{ "language": "Solidity", "sources": { "src/bridges/Diamond.sol": { "content": "// SPDX-License-Identifier: MIT\r\npragma solidity >=0.8.4 <0.9.0;\r\n\r\nimport {LibDiamond} from \"./libs/LibDiamond.sol\";\r\nimport {IDiamondCut} from \"./interfaces/IDiamondCut.sol\";\r\n\r\ncontract Diamond {\r\n constructor(address _contractOwner, address _diamondCutFacet) payable {\r\n LibDiamond.setContractOwner(_contractOwner);\r\n\r\n // Add the diamondCut external function from the diamondCutFacet\r\n IDiamondCut.FacetCut[] memory cut = new IDiamondCut.FacetCut[](1);\r\n bytes4[] memory functionSelectors = new bytes4[](1);\r\n functionSelectors[0] = IDiamondCut.diamondCut.selector;\r\n cut[0] = IDiamondCut.FacetCut({\r\n facetAddress: _diamondCutFacet,\r\n action: IDiamondCut.FacetCutAction.Add,\r\n functionSelectors: functionSelectors\r\n });\r\n LibDiamond.diamondCut(cut, address(0), \"\");\r\n }\r\n\r\n // Find facet for function that is called and execute the\r\n // function if a facet is found and return any value.\r\n // solhint-disable-next-line no-complex-fallback\r\n fallback() external payable {\r\n LibDiamond.DiamondStorage storage ds;\r\n bytes32 position = LibDiamond.DIAMOND_STORAGE_POSITION;\r\n\r\n // get diamond storage\r\n // solhint-disable-next-line no-inline-assembly\r\n assembly {\r\n ds.slot := position\r\n }\r\n\r\n // get facet from function selector\r\n address facet = ds.selectorToFacetAndPosition[msg.sig].facetAddress;\r\n require(facet != address(0), \"Diamond: Function does not exist\");\r\n\r\n // Execute external function from facet using delegatecall and return any value.\r\n // solhint-disable-next-line no-inline-assembly\r\n assembly {\r\n // copy function selector and any arguments\r\n calldatacopy(0, 0, calldatasize())\r\n // execute function call using the facet\r\n let result := delegatecall(gas(), facet, 0, calldatasize(), 0, 0)\r\n // get any return value\r\n returndatacopy(0, 0, returndatasize())\r\n // return any return value or error back to the caller\r\n switch result\r\n case 0 {\r\n revert(0, returndatasize())\r\n }\r\n default {\r\n return(0, returndatasize())\r\n }\r\n }\r\n }\r\n\r\n // Able to receive ether\r\n // solhint-disable-next-line no-empty-blocks\r\n receive() external payable {}\r\n}\r\n" }, "src/bridges/libs/LibDiamond.sol": { "content": "// SPDX-License-Identifier: MIT\r\npragma solidity >=0.8.4 <0.9.0;\r\n\r\nimport {IDiamondCut} from \"../interfaces/IDiamondCut.sol\";\r\n\r\nlibrary LibDiamond {\r\n bytes32 internal constant DIAMOND_STORAGE_POSITION =\r\n keccak256(\"diamond.standard.diamond.storage\");\r\n\r\n struct FacetAddressAndPosition {\r\n address facetAddress;\r\n uint96 functionSelectorPosition; // position in facetFunctionSelectors.functionSelectors array\r\n }\r\n\r\n struct FacetFunctionSelectors {\r\n bytes4[] functionSelectors;\r\n uint256 facetAddressPosition; // position of facetAddress in facetAddresses array\r\n }\r\n\r\n struct DiamondStorage {\r\n // maps function selector to the facet address and\r\n // the position of the selector in the facetFunctionSelectors.selectors array\r\n mapping(bytes4 => FacetAddressAndPosition) selectorToFacetAndPosition;\r\n // maps facet addresses to function selectors\r\n mapping(address => FacetFunctionSelectors) facetFunctionSelectors;\r\n // facet addresses\r\n address[] facetAddresses;\r\n // Used to query if a contract implements an interface.\r\n // Used to implement ERC-165.\r\n mapping(bytes4 => bool) supportedInterfaces;\r\n // owner of the contract\r\n address contractOwner;\r\n }\r\n\r\n function diamondStorage()\r\n internal\r\n pure\r\n returns (DiamondStorage storage ds)\r\n {\r\n bytes32 position = DIAMOND_STORAGE_POSITION;\r\n // solhint-disable-next-line no-inline-assembly\r\n assembly {\r\n ds.slot := position\r\n }\r\n }\r\n\r\n event OwnershipTransferred(\r\n address indexed previousOwner,\r\n address indexed newOwner\r\n );\r\n\r\n function setContractOwner(address _newOwner) internal {\r\n DiamondStorage storage ds = diamondStorage();\r\n address previousOwner = ds.contractOwner;\r\n ds.contractOwner = _newOwner;\r\n emit OwnershipTransferred(previousOwner, _newOwner);\r\n }\r\n\r\n function contractOwner() internal view returns (address contractOwner_) {\r\n contractOwner_ = diamondStorage().contractOwner;\r\n }\r\n\r\n function enforceIsContractOwner() internal view {\r\n require(\r\n msg.sender == diamondStorage().contractOwner,\r\n \"LibDiamond: Must be contract owner\"\r\n );\r\n }\r\n\r\n event DiamondCut(\r\n IDiamondCut.FacetCut[] _diamondCut,\r\n address _init,\r\n bytes _calldata\r\n );\r\n\r\n // Internal function version of diamondCut\r\n function diamondCut(\r\n IDiamondCut.FacetCut[] memory _diamondCut,\r\n address _init,\r\n bytes memory _calldata\r\n ) internal {\r\n for (\r\n uint256 facetIndex;\r\n facetIndex < _diamondCut.length;\r\n facetIndex++\r\n ) {\r\n IDiamondCut.FacetCutAction action = _diamondCut[facetIndex].action;\r\n if (action == IDiamondCut.FacetCutAction.Add) {\r\n addFunctions(\r\n _diamondCut[facetIndex].facetAddress,\r\n _diamondCut[facetIndex].functionSelectors\r\n );\r\n } else if (action == IDiamondCut.FacetCutAction.Replace) {\r\n replaceFunctions(\r\n _diamondCut[facetIndex].facetAddress,\r\n _diamondCut[facetIndex].functionSelectors\r\n );\r\n } else if (action == IDiamondCut.FacetCutAction.Remove) {\r\n removeFunctions(\r\n _diamondCut[facetIndex].facetAddress,\r\n _diamondCut[facetIndex].functionSelectors\r\n );\r\n } else {\r\n revert(\"LibDiamondCut: Incorrect FacetCutAction\");\r\n }\r\n }\r\n emit DiamondCut(_diamondCut, _init, _calldata);\r\n initializeDiamondCut(_init, _calldata);\r\n }\r\n\r\n function addFunctions(\r\n address _facetAddress,\r\n bytes4[] memory _functionSelectors\r\n ) internal {\r\n require(\r\n _functionSelectors.length > 0,\r\n \"LibDiamondCut: No selectors in facet to cut\"\r\n );\r\n DiamondStorage storage ds = diamondStorage();\r\n require(\r\n _facetAddress != address(0),\r\n \"LibDiamondCut: Add facet can't be address(0)\"\r\n );\r\n uint96 selectorPosition = uint96(\r\n ds.facetFunctionSelectors[_facetAddress].functionSelectors.length\r\n );\r\n // add new facet address if it does not exist\r\n if (selectorPosition == 0) {\r\n addFacet(ds, _facetAddress);\r\n }\r\n for (\r\n uint256 selectorIndex;\r\n selectorIndex < _functionSelectors.length;\r\n selectorIndex++\r\n ) {\r\n bytes4 selector = _functionSelectors[selectorIndex];\r\n address oldFacetAddress = ds\r\n .selectorToFacetAndPosition[selector]\r\n .facetAddress;\r\n require(\r\n oldFacetAddress == address(0),\r\n \"LibDiamondCut: Can't add function that already exists\"\r\n );\r\n addFunction(ds, selector, selectorPosition, _facetAddress);\r\n selectorPosition++;\r\n }\r\n }\r\n\r\n function replaceFunctions(\r\n address _facetAddress,\r\n bytes4[] memory _functionSelectors\r\n ) internal {\r\n require(\r\n _functionSelectors.length > 0,\r\n \"LibDiamondCut: No selectors in facet to cut\"\r\n );\r\n DiamondStorage storage ds = diamondStorage();\r\n require(\r\n _facetAddress != address(0),\r\n \"LibDiamondCut: Add facet can't be address(0)\"\r\n );\r\n uint96 selectorPosition = uint96(\r\n ds.facetFunctionSelectors[_facetAddress].functionSelectors.length\r\n );\r\n // add new facet address if it does not exist\r\n if (selectorPosition == 0) {\r\n addFacet(ds, _facetAddress);\r\n }\r\n for (\r\n uint256 selectorIndex;\r\n selectorIndex < _functionSelectors.length;\r\n selectorIndex++\r\n ) {\r\n bytes4 selector = _functionSelectors[selectorIndex];\r\n address oldFacetAddress = ds\r\n .selectorToFacetAndPosition[selector]\r\n .facetAddress;\r\n require(\r\n oldFacetAddress != _facetAddress,\r\n \"LibDiamondCut: Can't replace function with same function\"\r\n );\r\n removeFunction(ds, oldFacetAddress, selector);\r\n addFunction(ds, selector, selectorPosition, _facetAddress);\r\n selectorPosition++;\r\n }\r\n }\r\n\r\n function removeFunctions(\r\n address _facetAddress,\r\n bytes4[] memory _functionSelectors\r\n ) internal {\r\n require(\r\n _functionSelectors.length > 0,\r\n \"LibDiamondCut: No selectors in facet to cut\"\r\n );\r\n DiamondStorage storage ds = diamondStorage();\r\n // if function does not exist then do nothing and return\r\n require(\r\n _facetAddress == address(0),\r\n \"LibDiamondCut: Remove facet address must be address(0)\"\r\n );\r\n for (\r\n uint256 selectorIndex;\r\n selectorIndex < _functionSelectors.length;\r\n selectorIndex++\r\n ) {\r\n bytes4 selector = _functionSelectors[selectorIndex];\r\n address oldFacetAddress = ds\r\n .selectorToFacetAndPosition[selector]\r\n .facetAddress;\r\n removeFunction(ds, oldFacetAddress, selector);\r\n }\r\n }\r\n\r\n function addFacet(DiamondStorage storage ds, address _facetAddress)\r\n internal\r\n {\r\n enforceHasContractCode(\r\n _facetAddress,\r\n \"LibDiamondCut: New facet has no code\"\r\n );\r\n ds.facetFunctionSelectors[_facetAddress].facetAddressPosition = ds\r\n .facetAddresses\r\n .length;\r\n ds.facetAddresses.push(_facetAddress);\r\n }\r\n\r\n function addFunction(\r\n DiamondStorage storage ds,\r\n bytes4 _selector,\r\n uint96 _selectorPosition,\r\n address _facetAddress\r\n ) internal {\r\n ds\r\n .selectorToFacetAndPosition[_selector]\r\n .functionSelectorPosition = _selectorPosition;\r\n ds.facetFunctionSelectors[_facetAddress].functionSelectors.push(\r\n _selector\r\n );\r\n ds.selectorToFacetAndPosition[_selector].facetAddress = _facetAddress;\r\n }\r\n\r\n function removeFunction(\r\n DiamondStorage storage ds,\r\n address _facetAddress,\r\n bytes4 _selector\r\n ) internal {\r\n require(\r\n _facetAddress != address(0),\r\n \"LibDiamondCut: Can't remove function that doesn't exist\"\r\n );\r\n // an immutable function is a function defined directly in a diamond\r\n require(\r\n _facetAddress != address(this),\r\n \"LibDiamondCut: Can't remove immutable function\"\r\n );\r\n // replace selector with last selector, then delete last selector\r\n uint256 selectorPosition = ds\r\n .selectorToFacetAndPosition[_selector]\r\n .functionSelectorPosition;\r\n uint256 lastSelectorPosition = ds\r\n .facetFunctionSelectors[_facetAddress]\r\n .functionSelectors\r\n .length - 1;\r\n // if not the same then replace _selector with lastSelector\r\n if (selectorPosition != lastSelectorPosition) {\r\n bytes4 lastSelector = ds\r\n .facetFunctionSelectors[_facetAddress]\r\n .functionSelectors[lastSelectorPosition];\r\n ds.facetFunctionSelectors[_facetAddress].functionSelectors[\r\n selectorPosition\r\n ] = lastSelector;\r\n ds\r\n .selectorToFacetAndPosition[lastSelector]\r\n .functionSelectorPosition = uint96(selectorPosition);\r\n }\r\n // delete the last selector\r\n ds.facetFunctionSelectors[_facetAddress].functionSelectors.pop();\r\n delete ds.selectorToFacetAndPosition[_selector];\r\n\r\n // if no more selectors for facet address then delete the facet address\r\n if (lastSelectorPosition == 0) {\r\n // replace facet address with last facet address and delete last facet address\r\n uint256 lastFacetAddressPosition = ds.facetAddresses.length - 1;\r\n uint256 facetAddressPosition = ds\r\n .facetFunctionSelectors[_facetAddress]\r\n .facetAddressPosition;\r\n if (facetAddressPosition != lastFacetAddressPosition) {\r\n address lastFacetAddress = ds.facetAddresses[\r\n lastFacetAddressPosition\r\n ];\r\n ds.facetAddresses[facetAddressPosition] = lastFacetAddress;\r\n ds\r\n .facetFunctionSelectors[lastFacetAddress]\r\n .facetAddressPosition = facetAddressPosition;\r\n }\r\n ds.facetAddresses.pop();\r\n delete ds\r\n .facetFunctionSelectors[_facetAddress]\r\n .facetAddressPosition;\r\n }\r\n }\r\n\r\n function initializeDiamondCut(address _init, bytes memory _calldata)\r\n internal\r\n {\r\n if (_init == address(0)) {\r\n require(\r\n _calldata.length == 0,\r\n \"LibDiamondCut: _init is address(0) but_calldata is not empty\"\r\n );\r\n } else {\r\n require(\r\n _calldata.length > 0,\r\n \"LibDiamondCut: _calldata is empty but _init is not address(0)\"\r\n );\r\n if (_init != address(this)) {\r\n enforceHasContractCode(\r\n _init,\r\n \"LibDiamondCut: _init address has no code\"\r\n );\r\n }\r\n // solhint-disable-next-line avoid-low-level-calls\r\n (bool success, bytes memory error) = _init.delegatecall(_calldata);\r\n if (!success) {\r\n if (error.length > 0) {\r\n // bubble up the error\r\n revert(string(error));\r\n } else {\r\n revert(\"LibDiamondCut: _init function reverted\");\r\n }\r\n }\r\n }\r\n }\r\n\r\n function enforceHasContractCode(\r\n address _contract,\r\n string memory _errorMessage\r\n ) internal view {\r\n uint256 contractSize;\r\n // solhint-disable-next-line no-inline-assembly\r\n assembly {\r\n contractSize := extcodesize(_contract)\r\n }\r\n require(contractSize > 0, _errorMessage);\r\n }\r\n}\r\n" }, "src/bridges/interfaces/IDiamondCut.sol": { "content": "// SPDX-License-Identifier: MIT\r\npragma solidity >=0.8.4 <0.9.0;\r\n\r\ninterface IDiamondCut {\r\n enum FacetCutAction {\r\n Add,\r\n Replace,\r\n Remove\r\n }\r\n // Add=0, Replace=1, Remove=2\r\n\r\n struct FacetCut {\r\n address facetAddress;\r\n FacetCutAction action;\r\n bytes4[] functionSelectors;\r\n }\r\n\r\n /// @notice Add/replace/remove any number of functions and optionally execute\r\n /// a function with delegatecall\r\n /// @param _diamondCut Contains the facet addresses and function selectors\r\n /// @param _init The address of the contract or facet to execute _calldata\r\n /// @param _calldata A function call, including function selector and arguments\r\n /// _calldata is executed with delegatecall on _init\r\n function diamondCut(\r\n FacetCut[] calldata _diamondCut,\r\n address _init,\r\n bytes calldata _calldata\r\n ) external;\r\n\r\n event DiamondCut(FacetCut[] _diamondCut, address _init, bytes _calldata);\r\n}\r\n" }, "src/bridges/facets/DiamondCutFacet.sol": { "content": "// SPDX-License-Identifier: MIT\r\npragma solidity >=0.8.4 <0.9.0;\r\n\r\nimport { IDiamondCut } from \"../interfaces/IDiamondCut.sol\";\r\nimport { LibDiamond } from \"../libs/LibDiamond.sol\";\r\n\r\ncontract DiamondCutFacet is IDiamondCut {\r\n /// @notice Add/replace/remove any number of functions and optionally execute\r\n /// a function with delegatecall\r\n /// @param _diamondCut Contains the facet addresses and function selectors\r\n /// @param _init The address of the contract or facet to execute _calldata\r\n /// @param _calldata A function call, including function selector and arguments\r\n /// _calldata is executed with delegatecall on _init\r\n function diamondCut(\r\n FacetCut[] calldata _diamondCut,\r\n address _init,\r\n bytes calldata _calldata\r\n ) external override {\r\n LibDiamond.enforceIsContractOwner();\r\n LibDiamond.diamondCut(_diamondCut, _init, _calldata);\r\n }\r\n}\r\n" }, "@openzeppelin/contracts/token/ERC20/IERC20.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)\n\npragma solidity ^0.8.0;\n\n/**\n * @dev Interface of the ERC20 standard as defined in the EIP.\n */\ninterface IERC20 {\n /**\n * @dev Emitted when `value` tokens are moved from one account (`from`) to\n * another (`to`).\n *\n * Note that `value` may be zero.\n */\n event Transfer(address indexed from, address indexed to, uint256 value);\n\n /**\n * @dev Emitted when the allowance of a `spender` for an `owner` is set by\n * a call to {approve}. `value` is the new allowance.\n */\n event Approval(address indexed owner, address indexed spender, uint256 value);\n\n /**\n * @dev Returns the amount of tokens in existence.\n */\n function totalSupply() external view returns (uint256);\n\n /**\n * @dev Returns the amount of tokens owned by `account`.\n */\n function balanceOf(address account) external view returns (uint256);\n\n /**\n * @dev Moves `amount` tokens from the caller's account to `to`.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * Emits a {Transfer} event.\n */\n function transfer(address to, uint256 amount) external returns (bool);\n\n /**\n * @dev Returns the remaining number of tokens that `spender` will be\n * allowed to spend on behalf of `owner` through {transferFrom}. This is\n * zero by default.\n *\n * This value changes when {approve} or {transferFrom} are called.\n */\n function allowance(address owner, address spender) external view returns (uint256);\n\n /**\n * @dev Sets `amount` as the allowance of `spender` over the caller's tokens.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * IMPORTANT: Beware that changing an allowance with this method brings the risk\n * that someone may use both the old and the new allowance by unfortunate\n * transaction ordering. One possible solution to mitigate this race\n * condition is to first reduce the spender's allowance to 0 and set the\n * desired value afterwards:\n * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729\n *\n * Emits an {Approval} event.\n */\n function approve(address spender, uint256 amount) external returns (bool);\n\n /**\n * @dev Moves `amount` tokens from `from` to `to` using the\n * allowance mechanism. `amount` is then deducted from the caller's\n * allowance.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * Emits a {Transfer} event.\n */\n function transferFrom(\n address from,\n address to,\n uint256 amount\n ) external returns (bool);\n}\n" }, "@openzeppelin/contracts/interfaces/IERC20.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (interfaces/IERC20.sol)\n\npragma solidity ^0.8.0;\n\nimport \"../token/ERC20/IERC20.sol\";\n" }, "@openzeppelin/contracts/utils/Address.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.5.0) (utils/Address.sol)\n\npragma solidity ^0.8.1;\n\n/**\n * @dev Collection of functions related to the address type\n */\nlibrary Address {\n /**\n * @dev Returns true if `account` is a contract.\n *\n * [IMPORTANT]\n * ====\n * It is unsafe to assume that an address for which this function returns\n * false is an externally-owned account (EOA) and not a contract.\n *\n * Among others, `isContract` will return false for the following\n * types of addresses:\n *\n * - an externally-owned account\n * - a contract in construction\n * - an address where a contract will be created\n * - an address where a contract lived, but was destroyed\n * ====\n *\n * [IMPORTANT]\n * ====\n * You shouldn't rely on `isContract` to protect against flash loan attacks!\n *\n * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets\n * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract\n * constructor.\n * ====\n */\n function isContract(address account) internal view returns (bool) {\n // This method relies on extcodesize/address.code.length, which returns 0\n // for contracts in construction, since the code is only stored at the end\n // of the constructor execution.\n\n return account.code.length > 0;\n }\n\n /**\n * @dev Replacement for Solidity's `transfer`: sends `amount` wei to\n * `recipient`, forwarding all available gas and reverting on errors.\n *\n * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost\n * of certain opcodes, possibly making contracts go over the 2300 gas limit\n * imposed by `transfer`, making them unable to receive funds via\n * `transfer`. {sendValue} removes this limitation.\n *\n * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].\n *\n * IMPORTANT: because control is transferred to `recipient`, care must be\n * taken to not create reentrancy vulnerabilities. Consider using\n * {ReentrancyGuard} or the\n * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].\n */\n function sendValue(address payable recipient, uint256 amount) internal {\n require(address(this).balance >= amount, \"Address: insufficient balance\");\n\n (bool success, ) = recipient.call{value: amount}(\"\");\n require(success, \"Address: unable to send value, recipient may have reverted\");\n }\n\n /**\n * @dev Performs a Solidity function call using a low level `call`. A\n * plain `call` is an unsafe replacement for a function call: use this\n * function instead.\n *\n * If `target` reverts with a revert reason, it is bubbled up by this\n * function (like regular Solidity function calls).\n *\n * Returns the raw returned data. To convert to the expected return value,\n * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].\n *\n * Requirements:\n *\n * - `target` must be a contract.\n * - calling `target` with `data` must not revert.\n *\n * _Available since v3.1._\n */\n function functionCall(address target, bytes memory data) internal returns (bytes memory) {\n return functionCall(target, data, \"Address: low-level call failed\");\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with\n * `errorMessage` as a fallback revert reason when `target` reverts.\n *\n * _Available since v3.1._\n */\n function functionCall(\n address target,\n bytes memory data,\n string memory errorMessage\n ) internal returns (bytes memory) {\n return functionCallWithValue(target, data, 0, errorMessage);\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n * but also transferring `value` wei to `target`.\n *\n * Requirements:\n *\n * - the calling contract must have an ETH balance of at least `value`.\n * - the called Solidity function must be `payable`.\n *\n * _Available since v3.1._\n */\n function functionCallWithValue(\n address target,\n bytes memory data,\n uint256 value\n ) internal returns (bytes memory) {\n return functionCallWithValue(target, data, value, \"Address: low-level call with value failed\");\n }\n\n /**\n * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but\n * with `errorMessage` as a fallback revert reason when `target` reverts.\n *\n * _Available since v3.1._\n */\n function functionCallWithValue(\n address target,\n bytes memory data,\n uint256 value,\n string memory errorMessage\n ) internal returns (bytes memory) {\n require(address(this).balance >= value, \"Address: insufficient balance for call\");\n require(isContract(target), \"Address: call to non-contract\");\n\n (bool success, bytes memory returndata) = target.call{value: value}(data);\n return verifyCallResult(success, returndata, errorMessage);\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n * but performing a static call.\n *\n * _Available since v3.3._\n */\n function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {\n return functionStaticCall(target, data, \"Address: low-level static call failed\");\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],\n * but performing a static call.\n *\n * _Available since v3.3._\n */\n function functionStaticCall(\n address target,\n bytes memory data,\n string memory errorMessage\n ) internal view returns (bytes memory) {\n require(isContract(target), \"Address: static call to non-contract\");\n\n (bool success, bytes memory returndata) = target.staticcall(data);\n return verifyCallResult(success, returndata, errorMessage);\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n * but performing a delegate call.\n *\n * _Available since v3.4._\n */\n function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {\n return functionDelegateCall(target, data, \"Address: low-level delegate call failed\");\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],\n * but performing a delegate call.\n *\n * _Available since v3.4._\n */\n function functionDelegateCall(\n address target,\n bytes memory data,\n string memory errorMessage\n ) internal returns (bytes memory) {\n require(isContract(target), \"Address: delegate call to non-contract\");\n\n (bool success, bytes memory returndata) = target.delegatecall(data);\n return verifyCallResult(success, returndata, errorMessage);\n }\n\n /**\n * @dev Tool to verifies that a low level call was successful, and revert if it wasn't, either by bubbling the\n * revert reason using the provided one.\n *\n * _Available since v4.3._\n */\n function verifyCallResult(\n bool success,\n bytes memory returndata,\n string memory errorMessage\n ) internal pure returns (bytes memory) {\n if (success) {\n return returndata;\n } else {\n // Look for revert reason and bubble it up if present\n if (returndata.length > 0) {\n // The easiest way to bubble the revert reason is using memory via assembly\n\n assembly {\n let returndata_size := mload(returndata)\n revert(add(32, returndata), returndata_size)\n }\n } else {\n revert(errorMessage);\n }\n }\n }\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/contracts/Home.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n// ============ Internal Imports ============\nimport {Version0} from \"./Version0.sol\";\nimport {NomadBase} from \"./NomadBase.sol\";\nimport {QueueLib} from \"../libs/Queue.sol\";\nimport {MerkleLib} from \"../libs/Merkle.sol\";\nimport {Message} from \"../libs/Message.sol\";\nimport {MerkleTreeManager} from \"./Merkle.sol\";\nimport {QueueManager} from \"./Queue.sol\";\nimport {IUpdaterManager} from \"../interfaces/IUpdaterManager.sol\";\n// ============ External Imports ============\nimport {Address} from \"@openzeppelin/contracts/utils/Address.sol\";\n\n/**\n * @title Home\n * @author Illusory Systems Inc.\n * @notice Accepts messages to be dispatched to remote chains,\n * constructs a Merkle tree of the messages,\n * and accepts signatures from a bonded Updater\n * which notarize the Merkle tree roots.\n * Accepts submissions of fraudulent signatures\n * by the Updater and slashes the Updater in this case.