Source Code
Overview
ETH Balance
0 ETH
More Info
ContractCreator
Multichain Info
N/A
View more zero value Internal Transactions in Advanced View mode
Advanced mode:
Loading...
Loading
Contract Source Code Verified (Exact Match)
Contract Name:
EigenStrategy
Compiler Version
v0.8.27+commit.40a35a09
Optimization Enabled:
Yes with 200 runs
Other Settings:
cancun EvmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: BUSL-1.1 pragma solidity ^0.8.27; // NOTE: Mainnet uses the OpenZeppelin v4.9.0 contracts, but this imports the 4.7.1 version. This will be changed after an upgrade. import "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol"; import "../interfaces/IStrategyManager.sol"; import "../strategies/StrategyBase.sol"; import "../interfaces/IEigen.sol"; /** * @title Eigen Strategy implementation of `IStrategy` interface, designed to be inherited from by more complex strategies. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @dev Note that this EigenStrategy contract is designed to be compatible with both bEIGEN and EIGEN tokens. It functions exactly the same * as the `StrategyBase` contract if bEIGEN were the underlying token, but also allows for depositing and withdrawing EIGEN tokens. This is * achieved by unwrapping EIGEN into bEIGEN upon deposit, and wrapping bEIGEN into EIGEN upon withdrawal. Deposits and withdrawals with bEIGEN * does not perform and wrapping or unwrapping. * @notice This contract functions similarly to an ERC4626 vault, only without issuing a token. * To mitigate against the common "inflation attack" vector, we have chosen to use the 'virtual shares' mitigation route, * similar to [OpenZeppelin](https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/extensions/ERC4626.sol). * We acknowledge that this mitigation has the known downside of the virtual shares causing some losses to users, which are pronounced * particularly in the case of the share exchange rate changing signficantly, either positively or negatively. * For a fairly thorough discussion of this issue and our chosen mitigation strategy, we recommend reading through * [this thread](https://github.com/OpenZeppelin/openzeppelin-contracts/issues/3706) on the OpenZeppelin repo. * We specifically use a share offset of `SHARES_OFFSET` and a balance offset of `BALANCE_OFFSET`. */ contract EigenStrategy is StrategyBase { using SafeERC20 for IERC20; /** * @notice EIGEN can be deposited into this strategy, where it is unwrapped into bEIGEN and staked in * this strategy contract. EIGEN can also be withdrawn by withdrawing bEIGEN from this strategy, and * then wrapping it back into EIGEN. */ IEigen public EIGEN; /// @notice Since this contract is designed to be initializable, the constructor simply sets `strategyManager`, the only immutable variable. constructor( IStrategyManager _strategyManager, IPauserRegistry _pauserRegistry ) StrategyBase(_strategyManager, _pauserRegistry) {} function initialize(IEigen _EIGEN, IERC20 _bEIGEN) public virtual initializer { EIGEN = _EIGEN; _initializeStrategyBase(_bEIGEN); } /** * @notice This function hook is called in EigenStrategy.deposit() and is overridden here to * allow for depositing of either EIGEN or bEIGEN tokens. If token is bEIGEN aka the underlyingToken, * then the contract functions exactly the same as the StrategyBase contract and the deposit is calculated into shares. * If token is EIGEN, then the EIGEN is first 1-1 unwrapped into bEIGEN and the deposit shares are calculated as normal. * @param token token to be deposited, can be either EIGEN or bEIGEN. If EIGEN, then is unwrapped into bEIGEN * @param amount deposit amount */ function _beforeDeposit(IERC20 token, uint256 amount) internal virtual override { require(token == underlyingToken || token == EIGEN, OnlyUnderlyingToken()); if (token == EIGEN) { // unwrap EIGEN into bEIGEN assuming a 1-1 unwrapping amount // the strategy will then hold `amount` of bEIGEN EIGEN.unwrap(amount); } } /** * @notice This function hook is called in EigenStrategy.withdraw() before withdrawn shares are calculated and is * overridden here to allow for withdrawing shares either into EIGEN or bEIGEN tokens. If wrapping bEIGEN into EIGEN is needed, * it is performed in _afterWithdrawal(). This hook just checks the token paramater is either EIGEN or bEIGEN. * @param token token to be withdrawn, can be either EIGEN or bEIGEN. If EIGEN, then bEIGEN is wrapped into EIGEN */ function _beforeWithdrawal( address, /*recipient*/ IERC20 token, uint256 /*amountShares*/ ) internal virtual override { require(token == underlyingToken || token == EIGEN, OnlyUnderlyingToken()); } /** * @notice This function hook is called in EigenStrategy.withdraw() after withdrawn shares are calculated and is * overridden here to allow for withdrawing shares either into EIGEN or bEIGEN tokens. If token is bEIGEN aka the underlyingToken, * then the contract functions exactly the same as the StrategyBase contract and transfers out bEIGEN to the recipient. * If token is EIGEN, then bEIGEN is first 1-1 wrapped into EIGEN and the strategy transfers out the EIGEN to the recipient. * @param recipient recipient of the withdrawal * @param token token to be withdrawn, can be either EIGEN or bEIGEN. If EIGEN, then bEIGEN is wrapped into EIGEN * @param amountToSend amount of tokens to transfer */ function _afterWithdrawal(address recipient, IERC20 token, uint256 amountToSend) internal virtual override { if (token == EIGEN) { // wrap bEIGEN into EIGEN assuming a 1-1 wrapping amount // the strategy will then hold `amountToSend` of EIGEN underlyingToken.approve(address(token), amountToSend); EIGEN.wrap(amountToSend); } // Whether the withdrawal specified EIGEN or bEIGEN, the strategy // holds the correct balance and can transfer to the recipient here token.safeTransfer(recipient, amountToSend); } /** * @dev This empty reserved space is put in place to allow future versions to add new * variables without shifting down storage in the inheritance chain. * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps */ uint256[49] private __gap; }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/utils/SafeERC20.sol) pragma solidity ^0.8.0; import "../IERC20.sol"; import "../extensions/IERC20Permit.sol"; import "../../../utils/Address.sol"; /** * @title SafeERC20 * @dev Wrappers around ERC20 operations that throw on failure (when the token * contract returns false). Tokens that return no value (and instead revert or * throw on failure) are also supported, non-reverting calls are assumed to be * successful. * To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract, * which allows you to call the safe operations as `token.safeTransfer(...)`, etc. */ library SafeERC20 { using Address for address; /** * @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value, * non-reverting calls are assumed to be successful. */ function safeTransfer(IERC20 token, address to, uint256 value) internal { _callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value)); } /** * @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the * calling contract. If `token` returns no value, non-reverting calls are assumed to be successful. */ function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal { _callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value)); } /** * @dev Deprecated. This function has issues similar to the ones found in * {IERC20-approve}, and its usage is discouraged. * * Whenever possible, use {safeIncreaseAllowance} and * {safeDecreaseAllowance} instead. */ function safeApprove(IERC20 token, address spender, uint256 value) internal { // safeApprove should only be called when setting an initial allowance, // or when resetting it to zero. To increase and decrease it, use // 'safeIncreaseAllowance' and 'safeDecreaseAllowance' require( (value == 0) || (token.allowance(address(this), spender) == 0), "SafeERC20: approve from non-zero to non-zero allowance" ); _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value)); } /** * @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value, * non-reverting calls are assumed to be successful. */ function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal { uint256 oldAllowance = token.allowance(address(this), spender); _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, oldAllowance + value)); } /** * @dev Decrease the calling contract's allowance toward `spender` by `value`. If `token` returns no value, * non-reverting calls are assumed to be successful. */ function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal { unchecked { uint256 oldAllowance = token.allowance(address(this), spender); require(oldAllowance >= value, "SafeERC20: decreased allowance below zero"); _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, oldAllowance - value)); } } /** * @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value, * non-reverting calls are assumed to be successful. Compatible with tokens that require the approval to be set to * 0 before setting it to a non-zero value. */ function forceApprove(IERC20 token, address spender, uint256 value) internal { bytes memory approvalCall = abi.encodeWithSelector(token.approve.selector, spender, value); if (!_callOptionalReturnBool(token, approvalCall)) { _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, 0)); _callOptionalReturn(token, approvalCall); } } /** * @dev Use a ERC-2612 signature to set the `owner` approval toward `spender` on `token`. * Revert on invalid signature. */ function safePermit( IERC20Permit token, address owner, address spender, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s ) internal { uint256 nonceBefore = token.nonces(owner); token.permit(owner, spender, value, deadline, v, r, s); uint256 nonceAfter = token.nonces(owner); require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed"); } /** * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement * on the return value: the return value is optional (but if data is returned, it must not be false). * @param token The token targeted by the call. * @param data The call data (encoded using abi.encode or one of its variants). */ function _callOptionalReturn(IERC20 token, bytes memory data) private { // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since // we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that // the target address contains contract code and also asserts for success in the low-level call. bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed"); require(returndata.length == 0 || abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed"); } /** * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement * on the return value: the return value is optional (but if data is returned, it must not be false). * @param token The token targeted by the call. * @param data The call data (encoded using abi.encode or one of its variants). * * This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead. */ function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) { // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since // we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false // and not revert is the subcall reverts. (bool success, bytes memory returndata) = address(token).call(data); return success && (returndata.length == 0 || abi.decode(returndata, (bool))) && Address.isContract(address(token)); } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "./IStrategy.sol"; import "./IShareManager.sol"; import "./IDelegationManager.sol"; import "./IEigenPodManager.sol"; interface IStrategyManagerErrors { /// @dev Thrown when total strategies deployed exceeds max. error MaxStrategiesExceeded(); /// @dev Thrown when call attempted from address that's not delegation manager. error OnlyDelegationManager(); /// @dev Thrown when call attempted from address that's not strategy whitelister. error OnlyStrategyWhitelister(); /// @dev Thrown when provided `shares` amount is too high. error SharesAmountTooHigh(); /// @dev Thrown when provided `shares` amount is zero. error SharesAmountZero(); /// @dev Thrown when provided `staker` address is null. error StakerAddressZero(); /// @dev Thrown when provided `strategy` not found. error StrategyNotFound(); /// @dev Thrown when attempting to deposit to a non-whitelisted strategy. error StrategyNotWhitelisted(); } interface IStrategyManagerEvents { /** * @notice Emitted when a new deposit occurs on behalf of `staker`. * @param staker Is the staker who is depositing funds into EigenLayer. * @param strategy Is the strategy that `staker` has deposited into. * @param token Is the token that `staker` deposited. * @param shares Is the number of new shares `staker` has been granted in `strategy`. */ event Deposit(address staker, IERC20 token, IStrategy strategy, uint256 shares); /// @notice Emitted when the `strategyWhitelister` is changed event StrategyWhitelisterChanged(address previousAddress, address newAddress); /// @notice Emitted when a strategy is added to the approved list of strategies for deposit event StrategyAddedToDepositWhitelist(IStrategy strategy); /// @notice Emitted when a strategy is removed from the approved list of strategies for deposit event StrategyRemovedFromDepositWhitelist(IStrategy strategy); } /** * @title Interface for the primary entrypoint for funds into EigenLayer. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice See the `StrategyManager` contract itself for implementation details. */ interface IStrategyManager is IStrategyManagerErrors, IStrategyManagerEvents, IShareManager { /** * @notice Initializes the strategy manager contract. Sets the `pauserRegistry` (currently **not** modifiable after being set), * and transfers contract ownership to the specified `initialOwner`. * @param initialOwner Ownership of this contract is transferred to this address. * @param initialStrategyWhitelister The initial value of `strategyWhitelister` to set. * @param initialPausedStatus The initial value of `_paused` to set. */ function initialize( address initialOwner, address initialStrategyWhitelister, uint256 initialPausedStatus ) external; /** * @notice Deposits `amount` of `token` into the specified `strategy`, with the resultant shares credited to `msg.sender` * @param strategy is the specified strategy where deposit is to be made, * @param token is the denomination in which the deposit is to be made, * @param amount is the amount of token to be deposited in the strategy by the staker * @return shares The amount of new shares in the `strategy` created as part of the action. * @dev The `msg.sender` must have previously approved this contract to transfer at least `amount` of `token` on their behalf. * @dev Cannot be called by an address that is 'frozen' (this function will revert if the `msg.sender` is frozen). * * WARNING: Depositing tokens that allow reentrancy (eg. ERC-777) into a strategy is not recommended. This can lead to attack vectors * where the token balance and corresponding strategy shares are not in sync upon reentrancy. */ function depositIntoStrategy(IStrategy strategy, IERC20 token, uint256 amount) external returns (uint256 shares); /** * @notice Used for depositing an asset into the specified strategy with the resultant shares credited to `staker`, * who must sign off on the action. * Note that the assets are transferred out/from the `msg.sender`, not from the `staker`; this function is explicitly designed * purely to help one address deposit 'for' another. * @param strategy is the specified strategy where deposit is to be made, * @param token is the denomination in which the deposit is to be made, * @param amount is the amount of token to be deposited in the strategy by the staker * @param staker the staker that the deposited assets will be credited to * @param expiry the timestamp at which the signature expires * @param signature is a valid signature from the `staker`. either an ECDSA signature if the `staker` is an EOA, or data to forward * following EIP-1271 if the `staker` is a contract * @return shares The amount of new shares in the `strategy` created as part of the action. * @dev The `msg.sender` must have previously approved this contract to transfer at least `amount` of `token` on their behalf. * @dev A signature is required for this function to eliminate the possibility of griefing attacks, specifically those * targeting stakers who may be attempting to undelegate. * * WARNING: Depositing tokens that allow reentrancy (eg. ERC-777) into a strategy is not recommended. This can lead to attack vectors * where the token balance and corresponding strategy shares are not in sync upon reentrancy */ function depositIntoStrategyWithSignature( IStrategy strategy, IERC20 token, uint256 amount, address staker, uint256 expiry, bytes memory signature ) external returns (uint256 shares); /** * @notice Burns Strategy shares for the given strategy by calling into the strategy to transfer to the default burn address. * @param strategy The strategy to burn shares in. * @param sharesToBurn The amount of shares to burn. * @dev This function is only called by the DelegationManager when an operator is slashed. */ function burnShares(IStrategy strategy, uint256 sharesToBurn) external; /** * @notice Owner-only function to change the `strategyWhitelister` address. * @param newStrategyWhitelister new address for the `strategyWhitelister`. */ function setStrategyWhitelister( address newStrategyWhitelister ) external; /** * @notice Owner-only function that adds the provided Strategies to the 'whitelist' of strategies that stakers can deposit into * @param strategiesToWhitelist Strategies that will be added to the `strategyIsWhitelistedForDeposit` mapping (if they aren't in it already) */ function addStrategiesToDepositWhitelist( IStrategy[] calldata strategiesToWhitelist ) external; /** * @notice Owner-only function that removes the provided Strategies from the 'whitelist' of strategies that stakers can deposit into * @param strategiesToRemoveFromWhitelist Strategies that will be removed to the `strategyIsWhitelistedForDeposit` mapping (if they are in it) */ function removeStrategiesFromDepositWhitelist( IStrategy[] calldata strategiesToRemoveFromWhitelist ) external; /// @notice Returns bool for whether or not `strategy` is whitelisted for deposit function strategyIsWhitelistedForDeposit( IStrategy strategy ) external view returns (bool); /** * @notice Get all details on the staker's deposits and corresponding shares * @return (staker's strategies, shares in these strategies) */ function getDeposits( address staker ) external view returns (IStrategy[] memory, uint256[] memory); function getStakerStrategyList( address staker ) external view returns (IStrategy[] memory); /// @notice Simple getter function that returns `stakerStrategyList[staker].length`. function stakerStrategyListLength( address staker ) external view returns (uint256); /// @notice Returns the current shares of `user` in `strategy` function stakerDepositShares(address user, IStrategy strategy) external view returns (uint256 shares); /// @notice Returns the single, central Delegation contract of EigenLayer function delegation() external view returns (IDelegationManager); /// @notice Returns the address of the `strategyWhitelister` function strategyWhitelister() external view returns (address); /** * @param staker The address of the staker. * @param strategy The strategy to deposit into. * @param token The token to deposit. * @param amount The amount of `token` to deposit. * @param nonce The nonce of the staker. * @param expiry The expiry of the signature. * @return The EIP-712 signable digest hash. */ function calculateStrategyDepositDigestHash( address staker, IStrategy strategy, IERC20 token, uint256 amount, uint256 nonce, uint256 expiry ) external view returns (bytes32); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity ^0.8.27; import "../interfaces/IStrategyManager.sol"; import "../permissions/Pausable.sol"; import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; import "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol"; import "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol"; import "@openzeppelin-upgrades/contracts/proxy/utils/Initializable.sol"; /** * @title Base implementation of `IStrategy` interface, designed to be inherited from by more complex strategies. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice Simple, basic, "do-nothing" Strategy that holds a single underlying token and returns it on withdrawals. * Implements minimal versions of the IStrategy functions, this contract is designed to be inherited by * more complex strategies, which can then override its functions as necessary. * @dev Note that some functions have their mutability restricted; developers inheriting from this contract cannot broaden * the mutability without modifying this contract itself. * @dev This contract is expressly *not* intended for use with 'fee-on-transfer'-type tokens. * Setting the `underlyingToken` to be a fee-on-transfer token may result in improper accounting. * @notice This contract functions similarly to an ERC4626 vault, only without issuing a token. * To mitigate against the common "inflation attack" vector, we have chosen to use the 'virtual shares' mitigation route, * similar to [OpenZeppelin](https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/extensions/ERC4626.sol). * We acknowledge that this mitigation has the known downside of the virtual shares causing some losses to users, which are pronounced * particularly in the case of the share exchange rate changing signficantly, either positively or negatively. * For a fairly thorough discussion of this issue and our chosen mitigation strategy, we recommend reading through * [this thread](https://github.com/OpenZeppelin/openzeppelin-contracts/issues/3706) on the OpenZeppelin repo. * We specifically use a share offset of `SHARES_OFFSET` and a balance offset of `BALANCE_OFFSET`. */ contract StrategyBase is Initializable, Pausable, IStrategy { using SafeERC20 for IERC20; uint8 internal constant PAUSED_DEPOSITS = 0; uint8 internal constant PAUSED_WITHDRAWALS = 1; /** * @notice virtual shares used as part of the mitigation of the common 'share inflation' attack vector. * Constant value chosen to reasonably reduce attempted share inflation by the first depositor, while still * incurring reasonably small losses to depositors */ uint256 internal constant SHARES_OFFSET = 1e3; /** * @notice virtual balance used as part of the mitigation of the common 'share inflation' attack vector * Constant value chosen to reasonably reduce attempted share inflation by the first depositor, while still * incurring reasonably small losses to depositors */ uint256 internal constant BALANCE_OFFSET = 1e3; /** * @notice The maximum total shares for a given strategy * @dev This constant prevents overflow in offchain services for rewards */ uint256 internal constant MAX_TOTAL_SHARES = 1e38 - 1; /// @notice EigenLayer's StrategyManager contract IStrategyManager public immutable strategyManager; /// @notice The underlying token for shares in this Strategy IERC20 public underlyingToken; /// @notice The total number of extant shares in this Strategy uint256 public totalShares; /// @notice Simply checks that the `msg.sender` is the `strategyManager`, which is an address stored immutably at construction. modifier onlyStrategyManager() { require(msg.sender == address(strategyManager), OnlyStrategyManager()); _; } /// @notice Since this contract is designed to be initializable, the constructor simply sets `strategyManager`, the only immutable variable. constructor(IStrategyManager _strategyManager, IPauserRegistry _pauserRegistry) Pausable(_pauserRegistry) { strategyManager = _strategyManager; _disableInitializers(); } function initialize( IERC20 _underlyingToken ) public virtual initializer { _initializeStrategyBase(_underlyingToken); } /// @notice Sets the `underlyingToken` and `pauserRegistry` for the strategy. function _initializeStrategyBase( IERC20 _underlyingToken ) internal onlyInitializing { underlyingToken = _underlyingToken; _setPausedStatus(_UNPAUSE_ALL); emit StrategyTokenSet(underlyingToken, IERC20Metadata(address(_underlyingToken)).decimals()); } /** * @notice Used to deposit tokens into this Strategy * @param token is the ERC20 token being deposited * @param amount is the amount of token being deposited * @dev This function is only callable by the strategyManager contract. It is invoked inside of the strategyManager's * `depositIntoStrategy` function, and individual share balances are recorded in the strategyManager as well. * @dev Note that the assumption is made that `amount` of `token` has already been transferred directly to this contract * (as performed in the StrategyManager's deposit functions). In particular, setting the `underlyingToken` of this contract * to be a fee-on-transfer token will break the assumption that the amount this contract *received* of the token is equal to * the amount that was input when the transfer was performed (i.e. the amount transferred 'out' of the depositor's balance). * @dev Note that any validation of `token` is done inside `_beforeDeposit`. This can be overridden if needed. * @return newShares is the number of new shares issued at the current exchange ratio. */ function deposit( IERC20 token, uint256 amount ) external virtual override onlyWhenNotPaused(PAUSED_DEPOSITS) onlyStrategyManager returns (uint256 newShares) { // call hook to allow for any pre-deposit logic _beforeDeposit(token, amount); // copy `totalShares` value to memory, prior to any change uint256 priorTotalShares = totalShares; /** * @notice calculation of newShares *mirrors* `underlyingToShares(amount)`, but is different since the balance of `underlyingToken` * has already been increased due to the `strategyManager` transferring tokens to this strategy prior to calling this function */ // account for virtual shares and balance uint256 virtualShareAmount = priorTotalShares + SHARES_OFFSET; uint256 virtualTokenBalance = _tokenBalance() + BALANCE_OFFSET; // calculate the prior virtual balance to account for the tokens that were already transferred to this contract uint256 virtualPriorTokenBalance = virtualTokenBalance - amount; newShares = (amount * virtualShareAmount) / virtualPriorTokenBalance; // extra check for correctness / against edge case where share rate can be massively inflated as a 'griefing' sort of attack require(newShares != 0, NewSharesZero()); // update total share amount to account for deposit totalShares = (priorTotalShares + newShares); require(totalShares <= MAX_TOTAL_SHARES, TotalSharesExceedsMax()); // emit exchange rate _emitExchangeRate(virtualTokenBalance, totalShares + SHARES_OFFSET); return newShares; } /** * @notice Used to withdraw tokens from this Strategy, to the `recipient`'s address * @param recipient is the address to receive the withdrawn funds * @param token is the ERC20 token being transferred out * @param amountShares is the amount of shares being withdrawn * @dev This function is only callable by the strategyManager contract. It is invoked inside of the strategyManager's * other functions, and individual share balances are recorded in the strategyManager as well. * @dev Note that any validation of `token` is done inside `_beforeWithdrawal`. This can be overridden if needed. */ function withdraw( address recipient, IERC20 token, uint256 amountShares ) external virtual override onlyWhenNotPaused(PAUSED_WITHDRAWALS) onlyStrategyManager { // call hook to allow for any pre-withdrawal logic _beforeWithdrawal(recipient, token, amountShares); // copy `totalShares` value to memory, prior to any change uint256 priorTotalShares = totalShares; require(amountShares <= priorTotalShares, WithdrawalAmountExceedsTotalDeposits()); /** * @notice calculation of amountToSend *mirrors* `sharesToUnderlying(amountShares)`, but is different since the `totalShares` has already * been decremented. Specifically, notice how we use `priorTotalShares` here instead of `totalShares`. */ // account for virtual shares and balance uint256 virtualPriorTotalShares = priorTotalShares + SHARES_OFFSET; uint256 virtualTokenBalance = _tokenBalance() + BALANCE_OFFSET; // calculate ratio based on virtual shares and balance, being careful to multiply before dividing uint256 amountToSend = (virtualTokenBalance * amountShares) / virtualPriorTotalShares; // Decrease the `totalShares` value to reflect the withdrawal totalShares = priorTotalShares - amountShares; // emit exchange rate _emitExchangeRate(virtualTokenBalance - amountToSend, totalShares + SHARES_OFFSET); _afterWithdrawal(recipient, token, amountToSend); } /** * @notice Called in the external `deposit` function, before any logic is executed. Expected to be overridden if strategies want such logic. * @param token The token being deposited */ function _beforeDeposit( IERC20 token, uint256 // amount ) internal virtual { require(token == underlyingToken, OnlyUnderlyingToken()); } /** * @notice Called in the external `withdraw` function, before any logic is executed. Expected to be overridden if strategies want such logic. * @param token The token being withdrawn */ function _beforeWithdrawal( address, // recipient IERC20 token, uint256 // amountShares ) internal virtual { require(token == underlyingToken, OnlyUnderlyingToken()); } /** * @notice Transfers tokens to the recipient after a withdrawal is processed * @dev Called in the external `withdraw` function after all logic is executed * @param recipient The destination of the tokens * @param token The ERC20 being transferred * @param amountToSend The amount of `token` to transfer */ function _afterWithdrawal(address recipient, IERC20 token, uint256 amountToSend) internal virtual { token.safeTransfer(recipient, amountToSend); } /** * @notice Currently returns a brief string explaining the strategy's goal & purpose, but for more complex * strategies, may be a link to metadata that explains in more detail. */ function explanation() external pure virtual override returns (string memory) { return "Base Strategy implementation to inherit from for more complex implementations"; } /** * @notice Used to convert a number of shares to the equivalent amount of underlying tokens for this strategy. * @notice In contrast to `sharesToUnderlying`, this function guarantees no state modifications * @param amountShares is the amount of shares to calculate its conversion into the underlying token * @return The amount of underlying tokens corresponding to the input `amountShares` * @dev Implementation for these functions in particular may vary significantly for different strategies */ function sharesToUnderlyingView( uint256 amountShares ) public view virtual override returns (uint256) { // account for virtual shares and balance uint256 virtualTotalShares = totalShares + SHARES_OFFSET; uint256 virtualTokenBalance = _tokenBalance() + BALANCE_OFFSET; // calculate ratio based on virtual shares and balance, being careful to multiply before dividing return (virtualTokenBalance * amountShares) / virtualTotalShares; } /** * @notice Used to convert a number of shares to the equivalent amount of underlying tokens for this strategy. * @notice In contrast to `sharesToUnderlyingView`, this function **may** make state modifications * @param amountShares is the amount of shares to calculate its conversion into the underlying token * @return The amount of underlying tokens corresponding to the input `amountShares` * @dev Implementation for these functions in particular may vary significantly for different strategies */ function sharesToUnderlying( uint256 amountShares ) public view virtual override returns (uint256) { return sharesToUnderlyingView(amountShares); } /** * @notice Used to convert an amount of underlying tokens to the equivalent amount of shares in this strategy. * @notice In contrast to `underlyingToShares`, this function guarantees no state modifications * @param amountUnderlying is the amount of `underlyingToken` to calculate its conversion into strategy shares * @return The amount of shares corresponding to the input `amountUnderlying` * @dev Implementation for these functions in particular may vary significantly for different strategies */ function underlyingToSharesView( uint256 amountUnderlying ) public view virtual returns (uint256) { // account for virtual shares and balance uint256 virtualTotalShares = totalShares + SHARES_OFFSET; uint256 virtualTokenBalance = _tokenBalance() + BALANCE_OFFSET; // calculate ratio based on virtual shares and balance, being careful to multiply before dividing return (amountUnderlying * virtualTotalShares) / virtualTokenBalance; } /** * @notice Used to convert an amount of underlying tokens to the equivalent amount of shares in this strategy. * @notice In contrast to `underlyingToSharesView`, this function **may** make state modifications * @param amountUnderlying is the amount of `underlyingToken` to calculate its conversion into strategy shares * @return The amount of shares corresponding to the input `amountUnderlying` * @dev Implementation for these functions in particular may vary significantly for different strategies */ function underlyingToShares( uint256 amountUnderlying ) external view virtual returns (uint256) { return underlyingToSharesView(amountUnderlying); } /** * @notice convenience function for fetching the current underlying value of all of the `user`'s shares in * this strategy. In contrast to `userUnderlying`, this function guarantees no state modifications */ function userUnderlyingView( address user ) external view virtual returns (uint256) { return sharesToUnderlyingView(shares(user)); } /** * @notice convenience function for fetching the current underlying value of all of the `user`'s shares in * this strategy. In contrast to `userUnderlyingView`, this function **may** make state modifications */ function userUnderlying( address user ) external virtual returns (uint256) { return sharesToUnderlying(shares(user)); } /** * @notice convenience function for fetching the current total shares of `user` in this strategy, by * querying the `strategyManager` contract */ function shares( address user ) public view virtual returns (uint256) { return strategyManager.stakerDepositShares(user, IStrategy(address(this))); } /// @notice Internal function used to fetch this contract's current balance of `underlyingToken`. // slither-disable-next-line dead-code function _tokenBalance() internal view virtual returns (uint256) { return underlyingToken.balanceOf(address(this)); } /// @notice Internal function used to emit the exchange rate of the strategy in wad (18 decimals) /// @dev Tokens that do not have 18 decimals must have offchain services scale the exchange rate down to proper magnitude function _emitExchangeRate(uint256 virtualTokenBalance, uint256 virtualTotalShares) internal { // Emit asset over shares ratio. emit ExchangeRateEmitted((1e18 * virtualTokenBalance) / virtualTotalShares); } /** * @dev This empty reserved space is put in place to allow future versions to add new * variables without shifting down storage in the inheritance chain. * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps */ uint256[48] private __gap; }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; interface IEigen is IERC20 { /** * @notice This function allows the owner to set the allowedFrom status of an address * @param from the address whose allowedFrom status is being set * @param isAllowedFrom the new allowedFrom status */ function setAllowedFrom(address from, bool isAllowedFrom) external; /** * @notice This function allows the owner to set the allowedTo status of an address * @param to the address whose allowedTo status is being set * @param isAllowedTo the new allowedTo status */ function setAllowedTo(address to, bool isAllowedTo) external; /** * @notice Allows the owner to disable transfer restrictions */ function disableTransferRestrictions() external; /** * @notice This function allows minter to mint tokens */ function mint() external; /** * @notice This function allows bEIGEN holders to wrap their tokens into Eigen */ function wrap( uint256 amount ) external; /** * @notice This function allows Eigen holders to unwrap their tokens into bEIGEN */ function unwrap( uint256 amount ) external; /** * @dev Clock used for flagging checkpoints. Has been overridden to implement timestamp based * checkpoints (and voting). */ function clock() external view returns (uint48); /** * @dev Machine-readable description of the clock as specified in EIP-6372. * Has been overridden to inform callers that this contract uses timestamps instead of block numbers, to match `clock()` */ // solhint-disable-next-line func-name-mixedcase function CLOCK_MODE() external pure returns (string memory); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol) pragma solidity ^0.8.0; /** * @dev Interface of the ERC20 standard as defined in the EIP. */ interface IERC20 { /** * @dev Emitted when `value` tokens are moved from one account (`from`) to * another (`to`). * * Note that `value` may be zero. */ event Transfer(address indexed from, address indexed to, uint256 value); /** * @dev Emitted when the allowance of a `spender` for an `owner` is set by * a call to {approve}. `value` is the new allowance. */ event Approval(address indexed owner, address indexed spender, uint256 value); /** * @dev Returns the amount of tokens in existence. */ function totalSupply() external view returns (uint256); /** * @dev Returns the amount of tokens owned by `account`. */ function balanceOf(address account) external view returns (uint256); /** * @dev Moves `amount` tokens from the caller's account to `to`. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transfer(address to, uint256 amount) external returns (bool); /** * @dev Returns the remaining number of tokens that `spender` will be * allowed to spend on behalf of `owner` through {transferFrom}. This is * zero by default. * * This value changes when {approve} or {transferFrom} are called. */ function allowance(address owner, address spender) external view returns (uint256); /** * @dev Sets `amount` as the allowance of `spender` over the caller's tokens. * * Returns a boolean value indicating whether the operation succeeded. * * IMPORTANT: Beware that changing an allowance with this method brings the risk * that someone may use both the old and the new allowance by unfortunate * transaction ordering. One possible solution to mitigate this race * condition is to first reduce the spender's allowance to 0 and set the * desired value afterwards: * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 * * Emits an {Approval} event. */ function approve(address spender, uint256 amount) external returns (bool); /** * @dev Moves `amount` tokens from `from` to `to` using the * allowance mechanism. `amount` is then deducted from the caller's * allowance. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transferFrom(address from, address to, uint256 amount) external returns (bool); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/extensions/IERC20Permit.sol) pragma solidity ^0.8.0; /** * @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in * https://eips.ethereum.org/EIPS/eip-2612[EIP-2612]. * * Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by * presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't * need to send a transaction, and thus is not required to hold Ether at all. */ interface IERC20Permit { /** * @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens, * given ``owner``'s signed approval. * * IMPORTANT: The same issues {IERC20-approve} has related to transaction * ordering also apply here. * * Emits an {Approval} event. * * Requirements: * * - `spender` cannot be the zero address. * - `deadline` must be a timestamp in the future. * - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner` * over the EIP712-formatted function arguments. * - the signature must use ``owner``'s current nonce (see {nonces}). * * For more information on the signature format, see the * https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP * section]. */ function permit( address owner, address spender, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s ) external; /** * @dev Returns the current nonce for `owner`. This value must be * included whenever a signature is generated for {permit}. * * Every successful call to {permit} increases ``owner``'s nonce by one. This * prevents a signature from being used multiple times. */ function nonces(address owner) external view returns (uint256); /** * @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}. */ // solhint-disable-next-line func-name-mixedcase function DOMAIN_SEPARATOR() external view returns (bytes32); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol) pragma solidity ^0.8.1; /** * @dev Collection of functions related to the address type */ library Address { /** * @dev Returns true if `account` is a contract. * * [IMPORTANT] * ==== * It is unsafe to assume that an address for which this function returns * false is an externally-owned account (EOA) and not a contract. * * Among others, `isContract` will return false for the following * types of addresses: * * - an externally-owned account * - a contract in construction * - an address where a contract will be created * - an address where a contract lived, but was destroyed * * Furthermore, `isContract` will also return true if the target contract within * the same transaction is already scheduled for destruction by `SELFDESTRUCT`, * which only has an effect at the end of a transaction. * ==== * * [IMPORTANT] * ==== * You shouldn't rely on `isContract` to protect against flash loan attacks! * * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract * constructor. * ==== */ function isContract(address account) internal view returns (bool) { // This method relies on extcodesize/address.code.length, which returns 0 // for contracts in construction, since the code is only stored at the end // of the constructor execution. return account.code.length > 0; } /** * @dev Replacement for Solidity's `transfer`: sends `amount` wei to * `recipient`, forwarding all available gas and reverting on errors. * * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost * of certain opcodes, possibly making contracts go over the 2300 gas limit * imposed by `transfer`, making them unable to receive funds via * `transfer`. {sendValue} removes this limitation. * * https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more]. * * IMPORTANT: because control is transferred to `recipient`, care must be * taken to not create reentrancy vulnerabilities. Consider using * {ReentrancyGuard} or the * https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern]. */ function sendValue(address payable recipient, uint256 amount) internal { require(address(this).balance >= amount, "Address: insufficient balance"); (bool success, ) = recipient.call{value: amount}(""); require(success, "Address: unable to send value, recipient may have reverted"); } /** * @dev Performs a Solidity function call using a low level `call`. A * plain `call` is an unsafe replacement for a function call: use this * function instead. * * If `target` reverts with a revert reason, it is bubbled up by this * function (like regular Solidity function calls). * * Returns the raw returned data. To convert to the expected return value, * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`]. * * Requirements: * * - `target` must be a contract. * - calling `target` with `data` must not revert. * * _Available since v3.1._ */ function functionCall(address target, bytes memory data) internal returns (bytes memory) { return functionCallWithValue(target, data, 0, "Address: low-level call failed"); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with * `errorMessage` as a fallback revert reason when `target` reverts. * * _Available since v3.1._ */ function functionCall( address target, bytes memory data, string memory errorMessage ) internal returns (bytes memory) { return functionCallWithValue(target, data, 0, errorMessage); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but also transferring `value` wei to `target`. * * Requirements: * * - the calling contract must have an ETH balance of at least `value`. * - the called Solidity function must be `payable`. * * _Available since v3.1._ */ function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) { return functionCallWithValue(target, data, value, "Address: low-level call with value failed"); } /** * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but * with `errorMessage` as a fallback revert reason when `target` reverts. * * _Available since v3.1._ */ function functionCallWithValue( address target, bytes memory data, uint256 value, string memory errorMessage ) internal returns (bytes memory) { require(address(this).balance >= value, "Address: insufficient balance for call"); (bool success, bytes memory returndata) = target.call{value: value}(data); return verifyCallResultFromTarget(target, success, returndata, errorMessage); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but performing a static call. * * _Available since v3.3._ */ function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) { return functionStaticCall(target, data, "Address: low-level static call failed"); } /** * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`], * but performing a static call. * * _Available since v3.3._ */ function functionStaticCall( address target, bytes memory data, string memory errorMessage ) internal view returns (bytes memory) { (bool success, bytes memory returndata) = target.staticcall(data); return verifyCallResultFromTarget(target, success, returndata, errorMessage); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but performing a delegate call. * * _Available since v3.4._ */ function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) { return functionDelegateCall(target, data, "Address: low-level delegate call failed"); } /** * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`], * but performing a delegate call. * * _Available since v3.4._ */ function functionDelegateCall( address target, bytes memory data, string memory errorMessage ) internal returns (bytes memory) { (bool success, bytes memory returndata) = target.delegatecall(data); return verifyCallResultFromTarget(target, success, returndata, errorMessage); } /** * @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling * the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract. * * _Available since v4.8._ */ function verifyCallResultFromTarget( address target, bool success, bytes memory returndata, string memory errorMessage ) internal view returns (bytes memory) { if (success) { if (returndata.length == 0) { // only check isContract if the call was successful and the return data is empty // otherwise we already know that it was a contract require(isContract(target), "Address: call to non-contract"); } return returndata; } else { _revert(returndata, errorMessage); } } /** * @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the * revert reason or using the provided one. * * _Available since v4.3._ */ function verifyCallResult( bool success, bytes memory returndata, string memory errorMessage ) internal pure returns (bytes memory) { if (success) { return returndata; } else { _revert(returndata, errorMessage); } } function _revert(bytes memory returndata, string memory errorMessage) private pure { // Look for revert reason and bubble it up if present if (returndata.length > 0) { // The easiest way to bubble the revert reason is using memory via assembly /// @solidity memory-safe-assembly assembly { let returndata_size := mload(returndata) revert(add(32, returndata), returndata_size) } } else { revert(errorMessage); } } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; import "../libraries/SlashingLib.sol"; interface IStrategyErrors { /// @dev Thrown when called by an account that is not strategy manager. error OnlyStrategyManager(); /// @dev Thrown when new shares value is zero. error NewSharesZero(); /// @dev Thrown when total shares exceeds max. error TotalSharesExceedsMax(); /// @dev Thrown when amount shares is greater than total shares. error WithdrawalAmountExceedsTotalDeposits(); /// @dev Thrown when attempting an action with a token that is not accepted. error OnlyUnderlyingToken(); /// StrategyBaseWithTVLLimits /// @dev Thrown when `maxPerDeposit` exceeds max. error MaxPerDepositExceedsMax(); /// @dev Thrown when balance exceeds max total deposits. error BalanceExceedsMaxTotalDeposits(); } interface IStrategyEvents { /** * @notice Used to emit an event for the exchange rate between 1 share and underlying token in a strategy contract * @param rate is the exchange rate in wad 18 decimals * @dev Tokens that do not have 18 decimals must have offchain services scale the exchange rate by the proper magnitude */ event ExchangeRateEmitted(uint256 rate); /** * Used to emit the underlying token and its decimals on strategy creation * @notice token * @param token is the ERC20 token of the strategy * @param decimals are the decimals of the ERC20 token in the strategy */ event StrategyTokenSet(IERC20 token, uint8 decimals); } /** * @title Minimal interface for an `Strategy` contract. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice Custom `Strategy` implementations may expand extensively on this interface. */ interface IStrategy is IStrategyErrors, IStrategyEvents { /** * @notice Used to deposit tokens into this Strategy * @param token is the ERC20 token being deposited * @param amount is the amount of token being deposited * @dev This function is only callable by the strategyManager contract. It is invoked inside of the strategyManager's * `depositIntoStrategy` function, and individual share balances are recorded in the strategyManager as well. * @return newShares is the number of new shares issued at the current exchange ratio. */ function deposit(IERC20 token, uint256 amount) external returns (uint256); /** * @notice Used to withdraw tokens from this Strategy, to the `recipient`'s address * @param recipient is the address to receive the withdrawn funds * @param token is the ERC20 token being transferred out * @param amountShares is the amount of shares being withdrawn * @dev This function is only callable by the strategyManager contract. It is invoked inside of the strategyManager's * other functions, and individual share balances are recorded in the strategyManager as well. */ function withdraw(address recipient, IERC20 token, uint256 amountShares) external; /** * @notice Used to convert a number of shares to the equivalent amount of underlying tokens for this strategy. * @notice In contrast to `sharesToUnderlyingView`, this function **may** make state modifications * @param amountShares is the amount of shares to calculate its conversion into the underlying token * @return The amount of underlying tokens corresponding to the input `amountShares` * @dev Implementation for these functions in particular may vary significantly for different strategies */ function sharesToUnderlying( uint256 amountShares ) external returns (uint256); /** * @notice Used to convert an amount of underlying tokens to the equivalent amount of shares in this strategy. * @notice In contrast to `underlyingToSharesView`, this function **may** make state modifications * @param amountUnderlying is the amount of `underlyingToken` to calculate its conversion into strategy shares * @return The amount of underlying tokens corresponding to the input `amountShares` * @dev Implementation for these functions in particular may vary significantly for different strategies */ function underlyingToShares( uint256 amountUnderlying ) external returns (uint256); /** * @notice convenience function for fetching the current underlying value of all of the `user`'s shares in * this strategy. In contrast to `userUnderlyingView`, this function **may** make state modifications */ function userUnderlying( address user ) external returns (uint256); /** * @notice convenience function for fetching the current total shares of `user` in this strategy, by * querying the `strategyManager` contract */ function shares( address user ) external view returns (uint256); /** * @notice Used to convert a number of shares to the equivalent amount of underlying tokens for this strategy. * @notice In contrast to `sharesToUnderlying`, this function guarantees no state modifications * @param amountShares is the amount of shares to calculate its conversion into the underlying token * @return The amount of shares corresponding to the input `amountUnderlying` * @dev Implementation for these functions in particular may vary significantly for different strategies */ function sharesToUnderlyingView( uint256 amountShares ) external view returns (uint256); /** * @notice Used to convert an amount of underlying tokens to the equivalent amount of shares in this strategy. * @notice In contrast to `underlyingToShares`, this function guarantees no state modifications * @param amountUnderlying is the amount of `underlyingToken` to calculate its conversion into strategy shares * @return The amount of shares corresponding to the input `amountUnderlying` * @dev Implementation for these functions in particular may vary significantly for different strategies */ function underlyingToSharesView( uint256 amountUnderlying ) external view returns (uint256); /** * @notice convenience function for fetching the current underlying value of all of the `user`'s shares in * this strategy. In contrast to `userUnderlying`, this function guarantees no state modifications */ function userUnderlyingView( address user ) external view returns (uint256); /// @notice The underlying token for shares in this Strategy function underlyingToken() external view returns (IERC20); /// @notice The total number of extant shares in this Strategy function totalShares() external view returns (uint256); /// @notice Returns either a brief string explaining the strategy's goal & purpose, or a link to metadata that explains in more detail. function explanation() external view returns (string memory); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity ^0.8.27; import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; import "../libraries/SlashingLib.sol"; import "./IStrategy.sol"; /** * @title Interface for a `IShareManager` contract. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice This contract is used by the DelegationManager as a unified interface to interact with the EigenPodManager and StrategyManager */ interface IShareManager { /// @notice Used by the DelegationManager to remove a Staker's shares from a particular strategy when entering the withdrawal queue /// @dev strategy must be beaconChainETH when talking to the EigenPodManager function removeDepositShares(address staker, IStrategy strategy, uint256 depositSharesToRemove) external; /// @notice Used by the DelegationManager to award a Staker some shares that have passed through the withdrawal queue /// @dev strategy must be beaconChainETH when talking to the EigenPodManager /// @dev token is not validated when talking to the EigenPodManager /// @return existingDepositShares the shares the staker had before any were added /// @return addedShares the new shares added to the staker's balance function addShares( address staker, IStrategy strategy, IERC20 token, uint256 shares ) external returns (uint256, uint256); /// @notice Used by the DelegationManager to convert withdrawn descaled shares to tokens and send them to a staker /// @dev strategy must be beaconChainETH when talking to the EigenPodManager /// @dev token is not validated when talking to the EigenPodManager function withdrawSharesAsTokens(address staker, IStrategy strategy, IERC20 token, uint256 shares) external; /// @notice Returns the current shares of `user` in `strategy` /// @dev strategy must be beaconChainETH when talking to the EigenPodManager /// @dev returns 0 if the user has negative shares function stakerDepositShares(address user, IStrategy strategy) external view returns (uint256 depositShares); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "./IStrategy.sol"; import "./IPauserRegistry.sol"; import "./ISignatureUtils.sol"; import "../libraries/SlashingLib.sol"; interface IDelegationManagerErrors { /// @dev Thrown when caller is neither the StrategyManager or EigenPodManager contract. error OnlyStrategyManagerOrEigenPodManager(); /// @dev Thrown when msg.sender is not the EigenPodManager error OnlyEigenPodManager(); /// @dev Throw when msg.sender is not the AllocationManager error OnlyAllocationManager(); /// Delegation Status /// @dev Thrown when an operator attempts to undelegate. error OperatorsCannotUndelegate(); /// @dev Thrown when an account is actively delegated. error ActivelyDelegated(); /// @dev Thrown when an account is not actively delegated. error NotActivelyDelegated(); /// @dev Thrown when `operator` is not a registered operator. error OperatorNotRegistered(); /// Invalid Inputs /// @dev Thrown when attempting to execute an action that was not queued. error WithdrawalNotQueued(); /// @dev Thrown when caller cannot undelegate on behalf of a staker. error CallerCannotUndelegate(); /// @dev Thrown when two array parameters have mismatching lengths. error InputArrayLengthMismatch(); /// @dev Thrown when input arrays length is zero. error InputArrayLengthZero(); /// Slashing /// @dev Thrown when an operator has been fully slashed(maxMagnitude is 0) for a strategy. /// or if the staker has had been natively slashed to the point of their beaconChainScalingFactor equalling 0. error FullySlashed(); /// Signatures /// @dev Thrown when attempting to spend a spent eip-712 salt. error SaltSpent(); /// Withdrawal Processing /// @dev Thrown when attempting to withdraw before delay has elapsed. error WithdrawalDelayNotElapsed(); /// @dev Thrown when a withdraw amount larger than max is attempted. error WithdrawalExceedsMax(); /// @dev Thrown when withdrawer is not the current caller. error WithdrawerNotCaller(); /// @dev Thrown when `withdrawer` is not staker. error WithdrawerNotStaker(); } interface IDelegationManagerTypes { // @notice Struct used for storing information about a single operator who has registered with EigenLayer struct OperatorDetails { /// @notice DEPRECATED -- this field is no longer used, payments are handled in RewardsCoordinator.sol address __deprecated_earningsReceiver; /** * @notice Address to verify signatures when a staker wishes to delegate to the operator, as well as controlling "forced undelegations". * @dev Signature verification follows these rules: * 1) If this address is left as address(0), then any staker will be free to delegate to the operator, i.e. no signature verification will be performed. * 2) If this address is an EOA (i.e. it has no code), then we follow standard ECDSA signature verification for delegations to the operator. * 3) If this address is a contract (i.e. it has code) then we forward a call to the contract and verify that it returns the correct EIP-1271 "magic value". */ address delegationApprover; /// @notice DEPRECATED -- this field is no longer used. An analogous field is the `allocationDelay` stored in the AllocationManager uint32 __deprecated_stakerOptOutWindowBlocks; } /** * @notice Abstract struct used in calculating an EIP712 signature for an operator's delegationApprover to approve that a specific staker delegate to the operator. * @dev Used in computing the `DELEGATION_APPROVAL_TYPEHASH` and as a reference in the computation of the approverDigestHash in the `_delegate` function. */ struct DelegationApproval { // the staker who is delegating address staker; // the operator being delegated to address operator; // the operator's provided salt bytes32 salt; // the expiration timestamp (UTC) of the signature uint256 expiry; } /** * Struct type used to specify an existing queued withdrawal. Rather than storing the entire struct, only a hash is stored. * In functions that operate on existing queued withdrawals -- e.g. completeQueuedWithdrawal`, the data is resubmitted and the hash of the submitted * data is computed by `calculateWithdrawalRoot` and checked against the stored hash in order to confirm the integrity of the submitted data. */ struct Withdrawal { // The address that originated the Withdrawal address staker; // The address that the staker was delegated to at the time that the Withdrawal was created address delegatedTo; // The address that can complete the Withdrawal + will receive funds when completing the withdrawal address withdrawer; // Nonce used to guarantee that otherwise identical withdrawals have unique hashes uint256 nonce; // Blocknumber when the Withdrawal was created. uint32 startBlock; // Array of strategies that the Withdrawal contains IStrategy[] strategies; // Array containing the amount of staker's scaledShares for withdrawal in each Strategy in the `strategies` array // Note that these scaledShares need to be multiplied by the operator's maxMagnitude and beaconChainScalingFactor at completion to include // slashing occurring during the queue withdrawal delay. This is because scaledShares = sharesToWithdraw / (maxMagnitude * beaconChainScalingFactor) // at queue time. beaconChainScalingFactor is simply equal to 1 if the strategy is not the beaconChainStrategy. // To account for slashing, we later multiply scaledShares * maxMagnitude * beaconChainScalingFactor at the earliest possible completion time // to get the withdrawn shares after applying slashing during the delay period. uint256[] scaledShares; } struct QueuedWithdrawalParams { // Array of strategies that the QueuedWithdrawal contains IStrategy[] strategies; // Array containing the amount of depositShares for withdrawal in each Strategy in the `strategies` array // Note that the actual shares received on completing withdrawal may be less than the depositShares if slashing occurred uint256[] depositShares; // The address of the withdrawer address withdrawer; } } interface IDelegationManagerEvents is IDelegationManagerTypes { // @notice Emitted when a new operator registers in EigenLayer and provides their delegation approver. event OperatorRegistered(address indexed operator, address delegationApprover); /// @notice Emitted when an operator updates their delegation approver event DelegationApproverUpdated(address indexed operator, address newDelegationApprover); /** * @notice Emitted when @param operator indicates that they are updating their MetadataURI string * @dev Note that these strings are *never stored in storage* and are instead purely emitted in events for off-chain indexing */ event OperatorMetadataURIUpdated(address indexed operator, string metadataURI); /// @notice Emitted whenever an operator's shares are increased for a given strategy. Note that shares is the delta in the operator's shares. event OperatorSharesIncreased(address indexed operator, address staker, IStrategy strategy, uint256 shares); /// @notice Emitted whenever an operator's shares are decreased for a given strategy. Note that shares is the delta in the operator's shares. event OperatorSharesDecreased(address indexed operator, address staker, IStrategy strategy, uint256 shares); /// @notice Emitted whenever an operator's shares are burned for a given strategy event OperatorSharesBurned(address indexed operator, IStrategy strategy, uint256 shares); /// @notice Emitted when @param staker delegates to @param operator. event StakerDelegated(address indexed staker, address indexed operator); /// @notice Emitted when @param staker undelegates from @param operator. event StakerUndelegated(address indexed staker, address indexed operator); /// @notice Emitted when @param staker is undelegated via a call not originating from the staker themself event StakerForceUndelegated(address indexed staker, address indexed operator); /// @notice Emitted when a staker's depositScalingFactor is updated event DepositScalingFactorUpdated(address staker, IStrategy strategy, uint256 newDepositScalingFactor); /** * @notice Emitted when a new withdrawal is queued. * @param withdrawalRoot Is the hash of the `withdrawal`. * @param withdrawal Is the withdrawal itself. * @param sharesToWithdraw Is an array of the expected shares that were queued for withdrawal corresponding to the strategies in the `withdrawal`. */ event SlashingWithdrawalQueued(bytes32 withdrawalRoot, Withdrawal withdrawal, uint256[] sharesToWithdraw); /// @notice Emitted when a queued withdrawal is completed event SlashingWithdrawalCompleted(bytes32 withdrawalRoot); } /** * @title DelegationManager * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice This is the contract for delegation in EigenLayer. The main functionalities of this contract are * - enabling anyone to register as an operator in EigenLayer * - allowing operators to specify parameters related to stakers who delegate to them * - enabling any staker to delegate its stake to the operator of its choice (a given staker can only delegate to a single operator at a time) * - enabling a staker to undelegate its assets from the operator it is delegated to (performed as part of the withdrawal process, initiated through the StrategyManager) */ interface IDelegationManager is ISignatureUtils, IDelegationManagerErrors, IDelegationManagerEvents { /** * @dev Initializes the initial owner and paused status. */ function initialize(address initialOwner, uint256 initialPausedStatus) external; /** * @notice Registers the caller as an operator in EigenLayer. * @param initDelegationApprover is an address that, if set, must provide a signature when stakers delegate * to an operator. * @param allocationDelay The delay before allocations take effect. * @param metadataURI is a URI for the operator's metadata, i.e. a link providing more details on the operator. * * @dev Once an operator is registered, they cannot 'deregister' as an operator, and they will forever be considered "delegated to themself". * @dev This function will revert if the caller is already delegated to an operator. * @dev Note that the `metadataURI` is *never stored * and is only emitted in the `OperatorMetadataURIUpdated` event */ function registerAsOperator( address initDelegationApprover, uint32 allocationDelay, string calldata metadataURI ) external; /** * @notice Updates an operator's stored `delegationApprover`. * @param operator is the operator to update the delegationApprover for * @param newDelegationApprover is the new delegationApprover for the operator * * @dev The caller must have previously registered as an operator in EigenLayer. */ function modifyOperatorDetails(address operator, address newDelegationApprover) external; /** * @notice Called by an operator to emit an `OperatorMetadataURIUpdated` event indicating the information has updated. * @param operator The operator to update metadata for * @param metadataURI The URI for metadata associated with an operator * @dev Note that the `metadataURI` is *never stored * and is only emitted in the `OperatorMetadataURIUpdated` event */ function updateOperatorMetadataURI(address operator, string calldata metadataURI) external; /** * @notice Caller delegates their stake to an operator. * @param operator The account (`msg.sender`) is delegating its assets to for use in serving applications built on EigenLayer. * @param approverSignatureAndExpiry Verifies the operator approves of this delegation * @param approverSalt A unique single use value tied to an individual signature. * @dev The approverSignatureAndExpiry is used in the event that the operator's `delegationApprover` address is set to a non-zero value. * @dev In the event that `approverSignatureAndExpiry` is not checked, its content is ignored entirely; it's recommended to use an empty input * in this case to save on complexity + gas costs * @dev If the staker delegating has shares in a strategy that the operator was slashed 100% for (the operator's maxMagnitude = 0), * then delegation is blocked and will revert. */ function delegateTo( address operator, SignatureWithExpiry memory approverSignatureAndExpiry, bytes32 approverSalt ) external; /** * @notice Undelegates the staker from the operator who they are delegated to. * Queues withdrawals of all of the staker's withdrawable shares in the StrategyManager (to the staker) and/or EigenPodManager, if necessary. * @param staker The account to be undelegated. * @return withdrawalRoots The roots of the newly queued withdrawals, if a withdrawal was queued. Otherwise just bytes32(0). * * @dev Reverts if the `staker` is also an operator, since operators are not allowed to undelegate from themselves. * @dev Reverts if the caller is not the staker, nor the operator who the staker is delegated to, nor the operator's specified "delegationApprover" * @dev Reverts if the `staker` is already undelegated. */ function undelegate( address staker ) external returns (bytes32[] memory withdrawalRoots); /** * @notice Undelegates the staker from their current operator, and redelegates to `newOperator` * Queues a withdrawal for all of the staker's withdrawable shares. These shares will only be * delegated to `newOperator` AFTER the withdrawal is completed. * @dev This method acts like a call to `undelegate`, then `delegateTo` * @param newOperator the new operator that will be delegated all assets * @dev NOTE: the following 2 params are ONLY checked if `newOperator` has a `delegationApprover`. * If not, they can be left empty. * @param newOperatorApproverSig A signature from the operator's `delegationApprover` * @param approverSalt A unique single use value tied to the approver's signature */ function redelegate( address newOperator, SignatureWithExpiry memory newOperatorApproverSig, bytes32 approverSalt ) external returns (bytes32[] memory withdrawalRoots); /** * @notice Allows a staker to withdraw some shares. Withdrawn shares/strategies are immediately removed * from the staker. If the staker is delegated, withdrawn shares/strategies are also removed from * their operator. * * All withdrawn shares/strategies are placed in a queue and can be withdrawn after a delay. Withdrawals * are still subject to slashing during the delay period so the amount withdrawn on completion may actually be less * than what was queued if slashing has occurred in that period. * * @dev To view what the staker is able to queue withdraw, see `getWithdrawableShares()` */ function queueWithdrawals( QueuedWithdrawalParams[] calldata params ) external returns (bytes32[] memory); /** * @notice Used to complete the lastest queued withdrawal. * @param withdrawal The withdrawal to complete. * @param tokens Array in which the i-th entry specifies the `token` input to the 'withdraw' function of the i-th Strategy in the `withdrawal.strategies` array. * @param receiveAsTokens If true, the shares calculated to be withdrawn will be withdrawn from the specified strategies themselves * and sent to the caller, through calls to `withdrawal.strategies[i].withdraw`. If false, then the shares in the specified strategies * will simply be transferred to the caller directly. * @dev beaconChainETHStrategy shares are non-transferrable, so if `receiveAsTokens = false` and `withdrawal.withdrawer != withdrawal.staker`, note that * any beaconChainETHStrategy shares in the `withdrawal` will be _returned to the staker_, rather than transferred to the withdrawer, unlike shares in * any other strategies, which will be transferred to the withdrawer. */ function completeQueuedWithdrawal( Withdrawal calldata withdrawal, IERC20[] calldata tokens, bool receiveAsTokens ) external; /** * @notice Used to complete the all queued withdrawals. * Used to complete the specified `withdrawals`. The function caller must match `withdrawals[...].withdrawer` * @param withdrawals Array of Withdrawals to complete. See `completeQueuedWithdrawal` for the usage of a single Withdrawal. * @param tokens Array of tokens for each Withdrawal. See `completeQueuedWithdrawal` for the usage of a single array. * @param receiveAsTokens Whether or not to complete each withdrawal as tokens. See `completeQueuedWithdrawal` for the usage of a single boolean. * @dev See `completeQueuedWithdrawal` for relevant dev tags */ function completeQueuedWithdrawals( Withdrawal[] calldata withdrawals, IERC20[][] calldata tokens, bool[] calldata receiveAsTokens ) external; /** * @notice Increases a staker's delegated share balance in a strategy. Note that before adding to operator shares, * the delegated delegatedShares. The staker's depositScalingFactor is updated here. * @param staker The address to increase the delegated shares for their operator. * @param strategy The strategy in which to increase the delegated shares. * @param prevDepositShares The number of deposit shares the staker already had in the strategy. This is the shares amount stored in the * StrategyManager/EigenPodManager for the staker's shares. * @param addedShares The number of shares added to the staker's shares in the strategy * * @dev *If the staker is actively delegated*, then increases the `staker`'s delegated delegatedShares in `strategy`. * Otherwise does nothing. * @dev If the operator was slashed 100% for the strategy (the operator's maxMagnitude = 0), then increasing delegated shares is blocked and will revert. * @dev Callable only by the StrategyManager or EigenPodManager. */ function increaseDelegatedShares( address staker, IStrategy strategy, uint256 prevDepositShares, uint256 addedShares ) external; /** * @notice If the staker is delegated, decreases its operator's shares in response to * a decrease in balance in the beaconChainETHStrategy * @param staker the staker whose operator's balance will be decreased * @param curDepositShares the current deposit shares held by the staker * @param beaconChainSlashingFactorDecrease the amount that the staker's beaconChainSlashingFactor has decreased by * @dev Note: `beaconChainSlashingFactorDecrease` are assumed to ALWAYS be < 1 WAD. * These invariants are maintained in the EigenPodManager. */ function decreaseDelegatedShares( address staker, uint256 curDepositShares, uint64 beaconChainSlashingFactorDecrease ) external; /** * @notice Decreases the operators shares in storage after a slash and burns the corresponding Strategy shares * by calling into the StrategyManager or EigenPodManager to burn the shares. * @param operator The operator to decrease shares for * @param strategy The strategy to decrease shares for * @param prevMaxMagnitude the previous maxMagnitude of the operator * @param newMaxMagnitude the new maxMagnitude of the operator * @dev Callable only by the AllocationManager * @dev Note: Assumes `prevMaxMagnitude <= newMaxMagnitude`. This invariant is maintained in * the AllocationManager. */ function burnOperatorShares( address operator, IStrategy strategy, uint64 prevMaxMagnitude, uint64 newMaxMagnitude ) external; /** * * VIEW FUNCTIONS * */ /** * @notice returns the address of the operator that `staker` is delegated to. * @notice Mapping: staker => operator whom the staker is currently delegated to. * @dev Note that returning address(0) indicates that the staker is not actively delegated to any operator. */ function delegatedTo( address staker ) external view returns (address); /** * @notice Mapping: delegationApprover => 32-byte salt => whether or not the salt has already been used by the delegationApprover. * @dev Salts are used in the `delegateTo` function. Note that this function only processes the delegationApprover's * signature + the provided salt if the operator being delegated to has specified a nonzero address as their `delegationApprover`. */ function delegationApproverSaltIsSpent(address _delegationApprover, bytes32 salt) external view returns (bool); /// @notice Mapping: staker => cumulative number of queued withdrawals they have ever initiated. /// @dev This only increments (doesn't decrement), and is used to help ensure that otherwise identical withdrawals have unique hashes. function cumulativeWithdrawalsQueued( address staker ) external view returns (uint256); /** * @notice Returns 'true' if `staker` *is* actively delegated, and 'false' otherwise. */ function isDelegated( address staker ) external view returns (bool); /** * @notice Returns true is an operator has previously registered for delegation. */ function isOperator( address operator ) external view returns (bool); /** * @notice Returns the delegationApprover account for an operator */ function delegationApprover( address operator ) external view returns (address); /** * @notice Returns the shares that an operator has delegated to them in a set of strategies * @param operator the operator to get shares for * @param strategies the strategies to get shares for */ function getOperatorShares( address operator, IStrategy[] memory strategies ) external view returns (uint256[] memory); /** * @notice Returns the shares that a set of operators have delegated to them in a set of strategies * @param operators the operators to get shares for * @param strategies the strategies to get shares for */ function getOperatorsShares( address[] memory operators, IStrategy[] memory strategies ) external view returns (uint256[][] memory); /** * @notice Returns amount of withdrawable shares from an operator for a strategy that is still in the queue * and therefore slashable. Note that the *actual* slashable amount could be less than this value as this doesn't account * for amounts that have already been slashed. This assumes that none of the shares have been slashed. * @param operator the operator to get shares for * @param strategy the strategy to get shares for * @return the amount of shares that are slashable in the withdrawal queue for an operator and a strategy */ function getSlashableSharesInQueue(address operator, IStrategy strategy) external view returns (uint256); /** * @notice Given a staker and a set of strategies, return the shares they can queue for withdrawal and the * corresponding depositShares. * This value depends on which operator the staker is delegated to. * The shares amount returned is the actual amount of Strategy shares the staker would receive (subject * to each strategy's underlying shares to token ratio). */ function getWithdrawableShares( address staker, IStrategy[] memory strategies ) external view returns (uint256[] memory withdrawableShares, uint256[] memory depositShares); /** * @notice Returns the number of shares in storage for a staker and all their strategies */ function getDepositedShares( address staker ) external view returns (IStrategy[] memory, uint256[] memory); /** * @notice Returns the scaling factor applied to a staker's deposits for a given strategy */ function depositScalingFactor(address staker, IStrategy strategy) external view returns (uint256); /// @notice Returns a list of pending queued withdrawals for a `staker`, and the `shares` to be withdrawn. function getQueuedWithdrawals( address staker ) external view returns (Withdrawal[] memory withdrawals, uint256[][] memory shares); /** * @notice Converts shares for a set of strategies to deposit shares, likely in order to input into `queueWithdrawals` * @param staker the staker to convert shares for * @param strategies the strategies to convert shares for * @param withdrawableShares the shares to convert * @return the deposit shares * @dev will be a few wei off due to rounding errors */ function convertToDepositShares( address staker, IStrategy[] memory strategies, uint256[] memory withdrawableShares ) external view returns (uint256[] memory); /// @notice Returns the keccak256 hash of `withdrawal`. function calculateWithdrawalRoot( Withdrawal memory withdrawal ) external pure returns (bytes32); /** * @notice Calculates the digest hash to be signed by the operator's delegationApprove and used in the `delegateTo` function. * @param staker The account delegating their stake * @param operator The account receiving delegated stake * @param _delegationApprover the operator's `delegationApprover` who will be signing the delegationHash (in general) * @param approverSalt A unique and single use value associated with the approver signature. * @param expiry Time after which the approver's signature becomes invalid */ function calculateDelegationApprovalDigestHash( address staker, address operator, address _delegationApprover, bytes32 approverSalt, uint256 expiry ) external view returns (bytes32); /// @notice return address of the beaconChainETHStrategy function beaconChainETHStrategy() external view returns (IStrategy); /** * @notice Returns the minimum withdrawal delay in blocks to pass for withdrawals queued to be completable. * Also applies to legacy withdrawals so any withdrawals not completed prior to the slashing upgrade will be subject * to this longer delay. * @dev Backwards-compatible interface to return the internal `MIN_WITHDRAWAL_DELAY_BLOCKS` value * @dev Previous value in storage was deprecated. See `__deprecated_minWithdrawalDelayBlocks` */ function minWithdrawalDelayBlocks() external view returns (uint32); /// @notice The EIP-712 typehash for the DelegationApproval struct used by the contract function DELEGATION_APPROVAL_TYPEHASH() external view returns (bytes32); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "@openzeppelin/contracts/proxy/beacon/IBeacon.sol"; import "./IETHPOSDeposit.sol"; import "./IStrategyManager.sol"; import "./IEigenPod.sol"; import "./IShareManager.sol"; import "./IPausable.sol"; import "./IStrategy.sol"; interface IEigenPodManagerErrors { /// @dev Thrown when caller is not a EigenPod. error OnlyEigenPod(); /// @dev Thrown when caller is not DelegationManager. error OnlyDelegationManager(); /// @dev Thrown when caller already has an EigenPod. error EigenPodAlreadyExists(); /// @dev Thrown when shares is not a multiple of gwei. error SharesNotMultipleOfGwei(); /// @dev Thrown when shares would result in a negative integer. error SharesNegative(); /// @dev Thrown when the strategy is not the beaconChainETH strategy. error InvalidStrategy(); /// @dev Thrown when the pods shares are negative and a beacon chain balance update is attempted. /// The podOwner should complete legacy withdrawal first. error LegacyWithdrawalsNotCompleted(); } interface IEigenPodManagerEvents { /// @notice Emitted to notify the deployment of an EigenPod event PodDeployed(address indexed eigenPod, address indexed podOwner); /// @notice Emitted to notify a deposit of beacon chain ETH recorded in the strategy manager event BeaconChainETHDeposited(address indexed podOwner, uint256 amount); /// @notice Emitted when the balance of an EigenPod is updated event PodSharesUpdated(address indexed podOwner, int256 sharesDelta); /// @notice Emitted every time the total shares of a pod are updated event NewTotalShares(address indexed podOwner, int256 newTotalShares); /// @notice Emitted when a withdrawal of beacon chain ETH is completed event BeaconChainETHWithdrawalCompleted( address indexed podOwner, uint256 shares, uint96 nonce, address delegatedAddress, address withdrawer, bytes32 withdrawalRoot ); /// @notice Emitted when a staker's beaconChainSlashingFactor is updated event BeaconChainSlashingFactorDecreased( address staker, uint64 prevBeaconChainSlashingFactor, uint64 newBeaconChainSlashingFactor ); } interface IEigenPodManagerTypes { /** * @notice The amount of beacon chain slashing experienced by a pod owner as a proportion of WAD * @param isSet whether the slashingFactor has ever been updated. Used to distinguish between * a value of "0" and an uninitialized value. * @param slashingFactor the proportion of the pod owner's balance that has been decreased due to * slashing or other beacon chain balance decreases. * @dev NOTE: if !isSet, `slashingFactor` should be treated as WAD. `slashingFactor` is monotonically * decreasing and can hit 0 if fully slashed. */ struct BeaconChainSlashingFactor { bool isSet; uint64 slashingFactor; } } /** * @title Interface for factory that creates and manages solo staking pods that have their withdrawal credentials pointed to EigenLayer. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service */ interface IEigenPodManager is IEigenPodManagerErrors, IEigenPodManagerEvents, IEigenPodManagerTypes, IShareManager, IPausable { /** * @notice Creates an EigenPod for the sender. * @dev Function will revert if the `msg.sender` already has an EigenPod. * @dev Returns EigenPod address */ function createPod() external returns (address); /** * @notice Stakes for a new beacon chain validator on the sender's EigenPod. * Also creates an EigenPod for the sender if they don't have one already. * @param pubkey The 48 bytes public key of the beacon chain validator. * @param signature The validator's signature of the deposit data. * @param depositDataRoot The root/hash of the deposit data for the validator's deposit. */ function stake(bytes calldata pubkey, bytes calldata signature, bytes32 depositDataRoot) external payable; /** * @notice Changes the `podOwner`'s shares by `sharesDelta` and performs a call to the DelegationManager * to ensure that delegated shares are also tracked correctly * @param podOwner is the pod owner whose balance is being updated. * @param prevRestakedBalanceWei is the total amount restaked through the pod before the balance update * @param balanceDeltaWei is the amount the balance changed * @dev Callable only by the podOwner's EigenPod contract. * @dev Reverts if `sharesDelta` is not a whole Gwei amount */ function recordBeaconChainETHBalanceUpdate( address podOwner, uint256 prevRestakedBalanceWei, int256 balanceDeltaWei ) external; /// @notice Returns the address of the `podOwner`'s EigenPod if it has been deployed. function ownerToPod( address podOwner ) external view returns (IEigenPod); /// @notice Returns the address of the `podOwner`'s EigenPod (whether it is deployed yet or not). function getPod( address podOwner ) external view returns (IEigenPod); /// @notice The ETH2 Deposit Contract function ethPOS() external view returns (IETHPOSDeposit); /// @notice Beacon proxy to which the EigenPods point function eigenPodBeacon() external view returns (IBeacon); /// @notice Returns 'true' if the `podOwner` has created an EigenPod, and 'false' otherwise. function hasPod( address podOwner ) external view returns (bool); /// @notice Returns the number of EigenPods that have been created function numPods() external view returns (uint256); /** * @notice Mapping from Pod owner owner to the number of shares they have in the virtual beacon chain ETH strategy. * @dev The share amount can become negative. This is necessary to accommodate the fact that a pod owner's virtual beacon chain ETH shares can * decrease between the pod owner queuing and completing a withdrawal. * When the pod owner's shares would otherwise increase, this "deficit" is decreased first _instead_. * Likewise, when a withdrawal is completed, this "deficit" is decreased and the withdrawal amount is decreased; We can think of this * as the withdrawal "paying off the deficit". */ function podOwnerDepositShares( address podOwner ) external view returns (int256); /// @notice returns canonical, virtual beaconChainETH strategy function beaconChainETHStrategy() external view returns (IStrategy); /** * @notice Returns the historical sum of proportional balance decreases a pod owner has experienced when * updating their pod's balance. */ function beaconChainSlashingFactor( address staker ) external view returns (uint64); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity ^0.8.27; import "../interfaces/IPausable.sol"; /** * @title Adds pausability to a contract, with pausing & unpausing controlled by the `pauser` and `unpauser` of a PauserRegistry contract. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice Contracts that inherit from this contract may define their own `pause` and `unpause` (and/or related) functions. * These functions should be permissioned as "onlyPauser" which defers to a `PauserRegistry` for determining access control. * @dev Pausability is implemented using a uint256, which allows up to 256 different single bit-flags; each bit can potentially pause different functionality. * Inspiration for this was taken from the NearBridge design here https://etherscan.io/address/0x3FEFc5A4B1c02f21cBc8D3613643ba0635b9a873#code. * For the `pause` and `unpause` functions we've implemented, if you pause, you can only flip (any number of) switches to on/1 (aka "paused"), and if you unpause, * you can only flip (any number of) switches to off/0 (aka "paused"). * If you want a pauseXYZ function that just flips a single bit / "pausing flag", it will: * 1) 'bit-wise and' (aka `&`) a flag with the current paused state (as a uint256) * 2) update the paused state to this new value * @dev We note as well that we have chosen to identify flags by their *bit index* as opposed to their numerical value, so, e.g. defining `DEPOSITS_PAUSED = 3` * indicates specifically that if the *third bit* of `_paused` is flipped -- i.e. it is a '1' -- then deposits should be paused */ abstract contract Pausable is IPausable { /// Constants uint256 internal constant _UNPAUSE_ALL = 0; uint256 internal constant _PAUSE_ALL = type(uint256).max; /// @notice Address of the `PauserRegistry` contract that this contract defers to for determining access control (for pausing). IPauserRegistry public immutable pauserRegistry; /// Storage /// @dev Do not remove, deprecated storage. IPauserRegistry private __deprecated_pauserRegistry; /// @dev Returns a bitmap representing the paused status of the contract. uint256 private _paused; /// Modifiers /// @dev Thrown if the caller is not a valid pauser according to the pauser registry. modifier onlyPauser() { require(pauserRegistry.isPauser(msg.sender), OnlyPauser()); _; } /// @dev Thrown if the caller is not a valid unpauser according to the pauser registry. modifier onlyUnpauser() { require(msg.sender == pauserRegistry.unpauser(), OnlyUnpauser()); _; } /// @dev Thrown if the contract is paused, i.e. if any of the bits in `_paused` is flipped to 1. modifier whenNotPaused() { require(_paused == 0, CurrentlyPaused()); _; } /// @dev Thrown if the `indexed`th bit of `_paused` is 1, i.e. if the `index`th pause switch is flipped. modifier onlyWhenNotPaused( uint8 index ) { require(!paused(index), CurrentlyPaused()); _; } /// Construction constructor( IPauserRegistry _pauserRegistry ) { require(address(_pauserRegistry) != address(0), InputAddressZero()); pauserRegistry = _pauserRegistry; } /// @inheritdoc IPausable function pause( uint256 newPausedStatus ) external onlyPauser { uint256 currentPausedStatus = _paused; // verify that the `newPausedStatus` does not *unflip* any bits (i.e. doesn't unpause anything, all 1 bits remain) require((currentPausedStatus & newPausedStatus) == currentPausedStatus, InvalidNewPausedStatus()); _setPausedStatus(newPausedStatus); } /// @inheritdoc IPausable function pauseAll() external onlyPauser { _setPausedStatus(_PAUSE_ALL); } /// @inheritdoc IPausable function unpause( uint256 newPausedStatus ) external onlyUnpauser { uint256 currentPausedStatus = _paused; // verify that the `newPausedStatus` does not *flip* any bits (i.e. doesn't pause anything, all 0 bits remain) require(((~currentPausedStatus) & (~newPausedStatus)) == (~currentPausedStatus), InvalidNewPausedStatus()); _paused = newPausedStatus; emit Unpaused(msg.sender, newPausedStatus); } /// @inheritdoc IPausable function paused() public view virtual returns (uint256) { return _paused; } /// @inheritdoc IPausable function paused( uint8 index ) public view virtual returns (bool) { uint256 mask = 1 << index; return ((_paused & mask) == mask); } /// @dev Internal helper for setting the paused status, and emitting the corresponding event. function _setPausedStatus( uint256 pausedStatus ) internal { _paused = pausedStatus; emit Paused(msg.sender, pausedStatus); } /** * @dev This empty reserved space is put in place to allow future versions to add new * variables without shifting down storage in the inheritance chain. * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps */ uint256[48] private __gap; }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol) pragma solidity ^0.8.0; import "../IERC20.sol"; /** * @dev Interface for the optional metadata functions from the ERC20 standard. * * _Available since v4.1._ */ interface IERC20Metadata is IERC20 { /** * @dev Returns the name of the token. */ function name() external view returns (string memory); /** * @dev Returns the symbol of the token. */ function symbol() external view returns (string memory); /** * @dev Returns the decimals places of the token. */ function decimals() external view returns (uint8); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.9.0) (proxy/utils/Initializable.sol) pragma solidity ^0.8.2; import "../../utils/AddressUpgradeable.sol"; /** * @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed * behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an * external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer * function so it can only be called once. The {initializer} modifier provided by this contract will have this effect. * * The initialization functions use a version number. Once a version number is used, it is consumed and cannot be * reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in * case an upgrade adds a module that needs to be initialized. * * For example: * * [.hljs-theme-light.nopadding] * ```solidity * contract MyToken is ERC20Upgradeable { * function initialize() initializer public { * __ERC20_init("MyToken", "MTK"); * } * } * * contract MyTokenV2 is MyToken, ERC20PermitUpgradeable { * function initializeV2() reinitializer(2) public { * __ERC20Permit_init("MyToken"); * } * } * ``` * * TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as * possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}. * * CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure * that all initializers are idempotent. This is not verified automatically as constructors are by Solidity. * * [CAUTION] * ==== * Avoid leaving a contract uninitialized. * * An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation * contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke * the {_disableInitializers} function in the constructor to automatically lock it when it is deployed: * * [.hljs-theme-light.nopadding] * ``` * /// @custom:oz-upgrades-unsafe-allow constructor * constructor() { * _disableInitializers(); * } * ``` * ==== */ abstract contract Initializable { /** * @dev Indicates that the contract has been initialized. * @custom:oz-retyped-from bool */ uint8 private _initialized; /** * @dev Indicates that the contract is in the process of being initialized. */ bool private _initializing; /** * @dev Triggered when the contract has been initialized or reinitialized. */ event Initialized(uint8 version); /** * @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope, * `onlyInitializing` functions can be used to initialize parent contracts. * * Similar to `reinitializer(1)`, except that functions marked with `initializer` can be nested in the context of a * constructor. * * Emits an {Initialized} event. */ modifier initializer() { bool isTopLevelCall = !_initializing; require( (isTopLevelCall && _initialized < 1) || (!AddressUpgradeable.isContract(address(this)) && _initialized == 1), "Initializable: contract is already initialized" ); _initialized = 1; if (isTopLevelCall) { _initializing = true; } _; if (isTopLevelCall) { _initializing = false; emit Initialized(1); } } /** * @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the * contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be * used to initialize parent contracts. * * A reinitializer may be used after the original initialization step. This is essential to configure modules that * are added through upgrades and that require initialization. * * When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer` * cannot be nested. If one is invoked in the context of another, execution will revert. * * Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in * a contract, executing them in the right order is up to the developer or operator. * * WARNING: setting the version to 255 will prevent any future reinitialization. * * Emits an {Initialized} event. */ modifier reinitializer(uint8 version) { require(!_initializing && _initialized < version, "Initializable: contract is already initialized"); _initialized = version; _initializing = true; _; _initializing = false; emit Initialized(version); } /** * @dev Modifier to protect an initialization function so that it can only be invoked by functions with the * {initializer} and {reinitializer} modifiers, directly or indirectly. */ modifier onlyInitializing() { require(_initializing, "Initializable: contract is not initializing"); _; } /** * @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call. * Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized * to any version. It is recommended to use this to lock implementation contracts that are designed to be called * through proxies. * * Emits an {Initialized} event the first time it is successfully executed. */ function _disableInitializers() internal virtual { require(!_initializing, "Initializable: contract is initializing"); if (_initialized != type(uint8).max) { _initialized = type(uint8).max; emit Initialized(type(uint8).max); } } /** * @dev Returns the highest version that has been initialized. See {reinitializer}. */ function _getInitializedVersion() internal view returns (uint8) { return _initialized; } /** * @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}. */ function _isInitializing() internal view returns (bool) { return _initializing; } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity ^0.8.27; import "@openzeppelin/contracts/utils/math/Math.sol"; import "@openzeppelin-upgrades/contracts/utils/math/SafeCastUpgradeable.sol"; /// @dev the stakerScalingFactor and operatorMagnitude have initial default values to 1e18 as "1" /// to preserve precision with uint256 math. We use `WAD` where these variables are used /// and divide to represent as 1 uint64 constant WAD = 1e18; /* * There are 2 types of shares: * 1. depositShares * - These can be converted to an amount of tokens given a strategy * - by calling `sharesToUnderlying` on the strategy address (they're already tokens * in the case of EigenPods) * - These live in the storage of EPM and SM strategies * 2. shares * - For a staker, this is the amount of shares that they can withdraw * - For an operator, this is the sum of its staker's withdrawable shares * * Note that `withdrawal.scaledShares` is scaled for the beaconChainETHStrategy to divide by the beaconChainScalingFactor upon queueing * and multiply by the beaconChainScalingFactor upon withdrawal */ struct DepositScalingFactor { uint256 _scalingFactor; } using SlashingLib for DepositScalingFactor global; // TODO: validate order of operations everywhere library SlashingLib { using Math for uint256; using SlashingLib for uint256; using SafeCastUpgradeable for uint256; // WAD MATH function mulWad(uint256 x, uint256 y) internal pure returns (uint256) { return x.mulDiv(y, WAD); } function divWad(uint256 x, uint256 y) internal pure returns (uint256) { return x.mulDiv(WAD, y); } /** * @notice Used explicitly for calculating slashed magnitude, we want to ensure even in the * situation where an operator is slashed several times and precision has been lost over time, * an incoming slashing request isn't rounded down to 0 and an operator is able to avoid slashing penalties. */ function mulWadRoundUp(uint256 x, uint256 y) internal pure returns (uint256) { return x.mulDiv(y, WAD, Math.Rounding.Up); } /** * @notice Used as part of calculating wadSlashed in the EPM to ensure that we don't overslash */ function divWadRoundUp(uint256 x, uint256 y) internal pure returns (uint256) { return x.mulDiv(WAD, y, Math.Rounding.Up); } // GETTERS function scalingFactor( DepositScalingFactor memory dsf ) internal pure returns (uint256) { return dsf._scalingFactor == 0 ? WAD : dsf._scalingFactor; } function scaleForQueueWithdrawal( uint256 sharesToWithdraw, uint256 slashingFactor ) internal pure returns (uint256) { if (slashingFactor == 0) { return 0; } return sharesToWithdraw.divWad(slashingFactor); } function scaleForCompleteWithdrawal(uint256 scaledShares, uint256 slashingFactor) internal pure returns (uint256) { return scaledShares.mulWad(slashingFactor); } /** * @notice Scales shares according to the difference in an operator's magnitude before and * after being slashed. This is used to calculate the number of slashable shares in the * withdrawal queue. * NOTE: max magnitude is guaranteed to only ever decrease. */ function scaleForBurning( uint256 scaledShares, uint64 prevMaxMagnitude, uint64 newMaxMagnitude ) internal pure returns (uint256) { return scaledShares.mulWad(prevMaxMagnitude - newMaxMagnitude); } function update( DepositScalingFactor storage dsf, uint256 prevDepositShares, uint256 addedShares, uint256 slashingFactor ) internal { // If this is the staker's first deposit, set the scaling factor to // the inverse of slashingFactor if (prevDepositShares == 0) { dsf._scalingFactor = uint256(WAD).divWad(slashingFactor); return; } /** * Base Equations: * (1) newShares = currentShares + addedShares * (2) newDepositShares = prevDepositShares + addedShares * (3) newShares = newDepositShares * newDepositScalingFactor * slashingFactor * * Plugging (1) into (3): * (4) newDepositShares * newDepositScalingFactor * slashingFactor = currentShares + addedShares * * Solving for newDepositScalingFactor * (5) newDepositScalingFactor = (currentShares + addedShares) / (newDepositShares * slashingFactor) * * Plugging in (2) into (5): * (7) newDepositScalingFactor = (currentShares + addedShares) / ((prevDepositShares + addedShares) * slashingFactor) * Note that magnitudes must be divided by WAD for precision. Thus, * * (8) newDepositScalingFactor = WAD * (currentShares + addedShares) / ((prevDepositShares + addedShares) * slashingFactor / WAD) * (9) newDepositScalingFactor = (currentShares + addedShares) * WAD / (prevDepositShares + addedShares) * WAD / slashingFactor */ // Step 1: Calculate Numerator uint256 currentShares = dsf.calcWithdrawable(prevDepositShares, slashingFactor); // Step 2: Compute currentShares + addedShares uint256 newShares = currentShares + addedShares; // Step 3: Calculate newDepositScalingFactor /// forgefmt: disable-next-item uint256 newDepositScalingFactor = newShares .divWad(prevDepositShares + addedShares) .divWad(slashingFactor); dsf._scalingFactor = newDepositScalingFactor; } // CONVERSION function calcWithdrawable( DepositScalingFactor memory dsf, uint256 depositShares, uint256 slashingFactor ) internal pure returns (uint256) { /// forgefmt: disable-next-item return depositShares .mulWad(dsf.scalingFactor()) .mulWad(slashingFactor); } function calcDepositShares( DepositScalingFactor memory dsf, uint256 withdrawableShares, uint256 slashingFactor ) internal pure returns (uint256) { /// forgefmt: disable-next-item return withdrawableShares .divWad(dsf.scalingFactor()) .divWad(slashingFactor); } function calcSlashedAmount( uint256 operatorShares, uint256 prevMaxMagnitude, uint256 newMaxMagnitude ) internal pure returns (uint256) { // round up mulDiv so we don't overslash return operatorShares - operatorShares.mulDiv(newMaxMagnitude, prevMaxMagnitude, Math.Rounding.Up); } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; /** * @title Interface for the `PauserRegistry` contract. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service */ interface IPauserRegistry { error OnlyUnpauser(); error InputAddressZero(); event PauserStatusChanged(address pauser, bool canPause); event UnpauserChanged(address previousUnpauser, address newUnpauser); /// @notice Mapping of addresses to whether they hold the pauser role. function isPauser( address pauser ) external view returns (bool); /// @notice Unique address that holds the unpauser role. Capable of changing *both* the pauser and unpauser addresses. function unpauser() external view returns (address); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; /** * @title The interface for common signature utilities. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service */ interface ISignatureUtils { error InvalidSignature(); error SignatureExpired(); // @notice Struct that bundles together a signature and an expiration time for the signature. Used primarily for stack management. struct SignatureWithExpiry { // the signature itself, formatted as a single bytes object bytes signature; // the expiration timestamp (UTC) of the signature uint256 expiry; } // @notice Struct that bundles together a signature, a salt for uniqueness, and an expiration time for the signature. Used primarily for stack management. struct SignatureWithSaltAndExpiry { // the signature itself, formatted as a single bytes object bytes signature; // the salt used to generate the signature bytes32 salt; // the expiration timestamp (UTC) of the signature uint256 expiry; } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (proxy/beacon/IBeacon.sol) pragma solidity ^0.8.0; /** * @dev This is the interface that {BeaconProxy} expects of its beacon. */ interface IBeacon { /** * @dev Must return an address that can be used as a delegate call target. * * {BeaconProxy} will check that this address is a contract. */ function implementation() external view returns (address); }
// ┏━━━┓━┏┓━┏┓━━┏━━━┓━━┏━━━┓━━━━┏━━━┓━━━━━━━━━━━━━━━━━━━┏┓━━━━━┏━━━┓━━━━━━━━━┏┓━━━━━━━━━━━━━━┏┓━ // ┃┏━━┛┏┛┗┓┃┃━━┃┏━┓┃━━┃┏━┓┃━━━━┗┓┏┓┃━━━━━━━━━━━━━━━━━━┏┛┗┓━━━━┃┏━┓┃━━━━━━━━┏┛┗┓━━━━━━━━━━━━┏┛┗┓ // ┃┗━━┓┗┓┏┛┃┗━┓┗┛┏┛┃━━┃┃━┃┃━━━━━┃┃┃┃┏━━┓┏━━┓┏━━┓┏━━┓┏┓┗┓┏┛━━━━┃┃━┗┛┏━━┓┏━┓━┗┓┏┛┏━┓┏━━┓━┏━━┓┗┓┏┛ // ┃┏━━┛━┃┃━┃┏┓┃┏━┛┏┛━━┃┃━┃┃━━━━━┃┃┃┃┃┏┓┃┃┏┓┃┃┏┓┃┃━━┫┣┫━┃┃━━━━━┃┃━┏┓┃┏┓┃┃┏┓┓━┃┃━┃┏┛┗━┓┃━┃┏━┛━┃┃━ // ┃┗━━┓━┃┗┓┃┃┃┃┃┃┗━┓┏┓┃┗━┛┃━━━━┏┛┗┛┃┃┃━┫┃┗┛┃┃┗┛┃┣━━┃┃┃━┃┗┓━━━━┃┗━┛┃┃┗┛┃┃┃┃┃━┃┗┓┃┃━┃┗┛┗┓┃┗━┓━┃┗┓ // ┗━━━┛━┗━┛┗┛┗┛┗━━━┛┗┛┗━━━┛━━━━┗━━━┛┗━━┛┃┏━┛┗━━┛┗━━┛┗┛━┗━┛━━━━┗━━━┛┗━━┛┗┛┗┛━┗━┛┗┛━┗━━━┛┗━━┛━┗━┛ // ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┃┃━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ // ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┗┛━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ // SPDX-License-Identifier: CC0-1.0 pragma solidity >=0.5.0; // This interface is designed to be compatible with the Vyper version. /// @notice This is the Ethereum 2.0 deposit contract interface. /// For more information see the Phase 0 specification under https://github.com/ethereum/eth2.0-specs interface IETHPOSDeposit { /// @notice A processed deposit event. event DepositEvent(bytes pubkey, bytes withdrawal_credentials, bytes amount, bytes signature, bytes index); /// @notice Submit a Phase 0 DepositData object. /// @param pubkey A BLS12-381 public key. /// @param withdrawal_credentials Commitment to a public key for withdrawals. /// @param signature A BLS12-381 signature. /// @param deposit_data_root The SHA-256 hash of the SSZ-encoded DepositData object. /// Used as a protection against malformed input. function deposit( bytes calldata pubkey, bytes calldata withdrawal_credentials, bytes calldata signature, bytes32 deposit_data_root ) external payable; /// @notice Query the current deposit root hash. /// @return The deposit root hash. function get_deposit_root() external view returns (bytes32); /// @notice Query the current deposit count. /// @return The deposit count encoded as a little endian 64-bit number. function get_deposit_count() external view returns (bytes memory); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; import "../libraries/BeaconChainProofs.sol"; import "./IEigenPodManager.sol"; interface IEigenPodErrors { /// @dev Thrown when msg.sender is not the EPM. error OnlyEigenPodManager(); /// @dev Thrown when msg.sender is not the pod owner. error OnlyEigenPodOwner(); /// @dev Thrown when msg.sender is not owner or the proof submitter. error OnlyEigenPodOwnerOrProofSubmitter(); /// @dev Thrown when attempting an action that is currently paused. error CurrentlyPaused(); /// Invalid Inputs /// @dev Thrown when an address of zero is provided. error InputAddressZero(); /// @dev Thrown when two array parameters have mismatching lengths. error InputArrayLengthMismatch(); /// @dev Thrown when `validatorPubKey` length is not equal to 48-bytes. error InvalidPubKeyLength(); /// @dev Thrown when provided timestamp is out of range. error TimestampOutOfRange(); /// Checkpoints /// @dev Thrown when no active checkpoints are found. error NoActiveCheckpoint(); /// @dev Thrown if an uncompleted checkpoint exists. error CheckpointAlreadyActive(); /// @dev Thrown if there's not a balance available to checkpoint. error NoBalanceToCheckpoint(); /// @dev Thrown when attempting to create a checkpoint twice within a given block. error CannotCheckpointTwiceInSingleBlock(); /// Withdrawing /// @dev Thrown when amount exceeds `restakedExecutionLayerGwei`. error InsufficientWithdrawableBalance(); /// Validator Status /// @dev Thrown when a validator's withdrawal credentials have already been verified. error CredentialsAlreadyVerified(); /// @dev Thrown if the provided proof is not valid for this EigenPod. error WithdrawalCredentialsNotForEigenPod(); /// @dev Thrown when a validator is not in the ACTIVE status in the pod. error ValidatorNotActiveInPod(); /// @dev Thrown when validator is not active yet on the beacon chain. error ValidatorInactiveOnBeaconChain(); /// @dev Thrown if a validator is exiting the beacon chain. error ValidatorIsExitingBeaconChain(); /// @dev Thrown when a validator has not been slashed on the beacon chain. error ValidatorNotSlashedOnBeaconChain(); /// Misc /// @dev Thrown when an invalid block root is returned by the EIP-4788 oracle. error InvalidEIP4788Response(); /// @dev Thrown when attempting to send an invalid amount to the beacon deposit contract. error MsgValueNot32ETH(); /// @dev Thrown when provided `beaconTimestamp` is too far in the past. error BeaconTimestampTooFarInPast(); } interface IEigenPodTypes { enum VALIDATOR_STATUS { INACTIVE, // doesnt exist ACTIVE, // staked on ethpos and withdrawal credentials are pointed