast for uint256; IProtocolFeePercentagesProvider private immutable _protocolFeeProvider; // Protocol Fee Percentages can never be larger than 100% (1e18), which fits in ~59 bits, so using 64 for each type // is sufficient. struct FeeTypeCache { uint64 swapFee; uint64 yieldFee; uint64 aumFee; } FeeTypeCache private _cache; event ProtocolFeePercentageCacheUpdated(uint256 indexed feeType, uint256 protocolFeePercentage); // Swap fees can be set to a fixed value at construction, or delegated to the ProtocolFeePercentagesProvider if // passing the special sentinel value. uint256 public constant DELEGATE_PROTOCOL_SWAP_FEES_SENTINEL = type(uint256).max; bool private immutable _delegatedProtocolSwapFees; // Only valid when `_delegatedProtocolSwapFees` is false uint256 private immutable _fixedProtocolSwapFeePercentage; constructor(IProtocolFeePercentagesProvider protocolFeeProvider, uint256 protocolSwapFeePercentage) { // Protocol swap fees are delegated to the value reported by the ProtocolFeePercentagesProvider if the sentinel // value is passed. bool delegatedProtocolSwapFees = protocolSwapFeePercentage == DELEGATE_PROTOCOL_SWAP_FEES_SENTINEL; _delegatedProtocolSwapFees = delegatedProtocolSwapFees; _protocolFeeProvider = protocolFeeProvider; _updateProtocolFeeCache(protocolFeeProvider, ProtocolFeeType.YIELD); _updateProtocolFeeCache(protocolFeeProvider, ProtocolFeeType.AUM); if (delegatedProtocolSwapFees) { _updateProtocolFeeCache(protocolFeeProvider, ProtocolFeeType.SWAP); } else { _require( protocolSwapFeePercentage <= protocolFeeProvider.getFeeTypeMaximumPercentage(ProtocolFeeType.SWAP), Errors.SWAP_FEE_PERCENTAGE_TOO_HIGH ); // We cannot set `_fixedProtocolSwapFeePercentage` here due to it being immutable so instead we must set it // in the main function scope with a value based on whether protocol fees are delegated. // Emit an event as we do in `_updateProtocolFeeCache` to appear the same to offchain indexers. emit ProtocolFeePercentageCacheUpdated(ProtocolFeeType.SWAP, protocolSwapFeePercentage); } // As `_fixedProtocolSwapFeePercentage` is immutable we must set a value, but just set to zero if it's not used. _fixedProtocolSwapFeePercentage = delegatedProtocolSwapFees ? 0 : protocolSwapFeePercentage; } /** * @dev Returns the cached protocol fee percentage. If `getProtocolSwapFeeDelegation()` is false, this value is * immutable for swap fee queries. Alternatively, it will track the global fee percentage set in the * ProtocolFeePercentagesProvider. */ function getProtocolFeePercentageCache(uint256 feeType) public view returns (uint256) { if (inRecoveryMode()) { return 0; } if (feeType == ProtocolFeeType.SWAP) { return getProtocolSwapFeeDelegation() ? _cache.swapFee : _fixedProtocolSwapFeePercentage; } else if (feeType == ProtocolFeeType.YIELD) { return _cache.yieldFee; } else if (feeType == ProtocolFeeType.AUM) { return _cache.aumFee; } else { _revert(Errors.UNHANDLED_FEE_TYPE); } } /** * @dev Can be called by anyone to update the cached fee percentages (swap fee is only updated when delegated). * Updates the cache to the latest value set by governance. * * This function will revert when called within a Vault context (i.e. in the middle of a join or an exit). * * This function depends on the invariant value, which may be calculated incorrectly in the middle of a join or * an exit, because the state of the pool could be out of sync with the state of the Vault. * `_beforeProtocolFeeCacheUpdate` will revert when called from such a context for composable stable pools, * effectively protecting this function. * * See https://forum.balancer.fi/t/reentrancy-vulnerability-scope-expanded/4345 for reference. */ function updateProtocolFeePercentageCache() external { _beforeProtocolFeeCacheUpdate(); if (getProtocolSwapFeeDelegation()) { _updateProtocolFeeCache(_protocolFeeProvider, ProtocolFeeType.SWAP); } _updateProtocolFeeCache(_protocolFeeProvider, ProtocolFeeType.YIELD); _updateProtocolFeeCache(_protocolFeeProvider, ProtocolFeeType.AUM); } /** * @dev Override in derived contracts to perform some action before the cache is updated. This is typically relevant * to Pools that incur protocol debt between operations. To avoid altering the amount due retroactively, this debt * needs to be paid before the fee percentages change. */ function _beforeProtocolFeeCacheUpdate() internal virtual {} /** * @dev Returns whether this Pool tracks protocol swap fee changes in the IProtocolFeePercentagesProvider. */ function getProtocolSwapFeeDelegation() public view returns (bool) { return _delegatedProtocolSwapFees; } function _updateProtocolFeeCache(IProtocolFeePercentagesProvider protocolFeeProvider, uint256 feeType) private { uint256 currentValue = protocolFeeProvider.getFeeTypePercentage(feeType); if (feeType == ProtocolFeeType.SWAP) { _cache.swapFee = currentValue.toUint64(); } else if (feeType == ProtocolFeeType.YIELD) { _cache.yieldFee = currentValue.toUint64(); } else if (feeType == ProtocolFeeType.AUM) { _cache.aumFee = currentValue.toUint64(); } else { _revert(Errors.UNHANDLED_FEE_TYPE); } emit ProtocolFeePercentageCacheUpdated(feeType, currentValue); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-solidity-utils/contracts/math/FixedPoint.sol"; import "@balancer-labs/v2-solidity-utils/contracts/math/Math.sol"; import "./ProtocolFees.sol"; library InvariantGrowthProtocolSwapFees { using FixedPoint for uint256; function getProtocolOwnershipPercentage( uint256 invariantGrowthRatio, uint256 supplyGrowthRatio, uint256 protocolSwapFeePercentage ) internal pure returns (uint256) { // Joins and exits are symmetrical; for simplicity, we consider a join, where the invariant and supply // both increase. // |-------------------------|-- original invariant * invariantGrowthRatio // | increase from fees | // |-------------------------|-- original invariant * supply growth ratio (fee-less invariant) // | | // | increase from balances | // |-------------------------|-- original invariant // | | // | | |------------------|-- currentSupply // | | | BPT minted | // | | |------------------|-- previousSupply // | original invariant | | original supply | // |_________________________| |__________________| // // If the join is proportional, the invariant and supply will likewise increase proportionally, // so the growth ratios (invariantGrowthRatio / supplyGrowthRatio) will be equal. In this case, we do not charge // any protocol fees. // We also charge no protocol fees in the case where `invariantGrowthRatio < supplyGrowthRatio` to avoid // potential underflows, however this should only occur in extremely low volume actions due solely to rounding // error. if ((supplyGrowthRatio >= invariantGrowthRatio) || (protocolSwapFeePercentage == 0)) return 0; // If the join is non-proportional, the supply increase will be proportionally less than the invariant increase, // since the BPT minted will be based on fewer tokens (because swap fees are not included). So the supply growth // is due entirely to the balance changes, while the invariant growth also includes swap fees. // // To isolate the amount of increase by fees then, we multiply the original invariant by the supply growth // ratio to get the "feeless invariant". The difference between the final invariant and this value is then // the amount of the invariant due to fees, which we convert to a percentage by normalizing against the // final invariant. This is expressed as the expression below: // // invariantGrowthFromFees = currentInvariant - supplyGrowthRatio * previousInvariant // // We then divide through by current invariant so the LHS can be identified as the fraction of the pool which // is made up of accumulated swap fees. // // swapFeesPercentage = 1 - supplyGrowthRatio * previousInvariant / currentInvariant // // We then define `invariantGrowthRatio` in a similar fashion to `supplyGrowthRatio` to give the result: // // swapFeesPercentage = 1 - supplyGrowthRatio / invariantGrowthRatio // // Using this form allows us to consider only the ratios of the two invariants, rather than their absolute // values: a useful property, as this is sometimes easier than calculating the full invariant twice. // We've already checked that `supplyGrowthRatio` is smaller than `invariantGrowthRatio`, and hence their ratio // smaller than FixedPoint.ONE, allowing for unchecked arithmetic. uint256 swapFeesPercentage = FixedPoint.ONE - supplyGrowthRatio.divDown(invariantGrowthRatio); // We then multiply by the protocol swap fee percentage to get the fraction of the pool which the protocol // should own once fees have been collected. return swapFeesPercentage.mulDown(protocolSwapFeePercentage); } function calcDueProtocolFees( uint256 invariantGrowthRatio, uint256 previousSupply, uint256 currentSupply, uint256 protocolSwapFeePercentage ) internal pure returns (uint256) { uint256 protocolOwnershipPercentage = getProtocolOwnershipPercentage( invariantGrowthRatio, currentSupply.divDown(previousSupply), protocolSwapFeePercentage ); return ProtocolFees.bptForPoolOwnershipPercentage(currentSupply, protocolOwnershipPercentage); } }
// SPDX-License-Identifier: MIT pragma solidity ^0.7.0; import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol"; /** * @dev Wrappers over Solidity's uintXX/intXX casting operators with added overflow * checks. * * Downcasting from uint256/int256 in Solidity does not revert on overflow. This can * easily result in undesired exploitation or bugs, since developers usually * assume that overflows raise errors. `SafeCast` restores this intuition by * reverting the transaction when such an operation overflows. * * Using this library instead of the unchecked operations eliminates an entire * class of bugs, so it's recommended to use it always. * * Can be combined with {SafeMath} and {SignedSafeMath} to extend it to smaller types, by performing * all math on `uint256` and `int256` and then downcasting. */ library SafeCast { /** * @dev Converts an unsigned uint256 into a signed int256. * * Requirements: * * - input must be less than or equal to maxInt256. */ function toInt256(uint256 value) internal pure returns (int256) { _require(value >> 255 == 0, Errors.SAFE_CAST_VALUE_CANT_FIT_INT256); return int256(value); } /** * @dev Converts an unsigned uint256 into an unsigned uint64. * * Requirements: * * - input must be less than or equal to maxUint64. */ function toUint64(uint256 value) internal pure returns (uint64) { _require(value <= type(uint64).max, Errors.SAFE_CAST_VALUE_CANT_FIT_UINT64); return uint64(value); } }
// SPDX-License-Identifier: GPL-3.0-or-later // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. pragma solidity ^0.7.0; import "@balancer-labs/v2-solidity-utils/contracts/math/FixedPoint.sol"; import "@balancer-labs/v2-solidity-utils/contracts/math/Math.sol"; library ProtocolFees { using FixedPoint for uint256; /** * @dev Calculates the amount of BPT necessary to give ownership of a given percentage of the Pool. * Note that this function reverts if `poolPercentage` >= 100%, it's expected that the caller will enforce this. * @param totalSupply - The total supply of the pool prior to minting BPT. * @param poolOwnershipPercentage - The desired ownership percentage of the pool to have as a result of minting BPT. * @return bptAmount - The amount of BPT to mint such that it is `poolPercentage` of the resultant total supply. */ function bptForPoolOwnershipPercentage(uint256 totalSupply, uint256 poolOwnershipPercentage) internal pure returns (uint256) { // If we mint some amount `bptAmount` of BPT then the percentage ownership of the pool this grants is given by: // `poolOwnershipPercentage = bptAmount / (totalSupply + bptAmount)`. // Solving for `bptAmount`, we arrive at: // `bptAmount = totalSupply * poolOwnershipPercentage / (1 - poolOwnershipPercentage)`. return Math.divDown(Math.mul(totalSupply, poolOwnershipPercentage), poolOwnershipPercentage.complement()); } }
{ "optimizer": { "enabled": true, "runs": 800 }, "outputSelection": { "*": { "*": [ "evm.bytecode", "evm.deployedBytecode", "devdoc", "userdoc", "metadata", "abi" ] } }, "libraries": {} }
Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