\n */\ncontract Home is Version0, QueueManager, MerkleTreeManager, NomadBase {\n // ============ Libraries ============\n\n using QueueLib for QueueLib.Queue;\n using MerkleLib for MerkleLib.Tree;\n\n // ============ Constants ============\n\n // Maximum bytes per message = 2 KiB\n // (somewhat arbitrarily set to begin)\n uint256 public constant MAX_MESSAGE_BODY_BYTES = 2 * 2**10;\n\n // ============ Public Storage Variables ============\n\n // domain => next available nonce for the domain\n mapping(uint32 => uint32) public nonces;\n // contract responsible for Updater bonding, slashing and rotation\n IUpdaterManager public updaterManager;\n\n // ============ Upgrade Gap ============\n\n // gap for upgrade safety\n uint256[48] private __GAP;\n\n // ============ Events ============\n\n /**\n * @notice Emitted when a new message is dispatched via Nomad\n * @param leafIndex Index of message's leaf in merkle tree\n * @param destinationAndNonce Destination and destination-specific\n * nonce combined in single field ((destination << 32) & nonce)\n * @param messageHash Hash of message; the leaf inserted to the Merkle tree for the message\n * @param committedRoot the latest notarized root submitted in the last signed Update\n * @param message Raw bytes of message\n */\n event Dispatch(\n bytes32 indexed messageHash,\n uint256 indexed leafIndex,\n uint64 indexed destinationAndNonce,\n bytes32 committedRoot,\n bytes message\n );\n\n /**\n * @notice Emitted when proof of an improper update is submitted,\n * which sets the contract to FAILED state\n * @param oldRoot Old root of the improper update\n * @param newRoot New root of the improper update\n * @param signature Signature on `oldRoot` and `newRoot\n */\n event ImproperUpdate(bytes32 oldRoot, bytes32 newRoot, bytes signature);\n\n /**\n * @notice Emitted when the Updater is slashed\n * (should be paired with ImproperUpdater or DoubleUpdate event)\n * @param updater The address of the updater\n * @param reporter The address of the entity that reported the updater misbehavior\n */\n event UpdaterSlashed(address indexed updater, address indexed reporter);\n\n /**\n * @notice Emitted when the UpdaterManager contract is changed\n * @param updaterManager The address of the new updaterManager\n */\n event NewUpdaterManager(address updaterManager);\n\n // ============ Constructor ============\n\n constructor(uint32 _localDomain) NomadBase(_localDomain) {} // solhint-disable-line no-empty-blocks\n\n // ============ Initializer ============\n\n function initialize(IUpdaterManager _updaterManager) public initializer {\n // initialize queue, set Updater Manager, and initialize\n __QueueManager_initialize();\n _setUpdaterManager(_updaterManager);\n __NomadBase_initialize(updaterManager.updater());\n }\n\n // ============ Modifiers ============\n\n /**\n * @notice Ensures that function is called by the UpdaterManager contract\n */\n modifier onlyUpdaterManager() {\n require(msg.sender == address(updaterManager), \"!updaterManager\");\n _;\n }\n\n // ============ External: Updater & UpdaterManager Configuration ============\n\n /**\n * @notice Set a new Updater\n * @param _updater the new Updater\n */\n function setUpdater(address _updater) external onlyUpdaterManager {\n _setUpdater(_updater);\n }\n\n /**\n * @notice Set a new UpdaterManager contract\n * @dev Home(s) will initially be initialized using a trusted UpdaterManager contract;\n * we will progressively decentralize by swapping the trusted contract with a new implementation\n * that implements Updater bonding & slashing, and rules for Updater selection & rotation\n * @param _updaterManager the new UpdaterManager contract\n */\n function setUpdaterManager(address _updaterManager) external onlyOwner {\n _setUpdaterManager(IUpdaterManager(_updaterManager));\n }\n\n // ============ External Functions ============\n\n /**\n * @notice Dispatch the message it to the destination domain & recipient\n * @dev Format the message, insert its hash into Merkle tree,\n * enqueue the new Merkle root, and emit `Dispatch` event with message information.\n * @param _destinationDomain Domain of destination chain\n * @param _recipientAddress Address of recipient on destination chain as bytes32\n * @param _messageBody Raw bytes content of message\n */\n function dispatch(\n uint32 _destinationDomain,\n bytes32 _recipientAddress,\n bytes memory _messageBody\n ) external notFailed {\n require(_messageBody.length <= MAX_MESSAGE_BODY_BYTES, \"msg too long\");\n // get the next nonce for the destination domain, then increment it\n uint32 _nonce = nonces[_destinationDomain];\n nonces[_destinationDomain] = _nonce + 1;\n // format the message into packed bytes\n bytes memory _message = Message.formatMessage(\n localDomain,\n bytes32(uint256(uint160(msg.sender))),\n _nonce,\n _destinationDomain,\n _recipientAddress,\n _messageBody\n );\n // insert the hashed message into the Merkle tree\n bytes32 _messageHash = keccak256(_message);\n tree.insert(_messageHash);\n // enqueue the new Merkle root after inserting the message\n queue.enqueue(root());\n // Emit Dispatch event with message information\n // note: leafIndex is count() - 1 since new leaf has already been inserted\n emit Dispatch(_messageHash, count() - 1, _destinationAndNonce(_destinationDomain, _nonce), committedRoot, _message);\n }\n\n /**\n * @notice Submit a signature from the Updater \"notarizing\" a root,\n * which updates the Home contract's `committedRoot`,\n * and publishes the signature which will be relayed to Replica contracts\n * @dev emits Update event\n * @dev If _newRoot is not contained in the queue,\n * the Update is a fraudulent Improper Update, so\n * the Updater is slashed & Home is set to FAILED state\n * @param _committedRoot Current updated merkle root which the update is building off of\n * @param _newRoot New merkle root to update the contract state to\n * @param _signature Updater signature on `_committedRoot` and `_newRoot`\n */\n function update(\n bytes32 _committedRoot,\n bytes32 _newRoot,\n bytes memory _signature\n ) external notFailed {\n // check that the update is not fraudulent;\n // if fraud is detected, Updater is slashed & Home is set to FAILED state\n if (improperUpdate(_committedRoot, _newRoot, _signature)) return;\n // clear all of the intermediate roots contained in this update from the queue\n while (true) {\n bytes32 _next = queue.dequeue();\n if (_next == _newRoot) break;\n }\n // update the Home state with the latest signed root & emit event\n committedRoot = _newRoot;\n emit Update(localDomain, _committedRoot, _newRoot, _signature);\n }\n\n /**\n * @notice Suggest an update for the Updater to sign and submit.\n * @dev If queue is empty, null bytes returned for both\n * (No update is necessary because no messages have been dispatched since the last update)\n * @return _committedRoot Latest root signed by the Updater\n * @return _new Latest enqueued Merkle root\n */\n function suggestUpdate() external view returns (bytes32 _committedRoot, bytes32 _new) {\n if (queue.length() != 0) {\n _committedRoot = committedRoot;\n _new = queue.lastItem();\n }\n }\n\n // ============ Public Functions ============\n\n /**\n * @notice Hash of Home domain concatenated with \"NOMAD\"\n */\n function homeDomainHash() public view override returns (bytes32) {\n return _homeDomainHash(localDomain);\n }\n\n /**\n * @notice Check if an Update is an Improper Update;\n * if so, slash the Updater and set the contract to FAILED state.\n *\n * An Improper Update is an update building off of the Home's `committedRoot`\n * for which the `_newRoot` does not currently exist in the Home's queue.\n * This would mean that message(s) that were not truly\n * dispatched on Home were falsely included in the signed root.\n *\n * An Improper Update will only be accepted as valid by the Replica\n * If an Improper Update is attempted on Home,\n * the Updater will be slashed immediately.\n * If an Improper Update is submitted to the Replica,\n * it should be relayed to the Home contract using this function\n * in order to slash the Updater with an Improper Update.\n *\n * An Improper Update submitted to the Replica is only valid\n * while the `_oldRoot` is still equal to the `committedRoot` on Home;\n * if the `committedRoot` on Home has already been updated with a valid Update,\n * then the Updater should be slashed with a Double Update.\n * @dev Reverts (and doesn't slash updater) if signature is invalid or\n * update not current\n * @param _oldRoot Old merkle tree root (should equal home's committedRoot)\n * @param _newRoot New merkle tree root\n * @param _signature Updater signature on `_oldRoot` and `_newRoot`\n * @return TRUE if update was an Improper Update (implying Updater was slashed)\n */\n function improperUpdate(\n bytes32 _oldRoot,\n bytes32 _newRoot,\n bytes memory _signature\n ) public notFailed returns (bool) {\n require(_isUpdaterSignature(_oldRoot, _newRoot, _signature), \"!updater sig\");\n require(_oldRoot == committedRoot, \"not a current update\");\n // if the _newRoot is not currently contained in the queue,\n // slash the Updater and set the contract to FAILED state\n if (!queue.contains(_newRoot)) {\n _fail();\n emit ImproperUpdate(_oldRoot, _newRoot, _signature);\n return true;\n }\n // if the _newRoot is contained in the queue,\n // this is not an improper update\n return false;\n }\n\n // ============ Internal Functions ============\n\n /**\n * @notice Set the UpdaterManager\n * @param _updaterManager Address of the UpdaterManager\n */\n function _setUpdaterManager(IUpdaterManager _updaterManager) internal {\n require(Address.isContract(address(_updaterManager)), \"!contract updaterManager\");\n updaterManager = IUpdaterManager(_updaterManager);\n emit NewUpdaterManager(address(_updaterManager));\n }\n\n /**\n * @notice Slash the Updater and set contract state to FAILED\n * @dev Called when fraud is proven (Improper Update or Double Update)\n */\n function _fail() internal override {\n // set contract to FAILED\n _setFailed();\n // slash Updater\n updaterManager.slashUpdater(payable(msg.sender));\n emit UpdaterSlashed(updater, msg.sender);\n }\n\n /**\n * @notice Internal utility function that combines\n * `_destination` and `_nonce`.\n * @dev Both destination and nonce should be less than 2^32 - 1\n * @param _destination Domain of destination chain\n * @param _nonce Current nonce for given destination chain\n * @return Returns (`_destination` << 32) & `_nonce`\n */\n function _destinationAndNonce(uint32 _destination, uint32 _nonce) internal pure returns (uint64) {\n return (uint64(_destination) << 32) | _nonce;\n }\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/contracts/Version0.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n/**\n * @title Version0\n * @notice Version getter for contracts\n **/\ncontract Version0 {\n uint8 public constant VERSION = 0;\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/contracts/NomadBase.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n// ============ Internal Imports ============\nimport {Message} from \"../libs/Message.sol\";\n// ============ External Imports ============\nimport {ECDSA} from \"@openzeppelin/contracts/utils/cryptography/ECDSA.sol\";\nimport {Initializable} from \"@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol\";\nimport {OwnableUpgradeable} from \"@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol\";\n\n/**\n * @title NomadBase\n * @author Illusory Systems Inc.\n * @notice Shared utilities between Home and Replica.\n */\nabstract contract NomadBase is Initializable, OwnableUpgradeable {\n // ============ Enums ============\n\n // States:\n // 0 - UnInitialized - before initialize function is called\n // note: the contract is initialized at deploy time, so it should never be in this state\n // 1 - Active - as long as the contract has not become fraudulent\n // 2 - Failed - after a valid fraud proof has been submitted;\n // contract will no longer accept updates or new messages\n enum States {\n UnInitialized,\n Active,\n Failed\n }\n\n // ============ Immutable Variables ============\n\n // Domain of chain on which the contract is deployed\n uint32 public immutable localDomain;\n\n // ============ Public Variables ============\n\n // Address of bonded Updater\n address public updater;\n // Current state of contract\n States public state;\n // The latest root that has been signed by the Updater\n bytes32 public committedRoot;\n\n // ============ Upgrade Gap ============\n\n // gap for upgrade safety\n uint256[47] private __GAP;\n\n // ============ Events ============\n\n /**\n * @notice Emitted when update is made on Home\n * or unconfirmed update root is submitted on Replica\n * @param homeDomain Domain of home contract\n * @param oldRoot Old merkle root\n * @param newRoot New merkle root\n * @param signature Updater's signature on `oldRoot` and `newRoot`\n */\n event Update(uint32 indexed homeDomain, bytes32 indexed oldRoot, bytes32 indexed newRoot, bytes signature);\n\n /**\n * @notice Emitted when proof of a double update is submitted,\n * which sets the contract to FAILED state\n * @param oldRoot Old root shared between two conflicting updates\n * @param newRoot Array containing two conflicting new roots\n * @param signature Signature on `oldRoot` and `newRoot`[0]\n * @param signature2 Signature on `oldRoot` and `newRoot`[1]\n */\n event DoubleUpdate(bytes32 oldRoot, bytes32[2] newRoot, bytes signature, bytes signature2);\n\n /**\n * @notice Emitted when Updater is rotated\n * @param oldUpdater The address of the old updater\n * @param newUpdater The address of the new updater\n */\n event NewUpdater(address oldUpdater, address newUpdater);\n\n // ============ Modifiers ============\n\n /**\n * @notice Ensures that contract state != FAILED when the function is called\n */\n modifier notFailed() {\n require(state != States.Failed, \"failed state\");\n _;\n }\n\n // ============ Constructor ============\n\n constructor(uint32 _localDomain) {\n localDomain = _localDomain;\n }\n\n // ============ Initializer ============\n\n function __NomadBase_initialize(address _updater) internal initializer {\n __Ownable_init();\n _setUpdater(_updater);\n state = States.Active;\n }\n\n // ============ External Functions ============\n\n /**\n * @notice Called by external agent. Checks that signatures on two sets of\n * roots are valid and that the new roots conflict with each other. If both\n * cases hold true, the contract is failed and a `DoubleUpdate` event is\n * emitted.\n * @dev When `fail()` is called on Home, updater is slashed.\n * @param _oldRoot Old root shared between two conflicting updates\n * @param _newRoot Array containing two conflicting new roots\n * @param _signature Signature on `_oldRoot` and `_newRoot`[0]\n * @param _signature2 Signature on `_oldRoot` and `_newRoot`[1]\n */\n function doubleUpdate(\n bytes32 _oldRoot,\n bytes32[2] calldata _newRoot,\n bytes calldata _signature,\n bytes calldata _signature2\n ) external notFailed {\n if (\n NomadBase._isUpdaterSignature(_oldRoot, _newRoot[0], _signature) &&\n NomadBase._isUpdaterSignature(_oldRoot, _newRoot[1], _signature2) &&\n _newRoot[0] != _newRoot[1]\n ) {\n _fail();\n emit DoubleUpdate(_oldRoot, _newRoot, _signature, _signature2);\n }\n }\n\n // ============ Public Functions ============\n\n /**\n * @notice Hash of Home domain concatenated with \"NOMAD\"\n */\n function homeDomainHash() public view virtual returns (bytes32);\n\n // ============ Internal Functions ============\n\n /**\n * @notice Hash of Home domain concatenated with \"NOMAD\"\n * @param _homeDomain the Home domain to hash\n */\n function _homeDomainHash(uint32 _homeDomain) internal pure returns (bytes32) {\n return keccak256(abi.encodePacked(_homeDomain, \"NOMAD\"));\n }\n\n /**\n * @notice Set contract state to FAILED\n * @dev Called when a valid fraud proof is submitted\n */\n function _setFailed() internal {\n state = States.Failed;\n }\n\n /**\n * @notice Moves the contract into failed state\n * @dev Called when fraud is proven\n * (Double Update is submitted on Home or Replica,\n * or Improper Update is submitted on Home)\n */\n function _fail() internal virtual;\n\n /**\n * @notice Set the Updater\n * @param _newUpdater Address of the new Updater\n */\n function _setUpdater(address _newUpdater) internal {\n address _oldUpdater = updater;\n updater = _newUpdater;\n emit NewUpdater(_oldUpdater, _newUpdater);\n }\n\n /**\n * @notice Checks that signature was signed by Updater\n * @param _oldRoot Old merkle root\n * @param _newRoot New merkle root\n * @param _signature Signature on `_oldRoot` and `_newRoot`\n * @return TRUE iff signature is valid signed by updater\n **/\n function _isUpdaterSignature(\n bytes32 _oldRoot,\n bytes32 _newRoot,\n bytes memory _signature\n ) internal view returns (bool) {\n bytes32 _digest = keccak256(abi.encodePacked(homeDomainHash(), _oldRoot, _newRoot));\n _digest = ECDSA.toEthSignedMessageHash(_digest);\n return (ECDSA.recover(_digest, _signature) == updater);\n }\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/libs/Queue.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n/**\n * @title QueueLib\n * @author Illusory Systems Inc.\n * @notice Library containing queue struct and operations for queue used by\n * Home and Replica.\n **/\nlibrary QueueLib {\n /**\n * @notice Queue struct\n * @dev Internally keeps track of the `first` and `last` elements through\n * indices and a mapping of indices to enqueued elements.\n **/\n struct Queue {\n uint128 first;\n uint128 last;\n mapping(uint256 => bytes32) queue;\n }\n\n /**\n * @notice Initializes the queue\n * @dev Empty state denoted by _q.first > q._last. Queue initialized\n * with _q.first = 1 and _q.last = 0.\n **/\n function initialize(Queue storage _q) internal {\n if (_q.first == 0) {\n _q.first = 1;\n }\n }\n\n /**\n * @notice Enqueues a single new element\n * @param _item New element to be enqueued\n * @return _last Index of newly enqueued element\n **/\n function enqueue(Queue storage _q, bytes32 _item) internal returns (uint128 _last) {\n _last = _q.last + 1;\n _q.last = _last;\n if (_item != bytes32(0)) {\n // saves gas if we're queueing 0\n _q.queue[_last] = _item;\n }\n }\n\n /**\n * @notice Dequeues element at front of queue\n * @dev Removes dequeued element from storage\n * @return _item Dequeued element\n **/\n function dequeue(Queue storage _q) internal returns (bytes32 _item) {\n uint128 _last = _q.last;\n uint128 _first = _q.first;\n require(_length(_last, _first) != 0, \"Empty\");\n _item = _q.queue[_first];\n if (_item != bytes32(0)) {\n // saves gas if we're dequeuing 0\n delete _q.queue[_first];\n }\n _q.first = _first + 1;\n }\n\n /**\n * @notice Batch enqueues several elements\n * @param _items Array of elements to be enqueued\n * @return _last Index of last enqueued element\n **/\n function enqueue(Queue storage _q, bytes32[] memory _items) internal returns (uint128 _last) {\n _last = _q.last;\n for (uint256 i = 0; i < _items.length; i += 1) {\n _last += 1;\n bytes32 _item = _items[i];\n if (_item != bytes32(0)) {\n _q.queue[_last] = _item;\n }\n }\n _q.last = _last;\n }\n\n /**\n * @notice Batch dequeues `_number` elements\n * @dev Reverts if `_number` > queue length\n * @param _number Number of elements to dequeue\n * @return Array of dequeued elements\n **/\n function dequeue(Queue storage _q, uint256 _number) internal returns (bytes32[] memory) {\n uint128 _last = _q.last;\n uint128 _first = _q.first;\n // Cannot underflow unless state is corrupted\n require(_length(_last, _first) >= _number, \"Insufficient\");\n\n bytes32[] memory _items = new bytes32[](_number);\n\n for (uint256 i = 0; i < _number; i++) {\n _items[i] = _q.queue[_first];\n delete _q.queue[_first];\n _first++;\n }\n _q.first = _first;\n return _items;\n }\n\n /**\n * @notice Returns true if `_item` is in the queue and false if otherwise\n * @dev Linearly scans from _q.first to _q.last looking for `_item`\n * @param _item Item being searched for in queue\n * @return True if `_item` currently exists in queue, false if otherwise\n **/\n function contains(Queue storage _q, bytes32 _item) internal view returns (bool) {\n for (uint256 i = _q.first; i <= _q.last; i++) {\n if (_q.queue[i] == _item) {\n return true;\n }\n }\n return false;\n }\n\n /// @notice Returns last item in queue\n /// @dev Returns bytes32(0) if queue empty\n function lastItem(Queue storage _q) internal view returns (bytes32) {\n return _q.queue[_q.last];\n }\n\n /// @notice Returns element at front of queue without removing element\n /// @dev Reverts if queue is empty\n function peek(Queue storage _q) internal view returns (bytes32 _item) {\n require(!isEmpty(_q), \"Empty\");\n _item = _q.queue[_q.first];\n }\n\n /// @notice Returns true if queue is empty and false if otherwise\n function isEmpty(Queue storage _q) internal view returns (bool) {\n return _q.last < _q.first;\n }\n\n /// @notice Returns number of elements in queue\n function length(Queue storage _q) internal view returns (uint256) {\n uint128 _last = _q.last;\n uint128 _first = _q.first;\n // Cannot underflow unless state is corrupted\n return _length(_last, _first);\n }\n\n /// @notice Returns number of elements between `_last` and `_first` (used internally)\n function _length(uint128 _last, uint128 _first) internal pure returns (uint256) {\n return uint256(_last + 1 - _first);\n }\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/libs/Merkle.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n// work based on eth2 deposit contract, which is used under CC0-1.0\n\n/**\n * @title MerkleLib\n * @author Illusory Systems Inc.\n * @notice An incremental merkle tree modeled on the eth2 deposit contract.\n **/\nlibrary MerkleLib {\n uint256 internal constant TREE_DEPTH = 32;\n uint256 internal constant MAX_LEAVES = 2**TREE_DEPTH - 1;\n\n /**\n * @notice Struct representing incremental merkle tree. Contains current\n * branch and the number of inserted leaves in the tree.\n **/\n struct Tree {\n bytes32[TREE_DEPTH] branch;\n uint256 count;\n }\n\n /**\n * @notice Inserts `_node` into merkle tree\n * @dev Reverts if tree is full\n * @param _node Element to insert into tree\n **/\n function insert(Tree storage _tree, bytes32 _node) internal {\n require(_tree.count < MAX_LEAVES, \"merkle tree full\");\n\n _tree.count += 1;\n uint256 size = _tree.count;\n for (uint256 i = 0; i < TREE_DEPTH; i++) {\n if ((size & 1) == 1) {\n _tree.branch[i] = _node;\n return;\n }\n _node = keccak256(abi.encodePacked(_tree.branch[i], _node));\n size /= 2;\n }\n // As the loop should always end prematurely with the `return` statement,\n // this code should be unreachable. We assert `false` just to be safe.\n assert(false);\n }\n\n /**\n * @notice Calculates and returns`_tree`'s current root given array of zero\n * hashes\n * @param _zeroes Array of zero hashes\n * @return _current Calculated root of `_tree`\n **/\n function rootWithCtx(Tree storage _tree, bytes32[TREE_DEPTH] memory _zeroes)\n internal\n view\n returns (bytes32 _current)\n {\n uint256 _index = _tree.count;\n\n for (uint256 i = 0; i < TREE_DEPTH; i++) {\n uint256 _ithBit = (_index >> i) & 0x01;\n bytes32 _next = _tree.branch[i];\n if (_ithBit == 1) {\n _current = keccak256(abi.encodePacked(_next, _current));\n } else {\n _current = keccak256(abi.encodePacked(_current, _zeroes[i]));\n }\n }\n }\n\n /// @notice Calculates and returns`_tree`'s current root\n function root(Tree storage _tree) internal view returns (bytes32) {\n return rootWithCtx(_tree, zeroHashes());\n }\n\n /// @notice Returns array of TREE_DEPTH zero hashes\n /// @return _zeroes Array of TREE_DEPTH zero hashes\n function zeroHashes() internal pure returns (bytes32[TREE_DEPTH] memory _zeroes) {\n _zeroes[0] = Z_0;\n _zeroes[1] = Z_1;\n _zeroes[2] = Z_2;\n _zeroes[3] = Z_3;\n _zeroes[4] = Z_4;\n _zeroes[5] = Z_5;\n _zeroes[6] = Z_6;\n _zeroes[7] = Z_7;\n _zeroes[8] = Z_8;\n _zeroes[9] = Z_9;\n _zeroes[10] = Z_10;\n _zeroes[11] = Z_11;\n _zeroes[12] = Z_12;\n _zeroes[13] = Z_13;\n _zeroes[14] = Z_14;\n _zeroes[15] = Z_15;\n _zeroes[16] = Z_16;\n _zeroes[17] = Z_17;\n _zeroes[18] = Z_18;\n _zeroes[19] = Z_19;\n _zeroes[20] = Z_20;\n _zeroes[21] = Z_21;\n _zeroes[22] = Z_22;\n _zeroes[23] = Z_23;\n _zeroes[24] = Z_24;\n _zeroes[25] = Z_25;\n _zeroes[26] = Z_26;\n _zeroes[27] = Z_27;\n _zeroes[28] = Z_28;\n _zeroes[29] = Z_29;\n _zeroes[30] = Z_30;\n _zeroes[31] = Z_31;\n }\n\n /**\n * @notice Calculates and returns the merkle root for the given leaf\n * `_item`, a merkle branch, and the index of `_item` in the tree.\n * @param _item Merkle leaf\n * @param _branch Merkle proof\n * @param _index Index of `_item` in tree\n * @return _current Calculated merkle root\n **/\n function branchRoot(\n bytes32 _item,\n bytes32[TREE_DEPTH] memory _branch,\n uint256 _index\n ) internal pure returns (bytes32 _current) {\n _current = _item;\n\n for (uint256 i = 0; i < TREE_DEPTH; i++) {\n uint256 _ithBit = (_index >> i) & 0x01;\n bytes32 _next = _branch[i];\n if (_ithBit == 1) {\n _current = keccak256(abi.encodePacked(_next, _current));\n } else {\n _current = keccak256(abi.encodePacked(_current, _next));\n }\n }\n }\n\n // keccak256 zero hashes\n bytes32 internal constant Z_0 = hex\"0000000000000000000000000000000000000000000000000000000000000000\";\n bytes32 internal constant Z_1 = hex\"ad3228b676f7d3cd4284a5443f17f1962b36e491b30a40b2405849e597ba5fb5\";\n bytes32 internal constant Z_2 = hex\"b4c11951957c6f8f642c4af61cd6b24640fec6dc7fc607ee8206a99e92410d30\";\n bytes32 internal constant Z_3 = hex\"21ddb9a356815c3fac1026b6dec5df3124afbadb485c9ba5a3e3398a04b7ba85\";\n bytes32 internal constant Z_4 = hex\"e58769b32a1beaf1ea27375a44095a0d1fb664ce2dd358e7fcbfb78c26a19344\";\n bytes32 internal constant Z_5 = hex\"0eb01ebfc9ed27500cd4dfc979272d1f0913cc9f66540d7e8005811109e1cf2d\";\n bytes32 internal constant Z_6 = hex\"887c22bd8750d34016ac3c66b5ff102dacdd73f6b014e710b51e8022af9a1968\";\n bytes32 internal constant Z_7 = hex\"ffd70157e48063fc33c97a050f7f640233bf646cc98d9524c6b92bcf3ab56f83\";\n bytes32 internal constant Z_8 = hex\"9867cc5f7f196b93bae1e27e6320742445d290f2263827498b54fec539f756af\";\n bytes32 internal constant Z_9 = hex\"cefad4e508c098b9a7e1d8feb19955fb02ba9675585078710969d3440f5054e0\";\n bytes32 internal constant Z_10 = hex\"f9dc3e7fe016e050eff260334f18a5d4fe391d82092319f5964f2e2eb7c1c3a5\";\n bytes32 internal constant Z_11 = hex\"f8b13a49e282f609c317a833fb8d976d11517c571d1221a265d25af778ecf892\";\n bytes32 internal constant Z_12 = hex\"3490c6ceeb450aecdc82e28293031d10c7d73bf85e57bf041a97360aa2c5d99c\";\n bytes32 internal constant Z_13 = hex\"c1df82d9c4b87413eae2ef048f94b4d3554cea73d92b0f7af96e0271c691e2bb\";\n bytes32 internal constant Z_14 = hex\"5c67add7c6caf302256adedf7ab114da0acfe870d449a3a489f781d659e8becc\";\n bytes32 internal constant Z_15 = hex\"da7bce9f4e8618b6bd2f4132ce798cdc7a60e7e1460a7299e3c6342a579626d2\";\n bytes32 internal constant Z_16 = hex\"2733e50f526ec2fa19a22b31e8ed50f23cd1fdf94c9154ed3a7609a2f1ff981f\";\n bytes32 internal constant Z_17 = hex\"e1d3b5c807b281e4683cc6d6315cf95b9ade8641defcb32372f1c126e398ef7a\";\n bytes32 internal constant Z_18 = hex\"5a2dce0a8a7f68bb74560f8f71837c2c2ebbcbf7fffb42ae1896f13f7c7479a0\";\n bytes32 internal constant Z_19 = hex\"b46a28b6f55540f89444f63de0378e3d121be09e06cc9ded1c20e65876d36aa0\";\n bytes32 internal constant Z_20 = hex\"c65e9645644786b620e2dd2ad648ddfcbf4a7e5b1a3a4ecfe7f64667a3f0b7e2\";\n bytes32 internal constant Z_21 = hex\"f4418588ed35a2458cffeb39b93d26f18d2ab13bdce6aee58e7b99359ec2dfd9\";\n bytes32 internal constant Z_22 = hex\"5a9c16dc00d6ef18b7933a6f8dc65ccb55667138776f7dea101070dc8796e377\";\n bytes32 internal constant Z_23 = hex\"4df84f40ae0c8229d0d6069e5c8f39a7c299677a09d367fc7b05e3bc380ee652\";\n bytes32 internal constant Z_24 = hex\"cdc72595f74c7b1043d0e1ffbab734648c838dfb0527d971b602bc216c9619ef\";\n bytes32 internal constant Z_25 = hex\"0abf5ac974a1ed57f4050aa510dd9c74f508277b39d7973bb2dfccc5eeb0618d\";\n bytes32 internal constant Z_26 = hex\"b8cd74046ff337f0a7bf2c8e03e10f642c1886798d71806ab1e888d9e5ee87d0\";\n bytes32 internal constant Z_27 = hex\"838c5655cb21c6cb83313b5a631175dff4963772cce9108188b34ac87c81c41e\";\n bytes32 internal constant Z_28 = hex\"662ee4dd2dd7b2bc707961b1e646c4047669dcb6584f0d8d770daf5d7e7deb2e\";\n bytes32 internal constant Z_29 = hex\"388ab20e2573d171a88108e79d820e98f26c0b84aa8b2f4aa4968dbb818ea322\";\n bytes32 internal constant Z_30 = hex\"93237c50ba75ee485f4c22adf2f741400bdf8d6a9cc7df7ecae576221665d735\";\n bytes32 internal constant Z_31 = hex\"8448818bb4ae4562849e949e17ac16e0be16688e156b5cf15e098c627c0056a9\";\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/libs/Message.