to the EigenPod WITHDRAWN // withdrawn from the Beacon Chain } struct ValidatorInfo { // index of the validator in the beacon chain uint64 validatorIndex; // amount of beacon chain ETH restaked on EigenLayer in gwei uint64 restakedBalanceGwei; //timestamp of the validator's most recent balance update uint64 lastCheckpointedAt; // status of the validator VALIDATOR_STATUS status; } struct Checkpoint { bytes32 beaconBlockRoot; uint24 proofsRemaining; uint64 podBalanceGwei; int64 balanceDeltasGwei; uint64 prevBeaconBalanceGwei; } } interface IEigenPodEvents is IEigenPodTypes { /// @notice Emitted when an ETH validator stakes via this eigenPod event EigenPodStaked(bytes pubkey); /// @notice Emitted when a pod owner updates the proof submitter address event ProofSubmitterUpdated(address prevProofSubmitter, address newProofSubmitter); /// @notice Emitted when an ETH validator's withdrawal credentials are successfully verified to be pointed to this eigenPod event ValidatorRestaked(uint40 validatorIndex); /// @notice Emitted when an ETH validator's balance is proven to be updated. Here newValidatorBalanceGwei // is the validator's balance that is credited on EigenLayer. event ValidatorBalanceUpdated(uint40 validatorIndex, uint64 balanceTimestamp, uint64 newValidatorBalanceGwei); /// @notice Emitted when restaked beacon chain ETH is withdrawn from the eigenPod. event RestakedBeaconChainETHWithdrawn(address indexed recipient, uint256 amount); /// @notice Emitted when ETH is received via the `receive` fallback event NonBeaconChainETHReceived(uint256 amountReceived); /// @notice Emitted when a checkpoint is created event CheckpointCreated( uint64 indexed checkpointTimestamp, bytes32 indexed beaconBlockRoot, uint256 validatorCount ); /// @notice Emitted when a checkpoint is finalized event CheckpointFinalized(uint64 indexed checkpointTimestamp, int256 totalShareDeltaWei); /// @notice Emitted when a validator is proven for a given checkpoint event ValidatorCheckpointed(uint64 indexed checkpointTimestamp, uint40 indexed validatorIndex); /// @notice Emitted when a validaor is proven to have 0 balance at a given checkpoint event ValidatorWithdrawn(uint64 indexed checkpointTimestamp, uint40 indexed validatorIndex); } /** * @title The implementation contract used for restaking beacon chain ETH on EigenLayer * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @dev Note that all beacon chain balances are stored as gwei within the beacon chain datastructures. We choose * to account balances in terms of gwei in the EigenPod contract and convert to wei when making calls to other contracts */ interface IEigenPod is IEigenPodErrors, IEigenPodEvents { /// @notice Used to initialize the pointers to contracts crucial to the pod's functionality, in beacon proxy construction from EigenPodManager function initialize( address owner ) external; /// @notice Called by EigenPodManager when the owner wants to create another ETH validator. function stake(bytes calldata pubkey, bytes calldata signature, bytes32 depositDataRoot) external payable; /** * @notice Transfers `amountWei` in ether from this contract to the specified `recipient` address * @notice Called by EigenPodManager to withdrawBeaconChainETH that has been added to the EigenPod's balance due to a withdrawal from the beacon chain. * @dev The podOwner must have already proved sufficient withdrawals, so that this pod's `restakedExecutionLayerGwei` exceeds the * `amountWei` input (when converted to GWEI). * @dev Reverts if `amountWei` is not a whole Gwei amount */ function withdrawRestakedBeaconChainETH(address recipient, uint256 amount) external; /** * @dev Create a checkpoint used to prove this pod's active validator set. Checkpoints are completed * by submitting one checkpoint proof per ACTIVE validator. During the checkpoint process, the total * change in ACTIVE validator balance is tracked, and any validators with 0 balance are marked `WITHDRAWN`. * @dev Once finalized, the pod owner is awarded shares corresponding to: * - the total change in their ACTIVE validator balances * - any ETH in the pod not already awarded shares * @dev A checkpoint cannot be created if the pod already has an outstanding checkpoint. If * this is the case, the pod owner MUST complete the existing checkpoint before starting a new one. * @param revertIfNoBalance Forces a revert if the pod ETH balance is 0. This allows the pod owner * to prevent accidentally starting a checkpoint that will not increase their shares */ function startCheckpoint( bool revertIfNoBalance ) external; /** * @dev Progress the current checkpoint towards completion by submitting one or more validator * checkpoint proofs. Anyone can call this method to submit proofs towards the current checkpoint. * For each validator proven, the current checkpoint's `proofsRemaining` decreases. * @dev If the checkpoint's `proofsRemaining` reaches 0, the checkpoint is finalized. * (see `_updateCheckpoint` for more details) * @dev This method can only be called when there is a currently-active checkpoint. * @param balanceContainerProof proves the beacon's current balance container root against a checkpoint's `beaconBlockRoot` * @param proofs Proofs for one or more validator current balances against the `balanceContainerRoot` */ function verifyCheckpointProofs( BeaconChainProofs.BalanceContainerProof calldata balanceContainerProof, BeaconChainProofs.BalanceProof[] calldata proofs ) external; /** * @dev Verify one or more validators have their withdrawal credentials pointed at this EigenPod, and award * shares based on their effective balance. Proven validators are marked `ACTIVE` within the EigenPod, and * future checkpoint proofs will need to include them. * @dev Withdrawal credential proofs MUST NOT be older than `currentCheckpointTimestamp`. * @dev Validators proven via this method MUST NOT have an exit epoch set already. * @param beaconTimestamp the beacon chain timestamp sent to the 4788 oracle contract. Corresponds * to the parent beacon block root against which the proof is verified. * @param stateRootProof proves a beacon state root against a beacon block root * @param validatorIndices a list of validator indices being proven * @param validatorFieldsProofs proofs of each validator's `validatorFields` against the beacon state root * @param validatorFields the fields of the beacon chain "Validator" container. See consensus specs for * details: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator */ function verifyWithdrawalCredentials( uint64 beaconTimestamp, BeaconChainProofs.StateRootProof calldata stateRootProof, uint40[] calldata validatorIndices, bytes[] calldata validatorFieldsProofs, bytes32[][] calldata validatorFields ) external; /** * @dev Prove that one of this pod's active validators was slashed on the beacon chain. A successful * staleness proof allows the caller to start a checkpoint. * * @dev Note that in order to start a checkpoint, any existing checkpoint must already be completed! * (See `_startCheckpoint` for details) * * @dev Note that this method allows anyone to start a checkpoint as soon as a slashing occurs on the beacon * chain. This is intended to make it easier to external watchers to keep a pod's balance up to date. * * @dev Note too that beacon chain slashings are not instant. There is a delay between the initial slashing event * and the validator's final exit back to the execution layer. During this time, the validator's balance may or * may not drop further due to a correlation penalty. This method allows proof of a slashed validator * to initiate a checkpoint for as long as the validator remains on the beacon chain. Once the validator * has exited and been checkpointed at 0 balance, they are no longer "checkpoint-able" and cannot be proven * "stale" via this method. * See https://eth2book.info/capella/part3/transition/epoch/#slashings for more info. * * @param beaconTimestamp the beacon chain timestamp sent to the 4788 oracle contract. Corresponds * to the parent beacon block root against which the proof is verified. * @param stateRootProof proves a beacon state root against a beacon block root * @param proof the fields of the beacon chain "Validator" container, along with a merkle proof against * the beacon state root. See the consensus specs for more details: * https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator * * @dev Staleness conditions: * - Validator's last checkpoint is older than `beaconTimestamp` * - Validator MUST be in `ACTIVE` status in the pod * - Validator MUST be slashed on the beacon chain */ function verifyStaleBalance( uint64 beaconTimestamp, BeaconChainProofs.StateRootProof calldata stateRootProof, BeaconChainProofs.ValidatorProof calldata proof ) external; /// @notice called by owner of a pod to remove any ERC20s deposited in the pod function recoverTokens(IERC20[] memory tokenList, uint256[] memory amountsToWithdraw, address recipient) external; /// @notice Allows the owner of a pod to update the proof submitter, a permissioned /// address that can call `startCheckpoint` and `verifyWithdrawalCredentials`. /// @dev Note that EITHER the podOwner OR proofSubmitter can access these methods, /// so it's fine to set your proofSubmitter to 0 if you want the podOwner to be the /// only address that can call these methods. /// @param newProofSubmitter The new proof submitter address. If set to 0, only the /// pod owner will be able to call `startCheckpoint` and `verifyWithdrawalCredentials` function setProofSubmitter( address newProofSubmitter ) external; /** * * VIEW METHODS * */ /// @notice An address with permissions to call `startCheckpoint` and `verifyWithdrawalCredentials`, set /// by the podOwner. This role exists to allow a podOwner to designate a hot wallet that can call /// these methods, allowing the podOwner to remain a cold wallet that is only used to manage funds. /// @dev If this address is NOT set, only the podOwner can call `startCheckpoint` and `verifyWithdrawalCredentials` function proofSubmitter() external view returns (address); /// @notice the amount of execution layer ETH in this contract that is staked in EigenLayer (i.e. withdrawn from beaconchain but not EigenLayer), function withdrawableRestakedExecutionLayerGwei() external view returns (uint64); /// @notice The single EigenPodManager for EigenLayer function eigenPodManager() external view returns (IEigenPodManager); /// @notice The owner of this EigenPod function podOwner() external view returns (address); /// @notice Returns the validatorInfo struct for the provided pubkeyHash function validatorPubkeyHashToInfo( bytes32 validatorPubkeyHash ) external view returns (ValidatorInfo memory); /// @notice Returns the validatorInfo struct for the provided pubkey function validatorPubkeyToInfo( bytes calldata validatorPubkey ) external view returns (ValidatorInfo memory); /// @notice This returns the status of a given validator function validatorStatus( bytes32 pubkeyHash ) external view returns (VALIDATOR_STATUS); /// @notice This returns the status of a given validator pubkey function validatorStatus( bytes calldata validatorPubkey ) external view returns (VALIDATOR_STATUS); /// @notice Number of validators with proven withdrawal credentials, who do not have proven full withdrawals function activeValidatorCount() external view returns (uint256); /// @notice The timestamp of the last checkpoint finalized function lastCheckpointTimestamp() external view returns (uint64); /// @notice The timestamp of the currently-active checkpoint. Will be 0 if there is not active checkpoint function currentCheckpointTimestamp() external view returns (uint64); /// @notice Returns the currently-active checkpoint function currentCheckpoint() external view returns (Checkpoint memory); /// @notice For each checkpoint, the total balance attributed to exited validators, in gwei /// /// NOTE that the values added to this mapping are NOT guaranteed to capture the entirety of a validator's /// exit - rather, they capture the total change in a validator's balance when a checkpoint shows their /// balance change from nonzero to zero. While a change from nonzero to zero DOES guarantee that a validator /// has been fully exited, it is possible that the magnitude of this change does not capture what is /// typically thought of as a "full exit." /// /// For example: /// 1. Consider a validator was last checkpointed at 32 ETH before exiting. Once the exit has been processed, /// it is expected that the validator's exited balance is calculated to be `32 ETH`. /// 2. However, before `startCheckpoint` is called, a deposit is made to the validator for 1 ETH. The beacon /// chain will automatically withdraw this ETH, but not until the withdrawal sweep passes over the validator /// again. Until this occurs, the validator's current balance (used for checkpointing) is 1 ETH. /// 3. If `startCheckpoint` is called at this point, the balance delta calculated for this validator will be /// `-31 ETH`, and because the validator has a nonzero balance, it is not marked WITHDRAWN. /// 4. After the exit is processed by the beacon chain, a subsequent `startCheckpoint` and checkpoint proof /// will calculate a balance delta of `-1 ETH` and attribute a 1 ETH exit to the validator. /// /// If this edge case impacts your usecase, it should be possible to mitigate this by monitoring for deposits /// to your exited validators, and waiting to call `startCheckpoint` until those deposits have been automatically /// exited. /// /// Additional edge cases this mapping does not cover: /// - If a validator is slashed, their balance exited will reflect their original balance rather than the slashed amount /// - The final partial withdrawal for an exited validator will be likely be included in this mapping. /// i.e. if a validator was last checkpointed at 32.1 ETH before exiting, the next checkpoint will calculate their /// "exited" amount to be 32.1 ETH rather than 32 ETH. function checkpointBalanceExitedGwei( uint64 ) external view returns (uint64); /// @notice Query the 4788 oracle to get the parent block root of the slot with the given `timestamp` /// @param timestamp of the block for which the parent block root will be returned. MUST correspond /// to an existing slot within the last 24 hours. If the slot at `timestamp` was skipped, this method /// will revert. function getParentBlockRoot( uint64 timestamp ) external view returns (bytes32); }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity >=0.5.0; import "../interfaces/IPauserRegistry.sol"; /** * @title Adds pausability to a contract, with pausing & unpausing controlled by the `pauser` and `unpauser` of a PauserRegistry contract. * @author Layr Labs, Inc. * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service * @notice Contracts that inherit from this contract may define their own `pause` and `unpause` (and/or related) functions. * These functions should be permissioned as "onlyPauser" which defers to a `PauserRegistry` for determining access control. * @dev Pausability is implemented using a uint256, which allows up to 256 different single bit-flags; each bit can potentially pause different functionality. * Inspiration for this was taken from the NearBridge design here https://etherscan.io/address/0x3FEFc5A4B1c02f21cBc8D3613643ba0635b9a873#code. * For the `pause` and `unpause` functions we've implemented, if you pause, you can only flip (any number of) switches to on/1 (aka "paused"), and if you unpause, * you can only flip (any number of) switches to off/0 (aka "paused"). * If you want a pauseXYZ function that just flips a single bit / "pausing flag", it will: * 1) 'bit-wise and' (aka `&`) a flag with the current paused state (as a uint256) * 2) update the paused state to this new value * @dev We note as well that we have chosen to identify flags by their *bit index* as opposed to their numerical value, so, e.g. defining `DEPOSITS_PAUSED = 3` * indicates specifically that if the *third bit* of `_paused` is flipped -- i.e. it is a '1' -- then deposits should be paused */ interface IPausable { /// @dev Thrown when caller is not pauser. error OnlyPauser(); /// @dev Thrown when caller is not unpauser. error OnlyUnpauser(); /// @dev Thrown when currently paused. error CurrentlyPaused(); /// @dev Thrown when invalid `newPausedStatus` is provided. error InvalidNewPausedStatus(); /// @dev Thrown when a null address input is provided. error InputAddressZero(); /// @notice Emitted when the pause is triggered by `account`, and changed to `newPausedStatus`. event Paused(address indexed account, uint256 newPausedStatus); /// @notice Emitted when the pause is lifted by `account`, and changed to `newPausedStatus`. event Unpaused(address indexed account, uint256 newPausedStatus); /// @notice Address of the `PauserRegistry` contract that this contract defers to for determining access control (for pausing). function pauserRegistry() external view returns (IPauserRegistry); /** * @notice This function is used to pause an EigenLayer contract's functionality. * It is permissioned to the `pauser` address, which is expected to be a low threshold multisig. * @param newPausedStatus represents the new value for `_paused` to take, which means it may flip several bits at once. * @dev This function can only pause functionality, and thus cannot 'unflip' any bit in `_paused` from 1 to 0. */ function pause( uint256 newPausedStatus ) external; /** * @notice Alias for `pause(type(uint256).max)`. */ function pauseAll() external; /** * @notice This function is used to unpause an EigenLayer contract's functionality. * It is permissioned to the `unpauser` address, which is expected to be a high threshold multisig or governance contract. * @param newPausedStatus represents the new value for `_paused` to take, which means it may flip several bits at once. * @dev This function can only unpause functionality, and thus cannot 'flip' any bit in `_paused` from 0 to 1. */ function unpause( uint256 newPausedStatus ) external; /// @notice Returns the current paused status as a uint256. function paused() external view returns (uint256); /// @notice Returns 'true' if the `indexed`th bit of `_paused` is 1, and 'false' otherwise function paused( uint8 index ) external view returns (bool); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol) pragma solidity ^0.8.1; /** * @dev Collection of functions related to the address type */ library AddressUpgradeable { /** * @dev Returns true if `account` is a contract. * * [IMPORTANT] * ==== * It is unsafe to assume that an address for which this function returns * false is an externally-owned account (EOA) and not a contract. * * Among others, `isContract` will return false for the following * types of addresses: * * - an externally-owned account * - a contract in construction * - an address where a contract will be created * - an address where a contract lived, but was destroyed * * Furthermore, `isContract` will also return true if the target contract within * the same transaction is already scheduled for destruction by `SELFDESTRUCT`, * which only has an effect at the end of a transaction. * ==== * * [IMPORTANT] * ==== * You shouldn't rely on `isContract` to protect against flash loan attacks! * * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract * constructor. * ==== */ function isContract(address account) internal view returns (bool) { // This method relies on extcodesize/address.code.length, which returns 0 // for contracts in construction, since the code is only stored at the end // of the constructor execution. return account.code.length > 0; } /** * @dev Replacement for Solidity's `transfer`: sends `amount` wei to * `recipient`, forwarding all available gas and reverting on errors. * * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost * of certain opcodes, possibly making contracts go over the 2300 gas limit * imposed by `transfer`, making them unable to receive funds via * `transfer`. {sendValue} removes this limitation. * * https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more]. * * IMPORTANT: because control is transferred to `recipient`, care must be * taken to not create reentrancy vulnerabilities. Consider using * {ReentrancyGuard} or the * https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern]. */ function sendValue(address payable recipient, uint256 amount) internal { require(address(this).balance >= amount, "Address: insufficient balance"); (bool success, ) = recipient.call{value: amount}(""); require(success, "Address: unable to send value, recipient may have reverted"); } /** * @dev Performs a Solidity function call using a low level `call`. A * plain `call` is an unsafe replacement for a function call: use this * function instead. * * If `target` reverts with a revert reason, it is bubbled up by this * function (like regular Solidity function calls). * * Returns the raw returned data. To convert to the expected return value, * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`]. * * Requirements: * * - `target` must be a contract. * - calling `target` with `data` must not revert. * * _Available since v3.1._ */ function functionCall(address target, bytes memory data) internal returns (bytes memory) { return functionCallWithValue(target, data, 0, "Address: low-level call failed"); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with * `errorMessage` as a fallback revert reason when `target` reverts. * * _Available since v3.1._ */ function functionCall( address target, bytes memory data, string memory errorMessage ) internal returns (bytes memory) { return functionCallWithValue(target, data, 0, errorMessage); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but also transferring `value` wei to `target`. * * Requirements: * * - the calling contract must have an ETH balance of at least `value`. * - the called Solidity function must be `payable`. * * _Available since v3.1._ */ function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) { return functionCallWithValue(target, data, value, "Address: low-level call with value failed"); } /** * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but * with `errorMessage` as a fallback revert reason when `target` reverts. * * _Available since v3.1._ */ function functionCallWithValue( address target, bytes memory data, uint256 value, string memory errorMessage ) internal returns (bytes memory) { require(address(this).balance >= value, "Address: insufficient balance for call"); (bool success, bytes memory returndata) = target.call{value: value}(data); return verifyCallResultFromTarget(target, success, returndata, errorMessage); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but performing a static call. * * _Available since v3.3._ */ function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) { return functionStaticCall(target, data, "Address: low-level static call failed"); } /** * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`], * but performing a static call. * * _Available since v3.3._ */ function functionStaticCall( address target, bytes memory data, string memory errorMessage ) internal view returns (bytes memory) { (bool success, bytes memory returndata) = target.staticcall(data); return verifyCallResultFromTarget(target, success, returndata, errorMessage); } /** * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], * but performing a delegate call. * * _Available since v3.4._ */ function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) { return functionDelegateCall(target, data, "Address: low-level delegate call failed"); } /** * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`], * but performing a delegate call. * * _Available since v3.4._ */ function functionDelegateCall( address target, bytes memory data, string memory errorMessage ) internal returns (bytes memory) { (bool success, bytes memory returndata) = target.delegatecall(data); return verifyCallResultFromTarget(target, success, returndata, errorMessage); } /** * @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling * the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract. * * _Available since v4.8._ */ function verifyCallResultFromTarget( address target, bool success, bytes memory returndata, string memory errorMessage ) internal view returns (bytes memory) { if (success) { if (returndata.length == 0) { // only check isContract if the call was successful and the return data is empty // otherwise we already know that it was a contract require(isContract(target), "Address: call to non-contract"); } return returndata; } else { _revert(returndata, errorMessage); } } /** * @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the * revert reason or using the provided one. * * _Available since v4.3._ */ function verifyCallResult( bool success, bytes memory returndata, string memory errorMessage ) internal pure returns (bytes memory) { if (success) { return returndata; } else { _revert(returndata, errorMessage); } } function _revert(bytes memory returndata, string memory errorMessage) private pure { // Look for revert reason and bubble it up if present if (returndata.length > 0) { // The easiest way to bubble the revert reason is using memory via assembly /// @solidity memory-safe-assembly assembly { let returndata_size := mload(returndata) revert(add(32, returndata), returndata_size) } } else { revert(errorMessage); } } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.9.0) (utils/math/Math.sol) pragma solidity ^0.8.0; /** * @dev Standard math utilities missing in the Solidity language. */ library Math { enum Rounding { Down, // Toward negative infinity Up, // Toward infinity Zero // Toward zero } /** * @dev Returns the largest of two numbers. */ function max(uint256 a, uint256 b) internal pure returns (uint256) { return a > b ? a : b; } /** * @dev Returns the smallest of two numbers. */ function min(uint256 a, uint256 b) internal pure returns (uint256) { return a < b ? a : b; } /** * @dev Returns the average of two numbers. The result is rounded towards * zero. */ function average(uint256 a, uint256 b) internal pure returns (uint256) { // (a + b) / 2 can overflow. return (a & b) + (a ^ b) / 2; } /** * @dev Returns the ceiling of the division of two numbers. * * This differs from standard division with `/` in that it rounds up instead * of rounding down. */ function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) { // (a + b - 1) / b can overflow on addition, so we distribute. return a == 0 ? 