[{"inputs":[{"internalType":"contract IVault","name":"vault","type":"address"},{"internalType":"contract IProtocolFeePercentagesProvider","name":"protocolFeeProvider","type":"address"},{"internalType":"string","name":"factoryVersion","type":"string"},{"internalType":"string","name":"poolVersion","type":"string"}],"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[],"name":"FactoryDisabled","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"pool","type":"address"}],"name":"PoolCreated","type":"event"},{"inputs":[{"internalType":"string","name":"name","type":"string"},{"internalType":"string","name":"symbol","type":"string"},{"internalType":"contract IERC20[]","name":"tokens","type":"address[]"},{"internalType":"uint256","name":"amplificationParameter","type":"uint256"},{"internalType":"contract IRateProvider[]","name":"rateProviders","type":"address[]"},{"internalType":"uint256[]","name":"tokenRateCacheDurations","type":"uint256[]"},{"internalType":"bool","name":"exemptFromYieldProtocolFeeFlag","type":"bool"},{"internalType":"uint256","name":"swapFeePercentage","type":"uint256"},{"internalType":"address","name":"owner","type":"address"},{"internalType":"bytes32","name":"salt","type":"bytes32"}],"name":"create","outputs":[{"internalType":"contract ComposableStablePool","name":"","type":"address"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"disable","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes4","name":"selector","type":"bytes4"}],"name":"getActionId","outputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getAuthorizer","outputs":[{"internalType":"contract IAuthorizer","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getCreationCode","outputs":[{"internalType":"bytes","name":"","type":"bytes"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getCreationCodeContracts","outputs":[{"internalType":"address","name":"contractA","type":"address"},{"internalType":"address","name":"contractB","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getPauseConfiguration","outputs":[{"internalType":"uint256","name":"pauseWindowDuration","type":"uint256"},{"internalType":"uint256","name":"bufferPeriodDuration","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getPoolVersion","outputs":[{"internalType":"string","name":"","type":"string"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getProtocolFeePercentagesProvider","outputs":[{"internalType":"contract IProtocolFeePercentagesProvider","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getVault","outputs":[{"internalType":"contract IVault","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"isDisabled","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"pool","type":"address"}],"name":"isPoolFromFactory","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"version","outputs":[{"internalType":"string","name":"","type":"string"}],"stateMutability":"view","type":"function"}]
Contract Creation Code
6101806040523480156200001257600080fd5b50604051620092203803806200922083398101604081905262000035916200036e565b83836040518060200162000049906200021d565b601f1982820381018352601f90910116604052805183903090839060006002820460a081905280830360e08190528185529091508362000095816200013e602090811b620005e517901c565b60601b6001600160601b0319166080528285018051838252620000c4826200013e602090811b620005e517901c565b6001600160601b0319606091821b811660c05296909352905261010095909552505092821b831661012052509290921b90911661014052505042630784ce00016101605281516200011d9060029060208501906200022b565b508051620001339060039060208401906200022b565b505050505062000416565b80517f602038038060206000396000f3fefefefefefefefefefefefefefefefefefefe808352600091602081018484f090845291506200018c6001600160a01b03831615156101ac62000192565b50919050565b81620001a357620001a381620001a7565b5050565b620001b9816210905360ea1b620001bc565b50565b62461bcd60e51b600090815260206004526007602452600a808404818106603090810160081b958390069590950190829004918206850160101b01602363ffffff0060e086901c160160181b0190930160c81b60445260e882901c90606490fd5b617dcc806200145483390190565b828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f106200026e57805160ff19168380011785556200029e565b828001600101855582156200029e579182015b828111156200029e57825182559160200191906001019062000281565b50620002ac929150620002b0565b5090565b5b80821115620002ac5760008155600101620002b1565b600082601f830112620002d8578081fd5b81516001600160401b0380821115620002ef578283fd5b6040516020601f8401601f191682018101838111838210171562000311578586fd5b806040525081945083825286818588010111156200032e57600080fd5b600092505b8383101562000352578583018101518284018201529182019162000333565b83831115620003645760008185840101525b5050505092915050565b6000806000806080858703121562000384578384fd5b8451620003918162000400565b6020860151909450620003a48162000400565b60408601519093506001600160401b0380821115620003c1578384fd5b620003cf88838901620002c7565b93506060870151915080821115620003e5578283fd5b50620003f487828801620002c7565b91505092959194509250565b6001600160a01b0381168114620001b957600080fd5b60805160601c60a05160c05160601c60e051610100516101205160601c6101405160601c61016051610fc56200048f60003980610232528061025b5250806103fa52508061047052508061042052508061063f52508061020952806106bb5250806106605250806101e852806106975250610fc56000f3fe608060405234801561001057600080fd5b50600436106100de5760003560e01c80636634b7531161008c578063851c1bb311610066578063851c1bb3146101845780638d928af8146101a4578063971e1833146101ac578063aaabadc5146101bf576100de565b80636634b753146101475780636c57f5a914610167578063739238d61461016f576100de565b80632f2770db116100bd5780632f2770db1461012d5780633f819b6f1461013757806354fd4d501461013f576100de565b8062c194db146100e3578063174481fa146101015780632da47c4014610117575b600080fd5b6100eb6101c7565b6040516100f89190610db5565b60405180910390f35b6101096101e6565b6040516100f8929190610d68565b61011f61022c565b6040516100f8929190610f17565b610135610296565b005b6100eb6102dd565b6100eb610373565b61015a610155366004610af6565b6103d1565b6040516100f89190610d82565b61015a6103ef565b6101776103f8565b6040516100f89190610dc8565b610197610192366004610b2e565b61041c565b6040516100f89190610d8d565b61017761046e565b6101776101ba366004610b72565b610492565b61017761056b565b60606101e160405180602001604052806000815250610637565b905090565b7f00000000000000000000000000000000000000000000000000000000000000007f00000000000000000000000000000000000000000000000000000000000000009091565b600080427f000000000000000000000000000000000000000000000000000000000000000081101561028857807f000000000000000000000000000000000000000000000000000000000000000003925062ed4e009150610291565b60009250600091505b509091565b61029e610710565b6102a6610741565b6001805460ff1916811790556040517f432acbfd662dbb5d8b378384a67159b47ca9d0f1b79f97cf64cf8585fa362d5090600090a1565b60038054604080516020601f60026000196101006001881615020190951694909404938401819004810282018101909252828152606093909290918301828280156103695780601f1061033e57610100808354040283529160200191610369565b820191906000526020600020905b81548152906001019060200180831161034c57829003601f168201915b5050505050905090565b60028054604080516020601f60001961010060018716150201909416859004938401819004810282018101909252828152606093909290918301828280156103695780601f1061033e57610100808354040283529160200191610369565b6001600160a01b031660009081526020819052604090205460ff1690565b60015460ff1690565b7f000000000000000000000000000000000000000000000000000000000000000090565b60007f000000000000000000000000000000000000000000000000000000000000000082604051602001610451929190610d50565b604051602081830303815290604052805190602001209050919050565b7f000000000000000000000000000000000000000000000000000000000000000090565b600080600061049f61022c565b9150915061055a604051806101c001604052806104ba61046e565b6001600160a01b031681526020016104d06103f8565b6001600160a01b031681526020018f81526020018e81526020018d81526020018b81526020018a815260200189151581526020018c8152602001888152602001848152602001838152602001876001600160a01b031681526020016105336102dd565b90526040516105459190602001610ddc565b60405160208183030381529060405285610756565b9d9c50505050505050505050505050565b600061057561046e565b6001600160a01b031663aaabadc56040518163ffffffff1660e01b815260040160206040518083038186803b1580156105ad57600080fd5b505afa1580156105c1573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906101e19190610b56565b80517f602038038060206000396000f3fefefefefefefefefefefefefefefefefefefe808352600091602081018484f090845291506106316001600160a01b03831615156101ac6107c3565b50919050565b8051604080517f00000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000818101858101848101602090810190965280855293957f00000000000000000000000000000000000000000000000000000000000000009592947f000000000000000000000000000000000000000000000000000000000000000094938801866000828a3c846000888301883c50602089810190898501016107028183866107d5565b505050505050505050919050565b60006107276000356001600160e01b03191661041c565b905061073e6107368233610813565b6101916107c3565b50565b61075461074c6103ef565b1560d36107c3565b565b6000610760610741565b600061076c84846108a3565b6001600160a01b038116600081815260208190526040808220805460ff191660011790555192935090917f83a48fbcfc991335314e74d0496aab6a1987e992ddc85dddbcc4d6dd6ef2e9fc9190a290505b92915050565b816107d1576107d1816108e0565b5050565b5b602081106107f5578151835260209283019290910190601f19016107d6565b905182516020929092036101000a6000190180199091169116179052565b600061081d61056b565b6001600160a01b0316639be2a8848484306040518463ffffffff1660e01b815260040161084c93929190610d96565b60206040518083038186803b15801561086457600080fd5b505afa158015610878573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061089c9190610b12565b9392505050565b600060606108b084610637565b90506000838251602084016000f590506001600160a01b0381166108d8573d6000803e3d6000fd5b949350505050565b62461bcd60e51b600090815260206004526007602452600a808304818106603090810160081b83860601918390049283060160101b016642414c230000300160c81b60445261073e916210905360ea1b906242414c90606490fd5b80356107bd81610f6c565b600082601f830112610956578081fd5b813561096961096482610f4c565b610f25565b81815291506020808301908481018184028601820187101561098a57600080fd5b60005b848110156109b25781356109a081610f6c565b8452928201929082019060010161098d565b505050505092915050565b600082601f8301126109cd578081fd5b81356109db61096482610f4c565b8181529150602080830190848101818402860182018710156109fc57600080fd5b60005b848110156109b2578135610a1281610f6c565b845292820192908201906001016109ff565b600082601f830112610a34578081fd5b8135610a4261096482610f4c565b818152915060208083019084810181840286018201871015610a6357600080fd5b60005b848110156109b257813584529282019290820190600101610a66565b80356107bd81610f81565b600082601f830112610a9d578081fd5b813567ffffffffffffffff811115610ab3578182fd5b610ac6601f8201601f1916602001610f25565b9150808252836020828501011115610add57600080fd5b8060208401602084013760009082016020015292915050565b600060208284031215610b07578081fd5b813561089c81610f6c565b600060208284031215610b23578081fd5b815161089c81610f81565b600060208284031215610b3f578081fd5b81356001600160e01b03198116811461089c578182fd5b600060208284031215610b67578081fd5b815161089c81610f6c565b6000806000806000806000806000806101408b8d031215610b91578586fd5b8a3567ffffffffffffffff80821115610ba8578788fd5b610bb48e838f01610a8d565b9b5060208d0135915080821115610bc9578788fd5b610bd58e838f01610a8d565b9a5060408d0135915080821115610bea578788fd5b610bf68e838f01610946565b995060608d0135985060808d0135915080821115610c12578788fd5b610c1e8e838f016109bd565b975060a08d0135915080821115610c33578687fd5b50610c408d828e01610a24565b955050610c508c60c08d01610a82565b935060e08b01359250610c678c6101008d0161093b565b91506101208b013590509295989b9194979a5092959850565b6001600160a01b03169052565b6000815180845260208085019450808401835b83811015610cc55781516001600160a01b031687529582019590820190600101610ca0565b509495945050505050565b6000815180845260208085019450808401835b83811015610cc557815187529582019590820190600101610ce3565b15159052565b60008151808452815b81811015610d2a57602081850181015186830182015201610d0e565b81811115610d3b5782602083870101525b50601f01601f19169290920160200192915050565b9182526001600160e01b031916602082015260240190565b6001600160a01b0392831681529116602082015260400190565b901515815260200190565b90815260200190565b9283526001600160a01b03918216602084015216604082015260600190565b60006020825261089c6020830184610d05565b6001600160a01b0391909116815260200190565b600060208252610df0602083018451610c80565b6020830151610e026040840182610c80565b5060408301516101c0806060850152610e1f6101e0850183610d05565b91506060850151601f1980868503016080870152610e3d8483610d05565b935060808701519150808685030160a0870152610e5a8483610c8d565b935060a08701519150808685030160c0870152610e778483610c8d565b935060c08701519150808685030160e0870152610e948483610cd0565b935060e08701519150610100610eac81880184610cff565b8701516101208781019190915287015161014080880191909152870151610160808801919091528701516101808088019190915287015191506101a0610ef481880184610c80565b870151868503909101838701529050610f0d8382610d05565b9695505050505050565b918252602082015260400190565b60405181810167ffffffffffffffff81118282101715610f4457600080fd5b604052919050565b