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n// import \"@summa-tx/memview-sol/contracts/TypedMemView.sol\";\n\nimport \"./TypedMemView.sol\";\n\nimport {TypeCasts} from \"./TypeCasts.sol\";\n\n/**\n * @title Message Library\n * @author Illusory Systems Inc.\n * @notice Library for formatted messages used by Home and Replica.\n **/\nlibrary Message {\n using TypedMemView for bytes;\n using TypedMemView for bytes29;\n\n // Number of bytes in formatted message before `body` field\n uint256 internal constant PREFIX_LENGTH = 76;\n\n /**\n * @notice Returns formatted (packed) message with provided fields\n * @param _originDomain Domain of home chain\n * @param _sender Address of sender as bytes32\n * @param _nonce Destination-specific nonce\n * @param _destinationDomain Domain of destination chain\n * @param _recipient Address of recipient on destination chain as bytes32\n * @param _messageBody Raw bytes of message body\n * @return Formatted message\n **/\n function formatMessage(\n uint32 _originDomain,\n bytes32 _sender,\n uint32 _nonce,\n uint32 _destinationDomain,\n bytes32 _recipient,\n bytes memory _messageBody\n ) internal pure returns (bytes memory) {\n return abi.encodePacked(_originDomain, _sender, _nonce, _destinationDomain, _recipient, _messageBody);\n }\n\n /**\n * @notice Returns leaf of formatted message with provided fields.\n * @param _origin Domain of home chain\n * @param _sender Address of sender as bytes32\n * @param _nonce Destination-specific nonce number\n * @param _destination Domain of destination chain\n * @param _recipient Address of recipient on destination chain as bytes32\n * @param _body Raw bytes of message body\n * @return Leaf (hash) of formatted message\n **/\n function messageHash(\n uint32 _origin,\n bytes32 _sender,\n uint32 _nonce,\n uint32 _destination,\n bytes32 _recipient,\n bytes memory _body\n ) internal pure returns (bytes32) {\n return keccak256(formatMessage(_origin, _sender, _nonce, _destination, _recipient, _body));\n }\n\n /// @notice Returns message's origin field\n function origin(bytes29 _message) internal pure returns (uint32) {\n return uint32(_message.indexUint(0, 4));\n }\n\n /// @notice Returns message's sender field\n function sender(bytes29 _message) internal pure returns (bytes32) {\n return _message.index(4, 32);\n }\n\n /// @notice Returns message's nonce field\n function nonce(bytes29 _message) internal pure returns (uint32) {\n return uint32(_message.indexUint(36, 4));\n }\n\n /// @notice Returns message's destination field\n function destination(bytes29 _message) internal pure returns (uint32) {\n return uint32(_message.indexUint(40, 4));\n }\n\n /// @notice Returns message's recipient field as bytes32\n function recipient(bytes29 _message) internal pure returns (bytes32) {\n return _message.index(44, 32);\n }\n\n /// @notice Returns message's recipient field as an address\n function recipientAddress(bytes29 _message) internal pure returns (address) {\n return TypeCasts.bytes32ToAddress(recipient(_message));\n }\n\n /// @notice Returns message's body field as bytes29 (refer to TypedMemView library for details on bytes29 type)\n function body(bytes29 _message) internal pure returns (bytes29) {\n return _message.slice(PREFIX_LENGTH, _message.len() - PREFIX_LENGTH, 0);\n }\n\n function leaf(bytes29 _message) internal view returns (bytes32) {\n return\n messageHash(\n origin(_message),\n sender(_message),\n nonce(_message),\n destination(_message),\n recipient(_message),\n TypedMemView.clone(body(_message))\n );\n }\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/contracts/Merkle.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n// ============ Internal Imports ============\nimport {MerkleLib} from \"../libs/Merkle.sol\";\n\n/**\n * @title MerkleTreeManager\n * @author Illusory Systems Inc.\n * @notice Contains a Merkle tree instance and\n * exposes view functions for the tree.\n */\ncontract MerkleTreeManager {\n // ============ Libraries ============\n\n using MerkleLib for MerkleLib.Tree;\n MerkleLib.Tree public tree;\n\n // ============ Upgrade Gap ============\n\n // gap for upgrade safety\n uint256[49] private __GAP;\n\n // ============ Public Functions ============\n\n /**\n * @notice Calculates and returns tree's current root\n */\n function root() public view returns (bytes32) {\n return tree.root();\n }\n\n /**\n * @notice Returns the number of inserted leaves in the tree (current index)\n */\n function count() public view returns (uint256) {\n return tree.count;\n }\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/contracts/Queue.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n// ============ Internal Imports ============\nimport {QueueLib} from \"../libs/Queue.sol\";\n// ============ External Imports ============\nimport {Initializable} from \"@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol\";\n\n/**\n * @title QueueManager\n * @author Illusory Systems Inc.\n * @notice Contains a queue instance and\n * exposes view functions for the queue.\n **/\ncontract QueueManager is Initializable {\n // ============ Libraries ============\n\n using QueueLib for QueueLib.Queue;\n QueueLib.Queue internal queue;\n\n // ============ Upgrade Gap ============\n\n // gap for upgrade safety\n uint256[49] private __GAP;\n\n // ============ Initializer ============\n\n function __QueueManager_initialize() internal initializer {\n queue.initialize();\n }\n\n // ============ Public Functions ============\n\n /**\n * @notice Returns number of elements in queue\n */\n function queueLength() external view returns (uint256) {\n return queue.length();\n }\n\n /**\n * @notice Returns TRUE iff `_item` is in the queue\n */\n function queueContains(bytes32 _item) external view returns (bool) {\n return queue.contains(_item);\n }\n\n /**\n * @notice Returns last item enqueued to the queue\n */\n function queueEnd() external view returns (bytes32) {\n return queue.lastItem();\n }\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/interfaces/IUpdaterManager.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\ninterface IUpdaterManager {\n function slashUpdater(address payable _reporter) external;\n\n function updater() external view returns (address);\n}\n" }, "@openzeppelin/contracts/utils/cryptography/ECDSA.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.5.0) (utils/cryptography/ECDSA.sol)\n\npragma solidity ^0.8.0;\n\nimport \"../Strings.sol\";\n\n/**\n * @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.\n *\n * These functions can be used to verify that a message was signed by the holder\n * of the private keys of a given address.\n */\nlibrary ECDSA {\n enum RecoverError {\n NoError,\n InvalidSignature,\n InvalidSignatureLength,\n InvalidSignatureS,\n InvalidSignatureV\n }\n\n function _throwError(RecoverError error) private pure {\n if (error == RecoverError.NoError) {\n return; // no error: do nothing\n } else if (error == RecoverError.InvalidSignature) {\n revert(\"ECDSA: invalid signature\");\n } else if (error == RecoverError.InvalidSignatureLength) {\n revert(\"ECDSA: invalid signature length\");\n } else if (error == RecoverError.InvalidSignatureS) {\n revert(\"ECDSA: invalid signature 's' value\");\n } else if (error == RecoverError.InvalidSignatureV) {\n revert(\"ECDSA: invalid signature 'v' value\");\n }\n }\n\n /**\n * @dev Returns the address that signed a hashed message (`hash`) with\n * `signature` or error string. This address can then be used for verification purposes.\n *\n * The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:\n * this function rejects them by requiring the `s` value to be in the lower\n * half order, and the `v` value to be either 27 or 28.\n *\n * IMPORTANT: `hash` _must_ be the result of a hash operation for the\n * verification to be secure: it is possible to craft signatures that\n * recover to arbitrary addresses for non-hashed data. A safe way to ensure\n * this is by receiving a hash of the original message (which may otherwise\n * be too long), and then calling {toEthSignedMessageHash} on it.\n *\n * Documentation for signature generation:\n * - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]\n * - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]\n *\n * _Available since v4.3._\n */\n function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError) {\n // Check the signature length\n // - case 65: r,s,v signature (standard)\n // - case 64: r,vs signature (cf https://eips.ethereum.org/EIPS/eip-2098) _Available since v4.1._\n if (signature.length == 65) {\n bytes32 r;\n bytes32 s;\n uint8 v;\n // ecrecover takes the signature parameters, and the only way to get them\n // currently is to use assembly.\n assembly {\n r := mload(add(signature, 0x20))\n s := mload(add(signature, 0x40))\n v := byte(0, mload(add(signature, 0x60)))\n }\n return tryRecover(hash, v, r, s);\n } else if (signature.length == 64) {\n bytes32 r;\n bytes32 vs;\n // ecrecover takes the signature parameters, and the only way to get them\n // currently is to use assembly.\n assembly {\n r := mload(add(signature, 0x20))\n vs := mload(add(signature, 0x40))\n }\n return tryRecover(hash, r, vs);\n } else {\n return (address(0), RecoverError.InvalidSignatureLength);\n }\n }\n\n /**\n * @dev Returns the address that signed a hashed message (`hash`) with\n * `signature`. This address can then be used for verification purposes.\n *\n * The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:\n * this function rejects them by requiring the `s` value to be in the lower\n * half order, and the `v` value to be either 27 or 28.\n *\n * IMPORTANT: `hash` _must_ be the result of a hash operation for the\n * verification to be secure: it is possible to craft signatures that\n * recover to arbitrary addresses for non-hashed data. A safe way to ensure\n * this is by receiving a hash of the original message (which may otherwise\n * be too long), and then calling {toEthSignedMessageHash} on it.\n */\n function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {\n (address recovered, RecoverError error) = tryRecover(hash, signature);\n _throwError(error);\n return recovered;\n }\n\n /**\n * @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.\n *\n * See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]\n *\n * _Available since v4.3._\n */\n function tryRecover(\n bytes32 hash,\n bytes32 r,\n bytes32 vs\n ) internal pure returns (address, RecoverError) {\n bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);\n uint8 v = uint8((uint256(vs) >> 255) + 27);\n return tryRecover(hash, v, r, s);\n }\n\n /**\n * @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.\n *\n * _Available since v4.2._\n */\n function recover(\n bytes32 hash,\n bytes32 r,\n bytes32 vs\n ) internal pure returns (address) {\n (address recovered, RecoverError error) = tryRecover(hash, r, vs);\n _throwError(error);\n return recovered;\n }\n\n /**\n * @dev Overload of {ECDSA-tryRecover} that receives the `v`,\n * `r` and `s` signature fields separately.\n *\n * _Available since v4.3._\n */\n function tryRecover(\n bytes32 hash,\n uint8 v,\n bytes32 r,\n bytes32 s\n ) internal pure returns (address, RecoverError) {\n // EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature\n // unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines\n // the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most\n // signatures from current libraries generate a unique signature with an s-value in the lower half order.\n //\n // If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value\n // with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or\n // vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept\n // these malleable signatures as well.\n if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {\n return (address(0), RecoverError.InvalidSignatureS);\n }\n if (v != 27 && v != 28) {\n return (address(0), RecoverError.InvalidSignatureV);\n }\n\n // If the signature is valid (and not malleable), return the signer address\n address signer = ecrecover(hash, v, r, s);\n if (signer == address(0)) {\n return (address(0), RecoverError.InvalidSignature);\n }\n\n return (signer, RecoverError.NoError);\n }\n\n /**\n * @dev Overload of {ECDSA-recover} that receives the `v`,\n * `r` and `s` signature fields separately.\n */\n function recover(\n bytes32 hash,\n uint8 v,\n bytes32 r,\n bytes32 s\n ) internal pure returns (address) {\n (address recovered, RecoverError error) = tryRecover(hash, v, r, s);\n _throwError(error);\n return recovered;\n }\n\n /**\n * @dev Returns an Ethereum Signed Message, created from a `hash`. This\n * produces hash corresponding to the one signed with the\n * https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]\n * JSON-RPC method as part of EIP-191.\n *\n * See {recover}.\n */\n function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32) {\n // 32 is the length in bytes of hash,\n // enforced by the type signature above\n return keccak256(abi.encodePacked(\"\\x19Ethereum Signed Message:\\n32\", hash));\n }\n\n /**\n * @dev Returns an Ethereum Signed Message, created from `s`. This\n * produces hash corresponding to the one signed with the\n * https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]\n * JSON-RPC method as part of EIP-191.\n *\n * See {recover}.\n */\n function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32) {\n return keccak256(abi.encodePacked(\"\\x19Ethereum Signed Message:\\n\", Strings.toString(s.length), s));\n }\n\n /**\n * @dev Returns an Ethereum Signed Typed Data, created from a\n * `domainSeparator` and a `structHash`. This produces hash corresponding\n * to the one signed with the\n * https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]\n * JSON-RPC method as part of EIP-712.\n *\n * See {recover}.\n */\n function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32) {\n return keccak256(abi.encodePacked(\"\\x19\\x01\", domainSeparator, structHash));\n }\n}\n" }, "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.6.0) (proxy/utils/Initializable.sol)\n\npragma solidity ^0.8.2;\n\nimport \"../../utils/AddressUpgradeable.sol\";\n\n/**\n * @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed\n * behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an\n * external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer\n * function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.\n *\n * The initialization functions use a version number. Once a version number is used, it is consumed and cannot be\n * reused. This mechanism prevents re-execution of each \"step\" but allows the creation of new initialization steps in\n * case an upgrade adds a module that needs to be initialized.\n *\n * For example:\n *\n * [.hljs-theme-light.nopadding]\n * ```\n * contract MyToken is ERC20Upgradeable {\n * function initialize() initializer public {\n * __ERC20_init(\"MyToken\", \"MTK\");\n * }\n * }\n * contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {\n * function initializeV2() reinitializer(2) public {\n * __ERC20Permit_init(\"MyToken\");\n * }\n * }\n * ```\n *\n * TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as\n * possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.\n *\n * CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure\n * that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.\n *\n * [CAUTION]\n * ====\n * Avoid leaving a contract uninitialized.\n *\n * An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation\n * contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke\n * the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:\n *\n * [.hljs-theme-light.nopadding]\n * ```\n * /// @custom:oz-upgrades-unsafe-allow constructor\n * constructor() {\n * _disableInitializers();\n * }\n * ```\n * ====\n */\nabstract contract Initializable {\n /**\n * @dev Indicates that the contract has been initialized.\n * @custom:oz-retyped-from bool\n */\n uint8 private _initialized;\n\n /**\n * @dev Indicates that the contract is in the process of being initialized.\n */\n bool private _initializing;\n\n /**\n * @dev Triggered when the contract has been initialized or reinitialized.\n */\n event Initialized(uint8 version);\n\n /**\n * @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,\n * `onlyInitializing` functions can be used to initialize parent contracts. Equivalent to `reinitializer(1)`.\n */\n modifier initializer() {\n bool isTopLevelCall = _setInitializedVersion(1);\n if (isTopLevelCall) {\n _initializing = true;\n }\n _;\n if (isTopLevelCall) {\n _initializing = false;\n emit Initialized(1);\n }\n }\n\n /**\n * @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the\n * contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be\n * used to initialize parent contracts.\n *\n * `initializer` is equivalent to `reinitializer(1)`, so a reinitializer may be used after the original\n * initialization step. This is essential to configure modules that are added through upgrades and that require\n * initialization.\n *\n * Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in\n * a contract, executing them in the right order is up to the developer or operator.\n */\n modifier reinitializer(uint8 version) {\n bool isTopLevelCall = _setInitializedVersion(version);\n if (isTopLevelCall) {\n _initializing = true;\n }\n _;\n if (isTopLevelCall) {\n _initializing = false;\n emit Initialized(version);\n }\n }\n\n /**\n * @dev Modifier to protect an initialization function so that it can only be invoked by functions with the\n * {initializer} and {reinitializer} modifiers, directly or indirectly.\n */\n modifier onlyInitializing() {\n require(_initializing, \"Initializable: contract is not initializing\");\n _;\n }\n\n /**\n * @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.\n * Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized\n * to any version. It is recommended to use this to lock implementation contracts that are designed to be called\n * through proxies.\n */\n function _disableInitializers() internal virtual {\n _setInitializedVersion(type(uint8).max);\n }\n\n function _setInitializedVersion(uint8 version) private returns (bool) {\n // If the contract is initializing we ignore whether _initialized is set in order to support multiple\n // inheritance patterns, but we only do this in the context of a constructor, and for the lowest level\n // of initializers, because in other contexts the contract may have been reentered.\n if (_initializing) {\n require(\n version == 1 && !AddressUpgradeable.isContract(address(this)),\n \"Initializable: contract is already initialized\"\n );\n return false;\n } else {\n require(_initialized < version, \"Initializable: contract is already initialized\");\n _initialized = version;\n return true;\n }\n }\n}\n" }, "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (access/Ownable.sol)\n\npragma solidity ^0.8.0;\n\nimport \"../utils/ContextUpgradeable.sol\";\nimport \"../proxy/utils/Initializable.sol\";\n\n/**\n * @dev Contract module which provides a basic access control mechanism, where\n * there is an account (an owner) that can be granted exclusive access to\n * specific functions.\n *\n * By default, the owner account will be the one that deploys the contract. This\n * can later be changed with {transferOwnership}.\n *\n * This module is used through inheritance. It will make available the modifier\n * `onlyOwner`, which can be applied to your functions to restrict their use to\n * the owner.\n */\nabstract contract OwnableUpgradeable is Initializable, ContextUpgradeable {\n address private _owner;\n\n event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);\n\n /**\n * @dev Initializes the contract setting the deployer as the initial owner.\n */\n function __Ownable_init() internal onlyInitializing {\n __Ownable_init_unchained();\n }\n\n function __Ownable_init_unchained() internal onlyInitializing {\n _transferOwnership(_msgSender());\n }\n\n /**\n * @dev Returns the address of the current owner.\n */\n function owner() public view virtual returns (address) {\n return _owner;\n }\n\n /**\n * @dev Throws if called by any account other than the owner.\n */\n modifier onlyOwner() {\n require(owner() == _msgSender(), \"Ownable: caller is not the owner\");\n _;\n }\n\n /**\n * @dev Leaves the contract without owner. It will not be possible to call\n * `onlyOwner` functions anymore. Can only be called by the current owner.\n *\n * NOTE: Renouncing ownership will leave the contract without an owner,\n * thereby removing any functionality that is only available to the owner.\n */\n function renounceOwnership() public virtual onlyOwner {\n _transferOwnership(address(0));\n }\n\n /**\n * @dev Transfers ownership of the contract to a new account (`newOwner`).\n * Can only be called by the current owner.\n */\n function transferOwnership(address newOwner) public virtual onlyOwner {\n require(newOwner != address(0), \"Ownable: new owner is the zero address\");\n _transferOwnership(newOwner);\n }\n\n /**\n * @dev Transfers ownership of the contract to a new account (`newOwner`).\n * Internal function without access restriction.\n */\n function _transferOwnership(address newOwner) internal virtual {\n address oldOwner = _owner;\n _owner = newOwner;\n emit OwnershipTransferred(oldOwner, newOwner);\n }\n\n /**\n * @dev This empty reserved space is put in place to allow future versions to add new\n * variables without shifting down storage in the inheritance chain.\n * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n */\n uint256[49] private __gap;\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/libs/TypedMemView.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.8.11;\n\nlibrary TypedMemView {\n // Why does this exist?\n // the solidity `bytes memory` type has a few weaknesses.\n // 1. You can't index ranges effectively\n // 2. You can't slice without copying\n // 3. The underlying data may represent any type\n // 4. Solidity never deallocates memory, and memory costs grow\n // superlinearly\n\n // By using a memory view instead of a `bytes memory` we get the following\n // advantages:\n // 1. Slices are done on the stack, by manipulating the pointer\n // 2. We can index arbitrary ranges and quickly convert them to stack types\n // 3. We can insert type info into the pointer, and typecheck at runtime\n\n // This makes `TypedMemView` a useful tool for efficient zero-copy\n // algorithms.\n\n // Why bytes29?\n // We want to avoid confusion between views, digests, and other common\n // types so we chose a large and uncommonly used odd number of bytes\n //\n // Note that while bytes are left-aligned in a word, integers and addresses\n // are right-aligned. This means when working in assembly we have to\n // account for the 3 unused bytes on the righthand side\n //\n // First 5 bytes are a type flag.\n // - ff_ffff_fffe is reserved for unknown type.\n // - ff_ffff_ffff is reserved for invalid types/errors.\n // next 12 are memory address\n // next 12 are len\n // bottom 3 bytes are empty\n\n // Assumptions:\n // - non-modification of memory.\n // - No Solidity updates\n // - - wrt free mem point\n // - - wrt bytes representation in memory\n // - - wrt memory addressing in general\n\n // Usage:\n // - create type constants\n // - use `assertType` for runtime type assertions\n // - - unfortunately we can't do this at compile time yet :(\n // - recommended: implement modifiers that perform type checking\n // - - e.g.\n // - - `uint40 constant MY_TYPE = 3;`\n // - - ` modifer onlyMyType(bytes29 myView) { myView.assertType(MY_TYPE); }`\n // - instantiate a typed view from a bytearray using `ref`\n // - use `index` to inspect the contents of the view\n // - use `slice` to create smaller views into the same memory\n // - - `slice` can increase the offset\n // - - `slice can decrease the length`\n // - - must specify the output type of `slice`\n // - - `slice` will return a null view if you try to overrun\n // - - make sure to explicitly check for this with `notNull` or `assertType`\n // - use `equal` for typed comparisons.\n\n // The null view\n bytes29 public constant NULL = hex\"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\";\n uint256 constant LOW_12_MASK = 0xffffffffffffffffffffffff;\n uint8 constant TWELVE_BYTES = 96;\n\n /**\n * @notice Returns the encoded hex character that represents the lower 4 bits of the argument.\n * @param _b The byte\n * @return char - The encoded hex character\n */\n function nibbleHex(uint8 _b) internal pure returns (uint8 char) {\n // This can probably be done more efficiently, but it's only in error\n // paths, so we don't really care :)\n uint8 _nibble = _b | 0xf0; // set top 4, keep bottom 4\n if (_nibble == 0xf0) {\n return 0x30;\n } // 0\n if (_nibble == 0xf1) {\n return 0x31;\n } // 1\n if (_nibble == 0xf2) {\n return 0x32;\n } // 2\n if (_nibble == 0xf3) {\n return 0x33;\n } // 3\n if (_nibble == 0xf4) {\n return 0x34;\n } // 4\n if (_nibble == 0xf5) {\n return 0x35;\n } // 5\n if (_nibble == 0xf6) {\n return 0x36;\n } // 6\n if (_nibble == 0xf7) {\n return 0x37;\n } // 7\n if (_nibble == 0xf8) {\n return 0x38;\n } // 8\n if (_nibble == 0xf9) {\n return 0x39;\n } // 9\n if (_nibble == 0xfa) {\n return 0x61;\n } // a\n if (_nibble == 0xfb) {\n return 0x62;\n } // b\n if (_nibble == 0xfc) {\n return 0x63;\n } // c\n if (_nibble == 0xfd) {\n return 0x64;\n } // d\n if (_nibble == 0xfe) {\n return 0x65;\n } // e\n if (_nibble == 0xff) {\n return 0x66;\n } // f\n }\n\n /**\n * @notice Returns a uint16 containing the hex-encoded byte.\n * @param _b The byte\n * @return encoded - The hex-encoded byte\n */\n function byteHex(uint8 _b) internal pure returns (uint16 encoded) {\n encoded |= nibbleHex(_b >> 4); // top 4 bits\n encoded <<= 8;\n encoded |= nibbleHex(_b); // lower 4 bits\n }\n\n /**\n * @notice Encodes the uint256 to hex. `first` contains the encoded top 16 bytes.