0 : (a - 1) / b + 1; } /** * @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0 * @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) * with further edits by Uniswap Labs also under MIT license. */ function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) { unchecked { // 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use // use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256 // variables such that product = prod1 * 2^256 + prod0. uint256 prod0; // Least significant 256 bits of the product uint256 prod1; // Most significant 256 bits of the product assembly { let mm := mulmod(x, y, not(0)) prod0 := mul(x, y) prod1 := sub(sub(mm, prod0), lt(mm, prod0)) } // Handle non-overflow cases, 256 by 256 division. if (prod1 == 0) { // Solidity will revert if denominator == 0, unlike the div opcode on its own. // The surrounding unchecked block does not change this fact. // See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic. return prod0 / denominator; } // Make sure the result is less than 2^256. Also prevents denominator == 0. require(denominator > prod1, "Math: mulDiv overflow"); /////////////////////////////////////////////// // 512 by 256 division. /////////////////////////////////////////////// // Make division exact by subtracting the remainder from [prod1 prod0]. uint256 remainder; assembly { // Compute remainder using mulmod. remainder := mulmod(x, y, denominator) // Subtract 256 bit number from 512 bit number. prod1 := sub(prod1, gt(remainder, prod0)) prod0 := sub(prod0, remainder) } // Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1. // See https://cs.stackexchange.com/q/138556/92363. // Does not overflow because the denominator cannot be zero at this stage in the function. uint256 twos = denominator & (~denominator + 1); assembly { // Divide denominator by twos. denominator := div(denominator, twos) // Divide [prod1 prod0] by twos. prod0 := div(prod0, twos) // Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one. twos := add(div(sub(0, twos), twos), 1) } // Shift in bits from prod1 into prod0. prod0 |= prod1 * twos; // Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such // that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for // four bits. That is, denominator * inv = 1 mod 2^4. uint256 inverse = (3 * denominator) ^ 2; // Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works // in modular arithmetic, doubling the correct bits in each step. inverse *= 2 - denominator * inverse; // inverse mod 2^8 inverse *= 2 - denominator * inverse; // inverse mod 2^16 inverse *= 2 - denominator * inverse; // inverse mod 2^32 inverse *= 2 - denominator * inverse; // inverse mod 2^64 inverse *= 2 - denominator * inverse; // inverse mod 2^128 inverse *= 2 - denominator * inverse; // inverse mod 2^256 // Because the division is now exact we can divide by multiplying with the modular inverse of denominator. // This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is // less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1 // is no longer required. result = prod0 * inverse; return result; } } /** * @notice Calculates x * y / denominator with full precision, following the selected rounding direction. */ function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) { uint256 result = mulDiv(x, y, denominator); if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) { result += 1; } return result; } /** * @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down. * * Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11). */ function sqrt(uint256 a) internal pure returns (uint256) { if (a == 0) { return 0; } // For our first guess, we get the biggest power of 2 which is smaller than the square root of the target. // // We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have // `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`. // // This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)` // → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))` // → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)` // // Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit. uint256 result = 1 << (log2(a) >> 1); // At this point `result` is an estimation with one bit of precision. We know the true value is a uint128, // since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at // every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision // into the expected uint128 result. unchecked { result = (result + a / result) >> 1; result = (result + a / result) >> 1; result = (result + a / result) >> 1; result = (result + a / result) >> 1; result = (result + a / result) >> 1; result = (result + a / result) >> 1; result = (result + a / result) >> 1; return min(result, a / result); } } /** * @notice Calculates sqrt(a), following the selected rounding direction. */ function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) { unchecked { uint256 result = sqrt(a); return result + (rounding == Rounding.Up && result * result < a ? 1 : 0); } } /** * @dev Return the log in base 2, rounded down, of a positive value. * Returns 0 if given 0. */ function log2(uint256 value) internal pure returns (uint256) { uint256 result = 0; unchecked { if (value >> 128 > 0) { value >>= 128; result += 128; } if (value >> 64 > 0) { value >>= 64; result += 64; } if (value >> 32 > 0) { value >>= 32; result += 32; } if (value >> 16 > 0) { value >>= 16; result += 16; } if (value >> 8 > 0) { value >>= 8; result += 8; } if (value >> 4 > 0) { value >>= 4; result += 4; } if (value >> 2 > 0) { value >>= 2; result += 2; } if (value >> 1 > 0) { result += 1; } } return result; } /** * @dev Return the log in base 2, following the selected rounding direction, of a positive value. * Returns 0 if given 0. */ function log2(uint256 value, Rounding rounding) internal pure returns (uint256) { unchecked { uint256 result = log2(value); return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0); } } /** * @dev Return the log in base 10, rounded down, of a positive value. * Returns 0 if given 0. */ function log10(uint256 value) internal pure returns (uint256) { uint256 result = 0; unchecked { if (value >= 10 ** 64) { value /= 10 ** 64; result += 64; } if (value >= 10 ** 32) { value /= 10 ** 32; result += 32; } if (value >= 10 ** 16) { value /= 10 ** 16; result += 16; } if (value >= 10 ** 8) { value /= 10 ** 8; result += 8; } if (value >= 10 ** 4) { value /= 10 ** 4; result += 4; } if (value >= 10 ** 2) { value /= 10 ** 2; result += 2; } if (value >= 10 ** 1) { result += 1; } } return result; } /** * @dev Return the log in base 10, following the selected rounding direction, of a positive value. * Returns 0 if given 0. */ function log10(uint256 value, Rounding rounding) internal pure returns (uint256) { unchecked { uint256 result = log10(value); return result + (rounding == Rounding.Up && 10 ** result < value ? 1 : 0); } } /** * @dev Return the log in base 256, rounded down, of a positive value. * Returns 0 if given 0. * * Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string. */ function log256(uint256 value) internal pure returns (uint256) { uint256 result = 0; unchecked { if (value >> 128 > 0) { value >>= 128; result += 16; } if (value >> 64 > 0) { value >>= 64; result += 8; } if (value >> 32 > 0) { value >>= 32; result += 4; } if (value >> 16 > 0) { value >>= 16; result += 2; } if (value >> 8 > 0) { result += 1; } } return result; } /** * @dev Return the log in base 256, following the selected rounding direction, of a positive value. * Returns 0 if given 0. */ function log256(uint256 value, Rounding rounding) internal pure returns (uint256) { unchecked { uint256 result = log256(value); return result + (rounding == Rounding.Up && 1 << (result << 3) < value ? 1 : 0); } } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.8.0) (utils/math/SafeCast.sol) // This file was procedurally generated from scripts/generate/templates/SafeCast.js. pragma solidity ^0.8.0; /** * @dev Wrappers over Solidity's uintXX/intXX casting operators with added overflow * checks. * * Downcasting from uint256/int256 in Solidity does not revert on overflow. This can * easily result in undesired exploitation or bugs, since developers usually * assume that overflows raise errors. `SafeCast` restores this intuition by * reverting the transaction when such an operation overflows. * * Using this library instead of the unchecked operations eliminates an entire * class of bugs, so it's recommended to use it always. * * Can be combined with {SafeMath} and {SignedSafeMath} to extend it to smaller types, by performing * all math on `uint256` and `int256` and then downcasting. */ library SafeCastUpgradeable { /** * @dev Returns the downcasted uint248 from uint256, reverting on * overflow (when the input is greater than largest uint248). * * Counterpart to Solidity's `uint248` operator. * * Requirements: * * - input must fit into 248 bits * * _Available since v4.7._ */ function toUint248(uint256 value) internal pure returns (uint248) { require(value <= type(uint248).max, "SafeCast: value doesn't fit in 248 bits"); return uint248(value); } /** * @dev Returns the downcasted uint240 from uint256, reverting on * overflow (when the input is greater than largest uint240). * * Counterpart to Solidity's `uint240` operator. * * Requirements: * * - input must fit into 240 bits * * _Available since v4.7._ */ function toUint240(uint256 value) internal pure returns (uint240) { require(value <= type(uint240).max, "SafeCast: value doesn't fit in 240 bits"); return uint240(value); } /** * @dev Returns the downcasted uint232 from uint256, reverting on * overflow (when the input is greater than largest uint232). * * Counterpart to Solidity's `uint232` operator. * * Requirements: * * - input must fit into 232 bits * * _Available since v4.7._ */ function toUint232(uint256 value) internal pure returns (uint232) { require(value <= type(uint232).max, "SafeCast: value doesn't fit in 232 bits"); return uint232(value); } /** * @dev Returns the downcasted uint224 from uint256, reverting on * overflow (when the input is greater than largest uint224). * * Counterpart to Solidity's `uint224` operator. * * Requirements: * * - input must fit into 224 bits * * _Available since v4.2._ */ function toUint224(uint256 value) internal pure returns (uint224) { require(value <= type(uint224).max, "SafeCast: value doesn't fit in 224 bits"); return uint224(value); } /** * @dev Returns the downcasted uint216 from uint256, reverting on * overflow (when the input is greater than largest uint216). * * Counterpart to Solidity's `uint216` operator. * * Requirements: * * - input must fit into 216 bits * * _Available since v4.7._ */ function toUint216(uint256 value) internal pure returns (uint216) { require(value <= type(uint216).max, "SafeCast: value doesn't fit in 216 bits"); return uint216(value); } /** * @dev Returns the downcasted uint208 from uint256, reverting on * overflow (when the input is greater than largest uint208). * * Counterpart to Solidity's `uint208` operator. * * Requirements: * * - input must fit into 208 bits * * _Available since v4.7._ */ function toUint208(uint256 value) internal pure returns (uint208) { require(value <= type(uint208).max, "SafeCast: value doesn't fit in 208 bits"); return uint208(value); } /** * @dev Returns the downcasted uint200 from uint256, reverting on * overflow (when the input is greater than largest uint200). * * Counterpart to Solidity's `uint200` operator. * * Requirements: * * - input must fit into 200 bits * * _Available since v4.7._ */ function toUint200(uint256 value) internal pure returns (uint200) { require(value <= type(uint200).max, "SafeCast: value doesn't fit in 200 bits"); return uint200(value); } /** * @dev Returns the downcasted uint192 from uint256, reverting on * overflow (when the input is greater than largest uint192). * * Counterpart to Solidity's `uint192` operator. * * Requirements: * * - input must fit into 192 bits * * _Available since v4.7._ */ function toUint192(uint256 value) internal pure returns (uint192) { require(value <= type(uint192).max, "SafeCast: value doesn't fit in 192 bits"); return uint192(value); } /** * @dev Returns the downcasted uint184 from uint256, reverting on * overflow (when the input is greater than largest uint184). * * Counterpart to Solidity's `uint184` operator. * * Requirements: * * - input must fit into 184 bits * * _Available since v4.7._ */ function toUint184(uint256 value) internal pure returns (uint184) { require(value <= type(uint184).max, "SafeCast: value doesn't fit in 184 bits"); return uint184(value); } /** * @dev Returns the downcasted uint176 from uint256, reverting on * overflow (when the input is greater than largest uint176). * * Counterpart to Solidity's `uint176` operator. * * Requirements: * * - input must fit into 176 bits * * _Available since v4.7._ */ function toUint176(uint256 value) internal pure returns (uint176) { require(value <= type(uint176).max, "SafeCast: value doesn't fit in 176 bits"); return uint176(value); } /** * @dev Returns the downcasted uint168 from uint256, reverting on * overflow (when the input is greater than largest uint168). * * Counterpart to Solidity's `uint168` operator. * * Requirements: * * - input must fit into 168 bits * * _Available since v4.7._ */ function toUint168(uint256 value) internal pure returns (uint168) { require(value <= type(uint168).max, "SafeCast: value doesn't fit in 168 bits"); return uint168(value); } /** * @dev Returns the downcasted uint160 from uint256, reverting on * overflow (when the input is greater than largest uint160). * * Counterpart to Solidity's `uint160` operator. * * Requirements: * * - input must fit into 160 bits * * _Available since v4.7._ */ function toUint160(uint256 value) internal pure returns (uint160) { require(value <= type(uint160).max, "SafeCast: value doesn't fit in 160 bits"); return uint160(value); } /** * @dev Returns the downcasted uint152 from uint256, reverting on * overflow (when the input is greater than largest uint152). * * Counterpart to Solidity's `uint152` operator. * * Requirements: * * - input must fit into 152 bits * * _Available since v4.7._ */ function toUint152(uint256 value) internal pure returns (uint152) { require(value <= type(uint152).max, "SafeCast: value doesn't fit in 152 bits"); return uint152(value); } /** * @dev Returns the downcasted uint144 from uint256, reverting on * overflow (when the input is greater than largest uint144). * * Counterpart to Solidity's `uint144` operator. * * Requirements: * * - input must fit into 144 bits * * _Available since v4.7._ */ function toUint144(uint256 value) internal pure returns (uint144) { require(value <= type(uint144).max, "SafeCast: value doesn't fit in 144 bits"); return uint144(value); } /** * @dev Returns the downcasted uint136 from uint256, reverting on * overflow (when the input is greater than largest uint136). * * Counterpart to Solidity's `uint136` operator. * * Requirements: * * - input must fit into 136 bits * * _Available since v4.7._ */ function toUint136(uint256 value) internal pure returns (uint136) { require(value <= type(uint136).max, "SafeCast: value doesn't fit in 136 bits"); return uint136(value); } /** * @dev Returns the downcasted uint128 from uint256, reverting on * overflow (when the input is greater than largest uint128). * * Counterpart to Solidity's `uint128` operator. * * Requirements: * * - input must fit into 128 bits * * _Available since v2.5._ */ function toUint128(uint256 value) internal pure returns (uint128) { require(value <= type(uint128).max, "SafeCast: value doesn't fit in 128 bits"); return uint128(value); } /** * @dev Returns the downcasted uint120 from uint256, reverting on * overflow (when the input is greater than largest uint120). * * Counterpart to Solidity's `uint120` operator. * * Requirements: * * - input must fit into 120 bits * * _Available since v4.7._ */ function toUint120(uint256 value) internal pure returns (uint120) { require(value <= type(uint120).max, "SafeCast: value doesn't fit in 120 bits"); return uint120(value); } /** * @dev Returns the downcasted uint112 from uint256, reverting on * overflow (when the input is greater than largest uint112). * * Counterpart to Solidity's `uint112` operator. * * Requirements: * * - input must fit into 112 bits * * _Available since v4.7._ */ function toUint112(uint256 value) internal pure returns (uint112) { require(value <= type(uint112).max, "SafeCast: value doesn't fit in 112 bits"); return uint112(value); } /** * @dev Returns the downcasted uint104 from uint256, reverting on * overflow (when the input is greater than largest uint104). * * Counterpart to Solidity's `uint104` operator. * * Requirements: * * - input must fit into 104 bits * * _Available since v4.7._ */ function toUint104(uint256 value) internal pure returns (uint104) { require(value <= type(uint104).max, "SafeCast: value doesn't fit in 104 bits"); return uint104(value); } /** * @dev Returns the downcasted uint96 from uint256, reverting on * overflow (when the input is greater than largest uint96). * * Counterpart to Solidity's `uint96` operator. * * Requirements: * * - input must fit into 96 bits * * _Available since v4.2._ */ function toUint96(uint256 value) internal pure returns (uint96) { require(value <= type(uint96).max, "SafeCast: value doesn't fit in 96 bits"); return uint96(value); } /** * @dev Returns the downcasted uint88 from uint256, reverting on * overflow (when the input is greater than largest uint88). * * Counterpart to Solidity's `uint88` operator. * * Requirements: * * - input must fit into 88 bits * * _Available since v4.7._ */ function toUint88(uint256 value) internal pure returns (uint88) { require(value <= type(uint88).max, "SafeCast: value doesn't fit in 88 bits"); return uint88(value); } /** * @dev Returns the downcasted uint80 from uint256, reverting on * overflow (when the input is greater than largest uint80). * * Counterpart to Solidity's `uint80` operator. * * Requirements: * * - input must fit into 80 bits * * _Available since v4.7._ */ function toUint80(uint256 value) internal pure returns (uint80) { require(value <= type(uint80).max, "SafeCast: value doesn't fit in 80 bits"); return uint80(value); } /** * @dev Returns the downcasted uint72 from uint256, reverting on * overflow (when the input is greater than largest uint72). * * Counterpart to Solidity's `uint72` operator. * * Requirements: * * - input must fit into 72 bits * * _Available since v4.7._ */ function toUint72(uint256 value) internal pure returns (uint72) { require(value <= type(uint72).max, "SafeCast: value doesn't fit in 72 bits"); return uint72(value); } /** * @dev Returns the downcasted uint64 from uint256, reverting on * overflow (when the input is greater than largest uint64). * * Counterpart to Solidity's `uint64` operator. * * Requirements: * * - input must fit into 64 bits * * _Available since v2.5._ */ function toUint64(uint256 value) internal pure returns (uint64) { require(value <= type(uint64).max, "SafeCast: value doesn't fit in 64 bits"); return uint64(value); } /** * @dev Returns the downcasted uint56 from uint256, reverting on * overflow (when the input is greater than largest uint56). * * Counterpart to Solidity's `uint56` operator. * * Requirements: * * - input must fit into 56 bits * * _Available since v4.7._ */ function toUint56(uint256 value) internal pure returns (uint56) { require(value <= type(uint56).max, "SafeCast: value doesn't fit in 56 bits"); return uint56(value); } /** * @dev Returns the downcasted uint48 from uint256, reverting on * overflow (when the input is greater than largest uint48). * * Counterpart to Solidity's `uint48` operator. * * Requirements: * * - input must fit into 48 bits * * _Available since v4.7._ */ function toUint48(uint256 value) internal pure returns (uint48) { require(value <= type(uint48).max, "SafeCast: value doesn't fit in 48 bits"); return uint48(value); } /** * @dev Returns the downcasted uint40 from uint256, reverting on * overflow (when the input is greater than largest uint40). * * Counterpart to Solidity's `uint40` operator. * * Requirements: * * - input must fit into 40 bits * * _Available since v4.7._ */ function toUint40(uint256 value) internal pure returns (uint40) { require(value <= type(uint40).max, "SafeCast: value doesn't fit in 40 bits"); return uint40(value); } /** * @dev Returns the downcasted uint32 from uint256, reverting on * overflow (when the input is greater than largest uint32). * * Counterpart to Solidity's `uint32` operator. * * Requirements: * * - input must fit into 32 bits * * _Available since v2.5._ */ function toUint32(uint256 value) internal pure returns (uint32) { require(value <= type(uint32).max, "SafeCast: value doesn't fit in 32 bits"); return uint32(value); } /** * @dev Returns the downcasted uint24 from uint256, reverting on * overflow (when the input is greater than largest uint24). * * Counterpart to Solidity's `uint24` operator. * * Requirements: * * - input must fit into 24 bits * * _Available since v4.7._ */ function toUint24(uint256 value) internal pure returns (uint24) { require(value <= type(uint24).max, "SafeCast: value doesn't fit in 24 bits"); return uint24(value); } /** * @dev Returns the downcasted uint16 from uint256, reverting on * overflow (when the input is greater than largest uint16). * * Counterpart to Solidity's `uint16` operator. * * Requirements: * * - input must fit into 16 bits * * _Available since v2.5._ */ function toUint16(uint256 value) internal pure returns (uint16) { require(value <= type(uint16).max, "SafeCast: value doesn't fit in 16 bits"); return uint16(value); } /** * @dev Returns the downcasted uint8 from uint256, reverting on * overflow (when the input is greater than largest uint8). * * Counterpart to Solidity's `uint8` operator. * * Requirements: * * - input must fit into 8 bits * * _Available since v2.5._ */ function toUint8(uint256 value) internal pure returns (uint8) { require(value <= type(uint8).max, "SafeCast: value doesn't fit in 8 bits"); return uint8(value); } /** * @dev Converts a signed int256 into an unsigned uint256. * * Requirements: * * - input must be greater than or equal to 0. * * _Available since v3.0._ */ function toUint256(int256 value) internal pure returns (uint256) { require(value >= 0, "SafeCast: value must be positive"); return uint256(value); } /** * @dev Returns the downcasted int248 from int256, reverting on * overflow (when the input is less than smallest int248 or * greater than largest int248). * * Counterpart to Solidity's `int248` operator. * * Requirements: * * - input must fit into 248 bits * * _Available since v4.7._ */ function toInt248(int256 value) internal pure returns (int248 downcasted) { downcasted = int248(value); require(downcasted == value, "SafeCast: value doesn't fit in 248 bits"); } /** * @dev Returns the downcasted int240 from int256, reverting on * overflow (when the input is less than smallest int240 or * greater than largest int240). * * Counterpart to Solidity's `int240` operator. * * Requirements: * * - input must fit into 240 bits * * _Available since v4.7._ */ function toInt240(int256 value) internal pure returns (int240 downcasted) { downcasted = int240(value); require(downcasted == value, "SafeCast: value doesn't fit in 240 bits"); } /** * @dev Returns the downcasted int232 from int256, reverting on * overflow (when the input is less than smallest int232 or * greater than largest int232). * * Counterpart to Solidity's `int232` operator. * * Requirements: * * - input must fit into 232 bits * * _Available since v4.7._ */ function toInt232(int256 value) internal pure returns (int232 downcasted) { downcasted = int232(value); require(downcasted == value, "SafeCast: value doesn't fit in 232 bits"); } /** * @dev Returns the downcasted int224 from int256, reverting on * overflow (when the input is less than smallest int224 or * greater than largest int224). * * Counterpart to Solidity's `int224` operator. * * Requirements: * * - input must fit into 224 bits * * _Available since v4.7._ */ function toInt224(int256 value) internal pure returns (int224 downcasted) { downcasted = int224(value); require(downcasted == value, "SafeCast: value doesn't fit in 224 bits"); } /** * @dev Returns the downcasted int216 from int256, reverting on * overflow (when the input is less than smallest int216 or * greater than largest int216). * * Counterpart to Solidity's `int216` operator. * * Requirements: * * - input must fit into 216 bits * * _Available since v4.7._ */ function toInt216(int256 value) internal pure returns (int216 downcasted) { downcasted = int216(value); require(downcasted == value, "SafeCast: value doesn't fit in 216 bits"); } /** * @dev Returns the downcasted int208 from int256, reverting on * overflow (when the input is less than smallest int208 or * greater than largest int208). * * Counterpart to Solidity's `int208` operator. * * Requirements: * * - input must fit into 208 bits * * _Available since v4.7._ */ function toInt208(int256 value) internal pure returns (int208 downcasted) { downcasted = int208(value); require(downcasted == value, "SafeCast: value doesn't fit in 208 bits"); } /** * @dev Returns the downcasted int200 from int256, reverting on * overflow (when the input is less than smallest int200 or * greater than largest int200). * * Counterpart to Solidity's `int200` operator. * * Requirements: * * - input must fit into 200 bits * * _Available since v4.7._ */ function toInt200(int256 value) internal pure returns (int200 downcasted) { downcasted = int200(value); require(downcasted == value, "SafeCast: value doesn't fit in 200 bits"); } /** * @dev Returns the downcasted int192 from int256, reverting on * overflow (when the input is less than smallest int192 or * greater than largest int192). * * Counterpart to Solidity's `int192` operator. * * Requirements: * * - input must fit into 192 bits * * _Available since v4.7._ */ function toInt192(int256 value) internal pure returns (int192 downcasted) { downcasted = int192(value); require(downcasted == value, "SafeCast: value doesn't fit in 192 bits"); } /** * @dev Returns the downcasted int184 from int256, reverting on * overflow (when the input is less than smallest int184 or * greater than largest int184). * * Counterpart to Solidity's `int184` operator. * * Requirements: * * - input must fit into 184 bits * * _Available since v4.7._ */ function toInt184(int256 value) internal pure returns (int184 downcasted) { downcasted = int184(value); require(downcasted == value, "SafeCast: value doesn't fit in 184 bits"); } /** * @dev Returns the downcasted int176 from int256, reverting on * overflow (when the input is less than smallest int176 or * greater than largest int176). * * Counterpart to Solidity's `int176` operator. * * Requirements: * * - input must fit into 176 bits * * _Available since v4.7._ */ function toInt176(int256 value) internal pure returns (int176 downcasted) { downcasted = int176(value); require(downcasted == value, "SafeCast: value doesn't fit in 176 bits"); } /** * @dev Returns the downcasted int168 from int256, reverting on * overflow (when the input is less than smallest int168 or * greater than largest int168). * * Counterpart to Solidity's `int168` operator. * * Requirements: * * - input must fit into 168 bits * * _Available since v4.7._ */ function toInt168(int256 value) internal pure returns (int168 downcasted) { downcasted = int168(value); require(downcasted == value, "SafeCast: value doesn't fit in 168 bits"); } /** * @dev Returns the downcasted int160 from int256, reverting on * overflow (when the input is less than smallest int160 or * greater than largest int160). * * Counterpart to Solidity's `int160` operator. * * Requirements: * * - input must fit into 160 bits * * _Available since v4.7._ */ function toInt160(int256 value) internal pure returns (int160 downcasted) { downcasted = int160(value); require(downcasted == value, "SafeCast: value doesn't fit in 160 bits"); } /** * @dev Returns the downcasted int152 from int256, reverting on * overflow (when the input is less than smallest int152 or * greater than largest int152). * * Counterpart to Solidity's `int152` operator. * * Requirements: * * - input must fit into 152 bits * * _Available since v4.7._ */ function toInt152(int256 value) internal pure returns (int152 downcasted) { downcasted = int152(value); require(downcasted == value, "SafeCast: value doesn't fit in 152 bits"); } /** * @dev Returns the downcasted int144 from int256, reverting on * overflow (when the input is less than smallest int144 or * greater than largest int144). * * Counterpart to Solidity's `int144` operator. * * Requirements: * * - input