600067ffffffffffffffff821115610f62578081fd5b5060209081020190565b6001600160a01b038116811461073e57600080fd5b801515811461073e57600080fdfea26469706673582212207fea1918c566738a17cd913a3738966f97bbd915006028a8cb15347a6bbdbb4464736f6c634300070100336104e06040523480156200001257600080fd5b5060405162007dcc38038062007dcc833981016040819052620000359162001a28565b6020810151600019620000488362000ca1565b620000538462000cda565b8461010001518560000151600087604001518860600151620000808a608001513062000d2560201b60201c565b8a60800151516001016001600160401b03811180156200009f57600080fd5b50604051908082528060200260200182016040528015620000ca578160200160208202803683370190505b508b61012001518c61014001518d61016001518e6101800151828289898d85336001600160a01b031660001b8480604051806040016040528060018152602001603160f81b815250878781600390805190602001906200012c92919062001711565b5080516200014290600490602084019062001711565b50506005805460ff19166012179055508151602092830120608052805191012060a052507f8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f60c05260e0526001600160601b0319606091821b81166101005291901b166101205250620001c19050630966018083111561019462000ebf565b620001d66301e1338082111561019562000ebf565b4290910161014081905201610160528551620001f8906002111560c862000ebf565b620002126200020662000ed4565b8751111560c962000ebf565b620002288662000ed960201b620015b01760201c565b620002338462000ee5565b6040516309b2760f60e01b81526000906001600160a01b038c16906309b2760f9062000264908d9060040162001c9c565b602060405180830381600087803b1580156200027f57600080fd5b505af115801562000294573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190620002ba9190620019f0565b604051633354e3e960e11b81529091506001600160a01b038c16906366a9c7d290620002ef9084908b908b9060040162001c00565b600060405180830381600087803b1580156200030a57600080fd5b505af11580156200031f573d6000803e3d6000fd5b505050508061018081815250508a6001600160a01b031663d2946c2b6040518163ffffffff1660e01b815260040160206040518083038186803b1580156200036657600080fd5b505afa1580156200037b573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190620003a1919062001a09565b60601b6001600160601b0319166101a05250620003d3995050506001891015965061012c955062000ebf945050505050565b620003e661138882111561012d62000ebf565b600062000401826103e862000f7960201b620015ba1760201c565b90506200040e8162000fa8565b5050805151620004236002821160c862000ebf565b620004426001820383602001515162000fe760201b620015e51760201c565b6101c0819052815180516000906200045657fe5b60200260200101516001600160a01b0316610200816001600160a01b031660601b8152505081600001516001815181106200048d57fe5b60200260200101516001600160a01b0316610220816001600160a01b031660601b815250508160000151600281518110620004c457fe5b60200260200101516001600160a01b0316610240816001600160a01b031660601b8152505060038111620004fa57600062000513565b8151805160039081106200050a57fe5b60200260200101515b60601b6001600160601b0319166102605260048111620005355760006200054e565b8151805160049081106200054557fe5b60200260200101515b60601b6001600160601b03191661028052600581116200057057600062000589565b8151805160059081106200058057fe5b60200260200101515b60601b6001600160601b0319166102a05281518051620005c29190600090620005ae57fe5b602002602001015162000ff660201b60201c565b6102c05281518051620005dc91906001908110620005ae57fe5b6102e05281518051620005f691906002908110620005ae57fe5b61030052600381116200060b57600062000621565b620006218260000151600381518110620005ae57fe5b6103205260048111620006365760006200064c565b6200064c8260000151600481518110620005ae57fe5b61034052600581116200066157600062000677565b620006778260000151600581518110620005ae57fe5b61036052815151600019015b600081118015620006b457508251805130919083908110620006a157fe5b60200260200101516001600160a01b0316115b15620006c4576000190162000683565b6101e08190528251516060906001600160401b0381118015620006e657600080fd5b5060405190808252806020026020018201604052801562000711578160200160208202803683370190505b5090506000805b8551518110156200084d57838110156200077857856020015181815181106200073d57fe5b60200260200101518382815181106200075257fe5b60200260200101906001600160a01b031690816001600160a01b0316815250506200079a565b8381146200079457856020015160018203815181106200073d57fe5b62000844565b620007e360006001600160a01b0316848381518110620007b657fe5b60200260200101516001600160a01b031614158260060184620010c560201b620015f2179092919060201c565b9150856040015180156200081e575060006001600160a01b03168382815181106200080a57fe5b60200260200101516001600160a01b031614155b1562000844576200084160018284620010c560201b620015f2179092919060201c565b91505b60010162000718565b506040850151151560f81b61046052815182906000906200086a57fe5b60200260200101516001600160a01b0316610380816001600160a01b031660601b81525050816001815181106200089d57fe5b60200260200101516001600160a01b03166103a0816001600160a01b031660601b8152505081600281518110620008d057fe5b60200260200101516001600160a01b03166103c0816001600160a01b031660601b815250506003825111620009075760006200091e565b816003815181106200091557fe5b60200260200101515b60601b6001600160601b0319166103e05281516004106200094157600062000958565b816004815181106200094f57fe5b60200260200101515b60601b6001600160601b0319166104005281516005106200097b57600062000992565b816005815181106200098957fe5b60200260200101515b60601b6001600160601b0319166104205261044052505082515160208085015151604086015151620009d395509293509190620010ee811b6200161917901c565b8051606090620009e4903062000d25565b8051909150600019015b60008111801562000a245750306001600160a01b031682828151811062000a1157fe5b60200260200101516001600160a01b0316115b1562000a345760001901620009ee565b6000805b84515181101562000b4d578281141562000a5157600191505b60208501518051828401916000918490811062000a6a57fe5b60200260200101516001600160a01b03161462000b435762000ac4818760200151848151811062000a9757fe5b60200260200101518860400151858151811062000ab057fe5b60200260200101516200110e60201b60201c565b8560200151828151811062000ad557fe5b60200260200101516001600160a01b0316817fdd6d1c9badb346de6925b358a472c937b41698d2632696759e43fd6527feeec48860400151858151811062000b1957fe5b602002602001015160405162000b30919062001cb1565b60405180910390a362000b438162001209565b5060010162000a38565b5050505050600019811460f881901b6104a0526001600160601b0319606084901b166104805262000b8083600262001248565b62000b8d83600362001248565b801562000ba75762000ba183600062001248565b62000c66565b60405163178b2b9360e21b815262000c3b906001600160a01b03851690635e2cae4c9062000bdb9060009060040162001cb1565b60206040518083038186803b15801562000bf457600080fd5b505afa15801562000c09573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019062000c2f9190620019f0565b83111561025862000ebf565b600060008051602062007dac8339815191528360405162000c5d919062001cb1565b60405180910390a25b8062000c73578162000c76565b60005b6104c0525050506101a0810151805162000c9991600d9160209091019062001711565b505062001d23565b62000cab62001792565b6040518060600160405280836080015181526020018360a0015181526020018360c0015181525090505b919050565b62000ce4620017b3565b604051806060016040528062000d0584608001513062000d2560201b60201c565b81526020018360a0015181526020018360e0015115158152509050919050565b606082516001016001600160401b038111801562000d4257600080fd5b5060405190808252806020026020018201604052801562000d6d578160200160208202803683370190505b50905082516000141562000db057818160008151811062000d8a57fe5b60200260200101906001600160a01b031690816001600160a01b03168152505062000eb9565b82515b60008111801562000dec5750826001600160a01b031684600183038151811062000dd957fe5b60200260200101516001600160a01b0316115b1562000e395783600182038151811062000e0257fe5b602002602001015182828151811062000e1757fe5b6001600160a01b03909216602092830291909101909101526000190162000db3565b60005b8181101562000e885784818151811062000e5257fe5b602002602001015183828151811062000e6757fe5b6001600160a01b039092166020928302919091019091015260010162000e3c565b508282828151811062000e9757fe5b60200260200101906001600160a01b031690816001600160a01b031681525050505b92915050565b8162000ed05762000ed081620013f3565b5050565b600690565b8062000ed08162001408565b62000efe62000ef36200148f565b82101560cb62000ebf565b62000f1762000f0c62001498565b82111560ca62000ebf565b62000f398160c0603f600854620014a460201b6200163617909392919060201c565b6008556040517fa9ba3ffe0b6c366b81232caab38605a0699ad5398d6cce76f91ee809e322dafc9062000f6e90839062001cb1565b60405180910390a150565b600082820262000fa184158062000f9957508385838162000f9657fe5b04145b600362000ebf565b9392505050565b62000fb681804280620014c9565b7fa0d01593e47e69d07e0ccd87bece09411e07dd1ed40ca8f2e7af2976542a02338160405162000f6e919062001cb1565b62000ed0828214606762000ebf565b60006001600160a01b0382163014156200101a5750670de0b6b3a764000062000cd5565b6000826001600160a01b031663313ce5676040518163ffffffff1660e01b815260040160206040518083038186803b1580156200105657600080fd5b505afa1580156200106b573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019062001091919062001bdd565b60ff1690506000620010b06012836200153c60201b6200165e1760201c565b600a0a670de0b6b3a764000002949350505050565b60006001821b1984168284620010dd576000620010e0565b60015b60ff16901b17949350505050565b6200110982841480156200110157508183145b606762000ebf565b505050565b6000826001600160a01b031663679aefce6040518163ffffffff1660e01b815260040160206040518083038186803b1580156200114a57600080fd5b505afa1580156200115f573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190620011859190620019f0565b6000858152600a6020908152604090912054919250620011b4908290849086906200167462001554821b17901c565b6000868152600a602052604090819020919091555185907fb77a83204ca282e08dc3a65b0a1ca32ea4e6875c38ef0bf5bf75e52a67354fac90620011fa90859062001cb1565b60405180910390a25050505050565b6000818152600a60209081526040909120549062001232908290620016ac620015b0821b17901c565b6000928352600a60205260409092209190915550565b604051631a7c326360e01b81526000906001600160a01b03841690631a7c3263906200127990859060040162001cb1565b60206040518083038186803b1580156200129257600080fd5b505afa158015620012a7573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190620012cd9190620019f0565b9050816200131157620012eb81620015db60201b620016c41760201c565b600b80546001600160401b0319166001600160401b0392909216919091179055620013c5565b600282141562001367576200133181620015db60201b620016c41760201c565b600b80546001600160401b03929092166801000000000000000002600160401b600160801b0319909216919091179055620013c5565b6003821415620013b8576200138781620015db60201b620016c41760201c565b600b80546001600160401b0392909216600160801b02600160801b600160c01b0319909216919091179055620013c5565b620013c56101bb620013f3565b8160008051602062007dac83398151915282604051620013e6919062001cb1565b60405180910390a2505050565b62001405816210905360ea1b620015f9565b50565b600281511015620014195762001405565b6000816000815181106200142957fe5b602002602001015190506000600190505b8251811015620011095760008382815181106200145357fe5b6020026020010151905062001484816001600160a01b0316846001600160a01b031610606562000ebf60201b60201c565b91506001016200143a565b64e8d4a5100090565b67016345785d8a000090565b6000620014b38484846200165a565b506001901b60001901811b1992909216911b1790565b620014e38160c06040620016b560201b620016e11760201c565b620014fd8360806040620016b560201b620016e11760201c565b6200151685604080620016b560201b620016e11760201c565b620015308760006040620016b560201b620016e11760201c565b17171760095550505050565b60006200154e83831115600162000ebf565b50900390565b600062001569606084901c1561014962000ebf565b620015a842830160e06020620015928660c083838c8c6000606062001636620014a4871b17861c565b620014a460201b6200163617909392919060201c565b949350505050565b600062000eb9620015c183620016ca565b60608085620014a460201b6200163617909392919060201c565b6000620015f56001600160401b038311156101ba62000ebf565b5090565b62461bcd60e51b600090815260206004526007602452600a808404818106603090810160081b958390069590950190829004918206850160101b01602363ffffff0060e086901c160160181b0190930160c81b60445260e882901c90606490fd5b6200166b6101008310606462000ebf565b620016a4600182101580156200169c57506200169860ff8461010003620016ea60201b620016f41760201c565b8211155b606462000ebf565b6200110983821c156101b462000ebf565b6000620016c48484846200165a565b50501b90565b600062000eb960006060846200170260201b6200170a179092919060201c565b6000818310620016fb578162000fa1565b5090919050565b6001901b6000190191901c1690565b828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f106200175457805160ff191683800117855562001784565b8280016001018555821562001784579182015b828111156200178457825182559160200191906001019062001767565b50620015f5929150620017d6565b60405180606001604052806060815260200160608152602001606081525090565b604051806060016040528060608152602001606081526020016000151581525090565b5b80821115620015f55760008155600101620017d7565b805162000eb98162001d0d565b600082601f8301126200180b578081fd5b8151620018226200181c8262001ce1565b62001cba565b8181529150602080830190848101818402860182018710156200184457600080fd5b60005b84811015620018705781516200