Overview
ETH Balance
0 ETH
ETH Value
$0.00Latest 6 internal transactions
Advanced mode:
| Parent Transaction Hash | Block | From | To | |||
|---|---|---|---|---|---|---|
| 64418363 | 1118 days ago | Contract Creation | 0 ETH | |||
| 64409241 | 1118 days ago | Contract Creation | 0 ETH | |||
| 12865984 | 1319 days ago | Contract Creation | 0 ETH | |||
| 12023583 | 1327 days ago | Contract Creation | 0 ETH | |||
| 11088891 | 1333 days ago | Contract Creation | 0 ETH | |||
| 11088891 | 1333 days ago | Contract Creation | 0 ETH |
Cross-Chain Transactions
Loading...
Loading
Contract Name:
StablePoolFactory
Compiler Version
v0.7.1+commit.f4a555be
Optimization Enabled:
Yes with 9999 runs
Other Settings:
default evmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "@balancer-labs/v2-interfaces/contracts/vault/IVault.sol";
import "@balancer-labs/v2-pool-utils/contracts/factories/BasePoolSplitCodeFactory.sol";
import "@balancer-labs/v2-pool-utils/contracts/factories/FactoryWidePauseWindow.sol";
import "./StablePool.sol";
contract StablePoolFactory is BasePoolSplitCodeFactory, FactoryWidePauseWindow {
constructor(IVault vault) BasePoolSplitCodeFactory(vault, type(StablePool).creationCode) {
// solhint-disable-previous-line no-empty-blocks
}
/**
* @dev Deploys a new `StablePool`.
*/
function create(
string memory name,
string memory symbol,
IERC20[] memory tokens,
uint256 amplificationParameter,
uint256 swapFeePercentage,
address owner
) external returns (address) {
(uint256 pauseWindowDuration, uint256 bufferPeriodDuration) = getPauseConfiguration();
return
_create(
abi.encode(
getVault(),
name,
symbol,
tokens,
amplificationParameter,
swapFeePercentage,
pauseWindowDuration,
bufferPeriodDuration,
owner
)
);
}
}// SPDX-License-Identifier: MIT
// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
// documentation files (the “Software”), to deal in the Software without restriction, including without limitation the
// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to the following conditions:
// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the
// Software.
// THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol";
/* solhint-disable */
/**
* @dev Exponentiation and logarithm functions for 18 decimal fixed point numbers (both base and exponent/argument).
*
* Exponentiation and logarithm with arbitrary bases (x^y and log_x(y)) are implemented by conversion to natural
* exponentiation and logarithm (where the base is Euler's number).
*
* @author Fernando Martinelli - @fernandomartinelli
* @author Sergio Yuhjtman - @sergioyuhjtman
* @author Daniel Fernandez - @dmf7z
*/
library LogExpMath {
// All fixed point multiplications and divisions are inlined. This means we need to divide by ONE when multiplying
// two numbers, and multiply by ONE when dividing them.
// All arguments and return values are 18 decimal fixed point numbers.
int256 constant ONE_18 = 1e18;
// Internally, intermediate values are computed with higher precision as 20 decimal fixed point numbers, and in the
// case of ln36, 36 decimals.
int256 constant ONE_20 = 1e20;
int256 constant ONE_36 = 1e36;
// The domain of natural exponentiation is bound by the word size and number of decimals used.
//
// Because internally the result will be stored using 20 decimals, the largest possible result is
// (2^255 - 1) / 10^20, which makes the largest exponent ln((2^255 - 1) / 10^20) = 130.700829182905140221.
// The smallest possible result is 10^(-18), which makes largest negative argument
// ln(10^(-18)) = -41.446531673892822312.
// We use 130.0 and -41.0 to have some safety margin.
int256 constant MAX_NATURAL_EXPONENT = 130e18;
int256 constant MIN_NATURAL_EXPONENT = -41e18;
// Bounds for ln_36's argument. Both ln(0.9) and ln(1.1) can be represented with 36 decimal places in a fixed point
// 256 bit integer.
int256 constant LN_36_LOWER_BOUND = ONE_18 - 1e17;
int256 constant LN_36_UPPER_BOUND = ONE_18 + 1e17;
uint256 constant MILD_EXPONENT_BOUND = 2**254 / uint256(ONE_20);
// 18 decimal constants
int256 constant x0 = 128000000000000000000; // 2ˆ7
int256 constant a0 = 38877084059945950922200000000000000000000000000000000000; // eˆ(x0) (no decimals)
int256 constant x1 = 64000000000000000000; // 2ˆ6
int256 constant a1 = 6235149080811616882910000000; // eˆ(x1) (no decimals)
// 20 decimal constants
int256 constant x2 = 3200000000000000000000; // 2ˆ5
int256 constant a2 = 7896296018268069516100000000000000; // eˆ(x2)
int256 constant x3 = 1600000000000000000000; // 2ˆ4
int256 constant a3 = 888611052050787263676000000; // eˆ(x3)
int256 constant x4 = 800000000000000000000; // 2ˆ3
int256 constant a4 = 298095798704172827474000; // eˆ(x4)
int256 constant x5 = 400000000000000000000; // 2ˆ2
int256 constant a5 = 5459815003314423907810; // eˆ(x5)
int256 constant x6 = 200000000000000000000; // 2ˆ1
int256 constant a6 = 738905609893065022723; // eˆ(x6)
int256 constant x7 = 100000000000000000000; // 2ˆ0
int256 constant a7 = 271828182845904523536; // eˆ(x7)
int256 constant x8 = 50000000000000000000; // 2ˆ-1
int256 constant a8 = 164872127070012814685; // eˆ(x8)
int256 constant x9 = 25000000000000000000; // 2ˆ-2
int256 constant a9 = 128402541668774148407; // eˆ(x9)
int256 constant x10 = 12500000000000000000; // 2ˆ-3
int256 constant a10 = 113314845306682631683; // eˆ(x10)
int256 constant x11 = 6250000000000000000; // 2ˆ-4
int256 constant a11 = 106449445891785942956; // eˆ(x11)
/**
* @dev Exponentiation (x^y) with unsigned 18 decimal fixed point base and exponent.
*
* Reverts if ln(x) * y is smaller than `MIN_NATURAL_EXPONENT`, or larger than `MAX_NATURAL_EXPONENT`.
*/
function pow(uint256 x, uint256 y) internal pure returns (uint256) {
if (y == 0) {
// We solve the 0^0 indetermination by making it equal one.
return uint256(ONE_18);
}
if (x == 0) {
return 0;
}
// Instead of computing x^y directly, we instead rely on the properties of logarithms and exponentiation to
// arrive at that result. In particular, exp(ln(x)) = x, and ln(x^y) = y * ln(x). This means
// x^y = exp(y * ln(x)).
// The ln function takes a signed value, so we need to make sure x fits in the signed 256 bit range.
_require(x >> 255 == 0, Errors.X_OUT_OF_BOUNDS);
int256 x_int256 = int256(x);
// We will compute y * ln(x) in a single step. Depending on the value of x, we can either use ln or ln_36. In
// both cases, we leave the division by ONE_18 (due to fixed point multiplication) to the end.
// This prevents y * ln(x) from overflowing, and at the same time guarantees y fits in the signed 256 bit range.
_require(y < MILD_EXPONENT_BOUND, Errors.Y_OUT_OF_BOUNDS);
int256 y_int256 = int256(y);
int256 logx_times_y;
if (LN_36_LOWER_BOUND < x_int256 && x_int256 < LN_36_UPPER_BOUND) {
int256 ln_36_x = _ln_36(x_int256);
// ln_36_x has 36 decimal places, so multiplying by y_int256 isn't as straightforward, since we can't just
// bring y_int256 to 36 decimal places, as it might overflow. Instead, we perform two 18 decimal
// multiplications and add the results: one with the first 18 decimals of ln_36_x, and one with the
// (downscaled) last 18 decimals.
logx_times_y = ((ln_36_x / ONE_18) * y_int256 + ((ln_36_x % ONE_18) * y_int256) / ONE_18);
} else {
logx_times_y = _ln(x_int256) * y_int256;
}
logx_times_y /= ONE_18;
// Finally, we compute exp(y * ln(x)) to arrive at x^y
_require(
MIN_NATURAL_EXPONENT <= logx_times_y && logx_times_y <= MAX_NATURAL_EXPONENT,
Errors.PRODUCT_OUT_OF_BOUNDS
);
return uint256(exp(logx_times_y));
}
/**
* @dev Natural exponentiation (e^x) with signed 18 decimal fixed point exponent.
*
* Reverts if `x` is smaller than MIN_NATURAL_EXPONENT, or larger than `MAX_NATURAL_EXPONENT`.
*/
function exp(int256 x) internal pure returns (int256) {
_require(x >= MIN_NATURAL_EXPONENT && x <= MAX_NATURAL_EXPONENT, Errors.INVALID_EXPONENT);
if (x < 0) {
// We only handle positive exponents: e^(-x) is computed as 1 / e^x. We can safely make x positive since it
// fits in the signed 256 bit range (as it is larger than MIN_NATURAL_EXPONENT).
// Fixed point division requires multiplying by ONE_18.
return ((ONE_18 * ONE_18) / exp(-x));
}
// First, we use the fact that e^(x+y) = e^x * e^y to decompose x into a sum of powers of two, which we call x_n,
// where x_n == 2^(7 - n), and e^x_n = a_n has been precomputed. We choose the first x_n, x0, to equal 2^7
// because all larger powers are larger than MAX_NATURAL_EXPONENT, and therefore not present in the
// decomposition.
// At the end of this process we will have the product of all e^x_n = a_n that apply, and the remainder of this
// decomposition, which will be lower than the smallest x_n.
// exp(x) = k_0 * a_0 * k_1 * a_1 * ... + k_n * a_n * exp(remainder), where each k_n equals either 0 or 1.
// We mutate x by subtracting x_n, making it the remainder of the decomposition.
// The first two a_n (e^(2^7) and e^(2^6)) are too large if stored as 18 decimal numbers, and could cause
// intermediate overflows. Instead we store them as plain integers, with 0 decimals.
// Additionally, x0 + x1 is larger than MAX_NATURAL_EXPONENT, which means they will not both be present in the
// decomposition.
// For each x_n, we test if that term is present in the decomposition (if x is larger than it), and if so deduct
// it and compute the accumulated product.
int256 firstAN;
if (x >= x0) {
x -= x0;
firstAN = a0;
} else if (x >= x1) {
x -= x1;
firstAN = a1;
} else {
firstAN = 1; // One with no decimal places
}
// We now transform x into a 20 decimal fixed point number, to have enhanced precision when computing the
// smaller terms.
x *= 100;
// `product` is the accumulated product of all a_n (except a0 and a1), which starts at 20 decimal fixed point
// one. Recall that fixed point multiplication requires dividing by ONE_20.
int256 product = ONE_20;
if (x >= x2) {
x -= x2;
product = (product * a2) / ONE_20;
}
if (x >= x3) {
x -= x3;
product = (product * a3) / ONE_20;
}
if (x >= x4) {
x -= x4;
product = (product * a4) / ONE_20;
}
if (x >= x5) {
x -= x5;
product = (product * a5) / ONE_20;
}
if (x >= x6) {
x -= x6;
product = (product * a6) / ONE_20;
}
if (x >= x7) {
x -= x7;
product = (product * a7) / ONE_20;
}
if (x >= x8) {
x -= x8;
product = (product * a8) / ONE_20;
}
if (x >= x9) {
x -= x9;
product = (product * a9) / ONE_20;
}
// x10 and x11 are unnecessary here since we have high enough precision already.
// Now we need to compute e^x, where x is small (in particular, it is smaller than x9). We use the Taylor series
// expansion for e^x: 1 + x + (x^2 / 2!) + (x^3 / 3!) + ... + (x^n / n!).
int256 seriesSum = ONE_20; // The initial one in the sum, with 20 decimal places.
int256 term; // Each term in the sum, where the nth term is (x^n / n!).
// The first term is simply x.
term = x;
seriesSum += term;
// Each term (x^n / n!) equals the previous one times x, divided by n. Since x is a fixed point number,
// multiplying by it requires dividing by ONE_20, but dividing by the non-fixed point n values does not.
term = ((term * x) / ONE_20) / 2;
seriesSum += term;
term = ((term * x) / ONE_20) / 3;
seriesSum += term;
term = ((term * x) / ONE_20) / 4;
seriesSum += term;
term = ((term * x) / ONE_20) / 5;
seriesSum += term;
term = ((term * x) / ONE_20) / 6;
seriesSum += term;
term = ((term * x) / ONE_20) / 7;
seriesSum += term;
term = ((term * x) / ONE_20) / 8;
seriesSum += term;
term = ((term * x) / ONE_20) / 9;
seriesSum += term;
term = ((term * x) / ONE_20) / 10;
seriesSum += term;
term = ((term * x) / ONE_20) / 11;
seriesSum += term;
term = ((term * x) / ONE_20) / 12;
seriesSum += term;
// 12 Taylor terms are sufficient for 18 decimal precision.
// We now have the first a_n (with no decimals), and the product of all other a_n present, and the Taylor
// approximation of the exponentiation of the remainder (both with 20 decimals). All that remains is to multiply
// all three (one 20 decimal fixed point multiplication, dividing by ONE_20, and one integer multiplication),
// and then drop two digits to return an 18 decimal value.
return (((product * seriesSum) / ONE_20) * firstAN) / 100;
}
/**
* @dev Logarithm (log(arg, base), with signed 18 decimal fixed point base and argument.
*/
function log(int256 arg, int256 base) internal pure returns (int256) {
// This performs a simple base change: log(arg, base) = ln(arg) / ln(base).
// Both logBase and logArg are computed as 36 decimal fixed point numbers, either by using ln_36, or by
// upscaling.
int256 logBase;
if (LN_36_LOWER_BOUND < base && base < LN_36_UPPER_BOUND) {
logBase = _ln_36(base);
} else {
logBase = _ln(base) * ONE_18;
}
int256 logArg;
if (LN_36_LOWER_BOUND < arg && arg < LN_36_UPPER_BOUND) {
logArg = _ln_36(arg);
} else {
logArg = _ln(arg) * ONE_18;
}
// When dividing, we multiply by ONE_18 to arrive at a result with 18 decimal places
return (logArg * ONE_18) / logBase;
}
/**
* @dev Natural logarithm (ln(a)) with signed 18 decimal fixed point argument.
*/
function ln(int256 a) internal pure returns (int256) {
// The real natural logarithm is not defined for negative numbers or zero.
_require(a > 0, Errors.OUT_OF_BOUNDS);
if (LN_36_LOWER_BOUND < a && a < LN_36_UPPER_BOUND) {
return _ln_36(a) / ONE_18;
} else {
return _ln(a);
}
}
/**
* @dev Internal natural logarithm (ln(a)) with signed 18 decimal fixed point argument.
*/
function _ln(int256 a) private pure returns (int256) {
if (a < ONE_18) {
// Since ln(a^k) = k * ln(a), we can compute ln(a) as ln(a) = ln((1/a)^(-1)) = - ln((1/a)). If a is less
// than one, 1/a will be greater than one, and this if statement will not be entered in the recursive call.
// Fixed point division requires multiplying by ONE_18.
return (-_ln((ONE_18 * ONE_18) / a));
}
// First, we use the fact that ln^(a * b) = ln(a) + ln(b) to decompose ln(a) into a sum of powers of two, which
// we call x_n, where x_n == 2^(7 - n), which are the natural logarithm of precomputed quantities a_n (that is,
// ln(a_n) = x_n). We choose the first x_n, x0, to equal 2^7 because the exponential of all larger powers cannot
// be represented as 18 fixed point decimal numbers in 256 bits, and are therefore larger than a.
// At the end of this process we will have the sum of all x_n = ln(a_n) that apply, and the remainder of this
// decomposition, which will be lower than the smallest a_n.
// ln(a) = k_0 * x_0 + k_1 * x_1 + ... + k_n * x_n + ln(remainder), where each k_n equals either 0 or 1.
// We mutate a by subtracting a_n, making it the remainder of the decomposition.
// For reasons related to how `exp` works, the first two a_n (e^(2^7) and e^(2^6)) are not stored as fixed point
// numbers with 18 decimals, but instead as plain integers with 0 decimals, so we need to multiply them by
// ONE_18 to convert them to fixed point.
// For each a_n, we test if that term is present in the decomposition (if a is larger than it), and if so divide
// by it and compute the accumulated sum.
int256 sum = 0;
if (a >= a0 * ONE_18) {
a /= a0; // Integer, not fixed point division
sum += x0;
}
if (a >= a1 * ONE_18) {
a /= a1; // Integer, not fixed point division
sum += x1;
}
// All other a_n and x_n are stored as 20 digit fixed point numbers, so we convert the sum and a to this format.
sum *= 100;
a *= 100;
// Because further a_n are 20 digit fixed point numbers, we multiply by ONE_20 when dividing by them.
if (a >= a2) {
a = (a * ONE_20) / a2;
sum += x2;
}
if (a >= a3) {
a = (a * ONE_20) / a3;
sum += x3;
}
if (a >= a4) {
a = (a * ONE_20) / a4;
sum += x4;
}
if (a >= a5) {
a = (a * ONE_20) / a5;
sum += x5;
}
if (a >= a6) {
a = (a * ONE_20) / a6;
sum += x6;
}
if (a >= a7) {
a = (a * ONE_20) / a7;
sum += x7;
}
if (a >= a8) {
a = (a * ONE_20) / a8;
sum += x8;
}
if (a >= a9) {
a = (a * ONE_20) / a9;
sum += x9;
}
if (a >= a10) {
a = (a * ONE_20) / a10;
sum += x10;
}
if (a >= a11) {
a = (a * ONE_20) / a11;
sum += x11;
}
// a is now a small number (smaller than a_11, which roughly equals 1.06). This means we can use a Taylor series
// that converges rapidly for values of `a` close to one - the same one used in ln_36.
// Let z = (a - 1) / (a + 1).
// ln(a) = 2 * (z + z^3 / 3 + z^5 / 5 + z^7 / 7 + ... + z^(2 * n + 1) / (2 * n + 1))
// Recall that 20 digit fixed point division requires multiplying by ONE_20, and multiplication requires
// division by ONE_20.
int256 z = ((a - ONE_20) * ONE_20) / (a + ONE_20);
int256 z_squared = (z * z) / ONE_20;
// num is the numerator of the series: the z^(2 * n + 1) term
int256 num = z;
// seriesSum holds the accumulated sum of each term in the series, starting with the initial z
int256 seriesSum = num;
// In each step, the numerator is multiplied by z^2
num = (num * z_squared) / ONE_20;
seriesSum += num / 3;
num = (num * z_squared) / ONE_20;
seriesSum += num / 5;
num = (num * z_squared) / ONE_20;
seriesSum += num / 7;
num = (num * z_squared) / ONE_20;
seriesSum += num / 9;
num = (num * z_squared) / ONE_20;
seriesSum += num / 11;
// 6 Taylor terms are sufficient for 36 decimal precision.
// Finally, we multiply by 2 (non fixed point) to compute ln(remainder)
seriesSum *= 2;
// We now have the sum of all x_n present, and the Taylor approximation of the logarithm of the remainder (both
// with 20 decimals). All that remains is to sum these two, and then drop two digits to return a 18 decimal
// value.
return (sum + seriesSum) / 100;
}
/**
* @dev Intrnal high precision (36 decimal places) natural logarithm (ln(x)) with signed 18 decimal fixed point argument,
* for x close to one.
*
* Should only be used if x is between LN_36_LOWER_BOUND and LN_36_UPPER_BOUND.
*/
function _ln_36(int256 x) private pure returns (int256) {
// Since ln(1) = 0, a value of x close to one will yield a very small result, which makes using 36 digits
// worthwhile.
// First, we transform x to a 36 digit fixed point value.
x *= ONE_18;
// We will use the following Taylor expansion, which converges very rapidly. Let z = (x - 1) / (x + 1).
// ln(x) = 2 * (z + z^3 / 3 + z^5 / 5 + z^7 / 7 + ... + z^(2 * n + 1) / (2 * n + 1))
// Recall that 36 digit fixed point division requires multiplying by ONE_36, and multiplication requires
// division by ONE_36.
int256 z = ((x - ONE_36) * ONE_36) / (x + ONE_36);
int256 z_squared = (z * z) / ONE_36;
// num is the numerator of the series: the z^(2 * n + 1) term
int256 num = z;
// seriesSum holds the accumulated sum of each term in the series, starting with the initial z
int256 seriesSum = num;
// In each step, the numerator is multiplied by z^2
num = (num * z_squared) / ONE_36;
seriesSum += num / 3;
num = (num * z_squared) / ONE_36;
seriesSum += num / 5;
num = (num * z_squared) / ONE_36;
seriesSum += num / 7;
num = (num * z_squared) / ONE_36;
seriesSum += num / 9;
num = (num * z_squared) / ONE_36;
seriesSum += num / 11;
num = (num * z_squared) / ONE_36;
seriesSum += num / 13;
num = (num * z_squared) / ONE_36;
seriesSum += num / 15;
// 8 Taylor terms are sufficient for 36 decimal precision.
// All that remains is multiplying by 2 (non fixed point).
return seriesSum * 2;
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
// solhint-disable
/**
* @dev Reverts if `condition` is false, with a revert reason containing `errorCode`. Only codes up to 999 are
* supported.
*/
function _require(bool condition, uint256 errorCode) pure {
if (!condition) _revert(errorCode);
}
/**
* @dev Reverts with a revert reason containing `errorCode`. Only codes up to 999 are supported.
*/
function _revert(uint256 errorCode) pure {
// We're going to dynamically create a revert string based on the error code, with the following format:
// 'BAL#{errorCode}'
// where the code is left-padded with zeroes to three digits (so they range from 000 to 999).
//
// We don't have revert strings embedded in the contract to save bytecode size: it takes much less space to store a
// number (8 to 16 bits) than the individual string characters.
//
// The dynamic string creation algorithm that follows could be implemented in Solidity, but assembly allows for a
// much denser implementation, again saving bytecode size. Given this function unconditionally reverts, this is a
// safe place to rely on it without worrying about how its usage might affect e.g. memory contents.
assembly {
// First, we need to compute the ASCII representation of the error code. We assume that it is in the 0-999
// range, so we only need to convert three digits. To convert the digits to ASCII, we add 0x30, the value for
// the '0' character.
let units := add(mod(errorCode, 10), 0x30)
errorCode := div(errorCode, 10)
let tenths := add(mod(errorCode, 10), 0x30)
errorCode := div(errorCode, 10)
let hundreds := add(mod(errorCode, 10), 0x30)
// With the individual characters, we can now construct the full string. The "BAL#" part is a known constant
// (0x42414c23): we simply shift this by 24 (to provide space for the 3 bytes of the error code), and add the
// characters to it, each shifted by a multiple of 8.
// The revert reason is then shifted left by 200 bits (256 minus the length of the string, 7 characters * 8 bits
// per character = 56) to locate it in the most significant part of the 256 slot (the beginning of a byte
// array).
let revertReason := shl(200, add(0x42414c23000000, add(add(units, shl(8, tenths)), shl(16, hundreds))))
// We can now encode the reason in memory, which can be safely overwritten as we're about to revert. The encoded
// message will have the following layout:
// [ revert reason identifier ] [ string location offset ] [ string length ] [ string contents ]
// The Solidity revert reason identifier is 0x08c739a0, the function selector of the Error(string) function. We
// also write zeroes to the next 28 bytes of memory, but those are about to be overwritten.
mstore(0x0, 0x08c379a000000000000000000000000000000000000000000000000000000000)
// Next is the offset to the location of the string, which will be placed immediately after (20 bytes away).
mstore(0x04, 0x0000000000000000000000000000000000000000000000000000000000000020)
// The string length is fixed: 7 characters.
mstore(0x24, 7)
// Finally, the string itself is stored.
mstore(0x44, revertReason)
// Even if the string is only 7 bytes long, we need to return a full 32 byte slot containing it. The length of
// the encoded message is therefore 4 + 32 + 32 + 32 = 100.
revert(0, 100)
}
}
library Errors {
// Math
uint256 internal constant ADD_OVERFLOW = 0;
uint256 internal constant SUB_OVERFLOW = 1;
uint256 internal constant SUB_UNDERFLOW = 2;
uint256 internal constant MUL_OVERFLOW = 3;
uint256 internal constant ZERO_DIVISION = 4;
uint256 internal constant DIV_INTERNAL = 5;
uint256 internal constant X_OUT_OF_BOUNDS = 6;
uint256 internal constant Y_OUT_OF_BOUNDS = 7;
uint256 internal constant PRODUCT_OUT_OF_BOUNDS = 8;
uint256 internal constant INVALID_EXPONENT = 9;
// Input
uint256 internal constant OUT_OF_BOUNDS = 100;
uint256 internal constant UNSORTED_ARRAY = 101;
uint256 internal constant UNSORTED_TOKENS = 102;
uint256 internal constant INPUT_LENGTH_MISMATCH = 103;
uint256 internal constant ZERO_TOKEN = 104;
// Shared pools
uint256 internal constant MIN_TOKENS = 200;
uint256 internal constant MAX_TOKENS = 201;
uint256 internal constant MAX_SWAP_FEE_PERCENTAGE = 202;
uint256 internal constant MIN_SWAP_FEE_PERCENTAGE = 203;
uint256 internal constant MINIMUM_BPT = 204;
uint256 internal constant CALLER_NOT_VAULT = 205;
uint256 internal constant UNINITIALIZED = 206;
uint256 internal constant BPT_IN_MAX_AMOUNT = 207;
uint256 internal constant BPT_OUT_MIN_AMOUNT = 208;
uint256 internal constant EXPIRED_PERMIT = 209;
uint256 internal constant NOT_TWO_TOKENS = 210;
uint256 internal constant DISABLED = 211;
// Pools
uint256 internal constant MIN_AMP = 300;
uint256 internal constant MAX_AMP = 301;
uint256 internal constant MIN_WEIGHT = 302;
uint256 internal constant MAX_STABLE_TOKENS = 303;
uint256 internal constant MAX_IN_RATIO = 304;
uint256 internal constant MAX_OUT_RATIO = 305;
uint256 internal constant MIN_BPT_IN_FOR_TOKEN_OUT = 306;
uint256 internal constant MAX_OUT_BPT_FOR_TOKEN_IN = 307;
uint256 internal constant NORMALIZED_WEIGHT_INVARIANT = 308;
uint256 internal constant INVALID_TOKEN = 309;
uint256 internal constant UNHANDLED_JOIN_KIND = 310;
uint256 internal constant ZERO_INVARIANT = 311;
uint256 internal constant ORACLE_INVALID_SECONDS_QUERY = 312;
uint256 internal constant ORACLE_NOT_INITIALIZED = 313;
uint256 internal constant ORACLE_QUERY_TOO_OLD = 314;
uint256 internal constant ORACLE_INVALID_INDEX = 315;
uint256 internal constant ORACLE_BAD_SECS = 316;
uint256 internal constant AMP_END_TIME_TOO_CLOSE = 317;
uint256 internal constant AMP_ONGOING_UPDATE = 318;
uint256 internal constant AMP_RATE_TOO_HIGH = 319;
uint256 internal constant AMP_NO_ONGOING_UPDATE = 320;
uint256 internal constant STABLE_INVARIANT_DIDNT_CONVERGE = 321;
uint256 internal constant STABLE_GET_BALANCE_DIDNT_CONVERGE = 322;
uint256 internal constant RELAYER_NOT_CONTRACT = 323;
uint256 internal constant BASE_POOL_RELAYER_NOT_CALLED = 324;
uint256 internal constant REBALANCING_RELAYER_REENTERED = 325;
uint256 internal constant GRADUAL_UPDATE_TIME_TRAVEL = 326;
uint256 internal constant SWAPS_DISABLED = 327;
uint256 internal constant CALLER_IS_NOT_LBP_OWNER = 328;
uint256 internal constant PRICE_RATE_OVERFLOW = 329;
uint256 internal constant INVALID_JOIN_EXIT_KIND_WHILE_SWAPS_DISABLED = 330;
uint256 internal constant WEIGHT_CHANGE_TOO_FAST = 331;
uint256 internal constant LOWER_GREATER_THAN_UPPER_TARGET = 332;
uint256 internal constant UPPER_TARGET_TOO_HIGH = 333;
uint256 internal constant UNHANDLED_BY_LINEAR_POOL = 334;
uint256 internal constant OUT_OF_TARGET_RANGE = 335;
uint256 internal constant UNHANDLED_EXIT_KIND = 336;
uint256 internal constant UNAUTHORIZED_EXIT = 337;
uint256 internal constant MAX_MANAGEMENT_SWAP_FEE_PERCENTAGE = 338;
uint256 internal constant UNHANDLED_BY_MANAGED_POOL = 339;
uint256 internal constant UNHANDLED_BY_PHANTOM_POOL = 340;
uint256 internal constant TOKEN_DOES_NOT_HAVE_RATE_PROVIDER = 341;
uint256 internal constant INVALID_INITIALIZATION = 342;
uint256 internal constant OUT_OF_NEW_TARGET_RANGE = 343;
uint256 internal constant UNAUTHORIZED_OPERATION = 344;
uint256 internal constant UNINITIALIZED_POOL_CONTROLLER = 345;
uint256 internal constant SET_SWAP_FEE_DURING_FEE_CHANGE = 346;
uint256 internal constant SET_SWAP_FEE_PENDING_FEE_CHANGE = 347;
uint256 internal constant CHANGE_TOKENS_DURING_WEIGHT_CHANGE = 348;
uint256 internal constant CHANGE_TOKENS_PENDING_WEIGHT_CHANGE = 349;
uint256 internal constant MAX_WEIGHT = 350;
uint256 internal constant UNAUTHORIZED_JOIN = 351;
uint256 internal constant MAX_MANAGEMENT_AUM_FEE_PERCENTAGE = 352;
// Lib
uint256 internal constant REENTRANCY = 400;
uint256 internal constant SENDER_NOT_ALLOWED = 401;
uint256 internal constant PAUSED = 402;
uint256 internal constant PAUSE_WINDOW_EXPIRED = 403;
uint256 internal constant MAX_PAUSE_WINDOW_DURATION = 404;
uint256 internal constant MAX_BUFFER_PERIOD_DURATION = 405;
uint256 internal constant INSUFFICIENT_BALANCE = 406;
uint256 internal constant INSUFFICIENT_ALLOWANCE = 407;
uint256 internal constant ERC20_TRANSFER_FROM_ZERO_ADDRESS = 408;
uint256 internal constant ERC20_TRANSFER_TO_ZERO_ADDRESS = 409;
uint256 internal constant ERC20_MINT_TO_ZERO_ADDRESS = 410;
uint256 internal constant ERC20_BURN_FROM_ZERO_ADDRESS = 411;
uint256 internal constant ERC20_APPROVE_FROM_ZERO_ADDRESS = 412;
uint256 internal constant ERC20_APPROVE_TO_ZERO_ADDRESS = 413;
uint256 internal constant ERC20_TRANSFER_EXCEEDS_ALLOWANCE = 414;
uint256 internal constant ERC20_DECREASED_ALLOWANCE_BELOW_ZERO = 415;
uint256 internal constant ERC20_TRANSFER_EXCEEDS_BALANCE = 416;
uint256 internal constant ERC20_BURN_EXCEEDS_ALLOWANCE = 417;
uint256 internal constant SAFE_ERC20_CALL_FAILED = 418;
uint256 internal constant ADDRESS_INSUFFICIENT_BALANCE = 419;
uint256 internal constant ADDRESS_CANNOT_SEND_VALUE = 420;
uint256 internal constant SAFE_CAST_VALUE_CANT_FIT_INT256 = 421;
uint256 internal constant GRANT_SENDER_NOT_ADMIN = 422;
uint256 internal constant REVOKE_SENDER_NOT_ADMIN = 423;
uint256 internal constant RENOUNCE_SENDER_NOT_ALLOWED = 424;
uint256 internal constant BUFFER_PERIOD_EXPIRED = 425;
uint256 internal constant CALLER_IS_NOT_OWNER = 426;
uint256 internal constant NEW_OWNER_IS_ZERO = 427;
uint256 internal constant CODE_DEPLOYMENT_FAILED = 428;
uint256 internal constant CALL_TO_NON_CONTRACT = 429;
uint256 internal constant LOW_LEVEL_CALL_FAILED = 430;
uint256 internal constant NOT_PAUSED = 431;
uint256 internal constant ADDRESS_ALREADY_ALLOWLISTED = 432;
uint256 internal constant ADDRESS_NOT_ALLOWLISTED = 433;
uint256 internal constant ERC20_BURN_EXCEEDS_BALANCE = 434;
uint256 internal constant INVALID_OPERATION = 435;
uint256 internal constant CODEC_OVERFLOW = 436;
uint256 internal constant IN_RECOVERY_MODE = 437;
uint256 internal constant NOT_IN_RECOVERY_MODE = 438;
// Vault
uint256 internal constant INVALID_POOL_ID = 500;
uint256 internal constant CALLER_NOT_POOL = 501;
uint256 internal constant SENDER_NOT_ASSET_MANAGER = 502;
uint256 internal constant USER_DOESNT_ALLOW_RELAYER = 503;
uint256 internal constant INVALID_SIGNATURE = 504;
uint256 internal constant EXIT_BELOW_MIN = 505;
uint256 internal constant JOIN_ABOVE_MAX = 506;
uint256 internal constant SWAP_LIMIT = 507;
uint256 internal constant SWAP_DEADLINE = 508;
uint256 internal constant CANNOT_SWAP_SAME_TOKEN = 509;
uint256 internal constant UNKNOWN_AMOUNT_IN_FIRST_SWAP = 510;
uint256 internal constant MALCONSTRUCTED_MULTIHOP_SWAP = 511;
uint256 internal constant INTERNAL_BALANCE_OVERFLOW = 512;
uint256 internal constant INSUFFICIENT_INTERNAL_BALANCE = 513;
uint256 internal constant INVALID_ETH_INTERNAL_BALANCE = 514;
uint256 internal constant INVALID_POST_LOAN_BALANCE = 515;
uint256 internal constant INSUFFICIENT_ETH = 516;
uint256 internal constant UNALLOCATED_ETH = 517;
uint256 internal constant ETH_TRANSFER = 518;
uint256 internal constant CANNOT_USE_ETH_SENTINEL = 519;
uint256 internal constant TOKENS_MISMATCH = 520;
uint256 internal constant TOKEN_NOT_REGISTERED = 521;
uint256 internal constant TOKEN_ALREADY_REGISTERED = 522;
uint256 internal constant TOKENS_ALREADY_SET = 523;
uint256 internal constant TOKENS_LENGTH_MUST_BE_2 = 524;
uint256 internal constant NONZERO_TOKEN_BALANCE = 525;
uint256 internal constant BALANCE_TOTAL_OVERFLOW = 526;
uint256 internal constant POOL_NO_TOKENS = 527;
uint256 internal constant INSUFFICIENT_FLASH_LOAN_BALANCE = 528;
// Fees
uint256 internal constant SWAP_FEE_PERCENTAGE_TOO_HIGH = 600;
uint256 internal constant FLASH_LOAN_FEE_PERCENTAGE_TOO_HIGH = 601;
uint256 internal constant INSUFFICIENT_FLASH_LOAN_FEE_AMOUNT = 602;
uint256 internal constant AUM_FEE_PERCENTAGE_TOO_HIGH = 603;
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol";
import "./LogExpMath.sol";
/* solhint-disable private-vars-leading-underscore */
library FixedPoint {
uint256 internal constant ONE = 1e18; // 18 decimal places
uint256 internal constant TWO = 2 * ONE;
uint256 internal constant FOUR = 4 * ONE;
uint256 internal constant MAX_POW_RELATIVE_ERROR = 10000; // 10^(-14)
// Minimum base for the power function when the exponent is 'free' (larger than ONE).
uint256 internal constant MIN_POW_BASE_FREE_EXPONENT = 0.7e18;
function add(uint256 a, uint256 b) internal pure returns (uint256) {
// Fixed Point addition is the same as regular checked addition
uint256 c = a + b;
_require(c >= a, Errors.ADD_OVERFLOW);
return c;
}
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
// Fixed Point addition is the same as regular checked addition
_require(b <= a, Errors.SUB_OVERFLOW);
uint256 c = a - b;
return c;
}
function mulDown(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 product = a * b;
_require(a == 0 || product / a == b, Errors.MUL_OVERFLOW);
return product / ONE;
}
function mulUp(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 product = a * b;
_require(a == 0 || product / a == b, Errors.MUL_OVERFLOW);
if (product == 0) {
return 0;
} else {
// The traditional divUp formula is:
// divUp(x, y) := (x + y - 1) / y
// To avoid intermediate overflow in the addition, we distribute the division and get:
// divUp(x, y) := (x - 1) / y + 1
// Note that this requires x != 0, which we already tested for.
return ((product - 1) / ONE) + 1;
}
}
function divDown(uint256 a, uint256 b) internal pure returns (uint256) {
_require(b != 0, Errors.ZERO_DIVISION);
if (a == 0) {
return 0;
} else {
uint256 aInflated = a * ONE;
_require(aInflated / a == ONE, Errors.DIV_INTERNAL); // mul overflow
return aInflated / b;
}
}
function divUp(uint256 a, uint256 b) internal pure returns (uint256) {
_require(b != 0, Errors.ZERO_DIVISION);
if (a == 0) {
return 0;
} else {
uint256 aInflated = a * ONE;
_require(aInflated / a == ONE, Errors.DIV_INTERNAL); // mul overflow
// The traditional divUp formula is:
// divUp(x, y) := (x + y - 1) / y
// To avoid intermediate overflow in the addition, we distribute the division and get:
// divUp(x, y) := (x - 1) / y + 1
// Note that this requires x != 0, which we already tested for.
return ((aInflated - 1) / b) + 1;
}
}
/**
* @dev Returns x^y, assuming both are fixed point numbers, rounding down. The result is guaranteed to not be above
* the true value (that is, the error function expected - actual is always positive).