\n * `second` contains the encoded lower 16 bytes.\n *\n * @param _b The 32 bytes as uint256\n * @return first - The top 16 bytes\n * @return second - The bottom 16 bytes\n */\n function encodeHex(uint256 _b) internal pure returns (uint256 first, uint256 second) {\n for (uint8 i = 31; i > 15; ) {\n uint8 _byte = uint8(_b >> (i * 8));\n first |= byteHex(_byte);\n if (i != 16) {\n first <<= 16;\n }\n unchecked {\n i -= 1;\n }\n }\n\n // abusing underflow here =_=\n for (uint8 i = 15; i < 255; ) {\n uint8 _byte = uint8(_b >> (i * 8));\n second |= byteHex(_byte);\n if (i != 0) {\n second <<= 16;\n }\n unchecked {\n i -= 1;\n }\n }\n }\n\n /**\n * @notice Changes the endianness of a uint256.\n * @dev https://graphics.stanford.edu/~seander/bithacks.html#ReverseParallel\n * @param _b The unsigned integer to reverse\n * @return v - The reversed value\n */\n function reverseUint256(uint256 _b) internal pure returns (uint256 v) {\n v = _b;\n\n // swap bytes\n v =\n ((v >> 8) & 0x00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF) |\n ((v & 0x00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF) << 8);\n // swap 2-byte long pairs\n v =\n ((v >> 16) & 0x0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF) |\n ((v & 0x0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF) << 16);\n // swap 4-byte long pairs\n v =\n ((v >> 32) & 0x00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF) |\n ((v & 0x00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF) << 32);\n // swap 8-byte long pairs\n v =\n ((v >> 64) & 0x0000000000000000FFFFFFFFFFFFFFFF0000000000000000FFFFFFFFFFFFFFFF) |\n ((v & 0x0000000000000000FFFFFFFFFFFFFFFF0000000000000000FFFFFFFFFFFFFFFF) << 64);\n // swap 16-byte long pairs\n v = (v >> 128) | (v << 128);\n }\n\n /**\n * @notice Create a mask with the highest `_len` bits set.\n * @param _len The length\n * @return mask - The mask\n */\n function leftMask(uint8 _len) private pure returns (uint256 mask) {\n // ugly. redo without assembly?\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n mask := sar(sub(_len, 1), 0x8000000000000000000000000000000000000000000000000000000000000000)\n }\n }\n\n /**\n * @notice Return the null view.\n * @return bytes29 - The null view\n */\n function nullView() internal pure returns (bytes29) {\n return NULL;\n }\n\n /**\n * @notice Check if the view is null.\n * @return bool - True if the view is null\n */\n function isNull(bytes29 memView) internal pure returns (bool) {\n return memView == NULL;\n }\n\n /**\n * @notice Check if the view is not null.\n * @return bool - True if the view is not null\n */\n function notNull(bytes29 memView) internal pure returns (bool) {\n return !isNull(memView);\n }\n\n /**\n * @notice Check if the view is of a valid type and points to a valid location\n * in memory.\n * @dev We perform this check by examining solidity's unallocated memory\n * pointer and ensuring that the view's upper bound is less than that.\n * @param memView The view\n * @return ret - True if the view is valid\n */\n function isValid(bytes29 memView) internal pure returns (bool ret) {\n if (typeOf(memView) == 0xffffffffff) {\n return false;\n }\n uint256 _end = end(memView);\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n ret := not(gt(_end, mload(0x40)))\n }\n }\n\n /**\n * @notice Require that a typed memory view be valid.\n * @dev Returns the view for easy chaining.\n * @param memView The view\n * @return bytes29 - The validated view\n */\n function assertValid(bytes29 memView) internal pure returns (bytes29) {\n require(isValid(memView), \"Validity assertion failed\");\n return memView;\n }\n\n /**\n * @notice Return true if the memview is of the expected type. Otherwise false.\n * @param memView The view\n * @param _expected The expected type\n * @return bool - True if the memview is of the expected type\n */\n function isType(bytes29 memView, uint40 _expected) internal pure returns (bool) {\n return typeOf(memView) == _expected;\n }\n\n /**\n * @notice Require that a typed memory view has a specific type.\n * @dev Returns the view for easy chaining.\n * @param memView The view\n * @param _expected The expected type\n * @return bytes29 - The view with validated type\n */\n function assertType(bytes29 memView, uint40 _expected) internal pure returns (bytes29) {\n if (!isType(memView, _expected)) {\n (, uint256 g) = encodeHex(uint256(typeOf(memView)));\n (, uint256 e) = encodeHex(uint256(_expected));\n string memory err = string(\n abi.encodePacked(\"Type assertion failed. Got 0x\", uint80(g), \". Expected 0x\", uint80(e))\n );\n revert(err);\n }\n return memView;\n }\n\n /**\n * @notice Return an identical view with a different type.\n * @param memView The view\n * @param _newType The new type\n * @return newView - The new view with the specified type\n */\n function castTo(bytes29 memView, uint40 _newType) internal pure returns (bytes29 newView) {\n // then | in the new type\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n // shift off the top 5 bytes\n newView := or(newView, shr(40, shl(40, memView)))\n newView := or(newView, shl(216, _newType))\n }\n }\n\n /**\n * @notice Unsafe raw pointer construction. This should generally not be called\n * directly. Prefer `ref` wherever possible.\n * @dev Unsafe raw pointer construction. This should generally not be called\n * directly. Prefer `ref` wherever possible.\n * @param _type The type\n * @param _loc The memory address\n * @param _len The length\n * @return newView - The new view with the specified type, location and length\n */\n function unsafeBuildUnchecked(\n uint256 _type,\n uint256 _loc,\n uint256 _len\n ) private pure returns (bytes29 newView) {\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n newView := shl(96, or(newView, _type)) // insert type\n newView := shl(96, or(newView, _loc)) // insert loc\n newView := shl(24, or(newView, _len)) // empty bottom 3 bytes\n }\n }\n\n /**\n * @notice Instantiate a new memory view. This should generally not be called\n * directly. Prefer `ref` wherever possible.\n * @dev Instantiate a new memory view. This should generally not be called\n * directly. Prefer `ref` wherever possible.\n * @param _type The type\n * @param _loc The memory address\n * @param _len The length\n * @return newView - The new view with the specified type, location and length\n */\n function build(\n uint256 _type,\n uint256 _loc,\n uint256 _len\n ) internal pure returns (bytes29 newView) {\n uint256 _end = _loc + _len;\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n if gt(_end, mload(0x40)) {\n _end := 0\n }\n }\n if (_end == 0) {\n return NULL;\n }\n newView = unsafeBuildUnchecked(_type, _loc, _len);\n }\n\n /**\n * @notice Instantiate a memory view from a byte array.\n * @dev Note that due to Solidity memory representation, it is not possible to\n * implement a deref, as the `bytes` type stores its len in memory.\n * @param arr The byte array\n * @param newType The type\n * @return bytes29 - The memory view\n */\n function ref(bytes memory arr, uint40 newType) internal pure returns (bytes29) {\n uint256 _len = arr.length;\n\n uint256 _loc;\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n _loc := add(arr, 0x20) // our view is of the data, not the struct\n }\n\n return build(newType, _loc, _len);\n }\n\n /**\n * @notice Return the associated type information.\n * @param memView The memory view\n * @return _type - The type associated with the view\n */\n function typeOf(bytes29 memView) internal pure returns (uint40 _type) {\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n // 216 == 256 - 40\n _type := shr(216, memView) // shift out lower 24 bytes\n }\n }\n\n /**\n * @notice Optimized type comparison. Checks that the 5-byte type flag is equal.\n * @param left The first view\n * @param right The second view\n * @return bool - True if the 5-byte type flag is equal\n */\n function sameType(bytes29 left, bytes29 right) internal pure returns (bool) {\n return (left ^ right) >> (2 * TWELVE_BYTES) == 0;\n }\n\n /**\n * @notice Return the memory address of the underlying bytes.\n * @param memView The view\n * @return _loc - The memory address\n */\n function loc(bytes29 memView) internal pure returns (uint96 _loc) {\n uint256 _mask = LOW_12_MASK; // assembly can't use globals\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n // 120 bits = 12 bytes (the encoded loc) + 3 bytes (empty low space)\n _loc := and(shr(120, memView), _mask)\n }\n }\n\n /**\n * @notice The number of memory words this memory view occupies, rounded up.\n * @param memView The view\n * @return uint256 - The number of memory words\n */\n function words(bytes29 memView) internal pure returns (uint256) {\n return (uint256(len(memView)) + 32) / 32;\n }\n\n /**\n * @notice The in-memory footprint of a fresh copy of the view.\n * @param memView The view\n * @return uint256 - The in-memory footprint of a fresh copy of the view.\n */\n function footprint(bytes29 memView) internal pure returns (uint256) {\n return words(memView) * 32;\n }\n\n /**\n * @notice The number of bytes of the view.\n * @param memView The view\n * @return _len - The length of the view\n */\n function len(bytes29 memView) internal pure returns (uint96 _len) {\n uint256 _mask = LOW_12_MASK; // assembly can't use globals\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n _len := and(shr(24, memView), _mask)\n }\n }\n\n /**\n * @notice Returns the endpoint of `memView`.\n * @param memView The view\n * @return uint256 - The endpoint of `memView`\n */\n function end(bytes29 memView) internal pure returns (uint256) {\n unchecked {\n return loc(memView) + len(memView);\n }\n }\n\n /**\n * @notice Safe slicing without memory modification.\n * @param memView The view\n * @param _index The start index\n * @param _len The length\n * @param newType The new type\n * @return bytes29 - The new view\n */\n function slice(\n bytes29 memView,\n uint256 _index,\n uint256 _len,\n uint40 newType\n ) internal pure returns (bytes29) {\n uint256 _loc = loc(memView);\n\n // Ensure it doesn't overrun the view\n if (_loc + _index + _len > end(memView)) {\n return NULL;\n }\n\n _loc = _loc + _index;\n return build(newType, _loc, _len);\n }\n\n /**\n * @notice Shortcut to `slice`. Gets a view representing the first `_len` bytes.\n * @param memView The view\n * @param _len The length\n * @param newType The new type\n * @return bytes29 - The new view\n */\n function prefix(\n bytes29 memView,\n uint256 _len,\n uint40 newType\n ) internal pure returns (bytes29) {\n return slice(memView, 0, _len, newType);\n }\n\n /**\n * @notice Shortcut to `slice`. Gets a view representing the last `_len` byte.\n * @param memView The view\n * @param _len The length\n * @param newType The new type\n * @return bytes29 - The new view\n */\n function postfix(\n bytes29 memView,\n uint256 _len,\n uint40 newType\n ) internal pure returns (bytes29) {\n return slice(memView, uint256(len(memView)) - _len, _len, newType);\n }\n\n /**\n * @notice Construct an error message for an indexing overrun.\n * @param _loc The memory address\n * @param _len The length\n * @param _index The index\n * @param _slice The slice where the overrun occurred\n * @return err - The err\n */\n function indexErrOverrun(\n uint256 _loc,\n uint256 _len,\n uint256 _index,\n uint256 _slice\n ) internal pure returns (string memory err) {\n (, uint256 a) = encodeHex(_loc);\n (, uint256 b) = encodeHex(_len);\n (, uint256 c) = encodeHex(_index);\n (, uint256 d) = encodeHex(_slice);\n err = string(\n abi.encodePacked(\n \"TypedMemView/index - Overran the view. Slice is at 0x\",\n uint48(a),\n \" with length 0x\",\n uint48(b),\n \". Attempted to index at offset 0x\",\n uint48(c),\n \" with length 0x\",\n uint48(d),\n \".\"\n )\n );\n }\n\n /**\n * @notice Load up to 32 bytes from the view onto the stack.\n * @dev Returns a bytes32 with only the `_bytes` highest bytes set.\n * This can be immediately cast to a smaller fixed-length byte array.\n * To automatically cast to an integer, use `indexUint`.\n * @param memView The view\n * @param _index The index\n * @param _bytes The bytes\n * @return result - The 32 byte result\n */\n function index(\n bytes29 memView,\n uint256 _index,\n uint8 _bytes\n ) internal pure returns (bytes32 result) {\n if (_bytes == 0) {\n return bytes32(0);\n }\n if (_index + _bytes > len(memView)) {\n revert(indexErrOverrun(loc(memView), len(memView), _index, uint256(_bytes)));\n }\n require(_bytes <= 32, \"TypedMemView/index - Attempted to index more than 32 bytes\");\n\n uint8 bitLength;\n unchecked {\n bitLength = _bytes * 8;\n }\n uint256 _loc = loc(memView);\n uint256 _mask = leftMask(bitLength);\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n result := and(mload(add(_loc, _index)), _mask)\n }\n }\n\n /**\n * @notice Parse an unsigned integer from the view at `_index`.\n * @dev Requires that the view have >= `_bytes` bytes following that index.\n * @param memView The view\n * @param _index The index\n * @param _bytes The bytes\n * @return result - The unsigned integer\n */\n function indexUint(\n bytes29 memView,\n uint256 _index,\n uint8 _bytes\n ) internal pure returns (uint256 result) {\n return uint256(index(memView, _index, _bytes)) >> ((32 - _bytes) * 8);\n }\n\n /**\n * @notice Parse an unsigned integer from LE bytes.\n * @param memView The view\n * @param _index The index\n * @param _bytes The bytes\n * @return result - The unsigned integer\n */\n function indexLEUint(\n bytes29 memView,\n uint256 _index,\n uint8 _bytes\n ) internal pure returns (uint256 result) {\n return reverseUint256(uint256(index(memView, _index, _bytes)));\n }\n\n /**\n * @notice Parse an address from the view at `_index`. Requires that the view have >= 20 bytes\n * following that index.\n * @param memView The view\n * @param _index The index\n * @return address - The address\n */\n function indexAddress(bytes29 memView, uint256 _index) internal pure returns (address) {\n return address(uint160(indexUint(memView, _index, 20)));\n }\n\n /**\n * @notice Return the keccak256 hash of the underlying memory\n * @param memView The view\n * @return digest - The keccak256 hash of the underlying memory\n */\n function keccak(bytes29 memView) internal pure returns (bytes32 digest) {\n uint256 _loc = loc(memView);\n uint256 _len = len(memView);\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n digest := keccak256(_loc, _len)\n }\n }\n\n /**\n * @notice Return the sha2 digest of the underlying memory.\n * @dev We explicitly deallocate memory afterwards.\n * @param memView The view\n * @return digest - The sha2 hash of the underlying memory\n */\n function sha2(bytes29 memView) internal view returns (bytes32 digest) {\n uint256 _loc = loc(memView);\n uint256 _len = len(memView);\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n let ptr := mload(0x40)\n pop(staticcall(gas(), 2, _loc, _len, ptr, 0x20)) // sha2 #1\n digest := mload(ptr)\n }\n }\n\n /**\n * @notice Implements bitcoin's hash160 (rmd160(sha2()))\n * @param memView The pre-image\n * @return digest - the Digest\n */\n function hash160(bytes29 memView) internal view returns (bytes20 digest) {\n uint256 _loc = loc(memView);\n uint256 _len = len(memView);\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n let ptr := mload(0x40)\n pop(staticcall(gas(), 2, _loc, _len, ptr, 0x20)) // sha2\n pop(staticcall(gas(), 3, ptr, 0x20, ptr, 0x20)) // rmd160\n digest := mload(add(ptr, 0xc)) // return value is 0-prefixed.\n }\n }\n\n /**\n * @notice Implements bitcoin's hash256 (double sha2)\n * @param memView A view of the preimage\n * @return digest - the Digest\n */\n function hash256(bytes29 memView) internal view returns (bytes32 digest) {\n uint256 _loc = loc(memView);\n uint256 _len = len(memView);\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n let ptr := mload(0x40)\n pop(staticcall(gas(), 2, _loc, _len, ptr, 0x20)) // sha2 #1\n pop(staticcall(gas(), 2, ptr, 0x20, ptr, 0x20)) // sha2 #2\n digest := mload(ptr)\n }\n }\n\n /**\n * @notice Return true if the underlying memory is equal. Else false.\n * @param left The first view\n * @param right The second view\n * @return bool - True if the underlying memory is equal\n */\n function untypedEqual(bytes29 left, bytes29 right) internal pure returns (bool) {\n return (loc(left) == loc(right) && len(left) == len(right)) || keccak(left) == keccak(right);\n }\n\n /**\n * @notice Return false if the underlying memory is equal. Else true.\n * @param left The first view\n * @param right The second view\n * @return bool - False if the underlying memory is equal\n */\n function untypedNotEqual(bytes29 left, bytes29 right) internal pure returns (bool) {\n return !untypedEqual(left, right);\n }\n\n /**\n * @notice Compares type equality.\n * @dev Shortcuts if the pointers are identical, otherwise compares type and digest.\n * @param left The first view\n * @param right The second view\n * @return bool - True if the types are the same\n */\n function equal(bytes29 left, bytes29 right) internal pure returns (bool) {\n return left == right || (typeOf(left) == typeOf(right) && keccak(left) == keccak(right));\n }\n\n /**\n * @notice Compares type inequality.\n * @dev Shortcuts if the pointers are identical, otherwise compares type and digest.\n * @param left The first view\n * @param right The second view\n * @return bool - True if the types are not the same\n */\n function notEqual(bytes29 left, bytes29 right) internal pure returns (bool) {\n return !equal(left, right);\n }\n\n /**\n * @notice Copy the view to a location, return an unsafe memory reference\n * @dev Super Dangerous direct memory access.\n *\n * This reference can be overwritten if anything else modifies memory (!!!).\n * As such it MUST be consumed IMMEDIATELY.\n * This function is private to prevent unsafe usage by callers.\n * @param memView The view\n * @param _newLoc The new location\n * @return written - the unsafe memory reference\n */\n function unsafeCopyTo(bytes29 memView, uint256 _newLoc) private view returns (bytes29 written) {\n require(notNull(memView), \"TypedMemView/copyTo - Null pointer deref\");\n require(isValid(memView), \"TypedMemView/copyTo - Invalid pointer deref\");\n uint256 _len = len(memView);\n uint256 _oldLoc = loc(memView);\n\n uint256 ptr;\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n ptr := mload(0x40)\n // revert if we're writing in occupied memory\n if gt(ptr, _newLoc) {\n revert(0x60, 0x20) // empty revert message\n }\n\n // use the identity precompile to copy\n // guaranteed not to fail, so pop the success\n pop(staticcall(gas(), 4, _oldLoc, _len, _newLoc, _len))\n }\n\n written = unsafeBuildUnchecked(typeOf(memView), _newLoc, _len);\n }\n\n /**\n * @notice Copies the referenced memory to a new loc in memory, returning a `bytes` pointing to\n * the new memory\n * @dev Shortcuts if the pointers are identical, otherwise compares type and digest.\n * @param memView The view\n * @return ret - The view pointing to the new memory\n */\n function clone(bytes29 memView) internal view returns (bytes memory ret) {\n uint256 ptr;\n uint256 _len = len(memView);\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n ptr := mload(0x40) // load unused memory pointer\n ret := ptr\n }\n unchecked {\n unsafeCopyTo(memView, ptr + 0x20);\n }\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n mstore(0x40, add(add(ptr, _len), 0x20)) // write new unused pointer\n mstore(ptr, _len) // write len of new array (in bytes)\n }\n }\n\n /**\n * @notice Join the views in memory, return an unsafe reference to the memory.\n * @dev Super Dangerous direct memory access.\n *\n * This reference can be overwritten if anything else modifies memory (!!!).\n * As such it MUST be consumed IMMEDIATELY.\n * This function is private to prevent unsafe usage by callers.\n * @param memViews The views\n * @return unsafeView - The conjoined view pointing to the new memory\n */\n function unsafeJoin(bytes29[] memory memViews, uint256 _location) private view returns (bytes29 unsafeView) {\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n let ptr := mload(0x40)\n // revert if we're writing in occupied memory\n if gt(ptr, _location) {\n revert(0x60, 0x20) // empty revert message\n }\n }\n\n uint256 _offset = 0;\n for (uint256 i = 0; i < memViews.length; i++) {\n bytes29 memView = memViews[i];\n unchecked {\n unsafeCopyTo(memView, _location + _offset);\n _offset += len(memView);\n }\n }\n unsafeView = unsafeBuildUnchecked(0, _location, _offset);\n }\n\n /**\n * @notice Produce the keccak256 digest of the concatenated contents of multiple views.\n * @param memViews The views\n * @return bytes32 - The keccak256 digest\n */\n function joinKeccak(bytes29[] memory memViews) internal view returns (bytes32) {\n uint256 ptr;\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n ptr := mload(0x40) // load unused memory pointer\n }\n return keccak(unsafeJoin(memViews, ptr));\n }\n\n /**\n * @notice Produce the sha256 digest of the concatenated contents of multiple views.\n * @param memViews The views\n * @return bytes32 - The sha256 digest\n */\n function joinSha2(bytes29[] memory memViews) internal view returns (bytes32) {\n uint256 ptr;\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n ptr := mload(0x40) // load unused memory pointer\n }\n return sha2(unsafeJoin(memViews, ptr));\n }\n\n /**\n * @notice copies all views, joins them into a new bytearray.\n * @param memViews The views\n * @return ret - The new byte array\n */\n function join(bytes29[] memory memViews) internal view returns (bytes memory ret) {\n uint256 ptr;\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n ptr := mload(0x40) // load unused memory pointer\n }\n\n bytes29 _newView;\n unchecked {\n _newView = unsafeJoin(memViews, ptr + 0x20);\n }\n uint256 _written = len(_newView);\n uint256 _footprint = footprint(_newView);\n\n assembly {\n // solhint-disable-previous-line no-inline-assembly\n // store the legnth\n mstore(ptr, _written)\n // new pointer is old + 0x20 + the footprint of the body\n mstore(0x40, add(add(ptr, _footprint), 0x20))\n ret := ptr\n }\n }\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/libs/TypeCasts.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n// import \"@summa-tx/memview-sol/contracts/TypedMemView.sol\";\nimport \"./TypedMemView.sol\";\n\nlibrary TypeCasts {\n using TypedMemView for bytes;\n using TypedMemView for bytes29;\n\n function coerceBytes32(string memory _s) internal pure returns (bytes32 _b) {\n _b = bytes(_s).ref(0).index(0, uint8(bytes(_s).length));\n }\n\n // treat it as a null-terminated string of max 32 bytes\n function coerceString(bytes32 _buf) internal pure returns (string memory _newStr) {\n uint8 _slen = 0;\n while (_slen < 32 && _buf[_slen] != 0) {\n _slen++;\n }\n\n // solhint-disable-next-line no-inline-assembly\n assembly {\n _newStr := mload(0x40)\n mstore(0x40, add(_newStr, 0x40)) // may end up with extra\n mstore(_newStr, _slen)\n mstore(add(_newStr, 0x20), _buf)\n }\n }\n\n // alignment preserving cast\n function addressToBytes32(address _addr) internal pure returns (bytes32) {\n return bytes32(uint256(uint160(_addr)));\n }\n\n // alignment preserving cast\n function bytes32ToAddress(bytes32 _buf) internal pure returns (address) {\n return address(uint160(uint256(_buf)));\n }\n}\n" }, "@openzeppelin/contracts/utils/Strings.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (utils/Strings.sol)\n\npragma solidity ^0.8.0;\n\n/**\n * @dev String operations.\n */\nlibrary Strings {\n bytes16 private constant _HEX_SYMBOLS = \"0123456789abcdef\";\n\n /**\n * @dev Converts a `uint256` to its ASCII `string` decimal representation.\n */\n function toString(uint256 value) internal pure returns (string memory) {\n // Inspired by OraclizeAPI's implementation - MIT licence\n // https://github.com/oraclize/ethereum-api/blob/b42146b063c7d6ee1358846c198246239e9360e8/oraclizeAPI_0.4.25.sol\n\n if (value == 0) {\n return \"0\";\n }\n uint256 temp = value;\n uint256 digits;\n while (temp != 0) {\n digits++;\n temp /= 10;\n }\n bytes memory buffer = new bytes(digits);\n while (value != 0) {\n digits -= 1;\n buffer[digits] = bytes1(uint8(48 + uint256(value % 10)));\n value /= 10;\n }\n return string(buffer);\n }\n\n /**\n * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.\n */\n function toHexString(uint256 value) internal pure returns (string memory) {\n if (value == 0) {\n return \"0x00\";\n }\n uint256 temp = value;\n uint256 length = 0;\n while (temp != 0) {\n length++;\n temp >>= 8;\n }\n return toHexString(value, length);\n }\n\n /**\n * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.\n */\n function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {\n bytes memory buffer = new bytes(2 * length + 2);\n buffer[0] = \"0\";\n buffer[1] = \"x\";\n for (uint256 i = 2 * length + 1; i > 1; --i) {\n buffer[i] = _HEX_SYMBOLS[value & 0xf];\n value >>= 4;\n }\n require(value == 0, \"Strings: hex length insufficient\");\n return string(buffer);\n }\n}\n" }, "@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.5.0) (utils/Address.sol)\n\npragma solidity ^0.8.1;\n\n/**\n * @dev Collection of functions related to the address type\n */\nlibrary AddressUpgradeable {\n /**\n * @dev Returns true if `account` is a contract.\n *\n * [IMPORTANT]\n * ====\n * It is unsafe to assume that an address for which this function returns\n * false is an externally-owned account (EOA) and not a contract.\n *\n * Among others, `isContract` will return false for the following\n * types of addresses:\n *\n * - an externally-owned account\n * - a contract in construction\n * - an address where a contract will be created\n * - an address where a contract lived, but was destroyed\n * ====\n *\n * [IMPORTANT]\n * ====\n * You shouldn't rely on `isContract` to protect against flash loan attacks!\n *\n * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets\n * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract\n * constructor.\n * ====\n */\n function isContract(address account) internal view returns (bool) {\n // This method relies on extcodesize/address.code.length, which returns 0\n // for contracts in construction, since the code is only stored at the end\n // of the constructor execution.\n\n return account.code.length > 0;\n }\n\n /**\n * @dev Replacement for Solidity's `transfer`: sends `amount` wei to\n * `recipient`, forwarding all available gas and reverting on errors.