185d8162001d0d565b8452928201929082019060010162001847565b505050505092915050565b600082601f8301126200188c578081fd5b81516200189d6200181c8262001ce1565b818152915060208083019084810181840286018201871015620018bf57600080fd5b60005b8481101562001870578151620018d88162001d0d565b84529282019290820190600101620018c2565b600082601f830112620018fc578081fd5b81516200190d6200181c8262001ce1565b8181529150602080830190848101818402860182018710156200192f57600080fd5b60005b84811015620018705781518452928201929082019060010162001932565b8051801515811462000eb957600080fd5b600082601f83011262001972578081fd5b81516001600160401b0381111562001988578182fd5b60206200199e601f8301601f1916820162001cba565b92508183528481838601011115620019b557600080fd5b60005b82811015620019d5578481018201518482018301528101620019b8565b82811115620019e75760008284860101525b50505092915050565b60006020828403121562001a02578081fd5b5051919050565b60006020828403121562001a1b578081fd5b815162000fa18162001d0d565b60006020828403121562001a3a578081fd5b81516001600160401b038082111562001a51578283fd5b81840191506101c080838703121562001a68578384fd5b62001a738162001cba565b905062001a818684620017ed565b815262001a928660208501620017ed565b602082015260408301518281111562001aa9578485fd5b62001ab78782860162001961565b60408301525060608301518281111562001acf578485fd5b62001add8782860162001961565b60608301525060808301518281111562001af5578485fd5b62001b0387828601620017fa565b60808301525060a08301518281111562001b1b578485fd5b62001b29878286016200187b565b60a08301525060c08301518281111562001b41578485fd5b62001b4f87828601620018eb565b60c08301525062001b648660e0850162001950565b60e0820152610100838101519082015261012080840151908201526101408084015190820152610160808401519082015261018062001ba687828601620017ed565b908201526101a0838101518381111562001bbe578586fd5b62001bcc8882870162001961565b918301919091525095945050505050565b60006020828403121562001bef578081fd5b815160ff8116811462000fa1578182fd5b60006060820185835260206060818501528186518084526080860191508288019350845b8181101562001c4c5762001c39855162001d01565b8352938301939183019160010162001c24565b505084810360408601528551808252908201925081860190845b8181101562001c8e5762001c7b835162001d01565b8552938301939183019160010162001c66565b509298975050505050505050565b602081016003831062001cab57fe5b91905290565b90815260200190565b6040518181016001600160401b038111828210171562001cd957600080fd5b604052919050565b60006001600160401b0382111562001cf7578081fd5b5060209081020190565b6001600160a01b031690565b6001600160a01b03811681146200140557600080fd5b60805160a05160c05160e0516101005160601c6101205160601c6101405161016051610180516101a05160601c6101c0516101e0516102005160601c6102205160601c6102405160601c6102605160601c6102805160601c6102a05160601c6102c0516102e051610300516103205161034051610360516103805160601c6103a05160601c6103c05160601c6103e05160601c6104005160601c6104205160601c610440516104605160f81c6104805160601c6104a05160f81c6104c051615ed862001ed460003980610e4052508061091d52508061089d52806108c852806108f3525080610fef5280611277525080612b23525080611c87525080611c57525080611c27525080611bf7525080611bc7525080611b97525080612fb6525080612f86525080612f56525080612f26525080612ef6525080612ec6525080611f82525080611f40525080611efe525080611ebc525080611e7a525080611e385250806110805250806117395250806112d3525080610bff525080611b6b525080611b4752508061118052508061115c5250806110b8525080612d34525080612d76525080612d555250615ed86000f3fe608060405234801561001057600080fd5b50600436106103835760003560e01c806370464016116101de57806395d89b411161010f578063d2946c2b116100ad578063ddf4627b1161007c578063ddf4627b146106f6578063eb0f24d6146106fe578063ed24911d14610706578063f4b7964d1461070e57610383565b8063d2946c2b146106b5578063d505accf146106bd578063d5c096c4146106d0578063dd62ed3e146106e357610383565b8063aaabadc5116100e9578063aaabadc51461068a578063ab7759f114610692578063b35056b8146106a5578063b7b814fc146106ad57610383565b806395d89b411461065c578063a457c2d714610664578063a9059cbb1461067757610383565b80638456cb591161017c57806387ec68171161015657806387ec681714610619578063893d20e81461062c5780638d928af81461064157806390193b7c1461064957610383565b80638456cb59146105f6578063851c1bb3146105fe578063876f303b1461061157610383565b806377151bee116101b857806377151bee146105b05780637ecebe00146105b85780637f1260d1146105cb57806382687a56146105ee57610383565b8063704640161461056957806370a082311461057c57806374f3b0091461058f57610383565b80633644e515116102b857806354a844ba1161025657806355c676281161023057806355c67628146105215780636028bfd414610529578063679aefce1461054a5780636daccffa1461055257610383565b806354a844ba146104fe57806354dea00a1461050657806354fd4d501461051957610383565b8063395093511161029257806339509351146104ba5780633c975d51146104cd5780633f4ba83a146104e357806350dd6ed9146104eb57610383565b80633644e5151461049757806338e9922e1461049f57806338fff2d0146104b257610383565b80631c0de0511161032557806323b872dd116102ff57806323b872dd146104495780632df2c7c01461045c5780632f1a0bc91461046f578063313ce5671461048257610383565b80631c0de051146104085780631dd746ea1461041f578063238a2d591461043457610383565b8063095ea7b311610361578063095ea7b3146103ce5780630da0669c146103ee57806315b0015b146103f857806318160ddd1461040057610383565b806301ec954a1461038857806304842d4c146103b157806306fdde03146103b9575b600080fd5b61039b6103963660046158c7565b610721565b6040516103a89190615ce8565b60405180910390f35b61039b6107c7565b6103c16107d6565b6040516103a89190615dbe565b6103e16103dc366004615504565b61086c565b6040516103a89190615cc5565b6103f6610883565b005b6103e161091b565b61039b61093f565b610410610945565b6040516103a893929190615cd0565b61042761096e565b6040516103a89190615c8d565b61043c610978565b6040516103a89190615ba9565b6103e1610457366004615454565b610a13565b6103f661046a366004615400565b610a87565b6103f661047d366004615a16565b610aeb565b61048a610bce565b6040516103a89190615e29565b61039b610bd7565b6103f66104ad3660046159e6565b610be1565b61039b610bfd565b6103e16104c8366004615504565b610c21565b6104d5610c5c565b6040516103a8929190615e00565b6103f6610c87565b6103f66104f9366004615702565b610c99565b6103f6610cb7565b61039b610514366004615400565b610cc9565b6103c1610ce4565b61039b610d45565b61053c61053736600461561b565b610d58565b6040516103a8929190615dd1565b61039b610d8f565b61055a610dfb565b6040516103a893929190615dea565b61039b6105773660046159e6565b610e16565b61039b61058a366004615400565b610ecf565b6105a261059d36600461561b565b610eea565b6040516103a8929190615ca0565b6103e1610fed565b61039b6105c6366004615400565b611011565b6105de6105d9366004615400565b61101c565b6040516103a89493929190615e0e565b61039b61107e565b6103f66110a2565b61039b61060c3660046156be565b6110b4565b61039b611106565b61053c61062736600461561b565b611134565b61063461115a565b6040516103a89190615b95565b61063461117e565b61039b610657366004615400565b6111a2565b6103c16111bd565b6103e1610672366004615504565b61121e565b6103e1610685366004615504565b61125c565b610634611269565b6103e16106a0366004615400565b611273565b6103e16112ae565b6103f66112bf565b6106346112d1565b6103f66106cb366004615494565b6112f5565b6105a26106de36600461561b565b611380565b61039b6106f136600461541c565b6114a3565b61039b6114e0565b6103f66114e6565b61039b611512565b6103f661071c366004615504565b61151c565b6000846080015161074e61073361117e565b6001600160a01b0316336001600160a01b03161460cd611719565b610763610759610bfd565b82146101f4611719565b61076b611727565b61077d8484610778611737565b61175b565b6060610787611773565b905060008751600181111561079857fe5b146107af576107aa878787878561180c565b6107bc565b6107bc8787878785611865565b979650505050505050565b60006107d16118a0565b905090565b60038054604080516020601f60026000196101006001881615020190951694909404938401819004810282018101909252828152606093909290918301828280156108625780601f1061083757610100808354040283529160200191610862565b820191906000526020600020905b81548152906001019060200180831161084557829003601f168201915b5050505050905090565b60006108793384846118a7565b5060015b92915050565b61088b61190f565b61089361091b565b156108c3576108c37f00000000000000000000000000000000000000000000000000000000000000006000611984565b6108ee7f00000000000000000000000000000000000000000000000000000000000000006002611984565b6109197f00000000000000000000000000000000000000000000000000000000000000006003611984565b565b7f000000000000000000000000000000000000000000000000000000000000000090565b60025490565b6000806000610952611b28565b15925061095d611b45565b9150610967611b69565b9050909192565b60606107d1611773565b60606000610984611737565b905060608167ffffffffffffffff8111801561099f57600080fd5b506040519080825280602002602001820160405280156109c9578160200160208202803683370190505b50905060005b82811015610a0c576109e081611b8d565b8282815181106109ec57fe5b6001600160a01b03909216602092830291909101909101526001016109cf565b5091505090565b600080610a2085336114a3565b9050610a44336001600160a01b0387161480610a3c5750838210155b61019e611719565b610a4f858585611cb6565b336001600160a01b03861614801590610a6a57506000198114155b15610a7c57610a7c85338584036118a7565b506001949350505050565b610a8f611d96565b6000610a9a82611e34565b90506000610aa782611b8d565b9050610ac06001600160a01b0382161515610155611719565b6000828152600a6020526040812054610ad890611fc2565b9050610ae5838383611fd1565b50505050565b610af36120b4565b610b03600183101561012c611719565b610b1461138883111561012d611719565b6000610b20824261165e565b9050610b346201518082101561013d611719565b600080610b3f6120e2565b91509150610b50811561013e611719565b6000610b5e866103e86115ba565b90506000838211610b8d57610b88610b7962015180866115ba565b610b8384886115ba565b612156565b610ba7565b610ba7610b9d62015180846115ba565b610b8386886115ba565b9050610bb9600282111561013f611719565b610bc584834289612189565b50505050505050565b60055460ff1690565b60006107d1611512565b610be96120b4565b610bf16121d8565b610bfa816121eb565b50565b7f000000000000000000000000000000000000000000000000000000000000000090565b3360008181526001602090815260408083206001600160a01b03871684529091528120549091610879918590610c579086612264565b6118a7565b600c546000908190610c718160e9601761170a565b9250610c8081600060e961170a565b9150509091565b610c8f6120b4565b6109196000612276565b610ca16120b4565b610ca96121d8565b610cb382826122e9565b5050565b610cbf6120b4565b61091960016123de565b6000610cdc610cd783611e34565b612435565b90505b919050565b600d8054604080516020601f60026000196101006001881615020190951694909404938401819004810282018101909252828152606093909290918301828280156108625780601f1061083757610100808354040283529160200191610862565b6008546000906107d19060c0603f61170a565b60006060610d6e8651610d69611737565b6115e5565b610d83898989898989896124886124aa612513565b97509795505050505050565b60006060600080600080610da161263d565b9398509196509450925090506000610db98585612264565b90506000610dc56120e2565b5090506000848214610de057610ddb828961272d565b610de2565b835b9050610dee818461288f565b9850505050505050505090565b6000806000610e086120e2565b90949093506103e892509050565b6000610e206112ae565b15610e2d57506000610cdf565b81610e7957610e3a61091b565b610e64577f0000000000000000000000000000000000000000000000000000000000000000610e72565b600b5467ffffffffffffffff165b9050610cdf565b6002821415610ea15750600b5468010000000000000000900467ffffffffffffffff16610cdf565b6003821415610ec45750600b54600160801b900467ffffffffffffffff16610cdf565b610cdf6101bb6128e0565b6001600160a01b031660009081526020819052604090205490565b60608088610ef961073361117e565b610f04610759610bfd565b60606000610f11866128f0565b15610f3957610f1e61291f565b610f3089610f2a61093f565b88612932565b92509050610f8b565b610f41611727565b6060610f4b611773565b9050610f578a82612977565b610f7b8d8d8d8d8d610f676112ae565b610f71578d610f74565b60005b878e612488565b93509150610f8983826124aa565b505b610f958b826129e0565b81895167ffffffffffffffff81118015610fae57600080fd5b50604051908082528060200260200182016040528015610fd8578160200160208202803683370190505b509450945050505b5097509795505050505050565b7f000000000000000000000000000000000000000000000000000000000000000090565b6000610cdc826111a2565b6000806000806000600a600061103188611e34565b81526020810191909152604001600020549050611052811515610155611719565b61105b816129ea565b9450611066816129f8565b935061107181612a06565b9597949650949392505050565b7f000000000000000000000000000000000000000000000000000000000000000090565b6110aa6120b4565b6109196001612276565b60007f0000000000000000000000000000000000000000000000000000000000000000826040516020016110e9929190615b52565b604051602081830303815290604052805190602001209050919050565b600080600061111361263d565b5050925092505061112d818361226490919063ffffffff16565b9250505090565b600060606111458651610d69611737565b610d8389898989898989612a28612a39612513565b7f000000000000000000000000000000000000000000000000000000000000000090565b7f000000000000000000000000000000000000000000000000000000000000000090565b6001600160a01b031660009081526006602052604090205490565b60048054604080516020601f60026000196101006001881615020190951694909404938401819004810282018101909252828152606093909290918301828280156108625780601f1061083757610