*/
function powDown(uint256 x, uint256 y) internal pure returns (uint256) {
// Optimize for when y equals 1.0, 2.0 or 4.0, as those are very simple to implement and occur often in 50/50
// and 80/20 Weighted Pools
if (y == ONE) {
return x;
} else if (y == TWO) {
return mulDown(x, x);
} else if (y == FOUR) {
uint256 square = mulDown(x, x);
return mulDown(square, square);
} else {
uint256 raw = LogExpMath.pow(x, y);
uint256 maxError = add(mulUp(raw, MAX_POW_RELATIVE_ERROR), 1);
if (raw < maxError) {
return 0;
} else {
return sub(raw, maxError);
}
}
}
/**
* @dev Returns x^y, assuming both are fixed point numbers, rounding up. The result is guaranteed to not be below
* the true value (that is, the error function expected - actual is always negative).
*/
function powUp(uint256 x, uint256 y) internal pure returns (uint256) {
// Optimize for when y equals 1.0, 2.0 or 4.0, as those are very simple to implement and occur often in 50/50
// and 80/20 Weighted Pools
if (y == ONE) {
return x;
} else if (y == TWO) {
return mulUp(x, x);
} else if (y == FOUR) {
uint256 square = mulUp(x, x);
return mulUp(square, square);
} else {
uint256 raw = LogExpMath.pow(x, y);
uint256 maxError = add(mulUp(raw, MAX_POW_RELATIVE_ERROR), 1);
return add(raw, maxError);
}
}
/**
* @dev Returns the complement of a value (1 - x), capped to 0 if x is larger than 1.
*
* Useful when computing the complement for values with some level of relative error, as it strips this error and
* prevents intermediate negative values.
*/
function complement(uint256 x) internal pure returns (uint256) {
return (x < ONE) ? (ONE - x) : 0;
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "@balancer-labs/v2-solidity-utils/contracts/math/FixedPoint.sol";
import "@balancer-labs/v2-solidity-utils/contracts/math/Math.sol";
// These functions start with an underscore, as if they were part of a contract and not a library. At some point this
// should be fixed. Additionally, some variables have non mixed case names (e.g. P_D) that relate to the mathematical
// derivations.
// solhint-disable private-vars-leading-underscore, var-name-mixedcase
library StableMath {
using FixedPoint for uint256;
uint256 internal constant _MIN_AMP = 1;
uint256 internal constant _MAX_AMP = 5000;
uint256 internal constant _AMP_PRECISION = 1e3;
uint256 internal constant _MAX_STABLE_TOKENS = 5;
// Note on unchecked arithmetic:
// This contract performs a large number of additions, subtractions, multiplications and divisions, often inside
// loops. Since many of these operations are gas-sensitive (as they happen e.g. during a swap), it is important to
// not make any unnecessary checks. We rely on a set of invariants to avoid having to use checked arithmetic (the
// Math library), including:
// - the number of tokens is bounded by _MAX_STABLE_TOKENS
// - the amplification parameter is bounded by _MAX_AMP * _AMP_PRECISION, which fits in 23 bits
// - the token balances are bounded by 2^112 (guaranteed by the Vault) times 1e18 (the maximum scaling factor),
// which fits in 172 bits
//
// This means e.g. we can safely multiply a balance by the amplification parameter without worrying about overflow.
// About swap fees on joins and exits:
// Any join or exit that is not perfectly balanced (e.g. all single token joins or exits) is mathematically
// equivalent to a perfectly balanced join or exit followed by a series of swaps. Since these swaps would charge
// swap fees, it follows that (some) joins and exits should as well.
// On these operations, we split the token amounts in 'taxable' and 'non-taxable' portions, where the 'taxable' part
// is the one to which swap fees are applied.
// Computes the invariant given the current balances, using the Newton-Raphson approximation.
// The amplification parameter equals: A n^(n-1)
// See: https://github.com/curvefi/curve-contract/blob/b0bbf77f8f93c9c5f4e415bce9cd71f0cdee960e/contracts/pool-templates/base/SwapTemplateBase.vy#L206
// solhint-disable-previous-line max-line-length
function _calculateInvariant(uint256 amplificationParameter, uint256[] memory balances)
internal
pure
returns (uint256)
{
/**********************************************************************************************
// invariant //
// D = invariant D^(n+1) //
// A = amplification coefficient A n^n S + D = A D n^n + ----------- //
// S = sum of balances n^n P //
// P = product of balances //
// n = number of tokens //
**********************************************************************************************/
// Always round down, to match Vyper's arithmetic (which always truncates).
uint256 sum = 0; // S in the Curve version
uint256 numTokens = balances.length;
for (uint256 i = 0; i < numTokens; i++) {
sum = sum.add(balances[i]);
}
if (sum == 0) {
return 0;
}
uint256 prevInvariant; // Dprev in the Curve version
uint256 invariant = sum; // D in the Curve version
uint256 ampTimesTotal = amplificationParameter * numTokens; // Ann in the Curve version
for (uint256 i = 0; i < 255; i++) {
uint256 D_P = invariant;
for (uint256 j = 0; j < numTokens; j++) {
// (D_P * invariant) / (balances[j] * numTokens)
D_P = Math.divDown(Math.mul(D_P, invariant), Math.mul(balances[j], numTokens));
}
prevInvariant = invariant;
invariant = Math.divDown(
Math.mul(
// (ampTimesTotal * sum) / AMP_PRECISION + D_P * numTokens
(Math.divDown(Math.mul(ampTimesTotal, sum), _AMP_PRECISION).add(Math.mul(D_P, numTokens))),
invariant
),
// ((ampTimesTotal - _AMP_PRECISION) * invariant) / _AMP_PRECISION + (numTokens + 1) * D_P
(
Math.divDown(Math.mul((ampTimesTotal - _AMP_PRECISION), invariant), _AMP_PRECISION).add(
Math.mul((numTokens + 1), D_P)
)
)
);
if (invariant > prevInvariant) {
if (invariant - prevInvariant <= 1) {
return invariant;
}
} else if (prevInvariant - invariant <= 1) {
return invariant;
}
}
_revert(Errors.STABLE_INVARIANT_DIDNT_CONVERGE);
}
// Computes how many tokens can be taken out of a pool if `tokenAmountIn` are sent, given the current balances.
// The amplification parameter equals: A n^(n-1)
// The invariant should be rounded up.
function _calcOutGivenIn(
uint256 amplificationParameter,
uint256[] memory balances,
uint256 tokenIndexIn,
uint256 tokenIndexOut,
uint256 tokenAmountIn,
uint256 invariant
) internal pure returns (uint256) {
/**************************************************************************************************************
// outGivenIn token x for y - polynomial equation to solve //
// ay = amount out to calculate //
// by = balance token out //
// y = by - ay (finalBalanceOut) //
// D = invariant D D^(n+1) //
// A = amplification coefficient y^2 + ( S - ---------- - D) * y - ------------- = 0 //
// n = number of tokens (A * n^n) A * n^2n * P //
// S = sum of final balances but y //
// P = product of final balances but y //
**************************************************************************************************************/
// Amount out, so we round down overall.
balances[tokenIndexIn] = balances[tokenIndexIn].add(tokenAmountIn);
uint256 finalBalanceOut = _getTokenBalanceGivenInvariantAndAllOtherBalances(
amplificationParameter,
balances,
invariant,
tokenIndexOut
);
// No need to use checked arithmetic since `tokenAmountIn` was actually added to the same balance right before
// calling `_getTokenBalanceGivenInvariantAndAllOtherBalances` which doesn't alter the balances array.
balances[tokenIndexIn] = balances[tokenIndexIn] - tokenAmountIn;
return balances[tokenIndexOut].sub(finalBalanceOut).sub(1);
}
// Computes how many tokens must be sent to a pool if `tokenAmountOut` are sent given the
// current balances, using the Newton-Raphson approximation.
// The amplification parameter equals: A n^(n-1)
// The invariant should be rounded up.
function _calcInGivenOut(
uint256 amplificationParameter,
uint256[] memory balances,
uint256 tokenIndexIn,
uint256 tokenIndexOut,
uint256 tokenAmountOut,
uint256 invariant
) internal pure returns (uint256) {
/**************************************************************************************************************
// inGivenOut token x for y - polynomial equation to solve //
// ax = amount in to calculate //
// bx = balance token in //
// x = bx + ax (finalBalanceIn) //
// D = invariant D D^(n+1) //
// A = amplification coefficient x^2 + ( S - ---------- - D) * x - ------------- = 0 //
// n = number of tokens (A * n^n) A * n^2n * P //
// S = sum of final balances but x //
// P = product of final balances but x //
**************************************************************************************************************/
// Amount in, so we round up overall.
balances[tokenIndexOut] = balances[tokenIndexOut].sub(tokenAmountOut);
uint256 finalBalanceIn = _getTokenBalanceGivenInvariantAndAllOtherBalances(
amplificationParameter,
balances,
invariant,
tokenIndexIn
);
// No need to use checked arithmetic since `tokenAmountOut` was actually subtracted from the same balance right
// before calling `_getTokenBalanceGivenInvariantAndAllOtherBalances` which doesn't alter the balances array.
balances[tokenIndexOut] = balances[tokenIndexOut] + tokenAmountOut;
return finalBalanceIn.sub(balances[tokenIndexIn]).add(1);
}
function _calcBptOutGivenExactTokensIn(
uint256 amp,
uint256[] memory balances,
uint256[] memory amountsIn,
uint256 bptTotalSupply,
uint256 swapFeePercentage
) internal pure returns (uint256) {
// BPT out, so we round down overall.
// First loop calculates the sum of all token balances, which will be used to calculate
// the current weights of each token, relative to this sum
uint256 sumBalances = 0;
for (uint256 i = 0; i < balances.length; i++) {
sumBalances = sumBalances.add(balances[i]);
}
// Calculate the weighted balance ratio without considering fees
uint256[] memory balanceRatiosWithFee = new uint256[](amountsIn.length);
// The weighted sum of token balance ratios with fee
uint256 invariantRatioWithFees = 0;
for (uint256 i = 0; i < balances.length; i++) {
uint256 currentWeight = balances[i].divDown(sumBalances);
balanceRatiosWithFee[i] = balances[i].add(amountsIn[i]).divDown(balances[i]);
invariantRatioWithFees = invariantRatioWithFees.add(balanceRatiosWithFee[i].mulDown(currentWeight));
}
// Second loop calculates new amounts in, taking into account the fee on the percentage excess
uint256[] memory newBalances = new uint256[](balances.length);
for (uint256 i = 0; i < balances.length; i++) {
uint256 amountInWithoutFee;
// Check if the balance ratio is greater than the ideal ratio to charge fees or not
if (balanceRatiosWithFee[i] > invariantRatioWithFees) {
uint256 nonTaxableAmount = balances[i].mulDown(invariantRatioWithFees.sub(FixedPoint.ONE));
uint256 taxableAmount = amountsIn[i].sub(nonTaxableAmount);
// No need to use checked arithmetic for the swap fee, it is guaranteed to be lower than 50%
amountInWithoutFee = nonTaxableAmount.add(taxableAmount.mulDown(FixedPoint.ONE - swapFeePercentage));
} else {
amountInWithoutFee = amountsIn[i];
}
newBalances[i] = balances[i].add(amountInWithoutFee);
}
// Get current and new invariants, taking swap fees into account
uint256 currentInvariant = _calculateInvariant(amp, balances);
uint256 newInvariant = _calculateInvariant(amp, newBalances);
uint256 invariantRatio = newInvariant.divDown(currentInvariant);
// If the invariant didn't increase for any reason, we simply don't mint BPT
if (invariantRatio > FixedPoint.ONE) {
return bptTotalSupply.mulDown(invariantRatio - FixedPoint.ONE);
} else {
return 0;
}
}
function _calcTokenInGivenExactBptOut(
uint256 amp,
uint256[] memory balances,
uint256 tokenIndex,
uint256 bptAmountOut,
uint256 bptTotalSupply,
uint256 swapFeePercentage
) internal pure returns (uint256) {
// Token in, so we round up overall.
// Get the current invariant
uint256 currentInvariant = _calculateInvariant(amp, balances);
// Calculate new invariant
uint256 newInvariant = bptTotalSupply.add(bptAmountOut).divUp(bptTotalSupply).mulUp(currentInvariant);
// Calculate amount in without fee.
uint256 newBalanceTokenIndex = _getTokenBalanceGivenInvariantAndAllOtherBalances(
amp,
balances,
newInvariant,
tokenIndex
);
uint256 amountInWithoutFee = newBalanceTokenIndex.sub(balances[tokenIndex]);
// First calculate the sum of all token balances, which will be used to calculate
// the current weight of each token
uint256 sumBalances = 0;
for (uint256 i = 0; i < balances.length; i++) {
sumBalances = sumBalances.add(balances[i]);
}
// We can now compute how much extra balance is being deposited and used in virtual swaps, and charge swap fees
// accordingly.
uint256 currentWeight = balances[tokenIndex].divDown(sumBalances);
uint256 taxablePercentage = currentWeight.complement();
uint256 taxableAmount = amountInWithoutFee.mulUp(taxablePercentage);
uint256 nonTaxableAmount = amountInWithoutFee.sub(taxableAmount);
// No need to use checked arithmetic for the swap fee, it is guaranteed to be lower than 50%
return nonTaxableAmount.add(taxableAmount.divUp(FixedPoint.ONE - swapFeePercentage));
}
/*
Flow of calculations:
amountsTokenOut -> amountsOutProportional ->
amountOutPercentageExcess -> amountOutBeforeFee -> newInvariant -> amountBPTIn
*/
function _calcBptInGivenExactTokensOut(
uint256 amp,
uint256[] memory balances,
uint256[] memory amountsOut,
uint256 bptTotalSupply,
uint256 swapFeePercentage
) internal pure returns (uint256) {
// BPT in, so we round up overall.
// First loop calculates the sum of all token balances, which will be used to calculate
// the current weights of each token relative to this sum
uint256 sumBalances = 0;
for (uint256 i = 0; i < balances.length; i++) {
sumBalances = sumBalances.add(balances[i]);
}
// Calculate the weighted balance ratio without considering fees
uint256[] memory balanceRatiosWithoutFee = new uint256[](amountsOut.length);
uint256 invariantRatioWithoutFees = 0;
for (uint256 i = 0; i < balances.length; i++) {
uint256 currentWeight = balances[i].divUp(sumBalances);
balanceRatiosWithoutFee[i] = balances[i].sub(amountsOut[i]).divUp(balances[i]);
invariantRatioWithoutFees = invariantRatioWithoutFees.add(balanceRatiosWithoutFee[i].mulUp(currentWeight));
}
// Second loop calculates new amounts in, taking into account the fee on the percentage excess
uint256[] memory newBalances = new uint256[](balances.length);
for (uint256 i = 0; i < balances.length; i++) {
// Swap fees are typically charged on 'token in', but there is no 'token in' here, so we apply it to
// 'token out'. This results in slightly larger price impact.
uint256 amountOutWithFee;
if (invariantRatioWithoutFees > balanceRatiosWithoutFee[i]) {
uint256 nonTaxableAmount = balances[i].mulDown(invariantRatioWithoutFees.complement());
uint256 taxableAmount = amountsOut[i].sub(nonTaxableAmount);
// No need to use checked arithmetic for the swap fee, it is guaranteed to be lower than 50%
amountOutWithFee = nonTaxableAmount.add(taxableAmount.divUp(FixedPoint.ONE - swapFeePercentage));
} else {
amountOutWithFee = amountsOut[i];
}
newBalances[i] = balances[i].sub(amountOutWithFee);
}
// Get current and new invariants, taking into account swap fees
uint256 currentInvariant = _calculateInvariant(amp, balances);
uint256 newInvariant = _calculateInvariant(amp, newBalances);
uint256 invariantRatio = newInvariant.divDown(currentInvariant);
// return amountBPTIn
return bptTotalSupply.mulUp(invariantRatio.complement());
}
function _calcTokenOutGivenExactBptIn(
uint256 amp,
uint256[] memory balances,
uint256 tokenIndex,
uint256 bptAmountIn,
uint256 bptTotalSupply,
uint256 swapFeePercentage
) internal pure returns (uint256) {
// Token out, so we round down overall.
// Get the current and new invariants.
uint256 currentInvariant = _calculateInvariant(amp, balances);
uint256 newInvariant = bptTotalSupply.sub(bptAmountIn).divUp(bptTotalSupply).mulUp(currentInvariant);
// Calculate amount out without fee
uint256 newBalanceTokenIndex = _getTokenBalanceGivenInvariantAndAllOtherBalances(
amp,
balances,
newInvariant,
tokenIndex
);
uint256 amountOutWithoutFee = balances[tokenIndex].sub(newBalanceTokenIndex);
// First calculate the sum of all token balances, which will be used to calculate
// the current weight of each token
uint256 sumBalances = 0;
for (uint256 i = 0; i < balances.length; i++) {
sumBalances = sumBalances.add(balances[i]);
}
// We can now compute how much excess balance is being withdrawn as a result of the virtual swaps, which result
// in swap fees.
uint256 currentWeight = balances[tokenIndex].divDown(sumBalances);
uint256 taxablePercentage = currentWeight.complement();
// Swap fees are typically charged on 'token in', but there is no 'token in' here, so we apply it
// to 'token out'. This results in slightly larger price impact. Fees are rounded up.
uint256 taxableAmount = amountOutWithoutFee.mulUp(taxablePercentage);
uint256 nonTaxableAmount = amountOutWithoutFee.sub(taxableAmount);
// No need to use checked arithmetic for the swap fee, it is guaranteed to be lower than 50%
return nonTaxableAmount.add(taxableAmount.mulDown(FixedPoint.ONE - swapFeePercentage));
}
function _calcTokensOutGivenExactBptIn(
uint256[] memory balances,
uint256 bptAmountIn,
uint256 bptTotalSupply
) internal pure returns (uint256[] memory) {
/**********************************************************************************************
// exactBPTInForTokensOut //
// (per token) //
// aO = tokenAmountOut / bptIn \ //
// b = tokenBalance a0 = b * | --------------------- | //
// bptIn = bptAmountIn \ bptTotalSupply / //
// bpt = bptTotalSupply //
**********************************************************************************************/
// Since we're computing an amount out, we round down overall. This means rounding down on both the
// multiplication and division.
uint256 bptRatio = bptAmountIn.divDown(bptTotalSupply);
uint256[] memory amountsOut = new uint256[](balances.length);
for (uint256 i = 0; i < balances.length; i++) {
amountsOut[i] = balances[i].mulDown(bptRatio);
}
return amountsOut;
}
// The amplification parameter equals: A n^(n-1)
function _calcDueTokenProtocolSwapFeeAmount(
uint256 amplificationParameter,
uint256[] memory balances,
uint256 lastInvariant,
uint256 tokenIndex,
uint256 protocolSwapFeePercentage
) internal pure returns (uint256) {
/**************************************************************************************************************
// oneTokenSwapFee - polynomial equation to solve //
// af = fee amount to calculate in one token //
// bf = balance of fee token //
// f = bf - af (finalBalanceFeeToken) //
// D = old invariant D D^(n+1) //
// A = amplification coefficient f^2 + ( S - ---------- - D) * f - ------------- = 0 //
// n = number of tokens (A * n^n) A * n^2n * P //
// S = sum of final balances but f //
// P = product of final balances but f //
**************************************************************************************************************/
// Protocol swap fee amount, so we round down overall.
uint256 finalBalanceFeeToken = _getTokenBalanceGivenInvariantAndAllOtherBalances(
amplificationParameter,
balances,
lastInvariant,
tokenIndex
);
if (balances[tokenIndex] <= finalBalanceFeeToken) {
// This shouldn't happen outside of rounding errors, but have this safeguard nonetheless to prevent the Pool
// from entering a locked state in which joins and exits revert while computing accumulated swap fees.
return 0;
}
// Result is rounded down
uint256 accumulatedTokenSwapFees = balances[tokenIndex] - finalBalanceFeeToken;
return accumulatedTokenSwapFees.mulDown(protocolSwapFeePercentage);
}
// This function calculates the balance of a given token (tokenIndex)
// given all the other balances and the invariant
function _getTokenBalanceGivenInvariantAndAllOtherBalances(
uint256 amplificationParameter,
uint256[] memory balances,
uint256 invariant,
uint256 tokenIndex
) internal pure returns (uint256) {
// Rounds result up overall
uint256 ampTimesTotal = amplificationParameter * balances.length;
uint256 sum = balances[0];
uint256 P_D = balances[0] * balances.length;
for (uint256 j = 1; j < balances.length; j++) {
P_D = Math.divDown(Math.mul(Math.mul(P_D, balances[j]), balances.length), invariant);
sum = sum.add(balances[j]);
}
// No need to use safe math, based on the loop above `sum` is greater than or equal to `balances[tokenIndex]`
sum = sum - balances[tokenIndex];
uint256 inv2 = Math.mul(invariant, invariant);
// We remove the balance from c by multiplying it
uint256 c = Math.mul(
Math.mul(Math.divUp(inv2, Math.mul(ampTimesTotal, P_D)), _AMP_PRECISION),
balances[tokenIndex]
);
uint256 b = sum.add(Math.mul(Math.divDown(invariant, ampTimesTotal), _AMP_PRECISION));
// We iterate to find the balance
uint256 prevTokenBalance = 0;
// We multiply the first iteration outside the loop with the invariant to set the value of the
// initial approximation.
uint256 tokenBalance = Math.divUp(inv2.add(c), invariant.add(b));
for (uint256 i = 0; i < 255; i++) {
prevTokenBalance = tokenBalance;
tokenBalance = Math.divUp(
Math.mul(tokenBalance, tokenBalance).add(c),
Math.mul(tokenBalance, 2).add(b).sub(invariant)
);
if (tokenBalance > prevTokenBalance) {
if (tokenBalance - prevTokenBalance <= 1) {
return tokenBalance;
}
} else if (prevTokenBalance - tokenBalance <= 1) {
return tokenBalance;
}
}
_revert(Errors.STABLE_GET_BALANCE_DIDNT_CONVERGE);
}
function _getRate(
uint256[] memory balances,
uint256 amp,
uint256 supply
) internal pure returns (uint256) {
// When calculating the current BPT rate, we may not have paid the protocol fees, therefore
// the invariant should be smaller than its current value. Then, we round down overall.
uint256 invariant = _calculateInvariant(amp, balances);
return invariant.divDown(supply);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol";
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow checks.
* Adapted from OpenZeppelin's SafeMath library.
*/
library Math {
/**
* @dev Returns the absolute value of a signed integer.
*/
function abs(int256 a) internal pure returns (uint256) {
return a > 0 ? uint256(a) : uint256(-a);
}
/**
* @dev Returns the addition of two unsigned integers of 256 bits, reverting on overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
_require(c >= a, Errors.ADD_OVERFLOW);
return c;
}
/**
* @dev Returns the addition of two signed integers, reverting on overflow.
*/
function add(int256 a, int256 b) internal pure returns (int256) {
int256 c = a + b;
_require((b >= 0 && c >= a) || (b < 0 && c < a), Errors.ADD_OVERFLOW);
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers of 256 bits, reverting on overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
_require(b <= a, Errors.SUB_OVERFLOW);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the subtraction of two signed integers, reverting on overflow.
*/
function sub(int256 a, int256 b) internal pure returns (int256) {
int256 c = a - b;
_require((b >= 0 && c <= a) || (b < 0 && c > a), Errors.SUB_OVERFLOW);
return c;
}
/**
* @dev Returns the largest of two numbers of 256 bits.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a >= b ? a : b;
}
/**
* @dev Returns the smallest of two numbers of 256 bits.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a * b;
_require(a == 0 || c / a == b, Errors.MUL_OVERFLOW);
return c;
}
function div(
uint256 a,
uint256 b,
bool roundUp
) internal pure returns (uint256) {
return roundUp ? divUp(a, b) : divDown(a, b);
}
function divDown(uint256 a, uint256 b) internal pure returns (uint256) {
_require(b != 0, Errors.ZERO_DIVISION);
return a / b;
}
function divUp(uint256 a, uint256 b) internal pure returns (uint256) {
_require(b != 0, Errors.ZERO_DIVISION);
if (a == 0) {
return 0;
} else {
return 1 + (a - 1) / b;
}
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
interface IRateProvider {
/**
* @dev Returns an 18 decimal fixed point number that is the exchange rate of the token to some other underlying
* token. The meaning of this rate depends on the context.
*/
function getRate() external view returns (uint256);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "@balancer-labs/v2-interfaces/contracts/pool-stable/StablePoolUserData.sol";
import "@balancer-labs/v2-interfaces/contracts/pool-utils/IRateProvider.sol";
import "@balancer-labs/v2-solidity-utils/contracts/math/FixedPoint.sol";
import "@balancer-labs/v2-solidity-utils/contracts/helpers/InputHelpers.sol";
import "@balancer-labs/v2-solidity-utils/contracts/helpers/WordCodec.sol";
import "@balancer-labs/v2-pool-utils/contracts/BaseGeneralPool.sol";
import "@balancer-labs/v2-pool-utils/contracts/LegacyBaseMinimalSwapInfoPool.sol";
import "./StableMath.sol";
/**
* @notice Pool designed to hold tokens of similar value.
* @dev Stable Pools are designed specifically for assets that are expected to consistently trade at near parity,
* such as different varieties of stablecoins or synthetics. Stable Pools use Stable Math (based on StableSwap,
* popularized by Curve) which allows for significantly larger trades before encountering substantial price impact,
* vastly increasing capital efficiency for like-kind swaps.
*/
contract StablePool is BaseGeneralPool, LegacyBaseMinimalSwapInfoPool, IRateProvider {
using WordCodec for bytes32;
using FixedPoint for uint256;
using StablePoolUserData for bytes;
// This contract uses timestamps to slowly update its Amplification parameter over time. These changes must occur
// over a minimum time period much larger than the blocktime, making timestamp manipulation a non-issue.
// solhint-disable not-rely-on-time
// Amplification factor changes must happen over a minimum period of one day, and can at most divide or multiply the
// current value by 2 every day.
// WARNING: this only limits *a single* amplification change to have a maximum rate of change of twice the original
// value daily. It is possible to perform multiple amplification changes in sequence to increase this value more
// rapidly: for example, by doubling the value every day it can increase by a factor of 8 over three days (2^3).
uint256 private constant _MIN_UPDATE_TIME = 1 days;
uint256 private constant _MAX_AMP_UPDATE_DAILY_RATE = 2;
bytes32 private _packedAmplificationData;
event AmpUpdateStarted(uint256 startValue, uint256 endValue, uint256 startTime, uint256 endTime);
event AmpUpdateStopped(uint256 currentValue);
uint256 private immutable _totalTokens;
IERC20 internal immutable _token0;
IERC20 internal immutable _token1;
IERC20 internal immutable _token2;
IERC20 internal immutable _token3;
IERC20 internal immutable _token4;
// All token balances are normalized to behave as if the token had 18 decimals. We assume a token's decimals will
// not change throughout its lifetime, and store the corresponding scaling factor for each at construction time.
// These factors are always greater than or equal to one: tokens with more than 18 decimals are not supported.
uint256 internal immutable _scalingFactor0;
uint256 internal immutable _scalingFactor1;
uint256 internal immutable _scalingFactor2;
uint256 internal immutable _scalingFactor3;
uint256 internal immutable _scalingFactor4;
// To track how many tokens are owed to the Vault as protocol fees, we measure and store the value of the invariant
// after every join and exit. All invariant growth that happens between join and exit events is due to swap fees.
uint256 internal _lastInvariant;
// Because the invariant depends on the amplification parameter, and this value may change over time, we should only
// compare invariants that were computed using the same value. We therefore store it whenever we store
// _lastInvariant.
uint256 internal _lastInvariantAmp;
constructor(
IVault vault,
string memory name,
string memory symbol,
IERC20[] memory tokens,
uint256 amplificationParameter,
uint256 swapFeePercentage,
uint256 pauseWindowDuration,
uint256 bufferPeriodDuration,
address owner
)
LegacyBasePool(
vault,
// Because we're inheriting from both BaseGeneralPool and LegacyBaseMinimalSwapInfoPool we can choose any
// specialization setting. Since this Pool never registers or deregisters any tokens after construction,
// picking Two Token when the Pool only has two tokens is free gas savings.
tokens.length == 2 ? IVault.PoolSpecialization.TWO_TOKEN : IVault.PoolSpecialization.GENERAL,
name,
symbol,
tokens,
new address[](tokens.length),
swapFeePercentage,
pauseWindowDuration,
bufferPeriodDuration,
owner
)
{
_require(amplificationParameter >= StableMath._MIN_AMP, Errors.MIN_AMP);
_require(amplificationParameter <= StableMath._MAX_AMP, Errors.MAX_AMP);
uint256 totalTokens = tokens.length;
_totalTokens = totalTokens;
// Immutable variables cannot be initialized inside an if statement, so we must do conditional assignments
_token0 = tokens[0];
_token1 = tokens[1];
_token2 = totalTokens > 2 ? tokens[2] : IERC20(0);
_token3 = totalTokens > 3 ? tokens[3] : IERC20(0);
_token4 = totalTokens > 4 ? tokens[4] : IERC20(0);
_scalingFactor0 = _computeScalingFactor(tokens[0]);
_scalingFactor1 = _computeScalingFactor(tokens[1]);
_scalingFactor2 = totalTokens > 2 ? _computeScalingFactor(tokens[2]) : 0;
_scalingFactor3 = totalTokens > 3 ? _computeScalingFactor(tokens[3]) : 0;
_scalingFactor4 = totalTokens > 4 ? _computeScalingFactor(tokens[4]) : 0;
uint256 initialAmp = Math.mul(amplificationParameter, StableMath._AMP_PRECISION);
_setAmplificationData(initialAmp);
}
function getLastInvariant() external view returns (uint256 lastInvariant, uint256 lastInvariantAmp) {
lastInvariant = _lastInvariant;
lastInvariantAmp = _lastInvariantAmp;
}
// Base Pool handlers
// Swap - General Pool specialization (from BaseGeneralPool)
function _onSwapGivenIn(
SwapRequest memory swapRequest,
uint256[] memory balances,
uint256 indexIn,
uint256 indexOut
) internal virtual override whenNotPaused returns (uint256) {
(uint256 currentAmp, ) = _getAmplificationParameter();
uint256 invariant = StableMath._calculateInvariant(currentAmp, balances);
uint256 amountOut = StableMath._calcOutGivenIn(
currentAmp,
balances,
indexIn,
indexOut,
swapRequest.amount,
invariant
);
return amountOut;
}
function _onSwapGivenOut(
SwapRequest memory swapRequest,
uint256[] memory balances,
uint256 indexIn,
uint256 indexOut
) internal virtual override whenNotPaused returns (uint256) {
(uint256 currentAmp, ) = _getAmplificationParameter();
uint256 invariant = StableMath._calculateInvariant(currentAmp, balances);
uint256 amountIn = StableMath._calcInGivenOut(
currentAmp,
balances,
indexIn,
indexOut,
swapRequest.amount,
invariant
);
return amountIn;
}
// Swap - Two Token Pool specialization (from LegacyBaseMinimalSwapInfoPool)
function _onSwapGivenIn(
SwapRequest memory swapRequest,
uint256 balanceTokenIn,
uint256 balanceTokenOut
) internal virtual override returns (uint256) {
_require(_getTotalTokens() == 2, Errors.NOT_TWO_TOKENS);
(uint256[] memory balances, uint256 indexIn, uint256 indexOut) = _getSwapBalanceArrays(
swapRequest,
balanceTokenIn,
balanceTokenOut
);
return _onSwapGivenIn(swapRequest, balances, indexIn, indexOut);
}
function _onSwapGivenOut(
SwapRequest memory swapRequest,
uint256 balanceTokenIn,
uint256 balanceTokenOut
) internal virtual override returns (uint256) {
_require(_getTotalTokens() == 2, Errors.NOT_TWO_TOKENS);
(uint256[] memory balances, uint256 indexIn, uint256 indexOut) = _getSwapBalanceArrays(
swapRequest,
balanceTokenIn,
balanceTokenOut
);
return _onSwapGivenOut(swapRequest, balances, indexIn, indexOut);
}
function _getSwapBalanceArrays(
SwapRequest memory swapRequest,
uint256 balanceTokenIn,
uint256 balanceTokenOut
)
private
view
returns (
uint256[] memory balances,
uint256 indexIn,
uint256 indexOut
)
{
balances = new uint256[](2);
if (_isToken0(swapRequest.tokenIn)) {
indexIn = 0;
indexOut = 1;
balances[0] = balanceTokenIn;
balances[1] = balanceTokenOut;
} else {
// _token0 == swapRequest.tokenOut
indexOut = 0;
indexIn = 1;
balances[0] = balanceTokenOut;
balances[1] = balanceTokenIn;
}
}
// Initialize
function _onInitializePool(
bytes32,
address,
address,
uint256[] memory scalingFactors,
bytes memory userData
) internal virtual override returns (uint256, uint256[] memory) {
StablePoolUserData.JoinKind kind = userData.joinKind();
_require(kind == StablePoolUserData.JoinKind.INIT, Errors.UNINITIALIZED);
uint256[] memory amountsIn = userData.initialAmountsIn();
InputHelpers.ensureInputLengthMatch(amountsIn.length, _getTotalTokens());
_upscaleArray(amountsIn, scalingFactors);
(uint256 currentAmp, ) = _getAmplificationParameter();
uint256 invariantAfterJoin = StableMath._calculateInvariant(currentAmp, amountsIn);
// Set the initial BPT to the value of the invariant.
uint256 bptAmountOut = invariantAfterJoin;
_updateLastInvariant(invariantAfterJoin, currentAmp);
return (bptAmountOut, amountsIn);
}
// Join
function _onJoinPool(
bytes32,
address,
address,
uint256[] memory balances,
uint256,
uint256 protocolSwapFeePercentage,
uint256[] memory scalingFactors,
bytes memory userData
)
internal
virtual
override
returns (
uint256,
uint256[] memory,
uint256[] memory
)
{
// Due protocol swap fee amounts are computed by measuring the growth of the invariant between the previous join
// or exit event and now - the invariant's growth is due exclusively to swap fees. This avoids spending gas to
// calculate the fee amounts during each individual swap.
uint256[] memory dueProtocolFeeAmounts = _getDueProtocolFeeAmounts(balances, protocolSwapFeePercentage);
// Update current balances by subtracting the protocol fee amounts
_mutateAmounts(balances, dueProtocolFeeAmounts, FixedPoint.sub);
(uint256 bptAmountOut, uint256[] memory amountsIn) = _doJoin(balances, scalingFactors, userData);
// Update the invariant with the balances the Pool will have after the join, in order to compute the
// protocol swap fee amounts due in future joins and exits.