\n *\n * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost\n * of certain opcodes, possibly making contracts go over the 2300 gas limit\n * imposed by `transfer`, making them unable to receive funds via\n * `transfer`. {sendValue} removes this limitation.\n *\n * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].\n *\n * IMPORTANT: because control is transferred to `recipient`, care must be\n * taken to not create reentrancy vulnerabilities. Consider using\n * {ReentrancyGuard} or the\n * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].\n */\n function sendValue(address payable recipient, uint256 amount) internal {\n require(address(this).balance >= amount, \"Address: insufficient balance\");\n\n (bool success, ) = recipient.call{value: amount}(\"\");\n require(success, \"Address: unable to send value, recipient may have reverted\");\n }\n\n /**\n * @dev Performs a Solidity function call using a low level `call`. A\n * plain `call` is an unsafe replacement for a function call: use this\n * function instead.\n *\n * If `target` reverts with a revert reason, it is bubbled up by this\n * function (like regular Solidity function calls).\n *\n * Returns the raw returned data. To convert to the expected return value,\n * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].\n *\n * Requirements:\n *\n * - `target` must be a contract.\n * - calling `target` with `data` must not revert.\n *\n * _Available since v3.1._\n */\n function functionCall(address target, bytes memory data) internal returns (bytes memory) {\n return functionCall(target, data, \"Address: low-level call failed\");\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with\n * `errorMessage` as a fallback revert reason when `target` reverts.\n *\n * _Available since v3.1._\n */\n function functionCall(\n address target,\n bytes memory data,\n string memory errorMessage\n ) internal returns (bytes memory) {\n return functionCallWithValue(target, data, 0, errorMessage);\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n * but also transferring `value` wei to `target`.\n *\n * Requirements:\n *\n * - the calling contract must have an ETH balance of at least `value`.\n * - the called Solidity function must be `payable`.\n *\n * _Available since v3.1._\n */\n function functionCallWithValue(\n address target,\n bytes memory data,\n uint256 value\n ) internal returns (bytes memory) {\n return functionCallWithValue(target, data, value, \"Address: low-level call with value failed\");\n }\n\n /**\n * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but\n * with `errorMessage` as a fallback revert reason when `target` reverts.\n *\n * _Available since v3.1._\n */\n function functionCallWithValue(\n address target,\n bytes memory data,\n uint256 value,\n string memory errorMessage\n ) internal returns (bytes memory) {\n require(address(this).balance >= value, \"Address: insufficient balance for call\");\n require(isContract(target), \"Address: call to non-contract\");\n\n (bool success, bytes memory returndata) = target.call{value: value}(data);\n return verifyCallResult(success, returndata, errorMessage);\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n * but performing a static call.\n *\n * _Available since v3.3._\n */\n function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {\n return functionStaticCall(target, data, \"Address: low-level static call failed\");\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],\n * but performing a static call.\n *\n * _Available since v3.3._\n */\n function functionStaticCall(\n address target,\n bytes memory data,\n string memory errorMessage\n ) internal view returns (bytes memory) {\n require(isContract(target), \"Address: static call to non-contract\");\n\n (bool success, bytes memory returndata) = target.staticcall(data);\n return verifyCallResult(success, returndata, errorMessage);\n }\n\n /**\n * @dev Tool to verifies that a low level call was successful, and revert if it wasn't, either by bubbling the\n * revert reason using the provided one.\n *\n * _Available since v4.3._\n */\n function verifyCallResult(\n bool success,\n bytes memory returndata,\n string memory errorMessage\n ) internal pure returns (bytes memory) {\n if (success) {\n return returndata;\n } else {\n // Look for revert reason and bubble it up if present\n if (returndata.length > 0) {\n // The easiest way to bubble the revert reason is using memory via assembly\n\n assembly {\n let returndata_size := mload(returndata)\n revert(add(32, returndata), returndata_size)\n }\n } else {\n revert(errorMessage);\n }\n }\n }\n}\n" }, "@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)\n\npragma solidity ^0.8.0;\nimport \"../proxy/utils/Initializable.sol\";\n\n/**\n * @dev Provides information about the current execution context, including the\n * sender of the transaction and its data. While these are generally available\n * via msg.sender and msg.data, they should not be accessed in such a direct\n * manner, since when dealing with meta-transactions the account sending and\n * paying for execution may not be the actual sender (as far as an application\n * is concerned).\n *\n * This contract is only required for intermediate, library-like contracts.\n */\nabstract contract ContextUpgradeable is Initializable {\n function __Context_init() internal onlyInitializing {\n }\n\n function __Context_init_unchained() internal onlyInitializing {\n }\n function _msgSender() internal view virtual returns (address) {\n return msg.sender;\n }\n\n function _msgData() internal view virtual returns (bytes calldata) {\n return msg.data;\n }\n\n /**\n * @dev This empty reserved space is put in place to allow future versions to add new\n * variables without shifting down storage in the inheritance chain.\n * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n */\n uint256[50] private __gap;\n}\n" }, "@connext/nxtp-contracts/contracts/core/promise/PromiseRouter.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity 0.8.15;\n\nimport {Home} from \"../../nomad-core/contracts/Home.sol\";\nimport {TypedMemView} from \"../../nomad-core/libs/TypedMemView.sol\";\n\nimport {AddressUpgradeable} from \"@openzeppelin/contracts-upgradeable/utils/AddressUpgradeable.sol\";\nimport {ReentrancyGuardUpgradeable} from \"@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol\";\n\nimport {IConnextHandler} from \"../connext/interfaces/IConnextHandler.sol\";\nimport {IBridgeToken} from \"../connext/interfaces/IBridgeToken.sol\";\n\nimport {Router} from \"../shared/Router.sol\";\nimport {XAppConnectionClient} from \"../shared/XAppConnectionClient.sol\";\nimport {Version} from \"../shared/Version.sol\";\n\nimport {ICallback} from \"./interfaces/ICallback.sol\";\nimport {PromiseMessage} from \"./libraries/PromiseMessage.sol\";\n\n/**\n * @title PromiseRouter\n */\ncontract PromiseRouter is Version, Router, ReentrancyGuardUpgradeable {\n // ============ Libraries ============\n\n using TypedMemView for bytes;\n using TypedMemView for bytes29;\n using PromiseMessage for bytes29;\n\n // ========== Custom Errors ===========\n\n error PromiseRouter__onlyConnext_notConnext();\n error PromiseRouter__send_returndataEmpty();\n error PromiseRouter__send_callbackEmpty();\n error PromiseRouter__process_invalidTransferId();\n error PromiseRouter__process_invalidMessage();\n error PromiseRouter__process_notApprovedRelayer();\n error PromiseRouter__process_insufficientCallbackFee();\n error PromiseRouter__process_notContractCallback();\n error PromiseRouter__bumpCallbackFee_valueIsZero();\n error PromiseRouter__bumpCallbackFee_messageUnavailable();\n error PromiseRouter__initCallbackFee_valueIsZero();\n\n // ============ Public Storage ============\n\n IConnextHandler public connext;\n\n /**\n * @notice Mapping of transferId to promise callback messages\n * @dev While handling the message, it will parse transferId from incomming message and store the message in the mapping\n */\n mapping(bytes32 => bytes32) public messageHashes;\n\n /**\n * @notice Mapping of transferId to callback fee\n * @dev This will track all the callback fees for each transferId.\n * Can add while xcall or bumping callback fee\n */\n mapping(bytes32 => uint256) public callbackFees;\n\n // ============ Upgrade Gap ============\n\n // gap for upgrade safety\n uint256[49] private __GAP;\n\n // ======== Events =========\n\n /**\n * @notice Emitted when a promise callback has been sent from this domain\n * @param domain The domain where to execute the callback\n * @param remote Remote PromiseRouter address\n * @param transferId The transferId\n * @param callbackAddress The address of the callback\n * @param success The return success from the execution on the destination domain\n * @param data The returnData from the execution on the destination domain\n * @param message The message sent to the destination domain\n */\n event Send(\n uint32 domain,\n bytes32 remote,\n bytes32 transferId,\n address callbackAddress,\n bool success,\n bytes data,\n bytes message\n );\n\n /**\n * @notice Emitted when a promise callback message has arrived to this domain\n * @param originAndNonce Domain where the transfer originated and the unique identifier\n * for the message from origin to destination, combined in a single field ((origin << 32) & nonce)\n * @param origin Domain where the transfer originated\n * @param transferId The transferId\n * @param callbackAddress The address of the callback\n * @param success The return success from the execution on the destination domain\n * @param data The returnData from the execution on the destination domain\n * @param message The message sent to the destination domain\n */\n event Receive(\n uint64 indexed originAndNonce,\n uint32 indexed origin,\n bytes32 transferId,\n address callbackAddress,\n bool success,\n bytes data,\n bytes message\n );\n\n /**\n * @notice Emitted when transaction fee for callback added\n * @param transferId The transferId\n * @param addedFee The fee amount that added newly\n * @param totalFee The total fee amount, can be bumped by multiple times\n * @param caller The transaction caller\n */\n event CallbackFeeAdded(bytes32 indexed transferId, uint256 addedFee, uint256 totalFee, address caller);\n\n /**\n * @notice Emitted when callback function executed\n * @param transferId The transferId\n * @param relayer The address of the relayer which executed the callback\n */\n event CallbackExecuted(bytes32 indexed transferId, address relayer);\n\n /**\n * @notice Emitted when a new Connext address is set\n * @param connext The new connext address\n */\n event SetConnext(address indexed connext);\n\n // ============ Modifiers ============\n\n /**\n * @notice Restricts the caller to the local bridge router\n */\n modifier onlyConnext() {\n if (msg.sender != address(connext)) revert PromiseRouter__onlyConnext_notConnext();\n _;\n }\n\n // ======== Initializer ========\n\n function initialize(address _xAppConnectionManager) public initializer {\n __XAppConnectionClient_initialize(_xAppConnectionManager);\n }\n\n /**\n * @notice Sets the Connext.\n * @dev Connext and relayer fee router store references to each other\n * @param _connext The address of the Connext implementation\n */\n function setConnext(address _connext) external onlyOwner {\n connext = IConnextHandler(_connext);\n emit SetConnext(_connext);\n }\n\n // ======== External: Send PromiseCallback =========\n\n /**\n * @notice Sends a request to execute callback in the originated domain\n * @param _domain The domain where to execute callback\n * @param _transferId The transferId\n * @param _callbackAddress A callback address to be called when promise callback is received\n * @param _returnSuccess The returnSuccess from the execution\n * @param _returnData The returnData from the execution\n */\n function send(\n uint32 _domain,\n bytes32 _transferId,\n address _callbackAddress,\n bool _returnSuccess,\n bytes calldata _returnData\n ) external onlyConnext {\n if (_returnData.length == 0) revert PromiseRouter__send_returndataEmpty();\n if (_callbackAddress == address(0)) revert PromiseRouter__send_callbackEmpty();\n\n // get remote PromiseRouter address; revert if not found\n bytes32 remote = _mustHaveRemote(_domain);\n\n bytes memory message = PromiseMessage.formatPromiseCallback(\n _transferId,\n _callbackAddress,\n _returnSuccess,\n _returnData\n );\n\n xAppConnectionManager.home().dispatch(_domain, remote, message);\n\n // emit Send event\n emit Send(_domain, remote, _transferId, _callbackAddress, _returnSuccess, _returnData, message);\n }\n\n // ======== External: Handle =========\n\n /**\n * @notice Handles an incoming message\n * @param _origin The origin domain\n * @param _nonce The unique identifier for the message from origin to destination\n * @param _sender The sender address\n * @param _message The message\n */\n function handle(\n uint32 _origin,\n uint32 _nonce,\n bytes32 _sender,\n bytes memory _message\n ) external override onlyReplica onlyRemoteRouter(_origin, _sender) {\n // parse transferId, callbackAddress, callData from message\n bytes29 _msg = _message.ref(0).mustBePromiseCallback();\n\n bytes32 transferId = _msg.transferId();\n address callbackAddress = _msg.callbackAddress();\n bool success = _msg.returnSuccess();\n bytes memory data = _msg.returnData();\n\n // store Promise message\n messageHashes[transferId] = _msg.keccak();\n\n // emit Receive event\n emit Receive(_originAndNonce(_origin, _nonce), _origin, transferId, callbackAddress, success, data, _message);\n }\n\n /**\n * @notice Process stored callback function\n * @param transferId The transferId to process\n */\n function process(bytes32 transferId, bytes calldata _message) public nonReentrant {\n // parse out the return data and callback address from message\n bytes32 messageHash = messageHashes[transferId];\n if (messageHash == bytes32(0)) revert PromiseRouter__process_invalidTransferId();\n\n bytes29 _msg = _message.ref(0).mustBePromiseCallback();\n if (messageHash != _msg.keccak()) revert PromiseRouter__process_invalidMessage();\n\n // enforce relayer is whitelisted by calling local connext contract\n if (!connext.approvedRelayers(msg.sender)) revert PromiseRouter__process_notApprovedRelayer();\n\n address callbackAddress = _msg.callbackAddress();\n\n if (!AddressUpgradeable.isContract(callbackAddress)) revert PromiseRouter__process_notContractCallback();\n\n uint256 callbackFee = callbackFees[transferId];\n\n // remove message\n delete messageHashes[transferId];\n\n // remove callback fees\n callbackFees[transferId] = 0;\n\n // execute callback\n ICallback(callbackAddress).callback(transferId, _msg.returnSuccess(), _msg.returnData());\n\n emit CallbackExecuted(transferId, msg.sender);\n\n // Should transfer the stored relayer fee to the msg.sender\n if (callbackFee != 0) {\n AddressUpgradeable.sendValue(payable(msg.sender), callbackFee);\n }\n }\n\n /**\n * @notice This function will be called on the origin domain to init the callback fee while xcall\n * @param _transferId - The unique identifier of the crosschain transaction\n */\n function initCallbackFee(bytes32 _transferId) external payable onlyConnext {\n if (msg.value == 0) revert PromiseRouter__initCallbackFee_valueIsZero();\n\n callbackFees[_transferId] += msg.value;\n\n emit CallbackFeeAdded(_transferId, msg.value, callbackFees[_transferId], msg.sender);\n }\n\n /**\n * @notice This function will be called on the origin domain to increase the callback fee\n * @param _transferId - The unique identifier of the crosschain transaction\n */\n function bumpCallbackFee(bytes32 _transferId) external payable {\n if (msg.value == 0) revert PromiseRouter__bumpCallbackFee_valueIsZero();\n\n // use the presence of the message to evaluate if the fee should be bumped.\n // this is to check that the user is not bumping a transferId that does not exist, or they\n // are not bumping the fees of a transfer that has already been processed.\n // the other options are to (a) track process status in a separate mapping (3 mappings updated)\n // on process) or (b) use the callbackFees mapping and require the callback fees are nonzero\n // on xcall (preventing 0-fee callbacks)\n if (messageHashes[_transferId] == bytes32(0)) revert PromiseRouter__bumpCallbackFee_messageUnavailable();\n\n callbackFees[_transferId] += msg.value;\n\n emit CallbackFeeAdded(_transferId, msg.value, callbackFees[_transferId], msg.sender);\n }\n\n /**\n * @dev explicit override for compiler inheritance\n * @return domain of chain on which the contract is deployed\n */\n function _localDomain() internal view override(XAppConnectionClient) returns (uint32) {\n return XAppConnectionClient._localDomain();\n }\n\n /**\n * @notice Internal utility function that combines\n * `_origin` and `_nonce`.\n * @dev Both origin and nonce should be less than 2^32 - 1\n * @param _origin Domain of chain where the transfer originated\n * @param _nonce The unique identifier for the message from origin to destination\n * @return uint64 (`_origin` << 32) | `_nonce`\n */\n function _originAndNonce(uint32 _origin, uint32 _nonce) internal pure returns (uint64) {\n return (uint64(_origin) << 32) | _nonce;\n }\n}\n" }, "@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (security/ReentrancyGuard.sol)\n\npragma solidity ^0.8.0;\nimport \"../proxy/utils/Initializable.sol\";\n\n/**\n * @dev Contract module that helps prevent reentrant calls to a function.\n *\n * Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier\n * available, which can be applied to functions to make sure there are no nested\n * (reentrant) calls to them.\n *\n * Note that because there is a single `nonReentrant` guard, functions marked as\n * `nonReentrant` may not call one another. This can be worked around by making\n * those functions `private`, and then adding `external` `nonReentrant` entry\n * points to them.\n *\n * TIP: If you would like to learn more about reentrancy and alternative ways\n * to protect against it, check out our blog post\n * https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].\n */\nabstract contract ReentrancyGuardUpgradeable is Initializable {\n // Booleans are more expensive than uint256 or any type that takes up a full\n // word because each write operation emits an extra SLOAD to first read the\n // slot's contents, replace the bits taken up by the boolean, and then write\n // back. This is the compiler's defense against contract upgrades and\n // pointer aliasing, and it cannot be disabled.\n\n // The values being non-zero value makes deployment a bit more expensive,\n // but in exchange the refund on every call to nonReentrant will be lower in\n // amount. Since refunds are capped to a percentage of the total\n // transaction's gas, it is best to keep them low in cases like this one, to\n // increase the likelihood of the full refund coming into effect.\n uint256 private constant _NOT_ENTERED = 1;\n uint256 private constant _ENTERED = 2;\n\n uint256 private _status;\n\n function __ReentrancyGuard_init() internal onlyInitializing {\n __ReentrancyGuard_init_unchained();\n }\n\n function __ReentrancyGuard_init_unchained() internal onlyInitializing {\n _status = _NOT_ENTERED;\n }\n\n /**\n * @dev Prevents a contract from calling itself, directly or indirectly.\n * Calling a `nonReentrant` function from another `nonReentrant`\n * function is not supported. It is possible to prevent this from happening\n * by making the `nonReentrant` function external, and making it call a\n * `private` function that does the actual work.\n */\n modifier nonReentrant() {\n // On the first call to nonReentrant, _notEntered will be true\n require(_status != _ENTERED, \"ReentrancyGuard: reentrant call\");\n\n // Any calls to nonReentrant after this point will fail\n _status = _ENTERED;\n\n _;\n\n // By storing the original value once again, a refund is triggered (see\n // https://eips.ethereum.org/EIPS/eip-2200)\n _status = _NOT_ENTERED;\n }\n\n /**\n * @dev This empty reserved space is put in place to allow future versions to add new\n * variables without shifting down storage in the inheritance chain.\n * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n */\n uint256[49] private __gap;\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/interfaces/IConnextHandler.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\nimport {IERC20} from \"@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol\";\nimport {XAppConnectionManager} from \"../../../nomad-core/contracts/XAppConnectionManager.sol\";\n\nimport {RelayerFeeRouter} from \"../../relayer-fee/RelayerFeeRouter.sol\";\nimport {PromiseRouter} from \"../../promise/PromiseRouter.sol\";\n\nimport {ConnextMessage} from \"../libraries/ConnextMessage.sol\";\nimport {XCallArgs, ExecuteArgs, CallParams} from \"../libraries/LibConnextStorage.sol\";\nimport {SwapUtils} from \"../libraries/SwapUtils.sol\";\n\nimport {IStableSwap} from \"./IStableSwap.sol\";\nimport {ITokenRegistry} from \"./ITokenRegistry.sol\";\nimport {IWrapped} from \"./IWrapped.sol\";\nimport {IExecutor} from \"./IExecutor.sol\";\nimport {ISponsorVault} from \"./ISponsorVault.sol\";\n\nimport {IDiamondCut} from \"./IDiamondCut.sol\";\n\ninterface IConnextHandler {\n // AssetFacet\n function canonicalToAdopted(bytes32 _canonicalId) external view returns (address);\n\n function adoptedToCanonical(address _adopted) external view returns (ConnextMessage.TokenId memory);\n\n function approvedAssets(bytes32 _asset) external view returns (bool);\n\n function adoptedToLocalPools(bytes32 _adopted) external view returns (IStableSwap);\n\n function setupAsset(\n ConnextMessage.TokenId calldata _canonical,\n address _adoptedAssetId,\n address _stableSwapPool\n ) external;\n\n function addStableSwapPool(ConnextMessage.TokenId calldata _canonical, address _stableSwapPool) external;\n\n function removeAssetId(bytes32 _canonicalId, address _adoptedAssetId) external;\n\n // BaseConnextFacet\n function isRouterOwnershipRenounced() external view returns (bool);\n\n function isAssetOwnershipRenounced() external view returns (bool);\n\n function VERSION() external view returns (uint8);\n\n // BridgeFacet\n function relayerFees(bytes32 _transferId) external view returns (uint256);\n\n function routedTransfers(bytes32 _transferId) external view returns (address[] memory);\n\n function reconciledTransfers(bytes32 _transferId) external view returns (bool);\n\n function tokenRegistry() external view returns (ITokenRegistry);\n\n function domain() external view returns (uint256);\n\n function executor() external view returns (IExecutor);\n\n function nonce() external view returns (uint256);\n\n function wrapper() external view returns (IWrapped);\n\n function sponsorVault() external view returns (ISponsorVault);\n\n function promiseRouter() external view returns (PromiseRouter);\n\n function relayerFeeRouer() external view returns (RelayerFeeRouter);\n\n function setTokenRegistry(address _tokenRegistry) external;\n\n function setRelayerFeeRouter(address _relayerFeeRouter) external;\n\n function setPromiseRouter(address payable _promiseRouter) external;\n\n function setExecutor(address _executor) external;\n\n function setWrapper(address _wrapper) external;\n\n function setSponsorVault(address _sponsorVault) external;\n\n function xcall(XCallArgs calldata _args) external payable returns (bytes32);\n\n function handle(\n uint32 _origin,\n uint32 _nonce,\n bytes32 _sender,\n bytes memory _message\n ) external;\n\n function execute(ExecuteArgs calldata _args) external returns (bytes32 transferId);\n\n function bumpTransfer(bytes32 _transferId) external payable;\n\n function forceReceiveLocal(\n CallParams calldata _params,\n uint256 _amount,\n uint256 _nonce,\n bytes32 _canonicalId,\n uint32 _canonicalDomain,\n address _originSender\n ) external payable;\n\n // NomadFacet\n function xAppConnectionManager() external view returns (XAppConnectionManager);\n\n function remotes(uint32 _domain) external view returns (bytes32);\n\n function setXAppConnectionManager(address _xAppConnectionManager) external;\n\n function enrollRemoteRouter(uint32 _domain, bytes32 _router) external;\n\n // ProposedOwnableFacet\n function routerOwnershipRenounced() external view returns (bool);\n\n function assetOwnershipRenounced() external view returns (bool);\n\n function proposedOwnableOwner() external view returns (address);\n\n function proposed() external view returns (address);\n\n function proposedTimestamp() external view returns (uint256);\n\n function routerOwnershipTimestamp() external view returns (uint256);\n\n function assetOwnershipTimestamp() external view returns (uint256);\n\n function delay() external view returns (uint256);\n\n function proposeRouterOwnershipRenunciation() external;\n\n function renounceRouterOwnership() external;\n\n function proposeAssetOwnershipRenunciation() external;\n\n function renounceAssetOwnership() external;\n\n function renounced() external view returns (bool);\n\n function proposeNewOwner(address newlyProposed) external;\n\n function renounceOwnership() external;\n\n function acceptProposedOwner() external;\n\n function pause() external;\n\n function unpause() external;\n\n // RelayerFacet\n function transferRelayer(bytes32 _transferId) external view returns (address);\n\n function approvedRelayers(address _relayer) external view returns (bool);\n\n function relayerFeeRouter() external view returns (RelayerFeeRouter);\n\n function addRelayer(address _relayer) external;\n\n function removeRelayer(address _relayer) external;\n\n function initiateClaim(\n uint32 _domain,\n address _recipient,\n bytes32[] calldata _transferIds\n ) external;\n\n function claim(address _recipient, bytes32[] calldata _transferIds) external;\n\n // RoutersFacet\n function LIQUIDITY_FEE_NUMERATOR() external view returns (uint256);\n\n function LIQUIDITY_FEE_DENOMINATOR() external view returns (uint256);\n\n function getRouterApproval(address _router) external view returns (bool);\n\n function getRouterRecipient(address _router) external view returns (address);\n\n function getRouterOwner(address _router) external view returns (address);\n\n function getProposedRouterOwner(address _router) external view returns (address);\n\n function getProposedRouterOwnerTimestamp(address _router) external view returns (uint256);\n\n function maxRoutersPerTransfer() external view returns (uint256);\n\n function setLiquidityFeeNumerator(uint256 _numerator) external;\n\n function routerBalances(address _router, address _asset) external view returns (uint256);\n\n function setRouterRecipient(address router, address recipient) external;\n\n function proposeRouterOwner(address router, address proposed) external;\n\n function