must fit into 144 bits * * _Available since v4.7._ */ function toInt144(int256 value) internal pure returns (int144 downcasted) { downcasted = int144(value); require(downcasted == value, "SafeCast: value doesn't fit in 144 bits"); } /** * @dev Returns the downcasted int136 from int256, reverting on * overflow (when the input is less than smallest int136 or * greater than largest int136). * * Counterpart to Solidity's `int136` operator. * * Requirements: * * - input must fit into 136 bits * * _Available since v4.7._ */ function toInt136(int256 value) internal pure returns (int136 downcasted) { downcasted = int136(value); require(downcasted == value, "SafeCast: value doesn't fit in 136 bits"); } /** * @dev Returns the downcasted int128 from int256, reverting on * overflow (when the input is less than smallest int128 or * greater than largest int128). * * Counterpart to Solidity's `int128` operator. * * Requirements: * * - input must fit into 128 bits * * _Available since v3.1._ */ function toInt128(int256 value) internal pure returns (int128 downcasted) { downcasted = int128(value); require(downcasted == value, "SafeCast: value doesn't fit in 128 bits"); } /** * @dev Returns the downcasted int120 from int256, reverting on * overflow (when the input is less than smallest int120 or * greater than largest int120). * * Counterpart to Solidity's `int120` operator. * * Requirements: * * - input must fit into 120 bits * * _Available since v4.7._ */ function toInt120(int256 value) internal pure returns (int120 downcasted) { downcasted = int120(value); require(downcasted == value, "SafeCast: value doesn't fit in 120 bits"); } /** * @dev Returns the downcasted int112 from int256, reverting on * overflow (when the input is less than smallest int112 or * greater than largest int112). * * Counterpart to Solidity's `int112` operator. * * Requirements: * * - input must fit into 112 bits * * _Available since v4.7._ */ function toInt112(int256 value) internal pure returns (int112 downcasted) { downcasted = int112(value); require(downcasted == value, "SafeCast: value doesn't fit in 112 bits"); } /** * @dev Returns the downcasted int104 from int256, reverting on * overflow (when the input is less than smallest int104 or * greater than largest int104). * * Counterpart to Solidity's `int104` operator. * * Requirements: * * - input must fit into 104 bits * * _Available since v4.7._ */ function toInt104(int256 value) internal pure returns (int104 downcasted) { downcasted = int104(value); require(downcasted == value, "SafeCast: value doesn't fit in 104 bits"); } /** * @dev Returns the downcasted int96 from int256, reverting on * overflow (when the input is less than smallest int96 or * greater than largest int96). * * Counterpart to Solidity's `int96` operator. * * Requirements: * * - input must fit into 96 bits * * _Available since v4.7._ */ function toInt96(int256 value) internal pure returns (int96 downcasted) { downcasted = int96(value); require(downcasted == value, "SafeCast: value doesn't fit in 96 bits"); } /** * @dev Returns the downcasted int88 from int256, reverting on * overflow (when the input is less than smallest int88 or * greater than largest int88). * * Counterpart to Solidity's `int88` operator. * * Requirements: * * - input must fit into 88 bits * * _Available since v4.7._ */ function toInt88(int256 value) internal pure returns (int88 downcasted) { downcasted = int88(value); require(downcasted == value, "SafeCast: value doesn't fit in 88 bits"); } /** * @dev Returns the downcasted int80 from int256, reverting on * overflow (when the input is less than smallest int80 or * greater than largest int80). * * Counterpart to Solidity's `int80` operator. * * Requirements: * * - input must fit into 80 bits * * _Available since v4.7._ */ function toInt80(int256 value) internal pure returns (int80 downcasted) { downcasted = int80(value); require(downcasted == value, "SafeCast: value doesn't fit in 80 bits"); } /** * @dev Returns the downcasted int72 from int256, reverting on * overflow (when the input is less than smallest int72 or * greater than largest int72). * * Counterpart to Solidity's `int72` operator. * * Requirements: * * - input must fit into 72 bits * * _Available since v4.7._ */ function toInt72(int256 value) internal pure returns (int72 downcasted) { downcasted = int72(value); require(downcasted == value, "SafeCast: value doesn't fit in 72 bits"); } /** * @dev Returns the downcasted int64 from int256, reverting on * overflow (when the input is less than smallest int64 or * greater than largest int64). * * Counterpart to Solidity's `int64` operator. * * Requirements: * * - input must fit into 64 bits * * _Available since v3.1._ */ function toInt64(int256 value) internal pure returns (int64 downcasted) { downcasted = int64(value); require(downcasted == value, "SafeCast: value doesn't fit in 64 bits"); } /** * @dev Returns the downcasted int56 from int256, reverting on * overflow (when the input is less than smallest int56 or * greater than largest int56). * * Counterpart to Solidity's `int56` operator. * * Requirements: * * - input must fit into 56 bits * * _Available since v4.7._ */ function toInt56(int256 value) internal pure returns (int56 downcasted) { downcasted = int56(value); require(downcasted == value, "SafeCast: value doesn't fit in 56 bits"); } /** * @dev Returns the downcasted int48 from int256, reverting on * overflow (when the input is less than smallest int48 or * greater than largest int48). * * Counterpart to Solidity's `int48` operator. * * Requirements: * * - input must fit into 48 bits * * _Available since v4.7._ */ function toInt48(int256 value) internal pure returns (int48 downcasted) { downcasted = int48(value); require(downcasted == value, "SafeCast: value doesn't fit in 48 bits"); } /** * @dev Returns the downcasted int40 from int256, reverting on * overflow (when the input is less than smallest int40 or * greater than largest int40). * * Counterpart to Solidity's `int40` operator. * * Requirements: * * - input must fit into 40 bits * * _Available since v4.7._ */ function toInt40(int256 value) internal pure returns (int40 downcasted) { downcasted = int40(value); require(downcasted == value, "SafeCast: value doesn't fit in 40 bits"); } /** * @dev Returns the downcasted int32 from int256, reverting on * overflow (when the input is less than smallest int32 or * greater than largest int32). * * Counterpart to Solidity's `int32` operator. * * Requirements: * * - input must fit into 32 bits * * _Available since v3.1._ */ function toInt32(int256 value) internal pure returns (int32 downcasted) { downcasted = int32(value); require(downcasted == value, "SafeCast: value doesn't fit in 32 bits"); } /** * @dev Returns the downcasted int24 from int256, reverting on * overflow (when the input is less than smallest int24 or * greater than largest int24). * * Counterpart to Solidity's `int24` operator. * * Requirements: * * - input must fit into 24 bits * * _Available since v4.7._ */ function toInt24(int256 value) internal pure returns (int24 downcasted) { downcasted = int24(value); require(downcasted == value, "SafeCast: value doesn't fit in 24 bits"); } /** * @dev Returns the downcasted int16 from int256, reverting on * overflow (when the input is less than smallest int16 or * greater than largest int16). * * Counterpart to Solidity's `int16` operator. * * Requirements: * * - input must fit into 16 bits * * _Available since v3.1._ */ function toInt16(int256 value) internal pure returns (int16 downcasted) { downcasted = int16(value); require(downcasted == value, "SafeCast: value doesn't fit in 16 bits"); } /** * @dev Returns the downcasted int8 from int256, reverting on * overflow (when the input is less than smallest int8 or * greater than largest int8). * * Counterpart to Solidity's `int8` operator. * * Requirements: * * - input must fit into 8 bits * * _Available since v3.1._ */ function toInt8(int256 value) internal pure returns (int8 downcasted) { downcasted = int8(value); require(downcasted == value, "SafeCast: value doesn't fit in 8 bits"); } /** * @dev Converts an unsigned uint256 into a signed int256. * * Requirements: * * - input must be less than or equal to maxInt256. * * _Available since v3.0._ */ function toInt256(uint256 value) internal pure returns (int256) { // Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive require(value <= uint256(type(int256).max), "SafeCast: value doesn't fit in an int256"); return int256(value); } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity ^0.8.0; import "./Merkle.sol"; import "../libraries/Endian.sol"; //Utility library for parsing and PHASE0 beacon chain block headers //SSZ Spec: https://github.com/ethereum/consensus-specs/blob/dev/ssz/simple-serialize.md#merkleization //BeaconBlockHeader Spec: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconblockheader //BeaconState Spec: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconstate library BeaconChainProofs { /// @dev Thrown when a proof is invalid. error InvalidProof(); /// @dev Thrown when a proof with an invalid length is provided. error InvalidProofLength(); /// @dev Thrown when a validator fields length is invalid. error InvalidValidatorFieldsLength(); /// @notice Heights of various merkle trees in the beacon chain /// - beaconBlockRoot /// | HEIGHT: BEACON_BLOCK_HEADER_TREE_HEIGHT /// -- beaconStateRoot /// | HEIGHT: BEACON_STATE_TREE_HEIGHT /// validatorContainerRoot, balanceContainerRoot /// | | HEIGHT: BALANCE_TREE_HEIGHT /// | individual balances /// | HEIGHT: VALIDATOR_TREE_HEIGHT /// individual validators uint256 internal constant BEACON_BLOCK_HEADER_TREE_HEIGHT = 3; uint256 internal constant BEACON_STATE_TREE_HEIGHT = 5; uint256 internal constant BALANCE_TREE_HEIGHT = 38; uint256 internal constant VALIDATOR_TREE_HEIGHT = 40; /// @notice Index of the beaconStateRoot in the `BeaconBlockHeader` container /// /// BeaconBlockHeader = [..., state_root, ...] /// 0... 3 /// /// (See https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconblockheader) uint256 internal constant STATE_ROOT_INDEX = 3; /// @notice Indices for fields in the `BeaconState` container /// /// BeaconState = [..., validators, balances, ...] /// 0... 11 12 /// /// (See https://github.com/ethereum/consensus-specs/blob/dev/specs/capella/beacon-chain.md#beaconstate) uint256 internal constant VALIDATOR_CONTAINER_INDEX = 11; uint256 internal constant BALANCE_CONTAINER_INDEX = 12; /// @notice Number of fields in the `Validator` container /// (See https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator) uint256 internal constant VALIDATOR_FIELDS_LENGTH = 8; /// @notice Indices for fields in the `Validator` container uint256 internal constant VALIDATOR_PUBKEY_INDEX = 0; uint256 internal constant VALIDATOR_WITHDRAWAL_CREDENTIALS_INDEX = 1; uint256 internal constant VALIDATOR_BALANCE_INDEX = 2; uint256 internal constant VALIDATOR_SLASHED_INDEX = 3; uint256 internal constant VALIDATOR_ACTIVATION_EPOCH_INDEX = 5; uint256 internal constant VALIDATOR_EXIT_EPOCH_INDEX = 6; /// @notice Slot/Epoch timings uint64 internal constant SECONDS_PER_SLOT = 12; uint64 internal constant SLOTS_PER_EPOCH = 32; uint64 internal constant SECONDS_PER_EPOCH = SLOTS_PER_EPOCH * SECONDS_PER_SLOT; /// @notice `FAR_FUTURE_EPOCH` is used as the default value for certain `Validator` /// fields when a `Validator` is first created on the beacon chain uint64 internal constant FAR_FUTURE_EPOCH = type(uint64).max; bytes8 internal constant UINT64_MASK = 0xffffffffffffffff; /// @notice Contains a beacon state root and a merkle proof verifying its inclusion under a beacon block root struct StateRootProof { bytes32 beaconStateRoot; bytes proof; } /// @notice Contains a validator's fields and a merkle proof of their inclusion under a beacon state root struct ValidatorProof { bytes32[] validatorFields; bytes proof; } /// @notice Contains a beacon balance container root and a proof of this root under a beacon block root struct BalanceContainerProof { bytes32 balanceContainerRoot; bytes proof; } /// @notice Contains a validator balance root and a proof of its inclusion under a balance container root struct BalanceProof { bytes32 pubkeyHash; bytes32 balanceRoot; bytes proof; } /** * * VALIDATOR FIELDS -> BEACON STATE ROOT -> BEACON BLOCK ROOT * */ /// @notice Verify a merkle proof of the beacon state root against a beacon block root /// @param beaconBlockRoot merkle root of the beacon block /// @param proof the beacon state root and merkle proof of its inclusion under `beaconBlockRoot` function verifyStateRoot(bytes32 beaconBlockRoot, StateRootProof calldata proof) internal view { require(proof.proof.length == 32 * (BEACON_BLOCK_HEADER_TREE_HEIGHT), InvalidProofLength()); /// This merkle proof verifies the `beaconStateRoot` under the `beaconBlockRoot` /// - beaconBlockRoot /// | HEIGHT: BEACON_BLOCK_HEADER_TREE_HEIGHT /// -- beaconStateRoot require( Merkle.verifyInclusionSha256({ proof: proof.proof, root: beaconBlockRoot, leaf: proof.beaconStateRoot, index: STATE_ROOT_INDEX }), InvalidProof() ); } /// @notice Verify a merkle proof of a validator container against a `beaconStateRoot` /// @dev This proof starts at a validator's container root, proves through the validator container root, /// and continues proving to the root of the `BeaconState` /// @dev See https://eth2book.info/capella/part3/containers/dependencies/#validator for info on `Validator` containers /// @dev See https://eth2book.info/capella/part3/containers/state/#beaconstate for info on `BeaconState` containers /// @param beaconStateRoot merkle root of the `BeaconState` container /// @param validatorFields an individual validator's fields. These are merklized to form a `validatorRoot`, /// which is used as the leaf to prove against `beaconStateRoot` /// @param validatorFieldsProof a merkle proof of inclusion of `validatorFields` under `beaconStateRoot` /// @param validatorIndex the validator's unique index function verifyValidatorFields( bytes32 beaconStateRoot, bytes32[] calldata validatorFields, bytes calldata validatorFieldsProof, uint40 validatorIndex ) internal view { require(validatorFields.length == VALIDATOR_FIELDS_LENGTH, InvalidValidatorFieldsLength()); /// Note: the reason we use `VALIDATOR_TREE_HEIGHT + 1` here is because the merklization process for /// this container includes hashing the root of the validator tree with the length of the validator list require( validatorFieldsProof.length == 32 * ((VALIDATOR_TREE_HEIGHT + 1) + BEACON_STATE_TREE_HEIGHT), InvalidProofLength() ); // Merkleize `validatorFields` to get the leaf to prove bytes32 validatorRoot = Merkle.merkleizeSha256(validatorFields); /// This proof combines two proofs, so its index accounts for the relative position of leaves in two trees: /// - beaconStateRoot /// | HEIGHT: BEACON_STATE_TREE_HEIGHT /// -- validatorContainerRoot /// | HEIGHT: VALIDATOR_TREE_HEIGHT + 1 /// ---- validatorRoot uint256 index = (VALIDATOR_CONTAINER_INDEX << (VALIDATOR_TREE_HEIGHT + 1)) | uint256(validatorIndex); require( Merkle.verifyInclusionSha256({ proof: validatorFieldsProof, root: beaconStateRoot, leaf: validatorRoot, index: index }), InvalidProof() ); } /** * * VALIDATOR BALANCE -> BALANCE CONTAINER ROOT -> BEACON BLOCK ROOT * */ /// @notice Verify a merkle proof of the beacon state's balances container against the beacon block root /// @dev This proof starts at the balance container root, proves through the beacon state root, and /// continues proving through the beacon block root. As a result, this proof will contain elements /// of a `StateRootProof` under the same block root, with the addition of proving the balances field /// within the beacon state. /// @dev This is used to make checkpoint proofs more efficient, as a checkpoint will verify multiple balances /// against the same balance container root. /// @param beaconBlockRoot merkle root of the beacon block /// @param proof a beacon balance container root and merkle proof of its inclusion under `beaconBlockRoot` function verifyBalanceContainer(bytes32 beaconBlockRoot, BalanceContainerProof calldata proof) internal view { require( proof.proof.length == 32 * (BEACON_BLOCK_HEADER_TREE_HEIGHT + BEACON_STATE_TREE_HEIGHT), InvalidProofLength() ); /// This proof combines two proofs, so its index accounts for the relative position of leaves in two trees: /// - beaconBlockRoot /// | HEIGHT: BEACON_BLOCK_HEADER_TREE_HEIGHT /// -- beaconStateRoot /// | HEIGHT: BEACON_STATE_TREE_HEIGHT /// ---- balancesContainerRoot uint256 index = (STATE_ROOT_INDEX << (BEACON_STATE_TREE_HEIGHT)) | BALANCE_CONTAINER_INDEX; require( Merkle.verifyInclusionSha256({ proof: proof.proof, root: beaconBlockRoot, leaf: proof.balanceContainerRoot, index: index }), InvalidProof() ); } /// @notice Verify a merkle proof of a validator's balance against the beacon state's `balanceContainerRoot` /// @param balanceContainerRoot the merkle root of all validators' current balances /// @param validatorIndex the index of the validator whose balance we are proving /// @param proof the validator's associated balance root and a merkle proof of inclusion under `balanceContainerRoot` /// @return validatorBalanceGwei the validator's current balance (in gwei) function verifyValidatorBalance( bytes32 balanceContainerRoot, uint40 validatorIndex, BalanceProof calldata proof ) internal view returns (uint64 validatorBalanceGwei) { /// Note: the reason we use `BALANCE_TREE_HEIGHT + 1` here is because the merklization process for /// this container includes hashing the root of the balances tree with the length of the balances list require(proof.proof.length == 32 * (BALANCE_TREE_HEIGHT + 1), InvalidProofLength()); /// When merkleized, beacon chain balances are combined into groups of 4 called a `balanceRoot`. The merkle /// proof here verifies that this validator's `balanceRoot` is included in the `balanceContainerRoot` /// - balanceContainerRoot /// | HEIGHT: BALANCE_TREE_HEIGHT /// -- balanceRoot uint256 balanceIndex = uint256(validatorIndex / 4); require( Merkle.verifyInclusionSha256({ proof: proof.proof, root: balanceContainerRoot, leaf: proof.balanceRoot, index: balanceIndex }), InvalidProof() ); /// Extract the individual validator's balance from the `balanceRoot` return getBalanceAtIndex(proof.balanceRoot, validatorIndex); } /** * @notice Parses a balanceRoot to get the uint64 balance of a validator. * @dev During merkleization of the beacon state balance tree, four uint64 values are treated as a single * leaf in the merkle tree. We use validatorIndex % 4 to determine which of the four uint64 values to * extract from the balanceRoot. * @param balanceRoot is the combination of 4 validator balances being proven for * @param validatorIndex is the index of the validator being proven for * @return The validator's balance, in Gwei */ function getBalanceAtIndex(bytes32 balanceRoot, uint40 validatorIndex) internal pure returns (uint64) { uint256 bitShiftAmount = (validatorIndex % 4) * 64; return Endian.fromLittleEndianUint64(bytes32((uint256(balanceRoot) << bitShiftAmount))); } /// @notice Indices for fields in the `Validator` container: /// 0: pubkey /// 1: withdrawal credentials /// 2: effective balance /// 3: slashed? /// 4: activation eligibility epoch /// 5: activation epoch /// 6: exit epoch /// 7: withdrawable epoch /// /// (See https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator) /// @dev Retrieves a validator's pubkey hash function getPubkeyHash( bytes32[] memory validatorFields ) internal pure returns (bytes32) { return validatorFields[VALIDATOR_PUBKEY_INDEX]; } /// @dev Retrieves a validator's withdrawal credentials function getWithdrawalCredentials( bytes32[] memory validatorFields ) internal pure returns (bytes32) { return validatorFields[VALIDATOR_WITHDRAWAL_CREDENTIALS_INDEX]; } /// @dev Retrieves a validator's effective balance (in gwei) function getEffectiveBalanceGwei( bytes32[] memory validatorFields ) internal pure returns (uint64) { return Endian.fromLittleEndianUint64(validatorFields[VALIDATOR_BALANCE_INDEX]); } /// @dev Retrieves a validator's activation epoch function getActivationEpoch( bytes32[] memory validatorFields ) internal pure returns (uint64) { return Endian.fromLittleEndianUint64(validatorFields[VALIDATOR_ACTIVATION_EPOCH_INDEX]); } /// @dev Retrieves true IFF a validator is marked slashed function isValidatorSlashed( bytes32[] memory validatorFields ) internal pure returns (bool) { return validatorFields[VALIDATOR_SLASHED_INDEX] != 0; } /// @dev Retrieves a validator's exit epoch function getExitEpoch( bytes32[] memory validatorFields ) internal pure returns (uint64) { return Endian.fromLittleEndianUint64(validatorFields[VALIDATOR_EXIT_EPOCH_INDEX]); } }
// SPDX-License-Identifier: MIT // Adapted from OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/MerkleProof.sol) pragma solidity ^0.8.0; /** * @dev These functions deal with verification of Merkle Tree proofs. * * The tree and the proofs can be generated using our * https://github.com/OpenZeppelin/merkle-tree[JavaScript library]. * You will find a quickstart guide in the readme. * * WARNING: You should avoid using leaf values that are 64 bytes long prior to * hashing, or use a hash function other than keccak256 for hashing leaves. * This is because the concatenation of a sorted pair of internal nodes in * the merkle tree could be reinterpreted as a leaf value. * OpenZeppelin's JavaScript library generates merkle trees that are safe * against this attack out of the box. */ library Merkle { error InvalidProofLength(); /** * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt * hash matches the root of the tree. The tree is built assuming `leaf` is * the 0 indexed `index`'th leaf from the bottom left of the tree. * * Note this is for a Merkle tree using the keccak/sha3 hash function */ function verifyInclusionKeccak( bytes memory proof, bytes32 root, bytes32 leaf, uint256 index ) internal pure returns (bool) { return processInclusionProofKeccak(proof, leaf, index) == root; } /** * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt * hash matches the root of the tree. The tree is built assuming `leaf` is * the 0 indexed `index`'th leaf from the bottom left of the tree. * @dev If the proof length is 0 then the leaf hash is returned. * * _Available since v4.4._ * * Note this is for a Merkle tree using the keccak/sha3 hash function */ function processInclusionProofKeccak( bytes memory proof, bytes32 leaf, uint256 index ) internal pure returns (bytes32) { require(proof.length % 32 == 0, InvalidProofLength()); bytes32 computedHash = leaf; for (uint256 i = 32; i <= proof.length; i += 32) { if (index % 2 == 0) { // if ith bit of index is 0, then computedHash is a left sibling assembly { mstore(0x00, computedHash) mstore(0x20, mload(add(proof, i))) computedHash := keccak256(0x00, 0x40) index := div(index, 2) } } else { // if ith bit of index is 1, then computedHash is a right sibling assembly { mstore(0x00, mload(add(proof, i))) mstore(0x20, computedHash) computedHash := keccak256(0x00, 0x40) index := div(index, 2) } } } return computedHash; } /** * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt * hash matches the root of the tree. The tree is built assuming `leaf` is * the 0 indexed `index`'th leaf from the bottom left of the tree. * * Note this is for a Merkle tree using the sha256 hash function */ function verifyInclusionSha256( bytes memory proof, bytes32 root, bytes32 leaf, uint256 index ) internal view returns (bool) { return processInclusionProofSha256(proof, leaf, index) == root; } /** * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt * hash matches the root of the tree. The tree is built assuming `leaf` is * the 0 indexed `index`'th leaf from the bottom left of the tree. * * _Available since v4.4._ * * Note this is for a Merkle tree using the sha256 hash function */ function processInclusionProofSha256( bytes memory proof, bytes32 leaf, uint256 index ) internal view returns (bytes32) { require(proof.length != 0 && proof.length % 32 == 0, InvalidProofLength()); bytes32[1] memory computedHash = [leaf]; for (uint256 i = 32; i <= proof.length; i += 32) { if (index % 2 == 0) { // if ith bit of index is 0, then computedHash is a left sibling assembly { mstore(0x00, mload(computedHash)) mstore(0x20, mload(add(proof, i))) if iszero(staticcall(sub(gas(), 2000), 2, 0x00, 0x40, computedHash, 0x20)) { revert(0, 0) } index := div(index, 2) } } else { // if ith bit of index is 1, then computedHash is a right sibling assembly { mstore(0x00, mload(add(proof, i))) mstore(0x20, mload(computedHash)) if iszero(staticcall(sub(gas(), 2000), 2, 0x00, 0x40, computedHash, 0x20)) { revert(0, 0) } index := div(index, 2) } } } return computedHash[0]; } /** * @notice this function returns the merkle root of a tree created from a set of leaves using sha256 as its hash function * @param leaves the leaves of the merkle tree * @return The computed Merkle root of the tree. * @dev A pre-condition to this function is that leaves.length is a power of two. If not, the function will merkleize the inputs incorrectly. */ function merkleizeSha256( bytes32[] memory leaves ) internal pure returns (bytes32) { //there are half as many nodes in the layer above the leaves uint256 numNodesInLayer = leaves.length / 2; //create a layer to store the internal nodes bytes32[] memory layer = new bytes32[](numNodesInLayer); //fill the layer with the pairwise hashes of the leaves for (uint256 i = 0; i < numNodesInLayer; i++) { layer[i] = sha256(abi.encodePacked(leaves[2 * i], leaves[2 * i + 1])); } //the next layer above has half as many nodes numNodesInLayer /= 2; //while we haven't computed the root while (numNodesInLayer != 0) { //overwrite the first numNodesInLayer nodes in layer with the pairwise hashes of their children for (uint256 i = 0; i < numNodesInLayer; i++) { layer[i] = sha256(abi.encodePacked(layer[2 * i], layer[2 * i + 1])); } //the next layer above has half as many nodes numNodesInLayer /= 2; } //the first node in the layer is the root return layer[0]; } }
// SPDX-License-Identifier: BUSL-1.1 pragma solidity ^0.8.0; library Endian { /** * @notice Converts a little endian-formatted uint64 to a big endian-formatted uint64 * @param lenum little endian-formatted uint64 input, provided as 'bytes32' type * @return n The big endian-formatted uint64 * @dev Note that the input is formatted as a 'bytes32' type (i.e. 256 bits), but it is immediately truncated to a uint64 (i.e. 64 bits) * through a right-shift/shr operation. */ function fromLittleEndianUint64( bytes32 lenum ) internal pure returns (uint64 n) { // the number needs to be stored in little-endian encoding (ie in bytes 0-8) n = uint64(uint256(lenum >> 192)); // forgefmt: disable-next-item return (n >> 56) | ((0x00FF000000000000 & n) >> 40) | ((0x0000FF0000000000 & n) >> 24) | ((0x000000FF00000000 & n) >> 8) | ((0x00000000FF000000 & n) << 8) | ((0x0000000000FF0000 & n) << 24) | ((0x000000000000FF00 & n) << 40) | ((0x00000000000000FF & n) << 56); } }
{ "remappings": [ "@openzeppelin/=lib/openzeppelin-contracts-v4.9.0/", "@openzeppelin-upgrades/=lib/openzeppelin-contracts-upgradeable-v4.9.0/", "ds-test/=lib/ds-test/src/", "forge-std/=lib/forge-std/src/", "erc4626-tests/=lib/openzeppelin-contracts-upgradeable-v4.9.0/lib/erc4626-tests/", "openzeppelin-contracts-upgradeable-v4.9.0/=lib/openzeppelin-contracts-upgradeable-v4.9.0/", "openzeppelin-contracts-v4.9.0/=lib/openzeppelin-contracts-v4.9.0/", "openzeppelin/=lib/openzeppelin-contracts-upgradeable-v4.9.0/contracts/", "zeus-templates/=lib/zeus-templates/src/" ], "optimizer": { "enabled": true, "runs": 200 }, "metadata": { "useLiteralContent": false, "bytecodeHash": "ipfs", "appendCBOR": true }, "outputSelection": { "*": { "*": [ "evm.bytecode", "evm.deployedBytecode", "devdoc", "userdoc", "metadata", "abi" ] } }, "evmVersion": "cancun", "viaIR": false, "libraries": {} }