_updateInvariantAfterJoin(balances, amountsIn);
return (bptAmountOut, amountsIn, dueProtocolFeeAmounts);
}
function _doJoin(
uint256[] memory balances,
uint256[] memory scalingFactors,
bytes memory userData
) private view returns (uint256, uint256[] memory) {
StablePoolUserData.JoinKind kind = userData.joinKind();
if (kind == StablePoolUserData.JoinKind.EXACT_TOKENS_IN_FOR_BPT_OUT) {
return _joinExactTokensInForBPTOut(balances, scalingFactors, userData);
} else if (kind == StablePoolUserData.JoinKind.TOKEN_IN_FOR_EXACT_BPT_OUT) {
return _joinTokenInForExactBPTOut(balances, userData);
} else {
_revert(Errors.UNHANDLED_JOIN_KIND);
}
}
function _joinExactTokensInForBPTOut(
uint256[] memory balances,
uint256[] memory scalingFactors,
bytes memory userData
) private view returns (uint256, uint256[] memory) {
(uint256[] memory amountsIn, uint256 minBPTAmountOut) = userData.exactTokensInForBptOut();
InputHelpers.ensureInputLengthMatch(_getTotalTokens(), amountsIn.length);
_upscaleArray(amountsIn, scalingFactors);
(uint256 currentAmp, ) = _getAmplificationParameter();
uint256 bptAmountOut = StableMath._calcBptOutGivenExactTokensIn(
currentAmp,
balances,
amountsIn,
totalSupply(),
getSwapFeePercentage()
);
_require(bptAmountOut >= minBPTAmountOut, Errors.BPT_OUT_MIN_AMOUNT);
return (bptAmountOut, amountsIn);
}
function _joinTokenInForExactBPTOut(uint256[] memory balances, bytes memory userData)
private
view
returns (uint256, uint256[] memory)
{
(uint256 bptAmountOut, uint256 tokenIndex) = userData.tokenInForExactBptOut();
// Note that there is no maximum amountIn parameter: this is handled by `IVault.joinPool`.
_require(tokenIndex < _getTotalTokens(), Errors.OUT_OF_BOUNDS);
uint256[] memory amountsIn = new uint256[](_getTotalTokens());
(uint256 currentAmp, ) = _getAmplificationParameter();
amountsIn[tokenIndex] = StableMath._calcTokenInGivenExactBptOut(
currentAmp,
balances,
tokenIndex,
bptAmountOut,
totalSupply(),
getSwapFeePercentage()
);
return (bptAmountOut, amountsIn);
}
// Exit
function _onExitPool(
bytes32,
address,
address,
uint256[] memory balances,
uint256,
uint256 protocolSwapFeePercentage,
uint256[] memory scalingFactors,
bytes memory userData
)
internal
virtual
override
returns (
uint256 bptAmountIn,
uint256[] memory amountsOut,
uint256[] memory dueProtocolFeeAmounts
)
{
// Due protocol swap fee amounts are computed by measuring the growth of the invariant between the previous
// join or exit event and now - the invariant's growth is due exclusively to swap fees. This avoids
// spending gas calculating fee amounts during each individual swap
dueProtocolFeeAmounts = _getDueProtocolFeeAmounts(balances, protocolSwapFeePercentage);
// Update current balances by subtracting the protocol fee amounts
_mutateAmounts(balances, dueProtocolFeeAmounts, FixedPoint.sub);
(bptAmountIn, amountsOut) = _doExit(balances, scalingFactors, userData);
// Update the invariant with the balances the Pool will have after the exit, in order to compute the
// protocol swap fee amounts due in future joins and exits.
// Note that this is not done on recovery mode exits, but that is fine as the pool pays no protocol
// fees anyway while recovery mode is active.
_updateInvariantAfterExit(balances, amountsOut);
return (bptAmountIn, amountsOut, dueProtocolFeeAmounts);
}
function _doExit(
uint256[] memory balances,
uint256[] memory scalingFactors,
bytes memory userData
) private view returns (uint256, uint256[] memory) {
StablePoolUserData.ExitKind kind = userData.exitKind();
if (kind == StablePoolUserData.ExitKind.EXACT_BPT_IN_FOR_ONE_TOKEN_OUT) {
return _exitExactBPTInForTokenOut(balances, userData);
} else if (kind == StablePoolUserData.ExitKind.EXACT_BPT_IN_FOR_TOKENS_OUT) {
return _exitExactBPTInForTokensOut(balances, userData);
} else if (kind == StablePoolUserData.ExitKind.BPT_IN_FOR_EXACT_TOKENS_OUT) {
return _exitBPTInForExactTokensOut(balances, scalingFactors, userData);
} else {
_revert(Errors.UNHANDLED_EXIT_KIND);
}
}
function _exitExactBPTInForTokenOut(uint256[] memory balances, bytes memory userData)
private
view
returns (uint256, uint256[] memory)
{
(uint256 bptAmountIn, uint256 tokenIndex) = userData.exactBptInForTokenOut();
// Note that there is no minimum amountOut parameter: this is handled by `IVault.exitPool`.
_require(tokenIndex < _getTotalTokens(), Errors.OUT_OF_BOUNDS);
// We exit in a single token, so initialize amountsOut with zeros
uint256[] memory amountsOut = new uint256[](_getTotalTokens());
// And then assign the result to the selected token
(uint256 currentAmp, ) = _getAmplificationParameter();
amountsOut[tokenIndex] = StableMath._calcTokenOutGivenExactBptIn(
currentAmp,
balances,
tokenIndex,
bptAmountIn,
totalSupply(),
getSwapFeePercentage()
);
return (bptAmountIn, amountsOut);
}
function _exitExactBPTInForTokensOut(uint256[] memory balances, bytes memory userData)
private
view
returns (uint256, uint256[] memory)
{
uint256 bptAmountIn = userData.exactBptInForTokensOut();
// Note that there is no minimum amountOut parameter: this is handled by `IVault.exitPool`.
uint256[] memory amountsOut = StableMath._calcTokensOutGivenExactBptIn(balances, bptAmountIn, totalSupply());
return (bptAmountIn, amountsOut);
}
function _exitBPTInForExactTokensOut(
uint256[] memory balances,
uint256[] memory scalingFactors,
bytes memory userData
) private view returns (uint256, uint256[] memory) {
(uint256[] memory amountsOut, uint256 maxBPTAmountIn) = userData.bptInForExactTokensOut();
InputHelpers.ensureInputLengthMatch(amountsOut.length, _getTotalTokens());
_upscaleArray(amountsOut, scalingFactors);
(uint256 currentAmp, ) = _getAmplificationParameter();
uint256 bptAmountIn = StableMath._calcBptInGivenExactTokensOut(
currentAmp,
balances,
amountsOut,
totalSupply(),
getSwapFeePercentage()
);
_require(bptAmountIn <= maxBPTAmountIn, Errors.BPT_IN_MAX_AMOUNT);
return (bptAmountIn, amountsOut);
}
function _setRecoveryMode(bool enabled) internal virtual override {
super._setRecoveryMode(enabled);
// Enabling recovery mode disables payment of protocol fees, forfeiting any fees accumulated between
// the last join or exit before activating recovery mode, and it being disabled.
// We therefore reset the 'last invariant' when disabling recovery mode (something that is otherwise only done
// after joins and exits) to clear any outstanding fees, as if a join or exit had just taken place
// and fees had been paid out.
if (!enabled) {
(, uint256[] memory balances, ) = getVault().getPoolTokens(getPoolId());
_upscaleArray(balances, _scalingFactors());
(uint256 currentAmp, ) = _getAmplificationParameter();
_updateLastInvariant(StableMath._calculateInvariant(currentAmp, balances), currentAmp);
}
}
// Helpers
/**
* @dev Stores the last measured invariant, and the amplification parameter used to compute it.
*/
function _updateLastInvariant(uint256 invariant, uint256 amplificationParameter) internal {
_lastInvariant = invariant;
_lastInvariantAmp = amplificationParameter;
}
/**
* @dev Returns the amount of protocol fees to pay, given the value of the last stored invariant and the current
* balances.
*/
function _getDueProtocolFeeAmounts(uint256[] memory balances, uint256 protocolSwapFeePercentage)
private
view
returns (uint256[] memory)
{
// Initialize with zeros
uint256[] memory dueProtocolFeeAmounts = new uint256[](_getTotalTokens());
// Early return if the protocol swap fee percentage is zero, saving gas.
if (protocolSwapFeePercentage == 0) {
return dueProtocolFeeAmounts;
}
// Instead of paying the protocol swap fee in all tokens proportionally, we will pay it in a single one. This
// will reduce gas costs for single asset joins and exits, as at most only two Pool balances will change (the
// token joined/exited, and the token in which fees will be paid).
// The protocol fee is charged using the token with the highest balance in the pool.
uint256 chosenTokenIndex = 0;
uint256 maxBalance = balances[0];
for (uint256 i = 1; i < _getTotalTokens(); ++i) {
uint256 currentBalance = balances[i];
if (currentBalance > maxBalance) {
chosenTokenIndex = i;
maxBalance = currentBalance;
}
}
// Set the fee amount to pay in the selected token
dueProtocolFeeAmounts[chosenTokenIndex] = StableMath._calcDueTokenProtocolSwapFeeAmount(
_lastInvariantAmp,
balances,
_lastInvariant,
chosenTokenIndex,
protocolSwapFeePercentage
);
return dueProtocolFeeAmounts;
}
/**
* @dev Computes and stores the value of the invariant after a join, which is required to compute due protocol fees
* in the future.
*/
function _updateInvariantAfterJoin(uint256[] memory balances, uint256[] memory amountsIn) private {
_mutateAmounts(balances, amountsIn, FixedPoint.add);
(uint256 currentAmp, ) = _getAmplificationParameter();
// This invariant is used only to compute the final balance when calculating the protocol fees. These are
// rounded down, so we round the invariant up.
_updateLastInvariant(StableMath._calculateInvariant(currentAmp, balances), currentAmp);
}
/**
* @dev Computes and stores the value of the invariant after an exit, which is required to compute due protocol fees
* in the future.
*/
function _updateInvariantAfterExit(uint256[] memory balances, uint256[] memory amountsOut) private {
_mutateAmounts(balances, amountsOut, FixedPoint.sub);
(uint256 currentAmp, ) = _getAmplificationParameter();
// This invariant is used only to compute the final balance when calculating the protocol fees. These are
// rounded down, so we round the invariant up.
_updateLastInvariant(StableMath._calculateInvariant(currentAmp, balances), currentAmp);
}
/**
* @dev Mutates `amounts` by applying `mutation` with each entry in `arguments`.
*
* Equivalent to `amounts = amounts.map(mutation)`.
*/
function _mutateAmounts(
uint256[] memory toMutate,
uint256[] memory arguments,
function(uint256, uint256) pure returns (uint256) mutation
) private view {
for (uint256 i = 0; i < _getTotalTokens(); ++i) {
toMutate[i] = mutation(toMutate[i], arguments[i]);
}
}
/**
* @dev This function returns the appreciation of one BPT relative to the
* underlying tokens. This starts at 1 when the pool is created and grows over time
*/
function getRate() public view virtual override returns (uint256) {
(, uint256[] memory balances, ) = getVault().getPoolTokens(getPoolId());
_upscaleArray(balances, _scalingFactors());
(uint256 currentAmp, ) = _getAmplificationParameter();
return StableMath._getRate(balances, currentAmp, totalSupply());
}
// Amplification
/**
* @dev Begins changing the amplification parameter to `rawEndValue` over time. The value will change linearly until
* `endTime` is reached, when it will be `rawEndValue`.
*
* NOTE: Internally, the amplification parameter is represented using higher precision. The values returned by
* `getAmplificationParameter` have to be corrected to account for this when comparing to `rawEndValue`.
*/
function startAmplificationParameterUpdate(uint256 rawEndValue, uint256 endTime) external authenticate {
_require(rawEndValue >= StableMath._MIN_AMP, Errors.MIN_AMP);
_require(rawEndValue <= StableMath._MAX_AMP, Errors.MAX_AMP);
uint256 duration = Math.sub(endTime, block.timestamp);
_require(duration >= _MIN_UPDATE_TIME, Errors.AMP_END_TIME_TOO_CLOSE);
(uint256 currentValue, bool isUpdating) = _getAmplificationParameter();
_require(!isUpdating, Errors.AMP_ONGOING_UPDATE);
uint256 endValue = Math.mul(rawEndValue, StableMath._AMP_PRECISION);
// daily rate = (endValue / currentValue) / duration * 1 day
// We perform all multiplications first to not reduce precision, and round the division up as we want to avoid
// large rates. Note that these are regular integer multiplications and divisions, not fixed point.
uint256 dailyRate = endValue > currentValue
? Math.divUp(Math.mul(1 days, endValue), Math.mul(currentValue, duration))
: Math.divUp(Math.mul(1 days, currentValue), Math.mul(endValue, duration));
_require(dailyRate <= _MAX_AMP_UPDATE_DAILY_RATE, Errors.AMP_RATE_TOO_HIGH);
_setAmplificationData(currentValue, endValue, block.timestamp, endTime);
}
/**
* @dev Stops the amplification parameter change process, keeping the current value.
*/
function stopAmplificationParameterUpdate() external authenticate {
(uint256 currentValue, bool isUpdating) = _getAmplificationParameter();
_require(isUpdating, Errors.AMP_NO_ONGOING_UPDATE);
_setAmplificationData(currentValue);
}
function _isOwnerOnlyAction(bytes32 actionId) internal view virtual override returns (bool) {
return
(actionId == getActionId(StablePool.startAmplificationParameterUpdate.selector)) ||
(actionId == getActionId(StablePool.stopAmplificationParameterUpdate.selector)) ||
super._isOwnerOnlyAction(actionId);
}
function getAmplificationParameter()
external
view
returns (
uint256 value,
bool isUpdating,
uint256 precision
)
{
(value, isUpdating) = _getAmplificationParameter();
precision = StableMath._AMP_PRECISION;
}
function _getAmplificationParameter() internal view returns (uint256 value, bool isUpdating) {
(uint256 startValue, uint256 endValue, uint256 startTime, uint256 endTime) = _getAmplificationData();
// Note that block.timestamp >= startTime, since startTime is set to the current time when an update starts
if (block.timestamp < endTime) {
isUpdating = true;
// We can skip checked arithmetic as:
// - block.timestamp is always larger or equal to startTime
// - endTime is always larger than startTime
// - the value delta is bounded by the largest amplification parameter, which never causes the
// multiplication to overflow.
// This also means that the following computation will never revert nor yield invalid results.
if (endValue > startValue) {
value = startValue + ((endValue - startValue) * (block.timestamp - startTime)) / (endTime - startTime);
} else {
value = startValue - ((startValue - endValue) * (block.timestamp - startTime)) / (endTime - startTime);
}
} else {
isUpdating = false;
value = endValue;
}
}
function _getMaxTokens() internal pure override returns (uint256) {
return StableMath._MAX_STABLE_TOKENS;
}
function _getTotalTokens() internal view virtual override returns (uint256) {
return _totalTokens;
}
function _scalingFactor(IERC20 token) internal view virtual override returns (uint256) {
// prettier-ignore
if (_isToken0(token)) { return _getScalingFactor0(); }
else if (_isToken1(token)) { return _getScalingFactor1(); }
else if (token == _token2) { return _getScalingFactor2(); }
else if (token == _token3) { return _getScalingFactor3(); }
else if (token == _token4) { return _getScalingFactor4(); }
else {
_revert(Errors.INVALID_TOKEN);
}
}
function _scalingFactors() internal view virtual override returns (uint256[] memory) {
uint256 totalTokens = _getTotalTokens();
uint256[] memory scalingFactors = new uint256[](totalTokens);
// prettier-ignore
{
scalingFactors[0] = _getScalingFactor0();
scalingFactors[1] = _getScalingFactor1();
if (totalTokens > 2) { scalingFactors[2] = _getScalingFactor2(); } else { return scalingFactors; }
if (totalTokens > 3) { scalingFactors[3] = _getScalingFactor3(); } else { return scalingFactors; }
if (totalTokens > 4) { scalingFactors[4] = _getScalingFactor4(); } else { return scalingFactors; }
}
return scalingFactors;
}
function _setAmplificationData(uint256 value) private {
_storeAmplificationData(value, value, block.timestamp, block.timestamp);
emit AmpUpdateStopped(value);
}
function _setAmplificationData(
uint256 startValue,
uint256 endValue,
uint256 startTime,
uint256 endTime
) private {
_storeAmplificationData(startValue, endValue, startTime, endTime);
emit AmpUpdateStarted(startValue, endValue, startTime, endTime);
}
function _storeAmplificationData(
uint256 startValue,
uint256 endValue,
uint256 startTime,
uint256 endTime
) private {
_packedAmplificationData =
WordCodec.encodeUint(startValue, 0, 64) |
WordCodec.encodeUint(endValue, 64, 64) |
WordCodec.encodeUint(startTime, 64 * 2, 64) |
WordCodec.encodeUint(endTime, 64 * 3, 64);
}
function _getAmplificationData()
private
view
returns (
uint256 startValue,
uint256 endValue,
uint256 startTime,
uint256 endTime
)
{
startValue = _packedAmplificationData.decodeUint(0, 64);
endValue = _packedAmplificationData.decodeUint(64, 64);
startTime = _packedAmplificationData.decodeUint(64 * 2, 64);
endTime = _packedAmplificationData.decodeUint(64 * 3, 64);
}
function _isToken0(IERC20 token) internal view returns (bool) {
return token == _token0;
}
function _isToken1(IERC20 token) internal view returns (bool) {
return token == _token1;
}
function _getScalingFactor0() internal view returns (uint256) {
return _scalingFactor0;
}
function _getScalingFactor1() internal view returns (uint256) {
return _scalingFactor1;
}
function _getScalingFactor2() internal view returns (uint256) {
return _scalingFactor2;
}
function _getScalingFactor3() internal view returns (uint256) {
return _scalingFactor3;
}
function _getScalingFactor4() internal view returns (uint256) {
return _scalingFactor4;
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol";
import "../math/Math.sol";
/**
* @dev Library for encoding and decoding values stored inside a 256 bit word. Typically used to pack multiple values in
* a single storage slot, saving gas by performing less storage accesses.
*
* Each value is defined by its size and the least significant bit in the word, also known as offset. For example, two
* 128 bit values may be encoded in a word by assigning one an offset of 0, and the other an offset of 128.
*
* We could use Solidity structs to pack values together in a single storage slot instead of relying on a custom and
* error-prone library, but unfortunately Solidity only allows for structs to live in either storage, calldata or
* memory. Because a memory struct uses not just memory but also a slot in the stack (to store its memory location),
* using memory for word-sized values (i.e. of 256 bits or less) is strictly less gas performant, and doesn't even
* prevent stack-too-deep issues. This is compounded by the fact that Balancer contracts typically are memory-intensive,
* and the cost of accesing memory increases quadratically with the number of allocated words. Manual packing and
* unpacking is therefore the preferred approach.
*/
library WordCodec {
// Masks are values with the least significant N bits set. They can be used to extract an encoded value from a word,
// or to insert a new one replacing the old.
uint256 private constant _MASK_1 = 2**(1) - 1;
uint256 private constant _MASK_192 = 2**(192) - 1;
// In-place insertion
/**
* @dev Inserts an unsigned integer of bitLength, shifted by an offset, into a 256 bit word,
* replacing the old value. Returns the new word.
*/
function insertUint(
bytes32 word,
uint256 value,
uint256 offset,
uint256 bitLength
) internal pure returns (bytes32) {
_validateEncodingParams(value, offset, bitLength);
uint256 mask = (1 << bitLength) - 1;
bytes32 clearedWord = bytes32(uint256(word) & ~(mask << offset));
return clearedWord | bytes32(value << offset);
}
/**
* @dev Inserts a signed integer shifted by an offset into a 256 bit word, replacing the old value. Returns
* the new word.
*
* Assumes `value` can be represented using `bitLength` bits.
*/
function insertInt(
bytes32 word,
int256 value,
uint256 offset,
uint256 bitLength
) internal pure returns (bytes32) {
_validateEncodingParams(value, offset, bitLength);
uint256 mask = (1 << bitLength) - 1;
bytes32 clearedWord = bytes32(uint256(word) & ~(mask << offset));
// Integer values need masking to remove the upper bits of negative values.
return clearedWord | bytes32((uint256(value) & mask) << offset);
}
// Encoding
/**
* @dev Encodes an unsigned integer shifted by an offset. Ensures value fits within
* `bitLength` bits.
*
* The return value can be logically ORed with other encoded values to form a 256 bit word.
*/
function encodeUint(
uint256 value,
uint256 offset,
uint256 bitLength
) internal pure returns (bytes32) {
_validateEncodingParams(value, offset, bitLength);
return bytes32(value << offset);
}
/**
* @dev Encodes a signed integer shifted by an offset.
*
* The return value can be logically ORed with other encoded values to form a 256 bit word.
*/
function encodeInt(
int256 value,
uint256 offset,
uint256 bitLength
) internal pure returns (bytes32) {
_validateEncodingParams(value, offset, bitLength);
uint256 mask = (1 << bitLength) - 1;
// Integer values need masking to remove the upper bits of negative values.
return bytes32((uint256(value) & mask) << offset);
}
// Decoding
/**
* @dev Decodes and returns an unsigned integer with `bitLength` bits, shifted by an offset, from a 256 bit word.
*/
function decodeUint(
bytes32 word,
uint256 offset,
uint256 bitLength
) internal pure returns (uint256) {
return uint256(word >> offset) & ((1 << bitLength) - 1);
}
/**
* @dev Decodes and returns a signed integer with `bitLength` bits, shifted by an offset, from a 256 bit word.
*/
function decodeInt(
bytes32 word,
uint256 offset,
uint256 bitLength
) internal pure returns (int256) {
int256 maxInt = int256((1 << (bitLength - 1)) - 1);
uint256 mask = (1 << bitLength) - 1;
int256 value = int256(uint256(word >> offset) & mask);
// In case the decoded value is greater than the max positive integer that can be represented with bitLength
// bits, we know it was originally a negative integer. Therefore, we mask it to restore the sign in the 256 bit
// representation.
return value > maxInt ? (value | int256(~mask)) : value;
}
// Special cases
/**
* @dev Decodes and returns a boolean shifted by an offset from a 256 bit word.
*/
function decodeBool(bytes32 word, uint256 offset) internal pure returns (bool) {
return (uint256(word >> offset) & _MASK_1) == 1;
}
/**
* @dev Inserts a 192 bit value shifted by an offset into a 256 bit word, replacing the old value.
* Returns the new word.
*
* Assumes `value` can be represented using 192 bits.
*/
function insertBits192(
bytes32 word,
bytes32 value,
uint256 offset
) internal pure returns (bytes32) {
bytes32 clearedWord = bytes32(uint256(word) & ~(_MASK_192 << offset));
return clearedWord | bytes32((uint256(value) & _MASK_192) << offset);
}
/**
* @dev Inserts a boolean value shifted by an offset into a 256 bit word, replacing the old value. Returns the new
* word.
*/
function insertBool(
bytes32 word,
bool value,
uint256 offset
) internal pure returns (bytes32) {
bytes32 clearedWord = bytes32(uint256(word) & ~(_MASK_1 << offset));
return clearedWord | bytes32(uint256(value ? 1 : 0) << offset);
}
// Helpers
function _validateEncodingParams(
uint256 value,
uint256 offset,
uint256 bitLength
) private pure {
_require(offset < 256, Errors.OUT_OF_BOUNDS);
// We never accept 256 bit values (which would make the codec pointless), and the larger the offset the smaller
// the maximum bit length.
_require(bitLength >= 1 && bitLength <= Math.min(255, 256 - offset), Errors.OUT_OF_BOUNDS);
// Testing unsigned values for size is straightforward: their upper bits must be cleared.
_require(value >> bitLength == 0, Errors.CODEC_OVERFLOW);
}
function _validateEncodingParams(
int256 value,
uint256 offset,
uint256 bitLength
) private pure {
_require(offset < 256, Errors.OUT_OF_BOUNDS);
// We never accept 256 bit values (which would make the codec pointless), and the larger the offset the smaller
// the maximum bit length.
_require(bitLength >= 1 && bitLength <= Math.min(255, 256 - offset), Errors.OUT_OF_BOUNDS);
// Testing signed values for size is a bit more involved.
if (value >= 0) {
// For positive values, we can simply check that the upper bits are clear. Notice we remove one bit from the
// length for the sign bit.
_require(value >> (bitLength - 1) == 0, Errors.CODEC_OVERFLOW);
} else {
// Negative values can receive the same treatment by making them positive, with the caveat that the range
// for negative values in two's complement supports one more value than for the positive case.
_require(Math.abs(value + 1) >> (bitLength - 1) == 0, Errors.CODEC_OVERFLOW);
}
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "../solidity-utils/openzeppelin/IERC20.sol";
library StablePoolUserData {
// In order to preserve backwards compatibility, make sure new join and exit kinds are added at the end of the enum.
enum JoinKind { INIT, EXACT_TOKENS_IN_FOR_BPT_OUT, TOKEN_IN_FOR_EXACT_BPT_OUT }
enum ExitKind { EXACT_BPT_IN_FOR_ONE_TOKEN_OUT, EXACT_BPT_IN_FOR_TOKENS_OUT, BPT_IN_FOR_EXACT_TOKENS_OUT }
function joinKind(bytes memory self) internal pure returns (JoinKind) {
return abi.decode(self, (JoinKind));
}
function exitKind(bytes memory self) internal pure returns (ExitKind) {
return abi.decode(self, (ExitKind));
}
// Joins
function initialAmountsIn(bytes memory self) internal pure returns (uint256[] memory amountsIn) {
(, amountsIn) = abi.decode(self, (JoinKind, uint256[]));
}
function exactTokensInForBptOut(bytes memory self)
internal
pure
returns (uint256[] memory amountsIn, uint256 minBPTAmountOut)
{
(, amountsIn, minBPTAmountOut) = abi.decode(self, (JoinKind, uint256[], uint256));
}
function tokenInForExactBptOut(bytes memory self) internal pure returns (uint256 bptAmountOut, uint256 tokenIndex) {
(, bptAmountOut, tokenIndex) = abi.decode(self, (JoinKind, uint256, uint256));
}
// Exits
function exactBptInForTokenOut(bytes memory self) internal pure returns (uint256 bptAmountIn, uint256 tokenIndex) {
(, bptAmountIn, tokenIndex) = abi.decode(self, (ExitKind, uint256, uint256));
}
function exactBptInForTokensOut(bytes memory self) internal pure returns (uint256 bptAmountIn) {
(, bptAmountIn) = abi.decode(self, (ExitKind, uint256));
}
function bptInForExactTokensOut(bytes memory self)
internal
pure
returns (uint256[] memory amountsOut, uint256 maxBPTAmountIn)
{
(, amountsOut, maxBPTAmountIn) = abi.decode(self, (ExitKind, uint256[], uint256));
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC20.sol";
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol";
library InputHelpers {
function ensureInputLengthMatch(uint256 a, uint256 b) internal pure {
_require(a == b, Errors.INPUT_LENGTH_MISMATCH);
}
function ensureInputLengthMatch(
uint256 a,
uint256 b,
uint256 c
) internal pure {
_require(a == b && b == c, Errors.INPUT_LENGTH_MISMATCH);
}
function ensureArrayIsSorted(IERC20[] memory array) internal pure {
address[] memory addressArray;
// solhint-disable-next-line no-inline-assembly
assembly {
addressArray := array
}
ensureArrayIsSorted(addressArray);
}
function ensureArrayIsSorted(address[] memory array) internal pure {
if (array.length < 2) {
return;
}
address previous = array[0];
for (uint256 i = 1; i < array.length; ++i) {
address current = array[i];
_require(previous < current, Errors.UNSORTED_ARRAY);
previous = current;
}
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "@balancer-labs/v2-interfaces/contracts/vault/IGeneralPool.sol";
import "./LegacyBasePool.sol";
/**
* @dev Extension of `BasePool`, adding a handler for `IGeneralPool.onSwap`.
*
* Derived contracts must call `BasePool`'s constructor, and implement `_onSwapGivenIn` and `_onSwapGivenOut` along with
* `BasePool`'s virtual functions. Inheriting from this contract lets derived contracts choose the General
* specialization setting.
*/
abstract contract BaseGeneralPool is IGeneralPool, LegacyBasePool {
// Swap Hooks
function onSwap(
SwapRequest memory swapRequest,
uint256[] memory balances,
uint256 indexIn,
uint256 indexOut
) public virtual override onlyVault(swapRequest.poolId) returns (uint256) {
_validateIndexes(indexIn, indexOut, _getTotalTokens());
uint256[] memory scalingFactors = _scalingFactors();
return
swapRequest.kind == IVault.SwapKind.GIVEN_IN
? _swapGivenIn(swapRequest, balances, indexIn, indexOut, scalingFactors)
: _swapGivenOut(swapRequest, balances, indexIn, indexOut, scalingFactors);
}
function _swapGivenIn(
SwapRequest memory swapRequest,
uint256[] memory balances,
uint256 indexIn,
uint256 indexOut,
uint256[] memory scalingFactors
) internal returns (uint256) {
// Fees are subtracted before scaling, to reduce the complexity of the rounding direction analysis.
swapRequest.amount = _subtractSwapFeeAmount(swapRequest.amount);
_upscaleArray(balances, scalingFactors);
swapRequest.amount = _upscale(swapRequest.amount, scalingFactors[indexIn]);
uint256 amountOut = _onSwapGivenIn(swapRequest, balances, indexIn, indexOut);
// amountOut tokens are exiting the Pool, so we round down.
return _downscaleDown(amountOut, scalingFactors[indexOut]);
}
function _swapGivenOut(
SwapRequest memory swapRequest,
uint256[] memory balances,
uint256 indexIn,
uint256 indexOut,
uint256[] memory scalingFactors
) internal returns (uint256) {
_upscaleArray(balances, scalingFactors);
swapRequest.amount = _upscale(swapRequest.amount, scalingFactors[indexOut]);
uint256 amountIn = _onSwapGivenOut(swapRequest, balances, indexIn, indexOut);
// amountIn tokens are entering the Pool, so we round up.
amountIn = _downscaleUp(amountIn, scalingFactors[indexIn]);
// Fees are added after scaling happens, to reduce the complexity of the rounding direction analysis.
return _addSwapFeeAmount(amountIn);
}
/*
* @dev Called when a swap with the Pool occurs, where the amount of tokens entering the Pool is known.
*
* Returns the amount of tokens that will be taken from the Pool in return.
*
* All amounts inside `swapRequest` and `balances` are upscaled. The swap fee has already been deducted from
* `swapRequest.amount`.
*
* The return value is also considered upscaled, and will be downscaled (rounding down) before returning it to the
* Vault.
*/
function _onSwapGivenIn(
SwapRequest memory swapRequest,
uint256[] memory balances,
uint256 indexIn,
uint256 indexOut
) internal virtual returns (uint256);
/*
* @dev Called when a swap with the Pool occurs, where the amount of tokens exiting the Pool is known.
*
* Returns the amount of tokens that will be granted to the Pool in return.
*
* All amounts inside `swapRequest` and `balances` are upscaled.
*
* The return value is also considered upscaled, and will be downscaled (rounding up) before applying the swap fee
* and returning it to the Vault.
*/
function _onSwapGivenOut(
SwapRequest memory swapRequest,
uint256[] memory balances,
uint256 indexIn,
uint256 indexOut
) internal virtual returns (uint256);
function _validateIndexes(
uint256 indexIn,
uint256 indexOut,
uint256 limit
) private pure {
_require(indexIn < limit && indexOut < limit, Errors.OUT_OF_BOUNDS);
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "@balancer-labs/v2-interfaces/contracts/vault/IMinimalSwapInfoPool.sol";
import "./LegacyBasePool.sol";
/**
* @dev Extension of `BasePool`, adding a handler for `IMinimalSwapInfoPool.onSwap`.
*
* Derived contracts must call `BasePool`'s constructor, and implement `_onSwapGivenIn` and `_onSwapGivenOut` along with
* `BasePool`'s virtual functions. Inheriting from this contract lets derived contracts choose the Two Token or Minimal
* Swap Info specialization settings.
*/
abstract contract LegacyBaseMinimalSwapInfoPool is IMinimalSwapInfoPool, LegacyBasePool {
// Swap Hooks
function onSwap(
SwapRequest memory request,
uint256 balanceTokenIn,
uint256 balanceTokenOut
) public virtual override onlyVault(request.poolId) returns (uint256) {
uint256 scalingFactorTokenIn = _scalingFactor(request.tokenIn);
uint256 scalingFactorTokenOut = _scalingFactor(request.tokenOut);
if (request.kind == IVault.SwapKind.GIVEN_IN) {
// Fees are subtracted before scaling, to reduce the complexity of the rounding direction analysis.
uint256 amountInMinusSwapFees = _subtractSwapFeeAmount(request.amount);
// Process the (upscaled!) swap fee.
uint256 swapFee = request.amount - amountInMinusSwapFees;
_processSwapFeeAmount(request.tokenIn, _upscale(swapFee, scalingFactorTokenIn));
request.amount = amountInMinusSwapFees;
// All token amounts are upscaled.
balanceTokenIn = _upscale(balanceTokenIn, scalingFactorTokenIn);
balanceTokenOut = _upscale(balanceTokenOut, scalingFactorTokenOut);
request.amount = _upscale(request.amount, scalingFactorTokenIn);
uint256 amountOut = _onSwapGivenIn(request, balanceTokenIn, balanceTokenOut);
// amountOut tokens are exiting the Pool, so we round down.
return _downscaleDown(amountOut, scalingFactorTokenOut);
} else {
// All token amounts are upscaled.
balanceTokenIn = _upscale(balanceTokenIn, scalingFactorTokenIn);
balanceTokenOut = _upscale(balanceTokenOut, scalingFactorTokenOut);
request.amount = _upscale(request.amount, scalingFactorTokenOut);
uint256 amountIn = _onSwapGivenOut(request, balanceTokenIn, balanceTokenOut);
// amountIn tokens are entering the Pool, so we round up.
amountIn = _downscaleUp(amountIn, scalingFactorTokenIn);
// Fees are added after scaling happens, to reduce the complexity of the rounding direction analysis.
uint256 amountInPlusSwapFees = _addSwapFeeAmount(amountIn);
// Process the (upscaled!) swap fee.
uint256 swapFee = amountInPlusSwapFees - amountIn;
_processSwapFeeAmount(request.tokenIn, _upscale(swapFee, scalingFactorTokenIn));
return amountInPlusSwapFees;
}
}
/*
* @dev Called when a swap with the Pool occurs, where the amount of tokens entering the Pool is known.