100808354040283529160200191610862565b60008061122b33856114a3565b905080831061124557611240338560006118a7565b611252565b61125233858584036118a7565b5060019392505050565b6000610879338484611cb6565b60006107d1612aa2565b60007f00000000000000000000000000000000000000000000000000000000000000008015610cdc5750610cdc6112a983611e34565b612b1c565b6008546000906107d19060ff612b47565b6112c76120b4565b61091960006123de565b7f000000000000000000000000000000000000000000000000000000000000000090565b60007f6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c98888886113248c6111a2565b8960405160200161133a96959493929190615d10565b60405160208183030381529060405280519060200120905061136b8882611362878787612b51565b886101f8612b90565b6113768888886118a7565b5050505050505050565b6060808861138f61073361117e565b61139a610759610bfd565b6113a2611727565b60606113ac611773565b90506113b661093f565b61146357600060606113cb8d8d8d868b612be7565b915091506113e46113da6118a0565b83101560cc611719565b6113f660006113f16118a0565b612cc0565b6114098b6114026118a0565b8403612cc0565b6114138184612a39565b808a5167ffffffffffffffff8111801561142c57600080fd5b50604051908082528060200260200182016040528015611456578160200160208202803683370190505b5095509550505050610fe0565b61146d8882612977565b600060606114958d8d8d8d8d6114816112ae565b61148b578d61148e565b60005b898e612a28565b915091506114098b83612cc0565b60006114ad61117e565b6001600160a01b0316826001600160a01b031614156114cf575060001961087d565b6114d98383612cca565b905061087d565b60001981565b6114ee6120b4565b6000806114f96120e2565b9150915061150981610140611719565b610cb382612cf5565b60006107d1612d30565b6115246120b4565b61152c611d96565b600061153783611e34565b9050600061154482611b8d565b905061155d6001600160a01b0382161515610155611719565b611568828285611fd1565b806001600160a01b0316827fdd6d1c9badb346de6925b358a472c937b41698d2632696759e43fd6527feeec4856040516115a29190615ce8565b60405180910390a350505050565b80610cb381612dcd565b60008282026115de8415806115d75750838583816115d457fe5b04145b6003611719565b9392505050565b610cb38183146067611719565b60006001821b198416828461160857600061160b565b60015b60ff16901b17949350505050565b611631828414801561162a57508183145b6067611719565b505050565b6000611643848484612e46565b5082821b6000196001831b01831b198516175b949350505050565b600061166e838311156001611719565b50900390565b6000611687606084901c15610149611719565b61165642830160e060206116a48660c083838c8c60006060611636565b929190611636565b6000610cdc6116ba836129ea565b8390606080611636565b60006116dd67ffffffffffffffff8311156101ba611719565b5090565b60006116ee848484612e46565b50501b90565b600081831061170357816115de565b5090919050565b6001901b6000190191901c1690565b81610cb357610cb3816128e0565b61172f612e8c565b610919612e94565b7f000000000000000000000000000000000000000000000000000000000000000090565b611631818410801561176c57508183105b6064611719565b6060600061177f611737565b905060608167ffffffffffffffff8111801561179a57600080fd5b506040519080825280602002602001820160405280156117c4578160200160208202803683370190505b50905060005b82811015610a0c576117ed6117de82612435565b6117e783612ebc565b90612fda565b8282815181106117f957fe5b60209081029190910101526001016117ca565b60208501516000906001600160a01b0316301480611836575060408601516001600160a01b031630145b61184c576118478686868686613006565b611859565b6118598686868686613070565b90505b95945050505050565b60208501516000906001600160a01b031630148061188f575060408601516001600160a01b031630145b61184c576118478686868686613174565b620f424090565b6001600160a01b0380841660008181526001602090815260408083209487168084529490915290819020849055517f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b92590611902908590615ce8565b60405180910390a3505050565b611917611d96565b61191f6121d8565b6060600080600061192e61263d565b945094509450509350600083111561194957611949836131cb565b60006119536120e2565b509050600083821461196e57611969828761272d565b611970565b825b905061197c82826131dc565b505050505050565b604051631a7c326360e01b81526000906001600160a01b03841690631a7c3263906119b3908590600401615ce8565b60206040518083038186803b1580156119cb57600080fd5b505afa1580156119df573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190611a0391906159fe565b905081611a3a57611a13816116c4565b600b805467ffffffffffffffff191667ffffffffffffffff92909216919091179055611aeb565b6002821415611a8857611a4c816116c4565b600b805467ffffffffffffffff9290921668010000000000000000026fffffffffffffffff000000000000000019909216919091179055611aeb565b6003821415611ae057611a9a816116c4565b600b805467ffffffffffffffff92909216600160801b027fffffffffffffffff0000000000000000ffffffffffffffffffffffffffffffff909216919091179055611aeb565b611aeb6101bb6128e0565b817f6bfb689528fa96ec1ad670ad6d6064be1ae96bfd5d2ee35c837fd0fe0c11959a82604051611b1b9190615ce8565b60405180910390a2505050565b6000611b32611b69565b4211806107d157505060075460ff161590565b7f000000000000000000000000000000000000000000000000000000000000000090565b7f000000000000000000000000000000000000000000000000000000000000000090565b600081611bbb57507f0000000000000000000000000000000000000000000000000000000000000000610cdf565b8160011415611beb57507f0000000000000000000000000000000000000000000000000000000000000000610cdf565b8160021415611c1b57507f0000000000000000000000000000000000000000000000000000000000000000610cdf565b8160031415611c4b57507f0000000000000000000000000000000000000000000000000000000000000000610cdf565b8160041415611c7b57507f0000000000000000000000000000000000000000000000000000000000000000610cdf565b8160051415611cab57507f0000000000000000000000000000000000000000000000000000000000000000610cdf565b610cdf6101356128e0565b611ccd6001600160a01b0384161515610198611719565b611ce46001600160a01b0383161515610199611719565b611cef838383611631565b6001600160a01b038316600090815260208190526040902054611d1590826101a0613202565b6001600160a01b038085166000908152602081905260408082209390935590841681522054611d449082612264565b6001600160a01b0380841660008181526020819052604090819020939093559151908516907fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef90611902908590615ce8565b60408051600080825260208201909252606091611dc9565b611db661526c565b815260200190600190039081611dae5790505b509050611dd461117e565b6001600160a01b0316630e8e3e84826040518263ffffffff1660e01b8152600401611dff9190615bf6565b600060405180830381600087803b158015611e1957600080fd5b505af1158015611e2d573d6000803e3d6000fd5b5050505050565b60007f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316826001600160a01b03161415611e7857506000610cdf565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316826001600160a01b03161415611eba57506001610cdf565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316826001600160a01b03161415611efc57506002610cdf565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316826001600160a01b03161415611f3e57506003610cdf565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316826001600160a01b03161415611f8057506004610cdf565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316826001600160a01b03161415611cab57506005610cdf565b6000610cdc8260c0602061170a565b6000826001600160a01b031663679aefce6040518163ffffffff1660e01b815260040160206040518083038186803b15801561200c57600080fd5b505afa158015612020573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061204491906159fe565b6000858152600a6020526040902054909150612061818385611674565b6000868152600a602052604090819020919091555185907fb77a83204ca282e08dc3a65b0a1ca32ea4e6875c38ef0bf5bf75e52a67354fac906120a5908590615ce8565b60405180910390a25050505050565b60006120cb6000356001600160e01b0319166110b4565b9050610bfa6120da8233613218565b610191611719565b6000806000806000806120f3613301565b93509350935093508042101561214657600194508383111561212a57818103824203858503028161212057fe5b0484019550612141565b818103824203848603028161213b57fe5b04840395505b61214e565b600094508295505b505050509091565b60006121658215156004611719565b826121725750600061087d565b81600184038161217e57fe5b04600101905061087d565b61219584848484613360565b7f1835882ee7a34ac194f717a35e09bb1d24c82a3b9d854ab6c9749525b714cdf2848484846040516121ca9493929190615e0e565b60405180910390a150505050565b6109196121e3611b28565b610192611719565b6122006121f661339f565b82101560cb611719565b61221561220b6133a8565b82111560ca611719565b600854612226908260c0603f611636565b6008556040517fa9ba3ffe0b6c366b81232caab38605a0699ad5398d6cce76f91ee809e322dafc90612259908390615ce8565b60405180910390a150565b60008282016115de8482101583611719565b801561229657612291612287611b45565b4210610193611719565b6122ab565b6122ab6122a1611b69565b42106101a9611719565b6007805460ff19168215151790556040517f9e3a5e37224532dea67b89face185703738a228a6e8a23dee546960180d3be6490612259908390615cc5565b60006122f3610bfd565b905060006122ff61117e565b6001600160a01b031663b05f8e4883866040518363ffffffff1660e01b815260040161232c929190615d89565b60806040518083038186803b15801561234457600080fd5b505afa158015612358573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061237c9190615a37565b604051630639cdb560e21b81529094506001600160a01b03851693506318e736d492506123b0915085908790600401615d70565b600060405180830381600087803b1580156123ca57600080fd5b505af1158015611376573d6000803e3d6000fd5b6008546123ed908260ff6115f2565b6008556040517feff3d4d215b42bf0960be9c6d5e05c22cba4df6627a3a523e2acee733b5854c890612420908390615cc5565b60405180910390a180610bfa57610bfa6133b4565b600061243f61107e565b8214156124555750670de0b6b3a7640000610cdf565b6000828152600a6020526040902054801561247857612473816129ea565b6115de565b670de0b6b3a76400009392505050565b60006060612499600088868661348e565b915091509850989650505050505050565b815181516124b99082906115e5565b60005b81811015610ae5576124f48482815181106124d357fe5b60200260200101518483815181106124e757fe5b602002602001015161288f565b84828151811061250057fe5b60209081029190910101526001016124bc565b3330146125d1576000306001600160a01b0316600036604051612537929190615b6a565b6000604051808303816000865af19150503d8060008114612574576040519150601f19603f3d011682016040523d82523d6000602084013e612579565b606091505b50509050806000811461258857fe5b60046000803e6000516001600160e01b0319166343adbafb60e01b81146125b3573d6000803e3d6000fd5b506020600460003e604060205260243d03602460403e601c3d016000f35b6125d9611727565b60606125e3611773565b90506125ef8782612977565b600060606126078c8c8c8c8c8c898d8d63ffffffff16565b9150915061261981848663ffffffff16565b8051601f1982018390526343adbafb603f1983015260200260231982016044820181fd5b6060600080600080606061264f61117e565b6001600160a01b031663f94d4668612665610bfd565b6040518263ffffffff1660e01b81526004016126819190615ce8565b60006040518083038186803b15801561269957600080fd5b505afa1580156126ad573d6000803e3d6000fd5b505050506040513d6000823e601f3d908101601f191682016040526126d5919081019061552f565b509150506126ea816126e5611773565b612977565b6126f38161353c565b965094506000612701610c5c565b90945090506000612713888684613575565b9450905061272187826135f1565b95505050509091929394565b80516000908190815b8181101561276e5761276485828151811061274d57fe5b60200260200101518461226490919063ffffffff16565b9250600101612736565b508161277f5760009250505061087d565b600082868302825b60ff811015612878578260005b868110156127d5576127cb6127a983876115ba565b6127c68c84815181106127b857fe5b60200260200101518a6115ba565b613609565b9150600101612794565b5083945061282e61280d6128076127ec848a6115ba565b6128016127f9888d6115ba565b6103e8613609565b90612264565b866115ba565b6127c661281d89600101856115ba565b6128016127f96103e889038a6115ba565b93508484111561285657600185850311612851578397505050505050505061087d565b61286f565b60018486031161286f578397505050505050505061087d565b50600101612787565b506128846101416128e0565b505050505092915050565b600061289e8215156004611719565b826128ab5750600061087d565b670de0b6b3a7640000838102906128ce908583816128c557fe5b04146005611719565b8281816128d757fe5b0491505061087d565b610bfa816210905360ea1b613629565b6000808251118015610cdc575060ff8016828060200190518101906129159190615a77565b60ff161492915050565b61091961292a6112ae565b6101b6611719565b60006060600060606129438761353c565b915091506000606061295683858961368a565b91509150816129668260006136b6565b95509550505050505b935093915050565b815181516129869082906115e5565b60005b81811015610ae5576129c18482815181106129a057fe5b60200260200101518483815181106129b457fe5b6020026020010151612fda565b8482815181106129cd57fe5b6020908102919091010152600101612989565b610cb38282613773565b6000610cdc8282606061170a565b6000610cdc8260608061170a565b600080612a1283611fc2565b9150612a218360e0602061170a565b9050915091565b60006060612499600188868661348e565b81518151612a489082906115e5565b60005b81811015610ae557612a83848281518110612a6257fe5b6020026020010151848381518110612a7657fe5b602002602001015161383f565b848281518110612a8f57fe5b6020908102919091010152600101612a4b565b6000612aac61117e565b6001600160a01b031663aaabadc56040518163ffffffff1660e01b815260040160206040518083038186803b158015612ae457600080fd5b505afa158015612af8573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906107d191906156e6