[{"inputs":[{"internalType":"contract IStrategyManager","name":"_strategyManager","type":"address"},{"internalType":"contract IPauserRegistry","name":"_pauserRegistry","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"inputs":[],"name":"BalanceExceedsMaxTotalDeposits","type":"error"},{"inputs":[],"name":"CurrentlyPaused","type":"error"},{"inputs":[],"name":"InputAddressZero","type":"error"},{"inputs":[],"name":"InvalidNewPausedStatus","type":"error"},{"inputs":[],"name":"MaxPerDepositExceedsMax","type":"error"},{"inputs":[],"name":"NewSharesZero","type":"error"},{"inputs":[],"name":"OnlyPauser","type":"error"},{"inputs":[],"name":"OnlyStrategyManager","type":"error"},{"inputs":[],"name":"OnlyUnderlyingToken","type":"error"},{"inputs":[],"name":"OnlyUnpauser","type":"error"},{"inputs":[],"name":"TotalSharesExceedsMax","type":"error"},{"inputs":[],"name":"WithdrawalAmountExceedsTotalDeposits","type":"error"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"rate","type":"uint256"}],"name":"ExchangeRateEmitted","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint8","name":"version","type":"uint8"}],"name":"Initialized","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"account","type":"address"},{"indexed":false,"internalType":"uint256","name":"newPausedStatus","type":"uint256"}],"name":"Paused","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"contract IERC20","name":"token","type":"address"},{"indexed":false,"internalType":"uint8","name":"decimals","type":"uint8"}],"name":"StrategyTokenSet","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"account","type":"address"},{"indexed":false,"internalType":"uint256","name":"newPausedStatus","type":"uint256"}],"name":"Unpaused","type":"event"},{"inputs":[],"name":"EIGEN","outputs":[{"internalType":"contract IEigen","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"contract IERC20","name":"token","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"}],"name":"deposit","outputs":[{"internalType":"uint256","name":"newShares","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"explanation","outputs":[{"internalType":"string","name":"","type":"string"}],"stateMutability":"pure","type":"function"},{"inputs":[{"internalType":"contract IEigen","name":"_EIGEN","type":"address"},{"internalType":"contract IERC20","name":"_bEIGEN","type":"address"}],"name":"initialize","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"contract IERC20","name":"_underlyingToken","type":"address"}],"name":"initialize","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"newPausedStatus","type":"uint256"}],"name":"pause","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"pauseAll","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint8","name":"index","type":"uint8"}],"name":"paused","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"paused","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"pauserRegistry","outputs":[{"internalType":"contract IPauserRegistry","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"}],"name":"shares","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"amountShares","type":"uint256"}],"name":"sharesToUnderlying","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"amountShares","type":"uint256"}],"name":"sharesToUnderlyingView","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"strategyManager","outputs":[{"internalType":"contract IStrategyManager","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"totalShares","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"amountUnderlying","type":"uint256"}],"name":"underlyingToShares","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"amountUnderlying","type":"uint256"}],"name":"underlyingToSharesView","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"underlyingToken","outputs":[{"internalType":"contract IERC20","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"newPausedStatus","type":"uint256"}],"name":"unpause","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"}],"name":"userUnderlying","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"user","type":"address"}],"name":"userUnderlyingView","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"recipient","type":"address"},{"internalType":"contract IERC20","name":"token","type":"address"},{"internalType":"uint256","name":"amountShares","type":"uint256"}],"name":"withdraw","outputs":[],"stateMutability":"nonpayable","type":"function"}]
Contract Creation Code
60c060405234801561000f575f5ffd5b5060405161168d38038061168d83398101604081905261002e9161014f565b8181806001600160a01b038116610058576040516339b190bb60e11b815260040160405180910390fd5b6001600160a01b03908116608052821660a05261007361007c565b50505050610187565b5f54610100900460ff16156100e75760405162461bcd60e51b815260206004820152602760248201527f496e697469616c697a61626c653a20636f6e747261637420697320696e697469604482015266616c697a696e6760c81b606482015260840160405180910390fd5b5f5460ff90811614610136575f805460ff191660ff9081179091556040519081527f7f26b83ff96e1f2b6a682f133852f6798a09c465da95921460cefb38474024989060200160405180910390a15b565b6001600160a01b038116811461014c575f5ffd5b50565b5f5f60408385031215610160575f5ffd5b825161016b81610138565b602084015190925061017c81610138565b809150509250929050565b60805160a0516114bb6101d25f395f818161018b0152818161043e01528181610871015261090e01525f81816102540152818161034b0152818161066a0152610a3c01526114bb5ff3fe608060405234801561000f575f5ffd5b506004361061013d575f3560e01c8063886f1195116100b4578063ce7c2ac211610079578063ce7c2ac2146102c4578063d9caed12146102d7578063e3dae51c146102ea578063f3e73875146102fd578063fabc1cbc14610310578063fdc371ce14610323575f5ffd5b8063886f11951461024f5780638c871019146102765780638f6a624014610289578063ab5921e11461029c578063c4d66de8146102b1575f5ffd5b8063485cc95511610105578063485cc955146101d7578063553ca5f8146101ea578063595c6a67146101fd5780635ac86ab7146102055780635c975abb146102345780637a8b26371461023c575f5ffd5b8063136439dd146101415780632495a5991461015657806339b70e38146101865780633a98ef39146101ad57806347e7ef24146101c4575b5f5ffd5b61015461014f3660046111ab565b610336565b005b603254610169906001600160a01b031681565b6040516001600160a01b0390911681526020015b60405180910390f35b6101697f000000000000000000000000000000000000000000000000000000000000000081565b6101b660335481565b60405190815260200161017d565b6101b66101d23660046111d9565b61040b565b6101546101e5366004611203565b610557565b6101b66101f836600461123a565b610642565b610154610655565b61022461021336600461126a565b6001805460ff9092161b9081161490565b604051901515815260200161017d565b6001546101b6565b6101b661024a3660046111ab565b610704565b6101697f000000000000000000000000000000000000000000000000000000000000000081565b6101b66102843660046111ab565b61074d565b6101b661029736600461123a565b610757565b6102a4610764565b60405161017d9190611285565b6101546102bf36600461123a565b610784565b6101b66102d236600461123a565b61084a565b6101546102e53660046112ba565b6108dc565b6101b66102f83660046111ab565b6109f9565b6101b661030b3660046111ab565b610a30565b61015461031e3660046111ab565b610a3a565b606454610169906001600160a01b031681565b60405163237dfb4760e11b81523360048201527f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316906346fbf68e90602401602060405180830381865afa158015610398573d5f5f3e3d5ffd5b505050506040513d601f19601f820116820180604052508101906103bc91906112f8565b6103d957604051631d77d47760e21b815260040160405180910390fd5b60015481811681146103fe5760405163c61dca5d60e01b815260040160405180910390fd5b61040782610b50565b5050565b600180545f9182918116036104335760405163840a48d560e01b815260040160405180910390fd5b336001600160a01b037f0000000000000000000000000000000000000000000000000000000000000000161461047c576040516348da714f60e01b815260040160405180910390fd5b6104868484610b8d565b6033545f6104966103e88361132b565b90505f6103e86104a4610c46565b6104ae919061132b565b90505f6104bb878361133e565b9050806104c88489611351565b6104d29190611368565b9550855f036104f457604051630c392ed360e11b815260040160405180910390fd5b6104fe868561132b565b60338190556f4b3b4ca85a86c47a098a223fffffffff101561053357604051632f14e8a360e11b815260040160405180910390fd5b61054c826103e8603354610547919061132b565b610cb5565b505050505092915050565b5f54610100900460ff161580801561057557505f54600160ff909116105b8061058e5750303b15801561058e57505f5460ff166001145b6105b35760405162461bcd60e51b81526004016105aa90611387565b60405180910390fd5b5f805460ff1916600117905580156105d4575f805461ff0019166101001790555b606480546001600160a01b0319166001600160a01b0385161790556105f882610d01565b801561063d575f805461ff0019169055604051600181527f7f26b83ff96e1f2b6a682f133852f6798a09c465da95921460cefb38474024989060200160405180910390a15b505050565b5f61064f61024a8361084a565b92915050565b60405163237dfb4760e11b81523360048201527f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316906346fbf68e90602401602060405180830381865afa1580156106b7573d5f5f3e3d5ffd5b505050506040513d601f19601f820116820180604052508101906106db91906112f8565b6106f857604051631d77d47760e21b815260040160405180910390fd5b6107025f19610b50565b565b5f5f6103e8603354610716919061132b565b90505f6103e8610724610c46565b61072e919061132b565b90508161073b8583611351565b6107459190611368565b949350505050565b5f61064f826109f9565b5f61064f61030b8361084a565b60606040518060800160405280604d8152602001611439604d9139905090565b5f54610100900460ff16158080156107a257505f54600160ff909116105b806107bb5750303b1580156107bb57505f5460ff166001145b6107d75760405162461bcd60e51b81526004016105aa90611387565b5f805460ff1916600117905580156107f8575f805461ff0019166101001790555b61080182610d01565b8015610407575f805461ff0019169055604051600181527f7f26b83ff96e1f2b6a682f133852f6798a09c465da95921460cefb3847402498906020015b60405180910390a15050565b60405163fe243a1760e01b81526001600160a01b0382811660048301523060248301525f917f00000000000000000000000000000000000000000000000000000000000000009091169063fe243a1790604401602060405180830381865afa1580156108b8573d5f5f3e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061064f91906113d5565b600180546002908116036109035760405163840a48d560e01b815260040160405180910390fd5b336001600160a01b037f0000000000000000000000000000000000000000000000000000000000000000161461094c576040516348da714f60e01b815260040160405180910390fd5b610957848484610e4c565b6033548083111561097b57604051630b469df360e41b815260040160405180910390fd5b5f6109886103e88361132b565b90505f6103e8610996610c46565b6109a0919061132b565b90505f826109ae8784611351565b6109b89190611368565b90506109c4868561133e565b6033556109e46109d4828461133e565b6103e8603354610547919061132b565b6109ef888883610e92565b5050505050505050565b5f5f6103e8603354610a0b919061132b565b90505f6103e8610a19610c46565b610a23919061132b565b90508061073b8386611351565b5f61064f82610704565b7f00000000000000000000000000000000000000000000000000000000000000006001600160a01b031663eab66d7a6040518163ffffffff1660e01b8152600401602060405180830381865afa158015610a96573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610aba91906113ec565b6001600160a01b0316336001600160a01b031614610aeb5760405163794821ff60e01b815260040160405180910390fd5b60015480198219811614610b125760405163c61dca5d60e01b815260040160405180910390fd5b600182905560405182815233907f3582d1828e26bf56bd801502bc021ac0bc8afb57c826e4986b45593c8fad389c9060200160405180910390a25050565b600181905560405181815233907fab40a374bc51de372200a8bc981af8c9ecdc08dfdaef0bb6e09f88f3c616ef3d9060200160405180910390a250565b6032546001600160a01b0383811691161480610bb657506064546001600160a01b038381169116145b610bd357604051630312abdd60e61b815260040160405180910390fd5b6064546001600160a01b039081169083160361040757606454604051636f074d1f60e11b8152600481018390526001600160a01b039091169063de0e9a3e906024015f604051808303815f87803b158015610c2c575f5ffd5b505af1158015610c3e573d5f5f3e3d5ffd5b505050505050565b6032546040516370a0823160e01b81523060048201525f916001600160a01b0316906370a0823190602401602060405180830381865afa158015610c8c573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610cb091906113d5565b905090565b7fd2494f3479e5da49d386657c292c610b5b01df313d07c62eb0cfa49924a31be881610ce984670de0b6b3a7640000611351565b610cf39190611368565b60405190815260200161083e565b5f54610100900460ff16610d6b5760405162461bcd60e51b815260206004820152602b60248201527f496e697469616c697a61626c653a20636f6e7472616374206973206e6f74206960448201526a6e697469616c697a696e6760a81b60648201526084016105aa565b603280546001600160a01b0319166001600160a01b038316179055610d8f5f610b50565b7f1c540707b00eb5427b6b774fc799d756516a54aee108b64b327acc55af55750760325f9054906101000a90046001600160a01b0316826001600160a01b031663313ce5676040518163ffffffff1660e01b8152600401602060405180830381865afa158015610e01573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610e259190611407565b604080516001600160a01b03909316835260ff90911660208301520160405180910390a150565b6032546001600160a01b0383811691161480610e7557506064546001600160a01b038381169116145b61063d57604051630312abdd60e61b815260040160405180910390fd5b6064546001600160a01b0390811690831603610f775760325460405163095ea7b360e01b81526001600160a01b038481166004830152602482018490529091169063095ea7b3906044016020604051808303815f875af1158015610ef8573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610f1c91906112f8565b50606454604051630ea598cb60e41b8152600481018390526001600160a01b039091169063ea598cb0906024015f604051808303815f87803b158015610f60575f5ffd5b505af1158015610f72573d5f5f3e3d5ffd5b505050505b604080516001600160a01b03858116602483015260448083018590528351808403909101815260649092018352602080830180516001600160e01b031663a9059cbb60e01b17905283518085019094528084527f5361666545524332303a206c6f772d6c6576656c2063616c6c206661696c65649084015261063d92908516918691859185918591905f9061100f908490849061108e565b905080515f148061102f57508080602001905181019061102f91906112f8565b61063d5760405162461bcd60e51b815260206004820152602a60248201527f5361666545524332303a204552433230206f7065726174696f6e20646964206e6044820152691bdd081cdd58d8d9595960b21b60648201526084016105aa565b606061074584845f85855f5f866001600160a01b031685876040516110b39190611422565b5f6040518083038185875af1925050503d805f81146110ed576040519150601f19603f3d011682016040523d82523d5f602084013e6110f2565b606091505b50915091506111038783838761110e565b979650505050505050565b6060831561117c5782515f03611175576001600160a01b0385163b6111755760405162461bcd60e51b815260206004820152601d60248201527f416464726573733a2063616c6c20746f206e6f6e2d636f6e747261637400000060448201526064016105aa565b5081610745565b61074583838151156111915781518083602001fd5b8060405162461bcd60e51b81526004016105aa9190611285565b5f602082840312156111bb575f5ffd5b5035919050565b6001600160a01b03811681146111d6575f5ffd5b50565b5f5f604083850312156111ea575f5ffd5b82356111f5816111c2565b946020939093013593505050565b5f5f60408385031215611214575f5ffd5b823561121f816111c2565b9150602083013561122f816111c2565b809150509250929050565b5f6020828403121561124a575f5ffd5b8135611255816111c2565b9392505050565b60ff811681146111d6575f5ffd5b5f6020828403121561127a575f5ffd5b81356112558161125c565b602081525f82518060208401528060208501604085015e5f604082850101526040601f19601f83011684010191505092915050565b5f5f5f606084860312156112cc575f5ffd5b83356112d7816111c2565b925060208401356112e7816111c2565b929592945050506040919091013590565b5f60208284031215611308575f5ffd5b81518015158114611255575f5ffd5b634e487b7160e01b5f52601160045260245ffd5b8082018082111561064f5761064f611317565b8181038181111561064f5761064f611317565b808202811582820484141761064f5761064f611317565b5f8261138257634e487b7160e01b5f52601260045260245ffd5b500490565b6020808252602e908201527f496e697469616c697a61626c653a20636f6e747261637420697320616c72656160408201526d191e481a5b9a5d1a585b1a5e995960921b606082015260800190565b5f602082840312156113e5575f5ffd5b5051919050565b5f602082840312156113fc575f5ffd5b8151611255816111c2565b5f60208284031215611417575f5ffd5b81516112558161125c565b5f82518060208501845e5f92019182525091905056fe4261736520537472617465677920696d706c656d656e746174696f6e20746f20696e68657269742066726f6d20666f72206d6f726520636f6d706c657820696d706c656d656e746174696f6e73a2646970667358221220488ee976bc1d4a22687731f95bd86abdb700f39094a8563946f9fd71468ca38d64736f6c634300081b0033000000000000000000000000dfb5f6ce42aaa7830e94ecfccad411bef4d4d5b600000000000000000000000041dbe7bbaca97d986fcf6f5203b98ec02412ec1d
Deployed Bytecode
0x608060405234801561000f575f5ffd5b506004361061013d575f3560e01c8063886f1195116100b4578063ce7c2ac211610079578063ce7c2ac2146102c4578063d9caed12146102d7578063e3dae51c146102ea578063f3e73875146102fd578063fabc1cbc14610310578063fdc371ce14610323575f5ffd5b8063886f11951461024f5780638c871019146102765780638f6a624014610289578063ab5921e11461029c578063c4d66de8146102b1575f5ffd5b8063485cc95511610105578063485cc955146101d7578063553ca5f8146101ea578063595c6a67146101fd5780635ac86ab7146102055780635c975abb146102345780637a8b26371461023c575f5ffd5b8063136439dd146101415780632495a5991461015657806339b70e38146101865780633a98ef39146101ad57806347e7ef24146101c4575b5f5ffd5b61015461014f3660046111ab565b610336565b005b603254610169906001600160a01b031681565b6040516001600160a01b0390911681526020015b60405180910390f35b6101697f000000000000000000000000dfb5f6ce42aaa7830e94ecfccad411bef4d4d5b681565b6101b660335481565b60405190815260200161017d565b6101b66101d23660046111d9565b61040b565b6101546101e5366004611203565b610557565b6101b66101f836600461123a565b610642565b610154610655565b61022461021336600461126a565b6001805460ff9092161b9081161490565b604051901515815260200161017d565b6001546101b6565b6101b661024a3660046111ab565b610704565b6101697f00000000000000000000000041dbe7bbaca97d986fcf6f5203b98ec02412ec1d81565b6101b66102843660046111ab565b61074d565b6101b661029736600461123a565b610757565b6102a4610764565b60405161017d9190611285565b6101546102bf36600461123a565b610784565b6101b66102d236600461123a565b61084a565b6101546102e53660046112ba565b6108dc565b6101b66102f83660046111ab565b6109f9565b6101b661030b3660046111ab565b610a30565b61015461031e3660046111ab565b610a3a565b606454610169906001600160a01b031681565b60405163237dfb4760e11b81523360048201527f00000000000000000000000041dbe7bbaca97d986fcf6f5203b98ec02412ec1d6001600160a01b0316906346fbf68e90602401602060405180830381865afa158015610398573d5f5f3e3d5ffd5b505050506040513d601f19601f820116820180604052508101906103bc91906112f8565b6103d957604051631d77d47760e21b815260040160405180910390fd5b60015481811681146103fe5760405163c61dca5d60e01b815260040160405180910390fd5b61040782610b50565b5050565b600180545f9182918116036104335760405163840a48d560e01b815260040160405180910390fd5b336001600160a01b037f000000000000000000000000dfb5f6ce42aaa7830e94ecfccad411bef4d4d5b6161461047c576040516348da714f60e01b815260040160405180910390fd5b6104868484610b8d565b6033545f6104966103e88361132b565b90505f6103e86104a4610c46565b6104ae919061132b565b90505f6104bb878361133e565b9050806104c88489611351565b6104d29190611368565b9550855f036104f457604051630c392ed360e11b815260040160405180910390fd5b6104fe868561132b565b60338190556f4b3b4ca85a86c47a098a223fffffffff101561053357604051632f14e8a360e11b815260040160405180910390fd5b61054c826103e8603354610547919061132b565b610cb5565b505050505092915050565b5f54610100900460ff161580801561057557505f54600160ff909116105b8061058e5750303b15801561058e57505f5460ff166001145b6105b35760405162461bcd60e51b81526004016105aa90611387565b60405180910390fd5b5f805460ff1916600117905580156105d4575f805461ff0019166101001790555b606480546001600160a01b0319166001600160a01b0385161790556105f882610d01565b801561063d575f805461ff0019169055604051600181527f7f26b83ff96e1f2b6a682f133852f6798a09c465da95921460cefb38474024989060200160405180910390a15b505050565b5f61064f61024a8361084a565b92915050565b60405163237dfb4760e11b81523360048201527f00000000000000000000000041dbe7bbaca97d986fcf6f5203b98ec02412ec1d6001600160a01b0316906346fbf68e90602401602060405180830381865afa1580156106b7573d5f5f3e3d5ffd5b505050506040513d601f19601f820116820180604052508101906106db91906112f8565b6106f857604051631d77d47760e21b815260040160405180910390fd5b6107025f19610b50565b565b5f5f6103e8603354610716919061132b565b90505f6103e8610724610c46565b61072e919061132b565b90508161073b8583611351565b6107459190611368565b949350505050565b5f61064f826109f9565b5f61064f61030b8361084a565b60606040518060800160405280604d8152602001611439604d9139905090565b5f54610100900460ff16158080156107a257505f54600160ff909116105b806107bb5750303b1580156107bb57505f5460ff166001145b6107d75760405162461bcd60e51b81526004016105aa90611387565b5f805460ff1916600117905580156107f8575f805461ff0019166101001790555b61080182610d01565b8015610407575f805461ff0019169055604051600181527f7f26b83ff96e1f2b6a682f133852f6798a09c465da95921460cefb3847402498906020015b60405180910390a15050565b60405163fe243a1760e01b81526001600160a01b0382811660048301523060248301525f917f000000000000000000000000dfb5f6ce42aaa7830e94ecfccad411bef4d4d5b69091169063fe243a1790604401602060405180830381865afa1580156108b8573d5f5f3e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061064f91906113d5565b600180546002908116036109035760405163840a48d560e01b815260040160405180910390fd5b336001600160a01b037f000000000000000000000000dfb5f6ce42aaa7830e94ecfccad411bef4d4d5b6161461094c576040516348da714f60e01b815260040160405180910390fd5b610957848484610e4c565b6033548083111561097b57604051630b469df360e41b815260040160405180910390fd5b5f6109886103e88361132b565b90505f6103e8610996610c46565b6109a0919061132b565b90505f826109ae8784611351565b6109b89190611368565b90506109c4868561133e565b6033556109e46109d4828461133e565b6103e8603354610547919061132b565b6109ef888883610e92565b5050505050505050565b5f5f6103e8603354610a0b919061132b565b90505f6103e8610a19610c46565b610a23919061132b565b90508061073b8386611351565b5f61064f82610704565b7f00000000000000000000000041dbe7bbaca97d986fcf6f5203b98ec02412ec1d6001600160a01b031663eab66d7a6040518163ffffffff1660e01b8152600401602060405180830381865afa158015610a96573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610aba91906113ec565b6001600160a01b0316336001600160a01b031614610aeb5760405163794821ff60e01b815260040160405180910390fd5b60015480198219811614610b125760405163c61dca5d60e01b815260040160405180910390fd5b600182905560405182815233907f3582d1828e26bf56bd801502bc021ac0bc8afb57c826e4986b45593c8fad389c9060200160405180910390a25050565b600181905560405181815233907fab40a374bc51de372200a8bc981af8c9ecdc08dfdaef0bb6e09f88f3c616ef3d9060200160405180910390a250565b6032546001600160a01b0383811691161480610bb657506064546001600160a01b038381169116145b610bd357604051630312abdd60e61b815260040160405180910390fd5b6064546001600160a01b039081169083160361040757606454604051636f074d1f60e11b8152600481018390526001600160a01b039091169063de0e9a3e906024015f604051808303815f87803b158015610c2c575f5ffd5b505af1158015610c3e573d5f5f3e3d5ffd5b505050505050565b6032546040516370a0823160e01b81523060048201525f916001600160a01b0316906370a0823190602401602060405180830381865afa158015610c8c573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610cb091906113d5565b905090565b7fd2494f3479e5da49d386657c292c610b5b01df313d07c62eb0cfa49924a31be881610ce984670de0b6b3a7640000611351565b610cf39190611368565b60405190815260200161083e565b5f54610100900460ff16610d6b5760405162461bcd60e51b815260206004820152602b60248201527f496e697469616c697a61626c653a20636f6e7472616374206973206e6f74206960448201526a6e697469616c697a696e6760a81b60648201526084016105aa565b603280546001600160a01b0319166001600160a01b038316179055610d8f5f610b50565b7f1c540707b00eb5427b6b774fc799d756516a54aee108b64b327acc55af55750760325f9054906101000a90046001600160a01b0316826001600160a01b031663313ce5676040518163ffffffff1660e01b8152600401602060405180830381865afa158015610e01573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610e259190611407565b604080516001600160a01b03909316835260ff90911660208301520160405180910390a150565b6032546001600160a01b0383811691161480610e7557506064546001600160a01b038381169116145b61063d57604051630312abdd60e61b815260040160405180910390fd5b6064546001600160a01b0390811690831603610f775760325460405163095ea7b360e01b81526001600160a01b038481166004830152602482018490529091169063095ea7b3906044016020604051808303815f875af1158015610ef8573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610f1c91906112f8565b50606454604051630ea598cb60e41b8152600481018390526001600160a01b039091169063ea598cb0906024015f604051808303815f87803b158015610f60575f5ffd5b505af1158015610f72573d5f5f3e3d5ffd5b505050505b604080516001600160a01b03858116602483015260448083018590528351808403909101815260649092018352602080830180516001600160e01b031663a9059cbb60e01b17905283518085019094528084527f5361666545524332303a206c6f772d6c6576656c2063616c6c206661696c65649084015261063d92908516918691859185918591905f9061100f908490849061108e565b905080515f148061102f57508080602001905181019061102f91906112f8565b61063d5760405162461bcd60e51b815260206004820152602a60248201527f5361666545524332303a204552433230206f7065726174696f6e20646964206e6044820152691bdd081cdd58d8d9595960b21b60648201526084016105aa565b606061074584845f85855f5f866001600160a01b031685876040516110b39190611422565b5f6040518083038185875af1925050503d805f81146110ed576040519150601f19603f3d011682016040523d82523d5f602084013e6110f2565b606091505b50915091506111038783838761110e565b979650505050505050565b6060831561117c5782515f03611175576001600160a01b0385163b6111755760405162461bcd60e51b815260206004820152601d60248201527f416464726573733a2063616c6c20746f206e6f6e2d636f6e747261637400000060448201526064016105aa565b5081610745565b61074583838151156111915781518083602001fd5b8060405162461bcd60e51b81526004016105aa9190611285565b5f602082840312156111bb575f5ffd5b5035919050565b6001600160a01b03811681146111d6575f5ffd5b50565b5f5f604083850312156111ea575f5ffd5b82356111f5816111c2565b946020939093013593505050565b5f5f60408385031215611214575f5ffd5b823561121f816111c2565b9150602083013561122f816111c2565b809150509250929050565b5f6020828403121561124a575f5ffd5b8135611255816111c2565b9392505050565b60ff811681146111d6575f5ffd5b5f6020828403121561127a575f5ffd5b81356112558161125c565b602081525f82518060208401528060208501604085015e5f604082850101526040601f19601f83011684010191505092915050565b5f5f5f606084860312156112cc575f5ffd5b83356112d7816111c2565b925060208401356112e7816111c2565b929592945050506040919091013590565b5f60208284031215611308575f5ffd5b81518015158114611255575f5ffd5b634e487b7160e01b5f52601160045260245ffd5b8082018082111561064f5761064f611317565b8181038181111561064f5761064f611317565b808202811582820484141761064f5761064f611317565b5f8261138257634e487b7160e01b5f52601260045260245ffd5b500490565b6020808252602e908201527f496e697469616c697a61626c653a20636f6e747261637420697320616c72656160408201526d191e481a5b9a5d1a585b1a5e995960921b606082015260800190565b5f602082840312156113e5575f5ffd5b5051919050565b5f602082840312156113fc575f5ffd5b8151611255816111c2565b5f60208284031215611417575f5ffd5b81516112558161125c565b5f82518060208501845e5f92019182525091905056fe4261736520537472617465677920696d706c656d656e746174696f6e20746f20696e68657269742066726f6d20666f72206d6f726520636f6d706c657820696d706c656d656e746174696f6e73a2646970667358221220488ee976bc1d4a22687731f95bd86abdb700f39094a8563946f9fd71468ca38d64736f6c634300081b0033
Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)
000000000000000000000000dfb5f6ce42aaa7830e94ecfccad411bef4d4d5b600000000000000000000000041dbe7bbaca97d986fcf6f5203b98ec02412ec1d
-----Decoded View---------------
Arg [0] : _strategyManager (address): 0xdfB5f6CE42aAA7830E94ECFCcAd411beF4d4D5b6
Arg [1] : _pauserRegistry (address): 0x41Dbe7BbacA97D986FCF6f5203b98Ec02412ec1D
-----Encoded View---------------
2 Constructor Arguments found :
Arg [0] : 000000000000000000000000dfb5f6ce42aaa7830e94ecfccad411bef4d4d5b6
Arg [1] : 00000000000000000000000041dbe7bbaca97d986fcf6f5203b98ec02412ec1d
Loading...
Loading
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.