*
* Returns the amount of tokens that will be taken from the Pool in return.
*
* All amounts inside `swapRequest`, `balanceTokenIn` and `balanceTokenOut` are upscaled. The swap fee has already
* been deducted from `swapRequest.amount`.
*
* The return value is also considered upscaled, and will be downscaled (rounding down) before returning it to the
* Vault.
*/
function _onSwapGivenIn(
SwapRequest memory swapRequest,
uint256 balanceTokenIn,
uint256 balanceTokenOut
) internal virtual returns (uint256);
/*
* @dev Called when a swap with the Pool occurs, where the amount of tokens exiting the Pool is known.
*
* Returns the amount of tokens that will be granted to the Pool in return.
*
* All amounts inside `swapRequest`, `balanceTokenIn` and `balanceTokenOut` are upscaled.
*
* The return value is also considered upscaled, and will be downscaled (rounding up) before applying the swap fee
* and returning it to the Vault.
*/
function _onSwapGivenOut(
SwapRequest memory swapRequest,
uint256 balanceTokenIn,
uint256 balanceTokenOut
) internal virtual returns (uint256);
/**
* @dev Called whenever a swap fee is charged. Implementations should call their parents via super, to ensure all
* implementations in the inheritance tree are called.
*
* Callers must call one of the three `_processSwapFeeAmount` functions when swap fees are computed,
* and upscale `amount`.
*/
function _processSwapFeeAmount(
uint256, /*index*/
uint256 /*amount*/
) internal virtual {
// solhint-disable-previous-line no-empty-blocks
}
function _processSwapFeeAmount(IERC20 token, uint256 amount) internal {
_processSwapFeeAmount(_tokenAddressToIndex(token), amount);
}
function _processSwapFeeAmounts(uint256[] memory amounts) internal {
InputHelpers.ensureInputLengthMatch(amounts.length, _getTotalTokens());
for (uint256 i = 0; i < _getTotalTokens(); ++i) {
_processSwapFeeAmount(i, amounts[i]);
}
}
/**
* @dev Returns the index of `token` in the Pool's token array (i.e. the one `vault.getPoolTokens()` would return).
*
* A trivial (and incorrect!) implementation is already provided for Pools that don't override
* `_processSwapFeeAmount` and skip the entire feature. However, Pools that do override `_processSwapFeeAmount`
* *must* override this function with a meaningful implementation.
*/
function _tokenAddressToIndex(
IERC20 /*token*/
) internal view virtual returns (uint256) {
return 0;
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(
address sender,
address recipient,
uint256 amount
) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "./IBasePool.sol";
/**
* @dev IPools with the General specialization setting should implement this interface.
*
* This is called by the Vault when a user calls `IVault.swap` or `IVault.batchSwap` to swap with this Pool.
* Returns the number of tokens the Pool will grant to the user in a 'given in' swap, or that the user will
* grant to the pool in a 'given out' swap.
*
* This can often be implemented by a `view` function, since many pricing algorithms don't need to track state
* changes in swaps. However, contracts implementing this in non-view functions should check that the caller is
* indeed the Vault.
*/
interface IGeneralPool is IBasePool {
function onSwap(
SwapRequest memory swapRequest,
uint256[] memory balances,
uint256 indexIn,
uint256 indexOut
) external returns (uint256 amount);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "@balancer-labs/v2-interfaces/contracts/asset-manager-utils/IAssetManager.sol";
import "@balancer-labs/v2-interfaces/contracts/vault/IVault.sol";
import "@balancer-labs/v2-interfaces/contracts/vault/IBasePool.sol";
import "@balancer-labs/v2-solidity-utils/contracts/helpers/InputHelpers.sol";
import "@balancer-labs/v2-solidity-utils/contracts/helpers/WordCodec.sol";
import "@balancer-labs/v2-solidity-utils/contracts/helpers/TemporarilyPausable.sol";
import "@balancer-labs/v2-solidity-utils/contracts/openzeppelin/ERC20.sol";
import "@balancer-labs/v2-solidity-utils/contracts/math/FixedPoint.sol";
import "@balancer-labs/v2-solidity-utils/contracts/math/Math.sol";
import "./BalancerPoolToken.sol";
import "./RecoveryMode.sol";
// solhint-disable max-states-count
/**
* @notice Reference implementation for the base layer of a Pool contract
* @dev Manages a single Pool with optional Asset Managers, an admin-controlled swap fee percentage, a temporary
* emergency pause mechanism that disables the pool, and a permanent Recovery Mode option that ensures LPs can
* always proportionally exit the pool, even if it's in a pathological state.
*
* Note that neither swap fees nor the pause mechanism are used by this contract. They are passed through so that
* derived contracts can use them via the `_addSwapFeeAmount` and `_subtractSwapFeeAmount` functions, and the
* `whenNotPaused` modifier.
*
* No admin permissions are checked here: instead, this contract delegates that to the Vault's own Authorizer.
*
* Because this contract doesn't implement the swap hooks, derived contracts should generally inherit from
* BaseGeneralPool or BaseMinimalSwapInfoPool. Otherwise, subclasses must inherit from the corresponding interfaces
* and implement the swap callbacks themselves.
*/
abstract contract LegacyBasePool is IBasePool, BalancerPoolToken, TemporarilyPausable, RecoveryMode {
using WordCodec for bytes32;
using FixedPoint for uint256;
using BasePoolUserData for bytes;
uint256 private constant _MIN_TOKENS = 2;
uint256 private constant _DEFAULT_MINIMUM_BPT = 1e6;
// 1e18 corresponds to 1.0, or a 100% fee
uint256 private constant _MIN_SWAP_FEE_PERCENTAGE = 1e12; // 0.0001%
uint256 private constant _MAX_SWAP_FEE_PERCENTAGE = 1e17; // 10% - this fits in 64 bits
// Storage slot that can be used to store unrelated pieces of information. In particular, by default is used
// to store only the swap fee percentage of a pool. But it can be extended to store some more pieces of information.
// The swap fee percentage is stored in the most-significant 64 bits, therefore the remaining 192 bits can be
// used to store any other piece of information.
bytes32 private _miscData;
uint256 private constant _SWAP_FEE_PERCENTAGE_OFFSET = 192;
bytes32 private immutable _poolId;
event SwapFeePercentageChanged(uint256 swapFeePercentage);
constructor(
IVault vault,
IVault.PoolSpecialization specialization,
string memory name,
string memory symbol,
IERC20[] memory tokens,
address[] memory assetManagers,
uint256 swapFeePercentage,
uint256 pauseWindowDuration,
uint256 bufferPeriodDuration,
address owner
)
// Base Pools are expected to be deployed using factories. By using the factory address as the action
// disambiguator, we make all Pools deployed by the same factory share action identifiers. This allows for
// simpler management of permissions (such as being able to manage granting the 'set fee percentage' action in
// any Pool created by the same factory), while still making action identifiers unique among different factories
// if the selectors match, preventing accidental errors.
Authentication(bytes32(uint256(msg.sender)))
BalancerPoolToken(name, symbol, vault)
BasePoolAuthorization(owner)
TemporarilyPausable(pauseWindowDuration, bufferPeriodDuration)
{
_require(tokens.length >= _MIN_TOKENS, Errors.MIN_TOKENS);
_require(tokens.length <= _getMaxTokens(), Errors.MAX_TOKENS);
// The Vault only requires the token list to be ordered for the Two Token Pools specialization. However,
// to make the developer experience consistent, we are requiring this condition for all the native pools.
// Also, since these Pools will register tokens only once, we can ensure the Pool tokens will follow the same
// order. We rely on this property to make Pools simpler to write, as it lets us assume that the
// order of token-specific parameters (such as token weights) will not change.
InputHelpers.ensureArrayIsSorted(tokens);
_setSwapFeePercentage(swapFeePercentage);
bytes32 poolId = vault.registerPool(specialization);
vault.registerTokens(poolId, tokens, assetManagers);
// Set immutable state variables - these cannot be read from during construction
_poolId = poolId;
}
// Getters / Setters
/**
* @notice Return the pool id.
*/
function getPoolId() public view override returns (bytes32) {
return _poolId;
}
function _getTotalTokens() internal view virtual returns (uint256);
function _getMaxTokens() internal pure virtual returns (uint256);
/**
* @dev Returns the minimum BPT supply. This amount is minted to the zero address during initialization, effectively
* locking it.
*
* This is useful to make sure Pool initialization happens only once, but derived Pools can change this value (even
* to zero) by overriding this function.
*/
function _getMinimumBpt() internal pure virtual returns (uint256) {
return _DEFAULT_MINIMUM_BPT;
}
/**
* @notice Return the current value of the swap fee percentage.
* @dev This is stored in the MSB 64 bits of the `_miscData`.
*/
function getSwapFeePercentage() public view returns (uint256) {
return _miscData.decodeUint(_SWAP_FEE_PERCENTAGE_OFFSET, 64);
}
/**
* @notice Set the swap fee percentage.
* @dev This is a permissioned function, and disabled if the pool is paused. The swap fee must be within the
* bounds set by MIN_SWAP_FEE_PERCENTAGE/MAX_SWAP_FEE_PERCENTAGE. Emits the SwapFeePercentageChanged event.
*/
function setSwapFeePercentage(uint256 swapFeePercentage) public virtual authenticate whenNotPaused {
_setSwapFeePercentage(swapFeePercentage);
}
function _setSwapFeePercentage(uint256 swapFeePercentage) private {
_require(swapFeePercentage >= _MIN_SWAP_FEE_PERCENTAGE, Errors.MIN_SWAP_FEE_PERCENTAGE);
_require(swapFeePercentage <= _MAX_SWAP_FEE_PERCENTAGE, Errors.MAX_SWAP_FEE_PERCENTAGE);
_miscData = _miscData.insertUint(swapFeePercentage, _SWAP_FEE_PERCENTAGE_OFFSET, 64);
emit SwapFeePercentageChanged(swapFeePercentage);
}
function setAssetManagerPoolConfig(IERC20 token, bytes memory poolConfig)
public
virtual
authenticate
whenNotPaused
{
_setAssetManagerPoolConfig(token, poolConfig);
}
/**
* @notice Set the asset manager parameters for the given token.
* @dev This is a permissioned function, unavailable when the pool is paused.
* The details of the configuration data are set by each Asset Manager. (For an example, see
* `RewardsAssetManager`.)
*/
function _setAssetManagerPoolConfig(IERC20 token, bytes memory poolConfig) private {
bytes32 poolId = getPoolId();
(, , , address assetManager) = getVault().getPoolTokenInfo(poolId, token);
IAssetManager(assetManager).setConfig(poolId, poolConfig);
}
/**
* @notice Pause the pool: an emergency action which disables all pool functions.
* @dev This is a permissioned function that will only work during the Pause Window set during pool factory
* deployment (see `TemporarilyPausable`).
*/
function pause() external authenticate {
_setPaused(true);
}
/**
* @notice Reverse a `pause` operation, and restore a pool to normal functionality.
* @dev This is a permissioned function that will only work on a paused pool within the Buffer Period set during
* pool factory deployment (see `TemporarilyPausable`). Note that any paused pools will automatically unpause after
* the Buffer Period expires.
*/
function unpause() external authenticate {
_setPaused(false);
}
function _isOwnerOnlyAction(bytes32 actionId) internal view virtual override returns (bool) {
return
(actionId == getActionId(this.setSwapFeePercentage.selector)) ||
(actionId == getActionId(this.setAssetManagerPoolConfig.selector));
}
function _getMiscData() internal view returns (bytes32) {
return _miscData;
}
/**
* @dev Inserts data into the least-significant 192 bits of the misc data storage slot.
* Note that the remaining 64 bits are used for the swap fee percentage and cannot be overloaded.
*/
function _setMiscData(bytes32 newData) internal {
_miscData = _miscData.insertBits192(newData, 0);
}
// Join / Exit Hooks
modifier onlyVault(bytes32 poolId) {
_require(msg.sender == address(getVault()), Errors.CALLER_NOT_VAULT);
_require(poolId == getPoolId(), Errors.INVALID_POOL_ID);
_;
}
/**
* @notice Vault hook for adding liquidity to a pool (including the first time, "initializing" the pool).
* @dev This function can only be called from the Vault, from `joinPool`.
*/
function onJoinPool(
bytes32 poolId,
address sender,
address recipient,
uint256[] memory balances,
uint256 lastChangeBlock,
uint256 protocolSwapFeePercentage,
bytes memory userData
) public virtual override onlyVault(poolId) returns (uint256[] memory, uint256[] memory) {
uint256[] memory scalingFactors = _scalingFactors();
// Joins are unsupported when paused
// It would be strange for the Pool to be paused before it is initialized, but for consistency we prevent
// initialization in this case.
_ensureNotPaused();
if (totalSupply() == 0) {
(uint256 bptAmountOut, uint256[] memory amountsIn) = _onInitializePool(
poolId,
sender,
recipient,
scalingFactors,
userData
);
// On initialization, we lock _getMinimumBpt() by minting it for the zero address. This BPT acts as a
// minimum as it will never be burned, which reduces potential issues with rounding, and also prevents the
// Pool from ever being fully drained.
_require(bptAmountOut >= _getMinimumBpt(), Errors.MINIMUM_BPT);
_mintPoolTokens(address(0), _getMinimumBpt());
_mintPoolTokens(recipient, bptAmountOut - _getMinimumBpt());
// amountsIn are amounts entering the Pool, so we round up.
_downscaleUpArray(amountsIn, scalingFactors);
return (amountsIn, new uint256[](_getTotalTokens()));
} else {
_upscaleArray(balances, scalingFactors);
(uint256 bptAmountOut, uint256[] memory amountsIn, uint256[] memory dueProtocolFeeAmounts) = _onJoinPool(
poolId,
sender,
recipient,
balances,
lastChangeBlock,
inRecoveryMode() ? 0 : protocolSwapFeePercentage, // Protocol fees are disabled while in recovery mode
scalingFactors,
userData
);
// Note we no longer use `balances` after calling `_onJoinPool`, which may mutate it.
_mintPoolTokens(recipient, bptAmountOut);
// amountsIn are amounts entering the Pool, so we round up.
_downscaleUpArray(amountsIn, scalingFactors);
// dueProtocolFeeAmounts are amounts exiting the Pool, so we round down.
_downscaleDownArray(dueProtocolFeeAmounts, scalingFactors);
return (amountsIn, dueProtocolFeeAmounts);
}
}
/**
* @notice Vault hook for removing liquidity from a pool.
* @dev This function can only be called from the Vault, from `exitPool`.
*/
function onExitPool(
bytes32 poolId,
address sender,
address recipient,
uint256[] memory balances,
uint256 lastChangeBlock,
uint256 protocolSwapFeePercentage,
bytes memory userData
) public virtual override onlyVault(poolId) returns (uint256[] memory, uint256[] memory) {
uint256[] memory dueProtocolFeeAmounts;
uint256[] memory amountsOut;
uint256 bptAmountIn;
// When a user calls `exitPool`, this is the first point of entry from the Vault.
// We first check whether this is a Recovery Mode exit - if so, we proceed using this special lightweight exit
// mechanism which avoids computing any complex values, interacting with external contracts, etc., and generally
// should always work, even if the Pool's mathematics or a dependency break down.
if (userData.isRecoveryModeExitKind()) {
// This exit kind is only available in Recovery Mode.
_ensureInRecoveryMode();
// Protocol fees are skipped when processing recovery mode exits, since these are pool-agnostic and it
// is therefore impossible to know how many fees are due. For consistency, all regular joins and exits are
// processed as if the protocol swap fee percentage was zero.
dueProtocolFeeAmounts = new uint256[](balances.length);
(bptAmountIn, amountsOut) = _doRecoveryModeExit(balances, totalSupply(), userData);
} else {
// Exits are unsupported when paused
_ensureNotPaused();
uint256[] memory scalingFactors = _scalingFactors();
_upscaleArray(balances, scalingFactors);
// Note we no longer use `balances` after calling `_onExitPool`, which may mutate it.
(bptAmountIn, amountsOut, dueProtocolFeeAmounts) = _onExitPool(
poolId,
sender,
recipient,
balances,
lastChangeBlock,
inRecoveryMode() ? 0 : protocolSwapFeePercentage, // Protocol fees are disabled while in recovery mode
scalingFactors,
userData
);
// Both amountsOut and dueProtocolFeeAmounts are amounts exiting the Pool, so we round down.
_downscaleDownArray(amountsOut, scalingFactors);
_downscaleDownArray(dueProtocolFeeAmounts, scalingFactors);
}
_burnPoolTokens(sender, bptAmountIn);
return (amountsOut, dueProtocolFeeAmounts);
}
// Query functions
/**
* @notice "Dry run" `onJoinPool`.
* @dev Returns the amount of BPT that would be granted to `recipient` if the `onJoinPool` hook were called by the
* Vault with the same arguments, along with the number of tokens `sender` would have to supply.
*
* This function is not meant to be called directly, but rather from a helper contract that fetches current Vault
* data, such as the protocol swap fee percentage and Pool balances.
*
* Like `IVault.queryBatchSwap`, this function is not view due to internal implementation details: the caller must
* explicitly use eth_call instead of eth_sendTransaction.
*/
function queryJoin(
bytes32 poolId,
address sender,
address recipient,
uint256[] memory balances,
uint256 lastChangeBlock,
uint256 protocolSwapFeePercentage,
bytes memory userData
) external returns (uint256 bptOut, uint256[] memory amountsIn) {
InputHelpers.ensureInputLengthMatch(balances.length, _getTotalTokens());
_queryAction(
poolId,
sender,
recipient,
balances,
lastChangeBlock,
protocolSwapFeePercentage,
userData,
_onJoinPool,
_downscaleUpArray
);
// The `return` opcode is executed directly inside `_queryAction`, so execution never reaches this statement,
// and we don't need to return anything here - it just silences compiler warnings.
return (bptOut, amountsIn);
}
/**
* @notice "Dry run" `onExitPool`.
* @dev Returns the amount of BPT that would be burned from `sender` if the `onExitPool` hook were called by the
* Vault with the same arguments, along with the number of tokens `recipient` would receive.
*
* This function is not meant to be called directly, but rather from a helper contract that fetches current Vault
* data, such as the protocol swap fee percentage and Pool balances.
*
* Like `IVault.queryBatchSwap`, this function is not view due to internal implementation details: the caller must
* explicitly use eth_call instead of eth_sendTransaction.
*/
function queryExit(
bytes32 poolId,
address sender,
address recipient,
uint256[] memory balances,
uint256 lastChangeBlock,
uint256 protocolSwapFeePercentage,
bytes memory userData
) external returns (uint256 bptIn, uint256[] memory amountsOut) {
InputHelpers.ensureInputLengthMatch(balances.length, _getTotalTokens());
_queryAction(
poolId,
sender,
recipient,
balances,
lastChangeBlock,
protocolSwapFeePercentage,
userData,
_onExitPool,
_downscaleDownArray
);
// The `return` opcode is executed directly inside `_queryAction`, so execution never reaches this statement,
// and we don't need to return anything here - it just silences compiler warnings.
return (bptIn, amountsOut);
}
// Internal hooks to be overridden by derived contracts - all token amounts (except BPT) in these interfaces are
// upscaled.
/**
* @dev Called when the Pool is joined for the first time; that is, when the BPT total supply is zero.
*
* Returns the amount of BPT to mint, and the token amounts the Pool will receive in return.
*
* Minted BPT will be sent to `recipient`, except for _getMinimumBpt(), which will be deducted from this amount and
* sent to the zero address instead. This will cause that BPT to remain forever locked there, preventing total BTP
* from ever dropping below that value, and ensuring `_onInitializePool` can only be called once in the entire
* Pool's lifetime.
*
* The tokens granted to the Pool will be transferred from `sender`. These amounts are considered upscaled and will
* be downscaled (rounding up) before being returned to the Vault.
*/
function _onInitializePool(
bytes32 poolId,
address sender,
address recipient,
uint256[] memory scalingFactors,
bytes memory userData
) internal virtual returns (uint256 bptAmountOut, uint256[] memory amountsIn);
/**
* @dev Called whenever the Pool is joined after the first initialization join (see `_onInitializePool`).
*
* Returns the amount of BPT to mint, the token amounts that the Pool will receive in return, and the number of
* tokens to pay in protocol swap fees.
*
* Implementations of this function might choose to mutate the `balances` array to save gas (e.g. when
* performing intermediate calculations, such as subtraction of due protocol fees). This can be done safely.
*
* Minted BPT will be sent to `recipient`.
*
* The tokens granted to the Pool will be transferred from `sender`. These amounts are considered upscaled and will
* be downscaled (rounding up) before being returned to the Vault.
*
* Due protocol swap fees will be taken from the Pool's balance in the Vault (see `IBasePool.onJoinPool`). These
* amounts are considered upscaled and will be downscaled (rounding down) before being returned to the Vault.
*/
function _onJoinPool(
bytes32 poolId,
address sender,
address recipient,
uint256[] memory balances,
uint256 lastChangeBlock,
uint256 protocolSwapFeePercentage,
uint256[] memory scalingFactors,
bytes memory userData
)
internal
virtual
returns (
uint256 bptAmountOut,
uint256[] memory amountsIn,
uint256[] memory dueProtocolFeeAmounts
);
/**
* @dev Called whenever the Pool is exited.
*
* Returns the amount of BPT to burn, the token amounts for each Pool token that the Pool will grant in return, and
* the number of tokens to pay in protocol swap fees.
*
* Implementations of this function might choose to mutate the `balances` array to save gas (e.g. when
* performing intermediate calculations, such as subtraction of due protocol fees). This can be done safely.
*
* BPT will be burnt from `sender`.
*
* The Pool will grant tokens to `recipient`. These amounts are considered upscaled and will be downscaled
* (rounding down) before being returned to the Vault.
*
* Due protocol swap fees will be taken from the Pool's balance in the Vault (see `IBasePool.onExitPool`). These
* amounts are considered upscaled and will be downscaled (rounding down) before being returned to the Vault.
*/
function _onExitPool(
bytes32 poolId,
address sender,
address recipient,
uint256[] memory balances,
uint256 lastChangeBlock,
uint256 protocolSwapFeePercentage,
uint256[] memory scalingFactors,
bytes memory userData
)
internal
virtual
returns (
uint256 bptAmountIn,
uint256[] memory amountsOut,
uint256[] memory dueProtocolFeeAmounts
);
/**
* @dev Adds swap fee amount to `amount`, returning a higher value.
*/
function _addSwapFeeAmount(uint256 amount) internal view returns (uint256) {
// This returns amount + fee amount, so we round up (favoring a higher fee amount).
return amount.divUp(FixedPoint.ONE.sub(getSwapFeePercentage()));
}
/**
* @dev Subtracts swap fee amount from `amount`, returning a lower value.
*/
function _subtractSwapFeeAmount(uint256 amount) internal view returns (uint256) {
// This returns amount - fee amount, so we round up (favoring a higher fee amount).
uint256 feeAmount = amount.mulUp(getSwapFeePercentage());
return amount.sub(feeAmount);
}
// Scaling
/**
* @dev Returns a scaling factor that, when multiplied to a token amount for `token`, normalizes its balance as if
* it had 18 decimals.
*/
function _computeScalingFactor(IERC20 token) internal view returns (uint256) {
if (address(token) == address(this)) {
return FixedPoint.ONE;
}
// Tokens that don't implement the `decimals` method are not supported.
uint256 tokenDecimals = ERC20(address(token)).decimals();
// Tokens with more than 18 decimals are not supported.
uint256 decimalsDifference = Math.sub(18, tokenDecimals);
return FixedPoint.ONE * 10**decimalsDifference;
}
/**
* @dev Returns the scaling factor for one of the Pool's tokens. Reverts if `token` is not a token registered by the
* Pool.
*
* All scaling factors are fixed-point values with 18 decimals, to allow for this function to be overridden by
* derived contracts that need to apply further scaling, making these factors potentially non-integer.
*
* The largest 'base' scaling factor (i.e. in tokens with less than 18 decimals) is 10**18, which in fixed-point is
* 10**36. This value can be multiplied with a 112 bit Vault balance with no overflow by a factor of ~1e7, making
* even relatively 'large' factors safe to use.
*
* The 1e7 figure is the result of 2**256 / (1e18 * 1e18 * 2**112).
*/
function _scalingFactor(IERC20 token) internal view virtual returns (uint256);
/**
* @dev Same as `_scalingFactor()`, except for all registered tokens (in the same order as registered). The Vault
* will always pass balances in this order when calling any of the Pool hooks.
*/
function _scalingFactors() internal view virtual returns (uint256[] memory);
/**
* @notice Return the set of scaling factors for the pool tokens.
* @dev Scaling factors are used to convert token balances to and from 18-decimal floating point values.
* The Vault expects all values to be 18-decimal, yet all I/O is performed in native decimals. So we scale "up"
* when sending user-supplied balances to the Vault, and scale "down" to return results.
* For instance, an 18-decimal token has a scaling factor of 1, while a 6-decimal token has a scaling factor of
* 10^12.
*/
function getScalingFactors() external view returns (uint256[] memory) {
return _scalingFactors();
}
/**
* @dev Applies `scalingFactor` to `amount`, resulting in a larger or equal value depending on whether it needed
* scaling or not.
*/
function _upscale(uint256 amount, uint256 scalingFactor) internal pure returns (uint256) {
// Upscale rounding wouldn't necessarily always go in the same direction: in a swap for example the balance of
// token in should be rounded up, and that of token out rounded down. This is the only place where we round in
// the same direction for all amounts, as the impact of this rounding is expected to be minimal (and there's no
// rounding error unless `_scalingFactor()` is overriden).
return FixedPoint.mulDown(amount, scalingFactor);
}
/**
* @dev Same as `_upscale`, but for an entire array. This function does not return anything, but instead *mutates*
* the `amounts` array.
*/
function _upscaleArray(uint256[] memory amounts, uint256[] memory scalingFactors) internal view {
for (uint256 i = 0; i < _getTotalTokens(); ++i) {
amounts[i] = FixedPoint.mulDown(amounts[i], scalingFactors[i]);
}
}
/**
* @dev Reverses the `scalingFactor` applied to `amount`, resulting in a smaller or equal value depending on
* whether it needed scaling or not. The result is rounded down.
*/
function _downscaleDown(uint256 amount, uint256 scalingFactor) internal pure returns (uint256) {
return FixedPoint.divDown(amount, scalingFactor);
}
/**
* @dev Same as `_downscaleDown`, but for an entire array. This function does not return anything, but instead
* *mutates* the `amounts` array.
*/
function _downscaleDownArray(uint256[] memory amounts, uint256[] memory scalingFactors) internal view {
for (uint256 i = 0; i < _getTotalTokens(); ++i) {
amounts[i] = FixedPoint.divDown(amounts[i], scalingFactors[i]);
}
}
/**
* @dev Reverses the `scalingFactor` applied to `amount`, resulting in a smaller or equal value depending on
* whether it needed scaling or not. The result is rounded up.
*/
function _downscaleUp(uint256 amount, uint256 scalingFactor) internal pure returns (uint256) {
return FixedPoint.divUp(amount, scalingFactor);
}
/**
* @dev Same as `_downscaleUp`, but for an entire array. This function does not return anything, but instead
* *mutates* the `amounts` array.
*/
function _downscaleUpArray(uint256[] memory amounts, uint256[] memory scalingFactors) internal view {
for (uint256 i = 0; i < _getTotalTokens(); ++i) {
amounts[i] = FixedPoint.divUp(amounts[i], scalingFactors[i]);
}
}
function _getAuthorizer() internal view override returns (IAuthorizer) {
// Access control management is delegated to the Vault's Authorizer. This lets Balancer Governance manage which
// accounts can call permissioned functions: for example, to perform emergency pauses.
// If the owner is delegated, then *all* permissioned functions, including `setSwapFeePercentage`, will be under
// Governance control.
return getVault().getAuthorizer();
}
function _queryAction(
bytes32 poolId,
address sender,
address recipient,
uint256[] memory balances,
uint256 lastChangeBlock,
uint256 protocolSwapFeePercentage,
bytes memory userData,
function(bytes32, address, address, uint256[] memory, uint256, uint256, uint256[] memory, bytes memory)
internal
returns (uint256, uint256[] memory, uint256[] memory) _action,
function(uint256[] memory, uint256[] memory) internal view _downscaleArray
) private {
// This uses the same technique used by the Vault in queryBatchSwap. Refer to that function for a detailed
// explanation.
if (msg.sender != address(this)) {
// We perform an external call to ourselves, forwarding the same calldata. In this call, the else clause of
// the preceding if statement will be executed instead.
// solhint-disable-next-line avoid-low-level-calls
(bool success, ) = address(this).call(msg.data);
// solhint-disable-next-line no-inline-assembly
assembly {
// This call should always revert to decode the bpt and token amounts from the revert reason
switch success
case 0 {
// Note we are manually writing the memory slot 0. We can safely overwrite whatever is
// stored there as we take full control of the execution and then immediately return.
// We copy the first 4 bytes to check if it matches with the expected signature, otherwise
// there was another revert reason and we should forward it.
returndatacopy(0, 0, 0x04)
let error := and(mload(0), 0xffffffff00000000000000000000000000000000000000000000000000000000)
// If the first 4 bytes don't match with the expected signature, we forward the revert reason.
if eq(eq(error, 0x43adbafb00000000000000000000000000000000000000000000000000000000), 0) {
returndatacopy(0, 0, returndatasize())
revert(0, returndatasize())
}
// The returndata contains the signature, followed by the raw memory representation of the
// `bptAmount` and `tokenAmounts` (array: length + data). We need to return an ABI-encoded
// representation of these.
// An ABI-encoded response will include one additional field to indicate the starting offset of
// the `tokenAmounts` array. The `bptAmount` will be laid out in the first word of the
// returndata.
//
// In returndata:
// [ signature ][ bptAmount ][ tokenAmounts length ][ tokenAmounts values ]
// [ 4 bytes ][ 32 bytes ][ 32 bytes ][ (32 * length) bytes ]
//
// We now need to return (ABI-encoded values):
// [ bptAmount ][ tokeAmounts offset ][ tokenAmounts length ][ tokenAmounts values ]
// [ 32 bytes ][ 32 bytes ][ 32 bytes ][ (32 * length) bytes ]
// We copy 32 bytes for the `bptAmount` from returndata into memory.
// Note that we skip the first 4 bytes for the error signature
returndatacopy(0, 0x04, 32)
// The offsets are 32-bytes long, so the array of `tokenAmounts` will start after
// the initial 64 bytes.
mstore(0x20, 64)
// We now copy the raw memory array for the `tokenAmounts` from returndata into memory.
// Since bpt amount and offset take up 64 bytes, we start copying at address 0x40. We also
// skip the first 36 bytes from returndata, which correspond to the signature plus bpt amount.
returndatacopy(0x40, 0x24, sub(returndatasize(), 36))
// We finally return the ABI-encoded uint256 and the array, which has a total length equal to
// the size of returndata, plus the 32 bytes of the offset but without the 4 bytes of the
// error signature.
return(0, add(returndatasize(), 28))
}
default {
// This call should always revert, but we fail nonetheless if that didn't happen
invalid()
}
}
} else {
uint256[] memory scalingFactors = _scalingFactors();
_upscaleArray(balances, scalingFactors);
(uint256 bptAmount, uint256[] memory tokenAmounts, ) = _action(
poolId,
sender,
recipient,
balances,
lastChangeBlock,
protocolSwapFeePercentage,
scalingFactors,
userData
);
_downscaleArray(tokenAmounts, scalingFactors);
// solhint-disable-next-line no-inline-assembly
assembly {
// We will return a raw representation of `bptAmount` and `tokenAmounts` in memory, which is composed of
// a 32-byte uint256, followed by a 32-byte for the array length, and finally the 32-byte uint256 values
// Because revert expects a size in bytes, we multiply the array length (stored at `tokenAmounts`) by 32
let size := mul(mload(tokenAmounts), 32)
// We store the `bptAmount` in the previous slot to the `tokenAmounts` array. We can make sure there
// will be at least one available slot due to how the memory scratch space works.
// We can safely overwrite whatever is stored in this slot as we will revert immediately after that.
let start := sub(tokenAmounts, 0x20)
mstore(start, bptAmount)
// We send one extra value for the error signature "QueryError(uint256,uint256[])" which is 0x43adbafb
// We use the previous slot to `bptAmount`.
mstore(sub(start, 0x20), 0x0000000000000000000000000000000000000000000000000000000043adbafb)
start := sub(start, 0x04)
// When copying from `tokenAmounts` into returndata, we copy the additional 68 bytes to also return
// the `bptAmount`, the array 's length, and the error signature.
revert(start, add(size, 68))
}
}
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "./IVault.sol";
import "./IPoolSwapStructs.sol";
/**
* @dev Interface for adding and removing liquidity that all Pool contracts should implement. Note that this is not
* the complete Pool contract interface, as it is missing the swap hooks. Pool contracts should also inherit from
* either IGeneralPool or IMinimalSwapInfoPool
*/
interface IBasePool is IPoolSwapStructs {
/**
* @dev Called by the Vault when a user calls `IVault.joinPool` to add liquidity to this Pool. Returns how many of
* each registered token the user should provide, as well as the amount of protocol fees the Pool owes to the Vault.
* The Vault will then take tokens from `sender` and add them to the Pool's balances, as well as collect
* the reported amount in protocol fees, which the pool should calculate based on `protocolSwapFeePercentage`.
*
* Protocol fees are reported and charged on join events so that the Pool is free of debt whenever new users join.
*
* `sender` is the account performing the join (from which tokens will be withdrawn), and `recipient` is the account
* designated to receive any benefits (typically pool shares). `balances` contains the total balances
* for each token the Pool registered in the Vault, in the same order that `IVault.getPoolTokens` would return.
*
* `lastChangeBlock` is the last block in which *any* of the Pool's registered tokens last changed its total
* balance.
*
* `userData` contains any pool-specific instructions needed to perform the calculations, such as the type of
* join (e.g., proportional given an amount of pool shares, single-asset, multi-asset, etc.)
*
* Contracts implementing this function should check that the caller is indeed the Vault before performing any
* state-changing operations, such as minting pool shares.
*/
function onJoinPool(
bytes32 poolId,
address sender,
address recipient,
uint256[] memory balances,
uint256 lastChangeBlock,
uint256 protocolSwapFeePercentage,
bytes memory userData
) external returns (uint256[] memory amountsIn, uint256[] memory dueProtocolFeeAmounts);
/**
* @dev Called by the Vault when a user calls `IVault.exitPool` to remove liquidity from this Pool. Returns how many
* tokens the Vault should deduct from the Pool's balances, as well as the amount of protocol fees the Pool owes
* to the Vault. The Vault will then take tokens from the Pool's balances and send them to `recipient`,
* as well as collect the reported amount in protocol fees, which the Pool should calculate based on
* `protocolSwapFeePercentage`.
*
* Protocol fees are charged on exit events to guarantee that users exiting the Pool have paid their share.
*
* `sender` is the account performing the exit (typically the pool shareholder), and `recipient` is the account
* to which the Vault will send the proceeds. `balances` contains the total token balances for each token
* the Pool registered in the Vault, in the same order that `IVault.getPoolTokens` would return.