565b6000610cdc7f0000000000000000000000000000000000000000000000000000000000000000600684015b1c60019081161490565b60408051604180825260808201909252606091829190602082018180368337019050509050836020820152826040820152846060820153949350505050565b6000612b9b8561388d565b9050612bb1612bab8783876138a9565b83611719565b612bc0428410156101b8611719565b5050506001600160a01b039092166000908152600660205260409020805460010190555050565b600060606000612bf684613958565b9050612c116000826003811115612c0957fe5b1460ce611719565b6060612c1c8561396e565b9050612c2a815187516115e5565b612c348187612977565b6000612c3e6120e2565b5090506060612c4c83613984565b90506000612c5a838361272d565b9050806000612c776d80000000000000000000000000008361165e565b9050612c838d82612cc0565b8086612c8d61107e565b81518110612c9757fe5b602002602001018181525050612cad85846131dc565b509c939b50929950505050505050505050565b610cb38282613a26565b6001600160a01b03918216600090815260016020908152604080832093909416825291909152205490565b612d0181824242613360565b7fa0d01593e47e69d07e0ccd87bece09411e07dd1ed40ca8f2e7af2976542a0233816040516122599190615ce8565b60007f00000000000000000000000000000000000000000000000000000000000000007f00000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000612d9d613ab3565b30604051602001612db2959493929190615d44565b60405160208183030381529060405280519060200120905090565b600281511015612ddc57610bfa565b600081600081518110612deb57fe5b602002602001015190506000600190505b8251811015611631576000838281518110612e1357fe5b60200260200101519050612e3c816001600160a01b0316846001600160a01b0316106065611719565b9150600101612dfc565b612e5561010083106064611719565b612e7d6001821015801561176c5750612e7360ff84610100036116f4565b8211156064611719565b61163183821c156101b4611719565b6109196121d8565b6000612e9e611737565b905060005b81811015610cb357612eb481613ab7565b600101612ea3565b600081612eea57507f0000000000000000000000000000000000000000000000000000000000000000610cdf565b8160011415612f1a57507f0000000000000000000000000000000000000000000000000000000000000000610cdf565b8160021415612f4a57507f0000000000000000000000000000000000000000000000000000000000000000610cdf565b8160031415612f7a57507f0000000000000000000000000000000000000000000000000000000000000000610cdf565b8160041415612faa57507f0000000000000000000000000000000000000000000000000000000000000000610cdf565b8160051415611cab57507f0000000000000000000000000000000000000000000000000000000000000000610cdf565b6000828202612ff48415806115d75750838583816115d457fe5b670de0b6b3a764000090049392505050565b60006130128583612977565b613033866060015183858151811061302657fe5b6020026020010151613b0b565b6060870152600061304687878787613b17565b90506130658184878151811061305857fe5b6020026020010151613b2b565b90506107bc81613b37565b600080808751600181111561308157fe5b14905061308e8684612977565b6130ae876060015184836130a257866130a4565b875b8151811061302657fe5b876060018181525050600060606000806130c78a613b53565b93509350935093506000806130da61107e565b8a14613100576130fb878e60600151876130f38e613bbc565b888b89613bf1565b61311b565b61311b878e60600151876131138f613bbc565b888b89613c2a565b9150915061312c8486858985613c4e565b8661314657613141828a8d8151811061305857fe5b613163565b613163828a8c8151811061315657fe5b6020026020010151613cce565b9d9c50505050505050505050505050565b60006131838660600151613cda565b60608701526131928583612977565b6131a6866060015183868151811061302657fe5b606087015260006131b987878787613cfb565b90506107bc8184868151811061315657fe5b610bfa6131d66112d1565b82612cc0565b6131e981600060e96116e1565b6131f68360e960176116e1565b17600c55610cb3613d0f565b60006132118484111583611719565b5050900390565b600073ba1ba1ba1ba1ba1ba1ba1ba1ba1ba1ba1ba1ba1b61323761115a565b6001600160a01b031614158015613252575061325283613d45565b1561327a5761325f61115a565b6001600160a01b0316336001600160a01b031614905061087d565b613282612aa2565b6001600160a01b0316639be2a8848484306040518463ffffffff1660e01b81526004016132b193929190615cf1565b60206040518083038186803b1580156132c957600080fd5b505afa1580156132dd573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906114d991906155fb565b6000806000806133206000604060095461170a9092919063ffffffff16565b6009549094506133329060408061170a565b600954909350613345906080604061170a565b6009549092506133589060c0604061170a565b905090919293565b61336d8160c060406116e1565b61337a83608060406116e1565b613386856040806116e1565b61339387600060406116e1565b17171760095550505050565b64e8d4a5100090565b67016345785d8a000090565b6133bc611d96565b60606133c661117e565b6001600160a01b031663f94d46686133dc610bfd565b6040518263ffffffff1660e01b81526004016133f89190615ce8565b60006040518083038186803b15801561341057600080fd5b505afa158015613424573d6000803e3d6000fd5b505050506040513d6000823e601f3d908101601f1916820160405261344c919081019061552f565b5091505061345c816126e5611773565b606061346782613984565b905060006134736120e2565b5090506000613482828461272d565b9050610ae582826131dc565b60006060600060606000806134a289613b53565b935093509350935061529c8a6134ba57613d506134be565b613de55b9050600060606134d6868689878f8f8963ffffffff16565b9150915061529c8d6134ea5761165e6134ee565b6122645b90506134fb878383613e63565b600061350b89858463ffffffff16565b905061351a8789888c85613c4e565b836135268460006136b6565b9a509a5050505050505050505094509492505050565b600060606135638361354c61107e565b8151811061355657fe5b6020026020010151613ed0565b61356c84613984565b91509150915091565b6000806000806000613588888888613ee4565b9250925092508581116135a35760009450925061296f915050565b85830383830360006135c16135b782610e16565b6117e7858761288f565b905060006135dc6135d26002610e16565b6117e7858861288f565b919091019b939a509298505050505050505050565b60006115de61360084846115ba565b6127c684613f55565b60006136188215156004611719565b81838161362157fe5b049392505050565b62461bcd60e51b600090815260206004526007602452600a808404818106603090810160081b958390069590950190829004918206850160101b01602363ffffff0060e086901c160160181b0190930160c81b60445260e882901c90606490fd5b60006060600061369984613f7b565b905060606136a8878784613f91565b919791965090945050505050565b6060825160010167ffffffffffffffff811180156136d357600080fd5b506040519080825280602002602001820160405280156136fd578160200160208202803683370190505b50905060005b815181101561376c5761371461107e565b811461374b578361372361107e565b82106137325760018203613734565b815b8151811061373e57fe5b602002602001015161374d565b825b82828151811061375957fe5b6020908102919091010152600101613703565b5092915050565b61378a6001600160a01b038316151561019b611719565b61379682600083611631565b6001600160a01b0382166000908152602081905260409020546137bc90826101b2613202565b6001600160a01b0383166000908152602081905260409020556137ef6137ea826137e461093f565b90614040565b61404e565b60006001600160a01b0316826001600160a01b03167fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef836040516138339190615ce8565b60405180910390a35050565b600061384e8215156004611719565b8261385b5750600061087d565b670de0b6b3a764000083810290613875908583816128c557fe5b82600182038161388157fe5b0460010191505061087d565b6000613897612d30565b826040516020016110e9929190615b7a565b60006138bb82516041146101b9611719565b60208281015160408085015160608601518251600080825295019283905292939092811a916001906138f4908990859088908890615da0565b6020604051602081039080840390855afa158015613916573d6000803e3d6000fd5b5050604051601f1901519150506001600160a01b0381161580159061394c5750876001600160a01b0316816001600160a01b0316145b98975050505050505050565b600081806020019051810190610cdc9190615811565b6060818060200190518101906115de919061582c565b606080600183510367ffffffffffffffff811180156139a257600080fd5b506040519080825280602002602001820160405280156139cc578160200160208202803683370190505b50905060005b815181101561376c57836139e461107e565b82106139f357816001016139f5565b815b815181106139ff57fe5b6020026020010151828281518110613a1357fe5b60209081029190910101526001016139d2565b613a3260008383611631565b613a416137ea8261280161093f565b6001600160a01b038216600090815260208190526040902054613a649082612264565b6001600160a01b0383166000818152602081905260408082209390935591519091907fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef90613833908590615ce8565b4690565b613abf61107e565b811415613acb57610bfa565b6000818152600a60205260409020548015610cb357600080613aec83612a06565b9150915080421115610ae557610ae584613b0586611b8d565b84611fd1565b60006115de8383612fda565b600061185c60008660600151868686614053565b60006115de838361383f565b6000610cdc613b4c613b47610d45565b613f55565b839061383f565b60006060600080600080613b65610c5c565b91509150600060606000613b7a8a86866140c5565b9250925092506000613b8a6120e2565b5090506000868214613ba557613ba0828561272d565b613ba7565b825b949c939b509099509297509095505050505050565b6000613bd3613bc961107e565b8314156064611719565b613bdb61107e565b82106116dd57613bec82600161165e565b610cdc565b60008088613c0c57613c0788888888888861411d565b613c1a565b613c1a8888888888886141f4565b9150915097509795505050505050565b60008088613c4057613c07888888888888614255565b613c1a8888888888886142bb565b6000613c5a868661272d565b90506000613c68838561288f565b90506000613c768683612fda565b905080831115613cc4578083036000613ca0613c9a83613c9584610e16565b6115ba565b86613609565b90508015613cc1576000613cb487836135f1565b9050613cbf816131cb565b505b50505b61137688846131dc565b60006115de838361288f565b600080613cef613ce8610d45565b849061436a565b90506115de838261165e565b600061185c60018660600151868686614053565b6000613d19611737565b905060005b81811015610cb357613d2f81612b1c565b15613d3d57613d3d816143a6565b600101613d1e565b6000610cdc826143d4565b600060606000613d5f846143df565b90506001816002811115613d6f57fe5b1415613d8d57613d8387878a8c89896143f5565b9250925050613dda565b6002816002811115613d9b57fe5b1415613dac57613d83878a86614454565b6000816002811115613dba57fe5b1415613dcd57613d8387878a8c88614472565b613dd86101506128e0565b505b965096945050505050565b600060606000613df484613958565b90506001816003811115613e0457fe5b1415613e1857613d8387878a8c8989614513565b6003816003811115613e2657fe5b1415613e3757613d83878a86614562565b6002816003811115613e4557fe5b1415613e5857613d8387878a8c88614580565b613dd86101366128e0565b82518251613e729082906115e5565b60005b81811015611e2d57613eb1858281518110613e8c57fe5b6020026020010151858381518110613ea057fe5b60200260200101518563ffffffff16565b858281518110613ebd57fe5b6020908102919091010152600101613e75565b6000610cdc82613ede61093f565b9061165e565b6000806000613ef3858761272d565b9050838111613f0757808192509250613f4c565b613f1985613f14886145fa565b61272d565b9250613f2581846116f4565b9250613f3184846146eb565b9250613f3b610fed565b15613f4857829150613f4c565b8091505b93509350939050565b6000670de0b6b3a76400008210613f6d576000610cdc565b50670de0b6b3a76400000390565b6000818060200190518101906115de9190615a93565b60606000613f9f838561288f565b9050845167ffffffffffffffff81118015613fb957600080fd5b50604051908082528060200260200182016040528015613fe3578160200160208202803683370190505b50915060005b8551811015614037576140188287838151811061400257fe5b6020026020010151612fda90919063ffffffff16565b83828151811061402457fe5b6020908102919091010152600101613fe9565b50509392505050565b60006115de83836001613202565b600255565b6000606061406085613984565b9050600061406d85613bbc565b9050600061407a85613bbc565b905060006140866120e2565b5090506000614095828661272d565b90508a156140b7576140ab828686868e866146fb565b9550505050505061185c565b6140ab828686868e86614786565b6000606060008060606140d78861353c565b915091506000806140e9838a8a613575565b9150915060006140f985846135f1565b9050801561410a5761410a816131cb565b9390930199919850919650945050505050565b6000806060875167ffffffffffffffff8111801561413a57600080fd5b50604051908082528060200260200182016040528015614164578160200160208202803683370190505b5090508881888151811061417457fe5b6020026020010181815250506000614197878a848989614192610d45565b614819565b90506141bf8a8a8a815181106141a957fe5b602002602001015161165e90919063ffffffff16565b8989815181106141cb57fe5b602090810291909101015260006141e2878361165e565b919b919a509098505050505050505050565b600080600061420f8689898c898961420a610d45565b614aa9565b9050614221818989815181106141a957fe5b88888151811061422d57fe5b60209081029190910101526000614244868b61165e565b919a91995090975050505050505050565b60008060006142708689898c898961426b610d45565b614b98565b90506142988189898151811061428257fe5b602002602001015161226490919063ffffffff16565b8888815181106142a457fe5b60209081029190910101526000614244868b612264565b6000806060875167ffffffffffffffff811180156142d857600080fd5b50604051908082528060200260200182016040528015614302578160200160208202803683370190505b5090508881888151811061431257fe5b6020026020010181815250506000614335878a848989614330610d45565b614c65565b90506143478a8a8a8151811061428257fe5b89898151811061435357fe5b602090810291909101015260006141e28783612264565b60008282026143848415806115d75750838583816115d457fe5b8061439357600091505061087d565b670de0b6b3a76400006000198201613881565b6000818152600a60205260409020546143be816116ac565b6000928352600a60205260409092209190915550565b6000610cdc82614