acceptProposedRouterOwner(address router) external;\n\n function setupRouter(\n address router,\n address owner,\n address recipient\n ) external;\n\n function removeRouter(address router) external;\n\n function setMaxRoutersPerTransfer(uint256 _newMaxRouters) external;\n\n function addRouterLiquidityFor(\n uint256 _amount,\n address _local,\n address _router\n ) external payable;\n\n function addRouterLiquidity(uint256 _amount, address _local) external payable;\n\n function removeRouterLiquidityFor(\n uint256 _amount,\n address _local,\n address payable _to,\n address _router\n ) external;\n\n function removeRouterLiquidity(\n uint256 _amount,\n address _local,\n address payable _to\n ) external;\n\n // PortalFacet\n function getRouterApprovalForPortal(address _router) external view returns (bool);\n\n function getAavePortalDebt(bytes32 _transferId) external view returns (uint256);\n\n function getAavePortalFeeDebt(bytes32 _transferId) external view returns (uint256);\n\n function aavePool() external view returns (address);\n\n function aavePortalFee() external view returns (uint256);\n\n function approveRouterForPortal(address _router) external;\n\n function unapproveRouterForPortal(address _router) external;\n\n function setAavePool(address _aavePool) external;\n\n function setAavePortalFee(uint256 _aavePortalFeeNumerator) external;\n\n function repayAavePortal(\n address _asset,\n uint256 _backingAmount,\n uint256 _feeAmount,\n uint256 _maxIn,\n bytes32 _transferId\n ) external;\n\n function repayAavePortalFor(\n address _router,\n address _adopted,\n uint256 _backingAmount,\n uint256 _feeAmount,\n bytes32 _transferId\n ) external;\n\n // StableSwapFacet\n function getSwapStorage(bytes32 canonicalId) external view returns (SwapUtils.Swap memory);\n\n function getSwapLPToken(bytes32 canonicalId) external view returns (address);\n\n function getSwapA(bytes32 canonicalId) external view returns (uint256);\n\n function getSwapAPrecise(bytes32 canonicalId) external view returns (uint256);\n\n function getSwapToken(bytes32 canonicalId, uint8 index) external view returns (IERC20);\n\n function getSwapTokenIndex(bytes32 canonicalId, address tokenAddress) external view returns (uint8);\n\n function getSwapTokenBalance(bytes32 canonicalId, uint8 index) external view returns (uint256);\n\n function getSwapVirtualPrice(bytes32 canonicalId) external view returns (uint256);\n\n function calculateSwap(\n bytes32 canonicalId,\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dx\n ) external view returns (uint256);\n\n function calculateSwapTokenAmount(\n bytes32 canonicalId,\n uint256[] calldata amounts,\n bool deposit\n ) external view returns (uint256);\n\n function calculateRemoveSwapLiquidity(bytes32 canonicalId, uint256 amount) external view returns (uint256[] memory);\n\n function calculateRemoveSwapLiquidityOneToken(\n bytes32 canonicalId,\n uint256 tokenAmount,\n uint8 tokenIndex\n ) external view returns (uint256);\n\n function getSwapAdminBalance(bytes32 canonicalId, uint256 index) external view returns (uint256);\n\n function swap(\n bytes32 canonicalId,\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dx,\n uint256 minDy,\n uint256 deadline\n ) external returns (uint256);\n\n function swapExact(\n bytes32 canonicalId,\n uint256 amountIn,\n address assetIn,\n address assetOut,\n uint256 minAmountOut,\n uint256 deadline\n ) external payable returns (uint256);\n\n function swapExactOut(\n bytes32 canonicalId,\n uint256 amountOut,\n address assetIn,\n address assetOut,\n uint256 maxAmountIn,\n uint256 deadline\n ) external payable returns (uint256);\n\n function addSwapLiquidity(\n bytes32 canonicalId,\n uint256[] calldata amounts,\n uint256 minToMint,\n uint256 deadline\n ) external returns (uint256);\n\n function removeSwapLiquidity(\n bytes32 canonicalId,\n uint256 amount,\n uint256[] calldata minAmounts,\n uint256 deadline\n ) external returns (uint256[] memory);\n\n function removeSwapLiquidityOneToken(\n bytes32 canonicalId,\n uint256 tokenAmount,\n uint8 tokenIndex,\n uint256 minAmount,\n uint256 deadline\n ) external returns (uint256);\n\n function removeSwapLiquidityImbalance(\n bytes32 canonicalId,\n uint256[] calldata amounts,\n uint256 maxBurnAmount,\n uint256 deadline\n ) external returns (uint256);\n\n function initializeSwap(\n bytes32 _canonicalId,\n IERC20[] memory _pooledTokens,\n uint8[] memory decimals,\n string memory lpTokenName,\n string memory lpTokenSymbol,\n uint256 _a,\n uint256 _fee,\n uint256 _adminFee,\n address lpTokenTargetAddress\n ) external;\n\n function withdrawSwapAdminFees(bytes32 canonicalId) external;\n\n function setSwapAdminFee(bytes32 canonicalId, uint256 newAdminFee) external;\n\n function setSwapFee(bytes32 canonicalId, uint256 newSwapFee) external;\n\n function rampA(\n bytes32 canonicalId,\n uint256 futureA,\n uint256 futureTime\n ) external;\n\n function stopRampA(bytes32 canonicalId) external;\n\n // DiamondCutFacet\n function diamondCut(\n IDiamondCut.FacetCut[] calldata _diamondCut,\n address _init,\n bytes calldata _calldata\n ) external;\n\n function proposeDiamondCut(\n IDiamondCut.FacetCut[] calldata _diamondCut,\n address _init,\n bytes calldata _calldata\n ) external;\n\n function rescindDiamondCut(\n IDiamondCut.FacetCut[] calldata _diamondCut,\n address _init,\n bytes calldata _calldata\n ) external;\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/interfaces/IBridgeToken.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity 0.8.15;\n\ninterface IBridgeToken {\n function initialize() external;\n\n function name() external returns (string memory);\n\n function balanceOf(address _account) external view returns (uint256);\n\n function symbol() external view returns (string memory);\n\n function decimals() external view returns (uint8);\n\n function detailsHash() external view returns (bytes32);\n\n function burn(address _from, uint256 _amnt) external;\n\n function mint(address _to, uint256 _amnt) external;\n\n function setDetailsHash(bytes32 _detailsHash) external;\n\n function setDetails(\n string calldata _name,\n string calldata _symbol,\n uint8 _decimals\n ) external;\n\n // inherited from ownable\n function transferOwnership(address _newOwner) external;\n}\n" }, "@connext/nxtp-contracts/contracts/core/shared/Router.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n// ============ Internal Imports ============\nimport {XAppConnectionClient} from \"./XAppConnectionClient.sol\";\n// ============ External Imports ============\nimport {IMessageRecipient} from \"../../nomad-core/interfaces/IMessageRecipient.sol\";\n\nabstract contract Router is XAppConnectionClient, IMessageRecipient {\n // ============ Mutable Storage ============\n\n mapping(uint32 => bytes32) public remotes;\n\n // ============ Upgrade Gap ============\n\n uint256[49] private __GAP; // gap for upgrade safety\n\n // ============ Modifiers ============\n\n /**\n * @notice Only accept messages from a remote Router contract\n * @param _origin The domain the message is coming from\n * @param _router The address the message is coming from\n */\n modifier onlyRemoteRouter(uint32 _origin, bytes32 _router) {\n require(_isRemoteRouter(_origin, _router), \"!remote router\");\n _;\n }\n\n // ============ External functions ============\n\n /**\n * @notice Register the address of a Router contract for the same xApp on a remote chain\n * @param _domain The domain of the remote xApp Router\n * @param _router The address of the remote xApp Router\n */\n function enrollRemoteRouter(uint32 _domain, bytes32 _router) external onlyOwner {\n remotes[_domain] = _router;\n }\n\n // ============ Virtual functions ============\n\n function handle(\n uint32 _origin,\n uint32 _nonce,\n bytes32 _sender,\n bytes memory _message\n ) external virtual override;\n\n // ============ Internal functions ============\n /**\n * @notice Return true if the given domain / router is the address of a remote xApp Router\n * @param _domain The domain of the potential remote xApp Router\n * @param _router The address of the potential remote xApp Router\n */\n function _isRemoteRouter(uint32 _domain, bytes32 _router) internal view returns (bool) {\n return remotes[_domain] == _router;\n }\n\n /**\n * @notice Assert that the given domain has a xApp Router registered and return its address\n * @param _domain The domain of the chain for which to get the xApp Router\n * @return _remote The address of the remote xApp Router on _domain\n */\n function _mustHaveRemote(uint32 _domain) internal view returns (bytes32 _remote) {\n _remote = remotes[_domain];\n require(_remote != bytes32(0), \"!remote\");\n }\n}\n" }, "@connext/nxtp-contracts/contracts/core/shared/XAppConnectionClient.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n// ============ External Imports ============\nimport {Home} from \"../../nomad-core/contracts/Home.sol\";\nimport {XAppConnectionManager} from \"../../nomad-core/contracts/XAppConnectionManager.sol\";\n\nimport {ProposedOwnableUpgradeable} from \"./ProposedOwnable.sol\";\n\nabstract contract XAppConnectionClient is ProposedOwnableUpgradeable {\n // ============ Mutable Storage ============\n\n XAppConnectionManager public xAppConnectionManager;\n\n // ============ Upgrade Gap ============\n\n uint256[49] private __GAP; // gap for upgrade safety\n\n // ============ Modifiers ============\n\n /**\n * @notice Only accept messages from an Nomad Replica contract\n */\n modifier onlyReplica() {\n require(_isReplica(msg.sender), \"!replica\");\n _;\n }\n\n // ======== Initializer =========\n\n function __XAppConnectionClient_initialize(address _xAppConnectionManager) internal initializer {\n xAppConnectionManager = XAppConnectionManager(_xAppConnectionManager);\n __ProposedOwnable_init();\n }\n\n // ============ External functions ============\n\n /**\n * @notice Modify the contract the xApp uses to validate Replica contracts\n * @param _xAppConnectionManager The address of the xAppConnectionManager contract\n */\n function setXAppConnectionManager(address _xAppConnectionManager) external onlyOwner {\n xAppConnectionManager = XAppConnectionManager(_xAppConnectionManager);\n }\n\n // ============ Internal functions ============\n\n /**\n * @notice Get the local Home contract from the xAppConnectionManager\n * @return The local Home contract\n */\n function _home() internal view returns (Home) {\n return xAppConnectionManager.home();\n }\n\n /**\n * @notice Determine whether _potentialReplica is an enrolled Replica from the xAppConnectionManager\n * @return True if _potentialReplica is an enrolled Replica\n */\n function _isReplica(address _potentialReplica) internal view returns (bool) {\n return xAppConnectionManager.isReplica(_potentialReplica);\n }\n\n /**\n * @notice Get the local domain from the xAppConnectionManager\n * @return The local domain\n */\n function _localDomain() internal view virtual returns (uint32) {\n return xAppConnectionManager.localDomain();\n }\n}\n" }, "@connext/nxtp-contracts/contracts/core/shared/Version.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity 0.8.15;\n\n/**\n * @title Version\n * @notice Version getter for contracts\n **/\ncontract Version {\n uint8 public constant VERSION = 0;\n}\n" }, "@connext/nxtp-contracts/contracts/core/promise/interfaces/ICallback.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\ninterface ICallback {\n function callback(\n bytes32 transferId,\n bool success,\n bytes memory data\n ) external;\n}\n" }, "@connext/nxtp-contracts/contracts/core/promise/libraries/PromiseMessage.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity 0.8.15;\n\n// ============ External Imports ============\nimport {TypedMemView} from \"../../../nomad-core/libs/TypedMemView.sol\";\n\nlibrary PromiseMessage {\n // ============ Libraries ============\n\n using TypedMemView for bytes;\n using TypedMemView for bytes29;\n\n // ============ Enums ============\n\n // WARNING: do NOT re-write the numbers / order\n // of message types in an upgrade;\n // will cause in-flight messages to be mis-interpreted\n enum Types {\n Invalid, // 0\n PromiseCallback // 1\n }\n\n // ============ Constants ============\n uint256 private constant IDENTIFIER_LEN = 1;\n // 1 byte identifier + 32 bytes transferId + 20 bytes callback + 1 byte success + 32 bytes length + x bytes data\n // before: 1 byte identifier + 32 bytes transferId + 20 bytes callback + 1 byte success= 54 bytes\n uint256 private constant LENGTH_RETURNDATA_START = 54;\n uint8 private constant LENGTH_RETURNDATA_LEN = 32;\n\n // before: 1 byte identifier + 32 bytes transferId + 20 bytes callback + 1 byte success + 32 bytes length = 86 bytes\n uint256 private constant RETURNDATA_START = 86;\n\n // ============ Modifiers ============\n\n /**\n * @notice Asserts a message is of type `_t`\n * @param _view The message\n * @param _t The expected type\n */\n modifier typeAssert(bytes29 _view, Types _t) {\n _view.assertType(uint40(_t));\n _;\n }\n\n // ============ Formatters ============\n\n /**\n * @notice Formats an promise callback message\n * @param _transferId The address of the relayer\n * @param _callbackAddress The callback address on destination domain\n * @param _returnSuccess The success of the call\n * @param _returnData The return data of the call\n * @return The formatted message\n */\n function formatPromiseCallback(\n bytes32 _transferId,\n address _callbackAddress,\n bool _returnSuccess,\n bytes calldata _returnData\n ) internal pure returns (bytes memory) {\n return\n abi.encodePacked(\n uint8(Types.PromiseCallback),\n _transferId,\n _callbackAddress,\n uint8(_returnSuccess ? 1 : 0),\n _returnData.length,\n _returnData\n );\n }\n\n // ============ Getters ============\n\n /**\n * @notice Parse the transferId from the message\n * @param _view The message\n * @return The transferId\n */\n function transferId(bytes29 _view) internal pure typeAssert(_view, Types.PromiseCallback) returns (bytes32) {\n // before = 1 byte identifier\n return _view.index(1, 32);\n }\n\n /**\n * @notice Parse the callback address from the message\n * @param _view The message\n * @return The callback address\n */\n function callbackAddress(bytes29 _view) internal pure typeAssert(_view, Types.PromiseCallback) returns (address) {\n // before = 1 byte identifier + 32 bytes transferId\n return _view.indexAddress(33);\n }\n\n /**\n * @notice Parse the result of execution on the destination domain\n * @param _view The message\n * @return The call result\n */\n function returnSuccess(bytes29 _view) internal pure typeAssert(_view, Types.PromiseCallback) returns (bool) {\n // before: 1 byte identifier + 32 bytes transferId + 20 bytes callback = 53 bytes\n return _view.indexUint(53, 1) == 1;\n }\n\n /**\n * @notice Parse the returnData length from the message\n * @param _view The message\n * @return The returnData length\n */\n function lengthOfReturnData(bytes29 _view) internal pure returns (uint256) {\n return _view.indexUint(LENGTH_RETURNDATA_START, LENGTH_RETURNDATA_LEN);\n }\n\n /**\n * @notice Parse returnData from the message\n * @param _view The message\n * @return data\n */\n function returnData(bytes29 _view)\n internal\n view\n typeAssert(_view, Types.PromiseCallback)\n returns (bytes memory data)\n {\n uint256 length = lengthOfReturnData(_view);\n\n data = _view.slice(RETURNDATA_START, length, 0).clone();\n }\n\n /**\n * @notice Checks that view is a valid message length\n * @param _view The bytes string\n * @return TRUE if message is valid\n */\n function isValidPromiseCallbackLength(bytes29 _view) internal pure returns (bool) {\n uint256 _len = _view.len();\n if (_len <= LENGTH_RETURNDATA_START) {\n return false;\n }\n uint256 _length = lengthOfReturnData(_view);\n // before = 1 byte identifier + 32 bytes transferId + 20 bytes callback address + 1 byte success + 32 bytes length + x bytes data\n // allow zero-length return data\n return _length >= 0 && (RETURNDATA_START + _length) == _len;\n }\n\n /**\n * @notice Converts to a Promise callback message\n * @param _view The message\n * @return The newly typed message\n */\n function tryAsPromiseCallback(bytes29 _view) internal pure returns (bytes29) {\n if (isValidPromiseCallbackLength(_view)) {\n return _view.castTo(uint40(Types.PromiseCallback));\n }\n return TypedMemView.nullView();\n }\n\n /**\n * @notice Asserts that the message is of type PromiseCallback\n * @param _view The message\n * @return The message\n */\n function mustBePromiseCallback(bytes29 _view) internal pure returns (bytes29) {\n return tryAsPromiseCallback(_view).assertValid();\n }\n}\n" }, "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (token/ERC20/utils/SafeERC20.sol)\n\npragma solidity ^0.8.0;\n\nimport \"../IERC20.sol\";\nimport \"../../../utils/Address.sol\";\n\n/**\n * @title SafeERC20\n * @dev Wrappers around ERC20 operations that throw on failure (when the token\n * contract returns false). Tokens that return no value (and instead revert or\n * throw on failure) are also supported, non-reverting calls are assumed to be\n * successful.\n * To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,\n * which allows you to call the safe operations as `token.safeTransfer(...)`, etc.\n */\nlibrary SafeERC20 {\n using Address for address;\n\n function safeTransfer(\n IERC20 token,\n address to,\n uint256 value\n ) internal {\n _callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));\n }\n\n function safeTransferFrom(\n IERC20 token,\n address from,\n address to,\n uint256 value\n ) internal {\n _callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));\n }\n\n /**\n * @dev Deprecated. This function has issues similar to the ones found in\n * {IERC20-approve}, and its usage is discouraged.\n *\n * Whenever possible, use {safeIncreaseAllowance} and\n * {safeDecreaseAllowance} instead.\n */\n function safeApprove(\n IERC20 token,\n address spender,\n uint256 value\n ) internal {\n // safeApprove should only be called when setting an initial allowance,\n // or when resetting it to zero. To increase and decrease it, use\n // 'safeIncreaseAllowance' and 'safeDecreaseAllowance'\n require(\n (value == 0) || (token.allowance(address(this), spender) == 0),\n \"SafeERC20: approve from non-zero to non-zero allowance\"\n );\n _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));\n }\n\n function safeIncreaseAllowance(\n IERC20 token,\n address spender,\n uint256 value\n ) internal {\n uint256 newAllowance = token.allowance(address(this), spender) + value;\n _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));\n }\n\n function safeDecreaseAllowance(\n IERC20 token,\n address spender,\n uint256 value\n ) internal {\n unchecked {\n uint256 oldAllowance = token.allowance(address(this), spender);\n require(oldAllowance >= value, \"SafeERC20: decreased allowance below zero\");\n uint256 newAllowance = oldAllowance - value;\n _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));\n }\n }\n\n /**\n * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement\n * on the return value: the return value is optional (but if data is returned, it must not be false).\n * @param token The token targeted by the call.\n * @param data The call data (encoded using abi.encode or one of its variants).\n */\n function _callOptionalReturn(IERC20 token, bytes memory data) private {\n // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since\n // we're implementing it ourselves. We use {Address.functionCall} to perform this call, which verifies that\n // the target address contains contract code and also asserts for success in the low-level call.\n\n bytes memory returndata = address(token).functionCall(data, \"SafeERC20: low-level call failed\");\n if (returndata.length > 0) {\n // Return data is optional\n require(abi.decode(returndata, (bool)), \"SafeERC20: ERC20 operation did not succeed\");\n }\n }\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/contracts/XAppConnectionManager.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n// ============ Internal Imports ============\nimport {Home} from \"./Home.sol\";\nimport {Replica} from \"./Replica.sol\";\nimport {TypeCasts} from \"../libs/TypeCasts.sol\";\n// ============ External Imports ============\nimport {ECDSA} from \"@openzeppelin/contracts/utils/cryptography/ECDSA.sol\";\nimport {Ownable} from \"@openzeppelin/contracts/access/Ownable.sol\";\n\n/**\n * @title XAppConnectionManager\n * @author Illusory Systems Inc.\n * @notice Manages a registry of local Replica contracts\n * for remote Home domains. Accepts Watcher signatures\n * to un-enroll Replicas attached to fraudulent remote Homes\n */\ncontract XAppConnectionManager is Ownable {\n // ============ Public Storage ============\n\n // Home contract\n Home public home;\n // local Replica address => remote Home domain\n mapping(address => uint32) public replicaToDomain;\n // remote Home domain => local Replica address\n mapping(uint32 => address) public domainToReplica;\n // watcher address => replica remote domain => has/doesn't have permission\n mapping(address => mapping(uint32 => bool)) private watcherPermissions;\n\n // ============ Events ============\n\n /**\n * @notice Emitted when a new Replica is enrolled / added\n * @param domain the remote domain of the Home contract for the Replica\n * @param replica the address of the Replica\n */\n event ReplicaEnrolled(uint32 indexed domain, address replica);\n\n /**\n * @notice Emitted when a new Replica is un-enrolled / removed\n * @param domain the remote domain of the Home contract for the Replica\n * @param replica the address of the Replica\n */\n event ReplicaUnenrolled(uint32 indexed domain, address replica);\n\n /**\n * @notice Emitted when Watcher permissions are changed\n * @param domain the remote domain of the Home contract for the Replica\n * @param watcher the address of the Watcher\n * @param access TRUE if the Watcher was given permissions, FALSE if permissions were removed\n */\n event WatcherPermissionSet(uint32 indexed domain, address watcher, bool access);\n\n // ============ Modifiers ============\n\n modifier onlyReplica() {\n require(isReplica(msg.sender), \"!replica\");\n _;\n }\n\n // ============ Constructor ============\n\n // solhint-disable-next-line no-empty-blocks\n constructor() Ownable() {}\n\n // ============ External Functions ============\n\n /**\n * @notice Un-Enroll a replica contract\n * in the case that fraud was detected on the Home\n * @dev in the future, if fraud occurs on the Home contract,\n * the Watcher will submit their signature directly to the Home\n * and it can be relayed to all remote chains to un-enroll the Replicas\n * @param _domain the remote domain of the Home contract for the Replica\n * @param _updater the address of the Updater for the Home contract (also stored on Replica)\n * @param _signature signature of watcher on (domain, replica address, updater address)\n */\n function unenrollReplica(\n uint32 _domain,\n bytes32 _updater,\n bytes memory _signature\n ) external {\n // ensure that the replica is currently set\n address _replica = domainToReplica[_domain];\n require(_replica != address(0), \"!replica exists\");\n // ensure that the signature is on the proper updater\n require(Replica(_replica).updater() == TypeCasts.bytes32ToAddress(_updater), \"!current updater\");\n // get the watcher address from the signature\n // and ensure that the watcher has permission to un-enroll this replica\n address _watcher = _recoverWatcherFromSig(_domain, TypeCasts.addressToBytes32(_replica), _updater, _signature);\n require(watcherPermissions[_watcher][_domain], \"!valid watcher\");\n // remove the replica from mappings\n _unenrollReplica(_replica);\n }\n\n /**\n * @notice Set the address of the local Home contract\n * @param _home the address of the local Home contract\n */\n function setHome(address _home) external onlyOwner {\n home = Home(_home);\n }\n\n /**\n * @notice Allow Owner to enroll Replica contract\n * @param _replica the address of the Replica\n * @param _domain the remote domain of the Home contract for the Replica\n */\n function ownerEnrollReplica(address _replica, uint32 _domain) external onlyOwner {\n // un-enroll any existing replica\n _unenrollReplica(_replica);\n // add replica and domain to two-way mapping\n replicaToDomain[_replica] = _domain;\n domainToReplica[_domain] = _replica;\n emit ReplicaEnrolled(_domain, _replica);\n }\n\n /**\n * @notice Allow Owner to un-enroll Replica contract\n * @param _replica the address of the Replica\n */\n function ownerUnenrollReplica(address _replica) external onlyOwner {\n _unenrollReplica(_replica);\n }\n\n /**\n * @notice Allow Owner to set Watcher permissions for a Replica\n * @param _watcher the address of the Watcher\n * @param _domain the remote domain of the Home contract for the Replica\n * @param _access TRUE to give the Watcher permissions, FALSE to remove permissions\n */\n function setWatcherPermission(\n address _watcher,\n uint32 _domain,\n bool _access\n ) external onlyOwner {\n watcherPermissions[_watcher][_domain] = _access;\n emit WatcherPermissionSet(_domain, _watcher, _access);\n }\n\n /**\n * @notice Query local domain from Home\n * @return local domain\n */\n function localDomain() external view returns (uint32) {\n return home.localDomain();\n }\n\n /**\n * @notice Get access permissions for the watcher on the domain\n * @param _watcher the address of the watcher\n * @param _domain the domain to check for watcher permissions\n * @return TRUE iff _watcher has permission to un-enroll replicas on _domain\n */\n function watcherPermission(address _watcher, uint32 _domain) external view returns (bool) {\n return watcherPermissions[_watcher][_domain];\n }\n\n // ============ Public Functions ============\n\n /**\n * @notice Check whether _replica is enrolled\n * @param _replica the replica to check for enrollment\n * @return TRUE iff _replica is enrolled\n */\n function isReplica(address _replica) public view returns (bool) {\n return replicaToDomain[_replica] != 0;\n }\n\n // ============ Internal Functions ============\n\n /**\n * @notice Remove the replica from the two-way mappings\n * @param _replica replica to un-enroll\n */\n function _unenrollReplica(address _replica) internal {\n uint32 _currentDomain = replicaToDomain[_replica];\n domainToReplica[_currentDomain] = address(0);\n replicaToDomain[_replica] = 0;\n emit ReplicaUnenrolled(_currentDomain, _replica);\n }\n\n /**\n * @notice Get the Watcher address from the provided signature\n * @return address of watcher that signed\n */\n function _recoverWatcherFromSig(\n uint32 _domain,\n bytes32 _replica,\n bytes32 _updater,\n bytes memory _signature\n ) internal view returns (address) {\n bytes32 _homeDomainHash = Replica(TypeCasts.bytes32ToAddress(_replica)).homeDomainHash();\n bytes32 _digest = keccak256(abi.encodePacked(_homeDomainHash, _domain, _updater));\n _digest = ECDSA.toEthSignedMessageHash(_digest);\n return ECDSA.recover(_digest, _signature);\n }\n}\n" }, "@connext/nxtp-contracts/contracts/core/relayer-fee/RelayerFeeRouter.