*
* `lastChangeBlock` is the last block in which *any* of the Pool's registered tokens last changed its total
* balance.
*
* `userData` contains any pool-specific instructions needed to perform the calculations, such as the type of
* exit (e.g., proportional given an amount of pool shares, single-asset, multi-asset, etc.)
*
* Contracts implementing this function should check that the caller is indeed the Vault before performing any
* state-changing operations, such as burning pool shares.
*/
function onExitPool(
bytes32 poolId,
address sender,
address recipient,
uint256[] memory balances,
uint256 lastChangeBlock,
uint256 protocolSwapFeePercentage,
bytes memory userData
) external returns (uint256[] memory amountsOut, uint256[] memory dueProtocolFeeAmounts);
function getPoolId() external view returns (bytes32);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma experimental ABIEncoderV2;
import "../solidity-utils/openzeppelin/IERC20.sol";
import "../solidity-utils/helpers/IAuthentication.sol";
import "../solidity-utils/helpers/ISignaturesValidator.sol";
import "../solidity-utils/helpers/ITemporarilyPausable.sol";
import "../solidity-utils/misc/IWETH.sol";
import "./IAsset.sol";
import "./IAuthorizer.sol";
import "./IFlashLoanRecipient.sol";
import "./IProtocolFeesCollector.sol";
pragma solidity ^0.7.0;
/**
* @dev Full external interface for the Vault core contract - no external or public methods exist in the contract that
* don't override one of these declarations.
*/
interface IVault is ISignaturesValidator, ITemporarilyPausable, IAuthentication {
// Generalities about the Vault:
//
// - Whenever documentation refers to 'tokens', it strictly refers to ERC20-compliant token contracts. Tokens are
// transferred out of the Vault by calling the `IERC20.transfer` function, and transferred in by calling
// `IERC20.transferFrom`. In these cases, the sender must have previously allowed the Vault to use their tokens by
// calling `IERC20.approve`. The only deviation from the ERC20 standard that is supported is functions not returning
// a boolean value: in these scenarios, a non-reverting call is assumed to be successful.
//
// - All non-view functions in the Vault are non-reentrant: calling them while another one is mid-execution (e.g.
// while execution control is transferred to a token contract during a swap) will result in a revert. View
// functions can be called in a re-reentrant way, but doing so might cause them to return inconsistent results.
// Contracts calling view functions in the Vault must make sure the Vault has not already been entered.
//
// - View functions revert if referring to either unregistered Pools, or unregistered tokens for registered Pools.
// Authorizer
//
// Some system actions are permissioned, like setting and collecting protocol fees. This permissioning system exists
// outside of the Vault in the Authorizer contract: the Vault simply calls the Authorizer to check if the caller
// can perform a given action.
/**
* @dev Returns the Vault's Authorizer.
*/
function getAuthorizer() external view returns (IAuthorizer);
/**
* @dev Sets a new Authorizer for the Vault. The caller must be allowed by the current Authorizer to do this.
*
* Emits an `AuthorizerChanged` event.
*/
function setAuthorizer(IAuthorizer newAuthorizer) external;
/**
* @dev Emitted when a new authorizer is set by `setAuthorizer`.
*/
event AuthorizerChanged(IAuthorizer indexed newAuthorizer);
// Relayers
//
// Additionally, it is possible for an account to perform certain actions on behalf of another one, using their
// Vault ERC20 allowance and Internal Balance. These accounts are said to be 'relayers' for these Vault functions,
// and are expected to be smart contracts with sound authentication mechanisms. For an account to be able to wield
// this power, two things must occur:
// - The Authorizer must grant the account the permission to be a relayer for the relevant Vault function. This
// means that Balancer governance must approve each individual contract to act as a relayer for the intended
// functions.
// - Each user must approve the relayer to act on their behalf.
// This double protection means users cannot be tricked into approving malicious relayers (because they will not
// have been allowed by the Authorizer via governance), nor can malicious relayers approved by a compromised
// Authorizer or governance drain user funds, since they would also need to be approved by each individual user.
/**
* @dev Returns true if `user` has approved `relayer` to act as a relayer for them.
*/
function hasApprovedRelayer(address user, address relayer) external view returns (bool);
/**
* @dev Allows `relayer` to act as a relayer for `sender` if `approved` is true, and disallows it otherwise.
*
* Emits a `RelayerApprovalChanged` event.
*/
function setRelayerApproval(
address sender,
address relayer,
bool approved
) external;
/**
* @dev Emitted every time a relayer is approved or disapproved by `setRelayerApproval`.
*/
event RelayerApprovalChanged(address indexed relayer, address indexed sender, bool approved);
// Internal Balance
//
// Users can deposit tokens into the Vault, where they are allocated to their Internal Balance, and later
// transferred or withdrawn. It can also be used as a source of tokens when joining Pools, as a destination
// when exiting them, and as either when performing swaps. This usage of Internal Balance results in greatly reduced
// gas costs when compared to relying on plain ERC20 transfers, leading to large savings for frequent users.
//
// Internal Balance management features batching, which means a single contract call can be used to perform multiple
// operations of different kinds, with different senders and recipients, at once.
/**
* @dev Returns `user`'s Internal Balance for a set of tokens.
*/
function getInternalBalance(address user, IERC20[] memory tokens) external view returns (uint256[] memory);
/**
* @dev Performs a set of user balance operations, which involve Internal Balance (deposit, withdraw or transfer)
* and plain ERC20 transfers using the Vault's allowance. This last feature is particularly useful for relayers, as
* it lets integrators reuse a user's Vault allowance.
*
* For each operation, if the caller is not `sender`, it must be an authorized relayer for them.
*/
function manageUserBalance(UserBalanceOp[] memory ops) external payable;
/**
* @dev Data for `manageUserBalance` operations, which include the possibility for ETH to be sent and received
without manual WETH wrapping or unwrapping.
*/
struct UserBalanceOp {
UserBalanceOpKind kind;
IAsset asset;
uint256 amount;
address sender;
address payable recipient;
}
// There are four possible operations in `manageUserBalance`:
//
// - DEPOSIT_INTERNAL
// Increases the Internal Balance of the `recipient` account by transferring tokens from the corresponding
// `sender`. The sender must have allowed the Vault to use their tokens via `IERC20.approve()`.
//
// ETH can be used by passing the ETH sentinel value as the asset and forwarding ETH in the call: it will be wrapped
// and deposited as WETH. Any ETH amount remaining will be sent back to the caller (not the sender, which is
// relevant for relayers).
//
// Emits an `InternalBalanceChanged` event.
//
//
// - WITHDRAW_INTERNAL
// Decreases the Internal Balance of the `sender` account by transferring tokens to the `recipient`.
//
// ETH can be used by passing the ETH sentinel value as the asset. This will deduct WETH instead, unwrap it and send
// it to the recipient as ETH.
//
// Emits an `InternalBalanceChanged` event.
//
//
// - TRANSFER_INTERNAL
// Transfers tokens from the Internal Balance of the `sender` account to the Internal Balance of `recipient`.
//
// Reverts if the ETH sentinel value is passed.
//
// Emits an `InternalBalanceChanged` event.
//
//
// - TRANSFER_EXTERNAL
// Transfers tokens from `sender` to `recipient`, using the Vault's ERC20 allowance. This is typically used by
// relayers, as it lets them reuse a user's Vault allowance.
//
// Reverts if the ETH sentinel value is passed.
//
// Emits an `ExternalBalanceTransfer` event.
enum UserBalanceOpKind { DEPOSIT_INTERNAL, WITHDRAW_INTERNAL, TRANSFER_INTERNAL, TRANSFER_EXTERNAL }
/**
* @dev Emitted when a user's Internal Balance changes, either from calls to `manageUserBalance`, or through
* interacting with Pools using Internal Balance.
*
* Because Internal Balance works exclusively with ERC20 tokens, ETH deposits and withdrawals will use the WETH
* address.
*/
event InternalBalanceChanged(address indexed user, IERC20 indexed token, int256 delta);
/**
* @dev Emitted when a user's Vault ERC20 allowance is used by the Vault to transfer tokens to an external account.
*/
event ExternalBalanceTransfer(IERC20 indexed token, address indexed sender, address recipient, uint256 amount);
// Pools
//
// There are three specialization settings for Pools, which allow for cheaper swaps at the cost of reduced
// functionality:
//
// - General: no specialization, suited for all Pools. IGeneralPool is used for swap request callbacks, passing the
// balance of all tokens in the Pool. These Pools have the largest swap costs (because of the extra storage reads),
// which increase with the number of registered tokens.
//
// - Minimal Swap Info: IMinimalSwapInfoPool is used instead of IGeneralPool, which saves gas by only passing the
// balance of the two tokens involved in the swap. This is suitable for some pricing algorithms, like the weighted
// constant product one popularized by Balancer V1. Swap costs are smaller compared to general Pools, and are
// independent of the number of registered tokens.
//
// - Two Token: only allows two tokens to be registered. This achieves the lowest possible swap gas cost. Like
// minimal swap info Pools, these are called via IMinimalSwapInfoPool.
enum PoolSpecialization { GENERAL, MINIMAL_SWAP_INFO, TWO_TOKEN }
/**
* @dev Registers the caller account as a Pool with a given specialization setting. Returns the Pool's ID, which
* is used in all Pool-related functions. Pools cannot be deregistered, nor can the Pool's specialization be
* changed.
*
* The caller is expected to be a smart contract that implements either `IGeneralPool` or `IMinimalSwapInfoPool`,
* depending on the chosen specialization setting. This contract is known as the Pool's contract.
*
* Note that the same contract may register itself as multiple Pools with unique Pool IDs, or in other words,
* multiple Pools may share the same contract.
*
* Emits a `PoolRegistered` event.
*/
function registerPool(PoolSpecialization specialization) external returns (bytes32);
/**
* @dev Emitted when a Pool is registered by calling `registerPool`.
*/
event PoolRegistered(bytes32 indexed poolId, address indexed poolAddress, PoolSpecialization specialization);
/**
* @dev Returns a Pool's contract address and specialization setting.
*/
function getPool(bytes32 poolId) external view returns (address, PoolSpecialization);
/**
* @dev Registers `tokens` for the `poolId` Pool. Must be called by the Pool's contract.
*
* Pools can only interact with tokens they have registered. Users join a Pool by transferring registered tokens,
* exit by receiving registered tokens, and can only swap registered tokens.
*
* Each token can only be registered once. For Pools with the Two Token specialization, `tokens` must have a length
* of two, that is, both tokens must be registered in the same `registerTokens` call, and they must be sorted in
* ascending order.
*
* The `tokens` and `assetManagers` arrays must have the same length, and each entry in these indicates the Asset
* Manager for the corresponding token. Asset Managers can manage a Pool's tokens via `managePoolBalance`,
* depositing and withdrawing them directly, and can even set their balance to arbitrary amounts. They are therefore
* expected to be highly secured smart contracts with sound design principles, and the decision to register an
* Asset Manager should not be made lightly.
*
* Pools can choose not to assign an Asset Manager to a given token by passing in the zero address. Once an Asset
* Manager is set, it cannot be changed except by deregistering the associated token and registering again with a
* different Asset Manager.
*
* Emits a `TokensRegistered` event.
*/
function registerTokens(
bytes32 poolId,
IERC20[] memory tokens,
address[] memory assetManagers
) external;
/**
* @dev Emitted when a Pool registers tokens by calling `registerTokens`.
*/
event TokensRegistered(bytes32 indexed poolId, IERC20[] tokens, address[] assetManagers);
/**
* @dev Deregisters `tokens` for the `poolId` Pool. Must be called by the Pool's contract.
*
* Only registered tokens (via `registerTokens`) can be deregistered. Additionally, they must have zero total
* balance. For Pools with the Two Token specialization, `tokens` must have a length of two, that is, both tokens
* must be deregistered in the same `deregisterTokens` call.
*
* A deregistered token can be re-registered later on, possibly with a different Asset Manager.
*
* Emits a `TokensDeregistered` event.
*/
function deregisterTokens(bytes32 poolId, IERC20[] memory tokens) external;
/**
* @dev Emitted when a Pool deregisters tokens by calling `deregisterTokens`.
*/
event TokensDeregistered(bytes32 indexed poolId, IERC20[] tokens);
/**
* @dev Returns detailed information for a Pool's registered token.
*
* `cash` is the number of tokens the Vault currently holds for the Pool. `managed` is the number of tokens
* withdrawn and held outside the Vault by the Pool's token Asset Manager. The Pool's total balance for `token`
* equals the sum of `cash` and `managed`.
*
* Internally, `cash` and `managed` are stored using 112 bits. No action can ever cause a Pool's token `cash`,
* `managed` or `total` balance to be greater than 2^112 - 1.
*
* `lastChangeBlock` is the number of the block in which `token`'s total balance was last modified (via either a
* join, exit, swap, or Asset Manager update). This value is useful to avoid so-called 'sandwich attacks', for
* example when developing price oracles. A change of zero (e.g. caused by a swap with amount zero) is considered a
* change for this purpose, and will update `lastChangeBlock`.
*
* `assetManager` is the Pool's token Asset Manager.
*/
function getPoolTokenInfo(bytes32 poolId, IERC20 token)
external
view
returns (
uint256 cash,
uint256 managed,
uint256 lastChangeBlock,
address assetManager
);
/**
* @dev Returns a Pool's registered tokens, the total balance for each, and the latest block when *any* of
* the tokens' `balances` changed.
*
* The order of the `tokens` array is the same order that will be used in `joinPool`, `exitPool`, as well as in all
* Pool hooks (where applicable). Calls to `registerTokens` and `deregisterTokens` may change this order.
*
* If a Pool only registers tokens once, and these are sorted in ascending order, they will be stored in the same
* order as passed to `registerTokens`.
*
* Total balances include both tokens held by the Vault and those withdrawn by the Pool's Asset Managers. These are
* the amounts used by joins, exits and swaps. For a detailed breakdown of token balances, use `getPoolTokenInfo`
* instead.
*/
function getPoolTokens(bytes32 poolId)
external
view
returns (
IERC20[] memory tokens,
uint256[] memory balances,
uint256 lastChangeBlock
);
/**
* @dev Called by users to join a Pool, which transfers tokens from `sender` into the Pool's balance. This will
* trigger custom Pool behavior, which will typically grant something in return to `recipient` - often tokenized
* Pool shares.
*
* If the caller is not `sender`, it must be an authorized relayer for them.
*
* The `assets` and `maxAmountsIn` arrays must have the same length, and each entry indicates the maximum amount
* to send for each asset. The amounts to send are decided by the Pool and not the Vault: it just enforces
* these maximums.
*
* If joining a Pool that holds WETH, it is possible to send ETH directly: the Vault will do the wrapping. To enable
* this mechanism, the IAsset sentinel value (the zero address) must be passed in the `assets` array instead of the
* WETH address. Note that it is not possible to combine ETH and WETH in the same join. Any excess ETH will be sent
* back to the caller (not the sender, which is important for relayers).
*
* `assets` must have the same length and order as the array returned by `getPoolTokens`. This prevents issues when
* interacting with Pools that register and deregister tokens frequently. If sending ETH however, the array must be
* sorted *before* replacing the WETH address with the ETH sentinel value (the zero address), which means the final
* `assets` array might not be sorted. Pools with no registered tokens cannot be joined.
*
* If `fromInternalBalance` is true, the caller's Internal Balance will be preferred: ERC20 transfers will only
* be made for the difference between the requested amount and Internal Balance (if any). Note that ETH cannot be
* withdrawn from Internal Balance: attempting to do so will trigger a revert.
*
* This causes the Vault to call the `IBasePool.onJoinPool` hook on the Pool's contract, where Pools implement
* their own custom logic. This typically requires additional information from the user (such as the expected number
* of Pool shares). This can be encoded in the `userData` argument, which is ignored by the Vault and passed
* directly to the Pool's contract, as is `recipient`.
*
* Emits a `PoolBalanceChanged` event.
*/
function joinPool(
bytes32 poolId,
address sender,
address recipient,
JoinPoolRequest memory request
) external payable;
struct JoinPoolRequest {
IAsset[] assets;
uint256[] maxAmountsIn;
bytes userData;
bool fromInternalBalance;
}
/**
* @dev Called by users to exit a Pool, which transfers tokens from the Pool's balance to `recipient`. This will
* trigger custom Pool behavior, which will typically ask for something in return from `sender` - often tokenized
* Pool shares. The amount of tokens that can be withdrawn is limited by the Pool's `cash` balance (see
* `getPoolTokenInfo`).
*
* If the caller is not `sender`, it must be an authorized relayer for them.
*
* The `tokens` and `minAmountsOut` arrays must have the same length, and each entry in these indicates the minimum
* token amount to receive for each token contract. The amounts to send are decided by the Pool and not the Vault:
* it just enforces these minimums.
*
* If exiting a Pool that holds WETH, it is possible to receive ETH directly: the Vault will do the unwrapping. To
* enable this mechanism, the IAsset sentinel value (the zero address) must be passed in the `assets` array instead
* of the WETH address. Note that it is not possible to combine ETH and WETH in the same exit.
*
* `assets` must have the same length and order as the array returned by `getPoolTokens`. This prevents issues when
* interacting with Pools that register and deregister tokens frequently. If receiving ETH however, the array must
* be sorted *before* replacing the WETH address with the ETH sentinel value (the zero address), which means the
* final `assets` array might not be sorted. Pools with no registered tokens cannot be exited.
*
* If `toInternalBalance` is true, the tokens will be deposited to `recipient`'s Internal Balance. Otherwise,
* an ERC20 transfer will be performed. Note that ETH cannot be deposited to Internal Balance: attempting to
* do so will trigger a revert.
*
* `minAmountsOut` is the minimum amount of tokens the user expects to get out of the Pool, for each token in the
* `tokens` array. This array must match the Pool's registered tokens.
*
* This causes the Vault to call the `IBasePool.onExitPool` hook on the Pool's contract, where Pools implement
* their own custom logic. This typically requires additional information from the user (such as the expected number
* of Pool shares to return). This can be encoded in the `userData` argument, which is ignored by the Vault and
* passed directly to the Pool's contract.
*
* Emits a `PoolBalanceChanged` event.
*/
function exitPool(
bytes32 poolId,
address sender,
address payable recipient,
ExitPoolRequest memory request
) external;
struct ExitPoolRequest {
IAsset[] assets;
uint256[] minAmountsOut;
bytes userData;
bool toInternalBalance;
}
/**
* @dev Emitted when a user joins or exits a Pool by calling `joinPool` or `exitPool`, respectively.
*/
event PoolBalanceChanged(
bytes32 indexed poolId,
address indexed liquidityProvider,
IERC20[] tokens,
int256[] deltas,
uint256[] protocolFeeAmounts
);
enum PoolBalanceChangeKind { JOIN, EXIT }
// Swaps
//
// Users can swap tokens with Pools by calling the `swap` and `batchSwap` functions. To do this,
// they need not trust Pool contracts in any way: all security checks are made by the Vault. They must however be
// aware of the Pools' pricing algorithms in order to estimate the prices Pools will quote.
//
// The `swap` function executes a single swap, while `batchSwap` can perform multiple swaps in sequence.
// In each individual swap, tokens of one kind are sent from the sender to the Pool (this is the 'token in'),
// and tokens of another kind are sent from the Pool to the recipient in exchange (this is the 'token out').
// More complex swaps, such as one token in to multiple tokens out can be achieved by batching together
// individual swaps.
//
// There are two swap kinds:
// - 'given in' swaps, where the amount of tokens in (sent to the Pool) is known, and the Pool determines (via the
// `onSwap` hook) the amount of tokens out (to send to the recipient).
// - 'given out' swaps, where the amount of tokens out (received from the Pool) is known, and the Pool determines
// (via the `onSwap` hook) the amount of tokens in (to receive from the sender).
//
// Additionally, it is possible to chain swaps using a placeholder input amount, which the Vault replaces with
// the calculated output of the previous swap. If the previous swap was 'given in', this will be the calculated
// tokenOut amount. If the previous swap was 'given out', it will use the calculated tokenIn amount. These extended
// swaps are known as 'multihop' swaps, since they 'hop' through a number of intermediate tokens before arriving at
// the final intended token.
//
// In all cases, tokens are only transferred in and out of the Vault (or withdrawn from and deposited into Internal
// Balance) after all individual swaps have been completed, and the net token balance change computed. This makes
// certain swap patterns, such as multihops, or swaps that interact with the same token pair in multiple Pools, cost
// much less gas than they would otherwise.
//
// It also means that under certain conditions it is possible to perform arbitrage by swapping with multiple
// Pools in a way that results in net token movement out of the Vault (profit), with no tokens being sent in (only
// updating the Pool's internal accounting).
//
// To protect users from front-running or the market changing rapidly, they supply a list of 'limits' for each token
// involved in the swap, where either the maximum number of tokens to send (by passing a positive value) or the
// minimum amount of tokens to receive (by passing a negative value) is specified.
//
// Additionally, a 'deadline' timestamp can also be provided, forcing the swap to fail if it occurs after
// this point in time (e.g. if the transaction failed to be included in a block promptly).
//
// If interacting with Pools that hold WETH, it is possible to both send and receive ETH directly: the Vault will do
// the wrapping and unwrapping. To enable this mechanism, the IAsset sentinel value (the zero address) must be
// passed in the `assets` array instead of the WETH address. Note that it is possible to combine ETH and WETH in the
// same swap. Any excess ETH will be sent back to the caller (not the sender, which is relevant for relayers).
//
// Finally, Internal Balance can be used when either sending or receiving tokens.
enum SwapKind { GIVEN_IN, GIVEN_OUT }
/**
* @dev Performs a swap with a single Pool.
*
* If the swap is 'given in' (the number of tokens to send to the Pool is known), it returns the amount of tokens
* taken from the Pool, which must be greater than or equal to `limit`.
*
* If the swap is 'given out' (the number of tokens to take from the Pool is known), it returns the amount of tokens
* sent to the Pool, which must be less than or equal to `limit`.
*
* Internal Balance usage and the recipient are determined by the `funds` struct.
*
* Emits a `Swap` event.
*/
function swap(
SingleSwap memory singleSwap,
FundManagement memory funds,
uint256 limit,
uint256 deadline
) external payable returns (uint256);
/**
* @dev Data for a single swap executed by `swap`. `amount` is either `amountIn` or `amountOut` depending on
* the `kind` value.
*
* `assetIn` and `assetOut` are either token addresses, or the IAsset sentinel value for ETH (the zero address).
* Note that Pools never interact with ETH directly: it will be wrapped to or unwrapped from WETH by the Vault.
*
* The `userData` field is ignored by the Vault, but forwarded to the Pool in the `onSwap` hook, and may be
* used to extend swap behavior.
*/
struct SingleSwap {
bytes32 poolId;
SwapKind kind;
IAsset assetIn;
IAsset assetOut;
uint256 amount;
bytes userData;
}
/**
* @dev Performs a series of swaps with one or multiple Pools. In each individual swap, the caller determines either
* the amount of tokens sent to or received from the Pool, depending on the `kind` value.
*
* Returns an array with the net Vault asset balance deltas. Positive amounts represent tokens (or ETH) sent to the
* Vault, and negative amounts represent tokens (or ETH) sent by the Vault. Each delta corresponds to the asset at
* the same index in the `assets` array.
*
* Swaps are executed sequentially, in the order specified by the `swaps` array. Each array element describes a
* Pool, the token to be sent to this Pool, the token to receive from it, and an amount that is either `amountIn` or
* `amountOut` depending on the swap kind.
*
* Multihop swaps can be executed by passing an `amount` value of zero for a swap. This will cause the amount in/out
* of the previous swap to be used as the amount in for the current one. In a 'given in' swap, 'tokenIn' must equal
* the previous swap's `tokenOut`. For a 'given out' swap, `tokenOut` must equal the previous swap's `tokenIn`.
*
* The `assets` array contains the addresses of all assets involved in the swaps. These are either token addresses,
* or the IAsset sentinel value for ETH (the zero address). Each entry in the `swaps` array specifies tokens in and
* out by referencing an index in `assets`. Note that Pools never interact with ETH directly: it will be wrapped to
* or unwrapped from WETH by the Vault.
*
* Internal Balance usage, sender, and recipient are determined by the `funds` struct. The `limits` array specifies
* the minimum or maximum amount of each token the vault is allowed to transfer.
*
* `batchSwap` can be used to make a single swap, like `swap` does, but doing so requires more gas than the
* equivalent `swap` call.
*
* Emits `Swap` events.
*/
function batchSwap(
SwapKind kind,
BatchSwapStep[] memory swaps,
IAsset[] memory assets,
FundManagement memory funds,
int256[] memory limits,
uint256 deadline
) external payable returns (int256[] memory);
/**
* @dev Data for each individual swap executed by `batchSwap`. The asset in and out fields are indexes into the
* `assets` array passed to that function, and ETH assets are converted to WETH.
*
* If `amount` is zero, the multihop mechanism is used to determine the actual amount based on the amount in/out
* from the previous swap, depending on the swap kind.
*
* The `userData` field is ignored by the Vault, but forwarded to the Pool in the `onSwap` hook, and may be
* used to extend swap behavior.
*/
struct BatchSwapStep {
bytes32 poolId;
uint256 assetInIndex;
uint256 assetOutIndex;
uint256 amount;
bytes userData;
}
/**
* @dev Emitted for each individual swap performed by `swap` or `batchSwap`.
*/
event Swap(
bytes32 indexed poolId,
IERC20 indexed tokenIn,
IERC20 indexed tokenOut,
uint256 amountIn,
uint256 amountOut
);
/**
* @dev All tokens in a swap are either sent from the `sender` account to the Vault, or from the Vault to the
* `recipient` account.
*
* If the caller is not `sender`, it must be an authorized relayer for them.
*
* If `fromInternalBalance` is true, the `sender`'s Internal Balance will be preferred, performing an ERC20
* transfer for the difference between the requested amount and the User's Internal Balance (if any). The `sender`
* must have allowed the Vault to use their tokens via `IERC20.approve()`. This matches the behavior of
* `joinPool`.
*
* If `toInternalBalance` is true, tokens will be deposited to `recipient`'s internal balance instead of
* transferred. This matches the behavior of `exitPool`.
*
* Note that ETH cannot be deposited to or withdrawn from Internal Balance: attempting to do so will trigger a
* revert.
*/
struct FundManagement {
address sender;
bool fromInternalBalance;
address payable recipient;
bool toInternalBalance;
}
/**
* @dev Simulates a call to `batchSwap`, returning an array of Vault asset deltas. Calls to `swap` cannot be
* simulated directly, but an equivalent `batchSwap` call can and will yield the exact same result.
*
* Each element in the array corresponds to the asset at the same index, and indicates the number of tokens (or ETH)
* the Vault would take from the sender (if positive) or send to the recipient (if negative). The arguments it
* receives are the same that an equivalent `batchSwap` call would receive.
*
* Unlike `batchSwap`, this function performs no checks on the sender or recipient field in the `funds` struct.
* This makes it suitable to be called by off-chain applications via eth_call without needing to hold tokens,
* approve them for the Vault, or even know a user's address.
*
* Note that this function is not 'view' (due to implementation details): the client code must explicitly execute
* eth_call instead of eth_sendTransaction.
*/
function queryBatchSwap(
SwapKind kind,
BatchSwapStep[] memory swaps,
IAsset[] memory assets,
FundManagement memory funds
) external returns (int256[] memory assetDeltas);
// Flash Loans
/**
* @dev Performs a 'flash loan', sending tokens to `recipient`, executing the `receiveFlashLoan` hook on it,
* and then reverting unless the tokens plus a proportional protocol fee have been returned.
*
* The `tokens` and `amounts` arrays must have the same length, and each entry in these indicates the loan amount
* for each token contract. `tokens` must be sorted in ascending order.
*
* The 'userData' field is ignored by the Vault, and forwarded as-is to `recipient` as part of the
* `receiveFlashLoan` call.
*
* Emits `FlashLoan` events.
*/
function flashLoan(
IFlashLoanRecipient recipient,
IERC20[] memory tokens,
uint256[] memory amounts,
bytes memory userData
) external;
/**
* @dev Emitted for each individual flash loan performed by `flashLoan`.
*/
event FlashLoan(IFlashLoanRecipient indexed recipient, IERC20 indexed token, uint256 amount, uint256 feeAmount);
// Asset Management
//
// Each token registered for a Pool can be assigned an Asset Manager, which is able to freely withdraw the Pool's
// tokens from the Vault, deposit them, or assign arbitrary values to its `managed` balance (see
// `getPoolTokenInfo`). This makes them extremely powerful and dangerous. Even if an Asset Manager only directly
// controls one of the tokens in a Pool, a malicious manager could set that token's balance to manipulate the
// prices of the other tokens, and then drain the Pool with swaps. The risk of using Asset Managers is therefore
// not constrained to the tokens they are managing, but extends to the entire Pool's holdings.
//
// However, a properly designed Asset Manager smart contract can be safely used for the Pool's benefit,
// for example by lending unused tokens out for interest, or using them to participate in voting protocols.
//
// This concept is unrelated to the IAsset interface.
/**
* @dev Performs a set of Pool balance operations, which may be either withdrawals, deposits or updates.
*
* Pool Balance management features batching, which means a single contract call can be used to perform multiple
* operations of different kinds, with different Pools and tokens, at once.
*
* For each operation, the caller must be registered as the Asset Manager for `token` in `poolId`.
*/
function managePoolBalance(PoolBalanceOp[] memory ops) external;
struct PoolBalanceOp {
PoolBalanceOpKind kind;
bytes32 poolId;
IERC20 token;
uint256 amount;
}
/**
* Withdrawals decrease the Pool's cash, but increase its managed balance, leaving the total balance unchanged.
*
* Deposits increase the Pool's cash, but decrease its managed balance, leaving the total balance unchanged.
*
* Updates don't affect the Pool's cash balance, but because the managed balance changes, it does alter the total.
* The external amount can be either increased or decreased by this call (i.e., reporting a gain or a loss).
*/
enum PoolBalanceOpKind { WITHDRAW, DEPOSIT, UPDATE }
/**
* @dev Emitted when a Pool's token Asset Manager alters its balance via `managePoolBalance`.
*/
event PoolBalanceManaged(
bytes32 indexed poolId,
address indexed assetManager,
IERC20 indexed token,
int256 cashDelta,
int256 managedDelta
);
// Protocol Fees
//
// Some operations cause the Vault to collect tokens in the form of protocol fees, which can then be withdrawn by
// permissioned accounts.
//
// There are two kinds of protocol fees:
//
// - flash loan fees: charged on all flash loans, as a percentage of the amounts lent.
//
// - swap fees: a percentage of the fees charged by Pools when performing swaps. For a number of reasons, including
// swap gas costs and interface simplicity, protocol swap fees are not charged on each individual swap. Rather,
// Pools are expected to keep track of how much they have charged in swap fees, and pay any outstanding debts to the
// Vault when they are joined or exited. This prevents users from joining a Pool with unpaid debt, as well as
// exiting a Pool in debt without first paying their share.
/**
* @dev Returns the current protocol fee module.
*/
function getProtocolFeesCollector() external view returns (IProtocolFeesCollector);
/**
* @dev Safety mechanism to pause most Vault operations in the event of an emergency - typically detection of an
* error in some part of the system.
*
* The Vault can only be paused during an initial time period, after which pausing is forever disabled.
*
* While the contract is paused, the following features are disabled:
* - depositing and transferring internal balance
* - transferring external balance (using the Vault's allowance)
* - swaps
* - joining Pools
* - Asset Manager interactions
*
* Internal Balance can still be withdrawn, and Pools exited.
*/
function setPaused(bool paused) external;
/**
* @dev Returns the Vault's WETH instance.
*/
function WETH() external view returns (IWETH);
// solhint-disable-previous-line func-name-mixedcase
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "../solidity-utils/openzeppelin/IERC20.sol";
import "./IVault.sol";
interface IPoolSwapStructs {
// This is not really an interface - it just defines common structs used by other interfaces: IGeneralPool and
// IMinimalSwapInfoPool.
//
// This data structure represents a request for a token swap, where `kind` indicates the swap type ('given in' or
// 'given out') which indicates whether or not the amount sent by the pool is known.
//
// The pool receives `tokenIn` and sends `tokenOut`. `amount` is the number of `tokenIn` tokens the pool will take
// in, or the number of `tokenOut` tokens the Pool will send out, depending on the given swap `kind`.
//
// All other fields are not strictly necessary for most swaps, but are provided to support advanced scenarios in
// some Pools.
//
// `poolId` is the ID of the Pool involved in the swap - this is useful for Pool contracts that implement more than
// one Pool.
//
// The meaning of `lastChangeBlock` depends on the Pool specialization:
// - Two Token or Minimal Swap Info: the last block in which either `tokenIn` or `tokenOut` changed its total
// balance.
// - General: the last block in which *any* of the Pool's registered tokens changed its total balance.
//
// `from` is the origin address for the funds the Pool receives, and `to` is the destination address
// where the Pool sends the outgoing tokens.
//
// `userData` is extra data provided by the caller - typically a signature from a trusted party.
struct SwapRequest {
IVault.SwapKind kind;
IERC20 tokenIn;
IERC20 tokenOut;
uint256 amount;
// Misc data
bytes32 poolId;
uint256 lastChangeBlock;
address from;
address to;
bytes userData;
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
interface IAuthentication {
/**
* @dev Returns the action identifier associated with the external function described by `selector`.
*/
function getActionId(bytes4 selector) external view returns (bytes32);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
/**
* @dev Interface for the SignatureValidator helper, used to support meta-transactions.
*/
interface ISignaturesValidator {
/**
* @dev Returns the EIP712 domain separator.
*/
function getDomainSeparator() external view returns (bytes32);
/**
* @dev Returns the next nonce used by an address to sign messages.
*/
function getNextNonce(address user) external view returns (uint256);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
/**
* @dev Interface for the TemporarilyPausable helper.
*/
interface ITemporarilyPausable {
/**
* @dev Emitted every time the pause state changes by `_setPaused`.
*/
event PausedStateChanged(bool paused);
/**
* @dev Returns the current paused state.
*/
function getPausedState()
external
view
returns (
bool paused,
uint256 pauseWindowEndTime,
uint256 bufferPeriodEndTime
);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "../openzeppelin/IERC20.sol";
/**
* @dev Interface for WETH9.
* See https://github.com/gnosis/canonical-weth/blob/0dd1ea3e295eef916d0c6223ec63141137d22d67/contracts/WETH9.sol
*/
interface IWETH is IERC20 {
function deposit() external payable;
function withdraw(uint256 amount) external;
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
/**
* @dev This is an empty interface used to represent either ERC20-conforming token contracts or ETH (using the zero
* address sentinel value). We're just relying on the fact that `interface` can be used to declare new address-like
* types.
*
* This concept is unrelated to a Pool's Asset Managers.
*/
interface IAsset {
// solhint-disable-previous-line no-empty-blocks
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
interface IAuthorizer {
/**
* @dev Returns true if `account` can perform the action described by `actionId` in the contract `where`.
*/
function canPerform(
bytes32 actionId,
address account,
address where
) external view returns (bool);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
// Inspired by Aave Protocol's IFlashLoanReceiver.
import "../solidity-utils/openzeppelin/IERC20.sol";
interface IFlashLoanRecipient {
/**
* @dev When `flashLoan` is called on the Vault, it invokes the `receiveFlashLoan` hook on the recipient.
*
* At the time of the call, the Vault will have transferred `amounts` for `tokens` to the recipient. Before this
* call returns, the recipient must have transferred `amounts` plus `feeAmounts` for each token back to the
* Vault, or else the entire flash loan will revert.