ecf565b600081806020019051810190610cdc9190615750565b6000606080600061440585614ef2565b91509150614415825188516115e5565b614422826126e588613984565b60006144348989858e8e614192610d45565b90506144448282111560cf611719565b9a91995090975050505050505050565b60006060600061446384614f15565b905060606136a8868884613f91565b6000606060008061448285614f2b565b91509150614494865182106064611719565b6060865167ffffffffffffffff811180156144ae57600080fd5b506040519080825280602002602001820160405280156144d8578160200160208202803683370190505b5090506144ec888884868e8e61420a610d45565b8183815181106144f857fe5b60209081029190910101529199919850909650505050505050565b6000606080600061452385614f42565b91509150614533875183516115e5565b614540826126e588613984565b60006145528989858e8e614330610d45565b90506144448282101560d0611719565b60006060600061457184614f5a565b905060606136a8868389614f70565b600060606000806145908561500c565b915091506145a2865182106064611719565b6060865167ffffffffffffffff811180156145bc57600080fd5b506040519080825280602002602001820160405280156145e6578160200160208202803683370190505b5090506144ec888884868e8e61426b610d45565b8051606090818167ffffffffffffffff8111801561461757600080fd5b50604051908082528060200260200182016040528015614641578160200160208202803683370190505b50905060005b828110156146e357600061465961107e565b821015614666578161466b565b816001015b905061467681612b1c565b6146935785828151811061468657fe5b60200260200101516146c3565b6146c38683815181106146a257fe5b6020026020010151600a600084815260200190815260200160002054615023565b8383815181106146cf57fe5b602090810291909101015250600101614647565b509392505050565b60008183101561170357816115de565b600061470d8387878151811061428257fe5b86868151811061471957fe5b60200260200101818152505060006147338888858861503e565b90508387878151811061474257fe5b60200260200101510387878151811061475757fe5b6020026020010181815250506147786001613ede838a89815181106141a957fe5b9150505b9695505050505050565b6000614798838786815181106141a957fe5b8685815181106147a457fe5b60200260200101818152505060006147be8888858961503e565b9050838786815181106147cd57fe5b6020026020010151018786815181106147e257fe5b602002602001018181525050614778600161280189898151811061480257fe5b60200260200101518461165e90919063ffffffff16565b600080805b87518110156148575761484d88828151811061483657fe5b60200260200101518361226490919063ffffffff16565b915060010161481e565b506060865167ffffffffffffffff8111801561487257600080fd5b5060405190808252806020026020018201604052801561489c578160200160208202803683370190505b5090506000805b89518110156149695760006148d4858c84815181106148be57fe5b602002602001015161383f90919063ffffffff16565b90506149168b83815181106148e557fe5b60200260200101516149108c85815181106148fc57fe5b60200260200101518e86815181106141a957fe5b9061383f565b84838151811061492257fe5b60200260200101818152505061495e6149578286858151811061494157fe5b602002602001015161436a90919063ffffffff16565b8490612264565b9250506001016148a3565b506060895167ffffffffffffffff8111801561498457600080fd5b506040519080825280602002602001820160405280156149ae578160200160208202803683370190505b50905060005b8a51811015614a795760008482815181106149cb57fe5b6020026020010151841115614a325760006149f46149e886613f55565b8e858151811061400257fe5b90506000614a08828e86815181106141a957fe5b9050614a29614a2282670de0b6b3a76400008d900361383f565b8390612264565b92505050614a49565b8a8281518110614a3e57fe5b602002602001015190505b614a59818d84815181106141a957fe5b838381518110614a6557fe5b6020908102919091010152506001016149b4565b506000614a868c8361272d565b90506000614a94828a61288f565b9050613163614aa282613f55565b8b9061436a565b600080614ac484614abe87614910818b61165e565b9061436a565b90506000614ad48a8a848b61503e565b90506000614ae8828b8b815181106141a957fe5b90506000805b8b51811015614b1057614b068c828151811061483657fe5b9150600101614aee565b506000614b39828d8d81518110614b2357fe5b602002602001015161288f90919063ffffffff16565b90506000614b4682613f55565b90506000614b54858361436a565b90506000614b62868361165e565b9050614b83614b7c83670de0b6b3a76400008d9003612fda565b8290612264565b98505050505050505050979650505050505050565b600080614bad84614abe87614910818b612264565b90506000614bbd8a8a848b61503e565b90506000614be78a8a81518110614bd057fe5b60200260200101518361165e90919063ffffffff16565b90506000805b8b51811015614c0f57614c058c828151811061483657fe5b9150600101614bed565b506000614c22828d8d81518110614b2357fe5b90506000614c2f82613f55565b90506000614c3d858361436a565b90506000614c4b868361165e565b9050614b83614b7c83670de0b6b3a76400008d900361383f565b600080805b8751811015614c8c57614c8288828151811061483657fe5b9150600101614c6a565b506060865167ffffffffffffffff81118015614ca757600080fd5b50604051908082528060200260200182016040528015614cd1578160200160208202803683370190505b5090506000805b8951811015614d6b576000614cf3858c8481518110614b2357fe5b9050614d358b8381518110614d0457fe5b6020026020010151614d2f8c8581518110614d1b57fe5b60200260200101518e868151811061428257fe5b9061288f565b848381518110614d4157fe5b602002602001018181525050614d606149578286858151811061400257fe5b925050600101614cd8565b506060895167ffffffffffffffff81118015614d8657600080fd5b50604051908082528060200260200182016040528015614db0578160200160208202803683370190505b50905060005b8a51811015614e7157600083858381518110614dce57fe5b60200260200101511115614e2a576000614df36149e886670de0b6b3a764000061165e565b90506000614e07828e86815181106141a957fe5b9050614e21614a2282670de0b6b3a76400008d9003612fda565b92505050614e41565b8a8281518110614e3657fe5b602002602001015190505b614e51818d848151811061428257fe5b838381518110614e5d57fe5b602090810291909101015250600101614db6565b506000614e7e8c8361272d565b90506000614e8c828a61288f565b9050670de0b6b3a7640000811115614ec057614eb38a670de0b6b3a763ffff198301612fda565b965050505050505061477c565b6000965050505050505061477c565b6000614ee163f4b7964d60e01b6110b4565b821480610cdc5750610cdc826151fb565b6060600082806020019051810190614f0a919061576b565b909590945092505050565b6000818060200190518101906115de91906157b0565b60008082806020019051810190614f0a91906157dc565b6060600082806020019051810190614f0a919061586f565b6000818060200190518101906115de919061588d565b60606000614f7e848461383f565b90506060855167ffffffffffffffff81118015614f9a57600080fd5b50604051908082528060200260200182016040528015614fc4578160200160208202803683370190505b50905060005b865181101561500257614fe38388838151811061494157fe5b828281518110614fef57fe5b6020908102919091010152600101614fca565b5095945050505050565b60008082806020019051810190614f0a91906158a9565b60006115de61503584613c95856129f8565b6127c6846129ea565b60008084518602905060008560008151811061505657fe5b60200260200101519050600086518760008151811061507157fe5b60200260200101510290506000600190505b87518110156150d7576150bc6150b66150af848b85815181106150a257fe5b60200260200101516115ba565b8a516115ba565b88613609565b91506150cd88828151811061274d57fe5b9250600101615083565b508685815181106150e457fe5b60200260200101518203915060006150fc87886115ba565b9050600061512861511c61511484610b8389886115ba565b6103e86115ba565b8a89815181106150a257fe5b9050600061514361513c6151148b89613609565b8690612264565b905060008061515f6151558686612264565b610b838d86612264565b905060005b60ff8110156151df578192506151946151818661280185866115ba565b610b838e613ede886128018860026115ba565b9150828211156151bd576001838303116151b8575097506116569650505050505050565b6151d7565b6001828403116151d7575097506116569650505050505050565b600101615164565b506151eb6101426128e0565b5050505050505050949350505050565b600061520d632f1a0bc960e01b6110b4565b8214806152285750615225637587926b60e11b6110b4565b82145b80610cdc5750610cdc826000615244631c74c91760e11b6110b4565b82148061525f575061525c6350dd6ed960e01b6110b4565b82145b80610cdc57506000610cdc565b6040805160a081019091528060008152600060208201819052604082018190526060820181905260809091015290565bfe5b803561087d81615e7e565b600082601f8301126152b9578081fd5b81356152cc6152c782615e5e565b615e37565b8181529150602080830190848101818402860182018710156152ed57600080fd5b60005b84811015612884578135845292820192908201906001016152f0565b600082601f83011261531c578081fd5b815161532a6152c782615e5e565b81815291506020808301908481018184028601820187101561534b57600080fd5b60005b848110156128845781518452928201929082019060010161534e565b600082601f83011261537a578081fd5b813567ffffffffffffffff811115615390578182fd5b6153a3601f8201601f1916602001615e37565b91508082528360208285010111156153ba57600080fd5b8060208401602084013760009082016020015292915050565b80516003811061087d57600080fd5b80516004811061087d57600080fd5b80356002811061087d57600080fd5b600060208284031215615411578081fd5b81356115de81615e7e565b6000806040838503121561542e578081fd5b823561543981615e7e565b9150602083013561544981615e7e565b809150509250929050565b600080600060608486031215615468578081fd5b833561547381615e7e565b9250602084013561548381615e7e565b929592945050506040919091013590565b600080600080600080600060e0888a0312156154ae578283fd5b87356154b981615e7e565b965060208801356154c981615e7e565b9550604088013594506060880135935060808801356154e781615e93565b9699959850939692959460a0840135945060c09093013592915050565b60008060408385031215615516578182fd5b823561552181615e7e565b946020939093013593505050565b600080600060608486031215615543578081fd5b835167ffffffffffffffff8082111561555a578283fd5b818601915086601f83011261556d578283fd5b815161557b6152c782615e5e565b80828252602080830192508086018b82838702890101111561559b578788fd5b8796505b848710156155c65780516155b281615e7e565b84526001969096019592810192810161559f565b5089015190975093505050808211156155dd578283fd5b506155ea8682870161530c565b925050604084015190509250925092565b60006020828403121561560c578081fd5b815180151581146115de578182fd5b600080600080600080600060e0888a031215615635578081fd5b87359650602088013561564781615e7e565b9550604088013561565781615e7e565b9450606088013567ffffffffffffffff80821115615673578283fd5b61567f8b838c016152a9565b955060808a0135945060a08a0135935060c08a01359150808211156156a2578283fd5b506156af8a828b0161536a565b91505092959891949750929550565b6000602082840312156156cf578081fd5b81356001600160e01b0319811681146115de578182fd5b6000602082840312156156f7578081fd5b81516115de81615e7e565b60008060408385031215615714578182fd5b823561571f81615e7e565b9150602083013567ffffffffffffffff81111561573a578182fd5b6157468582860161536a565b9150509250929050565b600060208284031215615761578081fd5b6115de83836153d3565b60008060006060848603121561577f578081fd5b61578985856153d3565b9250602084015167ffffffffffffffff8111156157a4578182fd5b6155ea8682870161530c565b600080604083850312156157c2578182fd5b6157cc84846153d3565b9150602083015190509250929050565b6000806000606084860312156157f0578081fd5b6157fa85856153d3565b925060208401519150604084015190509250925092565b600060208284031215615822578081fd5b6115de83836153e2565b6000806040838503121561583e578182fd5b61584884846153e2565b9150602083015167ffffffffffffffff811115615863578182fd5b6157468582860161530c565b600080600060608486031215615883578081fd5b61578985856153e2565b6000806040838503121561589f578182fd5b6157cc84846153e2565b6000806000606084860312156158bd578081fd5b6157fa85856153e2565b600080600080608085870312156158dc578182fd5b843567ffffffffffffffff808211156158f3578384fd5b818701915061012080838a031215615909578485fd5b61591281615e37565b905061591e89846153f1565b815261592d896020850161529e565b602082015261593f896040850161529e565b6040820152606083013560608201526080830135608082015260a083013560a082015261596f8960c0850161529e565b60c08201526159818960e0850161529e565b60e08201526101008084013583811115615999578687fd5b6159a58b82870161536a565b8284015250508096505060208701359150808211156159c2578384fd5b506159cf878288016152a9565b949794965050505060408301359260600135919050565b6000602082840312156159f7578081fd5b5035919050565b600060208284031215615a0f578081fd5b5051919050565b60008060408385031215615a28578182fd5b50508035926020909101359150565b60008060008060808587031215615a4c578182fd5b8451935060208501519250604085015191506060850151615a6c81615e7e565b939692955090935050565b600060208284031215615a88578081fd5b81516115de81615e93565b60008060408385031215615aa5578182fd5b8251615ab081615e93565b6020939093015192949293505050565b6001600160a01b03169052565b6000815180845260208085019450808401835b83811015615afc57815187529582019590820190600101615ae0565b509495945050505050565b60008151808452815b81811015615b2c57602081850181015186830182015201615b10565b81811115615b3d5782602083870101525b50601f01601f19169290920160200192915050565b9182526001600160e01b031916602082015260240190565b6000828483379101908152919050565b61190160f01b81526002810192909252602282015260420190565b6001600160a01b0391909116815260200190565b6020808252825182820181905260009190848201906040850190845b81811015615bea5783516001600160a01b031683529284019291840191600101615bc5565b50909695505050505050565b602080825282518282018190526000919060409081850190868401855b82811015615c80578151805160048110615c2957fe5b855280870151615c3b88870182615ac0565b508581015186860152606080820151615c5682880182615ac0565b505060809081015190615c6b86820183615