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity 0.8.15;\n\nimport {Home} from \"../../nomad-core/contracts/Home.sol\";\nimport {TypedMemView} from \"../../nomad-core/libs/TypedMemView.sol\";\n\nimport {IConnextHandler} from \"../connext/interfaces/IConnextHandler.sol\";\n\nimport {Router} from \"../shared/Router.sol\";\nimport {XAppConnectionClient} from \"../shared/XAppConnectionClient.sol\";\nimport {Version} from \"../shared/Version.sol\";\n\nimport {RelayerFeeMessage} from \"./libraries/RelayerFeeMessage.sol\";\n\n/**\n * @title RelayerFeeRouter\n */\ncontract RelayerFeeRouter is Version, Router {\n // ============ Libraries ============\n\n using TypedMemView for bytes;\n using TypedMemView for bytes29;\n using RelayerFeeMessage for bytes29;\n\n // ========== Custom Errors ===========\n\n error RelayerFeeRouter__onlyConnext_notConnext();\n error RelayerFeeRouter__send_claimEmpty();\n error RelayerFeeRouter__send_recipientEmpty();\n\n // ============ Public Storage ============\n\n IConnextHandler public connext;\n\n // ============ Upgrade Gap ============\n\n // gap for upgrade safety\n uint256[49] private __GAP;\n\n // ======== Events =========\n\n /**\n * @notice Emitted when a fees claim has been initialized in this domain\n * @param domain The domain where to claim the fees\n * @param recipient The address of the relayer\n * @param transferIds A group of transaction ids to claim for fee bumps\n * @param remote Remote RelayerFeeRouter address\n * @param message The message sent to the destination domain\n */\n event Send(uint32 domain, address recipient, bytes32[] transferIds, bytes32 remote, bytes message);\n\n /**\n * @notice Emitted when the a fees claim message has arrived to this domain\n * @param originAndNonce Domain where the transfer originated and the unique identifier\n * for the message from origin to destination, combined in a single field ((origin << 32) & nonce)\n * @param origin Domain where the transfer originated\n * @param recipient The address of the relayer\n * @param transferIds A group of transaction ids to claim for fee bumps\n */\n event Receive(uint64 indexed originAndNonce, uint32 indexed origin, address indexed recipient, bytes32[] transferIds);\n\n /**\n * @notice Emitted when a new Connext address is set\n * @param connext The new connext address\n */\n event SetConnext(address indexed connext);\n\n // ============ Modifiers ============\n\n /**\n * @notice Restricts the caller to the local bridge router\n */\n modifier onlyConnext() {\n if (msg.sender != address(connext)) revert RelayerFeeRouter__onlyConnext_notConnext();\n _;\n }\n\n // ======== Initializer ========\n\n function initialize(address _xAppConnectionManager) public initializer {\n __XAppConnectionClient_initialize(_xAppConnectionManager);\n }\n\n /**\n * @notice Sets the Connext.\n * @dev Connext and relayer fee router store references to each other\n * @param _connext The address of the Connext implementation\n */\n function setConnext(address _connext) external onlyOwner {\n connext = IConnextHandler(_connext);\n emit SetConnext(_connext);\n }\n\n // ======== External: Send Claim =========\n\n /**\n * @notice Sends a request to claim the fees in the originated domain\n * @param _domain The domain where to claim the fees\n * @param _recipient The address of the relayer\n * @param _transferIds A group of transfer ids to claim for fee bumps\n */\n function send(\n uint32 _domain,\n address _recipient,\n bytes32[] calldata _transferIds\n ) external onlyConnext {\n if (_transferIds.length == 0) revert RelayerFeeRouter__send_claimEmpty();\n if (_recipient == address(0)) revert RelayerFeeRouter__send_recipientEmpty();\n\n // get remote RelayerFeeRouter address; revert if not found\n bytes32 remote = _mustHaveRemote(_domain);\n\n bytes memory message = RelayerFeeMessage.formatClaimFees(_recipient, _transferIds);\n\n xAppConnectionManager.home().dispatch(_domain, remote, message);\n\n // emit Send event\n emit Send(_domain, _recipient, _transferIds, remote, message);\n }\n\n // ======== External: Handle =========\n\n /**\n * @notice Handles an incoming message\n * @param _origin The origin domain\n * @param _nonce The unique identifier for the message from origin to destination\n * @param _sender The sender address\n * @param _message The message\n */\n function handle(\n uint32 _origin,\n uint32 _nonce,\n bytes32 _sender,\n bytes memory _message\n ) external override onlyReplica onlyRemoteRouter(_origin, _sender) {\n // parse recipient and transferIds from message\n bytes29 _msg = _message.ref(0).mustBeClaimFees();\n\n address recipient = _msg.recipient();\n bytes32[] memory transferIds = _msg.transferIds();\n\n connext.claim(recipient, transferIds);\n\n // emit Receive event\n emit Receive(_originAndNonce(_origin, _nonce), _origin, recipient, transferIds);\n }\n\n /**\n * @dev explicit override for compiler inheritance\n * @dev explicit override for compiler inheritance\n * @return domain of chain on which the contract is deployed\n */\n function _localDomain() internal view override(XAppConnectionClient) returns (uint32) {\n return XAppConnectionClient._localDomain();\n }\n\n /**\n * @notice Internal utility function that combines\n * `_origin` and `_nonce`.\n * @dev Both origin and nonce should be less than 2^32 - 1\n * @param _origin Domain of chain where the transfer originated\n * @param _nonce The unique identifier for the message from origin to destination\n * @return uint64 (`_origin` << 32) | `_nonce`\n */\n function _originAndNonce(uint32 _origin, uint32 _nonce) internal pure returns (uint64) {\n return (uint64(_origin) << 32) | _nonce;\n }\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/libraries/ConnextMessage.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\nimport {TypedMemView} from \"../../../nomad-core/libs/TypedMemView.sol\";\n\nlibrary ConnextMessage {\n // ============ Libraries ============\n\n using TypedMemView for bytes;\n using TypedMemView for bytes29;\n\n // ============ Enums ============\n\n // WARNING: do NOT re-write the numbers / order\n // of message types in an upgrade;\n // will cause in-flight messages to be mis-interpreted\n enum Types {\n Invalid, // 0\n TokenId, // 1\n Message, // 2\n Transfer // 3\n }\n\n // ============ Structs ============\n\n // Tokens are identified by a TokenId:\n // domain - 4 byte chain ID of the chain from which the token originates\n // id - 32 byte identifier of the token address on the origin chain, in that chain's address format\n struct TokenId {\n uint32 domain;\n bytes32 id;\n }\n\n // ============ Constants ============\n\n uint256 private constant TOKEN_ID_LEN = 36; // 4 bytes domain + 32 bytes id\n uint256 private constant IDENTIFIER_LEN = 1;\n uint256 private constant TRANSFER_LEN = 129;\n // 1 byte identifier + 32 bytes recipient + 32 bytes amount + 32 bytes detailsHash + 32 bytes external hash\n\n // ============ Modifiers ============\n\n /**\n * @notice Asserts a message is of type `_t`\n * @param _view The message\n * @param _t The expected type\n */\n modifier typeAssert(bytes29 _view, Types _t) {\n _view.assertType(uint40(_t));\n _;\n }\n\n // ============ Internal Functions: Validation ============\n\n /**\n * @notice Checks that Action is valid type\n * @param _action The action\n * @return TRUE if action is valid\n */\n function isValidAction(bytes29 _action) internal pure returns (bool) {\n return isTransfer(_action);\n }\n\n /**\n * @notice Checks that the message is of the specified type\n * @param _type the type to check for\n * @param _action The message\n * @return True if the message is of the specified type\n */\n function isType(bytes29 _action, Types _type) internal pure returns (bool) {\n return actionType(_action) == uint8(_type) && messageType(_action) == _type;\n }\n\n /**\n * @notice Checks that the message is of type Transfer\n * @param _action The message\n * @return True if the message is of type Transfer\n */\n function isTransfer(bytes29 _action) internal pure returns (bool) {\n return isType(_action, Types.Transfer);\n }\n\n /**\n * @notice Checks that view is a valid message length\n * @param _view The bytes string\n * @return TRUE if message is valid\n */\n function isValidMessageLength(bytes29 _view) internal pure returns (bool) {\n uint256 _len = _view.len();\n return _len == TOKEN_ID_LEN + TRANSFER_LEN;\n }\n\n /**\n * @notice Asserts that the message is of type Message\n * @param _view The message\n * @return The message\n */\n function mustBeMessage(bytes29 _view) internal pure returns (bytes29) {\n return tryAsMessage(_view).assertValid();\n }\n\n // ============ Internal Functions: Formatting ============\n\n /**\n * @notice Formats an action message\n * @param _tokenId The token ID\n * @param _action The action\n * @return The formatted message\n */\n function formatMessage(bytes29 _tokenId, bytes29 _action)\n internal\n view\n typeAssert(_tokenId, Types.TokenId)\n returns (bytes memory)\n {\n require(isValidAction(_action), \"!action\");\n bytes29[] memory _views = new bytes29[](2);\n _views[0] = _tokenId;\n _views[1] = _action;\n return TypedMemView.join(_views);\n }\n\n /**\n * @notice Formats Transfer\n * @param _to The recipient address as bytes32\n * @param _amnt The transfer amount\n * @param _detailsHash The token details hash\n * @param _transferId Unique identifier for transfer\n * @return\n */\n function formatTransfer(\n bytes32 _to,\n uint256 _amnt,\n bytes32 _detailsHash,\n bytes32 _transferId\n ) internal pure returns (bytes29) {\n return\n abi.encodePacked(Types.Transfer, _to, _amnt, _detailsHash, _transferId).ref(0).castTo(uint40(Types.Transfer));\n }\n\n /**\n * @notice Serializes a Token ID struct\n * @param _tokenId The token id struct\n * @return The formatted Token ID\n */\n function formatTokenId(TokenId memory _tokenId) internal pure returns (bytes29) {\n return formatTokenId(_tokenId.domain, _tokenId.id);\n }\n\n /**\n * @notice Creates a serialized Token ID from components\n * @param _domain The domain\n * @param _id The ID\n * @return The formatted Token ID\n */\n function formatTokenId(uint32 _domain, bytes32 _id) internal pure returns (bytes29) {\n return abi.encodePacked(_domain, _id).ref(0).castTo(uint40(Types.TokenId));\n }\n\n /**\n * @notice Formats the keccak256 hash of the token details\n * Token Details Format:\n * length of name cast to bytes - 32 bytes\n * name - x bytes (variable)\n * length of symbol cast to bytes - 32 bytes\n * symbol - x bytes (variable)\n * decimals - 1 byte\n * @param _name The name\n * @param _symbol The symbol\n * @param _decimals The decimals\n * @return The Details message\n */\n function formatDetailsHash(\n string memory _name,\n string memory _symbol,\n uint8 _decimals\n ) internal pure returns (bytes32) {\n return keccak256(abi.encodePacked(bytes(_name).length, _name, bytes(_symbol).length, _symbol, _decimals));\n }\n\n /**\n * @notice Converts to a Message\n * @param _message The message\n * @return The newly typed message\n */\n function tryAsMessage(bytes29 _message) internal pure returns (bytes29) {\n if (isValidMessageLength(_message)) {\n return _message.castTo(uint40(Types.Message));\n }\n return TypedMemView.nullView();\n }\n\n // ============ Internal Functions: Parsing msg ============\n\n /**\n * @notice Returns the type of the message\n * @param _view The message\n * @return The type of the message\n */\n function messageType(bytes29 _view) internal pure returns (Types) {\n return Types(uint8(_view.typeOf()));\n }\n\n /**\n * @notice Retrieves the token ID from a Message\n * @param _message The message\n * @return The ID\n */\n function tokenId(bytes29 _message) internal pure typeAssert(_message, Types.Message) returns (bytes29) {\n return _message.slice(0, TOKEN_ID_LEN, uint40(Types.TokenId));\n }\n\n /**\n * @notice Retrieves the action data from a Message\n * @param _message The message\n * @return The action\n */\n function action(bytes29 _message) internal pure typeAssert(_message, Types.Message) returns (bytes29) {\n uint256 _actionLen = _message.len() - TOKEN_ID_LEN;\n uint40 _type = uint40(msgType(_message));\n return _message.slice(TOKEN_ID_LEN, _actionLen, _type);\n }\n\n // ============ Internal Functions: Parsing tokenId ============\n\n /**\n * @notice Retrieves the domain from a TokenID\n * @param _tokenId The message\n * @return The domain\n */\n function domain(bytes29 _tokenId) internal pure typeAssert(_tokenId, Types.TokenId) returns (uint32) {\n return uint32(_tokenId.indexUint(0, 4));\n }\n\n /**\n * @notice Retrieves the ID from a TokenID\n * @param _tokenId The message\n * @return The ID\n */\n function id(bytes29 _tokenId) internal pure typeAssert(_tokenId, Types.TokenId) returns (bytes32) {\n // before = 4 bytes domain\n return _tokenId.index(4, 32);\n }\n\n /**\n * @notice Retrieves the EVM ID\n * @param _tokenId The message\n * @return The EVM ID\n */\n function evmId(bytes29 _tokenId) internal pure typeAssert(_tokenId, Types.TokenId) returns (address) {\n // before = 4 bytes domain + 12 bytes empty to trim for address\n return _tokenId.indexAddress(16);\n }\n\n // ============ Internal Functions: Parsing action ============\n\n /**\n * @notice Retrieves the action identifier from message\n * @param _message The action\n * @return The message type\n */\n function msgType(bytes29 _message) internal pure returns (uint8) {\n return uint8(_message.indexUint(TOKEN_ID_LEN, 1));\n }\n\n /**\n * @notice Retrieves the identifier from action\n * @param _action The action\n * @return The action type\n */\n function actionType(bytes29 _action) internal pure returns (uint8) {\n return uint8(_action.indexUint(0, 1));\n }\n\n /**\n * @notice Retrieves the recipient from a Transfer\n * @param _transferAction The message\n * @return The recipient address as bytes32\n */\n function recipient(bytes29 _transferAction) internal pure returns (bytes32) {\n // before = 1 byte identifier\n return _transferAction.index(1, 32);\n }\n\n /**\n * @notice Retrieves the EVM Recipient from a Transfer\n * @param _transferAction The message\n * @return The EVM Recipient\n */\n function evmRecipient(bytes29 _transferAction) internal pure returns (address) {\n // before = 1 byte identifier + 12 bytes empty to trim for address = 13 bytes\n return _transferAction.indexAddress(13);\n }\n\n /**\n * @notice Retrieves the amount from a Transfer\n * @param _transferAction The message\n * @return The amount\n */\n function amnt(bytes29 _transferAction) internal pure returns (uint256) {\n // before = 1 byte identifier + 32 bytes ID = 33 bytes\n return _transferAction.indexUint(33, 32);\n }\n\n /**\n * @notice Retrieves the unique identifier from a Transfer\n * @param _transferAction The message\n * @return The amount\n */\n function transferId(bytes29 _transferAction) internal pure returns (bytes32) {\n // before = 1 byte identifier + 32 bytes ID + 32 bytes amount + 32 bytes detailsHash = 97 bytes\n return _transferAction.index(97, 32);\n }\n\n /**\n * @notice Retrieves the detailsHash from a Transfer\n * @param _transferAction The message\n * @return The detailsHash\n */\n function detailsHash(bytes29 _transferAction) internal pure returns (bytes32) {\n // before = 1 byte identifier + 32 bytes ID + 32 bytes amount = 65 bytes\n return _transferAction.index(65, 32);\n }\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/libraries/LibConnextStorage.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\nimport {XAppConnectionManager} from \"../../../nomad-core/contracts/XAppConnectionManager.sol\";\n\nimport {RelayerFeeRouter} from \"../../relayer-fee/RelayerFeeRouter.sol\";\nimport {PromiseRouter} from \"../../promise/PromiseRouter.sol\";\n\nimport {ITokenRegistry} from \"../interfaces/ITokenRegistry.sol\";\nimport {IWrapped} from \"../interfaces/IWrapped.sol\";\nimport {IExecutor} from \"../interfaces/IExecutor.sol\";\nimport {IStableSwap} from \"../interfaces/IStableSwap.sol\";\nimport {ISponsorVault} from \"../interfaces/ISponsorVault.sol\";\n\nimport {ConnextMessage} from \"./ConnextMessage.sol\";\nimport {SwapUtils} from \"./SwapUtils.sol\";\n\n// ============= Structs =============\n\n/**\n * @notice These are the call parameters that will remain constant between the\n * two chains. They are supplied on `xcall` and should be asserted on `execute`\n * @property to - The account that receives funds, in the event of a crosschain call,\n * will receive funds if the call fails.\n * @param to - The address you are sending funds (and potentially data) to\n * @param callData - The data to execute on the receiving chain. If no crosschain call is needed, then leave empty.\n * @param originDomain - The originating domain (i.e. where `xcall` is called). Must match nomad domain schema\n * @param destinationDomain - The final domain (i.e. where `execute` / `reconcile` are called). Must match nomad domain schema\n * @param agent - An address who can execute txs on behalf of `to`, in addition to allowing relayers\n * @param recovery - The address to send funds to if your `Executor.execute call` fails\n * @param callback - The address on the origin domain of the callback contract\n * @param callbackFee - The relayer fee to execute the callback\n * @param forceSlow - If true, will take slow liquidity path even if it is not a permissioned call\n * @param receiveLocal - If true, will use the local nomad asset on the destination instead of adopted.\n * @param relayerFee - The amount of relayer fee the tx called xcall with\n * @param slippageTol - Max bps of original due to slippage (i.e. would be 9995 to tolerate .05% slippage)\n */\nstruct CallParams {\n address to;\n bytes callData;\n uint32 originDomain;\n uint32 destinationDomain;\n address agent;\n address recovery;\n bool forceSlow;\n bool receiveLocal;\n address callback;\n uint256 callbackFee;\n uint256 relayerFee;\n uint256 slippageTol;\n}\n\n/**\n * @notice The arguments you supply to the `xcall` function called by user on origin domain\n * @param params - The CallParams. These are consistent across sending and receiving chains\n * @param transactingAssetId - The asset the caller sent with the transfer. Can be the adopted, canonical,\n * or the representational asset\n * @param amount - The amount of transferring asset the tx called xcall with\n */\nstruct XCallArgs {\n CallParams params;\n address transactingAssetId; // Could be adopted, local, or wrapped\n uint256 amount;\n}\n\n/**\n * @notice\n * @param params - The CallParams. These are consistent across sending and receiving chains\n * @param local - The local asset for the transfer, will be swapped to the adopted asset if\n * appropriate\n * @param routers - The routers who you are sending the funds on behalf of\n * @param amount - The amount of liquidity the router provided or the bridge forwarded, depending on\n * if fast liquidity was used\n * @param nonce - The nonce used to generate transfer id\n * @param originSender - The msg.sender of the xcall on origin domain\n */\nstruct ExecuteArgs {\n CallParams params;\n address local; // local representation of canonical token\n address[] routers;\n bytes[] routerSignatures;\n uint256 amount;\n uint256 nonce;\n address originSender;\n}\n\n/**\n * @notice Contains RouterFacet related state\n * @param approvedRouters - Mapping of whitelisted router addresses\n * @param routerRecipients - Mapping of router withdraw recipient addresses.\n * If set, all liquidity is withdrawn only to this address. Must be set by routerOwner\n * (if configured) or the router itself\n * @param routerOwners - Mapping of router owners\n * If set, can update the routerRecipient\n * @param proposedRouterOwners - Mapping of proposed router owners\n * Must wait timeout to set the\n * @param proposedRouterTimestamp - Mapping of proposed router owners timestamps\n * When accepting a proposed owner, must wait for delay to elapse\n */\nstruct RouterPermissionsManagerInfo {\n mapping(address => bool) approvedRouters;\n mapping(address => bool) approvedForPortalRouters;\n mapping(address => address) routerRecipients;\n mapping(address => address) routerOwners;\n mapping(address => address) proposedRouterOwners;\n mapping(address => uint256) proposedRouterTimestamp;\n}\n\nstruct AppStorage {\n bool initialized;\n //\n // ConnextHandler\n //\n // 0\n uint256 LIQUIDITY_FEE_NUMERATOR;\n // 1\n uint256 LIQUIDITY_FEE_DENOMINATOR;\n // The local nomad relayer fee router\n // 2\n RelayerFeeRouter relayerFeeRouter;\n // The local nomad promise callback router\n // 3\n PromiseRouter promiseRouter;\n // /**\n // * @notice The address of the wrapper for the native asset on this domain\n // * @dev Needed because the nomad only handles ERC20 assets\n // */\n // 4\n IWrapped wrapper;\n // /**\n // * @notice Nonce for the contract, used to keep unique transfer ids.\n // * @dev Assigned at first interaction (xcall on origin domain);\n // */\n // 5\n uint256 nonce;\n // /**\n // * @notice The external contract that will execute crosschain calldata\n // */\n // 6\n IExecutor executor;\n // /**\n // * @notice The domain this contract exists on\n // * @dev Must match the nomad domain, which is distinct from the \"chainId\"\n // */\n // 7\n uint32 domain;\n // /**\n // * @notice The local nomad token registry\n // */\n // 8\n ITokenRegistry tokenRegistry;\n // /**\n // * @notice Mapping holding the AMMs for swapping in and out of local assets\n // * @dev Swaps for an adopted asset <> nomad local asset (i.e. POS USDC <> madUSDC on polygon)\n // */\n // 9\n mapping(bytes32 => IStableSwap) adoptedToLocalPools;\n // /**\n // * @notice Mapping of whitelisted assets on same domain as contract\n // * @dev Mapping is keyed on the canonical token identifier matching what is stored in the token\n // * registry\n // */\n // 10\n mapping(bytes32 => bool) approvedAssets;\n // /**\n // * @notice Mapping of canonical to adopted assets on this domain\n // * @dev If the adopted asset is the native asset, the keyed address will\n // * be the wrapped asset address\n // */\n // 11\n mapping(address => ConnextMessage.TokenId) adoptedToCanonical;\n // /**\n // * @notice Mapping of adopted to canonical on this domain\n // * @dev If the adopted asset is the native asset, the stored address will be the\n // * wrapped asset address\n // */\n // 12\n mapping(bytes32 => address) canonicalToAdopted;\n // /**\n // * @notice Mapping to determine if transfer is reconciled\n // */\n // 13\n mapping(bytes32 => bool) reconciledTransfers;\n // /**\n // * @notice Mapping holding router address that provided fast liquidity\n // */\n // 14\n mapping(bytes32 => address[]) routedTransfers;\n // /**\n // * @notice Mapping of router to available balance of an asset\n // * @dev Routers should always store liquidity that they can expect to receive via the bridge on\n // * this domain (the nomad local asset)\n // */\n // 15\n mapping(address => mapping(address => uint256)) routerBalances;\n // /**\n // * @notice Mapping of approved relayers\n // * @dev Send relayer fee if msg.sender is approvedRelayer. otherwise revert()\n // */\n // 16\n mapping(address => bool) approvedRelayers;\n // /**\n // * @notice Stores the relayer fee for a transfer. Updated on origin domain when a user calls xcall or bump\n // * @dev This will track all of the relayer fees assigned to a transfer by id, including any bumps made by the relayer\n // */\n // 17\n mapping(bytes32 => uint256) relayerFees;\n // /**\n // * @notice Stores the relayer of a transfer. Updated on the destination domain when a relayer calls execute\n // * for transfer\n // * @dev When relayer claims, must check that the msg.sender has forwarded transfer\n // */\n // 18\n mapping(bytes32 => address) transferRelayer;\n // /**\n // * @notice The max amount of routers a payment can be routed through\n // */\n // 19\n uint256 maxRoutersPerTransfer;\n // /**\n // * @notice The Vault used for sponsoring fees\n // */\n // 20\n ISponsorVault sponsorVault;\n //\n // Router\n //\n // 21\n mapping(uint32 => bytes32) remotes;\n //\n // XAppConnectionClient\n //\n // 22\n XAppConnectionManager xAppConnectionManager;\n //\n // ProposedOwnable\n //\n // 23\n address _proposed;\n // 24\n uint256 _proposedOwnershipTimestamp;\n // 25\n bool _routerOwnershipRenounced;\n // 26\n uint256 _routerOwnershipTimestamp;\n // 27\n bool _assetOwnershipRenounced;\n // 28\n uint256 _assetOwnershipTimestamp;\n //\n // RouterFacet\n //\n // 29\n RouterPermissionsManagerInfo routerPermissionInfo;\n //\n // ReentrancyGuard\n //\n // 30\n uint256 _status;\n //\n // StableSwap\n //\n /**\n * @notice Mapping holding the AMM storages for swapping in and out of local assets\n * @dev Swaps for an adopted asset <> nomad local asset (i.e. POS USDC <> madUSDC on polygon)\n * Struct storing data responsible for automatic market maker functionalities. In order to\n * access this data, this contract uses SwapUtils library. For more details, see SwapUtils.sol\n */\n // 31\n mapping(bytes32 => SwapUtils.Swap) swapStorages;\n /**\n * @notice Maps token address to an index in the pool. Used to prevent duplicate tokens in the pool.\n * @dev getTokenIndex function also relies on this mapping to retrieve token index.\n */\n // 32\n mapping(bytes32 => mapping(address => uint8)) tokenIndexes;\n /**\n * @notice Stores whether or not bribing, AMMs, have been paused\n */\n // 33\n bool _paused;\n //\n // AavePortals\n //\n /**\n * @notice Address of Aave Pool contract\n */\n address aavePool;\n /**\n * @notice Fee percentage numerator for using Portal liquidity\n * @dev Assumes the same basis points as the liquidity fee\n */\n uint256 aavePortalFeeNumerator;\n /**\n * @notice Mapping to store the transfer liquidity amount provided by Aave Portals\n */\n mapping(bytes32 => uint256) portalDebt;\n /**\n * @notice Mapping to store the transfer liquidity amount provided by Aave Portals\n */\n mapping(bytes32 => uint256) portalFeeDebt;\n //\n // BridgeFacet (cont.) TODO: can we move this\n //\n /**\n * @notice Stores whether a transfer has had `receiveLocal` overrides forced\n */\n // 34\n mapping(bytes32 => bool) receiveLocalOverrides;\n}\n\nlibrary LibConnextStorage {\n function connextStorage() internal pure returns (AppStorage storage ds) {\n assembly {\n ds.slot := 0\n }\n }\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/libraries/SwapUtils.