*
* `userData` is the same value passed in the `IVault.flashLoan` call.
*/
function receiveFlashLoan(
IERC20[] memory tokens,
uint256[] memory amounts,
uint256[] memory feeAmounts,
bytes memory userData
) external;
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "../solidity-utils/openzeppelin/IERC20.sol";
import "./IVault.sol";
import "./IAuthorizer.sol";
interface IProtocolFeesCollector {
event SwapFeePercentageChanged(uint256 newSwapFeePercentage);
event FlashLoanFeePercentageChanged(uint256 newFlashLoanFeePercentage);
function withdrawCollectedFees(
IERC20[] calldata tokens,
uint256[] calldata amounts,
address recipient
) external;
function setSwapFeePercentage(uint256 newSwapFeePercentage) external;
function setFlashLoanFeePercentage(uint256 newFlashLoanFeePercentage) external;
function getSwapFeePercentage() external view returns (uint256);
function getFlashLoanFeePercentage() external view returns (uint256);
function getCollectedFeeAmounts(IERC20[] memory tokens) external view returns (uint256[] memory feeAmounts);
function getAuthorizer() external view returns (IAuthorizer);
function vault() external view returns (IVault);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "../solidity-utils/openzeppelin/IERC20.sol";
interface IAssetManager {
/**
* @notice Emitted when asset manager is rebalanced
*/
event Rebalance(bytes32 poolId);
/**
* @notice Sets the config
*/
function setConfig(bytes32 poolId, bytes calldata config) external;
/**
* Note: No function to read the asset manager config is included in IAssetManager
* as the signature is expected to vary between asset manager implementations
*/
/**
* @notice Returns the asset manager's token
*/
function getToken() external view returns (IERC20);
/**
* @return the current assets under management of this asset manager
*/
function getAUM(bytes32 poolId) external view returns (uint256);
/**
* @return poolCash - The up-to-date cash balance of the pool
* @return poolManaged - The up-to-date managed balance of the pool
*/
function getPoolBalances(bytes32 poolId) external view returns (uint256 poolCash, uint256 poolManaged);
/**
* @return The difference in tokens between the target investment
* and the currently invested amount (i.e. the amount that can be invested)
*/
function maxInvestableBalance(bytes32 poolId) external view returns (int256);
/**
* @notice Updates the Vault on the value of the pool's investment returns
*/
function updateBalanceOfPool(bytes32 poolId) external;
/**
* @notice Determines whether the pool should rebalance given the provided balances
*/
function shouldRebalance(uint256 cash, uint256 managed) external view returns (bool);
/**
* @notice Rebalances funds between the pool and the asset manager to maintain target investment percentage.
* @param poolId - the poolId of the pool to be rebalanced
* @param force - a boolean representing whether a rebalance should be forced even when the pool is near balance
*/
function rebalance(bytes32 poolId, bool force) external;
/**
* @notice allows an authorized rebalancer to remove capital to facilitate large withdrawals
* @param poolId - the poolId of the pool to withdraw funds back to
* @param amount - the amount of tokens to withdraw back to the pool
*/
function capitalOut(bytes32 poolId, uint256 amount) external;
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol";
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/ITemporarilyPausable.sol";
/**
* @dev Allows for a contract to be paused during an initial period after deployment, disabling functionality. Can be
* used as an emergency switch in case a security vulnerability or threat is identified.
*
* The contract can only be paused during the Pause Window, a period that starts at deployment. It can also be
* unpaused and repaused any number of times during this period. This is intended to serve as a safety measure: it lets
* system managers react quickly to potentially dangerous situations, knowing that this action is reversible if careful
* analysis later determines there was a false alarm.
*
* If the contract is paused when the Pause Window finishes, it will remain in the paused state through an additional
* Buffer Period, after which it will be automatically unpaused forever. This is to ensure there is always enough time
* to react to an emergency, even if the threat is discovered shortly before the Pause Window expires.
*
* Note that since the contract can only be paused within the Pause Window, unpausing during the Buffer Period is
* irreversible.
*/
abstract contract TemporarilyPausable is ITemporarilyPausable {
// The Pause Window and Buffer Period are timestamp-based: they should not be relied upon for sub-minute accuracy.
// solhint-disable not-rely-on-time
uint256 private constant _MAX_PAUSE_WINDOW_DURATION = 90 days;
uint256 private constant _MAX_BUFFER_PERIOD_DURATION = 30 days;
uint256 private immutable _pauseWindowEndTime;
uint256 private immutable _bufferPeriodEndTime;
bool private _paused;
constructor(uint256 pauseWindowDuration, uint256 bufferPeriodDuration) {
_require(pauseWindowDuration <= _MAX_PAUSE_WINDOW_DURATION, Errors.MAX_PAUSE_WINDOW_DURATION);
_require(bufferPeriodDuration <= _MAX_BUFFER_PERIOD_DURATION, Errors.MAX_BUFFER_PERIOD_DURATION);
uint256 pauseWindowEndTime = block.timestamp + pauseWindowDuration;
_pauseWindowEndTime = pauseWindowEndTime;
_bufferPeriodEndTime = pauseWindowEndTime + bufferPeriodDuration;
}
/**
* @dev Reverts if the contract is paused.
*/
modifier whenNotPaused() {
_ensureNotPaused();
_;
}
/**
* @dev Returns the current contract pause status, as well as the end times of the Pause Window and Buffer
* Period.
*/
function getPausedState()
external
view
override
returns (
bool paused,
uint256 pauseWindowEndTime,
uint256 bufferPeriodEndTime
)
{
paused = !_isNotPaused();
pauseWindowEndTime = _getPauseWindowEndTime();
bufferPeriodEndTime = _getBufferPeriodEndTime();
}
/**
* @dev Sets the pause state to `paused`. The contract can only be paused until the end of the Pause Window, and
* unpaused until the end of the Buffer Period.
*
* Once the Buffer Period expires, this function reverts unconditionally.
*/
function _setPaused(bool paused) internal {
if (paused) {
_require(block.timestamp < _getPauseWindowEndTime(), Errors.PAUSE_WINDOW_EXPIRED);
} else {
_require(block.timestamp < _getBufferPeriodEndTime(), Errors.BUFFER_PERIOD_EXPIRED);
}
_paused = paused;
emit PausedStateChanged(paused);
}
/**
* @dev Reverts if the contract is paused.
*/
function _ensureNotPaused() internal view {
_require(_isNotPaused(), Errors.PAUSED);
}
/**
* @dev Reverts if the contract is not paused.
*/
function _ensurePaused() internal view {
_require(!_isNotPaused(), Errors.NOT_PAUSED);
}
/**
* @dev Returns true if the contract is unpaused.
*
* Once the Buffer Period expires, the gas cost of calling this function is reduced dramatically, as storage is no
* longer accessed.
*/
function _isNotPaused() internal view returns (bool) {
// After the Buffer Period, the (inexpensive) timestamp check short-circuits the storage access.
return block.timestamp > _getBufferPeriodEndTime() || !_paused;
}
// These getters lead to reduced bytecode size by inlining the immutable variables in a single place.
function _getPauseWindowEndTime() private view returns (uint256) {
return _pauseWindowEndTime;
}
function _getBufferPeriodEndTime() private view returns (uint256) {
return _bufferPeriodEndTime;
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol";
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC20.sol";
import "./SafeMath.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20 is IERC20 {
using SafeMath for uint256;
mapping(address => uint256) private _balances;
mapping(address => mapping(address => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
uint8 private _decimals;
/**
* @dev Sets the values for {name} and {symbol}, initializes {decimals} with
* a default value of 18.
*
* To select a different value for {decimals}, use {_setupDecimals}.
*
* All three of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
_decimals = 18;
}
/**
* @dev Returns the name of the token.
*/
function name() public view returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5,05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless {_setupDecimals} is
* called.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view returns (uint8) {
return _decimals;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address recipient, uint256 amount) public virtual override returns (bool) {
_transfer(msg.sender, recipient, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual override returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
_approve(msg.sender, spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* Requirements:
*
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
* - the caller must have allowance for ``sender``'s tokens of at least
* `amount`.
*/
function transferFrom(
address sender,
address recipient,
uint256 amount
) public virtual override returns (bool) {
_transfer(sender, recipient, amount);
_approve(
sender,
msg.sender,
_allowances[sender][msg.sender].sub(amount, Errors.ERC20_TRANSFER_EXCEEDS_ALLOWANCE)
);
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
_approve(msg.sender, spender, _allowances[msg.sender][spender].add(addedValue));
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
_approve(
msg.sender,
spender,
_allowances[msg.sender][spender].sub(subtractedValue, Errors.ERC20_DECREASED_ALLOWANCE_BELOW_ZERO)
);
return true;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/
function _transfer(
address sender,
address recipient,
uint256 amount
) internal virtual {
_require(sender != address(0), Errors.ERC20_TRANSFER_FROM_ZERO_ADDRESS);
_require(recipient != address(0), Errors.ERC20_TRANSFER_TO_ZERO_ADDRESS);
_beforeTokenTransfer(sender, recipient, amount);
_balances[sender] = _balances[sender].sub(amount, Errors.ERC20_TRANSFER_EXCEEDS_BALANCE);
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `to` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal virtual {
_beforeTokenTransfer(address(0), account, amount);
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal virtual {
_require(account != address(0), Errors.ERC20_BURN_FROM_ZERO_ADDRESS);
_beforeTokenTransfer(account, address(0), amount);
_balances[account] = _balances[account].sub(amount, Errors.ERC20_BURN_EXCEEDS_BALANCE);
_totalSupply = _totalSupply.sub(amount);
emit Transfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(
address owner,
address spender,
uint256 amount
) internal virtual {
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Sets {decimals} to a value other than the default one of 18.
*
* WARNING: This function should only be called from the constructor. Most
* applications that interact with token contracts will not expect
* {decimals} to ever change, and may work incorrectly if it does.
*/
function _setupDecimals(uint8 decimals_) internal {
_decimals = decimals_;
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be to transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {
// solhint-disable-previous-line no-empty-blocks
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/vault/IVault.sol";
import "@balancer-labs/v2-solidity-utils/contracts/openzeppelin/ERC20Permit.sol";
/**
* @title Highly opinionated token implementation
* @author Balancer Labs
* @dev
* - Includes functions to increase and decrease allowance as a workaround
* for the well-known issue with `approve`:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
* - Allows for 'infinite allowance', where an allowance of 0xff..ff is not
* decreased by calls to transferFrom
* - Lets a token holder use `transferFrom` to send their own tokens,
* without first setting allowance
* - Emits 'Approval' events whenever allowance is changed by `transferFrom`
* - Assigns infinite allowance for all token holders to the Vault
*/
contract BalancerPoolToken is ERC20Permit {
IVault private immutable _vault;
constructor(
string memory tokenName,
string memory tokenSymbol,
IVault vault
) ERC20(tokenName, tokenSymbol) ERC20Permit(tokenName) {
_vault = vault;
}
function getVault() public view returns (IVault) {
return _vault;
}
// Overrides
/**
* @dev Override to grant the Vault infinite allowance, causing for Pool Tokens to not require approval.
*
* This is sound as the Vault already provides authorization mechanisms when initiation token transfers, which this
* contract inherits.
*/
function allowance(address owner, address spender) public view override returns (uint256) {
if (spender == address(getVault())) {
return uint256(-1);
} else {
return super.allowance(owner, spender);
}
}
/**
* @dev Override to allow for 'infinite allowance' and let the token owner use `transferFrom` with no self-allowance
*/
function transferFrom(
address sender,
address recipient,
uint256 amount
) public override returns (bool) {
uint256 currentAllowance = allowance(sender, msg.sender);
_require(msg.sender == sender || currentAllowance >= amount, Errors.ERC20_TRANSFER_EXCEEDS_ALLOWANCE);
_transfer(sender, recipient, amount);
if (msg.sender != sender && currentAllowance != uint256(-1)) {
// Because of the previous require, we know that if msg.sender != sender then currentAllowance >= amount
_approve(sender, msg.sender, currentAllowance - amount);
}
return true;
}
/**
* @dev Override to allow decreasing allowance by more than the current amount (setting it to zero)
*/
function decreaseAllowance(address spender, uint256 amount) public override returns (bool) {
uint256 currentAllowance = allowance(msg.sender, spender);
if (amount >= currentAllowance) {
_approve(msg.sender, spender, 0);
} else {
// No risk of underflow due to if condition
_approve(msg.sender, spender, currentAllowance - amount);
}
return true;
}
// Internal functions
function _mintPoolTokens(address recipient, uint256 amount) internal {
_mint(recipient, amount);
}
function _burnPoolTokens(address sender, uint256 amount) internal {
_burn(sender, amount);
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/IRecoveryMode.sol";
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol";
import "@balancer-labs/v2-interfaces/contracts/pool-utils/BasePoolUserData.sol";
import "@balancer-labs/v2-solidity-utils/contracts/math/FixedPoint.sol";
import "./BasePoolAuthorization.sol";
/**
* @notice Handle storage and state changes for pools that support "Recovery Mode".
*
* @dev This is intended to provide a safe way to exit any pool during some kind of emergency, to avoid locking funds
* in the event the pool enters a non-functional state (i.e., some code that normally runs during exits is causing
* them to revert).
*
* Recovery Mode is *not* the same as pausing the pool. The pause function is only available during a short window
* after factory deployment. Pausing can only be intentionally reversed during a buffer period, and the contract
* will permanently unpause itself thereafter. Paused pools are completely disabled, in a kind of suspended animation,
* until they are voluntarily or involuntarily unpaused.
*
* By contrast, a privileged account - typically a governance multisig - can place a pool in Recovery Mode at any
* time, and it is always reversible. The pool is *not* disabled while in this mode: though of course whatever
* condition prompted the transition to Recovery Mode has likely effectively disabled some functions. Rather,
* a special "clean" exit is enabled, which runs the absolute minimum code necessary to exit proportionally.
* In particular, stable pools do not attempt to compute the invariant (which is a complex, iterative calculation
* that can fail in extreme circumstances), and no protocol fees are collected.
*
* In some pools, such as those with Oracles or Price Rates, Recovery mode takes advantage of mathematical properties
* to safely compute the invariant for the special case of proportional withdrawals, without running the usual more
* complex code necessary in general (e.g., for non-proportional joins/exits and swaps). This might be enough to
* support functions like `getRate`, allowing dependent pools to function normally. (Otherwise, the dependent pools
* can themselves be placed into Recovery Mode.)
*
* It is critical to ensure that turning on Recovery Mode would do no harm, if activated maliciously or in error.
*/
abstract contract RecoveryMode is IRecoveryMode, BasePoolAuthorization {
using FixedPoint for uint256;
using BasePoolUserData for bytes;
bool private _recoveryMode;
/**
* @dev Reverts if the contract is in Recovery Mode.
*/
modifier whenNotInRecoveryMode() {
_ensureNotInRecoveryMode();
_;
}
/**
* @notice Enable recovery mode, which enables a special safe exit path for LPs.
* @dev Does not otherwise affect pool operations (beyond deferring payment of protocol fees), though some pools may
* perform certain operations in a "safer" manner that is less likely to fail, in an attempt to keep the pool
* running, even in a pathological state. Unlike the Pause operation, which is only available during a short window
* after factory deployment, Recovery Mode can always be enableed.
*/
function enableRecoveryMode() external authenticate {
_setRecoveryMode(true);
}
/**
* @notice Disable recovery mode, which disables the special safe exit path for LPs.
* @dev Protocol fees are not paid while in Recovery Mode, so it should only remain active for as long as strictly
* necessary.
*/
function disableRecoveryMode() external authenticate {
_setRecoveryMode(false);
}
/**
* @notice Returns whether the pool is in Recovery Mode.
*/
function inRecoveryMode() public view override returns (bool) {
return _recoveryMode;
}
/**
* @dev Sets the recoveryMode state, and emits the corresponding event. Can be overridden
* if a pool needs to detect when the Recovery Mode state changes.
*
* No complex code or external calls that could fail should be placed here, which could jeopardize
* the ability to enable and disable Recovery Mode.
*/
function _setRecoveryMode(bool enabled) internal virtual {
_recoveryMode = enabled;
emit RecoveryModeStateChanged(enabled);
}
/**
* @dev Reverts if the contract is not in Recovery Mode.
*/
function _ensureInRecoveryMode() internal view {
_require(_recoveryMode, Errors.NOT_IN_RECOVERY_MODE);
}
/**
* @dev Reverts if the contract is in Recovery Mode.
*/
function _ensureNotInRecoveryMode() internal view {
_require(!_recoveryMode, Errors.IN_RECOVERY_MODE);
}
/**
* @dev A minimal proportional exit, suitable as is for most pools: though not for pools with Phantom BPT
* or other special considerations. Designed to be overridden if a pool needs to do extra processing,
* such as scaling a stored invariant, or caching the new total supply.
*
* No complex code or external calls should be made in derived contracts that override this!
*/
function _doRecoveryModeExit(
uint256[] memory balances,
uint256 totalSupply,
bytes memory userData
) internal virtual returns (uint256, uint256[] memory) {
uint256 bptAmountIn = userData.recoveryModeExit();
uint256[] memory amountsOut = _computeProportionalAmountsOut(balances, totalSupply, bptAmountIn);
return (bptAmountIn, amountsOut);
}
function _computeProportionalAmountsOut(
uint256[] memory balances,
uint256 totalSupply,
uint256 bptAmountIn
) internal pure returns (uint256[] memory amountsOut) {
/**********************************************************************************************
// exactBPTInForTokensOut //
// (per token) //
// aO = tokenAmountOut / bptIn \ //
// b = tokenBalance a0 = b * | --------------------- | //
// bptIn = bptAmountIn \ bptTotalSupply / //
// bpt = bptTotalSupply //
**********************************************************************************************/
// Since we're computing an amount out, we round down overall. This means rounding down on both the
// multiplication and division.
uint256 bptRatio = bptAmountIn.divDown(totalSupply);
amountsOut = new uint256[](balances.length);
for (uint256 i = 0; i < balances.length; i++) {
amountsOut[i] = balances[i].mulDown(bptRatio);
}
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol";
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
*
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
_require(c >= a, Errors.ADD_OVERFLOW);
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, Errors.SUB_OVERFLOW);
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/
function sub(
uint256 a,
uint256 b,
uint256 errorCode
) internal pure returns (uint256) {
_require(b <= a, errorCode);
uint256 c = a - b;
return c;
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/openzeppelin/IERC20Permit.sol";
import "./ERC20.sol";
import "./EIP712.sol";
/**
* @dev Implementation of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on `{IERC20-approve}`, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*
* _Available since v3.4._
*/
abstract contract ERC20Permit is ERC20, IERC20Permit, EIP712 {
mapping(address => uint256) private _nonces;
// solhint-disable-next-line var-name-mixedcase
bytes32 private immutable _PERMIT_TYPEHASH = keccak256(
"Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)"
);
/**
* @dev Initializes the {EIP712} domain separator using the `name` parameter, and setting `version` to `"1"`.
*
* It's a good idea to use the same `name` that is defined as the ERC20 token name.
*/
constructor(string memory name) EIP712(name, "1") {
// solhint-disable-previous-line no-empty-blocks
}
/**
* @dev See {IERC20Permit-permit}.
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) public virtual override {
// solhint-disable-next-line not-rely-on-time
_require(block.timestamp <= deadline, Errors.EXPIRED_PERMIT);
uint256 nonce = _nonces[owner];
bytes32 structHash = keccak256(abi.encode(_PERMIT_TYPEHASH, owner, spender, value, nonce, deadline));
bytes32 hash = _hashTypedDataV4(structHash);
address signer = ecrecover(hash, v, r, s);
_require((signer != address(0)) && (signer == owner), Errors.INVALID_SIGNATURE);
_nonces[owner] = nonce + 1;
_approve(owner, spender, value);
}
/**
* @dev See {IERC20Permit-nonces}.
*/
function nonces(address owner) public view override returns (uint256) {
return _nonces[owner];
}
/**
* @dev See {IERC20Permit-DOMAIN_SEPARATOR}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view override returns (bytes32) {
return _domainSeparatorV4();
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.0;
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on `{IERC20-approve}`, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over `owner`'s tokens,
* given `owner`'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for `permit`, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.7.0;
/**
* @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data.
*
* The encoding specified in the EIP is very generic, and such a generic implementation in Solidity is not feasible,
* thus this contract does not implement the encoding itself. Protocols need to implement the type-specific encoding
* they need in their contracts using a combination of `abi.encode` and `keccak256`.
*
* This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding
* scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA
* ({_hashTypedDataV4}).
*
* The implementation of the domain separator was designed to be as efficient as possible while still properly updating
* the chain id to protect against replay attacks on an eventual fork of the chain.
*
* NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method
* https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask].
*
* _Available since v3.4._
*/
abstract contract EIP712 {
/* solhint-disable var-name-mixedcase */
bytes32 private immutable _HASHED_NAME;
bytes32 private immutable _HASHED_VERSION;
bytes32 private immutable _TYPE_HASH;
/* solhint-enable var-name-mixedcase */
/**
* @dev Initializes the domain separator and parameter caches.
*
* The meaning of `name` and `version` is specified in
* https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]:
*
* - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol.
* - `version`: the current major version of the signing domain.
*
* NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart
* contract upgrade].
*/
constructor(string memory name, string memory version) {
_HASHED_NAME = keccak256(bytes(name));
_HASHED_VERSION = keccak256(bytes(version));
_TYPE_HASH = keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)");
}
/**
* @dev Returns the domain separator for the current chain.
*/
function _domainSeparatorV4() internal view virtual returns (bytes32) {
return keccak256(abi.encode(_TYPE_HASH, _HASHED_NAME, _HASHED_VERSION, _getChainId(), address(this)));
}
/**
* @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this
* function returns the hash of the fully encoded EIP712 message for this domain.
*
* This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example:
*
* ```solidity
* bytes32 digest = _hashTypedDataV4(keccak256(abi.encode(
* keccak256("Mail(address to,string contents)"),
* mailTo,
* keccak256(bytes(mailContents))
* )));
* address signer = ECDSA.recover(digest, signature);
* ```
*/
function _hashTypedDataV4(bytes32 structHash) internal view virtual returns (bytes32) {
return keccak256(abi.encodePacked("\x19\x01", _domainSeparatorV4(), structHash));
}
function _getChainId() private view returns (uint256 chainId) {
// Silence state mutability warning without generating bytecode.
// See https://github.com/ethereum/solidity/issues/10090#issuecomment-741789128 and
// https://github.com/ethereum/solidity/issues/2691
this;
// solhint-disable-next-line no-inline-assembly
assembly {
chainId := chainid()
}
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
/**
* @dev Interface for the RecoveryMode helper.
*/
interface IRecoveryMode {
/**
* @dev Emitted every time the recovery mode changes through `_setRecoveryMode`.
*/
event RecoveryModeStateChanged(bool enabled);
/**
* @notice Return whether the pool is in recovery mode.
*/
function inRecoveryMode() external view returns (bool);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
library BasePoolUserData {
// Special ExitKind for all pools, used in Recovery Mode. Use the max 8-bit value to prevent conflicts
// with future additions to the ExitKind enums (or any front-end code that maps to existing values)
uint8 public constant RECOVERY_MODE_EXIT_KIND = 255;
// Return true if this is the special exit kind.
function isRecoveryModeExitKind(bytes memory self) internal pure returns (bool) {
// Check for the "no data" case, or abi.decode would revert
return self.length > 0 && abi.decode(self, (uint8)) == RECOVERY_MODE_EXIT_KIND;
}
// Parse the bptAmountIn out of the userData
function recoveryModeExit(bytes memory self) internal pure returns (uint256 bptAmountIn) {
(, bptAmountIn) = abi.decode(self, (uint8, uint256));
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/vault/IAuthorizer.sol";
import "@balancer-labs/v2-solidity-utils/contracts/helpers/Authentication.sol";
/**
* @dev Base authorization layer implementation for Pools.
*
* The owner account can call some of the permissioned functions - access control of the rest is delegated to the
* Authorizer. Note that this owner is immutable: more sophisticated permission schemes, such as multiple ownership,
* granular roles, etc., could be built on top of this by making the owner a smart contract.
*
* Access control of all other permissioned functions is delegated to an Authorizer. It is also possible to delegate
* control of *all* permissioned functions to the Authorizer by setting the owner address to `_DELEGATE_OWNER`.
*/
abstract contract BasePoolAuthorization is Authentication {
address private immutable _owner;
address private constant _DELEGATE_OWNER = 0xBA1BA1ba1BA1bA1bA1Ba1BA1ba1BA1bA1ba1ba1B;
constructor(address owner) {
_owner = owner;
}
function getOwner() public view returns (address) {
return _owner;
}
function getAuthorizer() external view returns (IAuthorizer) {
return _getAuthorizer();
}
function _canPerform(bytes32 actionId, address account) internal view override returns (bool) {
if ((getOwner() != _DELEGATE_OWNER) && _isOwnerOnlyAction(actionId)) {
// Only the owner can perform "owner only" actions, unless the owner is delegated.
return msg.sender == getOwner();
} else {
// Non-owner actions are always processed via the Authorizer, as "owner only" ones are when delegated.
return _getAuthorizer().canPerform(actionId, account, address(this));
}
}
function _isOwnerOnlyAction(bytes32 actionId) internal view virtual returns (bool);
function _getAuthorizer() internal view virtual returns (IAuthorizer);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol";
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/IAuthentication.sol";
/**
* @dev Building block for performing access control on external functions.
*
* This contract is used via the `authenticate` modifier (or the `_authenticateCaller` function), which can be applied
* to external functions to only make them callable by authorized accounts.
*
* Derived contracts must implement the `_canPerform` function, which holds the actual access control logic.
*/
abstract contract Authentication is IAuthentication {
bytes32 private immutable _actionIdDisambiguator;
/**
* @dev The main purpose of the `actionIdDisambiguator` is to prevent accidental function selector collisions in
* multi contract systems.
*
* There are two main uses for it:
* - if the contract is a singleton, any unique identifier can be used to make the associated action identifiers
* unique. The contract's own address is a good option.
* - if the contract belongs to a family that shares action identifiers for the same functions, an identifier
* shared by the entire family (and no other contract) should be used instead.
*/
constructor(bytes32 actionIdDisambiguator) {
_actionIdDisambiguator = actionIdDisambiguator;
}
/**
* @dev Reverts unless the caller is allowed to call this function. Should only be applied to external functions.
*/
modifier authenticate() {
_authenticateCaller();
_;
}
/**
* @dev Reverts unless the caller is allowed to call the entry point function.
*/
function _authenticateCaller() internal view {
bytes32 actionId = getActionId(msg.sig);
_require(_canPerform(actionId, msg.sender), Errors.SENDER_NOT_ALLOWED);
}
function getActionId(bytes4 selector) public view override returns (bytes32) {
// Each external function is dynamically assigned an action identifier as the hash of the disambiguator and the
// function selector. Disambiguation is necessary to avoid potential collisions in the function selectors of
// multiple contracts.
return keccak256(abi.encodePacked(_actionIdDisambiguator, selector));
}
function _canPerform(bytes32 actionId, address user) internal view virtual returns (bool);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "./IBasePool.sol";
/**
* @dev Pool contracts with the MinimalSwapInfo or TwoToken specialization settings should implement this interface.
*
* This is called by the Vault when a user calls `IVault.swap` or `IVault.batchSwap` to swap with this Pool.
* Returns the number of tokens the Pool will grant to the user in a 'given in' swap, or that the user will grant
* to the pool in a 'given out' swap.
*
* This can often be implemented by a `view` function, since many pricing algorithms don't need to track state
* changes in swaps. However, contracts implementing this in non-view functions should check that the caller is
* indeed the Vault.
*/
interface IMinimalSwapInfoPool is IBasePool {
function onSwap(
SwapRequest memory swapRequest,
uint256 currentBalanceTokenIn,
uint256 currentBalanceTokenOut
) external returns (uint256 amount);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "@balancer-labs/v2-solidity-utils/contracts/helpers/SingletonAuthentication.sol";
import "@balancer-labs/v2-interfaces/contracts/vault/IVault.sol";
import "@balancer-labs/v2-solidity-utils/contracts/helpers/BaseSplitCodeFactory.sol";
/**
* @notice Base contract for Pool factories.
*
* Pools are deployed from factories to allow third parties to reason about them. Unknown Pools may have arbitrary
* logic: being able to assert that a Pool's behavior follows certain rules (those imposed by the contracts created by
* the factory) is very powerful.
*
* @dev By using the split code mechanism, we can deploy Pools with creation code so large that a regular factory
* contract would not be able to store it.
*
* Since we expect to release new versions of pool types regularly - and the blockchain is forever - versioning will
* become increasingly important. Governance can deprecate a factory by calling `disable`, which will permanently
* prevent the creation of any future pools from the factory.
*/
abstract contract BasePoolSplitCodeFactory is BaseSplitCodeFactory, SingletonAuthentication {
mapping(address => bool) private _isPoolFromFactory;
bool private _disabled;
event PoolCreated(address indexed pool);
event FactoryDisabled();
constructor(IVault vault, bytes memory creationCode)
BaseSplitCodeFactory(creationCode)
SingletonAuthentication(vault)
{
// solhint-disable-previous-line no-empty-blocks
}
/**
* @dev Returns true if `pool` was created by this factory.
*/
function isPoolFromFactory(address pool) external view returns (bool) {
return _isPoolFromFactory[pool];
}
/**
* @dev Check whether the derived factory has been disabled.
*/
function isDisabled() public view returns (bool) {
return _disabled;
}
/**
* @dev Disable the factory, preventing the creation of more pools. Already existing pools are unaffected.
* Once a factory is disabled, it cannot be re-enabled.
*/
function disable() external authenticate {
_ensureEnabled();
_disabled = true;
emit FactoryDisabled();
}
function _ensureEnabled() internal view {
_require(!isDisabled(), Errors.DISABLED);
}
function _create(bytes memory constructorArgs) internal override returns (address) {
_ensureEnabled();
address pool = super._create(constructorArgs);
_isPoolFromFactory[pool] = true;
emit PoolCreated(pool);
return pool;
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
/**
* @dev Utility to create Pool factories for Pools that use the `TemporarilyPausable` contract.
*
* By calling `TemporarilyPausable`'s constructor with the result of `getPauseConfiguration`, all Pools created by this
* factory will share the same Pause Window end time, after which both old and new Pools will not be pausable.
*/
contract FactoryWidePauseWindow {
// This contract relies on timestamps in a similar way as `TemporarilyPausable` does - the same caveats apply.
// solhint-disable not-rely-on-time
uint256 private constant _INITIAL_PAUSE_WINDOW_DURATION = 90 days;
uint256 private constant _BUFFER_PERIOD_DURATION = 30 days;
// Time when the pause window for all created Pools expires, and the pause window duration of new Pools becomes
// zero.
uint256 private immutable _poolsPauseWindowEndTime;
constructor() {
_poolsPauseWindowEndTime = block.timestamp + _INITIAL_PAUSE_WINDOW_DURATION;
}
/**
* @dev Returns the current `TemporarilyPausable` configuration that will be applied to Pools created by this
* factory.
*
* `pauseWindowDuration` will decrease over time until it reaches zero, at which point both it and
* `bufferPeriodDuration` will be zero forever, meaning deployed Pools will not be pausable.
*/
function getPauseConfiguration() public view returns (uint256 pauseWindowDuration, uint256 bufferPeriodDuration) {
uint256 currentTime = block.timestamp;
if (currentTime < _poolsPauseWindowEndTime) {
// The buffer period is always the same since its duration is related to how much time is needed to respond
// to a potential emergency. The Pause Window duration however decreases as the end time approaches.
pauseWindowDuration = _poolsPauseWindowEndTime - currentTime; // No need for checked arithmetic.
bufferPeriodDuration = _BUFFER_PERIOD_DURATION;
} else {
// After the end time, newly created Pools have no Pause Window, nor Buffer Period (since they are not
// pausable in the first place).
pauseWindowDuration = 0;
bufferPeriodDuration = 0;
}
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/liquidity-mining/IAuthorizerAdaptor.sol";
import "@balancer-labs/v2-interfaces/contracts/vault/IVault.sol";
import "./Authentication.sol";
abstract contract SingletonAuthentication is Authentication {
IVault private immutable _vault;
// Use the contract's own address to disambiguate action identifiers
constructor(IVault vault) Authentication(bytes32(uint256(address(this)))) {
_vault = vault;
}
/**
* @notice Returns the Balancer Vault
*/
function getVault() public view returns (IVault) {
return _vault;
}
/**
* @notice Returns the Authorizer
*/
function getAuthorizer() public view returns (IAuthorizer) {
return getVault().getAuthorizer();
}
function _canPerform(bytes32 actionId, address account) internal view override returns (bool) {
return getAuthorizer().canPerform(actionId, account, address(this));
}
function _canPerform(
bytes32 actionId,
address account,
address where
) internal view returns (bool) {
return getAuthorizer().canPerform(actionId, account, where);
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "./CodeDeployer.sol";
/**
* @dev Base factory for contracts whose creation code is so large that the factory cannot hold it. This happens when
* the contract's creation code grows close to 24kB.
*
* Note that this factory cannot help with contracts that have a *runtime* (deployed) bytecode larger than 24kB.
*/
abstract contract BaseSplitCodeFactory {
// The contract's creation code is stored as code in two separate addresses, and retrieved via `extcodecopy`. This
// means this factory supports contracts with creation code of up to 48kB.
// We rely on inline-assembly to achieve this, both to make the entire operation highly gas efficient, and because
// `extcodecopy` is not available in Solidity.
// solhint-disable no-inline-assembly
address private immutable _creationCodeContractA;
uint256 private immutable _creationCodeSizeA;
address private immutable _creationCodeContractB;
uint256 private immutable _creationCodeSizeB;
/**
* @dev The creation code of a contract Foo can be obtained inside Solidity with `type(Foo).creationCode`.
*/
constructor(bytes memory creationCode) {
uint256 creationCodeSize = creationCode.length;
// We are going to deploy two contracts: one with approximately the first half of `creationCode`'s contents
// (A), and another with the remaining half (B).
// We store the lengths in both immutable and stack variables, since immutable variables cannot be read during
// construction.
uint256 creationCodeSizeA = creationCodeSize / 2;
_creationCodeSizeA = creationCodeSizeA;
uint256 creationCodeSizeB = creationCodeSize - creationCodeSizeA;
_creationCodeSizeB = creationCodeSizeB;
// To deploy the contracts, we're going to use `CodeDeployer.deploy()`, which expects a memory array with
// the code to deploy. Note that we cannot simply create arrays for A and B's code by copying or moving
// `creationCode`'s contents as they are expected to be very large (> 24kB), so we must operate in-place.
// Memory: [ code length ] [ A.data ] [ B.data ]
// Creating A's array is simple: we simply replace `creationCode`'s length with A's length. We'll later restore
// the original length.
bytes memory creationCodeA;
assembly {
creationCodeA := creationCode
mstore(creationCodeA, creationCodeSizeA)
}
// Memory: [ A.length ] [ A.data ] [ B.data ]
// ^ creationCodeA
_creationCodeContractA = CodeDeployer.deploy(creationCodeA);
// Creating B's array is a bit more involved: since we cannot move B's contents, we are going to create a 'new'
// memory array starting at A's last 32 bytes, which will be replaced with B's length. We'll back-up this last
// byte to later restore it.
bytes memory creationCodeB;
bytes32 lastByteA;
assembly {
// `creationCode` points to the array's length, not data, so by adding A's length to it we arrive at A's
// last 32 bytes.
creationCodeB := add(creationCode, creationCodeSizeA)
lastByteA := mload(creationCodeB)
mstore(creationCodeB, creationCodeSizeB)
}
// Memory: [ A.length ] [ A.data[ : -1] ] [ B.length ][ B.data ]
// ^ creationCodeA ^ creationCodeB
_creationCodeContractB = CodeDeployer.deploy(creationCodeB);
// We now restore the original contents of `creationCode` by writing back the original length and A's last byte.
assembly {
mstore(creationCodeA, creationCodeSize)
mstore(creationCodeB, lastByteA)
}
}
/**
* @dev Returns the two addresses where the creation code of the contract crated by this factory is stored.