ac0565b505060a0939093019290850190600101615c13565b5091979650505050505050565b6000602082526115de6020830184615acd565b600060408252615cb36040830185615acd565b828103602084015261185c8185615acd565b901515815260200190565b92151583526020830191909152604082015260600190565b90815260200190565b9283526001600160a01b03918216602084015216604082015260600190565b9586526001600160a01b0394851660208701529290931660408501526060840152608083019190915260a082015260c00190565b9485526020850193909352604084019190915260608301526001600160a01b0316608082015260a00190565b6000838252604060208301526116566040830184615b07565b9182526001600160a01b0316602082015260400190565b93845260ff9290921660208401526040830152606082015260800190565b6000602082526115de6020830184615b07565b6000838252604060208301526116566040830184615acd565b9283529015156020830152604082015260600190565b918252602082015260400190565b93845260208401929092526040830152606082015260800190565b60ff91909116815260200190565b60405181810167ffffffffffffffff81118282101715615e5657600080fd5b604052919050565b600067ffffffffffffffff821115615e74578081fd5b5060209081020190565b6001600160a01b0381168114610bfa57600080fd5b60ff81168114610bfa57600080fdfea26469706673582212203b5b656ee3e573b26e590f7b9c281c1eadb4e8c6727d83219cd25a216280131b64736f6c634300070100336bfb689528fa96ec1ad670ad6d6064be1ae96bfd5d2ee35c837fd0fe0c11959a000000000000000000000000ba12222222228d8ba445958a75a0704d566bf2c8000000000000000000000000acaac3e6d6df918bf3c809dfc7d42de0e4a72d4c0000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000012000000000000000000000000000000000000000000000000000000000000000647b226e616d65223a22436f6d706f7361626c65537461626c65506f6f6c466163746f7279222c2276657273696f6e223a362c226465706c6f796d656e74223a2232303234303232332d636f6d706f7361626c652d737461626c652d706f6f6c2d7636227d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005d7b226e616d65223a22436f6d706f7361626c65537461626c65506f6f6c222c2276657273696f6e223a362c226465706c6f796d656e74223a2232303234303232332d636f6d706f7361626c652d737461626c652d706f6f6c2d7636227d000000
Deployed Bytecode
0x608060405234801561001057600080fd5b50600436106100de5760003560e01c80636634b7531161008c578063851c1bb311610066578063851c1bb3146101845780638d928af8146101a4578063971e1833146101ac578063aaabadc5146101bf576100de565b80636634b753146101475780636c57f5a914610167578063739238d61461016f576100de565b80632f2770db116100bd5780632f2770db1461012d5780633f819b6f1461013757806354fd4d501461013f576100de565b8062c194db146100e3578063174481fa146101015780632da47c4014610117575b600080fd5b6100eb6101c7565b6040516100f89190610db5565b60405180910390f35b6101096101e6565b6040516100f8929190610d68565b61011f61022c565b6040516100f8929190610f17565b610135610296565b005b6100eb6102dd565b6100eb610373565b61015a610155366004610af6565b6103d1565b6040516100f89190610d82565b61015a6103ef565b6101776103f8565b6040516100f89190610dc8565b610197610192366004610b2e565b61041c565b6040516100f89190610d8d565b61017761046e565b6101776101ba366004610b72565b610492565b61017761056b565b60606101e160405180602001604052806000815250610637565b905090565b7f000000000000000000000000edd246549f0475d7497c1e0a61dc9acc0454ef9e7f000000000000000000000000ab1420673361e9d6f6d29854e93e7ef5ebc7e9199091565b600080427f000000000000000000000000000000000000000000000000000000006d61e23d81101561028857807f000000000000000000000000000000000000000000000000000000006d61e23d03925062ed4e009150610291565b60009250600091505b509091565b61029e610710565b6102a6610741565b6001805460ff1916811790556040517f432acbfd662dbb5d8b378384a67159b47ca9d0f1b79f97cf64cf8585fa362d5090600090a1565b60038054604080516020601f60026000196101006001881615020190951694909404938401819004810282018101909252828152606093909290918301828280156103695780601f1061033e57610100808354040283529160200191610369565b820191906000526020600020905b81548152906001019060200180831161034c57829003601f168201915b5050505050905090565b60028054604080516020601f60001961010060018716150201909416859004938401819004810282018101909252828152606093909290918301828280156103695780601f1061033e57610100808354040283529160200191610369565b6001600160a01b031660009081526020819052604090205460ff1690565b60015460ff1690565b7f000000000000000000000000acaac3e6d6df918bf3c809dfc7d42de0e4a72d4c90565b60007f0000000000000000000000004bdcc2fb18aeb9e2d281b0278d946445070eada782604051602001610451929190610d50565b604051602081830303815290604052805190602001209050919050565b7f000000000000000000000000ba12222222228d8ba445958a75a0704d566bf2c890565b600080600061049f61022c565b9150915061055a604051806101c001604052806104ba61046e565b6001600160a01b031681526020016104d06103f8565b6001600160a01b031681526020018f81526020018e81526020018d81526020018b81526020018a815260200189151581526020018c8152602001888152602001848152602001838152602001876001600160a01b031681526020016105336102dd565b90526040516105459190602001610ddc565b60405160208183030381529060405285610756565b9d9c50505050505050505050505050565b600061057561046e565b6001600160a01b031663aaabadc56040518163ffffffff1660e01b815260040160206040518083038186803b1580156105ad57600080fd5b505afa1580156105c1573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906101e19190610b56565b80517f602038038060206000396000f3fefefefefefefefefefefefefefefefefefefe808352600091602081018484f090845291506106316001600160a01b03831615156101ac6107c3565b50919050565b8051604080517f0000000000000000000000000000000000000000000000000000000000003ee67f0000000000000000000000000000000000000000000000000000000000003ee6818101858101848101602090810190965280855293957f000000000000000000000000edd246549f0475d7497c1e0a61dc9acc0454ef9e9592947f000000000000000000000000ab1420673361e9d6f6d29854e93e7ef5ebc7e91994938801866000828a3c846000888301883c50602089810190898501016107028183866107d5565b505050505050505050919050565b60006107276000356001600160e01b03191661041c565b905061073e6107368233610813565b6101916107c3565b50565b61075461074c6103ef565b1560d36107c3565b565b6000610760610741565b600061076c84846108a3565b6001600160a01b038116600081815260208190526040808220805460ff191660011790555192935090917f83a48fbcfc991335314e74d0496aab6a1987e992ddc85dddbcc4d6dd6ef2e9fc9190a290505b92915050565b816107d1576107d1816108e0565b5050565b5b602081106107f5578151835260209283019290910190601f19016107d6565b905182516020929092036101000a6000190180199091169116179052565b600061081d61056b565b6001600160a01b0316639be2a8848484306040518463ffffffff1660e01b815260040161084c93929190610d96565b60206040518083038186803b15801561086457600080fd5b505afa158015610878573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061089c9190610b12565b9392505050565b600060606108b084610637565b90506000838251602084016000f590506001600160a01b0381166108d8573d6000803e3d6000fd5b949350505050565b62461bcd60e51b600090815260206004526007602452600a808304818106603090810160081b83860601918390049283060160101b016642414c230000300160c81b60445261073e916210905360ea1b906242414c90606490fd5b80356107bd81610f6c565b600082601f830112610956578081fd5b813561096961096482610f4c565b610f25565b81815291506020808301908481018184028601820187101561098a57600080fd5b60005b848110156109b25781356109a081610f6c565b8452928201929082019060010161098d565b505050505092915050565b600082601f8301126109cd578081fd5b81356109db61096482610f4c565b8181529150602080830190848101818402860182018710156109fc57600080fd5b60005b848110156109b2578135610a1281610f6c565b845292820192908201906001016109ff565b600082601f830112610a34578081fd5b8135610a4261096482610f4c565b818152915060208083019084810181840286018201871015610a6357600080fd5b60005b848110156109b257813584529282019290820190600101610a66565b80356107bd81610f81565b600082601f830112610a9d578081fd5b813567ffffffffffffffff811115610ab3578182fd5b610ac6601f8201601f1916602001610f25565b9150808252836020828501011115610add57600080fd5b8060208401602084013760009082016020015292915050565b600060208284031215610b07578081fd5b813561089c81610f6c565b600060208284031215610b23578081fd5b815161089c81610f81565b600060208284031215610b3f578081fd5b81356001600160e01b03198116811461089c578182fd5b600060208284031215610b67578081fd5b815161089c81610f6c565b6000806000806000806000806000806101408b8d031215610b91578586fd5b8a3567ffffffffffffffff80821115610ba8578788fd5b610bb48e838f01610a8d565b9b5060208d0135915080821115610bc9578788fd5b610bd58e838f01610a8d565b9a5060408d0135915080821115610bea578788fd5b610bf68e838f01610946565b995060608d0135985060808d0135915080821115610c12578788fd5b610c1e8e838f016109bd565b975060a08d0135915080821115610c33578687fd5b50610c408d828e01610a24565b955050610c508c60c08d01610a82565b935060e08b01359250610c678c6101008d0161093b565b91506101208b013590509295989b9194979a5092959850565b6001600160a01b03169052565b6000815180845260208085019450808401835b83811015610cc55781516001600160a01b031687529582019590820190600101610ca0565b509495945050505050565b6000815180845260208085019450808401835b83811015610cc557815187529582019590820190600101610ce3565b15159052565b60008151808452815b81811015610d2a57602081850181015186830182015201610d0e565b81811115610d3b5782602083870101525b50601f01601f19169290920160200192915050565b9182526001600160e01b031916602082015260240190565b6001600160a01b0392831681529116602082015260400190565b901515815260200190565b90815260200190565b9283526001600160a01b03918216602084015216604082015260600190565b60006020825261089c6020830184610d05565b6001600160a01b0391909116815260200190565b600060208252610df0602083018451610c80565b6020830151610e026040840182610c80565b5060408301516101c0806060850152610e1f6101e0850183610d05565b91506060850151601f1980868503016080870152610e3d8483610d05565b935060808701519150808685030160a0870152610e5a8483610c8d565b935060a08701519150808685030160c0870152610e778483610c8d565b935060c08701519150808685030160e0870152610e948483610cd0565b935060e08701519150610100610eac81880184610cff565b8701516101208781019190915287015161014080880191909152870151610160808801919091528701516101808088019190915287015191506101a0610ef481880184610c80565b870151868503909101838701529050610f0d8382610d05565b9695505050505050565b918252602082015260400190565b60405181810167ffffffffffffffff81118282101715610f4457600080fd5b604052919050565b600067ffffffffffffffff821115610f62578081fd5b5060209081020190565b6001600160a01b038116811461073e57600080fd5b801515811461073e57600080fdfea26469706673582212207fea1918c566738a17cd913a3738966f97bbd915006028a8cb15347a6bbdbb4464736f6c63430007010033
Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)
000000000000000000000000ba12222222228d8ba445958a75a0704d566bf2c8000000000000000000000000acaac3e6d6df918bf3c809dfc7d42de0e4a72d4c0000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000012000000000000000000000000000000000000000000000000000000000000000647b226e616d65223a22436f6d706f7361626c65537461626c65506f6f6c466163746f7279222c2276657273696f6e223a362c226465706c6f796d656e74223a2232303234303232332d636f6d706f7361626c652d737461626c652d706f6f6c2d7636227d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005d7b226e616d65223a22436f6d706f7361626c65537461626c65506f6f6c222c2276657273696f6e223a362c226465706c6f796d656e74223a2232303234303232332d636f6d706f7361626c652d737461626c652d706f6f6c2d7636227d000000
-----Decoded View---------------
Arg [0] : vault (address): 0xBA12222222228d8Ba445958a75a0704d566BF2C8
Arg [1] : protocolFeeProvider (address): 0xacAaC3e6D6Df918Bf3c809DFC7d42de0e4a72d4C
Arg [2] : factoryVersion (string): {"name":"ComposableStablePoolFactory","version":6,"deployment":"20240223-composable-stable-pool-v6"}
Arg [3] : poolVersion (string): {"name":"ComposableStablePool","version":6,"deployment":"20240223-composable-stable-pool-v6"}
-----Encoded View---------------
13 Constructor Arguments found :
Arg [0] : 000000000000000000000000ba12222222228d8ba445958a75a0704d566bf2c8
Arg [1] : 000000000000000000000000acaac3e6d6df918bf3c809dfc7d42de0e4a72d4c
Arg [2] : 0000000000000000000000000000000000000000000000000000000000000080
Arg [3] : 0000000000000000000000000000000000000000000000000000000000000120
Arg [4] : 0000000000000000000000000000000000000000000000000000000000000064
Arg [5] : 7b226e616d65223a22436f6d706f7361626c65537461626c65506f6f6c466163
Arg [6] : 746f7279222c2276657273696f6e223a362c226465706c6f796d656e74223a22
Arg [7] : 32303234303232332d636f6d706f7361626c652d737461626c652d706f6f6c2d
Arg [8] : 7636227d00000000000000000000000000000000000000000000000000000000
Arg [9] : 000000000000000000000000000000000000000000000000000000000000005d
Arg [10] : 7b226e616d65223a22436f6d706f7361626c65537461626c65506f6f6c222c22
Arg [11] : 76657273696f6e223a362c226465706c6f796d656e74223a2232303234303232
Arg [12] : 332d636f6d706f7361626c652d737461626c652d706f6f6c2d7636227d000000
Loading...
Loading
Loading...
Loading
Multichain Portfolio | 30 Chains
Chain | Token | Portfolio % | Price | Amount | Value |
---|
[ Download: CSV Export ]
[ Download: CSV Export ]
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.