*/
function getCreationCodeContracts() public view returns (address contractA, address contractB) {
return (_creationCodeContractA, _creationCodeContractB);
}
/**
* @dev Returns the creation code of the contract this factory creates.
*/
function getCreationCode() public view returns (bytes memory) {
return _getCreationCodeWithArgs("");
}
/**
* @dev Returns the creation code that will result in a contract being deployed with `constructorArgs`.
*/
function _getCreationCodeWithArgs(bytes memory constructorArgs) private view returns (bytes memory code) {
// This function exists because `abi.encode()` cannot be instructed to place its result at a specific address.
// We need for the ABI-encoded constructor arguments to be located immediately after the creation code, but
// cannot rely on `abi.encodePacked()` to perform concatenation as that would involve copying the creation code,
// which would be prohibitively expensive.
// Instead, we compute the creation code in a pre-allocated array that is large enough to hold *both* the
// creation code and the constructor arguments, and then copy the ABI-encoded arguments (which should not be
// overly long) right after the end of the creation code.
// Immutable variables cannot be used in assembly, so we store them in the stack first.
address creationCodeContractA = _creationCodeContractA;
uint256 creationCodeSizeA = _creationCodeSizeA;
address creationCodeContractB = _creationCodeContractB;
uint256 creationCodeSizeB = _creationCodeSizeB;
uint256 creationCodeSize = creationCodeSizeA + creationCodeSizeB;
uint256 constructorArgsSize = constructorArgs.length;
uint256 codeSize = creationCodeSize + constructorArgsSize;
assembly {
// First, we allocate memory for `code` by retrieving the free memory pointer and then moving it ahead of
// `code` by the size of the creation code plus constructor arguments, and 32 bytes for the array length.
code := mload(0x40)
mstore(0x40, add(code, add(codeSize, 32)))
// We now store the length of the code plus constructor arguments.
mstore(code, codeSize)
// Next, we concatenate the creation code stored in A and B.
let dataStart := add(code, 32)
extcodecopy(creationCodeContractA, dataStart, 0, creationCodeSizeA)
extcodecopy(creationCodeContractB, add(dataStart, creationCodeSizeA), 0, creationCodeSizeB)
}
// Finally, we copy the constructorArgs to the end of the array. Unfortunately there is no way to avoid this
// copy, as it is not possible to tell Solidity where to store the result of `abi.encode()`.
uint256 constructorArgsDataPtr;
uint256 constructorArgsCodeDataPtr;
assembly {
constructorArgsDataPtr := add(constructorArgs, 32)
constructorArgsCodeDataPtr := add(add(code, 32), creationCodeSize)
}
_memcpy(constructorArgsCodeDataPtr, constructorArgsDataPtr, constructorArgsSize);
}
/**
* @dev Deploys a contract with constructor arguments. To create `constructorArgs`, call `abi.encode()` with the
* contract's constructor arguments, in order.
*/
function _create(bytes memory constructorArgs) internal virtual returns (address) {
bytes memory creationCode = _getCreationCodeWithArgs(constructorArgs);
address destination;
assembly {
destination := create(0, add(creationCode, 32), mload(creationCode))
}
if (destination == address(0)) {
// Bubble up inner revert reason
// solhint-disable-next-line no-inline-assembly
assembly {
returndatacopy(0, 0, returndatasize())
revert(0, returndatasize())
}
}
return destination;
}
// From
// https://github.com/Arachnid/solidity-stringutils/blob/b9a6f6615cf18a87a823cbc461ce9e140a61c305/src/strings.sol
function _memcpy(
uint256 dest,
uint256 src,
uint256 len
) private pure {
// Copy word-length chunks while possible
for (; len >= 32; len -= 32) {
assembly {
mstore(dest, mload(src))
}
dest += 32;
src += 32;
}
// Copy remaining bytes
uint256 mask = 256**(32 - len) - 1;
assembly {
let srcpart := and(mload(src), not(mask))
let destpart := and(mload(dest), mask)
mstore(dest, or(destpart, srcpart))
}
}
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "../solidity-utils/helpers/IAuthentication.sol";
import "../vault/IVault.sol";
interface IAuthorizerAdaptor is IAuthentication {
/**
* @notice Returns the Balancer Vault
*/
function getVault() external view returns (IVault);
/**
* @notice Returns the Authorizer
*/
function getAuthorizer() external view returns (IAuthorizer);
/**
* @notice Performs an arbitrary function call on a target contract, provided the caller is authorized to do so.
* @param target - Address of the contract to be called
* @param data - Calldata to be sent to the target contract
* @return The bytes encoded return value from the performed function call
*/
function performAction(address target, bytes calldata data) external payable returns (bytes memory);
}// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "@balancer-labs/v2-interfaces/contracts/solidity-utils/helpers/BalancerErrors.sol";
/**
* @dev Library used to deploy contracts with specific code. This can be used for long-term storage of immutable data as
* contract code, which can be retrieved via the `extcodecopy` opcode.
*/
library CodeDeployer {
// During contract construction, the full code supplied exists as code, and can be accessed via `codesize` and
// `codecopy`. This is not the contract's final code however: whatever the constructor returns is what will be
// stored as its code.
//
// We use this mechanism to have a simple constructor that stores whatever is appended to it. The following opcode
// sequence corresponds to the creation code of the following equivalent Solidity contract, plus padding to make the
// full code 32 bytes long:
//
// contract CodeDeployer {
// constructor() payable {
// uint256 size;
// assembly {
// size := sub(codesize(), 32) // size of appended data, as constructor is 32 bytes long
// codecopy(0, 32, size) // copy all appended data to memory at position 0
// return(0, size) // return appended data for it to be stored as code
// }
// }
// }
//
// More specifically, it is composed of the following opcodes (plus padding):
//
// [1] PUSH1 0x20
// [2] CODESIZE
// [3] SUB
// [4] DUP1
// [6] PUSH1 0x20
// [8] PUSH1 0x00
// [9] CODECOPY
// [11] PUSH1 0x00
// [12] RETURN
//
// The padding is just the 0xfe sequence (invalid opcode). It is important as it lets us work in-place, avoiding
// memory allocation and copying.
bytes32
private constant _DEPLOYER_CREATION_CODE = 0x602038038060206000396000f3fefefefefefefefefefefefefefefefefefefe;
/**
* @dev Deploys a contract with `code` as its code, returning the destination address.
*
* Reverts if deployment fails.
*/
function deploy(bytes memory code) internal returns (address destination) {
bytes32 deployerCreationCode = _DEPLOYER_CREATION_CODE;
// We need to concatenate the deployer creation code and `code` in memory, but want to avoid copying all of
// `code` (which could be quite long) into a new memory location. Therefore, we operate in-place using
// assembly.
// solhint-disable-next-line no-inline-assembly
assembly {
let codeLength := mload(code)
// `code` is composed of length and data. We've already stored its length in `codeLength`, so we simply
// replace it with the deployer creation code (which is exactly 32 bytes long).
mstore(code, deployerCreationCode)
// At this point, `code` now points to the deployer creation code immediately followed by `code`'s data
// contents. This is exactly what the deployer expects to receive when created.
destination := create(0, code, add(codeLength, 32))
// Finally, we restore the original length in order to not mutate `code`.
mstore(code, codeLength)
}
// The create opcode returns the zero address when contract creation fails, so we revert if this happens.
_require(destination != address(0), Errors.CODE_DEPLOYMENT_FAILED);
}
}{
"optimizer": {
"enabled": true,
"runs": 9999
},
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
},
"libraries": {}
}Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
Contract ABI
API[{"inputs":[{"internalType":"contract IVault","name":"vault","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[],"name":"FactoryDisabled","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"pool","type":"address"}],"name":"PoolCreated","type":"event"},{"inputs":[{"internalType":"string","name":"name","type":"string"},{"internalType":"string","name":"symbol","type":"string"},{"internalType":"contract IERC20[]","name":"tokens","type":"address[]"},{"internalType":"uint256","name":"amplificationParameter","type":"uint256"},{"internalType":"uint256","name":"swapFeePercentage","type":"uint256"},{"internalType":"address","name":"owner","type":"address"}],"name":"create","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"disable","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes4","name":"selector","type":"bytes4"}],"name":"getActionId","outputs":[{"internalType":"bytes32","name":"","type":"bytes32"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getAuthorizer","outputs":[{"internalType":"contract IAuthorizer","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getCreationCode","outputs":[{"internalType":"bytes","name":"","type":"bytes"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getCreationCodeContracts","outputs":[{"internalType":"address","name":"contractA","type":"address"},{"internalType":"address","name":"contractB","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getPauseConfiguration","outputs":[{"internalType":"uint256","name":"pauseWindowDuration","type":"uint256"},{"internalType":"uint256","name":"bufferPeriodDuration","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getVault","outputs":[{"internalType":"contract IVault","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"isDisabled","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"pool","type":"address"}],"name":"isPoolFromFactory","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"}]Contract Creation Code
6101606040523480156200001257600080fd5b506040516200679d3803806200679d8339810160408190526200003591620001ce565b80604051806020016200004890620001c0565b601f1982820381018352601f90910116604052805182903090839060006002820460a081905280830360e081905281855290915083620000948162000104602090811b6200045017901c565b60601b6001600160601b0319166080528285018051838252620000c38262000104602090811b6200045017901c565b6001600160601b0319606091821b811660c0529690935290526101009590955250509290911b90911661012052505050426276a700016101405250620001fe565b80517f602038038060206000396000f3fefefefefefefefefefefefefefefefefefefe808352600091602081018484f09084529150620001526001600160a01b03831615156101ac62000158565b50919050565b81620001695762000169816200016d565b5050565b62461bcd60e51b6000908152602060045260076024526642414c23000030600a808404818106603090810160081b95839006959095019082900491820690940160101b939093010160c81b604452606490fd5b6157ec8062000fb183390190565b600060208284031215620001e0578081fd5b81516001600160a01b0381168114620001f7578182fd5b9392505050565b60805160601c60a05160c05160601c60e051610100516101205160601c61014051610d476200026a600039806101f952806102225250806103a75250806103575250806104b75250806101d052806105335250806104d85250806101af528061050f5250610d476000f3fe608060405234801561001057600080fd5b50600436106100bd5760003560e01c80636c57f5a911610076578063851c1bb31161005b578063851c1bb31461015e5780638d928af81461017e578063aaabadc514610186576100bd565b80636c57f5a9146101365780637932c7f31461013e576100bd565b80632da47c40116100a75780632da47c40146100f65780632f2770db1461010c5780636634b75314610116576100bd565b8062c194db146100c2578063174481fa146100e0575b600080fd5b6100ca61018e565b6040516100d79190610bd1565b60405180910390f35b6100e86101ad565b6040516100d7929190610b6a565b6100fe6101f3565b6040516100d7929190610ca1565b61011461025d565b005b6101296101243660046108ec565b6102c2565b6040516100d79190610b91565b6101296102ed565b61015161014c366004610984565b6102f6565b6040516100d79190610b49565b61017161016c366004610928565b610353565b6040516100d79190610b9c565b6101516103a5565b6101516103c9565b60606101a8604051806020016040528060008152506104af565b905090565b7f00000000000000000000000000000000000000000000000000000000000000007f00000000000000000000000000000000000000000000000000000000000000009091565b600080427f000000000000000000000000000000000000000000000000000000000000000081101561024f57807f000000000000000000000000000000000000000000000000000000000000000003925062278d009150610258565b60009250600091505b509091565b610265610588565b61026d6105d1565b600180547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016811790556040517f432acbfd662dbb5d8b378384a67159b47ca9d0f1b79f97cf64cf8585fa362d5090600090a1565b73ffffffffffffffffffffffffffffffffffffffff1660009081526020819052604090205460ff1690565b60015460ff1690565b60008060006103036101f3565b915091506103466103126103a5565b8a8a8a8a8a88888c60405160200161033299989796959493929190610be4565b6040516020818303038152906040526105e6565b9998505050505050505050565b60007f000000000000000000000000000000000000000000000000000000000000000082604051602001610388929190610b19565b604051602081830303815290604052805190602001209050919050565b7f000000000000000000000000000000000000000000000000000000000000000090565b60006103d36103a5565b73ffffffffffffffffffffffffffffffffffffffff1663aaabadc56040518163ffffffff1660e01b815260040160206040518083038186803b15801561041857600080fd5b505afa15801561042c573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906101a89190610968565b80517f602038038060206000396000f3fefefefefefefefefefefefefefefefefefefe808352600091602081018484f090845291506104a973ffffffffffffffffffffffffffffffffffffffff831615156101ac61067a565b50919050565b8051604080517f00000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000818101858101848101602090810190965280855293957f00000000000000000000000000000000000000000000000000000000000000009592947f000000000000000000000000000000000000000000000000000000000000000094938801866000828a3c846000888301883c506020898101908985010161057a81838661068c565b505050505050505050919050565b60006105b76000357fffffffff0000000000000000000000000000000000000000000000000000000016610353565b90506105ce6105c68233610706565b61019161067a565b50565b6105e46105dc6102ed565b1560d361067a565b565b60006105f06105d1565b60006105fb836107a5565b73ffffffffffffffffffffffffffffffffffffffff811660008181526020819052604080822080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff001660011790555192935090917f83a48fbcfc991335314e74d0496aab6a1987e992ddc85dddbcc4d6dd6ef2e9fc9190a292915050565b8161068857610688816107ed565b5050565b5b602081106106ca5781518352602092830192909101907fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe00161068d565b905182516020929092036101000a7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0180199091169116179052565b60006107106103c9565b73ffffffffffffffffffffffffffffffffffffffff16639be2a8848484306040518463ffffffff1660e01b815260040161074c93929190610ba5565b60206040518083038186803b15801561076457600080fd5b505afa158015610778573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061079c9190610908565b90505b92915050565b600060606107b2836104af565b905060008151602083016000f0905073ffffffffffffffffffffffffffffffffffffffff81166107e6573d6000803e3d6000fd5b9392505050565b7f08c379a0000000000000000000000000000000000000000000000000000000006000908152602060045260076024526642414c23000030600a808404818106603090810160081b95839006959095019082900491820690940160101b939093010160c81b604452606490fd5b803561079f81610cef565b600082601f830112610875578081fd5b813567ffffffffffffffff81111561088b578182fd5b6108bc60207fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0601f84011601610caf565b91508082528360208285010111156108d357600080fd5b8060208401602084013760009082016020015292915050565b6000602082840312156108fd578081fd5b81356107e681610cef565b600060208284031215610919578081fd5b815180151581146107e6578182fd5b600060208284031215610939578081fd5b81357fffffffff00000000000000000000000000000000000000000000000000000000811681146107e6578182fd5b600060208284031215610979578081fd5b81516107e681610cef565b60008060008060008060c0878903121561099c578182fd5b863567ffffffffffffffff808211156109b3578384fd5b6109bf8a838b01610865565b97506020915081890135818111156109d5578485fd5b6109e18b828c01610865565b9750506040890135818111156109f5578485fd5b8901601f81018b13610a05578485fd5b803582811115610a13578586fd5b8381029250610a23848401610caf565b8181528481019083860185850187018f1015610a3d578889fd5b8895505b83861015610a6757610a538f8261085a565b835260019590950194918601918601610a41565b50985050505060608901359450505060808701359150610a8a8860a0890161085a565b90509295509295509295565b73ffffffffffffffffffffffffffffffffffffffff169052565b60008151808452815b81811015610ad557602081850181015186830182015201610ab9565b81811115610ae65782602083870101525b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b9182527fffffffff0000000000000000000000000000000000000000000000000000000016602082015260240190565b73ffffffffffffffffffffffffffffffffffffffff91909116815260200190565b73ffffffffffffffffffffffffffffffffffffffff92831681529116602082015260400190565b901515815260200190565b90815260200190565b92835273ffffffffffffffffffffffffffffffffffffffff918216602084015216604082015260600190565b60006020825261079c6020830184610ab0565b600061012073ffffffffffffffffffffffffffffffffffffffff8c16835260208181850152610c158285018d610ab0565b91508382036040850152610c29828c610ab0565b84810360608601528a51808252828c01935090820190845b81811015610c6557610c538551610cd6565b83529383019391830191600101610c41565b50508093505050508660808301528560a08301528460c08301528360e0830152610c93610100830184610a96565b9a9950505050505050505050565b918252602082015260400190565b60405181810167ffffffffffffffff81118282101715610cce57600080fd5b604052919050565b73ffffffffffffffffffffffffffffffffffffffff1690565b73ffffffffffffffffffffffffffffffffffffffff811681146105ce57600080fdfea26469706673582212203e21b58f8af1fae1264b60d1d3943af5dafd322bb7d6bf7b1a35daa2137032de64736f6c634300070100336103206040527f6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c960e0523480156200003657600080fd5b50604051620057ec380380620057ec833981016040819052620000599162000b49565b8886516002146200006c5760006200006f565b60025b8989898a516001600160401b03811180156200008a57600080fd5b50604051908082528060200260200182016040528015620000b5578160200160208202803683370190505b508989898980336001600160a01b031660001b84848b8b8f8280604051806040016040528060018152602001603160f81b815250858581600390805190602001906200010392919062000967565b5080516200011990600490602084019062000967565b505060058054601260ff19909116179055508151602092830120608052805191012060a052507f8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f60c05260601b6001600160601b03191661010052506200018b90506276a70083111561019462000556565b6200019f62278d0082111561019562000556565b429190910161012081905201610140526101605260601b6001600160601b031916610180528551620001d7906002111560c862000556565b620001f1620001e56200056b565b8751111560c962000556565b62000207866200057060201b620011bd1760201c565b62000212846200057c565b6040516309b2760f60e01b81526000906001600160a01b038c16906309b2760f9062000243908d9060040162000ce5565b602060405180830381600087803b1580156200025e57600080fd5b505af115801562000273573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019062000299919062000b30565b604051633354e3e960e11b81529091506001600160a01b038c16906366a9c7d290620002ce9084908b908b9060040162000c49565b600060405180830381600087803b158015620002e957600080fd5b505af1158015620002fe573d6000803e3d6000fd5b5050506101a09190915250620003299950505060018d1015965061012c955050620005569350505050565b6200033c61138886111561012d62000556565b85516101c0819052865187906000906200035257fe5b60200260200101516001600160a01b03166101e0816001600160a01b031660601b81525050866001815181106200038557fe5b60200260200101516001600160a01b0316610200816001600160a01b031660601b8152505060028111620003bb576000620003d2565b86600281518110620003c957fe5b60200260200101515b60601b6001600160601b0319166102205260038111620003f45760006200040b565b866003815181106200040257fe5b60200260200101515b60601b6001600160601b03191661024052600481116200042d57600062000444565b866004815181106200043b57fe5b60200260200101515b6001600160a01b0316610260816001600160a01b031660601b8152505062000487876000815181106200047357fe5b60200260200101516200060b60201b60201c565b610280528651620004a090889060019081106200047357fe5b6102a05260028111620004b5576000620004c7565b620004c7876002815181106200047357fe5b6102c05260038111620004dc576000620004ee565b620004ee876003815181106200047357fe5b6102e052600481116200050357600062000515565b62000515876004815181106200047357fe5b6103008181525050600062000538876103e8620006df60201b620011c71760201c565b9050620005458162000710565b505050505050505050505062000d4c565b81620005675762000567816200074f565b5050565b600590565b806200056781620007a2565b6200059164e8d4a5100082101560cb62000556565b620005a967016345785d8a000082111560ca62000556565b620005cb8160c060406008546200082f60201b620011f217909392919060201c565b6008556040517fa9ba3ffe0b6c366b81232caab38605a0699ad5398d6cce76f91ee809e322dafc906200060090839062000cfa565b60405180910390a150565b60006001600160a01b0382163014156200062f5750670de0b6b3a7640000620006da565b6000826001600160a01b031663313ce5676040518163ffffffff1660e01b815260040160206040518083038186803b1580156200066b57600080fd5b505afa15801562000680573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190620006a6919062000c26565b60ff1690506000620006c56012836200085460201b6200121a1760201c565b905080600a0a670de0b6b3a764000002925050505b919050565b600082820262000707841580620006ff575083858381620006fc57fe5b04145b600362000556565b90505b92915050565b6200071e818042806200086c565b7fa0d01593e47e69d07e0ccd87bece09411e07dd1ed40ca8f2e7af2976542a02338160405162000600919062000cfa565b62461bcd60e51b6000908152602060045260076024526642414c23000030600a808404818106603090810160081b95839006959095019082900491820690940160101b939093010160c81b604452606490fd5b600281511015620007b3576200082c565b600081600081518110620007c357fe5b602002602001015190506000600190505b825181101562000829576000838281518110620007ed57fe5b602002602001015190506200081e816001600160a01b0316846001600160a01b03161060656200055660201b60201c565b9150600101620007d4565b50505b50565b60006200083e848484620008df565b506001901b60001901811b1992909216911b1790565b60006200086683831115600162000556565b50900390565b620008868160c060406200093a60201b620012301760201c565b620008a083608060406200093a60201b620012301760201c565b620008b9856040806200093a60201b620012301760201c565b620008d387600060406200093a60201b620012301760201c565b17171760095550505050565b620008f06101008310606462000556565b62000929600182101580156200092157506200091d60ff84610100036200094f60201b620012431760201c565b8211155b606462000556565b6200082983821c156101b462000556565b600062000949848484620008df565b50501b90565b600081831062000960578162000707565b5090919050565b828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f10620009aa57805160ff1916838001178555620009da565b82800160010185558215620009da579182015b82811115620009da578251825591602001919060010190620009bd565b50620009e8929150620009ec565b5090565b5b80821115620009e85760008155600101620009ed565b80516200070a8162000d36565b600082601f83011262000a21578081fd5b81516001600160401b0381111562000a37578182fd5b602080820262000a4982820162000d03565b8381529350818401858301828701840188101562000a6657600080fd5b600092505b8483101562000a9657805162000a818162000d36565b82526001929092019190830190830162000a6b565b505050505092915050565b600082601f83011262000ab2578081fd5b81516001600160401b0381111562000ac8578182fd5b602062000ade601f8301601f1916820162000d03565b9250818352848183860101111562000af557600080fd5b60005b8281101562000b1557848101820151848201830152810162000af8565b8281111562000b275760008284860101525b50505092915050565b60006020828403121562000b42578081fd5b5051919050565b60008060008060008060008060006101208a8c03121562000b68578485fd5b62000b748b8b62000a03565b60208b01519099506001600160401b038082111562000b91578687fd5b62000b9f8d838e0162000aa1565b995060408c015191508082111562000bb5578687fd5b62000bc38d838e0162000aa1565b985060608c015191508082111562000bd9578687fd5b5062000be88c828d0162000a10565b96505060808a0151945060a08a0151935060c08a0151925060e08a0151915062000c178b6101008c0162000a03565b90509295985092959850929598565b60006020828403121562000c38578081fd5b815160ff8116811462000707578182fd5b60006060820185835260206060818501528186518084526080860191508288019350845b8181101562000c955762000c82855162000d2a565b8352938301939183019160010162000c6d565b505084810360408601528551808252908201925081860190845b8181101562000cd75762000cc4835162000d2a565b8552938301939183019160010162000caf565b509298975050505050505050565b602081016003831062000cf457fe5b91905290565b90815260200190565b6040518181016001600160401b038111828210171562000d2257600080fd5b604052919050565b6001600160a01b031690565b6001600160a01b03811681146200082c57600080fd5b60805160a05160c05160e0516101005160601c6101205161014051610160516101805160601c6101a0516101c0516101e05160601c6102005160601c6102205160601c6102405160601c6102605160601c610280516102a0516102c0516102e051610300516149ab62000e416000398061247d5250806124595250806124355250806124115250806123ed525080611ffd525080611fbb525080611f79525080612d7a525080612d48525080611269525080610891525080610c3a525080610bc4525080611556525080611532525080610c5e525080610ef35250806117985250806117da5250806117b952506149ab6000f3fe608060405234801561001057600080fd5b50600436106102c85760003560e01c806370a082311161017b5780639d2c110c116100d8578063b7b814fc1161008c578063d5c096c411610071578063d5c096c414610551578063dd62ed3e14610564578063eb0f24d614610577576102c8565b8063b7b814fc14610536578063d505accf1461053e576102c8565b8063a9059cbb116100bd578063a9059cbb14610513578063aaabadc514610526578063b35056b81461052e576102c8565b80639d2c110c146104ed578063a457c2d714610500576102c8565b806387ec68171161012f5780638d928af8116101145780638d928af8146104c757806395d89b41146104cf5780639b02cdde146104d7576102c8565b806387ec68171461049f578063893d20e8146104b2576102c8565b80637ecebe00116101605780637ecebe00146104715780638456cb5914610484578063851c1bb31461048c576102c8565b806370a082311461043d57806374f3b00914610450576102c8565b806338e9922e1161022957806354a844ba116101dd5780636028bfd4116101c25780636028bfd4146103fd578063679aefce1461041e5780636daccffa14610426576102c8565b806354a844ba146103ed57806355c67628146103f5576102c8565b8063395093511161020e57806339509351146103bf5780633f4ba83a146103d257806350dd6ed9146103da576102c8565b806338e9922e146103a457806338fff2d0146103b7576102c8565b80631dd746ea116102805780632f1a0bc9116102655780632f1a0bc914610372578063313ce567146103875780633644e5151461039c576102c8565b80631dd746ea1461034a57806323b872dd1461035f576102c8565b8063095ea7b3116102b1578063095ea7b31461030b57806318160ddd1461032b5780631c0de05114610333576102c8565b806301ec954a146102cd57806306fdde03146102f6575b600080fd5b6102e06102db3660046144d5565b61057f565b6040516102ed91906147ae565b60405180910390f35b6102fe61061d565b6040516102ed9190614884565b61031e610319366004614166565b6106b4565b6040516102ed919061478b565b6102e06106cb565b61033b6106d1565b6040516102ed93929190614796565b6103526106fa565b6040516102ed9190614753565b61031e61036d3660046140b6565b610709565b6103856103803660046145aa565b61077d565b005b61038f610860565b6040516102ed91906148ef565b6102e0610869565b6103856103b2366004614592565b610873565b6102e061088f565b61031e6103cd366004614166565b6108b3565b6103856108ee565b6103856103e836600461437c565b610902565b610385610920565b6102e0610932565b61041061040b36600461427d565b610945565b6040516102ed929190614897565b6102e061097c565b61042e610a49565b6040516102ed939291906148b0565b6102e061044b366004614062565b610a64565b61046361045e36600461427d565b610a83565b6040516102ed929190614766565b6102e061047f366004614062565b610b93565b610385610bae565b6102e061049a366004614320565b610bc0565b6104106104ad36600461427d565b610c12565b6104ba610c38565b6040516102ed919061473f565b6104ba610c5c565b6102fe610c80565b6104df610ce1565b6040516102ed9291906148c6565b6102e06104fb366004614546565b610ceb565b61031e61050e366004614166565b610e49565b61031e610521366004614166565b610e87565b6104ba610e94565b61031e610e9e565b610385610eac565b61038561054c3660046140f6565b610ebe565b61046361055f36600461427d565b611007565b6102e061057236600461407e565b611154565b610385611191565b600084608001516105ac610591610c5c565b6001600160a01b0316336001600160a01b03161460cd611259565b6105c16105b761088f565b82146101f4611259565b6105d384846105ce611267565b61128b565b60606105dd6112a8565b90506000875160018111156105ee57fe5b146106055761060087878787856113d0565b610612565b6106128787878785611447565b979650505050505050565b60038054604080516020601f60026000196101006001881615020190951694909404938401819004810282018101909252828152606093909290918301828280156106a95780601f1061067e576101008083540402835291602001916106a9565b820191906000526020600020905b81548152906001019060200180831161068c57829003601f168201915b505050505090505b90565b60006106c13384846114ab565b5060015b92915050565b60025490565b60008060006106de611513565b1592506106e9611530565b91506106f3611554565b9050909192565b60606107046112a8565b905090565b6000806107168533611154565b905061073a336001600160a01b03871614806107325750838210155b61019e611259565b610745858585611578565b336001600160a01b0386161480159061076057506000198114155b156107725761077285338584036114ab565b506001949350505050565b610785611658565b610795600183101561012c611259565b6107a661138883111561012d611259565b60006107b2824261121a565b90506107c66201518082101561013d611259565b6000806107d161169e565b915091506107e2811561013e611259565b60006107f0866103e86111c7565b9050600083821161081f5761081a61080b62015180866111c7565b61081584886111c7565b611712565b610839565b61083961082f62015180846111c7565b61081586886111c7565b905061084b600282111561013f611259565b61085784834289611745565b50505050505050565b60055460ff1690565b6000610704611794565b61087b611658565b610883611831565b61088c81611844565b50565b7f000000000000000000000000000000000000000000000000000000000000000090565b3360008181526001602090815260408083206001600160a01b038716845290915281205490916106c19185906108e990866118bc565b6114ab565b6108f6611658565b61090060006118ce565b565b61090a611658565b610912611831565b61091c828261195f565b5050565b610928611658565b6109006001611a77565b6008546000906107049060c06040611b45565b6000606061095b8651610956611267565b611b54565b61097089898989898989611b61611ba7611c08565b97509795505050505050565b60006060610988610c5c565b6001600160a01b031663f94d466861099e61088f565b6040518263ffffffff1660e01b81526004016109ba91906147ae565b60006040518083038186803b1580156109d257600080fd5b505afa1580156109e6573d6000803e3d6000fd5b505050506040513d6000823e601f3d908101601f19168201604052610a0e9190810190614191565b50915050610a2381610a1e6112a8565b611d98565b6000610a2d61169e565b509050610a428282610a3d6106cb565b611df9565b9250505090565b6000806000610a5661169e565b90949093506103e892509050565b6001600160a01b0381166000908152602081905260409020545b919050565b60608088610a92610591610c5c565b610a9d6105b761088f565b6060806000610aab87611e12565b15610b1857610ab8611e41565b895167ffffffffffffffff81118015610ad057600080fd5b50604051908082528060200260200182016040528015610afa578160200160208202803683370190505b509250610b0f8a610b096106cb565b89611e58565b92509050610b76565b610b20611831565b6060610b2a6112a8565b9050610b368b82611d98565b610b5a8e8e8e8e8e610b46610e9e565b610b50578e610b53565b60005b878f611b61565b955093509150610b6a8382611ba7565b610b748482611ba7565b505b610b808c82611e86565b50935091505b5097509795505050505050565b6001600160a01b031660009081526006602052604090205490565b610bb6611658565b61090060016118ce565b60007f000000000000000000000000000000000000000000000000000000000000000082604051602001610bf59291906146c9565b604051602081830303815290604052805190602001209050919050565b60006060610c238651610956611267565b61097089898989898989611e90611ee1611c08565b7f000000000000000000000000000000000000000000000000000000000000000090565b7f000000000000000000000000000000000000000000000000000000000000000090565b60048054604080516020601f60026000196101006001881615020190951694909404938401819004810282018101909252828152606093909290918301828280156106a95780601f1061067e576101008083540402835291602001916106a9565b600a54600b549091565b60008360800151610cfd610591610c5c565b610d086105b761088f565b6000610d178660200151611f42565b90506000610d288760400151611f42565b9050600087516001811115610d3957fe5b1415610dc9576000610d4e8860600151612048565b90506000818960600151039050610d728960200151610d6d8387612069565b612075565b60608901829052610d838885612069565b9750610d8f8784612069565b9650610d9f896060015185612069565b60608a01526000610db18a8a8a612087565b9050610dbd81856120c0565b96505050505050610e41565b610dd38683612069565b9550610ddf8582612069565b9450610def876060015182612069565b60608801526000610e018888886120cc565b9050610e0d81846120fb565b90506000610e1a82612107565b905060008282039050610e358a60200151610d6d8388612069565b509450610e4192505050565b509392505050565b600080610e563385611154565b9050808310610e7057610e6b338560006114ab565b610e7d565b610e7d33858584036114ab565b5060019392505050565b60006106c1338484611578565b600061070461212d565b600754610100900460ff1690565b610eb4611658565b6109006000611a77565b610ecc8442111560d1611259565b6001600160a01b0387166000908152600660209081526040808320549051909291610f23917f0000000000000000000000000000000000000000000000000000000000000000918c918c918c9188918d91016147d6565b6040516020818303038152906040528051906020012090506000610f46826121a7565b9050600060018288888860405160008152602001604052604051610f6d9493929190614866565b6020604051602081039080840390855afa158015610f8f573d6000803e3d6000fd5b5050604051601f1901519150610fd190506001600160a01b03821615801590610fc957508b6001600160a01b0316826001600160a01b0316145b6101f8611259565b6001600160a01b038b166000908152600660205260409020600185019055610ffa8b8b8b6114ab565b5050505050505050505050565b60608088611016610591610c5c565b6110216105b761088f565b606061102b6112a8565b9050611035611831565b61103d6106cb565b6110f057600060606110528d8d8d868b6121c3565b9150915061106b611061612248565b83101560cc611259565b61107d6000611078612248565b61224f565b6110908b611089612248565b840361224f565b61109a8184611ee1565b806110a3611267565b67ffffffffffffffff811180156110b957600080fd5b506040519080825280602002602001820160405280156110e3578160200160208202803683370190505b5095509550505050610b86565b6110fa8882611d98565b60006060806111238e8e8e8e8e61110f610e9e565b611119578e61111c565b60005b8a8f611e90565b9250925092506111338c8461224f565b61113d8285611ee1565b6111478185611ba7565b9095509350610b86915050565b600061115e610c5c565b6001600160a01b0316826001600160a01b0316141561118057506000196106c5565b61118a8383612259565b90506106c5565b611199611658565b6000806111a461169e565b915091506111b481610140611259565b61091c82612284565b8061091c816122bf565b60008282026111eb8415806111e45750838583816111e157fe5b04145b6003611259565b9392505050565b60006111ff848484612338565b5082821b6000196001831b01831b198516175b949350505050565b600061122a838311156001611259565b50900390565b600061123d848484612338565b50501b90565b600081831061125257816111eb565b5090919050565b8161091c5761091c8161237e565b7f000000000000000000000000000000000000000000000000000000000000000090565b6112a3818410801561129c57508183105b6064611259565b505050565b606060006112b4611267565b905060608167ffffffffffffffff811180156112cf57600080fd5b506040519080825280602002602001820160405280156112f9578160200160208202803683370190505b5090506113046123eb565b8160008151811061131157fe5b60200260200101818152505061132561240f565b8160018151811061133257fe5b602002602001018181525050600282111561136d5761134f612433565b8160028151811061135c57fe5b602002602001018181525050611376565b91506106b19050565b600382111561136d57611387612457565b8160038151811061139457fe5b602002602001018181525050600482111561136d576113b161247b565b816004815181106113be57fe5b60200260200101818152505091505090565b60006113dc8583611d98565b6113fd86606001518385815181106113f057fe5b6020026020010151612069565b606087015260006114108787878761249f565b905061142f8184878151811061142257fe5b60200260200101516120fb565b905061143a81612107565b9150505b95945050505050565b60006114568660600151612048565b60608701526114658583611d98565b61147986606001518386815181106113f057fe5b6060870152600061148c878787876124e4565b905061143a8184868151811061149e57fe5b60200260200101516120c0565b6001600160a01b0380841660008181526001602090815260408083209487168084529490915290819020849055517f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925906115069085906147ae565b60405180910390a3505050565b600061151d611554565b42118061070457505060075460ff161590565b7f000000000000000000000000000000000000000000000000000000000000000090565b7f000000000000000000000000000000000000000000000000000000000000000090565b61158f6001600160a01b0384161515610198611259565b6115a66001600160a01b0383161515610199611259565b6115b18383836112a3565b6001600160a01b0383166000908152602081905260409020546115d790826101a061251d565b6001600160a01b03808516600090815260208190526040808220939093559084168152205461160690826118bc565b6001600160a01b0380841660008181526020819052604090819020939093559151908516907fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef906115069085906147ae565b60006116876000357fffffffff0000000000000000000000000000000000000000000000000000000016610bc0565b905061088c6116968233612533565b610191611259565b6000806000806000806116af61261c565b9350935093509350804210156117025760019450838311156116e65781810382420385850302816116dc57fe5b04840195506116fd565b81810382420384860302816116f757fe5b04840395505b61170a565b600094508295505b505050509091565b60006117218215156004611259565b8261172e575060006106c5565b81600184038161173a57fe5b0460010190506106c5565b6117518484848461267b565b7f1835882ee7a34ac194f717a35e09bb1d24c82a3b9d854ab6c9749525b714cdf28484848460405161178694939291906148d4565b60405180910390a150505050565b60007f00000000000000000000000000000000000000000000000000000000000000007f00000000000000000000000000000000000000000000000000000000000000007f00000000000000000000000000000000000000000000000000000000000000006118016126ba565b3060405160200161181695949392919061480a565b60405160208183030381529060405280519060200120905090565b61090061183c611513565b610192611259565b61185764e8d4a5100082101560cb611259565b61186d67016345785d8a000082111560ca611259565b60085461187e908260c060406111f2565b6008556040517fa9ba3ffe0b6c366b81232caab38605a0699ad5398d6cce76f91ee809e322dafc906118b19083906147ae565b60405180910390a150565b60008282016111eb8482101583611259565b80156118ee576118e96118df611530565b4210610193611259565b611903565b6119036118f9611554565b42106101a9611259565b600780547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00168215151790556040517f9e3a5e37224532dea67b89face185703738a228a6e8a23dee546960180d3be64906118b190839061478b565b600061196961088f565b90506000611975610c5c565b6001600160a01b031663b05f8e4883866040518363ffffffff1660e01b81526004016119a292919061484f565b60806040518083038186803b1580156119ba57600080fd5b505afa1580156119ce573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906119f291906145cb565b6040517f18e736d40000000000000000000000000000000000000000000000000000000081529094506001600160a01b03851693506318e736d49250611a3f915085908790600401614836565b600060405180830381600087803b158015611a5957600080fd5b505af1158015611a6d573d6000803e3d6000fd5b5050505050505050565b611a80816126be565b8061088c576060611a8f610c5c565b6001600160a01b031663f94d4668611aa561088f565b6040518263ffffffff1660e01b8152600401611ac191906147ae565b60006040518083038186803b158015611ad957600080fd5b505afa158015611aed573d6000803e3d6000fd5b505050506040513d6000823e601f3d908101601f19168201604052611b159190810190614191565b50915050611b2581610a1e6112a8565b6000611b2f61169e565b5090506112a3611b3f828461271e565b82612880565b6001901b6000190191901c1690565b61091c8183146067611259565b6000606080611b70888761288b565b9050611b7f888261121a612978565b611b8a8886866129e3565b9093509150611b998883612a6d565b985098509895505050505050565b60005b611bb2611267565b8110156112a357611be9838281518110611bc857fe5b6020026020010151838381518110611bdc57fe5b6020026020010151612a94565b838281518110611bf557fe5b6020908102919091010152600101611baa565b333014611cf7576000306001600160a01b0316600036604051611c2c9291906146f9565b6000604051808303816000865af19150503d8060008114611c69576040519150601f19603f3d011682016040523d82523d6000602084013e611c6e565b606091505b505090508060008114611c7d57fe5b60046000803e6000517fffffffff00000000000000000000000000000000000000000000000000000000167f43adbafb000000000000000000000000000000000000000000000000000000008114611cd9573d6000803e3d6000fd5b506020600460003e604060205260243d03602460403e601c3d016000f35b6060611d016112a8565b9050611d0d8782611d98565b60006060611d258c8c8c8c8c8c898d8d63ffffffff16565b5091509150611d3881848663ffffffff16565b8051601f1982018390526343adbafb7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc08301526020027fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffdc82016044820181fd5b60005b611da3611267565b8110156112a357611dda838281518110611db957fe5b6020026020010151838381518110611dcd57fe5b6020026020010151612ae5565b838281518110611de657fe5b6020908102919091010152600101611d9b565b600080611e06848661271e565b905061143e8184612a94565b60008082511180156106c5575060ff801682806020019051810190611e37919061460b565b60ff161492915050565b60075461090090610100900460ff166101b6611259565b600060606000611e6784612b11565b90506060611e76878784612b27565b919350909150505b935093915050565b61091c8282612bd6565b60006060806060611ea1898861288b565b9050611eb0898261121a612978565b60006060611ebf8b8989612c92565b91509150611ecd8b82612ceb565b909d909c50909a5098505050505050505050565b60005b611eec611267565b8110156112a357611f23838281518110611f0257fe5b6020026020010151838381518110611f1657fe5b6020026020010151612cf8565b838281518110611f2f57fe5b6020908102919091010152600101611ee4565b6000611f4d82612d46565b15611f6157611f5a6123eb565b9050610a7e565b611f6a82612d78565b15611f7757611f5a61240f565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316826001600160a01b03161415611fb957611f5a612433565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316826001600160a01b03161415611ffb57611f5a612457565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316826001600160a01b0316141561203d57611f5a61247b565b610a7e61013561237e565b60008061205d612056610932565b8490612daa565b90506111eb838261121a565b60006111eb8383612ae5565b61091c61208183612de6565b8261091c565b600061209e612094611267565b60021460d2611259565b60606000806120ae878787612dec565b925092509250610612878484846124e4565b60006111eb8383612a94565b60006120d9612094611267565b60606000806120e9878787612dec565b9250925092506106128784848461249f565b60006111eb8383612cf8565b60006106c5612126612117610932565b670de0b6b3a76400009061121a565b8390612cf8565b6000612137610c5c565b6001600160a01b031663aaabadc56040518163ffffffff1660e01b815260040160206040518083038186803b15801561216f57600080fd5b505afa158015612183573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906107049190614360565b60006121b1611794565b82604051602001610bf5929190614709565b6000606060006121d284612ead565b90506121ed60008260028111156121e557fe5b1460ce611259565b60606121f885612ec3565b90506122078151610956611267565b6122118187611d98565b600061221b61169e565b509050600061222a828461271e565b9050806122378184612880565b9b929a509198505050505050505050565b620f424090565b61091c8282612ed9565b6001600160a01b03918216600090815260016020908152604080832093909416825291909152205490565b6122908182424261267b565b7fa0d01593e47e69d07e0ccd87bece09411e07dd1ed40ca8f2e7af2976542a0233816040516118b191906147ae565b6002815110156122ce5761088c565b6000816000815181106122dd57fe5b602002602001015190506000600190505b82518110156112a357600083828151811061230557fe5b6020026020010151905061232e816001600160a01b0316846001600160a01b0316106065611259565b91506001016122ee565b61234761010083106064611259565b61236f6001821015801561129c575061236560ff8461010003611243565b8211156064611259565b6112a383821c156101b4611259565b7f08c379a0000000000000000000000000000000000000000000000000000000006000908152602060045260076024526642414c23000030600a808404818106603090810160081b95839006959095019082900491820690940160101b939093010160c81b604452606490fd5b7f000000000000000000000000000000000000000000000000000000000000000090565b7f000000000000000000000000000000000000000000000000000000000000000090565b7f000000000000000000000000000000000000000000000000000000000000000090565b7f000000000000000000000000000000000000000000000000000000000000000090565b7f000000000000000000000000000000000000000000000000000000000000000090565b60006124a9611831565b60006124b361169e565b50905060006124c2828761271e565b905060006124d8838888888c6060015187612f67565b98975050505050505050565b60006124ee611831565b60006124f861169e565b5090506000612507828761271e565b905060006124d8838888888c6060015187613010565b600061252c8484111583611259565b5050900390565b600073ba1ba1ba1ba1ba1ba1ba1ba1ba1ba1ba1ba1ba1b612552610c38565b6001600160a01b03161415801561256d575061256d836130a9565b156125955761257a610c38565b6001600160a01b0316336001600160a01b03161490506106c5565b61259d61212d565b6001600160a01b0316639be2a8848484306040518463ffffffff1660e01b81526004016125cc939291906147b7565b60206040518083038186803b1580156125e457600080fd5b505afa1580156125f8573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061118a919061425d565b60008060008061263b60006040600954611b459092919063ffffffff16565b60095490945061264d90604080611b45565b6009549093506126609060806040611b45565b6009549092506126739060c06040611b45565b905090919293565b6126888160c06040611230565b6126958360806040611230565b6126a185604080611230565b6126ae8760006040611230565b17171760095550505050565b4690565b600780547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00ff16610100831515021790556040517feff3d4d215b42bf0960be9c6d5e05c22cba4df6627a3a523e2acee733b5854c8906118b190839061478b565b80516000908190815b8181101561275f5761275585828151811061273e57fe5b6020026020010151846118bc90919063ffffffff16565b9250600101612727565b5081612770576000925050506106c5565b600082868302825b60ff811015612869578260005b868110156127c6576127bc61279a83876111c7565b6127b78c84815181106127a957fe5b60200260200101518a6111c7565b613117565b9150600101612785565b5083945061281f6127fe6127f86127dd848a6111c7565b6127f26127ea888d6111c7565b6103e8613117565b906118bc565b866111c7565b6127b761280e89600101856111c7565b6127f26127ea6103e889038a6111c7565b9350848411156128475760018585031161284257839750505050505050506106c5565b612860565b60018486031161286057839750505050505050506106c5565b50600101612778565b5061287561014161237e565b505050505092915050565b600a91909155600b55565b606080612896611267565b67ffffffffffffffff811180156128ac57600080fd5b506040519080825280602002602001820160405280156128d6578160200160208202803683370190505b509050826128e55790506106c5565b600080856000815181106128f557fe5b602002602001015190506000600190505b61290e611267565b81101561294557600087828151811061292357fe5b602002602001015190508281111561293c578193508092505b50600101612906565b50612957600b5487600a548589613137565b83838151811061296357fe5b60209081029190910101525090949350505050565b60005b612983611267565b8110156129dd576129be84828151811061299957fe5b60200260200101518483815181106129ad57fe5b60200260200101518463ffffffff16565b8482815181106129ca57fe5b602090810291909101015260010161297b565b50505050565b6000606060006129f284612ead565b90506000816002811115612a0257fe5b1415612a1c57612a128685613199565b9250925050611e7e565b6001816002811115612a2a57fe5b1415612a3a57612a12868561325c565b6002816002811115612a4857fe5b1415612a5957612a1286868661328e565b612a6461015061237e565b50935093915050565b612a7a828261121a612978565b6000612a8461169e565b5090506112a3611b3f828561271e565b6000612aa38215156004611259565b82612ab0575060006106c5565b670de0b6b3a764000083810290612ad390858381612aca57fe5b04146005611259565b828181612adc57fe5b049150506106c5565b6000828202612aff8415806111e45750838583816111e157fe5b670de0b6b3a764000090049392505050565b6000818060200190518101906111eb9190614627565b60606000612b358385612a94565b9050845167ffffffffffffffff81118015612b4f57600080fd5b50604051908082528060200260200182016040528015612b79578160200160208202803683370190505b50915060005b8551811015612bcd57612bae82878381518110612b9857fe5b6020026020010151612ae590919063ffffffff16565b838281518110612bba57fe5b6020908102919091010152600101612b7f565b50509392505050565b612bed6001600160a01b038316151561019b611259565b612bf9826000836112a3565b6001600160a01b038216600090815260208190526040902054612c1f90826101b261251d565b6001600160a01b038316600090815260208190526040902055600254612c459082613301565b6002556040516000906001600160a01b038416907fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef90612c869085906147ae565b60405180910390a35050565b600060606000612ca184612ead565b90506001816002811115612cb157fe5b1415612cc257612a1286868661330f565b6002816002811115612cd057fe5b1415612ce057612a128685613379565b612a6461013661237e565b612a7a82826118bc612978565b6000612d078215156004611259565b82612d14575060006106c5565b670de0b6b3a764000083810290612d2e90858381612aca57fe5b826001820381612d3a57fe5b046001019150506106c5565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0390811691161490565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0390811691161490565b6000828202612dc48415806111e45750838583816111e157fe5b80612dd35760009150506106c5565b670de0b6b3a76400006000198201612d3a565b50600090565b60408051600280825260608281019093526000918291816020016020820280368337019050509250612e218660200151612d46565b15612e675760009150600190508483600081518110612e3c57fe5b6020026020010181815250508383600181518110612e5657fe5b602002602001018181525050612ea4565b60009050600191508383600081518110612e7d57fe5b6020026020010181815250508483600181518110612e9757fe5b6020026020010181815250505b93509350939050565b6000818060200190518101906106c591906143ca565b6060818060200190518101906111eb9190614490565b612ee5600083836112a3565b600254612ef290826118bc565b6002556001600160a01b038216600090815260208190526040902054612f1890826118bc565b6001600160a01b0383166000818152602081905260408082209390935591519091907fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef90612c869085906147ae565b6000612f8f83878681518110612f7957fe5b602002602001015161121a90919063ffffffff16565b868581518110612f9b57fe5b6020026020010181815250506000612fb58888858961340e565b905083878681518110612fc457fe5b602002602001015101878681518110612fd957fe5b6020026020010181815250506124d860016127f2898981518110612ff957fe5b60200260200101518461121a90919063ffffffff16565b60006130388387878151811061302257fe5b60200260200101516118bc90919063ffffffff16565b86868151811061304457fe5b602002602001018181525050600061305e8888858861340e565b90508387878151811061306d57fe5b60200260200101510387878151811061308257fe5b6020026020010181815250506124d860016130a3838a8981518110612f7957fe5b9061121a565b60006130d47f2f1a0bc900000000000000000000000000000000000000000000000000000000610bc0565b82148061310857506131057feb0f24d600000000000000000000000000000000000000000000000000000000610bc0565b82145b806106c557506106c5826135cb565b60006131268215156004611259565b81838161312f57fe5b049392505050565b6000806131468787878761340e565b90508086858151811061315557fe5b60200260200101511161316c57600091505061143e565b60008187868151811061317b57fe5b60200260200101510390506124d88482612ae590919063ffffffff16565b600060606000806131a98561362f565b915091506131c16131b8611267565b82106064611259565b60606131cb611267565b67ffffffffffffffff811180156131e157600080fd5b5060405190808252806020026020018201604052801561320b578160200160208202803683370190505b509050600061321861169e565b5090506132378189858761322a6106cb565b613232610932565b613651565b82848151811061324357fe5b6020908102919091010152509196919550909350505050565b60006060600061326b8461376b565b90506060613281868361327c6106cb565b613781565b9196919550909350505050565b6000606080600061329e8561381d565b915091506132af8251610956611267565b6132b98287611d98565b60006132c361169e565b50905060006132e3828a866132d66106cb565b6132de610932565b613835565b90506132f38382111560cf611259565b989297509195505050505050565b60006111eb8383600161251d565b6000606080600061331f8561381d565b9150915061333561332e611267565b8351611b54565b61333f8287611d98565b600061334961169e565b5090506000613369828a8661335c6106cb565b613364610932565b613ac7565b90506132f38382101560d0611259565b600060606000806133898561362f565b915091506133986131b8611267565b60606133a2611267565b67ffffffffffffffff811180156133b857600080fd5b506040519080825280602002602001820160405280156133e2578160200160208202803683370190505b50905060006133ef61169e565b509050613237818985876134016106cb565b613409610932565b613d58565b60008084518602905060008560008151811061342657fe5b60200260200101519050600086518760008151811061344157fe5b60200260200101510290506000600190505b87518110156134a75761348c61348661347f848b858151811061347257fe5b60200260200101516111c7565b8a516111c7565b88613117565b915061349d88828151811061273e57fe5b9250600101613453565b508685815181106134b457fe5b60200260200101518203915060006134cc87886111c7565b905060006134f86134ec6134e48461081589886111c7565b6103e86111c7565b8a898151811061347257fe5b9050600061351361350c6134e48b89613117565b86906118bc565b905060008061352f61352586866118bc565b6108158d866118bc565b905060005b60ff8110156135af57819250613564613551866127f285866111c7565b6108158e6130a3886127f28860026111c7565b91508282111561358d57600183830311613588575097506112129650505050505050565b6135a7565b6001828403116135a7575097506112129650505050505050565b600101613534565b506135bb61014261237e565b5050505050505050949350505050565b60006135f67f38e9922e00000000000000000000000000000000000000000000000000000000610bc0565b8214806106c557506136277f50dd6ed900000000000000000000000000000000000000000000000000000000610bc0565b909114919050565b60008082806020019051810190613646919061445a565b909590945092505050565b60008061365e888861271e565b905060006136808261367a87613674818b61121a565b90612cf8565b90612daa565b905060006136908a8a848b61340e565b905060006136a4828b8b81518110612f7957fe5b90506000805b8b518110156136e3576136d98c82815181106136c257fe5b6020026020010151836118bc90919063ffffffff16565b91506001016136aa565b50600061370c828d8d815181106136f657fe5b6020026020010151612a9490919063ffffffff16565b9050600061371982613e33565b905060006137278583612daa565b90506000613735868361121a565b905061375661374f83670de0b6b3a76400008e9003612ae5565b82906118bc565b99505050505050505050509695505050505050565b6000818060200190518101906111eb919061442d565b6060600061378f8484612a94565b90506060855167ffffffffffffffff811180156137ab57600080fd5b506040519080825280602002602001820160405280156137d5578160200160208202803683370190505b50905060005b8651811015613813576137f483888381518110612b9857fe5b82828151811061380057fe5b60209081029190910101526001016137db565b5095945050505050565b606060008280602001905181019061364691906143e6565b600080805b865181101561385c576138528782815181106136c257fe5b915060010161383a565b506060855167ffffffffffffffff8111801561387757600080fd5b506040519080825280602002602001820160405280156138a1578160200160208202803683370190505b5090506000805b88518110156139685760006138d9858b84815181106138c357fe5b6020026020010151612cf890919063ffffffff16565b90506139158a83815181106138ea57fe5b60200260200101516136748b858151811061390157fe5b60200260200101518d8681518110612f7957fe5b84838151811061392157fe5b60200260200101818152505061395d6139568286858151811061394057fe5b6020026020010151612daa90919063ffffffff16565b84906118bc565b9250506001016138a8565b506060885167ffffffffffffffff8111801561398357600080fd5b506040519080825280602002602001820160405280156139ad578160200160208202803683370190505b50905060005b8951811015613a785760008482815181106139ca57fe5b6020026020010151841115613a315760006139f36139e786613e33565b8d8581518110612b9857fe5b90506000613a07828d8681518110612f7957fe5b9050613a28613a2182670de0b6b3a76400008d9003612cf8565b83906118bc565b92505050613a48565b898281518110613a3d57fe5b602002602001015190505b613a58818c8481518110612f7957fe5b838381518110613a6457fe5b6020908102919091010152506001016139b3565b506000613a858b8b61271e565b90506000613a938c8461271e565b90506000613aa18284612a94565b9050613ab6613aaf82613e33565b8b90612daa565b9d9c50505050505050505050505050565b600080805b8651811015613aee57613ae48782815181106136c257fe5b9150600101613acc565b506060855167ffffffffffffffff81118015613b0957600080fd5b50604051908082528060200260200182016040528015613b33578160200160208202803683370190505b5090506000805b8851811015613bcd576000613b55858b84815181106136f657fe5b9050613b978a8381518110613b6657fe5b6020026020010151613b918b8581518110613b7d57fe5b60200260200101518d868151811061302257fe5b90612a94565b848381518110613ba357fe5b602002602001018181525050613bc261395682868581518110612b9857fe5b925050600101613b3a565b506060885167ffffffffffffffff81118015613be857600080fd5b50604051908082528060200260200182016040528015613c12578160200160208202803683370190505b50905060005b8951811015613cd357600083858381518110613c3057fe5b60200260200101511115613c8c576000613c556139e786670de0b6b3a764000061121a565b90506000613c69828d8681518110612f7957fe5b9050613c83613a2182670de0b6b3a76400008d9003612ae5565b92505050613ca3565b898281518110613c9857fe5b602002602001015190505b613cb3818c848151811061302257fe5b838381518110613cbf57fe5b602090810291909101015250600101613c18565b506000613ce08b8b61271e565b90506000613cee8c8461271e565b90506000613cfc8284612a94565b9050670de0b6b3a7640000811115613d4857613d3a8a7ffffffffffffffffffffffffffffffffffffffffffffffffff21f494c589c00008301612ae5565b97505050505050505061143e565b600097505050505050505061143e565b600080613d65888861271e565b90506000613d7b8261367a87613674818b6118bc565b90506000613d8b8a8a848b61340e565b90506000613db58a8a81518110613d9e57fe5b60200260200101518361121a90919063ffffffff16565b90506000805b8b51811015613ddd57613dd38c82815181106136c257fe5b9150600101613dbb565b506000613df0828d8d815181106136f657fe5b90506000613dfd82613e33565b90506000613e0b8583612daa565b90506000613e19868361121a565b905061375661374f83670de0b6b3a76400008e9003612cf8565b6000670de0b6b3a76400008210613e4b5760006106c5565b50670de0b6b3a76400000390565b80356106c581614944565b600082601f830112613e74578081fd5b8135613e87613e8282614924565b6148fd565b818152915060208083019084810181840286018201871015613ea857600080fd5b60005b8481101561287557813584529282019290820190600101613eab565b600082601f830112613ed7578081fd5b8151613ee5613e8282614924565b818152915060208083019084810181840286018201871015613f0657600080fd5b60005b8481101561287557815184529282019290820190600101613f09565b600082601f830112613f35578081fd5b813567ffffffffffffffff811115613f4b578182fd5b613f5e6020601f19601f840116016148fd565b9150808252836020828501011115613f7557600080fd5b8060208401602084013760009082016020015292915050565b8035600281106106c557600080fd5b6000610120808385031215613fb0578182fd5b613fb9816148fd565b915050613fc68383613f8e565b8152613fd58360208401613e59565b6020820152613fe78360408401613e59565b6040820152606082013560608201526080820135608082015260a082013560a08201526140178360c08401613e59565b60c08201526140298360e08401613e59565b60e08201526101008083013567ffffffffffffffff81111561404a57600080fd5b61405685828601613f25565b82840152505092915050565b600060208284031215614073578081fd5b81356111eb81614944565b60008060408385031215614090578081fd5b823561409b81614944565b915060208301356140ab81614944565b809150509250929050565b6000806000606084860312156140ca578081fd5b83356140d581614944565b925060208401356140e581614944565b929592945050506040919091013590565b600080600080600080600060e0888a031215614110578283fd5b873561411b81614944565b9650602088013561412b81614944565b95506040880135945060608801359350608088013561414981614966565b9699959850939692959460a0840135945060c09093013592915050565b60008060408385031215614178578182fd5b823561418381614944565b946020939093013593505050565b6000806000606084860312156141a5578081fd5b835167ffffffffffffffff808211156141bc578283fd5b818601915086601f8301126141cf578283fd5b81516141dd613e8282614924565b80828252602080830192508086018b8283870289010111156141fd578788fd5b8796505b8487101561422857805161421481614944565b845260019690960195928101928101614201565b50890151909750935050508082111561423f578283fd5b5061424c86828701613ec7565b925050604084015190509250925092565b60006020828403121561426e578081fd5b815180151581146111eb578182fd5b600080600080600080600060e0888a031215614297578081fd5b8735965060208801356142a981614944565b955060408801356142b981614944565b9450606088013567ffffffffffffffff808211156142d5578283fd5b6142e18b838c01613e64565b955060808a0135945060a08a0135935060c08a0135915080821115614304578283fd5b506143118a828b01613f25565b91505092959891949750929550565b600060208284031215614331578081fd5b81357fffffffff00000000000000000000000000000000000000000000000000000000811681146111eb578182fd5b600060208284031215614371578081fd5b81516111eb81614944565b6000806040838503121561438e578182fd5b823561439981614944565b9150602083013567ffffffffffffffff8111156143b4578182fd5b6143c085828601613f25565b9150509250929050565b6000602082840312156143db578081fd5b81516111eb81614959565b6000806000606084860312156143fa578081fd5b835161440581614959565b602085015190935067ffffffffffffffff811115614421578182fd5b61424c86828701613ec7565b6000806040838503121561443f578182fd5b825161444a81614959565b6020939093015192949293505050565b60008060006060848603121561446e578081fd5b835161447981614959565b602085015160409095015190969495509392505050565b600080604083850312156144a2578182fd5b82516144ad81614959565b602084015190925067ffffffffffffffff8111156144c9578182fd5b6143c085828601613ec7565b600080600080608085870312156144ea578182fd5b843567ffffffffffffffff80821115614501578384fd5b61450d88838901613f9d565b95506020870135915080821115614522578384fd5b5061452f87828801613e64565b949794965050505060408301359260600135919050565b60008060006060848603121561455a578081fd5b833567ffffffffffffffff811115614570578182fd5b61457c86828701613f9d565b9660208601359650604090950135949350505050565b6000602082840312156145a3578081fd5b5035919050565b600080604083850312156145bc578182fd5b50508035926020909101359150565b600080600080608085870312156145e0578182fd5b845193506020850151925060408501519150606085015161460081614944565b939692955090935050565b60006020828403121561461c578081fd5b81516111eb81614966565b60008060408385031215614639578182fd5b825161444a81614966565b6000815180845260208085019450808401835b8381101561467357815187529582019590820190600101614657565b509495945050505050565b60008151808452815b818110156146a357602081850181015186830182015201614687565b818111156146b45782602083870101525b50601f01601f19169290920160200192915050565b9182527fffffffff0000000000000000000000000000000000000000000000000000000016602082015260240190565b6000828483379101908152919050565b7f190100000000000000000000000000000000000000000000000000000000000081526002810192909252602282015260420190565b6001600160a01b0391909116815260200190565b6000602082526111eb6020830184614644565b6000604082526147796040830185614644565b828103602084015261143e8185614644565b901515815260200190565b92151583526020830191909152604082015260600190565b90815260200190565b9283526001600160a01b03918216602084015216604082015260600190565b9586526001600160a01b0394851660208701529290931660408501526060840152608083019190915260a082015260c00190565b9485526020850193909352604084019190915260608301526001600160a01b0316608082015260a00190565b600083825260406020830152611212604083018461467e565b9182526001600160a01b0316602082015260400190565b93845260ff9290921660208401526040830152606082015260800190565b6000602082526111eb602083018461467e565b6000838252604060208301526112126040830184614644565b9283529015156020830152604082015260600190565b918252602082015260400190565b93845260208401929092526040830152606082015260800190565b60ff91909116815260200190565b60405181810167ffffffffffffffff8111828210171561491c57600080fd5b604052919050565b600067ffffffffffffffff82111561493a578081fd5b5060209081020190565b6001600160a01b038116811461088c57600080fd5b6003811061088c57600080fd5b60ff8116811461088c57600080fdfea26469706673582212200b4ccacd36cf60706a9f9f10be90785ff089fc18314f4312da2aaa6f4a1ddf3264736f6c63430007010033000000000000000000000000ba12222222228d8ba445958a75a0704d566bf2c8
Deployed Bytecode
0x608060405234801561001057600080fd5b50600436106100bd5760003560e01c80636c57f5a911610076578063851c1bb31161005b578063851c1bb31461015e5780638d928af81461017e578063aaabadc514610186576100bd565b80636c57f5a9146101365780637932c7f31461013e576100bd565b80632da47c40116100a75780632da47c40146100f65780632f2770db1461010c5780636634b75314610116576100bd565b8062c194db146100c2578063174481fa146100e0575b600080fd5b6100ca61018e565b6040516100d79190610bd1565b60405180910390f35b6100e86101ad565b6040516100d7929190610b6a565b6100fe6101f3565b6040516100d7929190610ca1565b61011461025d565b005b6101296101243660046108ec565b6102c2565b6040516100d79190610b91565b6101296102ed565b61015161014c366004610984565b6102f6565b6040516100d79190610b49565b61017161016c366004610928565b610353565b6040516100d79190610b9c565b6101516103a5565b6101516103c9565b60606101a8604051806020016040528060008152506104af565b905090565b7f00000000000000000000000000e695aa8000df01b8dc8401b4c34fba5d56bbb27f000000000000000000000000c509d289f136d3a2a48acbd28db22c0c66f44ebd9091565b600080427f000000000000000000000000000000000000000000000000000000006319174081101561024f57807f000000000000000000000000000000000000000000000000000000006319174003925062278d009150610258565b60009250600091505b509091565b610265610588565b61026d6105d1565b600180547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016811790556040517f432acbfd662dbb5d8b378384a67159b47ca9d0f1b79f97cf64cf8585fa362d5090600090a1565b73ffffffffffffffffffffffffffffffffffffffff1660009081526020819052604090205460ff1690565b60015460ff1690565b60008060006103036101f3565b915091506103466103126103a5565b8a8a8a8a8a88888c60405160200161033299989796959493929190610be4565b6040516020818303038152906040526105e6565b9998505050505050505050565b60007f000000000000000000000000eb151668006cd04dadd098afd0a82e78f77076c382604051602001610388929190610b19565b604051602081830303815290604052805190602001209050919050565b7f000000000000000000000000ba12222222228d8ba445958a75a0704d566bf2c890565b60006103d36103a5565b73ffffffffffffffffffffffffffffffffffffffff1663aaabadc56040518163ffffffff1660e01b815260040160206040518083038186803b15801561041857600080fd5b505afa15801561042c573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906101a89190610968565b80517f602038038060206000396000f3fefefefefefefefefefefefefefefefefefefe808352600091602081018484f090845291506104a973ffffffffffffffffffffffffffffffffffffffff831615156101ac61067a565b50919050565b8051604080517f0000000000000000000000000000000000000000000000000000000000002bf67f0000000000000000000000000000000000000000000000000000000000002bf6818101858101848101602090810190965280855293957f00000000000000000000000000e695aa8000df01b8dc8401b4c34fba5d56bbb29592947f000000000000000000000000c509d289f136d3a2a48acbd28db22c0c66f44ebd94938801866000828a3c846000888301883c506020898101908985010161057a81838661068c565b505050505050505050919050565b60006105b76000357fffffffff0000000000000000000000000000000000000000000000000000000016610353565b90506105ce6105c68233610706565b61019161067a565b50565b6105e46105dc6102ed565b1560d361067a565b565b60006105f06105d1565b60006105fb836107a5565b73ffffffffffffffffffffffffffffffffffffffff811660008181526020819052604080822080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff001660011790555192935090917f83a48fbcfc991335314e74d0496aab6a1987e992ddc85dddbcc4d6dd6ef2e9fc9190a292915050565b8161068857610688816107ed565b5050565b5b602081106106ca5781518352602092830192909101907fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe00161068d565b905182516020929092036101000a7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0180199091169116179052565b60006107106103c9565b73ffffffffffffffffffffffffffffffffffffffff16639be2a8848484306040518463ffffffff1660e01b815260040161074c93929190610ba5565b60206040518083038186803b15801561076457600080fd5b505afa158015610778573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061079c9190610908565b90505b92915050565b600060606107b2836104af565b905060008151602083016000f0905073ffffffffffffffffffffffffffffffffffffffff81166107e6573d6000803e3d6000fd5b9392505050565b7f08c379a0000000000000000000000000000000000000000000000000000000006000908152602060045260076024526642414c23000030600a808404818106603090810160081b95839006959095019082900491820690940160101b939093010160c81b604452606490fd5b803561079f81610cef565b600082601f830112610875578081fd5b813567ffffffffffffffff81111561088b578182fd5b6108bc60207fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0601f84011601610caf565b91508082528360208285010111156108d357600080fd5b8060208401602084013760009082016020015292915050565b6000602082840312156108fd578081fd5b81356107e681610cef565b600060208284031215610919578081fd5b815180151581146107e6578182fd5b600060208284031215610939578081fd5b81357fffffffff00000000000000000000000000000000000000000000000000000000811681146107e6578182fd5b600060208284031215610979578081fd5b81516107e681610cef565b60008060008060008060c0878903121561099c578182fd5b863567ffffffffffffffff808211156109b3578384fd5b6109bf8a838b01610865565b97506020915081890135818111156109d5578485fd5b6109e18b828c01610865565b9750506040890135818111156109f5578485fd5b8901601f81018b13610a05578485fd5b803582811115610a13578586fd5b8381029250610a23848401610caf565b8181528481019083860185850187018f1015610a3d578889fd5b8895505b83861015610a6757610a538f8261085a565b835260019590950194918601918601610a41565b50985050505060608901359450505060808701359150610a8a8860a0890161085a565b90509295509295509295565b73ffffffffffffffffffffffffffffffffffffffff169052565b60008151808452815b81811015610ad557602081850181015186830182015201610ab9565b81811115610ae65782602083870101525b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b9182527fffffffff0000000000000000000000000000000000000000000000000000000016602082015260240190565b73ffffffffffffffffffffffffffffffffffffffff91909116815260200190565b73ffffffffffffffffffffffffffffffffffffffff92831681529116602082015260400190565b901515815260200190565b90815260200190565b92835273ffffffffffffffffffffffffffffffffffffffff918216602084015216604082015260600190565b60006020825261079c6020830184610ab0565b600061012073ffffffffffffffffffffffffffffffffffffffff8c16835260208181850152610c158285018d610ab0565b91508382036040850152610c29828c610ab0565b84810360608601528a51808252828c01935090820190845b81811015610c6557610c538551610cd6565b83529383019391830191600101610c41565b50508093505050508660808301528560a08301528460c08301528360e0830152610c93610100830184610a96565b9a9950505050505050505050565b918252602082015260400190565b60405181810167ffffffffffffffff81118282101715610cce57600080fd5b604052919050565b73ffffffffffffffffffffffffffffffffffffffff1690565b73ffffffffffffffffffffffffffffffffffffffff811681146105ce57600080fdfea26469706673582212203e21b58f8af1fae1264b60d1d3943af5dafd322bb7d6bf7b1a35daa2137032de64736f6c63430007010033
Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)
000000000000000000000000ba12222222228d8ba445958a75a0704d566bf2c8
-----Decoded View---------------
Arg [0] : vault (address): 0xBA12222222228d8Ba445958a75a0704d566BF2C8
-----Encoded View---------------
1 Constructor Arguments found :
Arg [0] : 000000000000000000000000ba12222222228d8ba445958a75a0704d566bf2c8
Loading...
Loading
Loading...
Loading
Loading...
Loading
0xeb151668006CD04DAdD098AFd0a82e78F77076c3
Net Worth in USD
$0.00
Net Worth in ETH
0
Multichain Portfolio | 35 Chains
| Chain | Token | Portfolio % | Price | Amount | Value |
|---|
Loading...
Loading
Loading...
Loading
Loading...
Loading
[ Download: CSV Export ]
[ Download: CSV Export ]
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.