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\nimport {SafeMath} from \"@openzeppelin/contracts/utils/math/SafeMath.sol\";\nimport {SafeERC20, IERC20} from \"@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol\";\n\nimport {LPToken} from \"../helpers/LPToken.sol\";\nimport {AmplificationUtils} from \"./AmplificationUtils.sol\";\nimport {MathUtils} from \"./MathUtils.sol\";\n\n/**\n * @title SwapUtils library\n * @notice A library to be used within Swap.sol. Contains functions responsible for custody and AMM functionalities.\n * @dev Contracts relying on this library must initialize SwapUtils.Swap struct then use this library\n * for SwapUtils.Swap struct. Note that this library contains both functions called by users and admins.\n * Admin functions should be protected within contracts using this library.\n */\nlibrary SwapUtils {\n using SafeERC20 for IERC20;\n using SafeMath for uint256;\n using MathUtils for uint256;\n\n /*** EVENTS ***/\n\n event TokenSwap(address indexed buyer, uint256 tokensSold, uint256 tokensBought, uint128 soldId, uint128 boughtId);\n event AddLiquidity(\n address indexed provider,\n uint256[] tokenAmounts,\n uint256[] fees,\n uint256 invariant,\n uint256 lpTokenSupply\n );\n event RemoveLiquidity(address indexed provider, uint256[] tokenAmounts, uint256 lpTokenSupply);\n event RemoveLiquidityOne(\n address indexed provider,\n uint256 lpTokenAmount,\n uint256 lpTokenSupply,\n uint256 boughtId,\n uint256 tokensBought\n );\n event RemoveLiquidityImbalance(\n address indexed provider,\n uint256[] tokenAmounts,\n uint256[] fees,\n uint256 invariant,\n uint256 lpTokenSupply\n );\n event NewAdminFee(uint256 newAdminFee);\n event NewSwapFee(uint256 newSwapFee);\n\n struct Swap {\n // variables around the ramp management of A,\n // the amplification coefficient * n * (n - 1)\n // see https://www.curve.fi/stableswap-paper.pdf for details\n uint256 initialA;\n uint256 futureA;\n uint256 initialATime;\n uint256 futureATime;\n // fee calculation\n uint256 swapFee;\n uint256 adminFee;\n LPToken lpToken;\n // contract references for all tokens being pooled\n IERC20[] pooledTokens;\n // multipliers for each pooled token's precision to get to POOL_PRECISION_DECIMALS\n // for example, TBTC has 18 decimals, so the multiplier should be 1. WBTC\n // has 8, so the multiplier should be 10 ** 18 / 10 ** 8 => 10 ** 10\n uint256[] tokenPrecisionMultipliers;\n // the pool balance of each token, in the token's precision\n // the contract's actual token balance might differ\n uint256[] balances;\n // the admin fee balance of each token, in the token's precision\n uint256[] adminFees;\n }\n\n // Struct storing variables used in calculations in the\n // calculateWithdrawOneTokenDY function to avoid stack too deep errors\n struct CalculateWithdrawOneTokenDYInfo {\n uint256 d0;\n uint256 d1;\n uint256 newY;\n uint256 feePerToken;\n uint256 preciseA;\n }\n\n // Struct storing variables used in calculations in the\n // {add,remove}Liquidity functions to avoid stack too deep errors\n struct ManageLiquidityInfo {\n uint256 d0;\n uint256 d1;\n uint256 d2;\n uint256 preciseA;\n LPToken lpToken;\n uint256 totalSupply;\n uint256[] balances;\n uint256[] multipliers;\n }\n\n // the precision all pools tokens will be converted to\n uint8 internal constant POOL_PRECISION_DECIMALS = 18;\n\n // the denominator used to calculate admin and LP fees. For example, an\n // LP fee might be something like tradeAmount.mul(fee).div(FEE_DENOMINATOR)\n uint256 internal constant FEE_DENOMINATOR = 1e10;\n\n // Max swap fee is 1% or 100bps of each swap\n uint256 internal constant MAX_SWAP_FEE = 1e8;\n\n // Max adminFee is 100% of the swapFee\n // adminFee does not add additional fee on top of swapFee\n // Instead it takes a certain % of the swapFee. Therefore it has no impact on the\n // users but only on the earnings of LPs\n uint256 internal constant MAX_ADMIN_FEE = 1e10;\n\n // Constant value used as max loop limit\n uint256 internal constant MAX_LOOP_LIMIT = 256;\n\n /*** VIEW & PURE FUNCTIONS ***/\n\n function _getAPrecise(Swap storage self) private view returns (uint256) {\n return AmplificationUtils._getAPrecise(self);\n }\n\n /**\n * @notice Calculate the dy, the amount of selected token that user receives and\n * the fee of withdrawing in one token\n * @param tokenAmount the amount to withdraw in the pool's precision\n * @param tokenIndex which token will be withdrawn\n * @param self Swap struct to read from\n * @return the amount of token user will receive\n */\n function calculateWithdrawOneToken(\n Swap storage self,\n uint256 tokenAmount,\n uint8 tokenIndex\n ) internal view returns (uint256) {\n (uint256 availableTokenAmount, ) = _calculateWithdrawOneToken(\n self,\n tokenAmount,\n tokenIndex,\n self.lpToken.totalSupply()\n );\n return availableTokenAmount;\n }\n\n function _calculateWithdrawOneToken(\n Swap storage self,\n uint256 tokenAmount,\n uint8 tokenIndex,\n uint256 totalSupply\n ) private view returns (uint256, uint256) {\n uint256 dy;\n uint256 newY;\n uint256 currentY;\n\n (dy, newY, currentY) = calculateWithdrawOneTokenDY(self, tokenIndex, tokenAmount, totalSupply);\n\n // dy_0 (without fees)\n // dy, dy_0 - dy\n\n uint256 dySwapFee = currentY.sub(newY).div(self.tokenPrecisionMultipliers[tokenIndex]).sub(dy);\n\n return (dy, dySwapFee);\n }\n\n /**\n * @notice Calculate the dy of withdrawing in one token\n * @param self Swap struct to read from\n * @param tokenIndex which token will be withdrawn\n * @param tokenAmount the amount to withdraw in the pools precision\n * @return the d and the new y after withdrawing one token\n */\n function calculateWithdrawOneTokenDY(\n Swap storage self,\n uint8 tokenIndex,\n uint256 tokenAmount,\n uint256 totalSupply\n )\n internal\n view\n returns (\n uint256,\n uint256,\n uint256\n )\n {\n // Get the current D, then solve the stableswap invariant\n // y_i for D - tokenAmount\n uint256[] memory xp = _xp(self);\n\n require(tokenIndex < xp.length, \"index out of range\");\n\n CalculateWithdrawOneTokenDYInfo memory v = CalculateWithdrawOneTokenDYInfo(0, 0, 0, 0, 0);\n v.preciseA = _getAPrecise(self);\n v.d0 = getD(xp, v.preciseA);\n v.d1 = v.d0.sub(tokenAmount.mul(v.d0).div(totalSupply));\n\n require(tokenAmount <= xp[tokenIndex], \"exceeds available\");\n\n v.newY = getYD(v.preciseA, tokenIndex, xp, v.d1);\n\n uint256[] memory xpReduced = new uint256[](xp.length);\n\n v.feePerToken = _feePerToken(self.swapFee, xp.length);\n // TODO: Set a length variable (at top) instead of reading xp.length on each loop.\n for (uint256 i; i < xp.length; ) {\n uint256 xpi = xp[i];\n // if i == tokenIndex, dxExpected = xp[i] * d1 / d0 - newY\n // else dxExpected = xp[i] - (xp[i] * d1 / d0)\n // xpReduced[i] -= dxExpected * fee / FEE_DENOMINATOR\n xpReduced[i] = xpi.sub(\n ((i == tokenIndex) ? xpi.mul(v.d1).div(v.d0).sub(v.newY) : xpi.sub(xpi.mul(v.d1).div(v.d0)))\n .mul(v.feePerToken)\n .div(FEE_DENOMINATOR)\n );\n\n unchecked {\n ++i;\n }\n }\n\n uint256 dy = xpReduced[tokenIndex].sub(getYD(v.preciseA, tokenIndex, xpReduced, v.d1));\n dy = dy.sub(1).div(self.tokenPrecisionMultipliers[tokenIndex]);\n\n return (dy, v.newY, xp[tokenIndex]);\n }\n\n /**\n * @notice Calculate the price of a token in the pool with given\n * precision-adjusted balances and a particular D.\n *\n * @dev This is accomplished via solving the invariant iteratively.\n * See the StableSwap paper and Curve.fi implementation for further details.\n *\n * x_1**2 + x1 * (sum' - (A*n**n - 1) * D / (A * n**n)) = D ** (n + 1) / (n ** (2 * n) * prod' * A)\n * x_1**2 + b*x_1 = c\n * x_1 = (x_1**2 + c) / (2*x_1 + b)\n *\n * @param a the amplification coefficient * n * (n - 1). See the StableSwap paper for details.\n * @param tokenIndex Index of token we are calculating for.\n * @param xp a precision-adjusted set of pool balances. Array should be\n * the same cardinality as the pool.\n * @param d the stableswap invariant\n * @return the price of the token, in the same precision as in xp\n */\n function getYD(\n uint256 a,\n uint8 tokenIndex,\n uint256[] memory xp,\n uint256 d\n ) internal pure returns (uint256) {\n uint256 numTokens = xp.length;\n require(tokenIndex < numTokens, \"Token not found\");\n\n uint256 c = d;\n uint256 s;\n uint256 nA = a.mul(numTokens);\n\n for (uint256 i; i < numTokens; ) {\n if (i != tokenIndex) {\n s = s.add(xp[i]);\n c = c.mul(d).div(xp[i].mul(numTokens));\n // If we were to protect the division loss we would have to keep the denominator separate\n // and divide at the end. However this leads to overflow with large numTokens or/and D.\n // c = c * D * D * D * ... overflow!\n }\n\n unchecked {\n ++i;\n }\n }\n c = c.mul(d).mul(AmplificationUtils.A_PRECISION).div(nA.mul(numTokens));\n\n uint256 b = s.add(d.mul(AmplificationUtils.A_PRECISION).div(nA));\n uint256 yPrev;\n uint256 y = d;\n for (uint256 i; i < MAX_LOOP_LIMIT; ) {\n yPrev = y;\n y = y.mul(y).add(c).div(y.mul(2).add(b).sub(d));\n if (y.within1(yPrev)) {\n return y;\n }\n\n unchecked {\n ++i;\n }\n }\n revert(\"Approximation did not converge\");\n }\n\n /**\n * @notice Get D, the StableSwap invariant, based on a set of balances and a particular A.\n * @param xp a precision-adjusted set of pool balances. Array should be the same cardinality\n * as the pool.\n * @param a the amplification coefficient * n * (n - 1) in A_PRECISION.\n * See the StableSwap paper for details\n * @return the invariant, at the precision of the pool\n */\n function getD(uint256[] memory xp, uint256 a) internal pure returns (uint256) {\n uint256 numTokens = xp.length;\n uint256 s;\n for (uint256 i; i < numTokens; ) {\n s = s.add(xp[i]);\n\n unchecked {\n ++i;\n }\n }\n if (s == 0) {\n return 0;\n }\n\n uint256 prevD;\n uint256 d = s;\n uint256 nA = a.mul(numTokens);\n\n for (uint256 i; i < MAX_LOOP_LIMIT; ) {\n uint256 dP = d;\n for (uint256 j; j < numTokens; ) {\n dP = dP.mul(d).div(xp[j].mul(numTokens));\n // If we were to protect the division loss we would have to keep the denominator separate\n // and divide at the end. However this leads to overflow with large numTokens or/and D.\n // dP = dP * D * D * D * ... overflow!\n\n unchecked {\n ++j;\n }\n }\n prevD = d;\n d = nA.mul(s).div(AmplificationUtils.A_PRECISION).add(dP.mul(numTokens)).mul(d).div(\n nA.sub(AmplificationUtils.A_PRECISION).mul(d).div(AmplificationUtils.A_PRECISION).add(numTokens.add(1).mul(dP))\n );\n if (d.within1(prevD)) {\n return d;\n }\n\n unchecked {\n ++i;\n }\n }\n\n // Convergence should occur in 4 loops or less. If this is reached, there may be something wrong\n // with the pool. If this were to occur repeatedly, LPs should withdraw via `removeLiquidity()`\n // function which does not rely on D.\n revert(\"D does not converge\");\n }\n\n /**\n * @notice Given a set of balances and precision multipliers, return the\n * precision-adjusted balances.\n *\n * @param balances an array of token balances, in their native precisions.\n * These should generally correspond with pooled tokens.\n *\n * @param precisionMultipliers an array of multipliers, corresponding to\n * the amounts in the balances array. When multiplied together they\n * should yield amounts at the pool's precision.\n *\n * @return an array of amounts \"scaled\" to the pool's precision\n */\n function _xp(uint256[] memory balances, uint256[] memory precisionMultipliers)\n internal\n pure\n returns (uint256[] memory)\n {\n uint256 numTokens = balances.length;\n require(numTokens == precisionMultipliers.length, \"mismatch multipliers\");\n uint256[] memory xp = new uint256[](numTokens);\n for (uint256 i; i < numTokens; ) {\n xp[i] = balances[i].mul(precisionMultipliers[i]);\n\n unchecked {\n ++i;\n }\n }\n return xp;\n }\n\n /**\n * @notice Return the precision-adjusted balances of all tokens in the pool\n * @param self Swap struct to read from\n * @return the pool balances \"scaled\" to the pool's precision, allowing\n * them to be more easily compared.\n */\n function _xp(Swap storage self) internal view returns (uint256[] memory) {\n return _xp(self.balances, self.tokenPrecisionMultipliers);\n }\n\n /**\n * @notice Get the virtual price, to help calculate profit\n * @param self Swap struct to read from\n * @return the virtual price, scaled to precision of POOL_PRECISION_DECIMALS\n */\n function getVirtualPrice(Swap storage self) internal view returns (uint256) {\n uint256 d = getD(_xp(self), _getAPrecise(self));\n LPToken lpToken = self.lpToken;\n uint256 supply = lpToken.totalSupply();\n if (supply != 0) {\n return d.mul(10**uint256(POOL_PRECISION_DECIMALS)).div(supply);\n }\n return 0;\n }\n\n /**\n * @notice Calculate the new balances of the tokens given the indexes of the token\n * that is swapped from (FROM) and the token that is swapped to (TO).\n * This function is used as a helper function to calculate how much TO token\n * the user should receive on swap.\n *\n * @param preciseA precise form of amplification coefficient\n * @param tokenIndexFrom index of FROM token\n * @param tokenIndexTo index of TO token\n * @param x the new total amount of FROM token\n * @param xp balances of the tokens in the pool\n * @return the amount of TO token that should remain in the pool\n */\n function getY(\n uint256 preciseA,\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 x,\n uint256[] memory xp\n ) internal pure returns (uint256) {\n uint256 numTokens = xp.length;\n require(tokenIndexFrom != tokenIndexTo, \"compare token to itself\");\n require(tokenIndexFrom < numTokens && tokenIndexTo < numTokens, \"token not found\");\n\n uint256 d = getD(xp, preciseA);\n uint256 c = d;\n uint256 s;\n uint256 nA = numTokens.mul(preciseA);\n\n uint256 _x;\n for (uint256 i; i < numTokens; ) {\n if (i == tokenIndexFrom) {\n _x = x;\n } else if (i != tokenIndexTo) {\n _x = xp[i];\n } else {\n unchecked {\n ++i;\n }\n continue;\n }\n s = s.add(_x);\n c = c.mul(d).div(_x.mul(numTokens));\n // If we were to protect the division loss we would have to keep the denominator separate\n // and divide at the end. However this leads to overflow with large numTokens or/and D.\n // c = c * D * D * D * ... overflow!\n\n unchecked {\n ++i;\n }\n }\n c = c.mul(d).mul(AmplificationUtils.A_PRECISION).div(nA.mul(numTokens));\n uint256 b = s.add(d.mul(AmplificationUtils.A_PRECISION).div(nA));\n uint256 yPrev;\n uint256 y = d;\n\n // iterative approximation\n for (uint256 i; i < MAX_LOOP_LIMIT; ) {\n yPrev = y;\n y = y.mul(y).add(c).div(y.mul(2).add(b).sub(d));\n if (y.within1(yPrev)) {\n return y;\n }\n\n unchecked {\n ++i;\n }\n }\n revert(\"Approximation did not converge\");\n }\n\n /**\n * @notice Externally calculates a swap between two tokens.\n * @param self Swap struct to read from\n * @param tokenIndexFrom the token to sell\n * @param tokenIndexTo the token to buy\n * @param dx the number of tokens to sell. If the token charges a fee on transfers,\n * use the amount that gets transferred after the fee.\n * @return dy the number of tokens the user will get\n */\n function calculateSwap(\n Swap storage self,\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dx\n ) internal view returns (uint256 dy) {\n (dy, ) = _calculateSwap(self, tokenIndexFrom, tokenIndexTo, dx, self.balances);\n }\n\n /**\n * @notice Externally calculates a swap between two tokens.\n * @param self Swap struct to read from\n * @param tokenIndexFrom the token to sell\n * @param tokenIndexTo the token to buy\n * @param dy the number of tokens to buy.\n * @return dx the number of tokens the user have to transfer + fee\n */\n function calculateSwapInv(\n Swap storage self,\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dy\n ) internal view returns (uint256 dx) {\n (dx, ) = _calculateSwapInv(self, tokenIndexFrom, tokenIndexTo, dy, self.balances);\n }\n\n /**\n * @notice Internally calculates a swap between two tokens.\n *\n * @dev The caller is expected to transfer the actual amounts (dx and dy)\n * using the token contracts.\n *\n * @param self Swap struct to read from\n * @param tokenIndexFrom the token to sell\n * @param tokenIndexTo the token to buy\n * @param dx the number of tokens to sell. If the token charges a fee on transfers,\n * use the amount that gets transferred after the fee.\n * @return dy the number of tokens the user will get\n * @return dyFee the associated fee\n */\n function _calculateSwap(\n Swap storage self,\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dx,\n uint256[] memory balances\n ) internal view returns (uint256 dy, uint256 dyFee) {\n uint256[] memory multipliers = self.tokenPrecisionMultipliers;\n uint256[] memory xp = _xp(balances, multipliers);\n require(tokenIndexFrom < xp.length && tokenIndexTo < xp.length, \"index out of range\");\n uint256 x = dx.mul(multipliers[tokenIndexFrom]).add(xp[tokenIndexFrom]);\n uint256 y = getY(_getAPrecise(self), tokenIndexFrom, tokenIndexTo, x, xp);\n dy = xp[tokenIndexTo].sub(y).sub(1);\n dyFee = dy.mul(self.swapFee).div(FEE_DENOMINATOR);\n dy = dy.sub(dyFee).div(multipliers[tokenIndexTo]);\n }\n\n /**\n * @notice Internally calculates a swap between two tokens.\n *\n * @dev The caller is expected to transfer the actual amounts (dx and dy)\n * using the token contracts.\n *\n * @param self Swap struct to read from\n * @param tokenIndexFrom the token to sell\n * @param tokenIndexTo the token to buy\n * @param dy the number of tokens to buy. If the token charges a fee on transfers,\n * use the amount that gets transferred after the fee.\n * @return dx the number of tokens the user have to deposit\n * @return dxFee the associated fee\n */\n function _calculateSwapInv(\n Swap storage self,\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dy,\n uint256[] memory balances\n ) internal view returns (uint256 dx, uint256 dxFee) {\n uint256[] memory multipliers = self.tokenPrecisionMultipliers;\n uint256[] memory xp = _xp(balances, multipliers);\n require(tokenIndexFrom < xp.length && tokenIndexTo < xp.length, \"index out of range\");\n\n uint256 a = _getAPrecise(self);\n uint256 d0 = getD(xp, a);\n\n xp[tokenIndexTo] = xp[tokenIndexTo].sub(dy.mul(multipliers[tokenIndexTo]));\n uint256 x = getYD(a, tokenIndexFrom, xp, d0);\n dx = x.sub(xp[tokenIndexFrom]).add(1);\n dxFee = dx.mul(self.swapFee).div(FEE_DENOMINATOR);\n dx = dx.add(dxFee).div(multipliers[tokenIndexFrom]);\n }\n\n /**\n * @notice A simple method to calculate amount of each underlying\n * tokens that is returned upon burning given amount of\n * LP tokens\n *\n * @param amount the amount of LP tokens that would to be burned on\n * withdrawal\n * @return array of amounts of tokens user will receive\n */\n function calculateRemoveLiquidity(Swap storage self, uint256 amount) internal view returns (uint256[] memory) {\n return _calculateRemoveLiquidity(self.balances, amount, self.lpToken.totalSupply());\n }\n\n function _calculateRemoveLiquidity(\n uint256[] memory balances,\n uint256 amount,\n uint256 totalSupply\n ) internal pure returns (uint256[] memory) {\n require(amount <= totalSupply, \"exceed total supply\");\n\n uint256 numBalances = balances.length;\n uint256[] memory amounts = new uint256[](numBalances);\n\n for (uint256 i; i < numBalances; ) {\n amounts[i] = balances[i].mul(amount).div(totalSupply);\n\n unchecked {\n ++i;\n }\n }\n return amounts;\n }\n\n /**\n * @notice A simple method to calculate prices from deposits or\n * withdrawals, excluding fees but including slippage. This is\n * helpful as an input into the various \"min\" parameters on calls\n * to fight front-running\n *\n * @dev This shouldn't be used outside frontends for user estimates.\n *\n * @param self Swap struct to read from\n * @param amounts an array of token amounts to deposit or withdrawal,\n * corresponding to pooledTokens. The amount should be in each\n * pooled token's native precision. If a token charges a fee on transfers,\n * use the amount that gets transferred after the fee.\n * @param deposit whether this is a deposit or a withdrawal\n * @return if deposit was true, total amount of lp token that will be minted and if\n * deposit was false, total amount of lp token that will be burned\n */\n function calculateTokenAmount(\n Swap storage self,\n uint256[] calldata amounts,\n bool deposit\n ) internal view returns (uint256) {\n uint256 a = _getAPrecise(self);\n uint256[] memory balances = self.balances;\n uint256[] memory multipliers = self.tokenPrecisionMultipliers;\n\n uint256 numBalances = balances.length;\n uint256 d0 = getD(_xp(balances, multipliers), a);\n for (uint256 i; i < numBalances; ) {\n if (deposit) {\n balances[i] = balances[i].add(amounts[i]);\n } else {\n balances[i] = balances[i].sub(amounts[i], \"withdraw >available\");\n }\n\n unchecked {\n ++i;\n }\n }\n uint256 d1 = getD(_xp(balances, multipliers), a);\n uint256 totalSupply = self.lpToken.totalSupply();\n\n if (deposit) {\n return d1.sub(d0).mul(totalSupply).div(d0);\n } else {\n return d0.sub(d1).mul(totalSupply).div(d0);\n }\n }\n\n /**\n * @notice return accumulated amount of admin fees of the token with given index\n * @param self Swap struct to read from\n * @param index Index of the pooled token\n * @return admin balance in the token's precision\n */\n function getAdminBalance(Swap storage self, uint256 index) internal view returns (uint256) {\n require(index < self.pooledTokens.length, \"index out of range\");\n return self.adminFees[index];\n }\n\n /**\n * @notice internal helper function to calculate fee per token multiplier used in\n * swap fee calculations\n * @param swapFee swap fee for the tokens\n * @param numTokens number of tokens pooled\n */\n function _feePerToken(uint256 swapFee, uint256 numTokens) internal pure returns (uint256) {\n return swapFee.mul(numTokens).div(numTokens.sub(1).mul(4));\n }\n\n /*** STATE MODIFYING FUNCTIONS ***/\n\n /**\n * @notice swap two tokens in the pool\n * @param self Swap struct to read from and write to\n * @param tokenIndexFrom the token the user wants to sell\n * @param tokenIndexTo the token the user wants to buy\n * @param dx the amount of tokens the user wants to sell\n * @param minDy the min amount the user would like to receive, or revert.\n * @return amount of token user received on swap\n */\n function swap(\n Swap storage self,\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dx,\n uint256 minDy\n ) internal returns (uint256) {\n {\n IERC20 tokenFrom = self.pooledTokens[tokenIndexFrom];\n require(dx <= tokenFrom.balanceOf(msg.sender), \"swap more than you own\");\n // Transfer tokens first to see if a fee was charged on transfer\n uint256 beforeBalance = tokenFrom.balanceOf(address(this));\n tokenFrom.safeTransferFrom(msg.sender, address(this), dx);\n\n // Use the actual transferred amount for AMM math\n dx = tokenFrom.balanceOf(address(this)).sub(beforeBalance);\n }\n\n uint256 dy;\n uint256 dyFee;\n uint256[] memory balances = self.balances;\n (dy, dyFee) = _calculateSwap(self, tokenIndexFrom, tokenIndexTo, dx, balances);\n require(dy >= minDy, \"dy < minDy\");\n\n uint256 dyAdminFee = dyFee.mul(self.adminFee).div(FEE_DENOMINATOR).div(\n self.tokenPrecisionMultipliers[tokenIndexTo]\n );\n\n self.balances[tokenIndexFrom] = balances[tokenIndexFrom].add(dx);\n self.balances[tokenIndexTo] = balances[tokenIndexTo].sub(dy).sub(dyAdminFee);\n if (dyAdminFee != 0) {\n self.adminFees[tokenIndexTo] = self.adminFees[tokenIndexTo].add(dyAdminFee);\n }\n\n self.pooledTokens[tokenIndexTo].safeTransfer(msg.sender, dy);\n\n emit TokenSwap(msg.sender, dx, dy, tokenIndexFrom, tokenIndexTo);\n\n return dy;\n }\n\n /**\n * @notice swap two tokens in the pool\n * @param self Swap struct to read from and write to\n * @param tokenIndexFrom the token the user wants to sell\n * @param tokenIndexTo the token the user wants to buy\n * @param dy the amount of tokens the user wants to buy\n * @param maxDx the max amount the user would like to send.\n * @return amount of token user have to transfer on swap\n */\n function swapOut(\n Swap storage self,\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dy,\n uint256 maxDx\n ) internal returns (uint256) {\n require(dy <= self.balances[tokenIndexTo], \">pool balance\");\n\n uint256 dx;\n uint256 dxFee;\n uint256[] memory balances = self.balances;\n (dx, dxFee) = _calculateSwapInv(self, tokenIndexFrom, tokenIndexTo, dy, balances);\n require(dx <= maxDx, \"dx > maxDx\");\n\n uint256 dxAdminFee = dxFee.mul(self.adminFee).div(FEE_DENOMINATOR).div(\n self.tokenPrecisionMultipliers[tokenIndexFrom]\n );\n\n self.balances[tokenIndexFrom] = balances[tokenIndexFrom].add(dx).sub(dxAdminFee);\n self.balances[tokenIndexTo] = balances[tokenIndexTo].sub(dy);\n if (dxAdminFee != 0) {\n self.adminFees[tokenIndexFrom] = self.adminFees[tokenIndexFrom].add(dxAdminFee);\n }\n\n {\n IERC20 tokenFrom = self.pooledTokens[tokenIndexFrom];\n require(dx <= tokenFrom.balanceOf(msg.sender), \"more than you own\");\n // Transfer tokens first to see if a fee was charged on transfer\n uint256 beforeBalance = tokenFrom.balanceOf(address(this));\n tokenFrom.safeTransferFrom(msg.sender, address(this), dx);\n\n // Use the actual transferred amount for AMM math\n require(dx == tokenFrom.balanceOf(address(this)).sub(beforeBalance), \"not support fee token\");\n }\n\n self.pooledTokens[tokenIndexTo].safeTransfer(msg.sender, dy);\n\n emit TokenSwap(msg.sender, dx, dy, tokenIndexFrom, tokenIndexTo);\n\n return dx;\n }\n\n /**\n * @notice swap two tokens in the pool internally\n * @param self Swap struct to read from and write to\n * @param tokenIndexFrom the token the user wants to sell\n * @param tokenIndexTo the token the user wants to buy\n * @param dx the amount of tokens the user wants to sell\n * @param minDy the min amount the user would like to receive, or revert.\n * @return amount of token user received on swap\n */\n function swapInternal(\n Swap storage self,\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dx,\n uint256 minDy\n ) internal returns (uint256) {\n IERC20 tokenFrom = self.pooledTokens[tokenIndexFrom];\n require(dx <= tokenFrom.balanceOf(msg.sender), \"more than you own\");\n\n uint256 dy;\n uint256 dyFee;\n uint256[] memory balances = self.balances;\n (dy, dyFee) = _calculateSwap(self, tokenIndexFrom, tokenIndexTo, dx, balances);\n require(dy >= minDy, \"dy < minDy\");\n\n uint256 dyAdminFee = dyFee.mul(self.adminFee).div(FEE_DENOMINATOR).div(\n self.tokenPrecisionMultipliers[tokenIndexTo]\n );\n\n self.balances[tokenIndexFrom] = balances[tokenIndexFrom].add(dx);\n self.balances[tokenIndexTo] = balances[tokenIndexTo].sub(dy).sub(dyAdminFee);\n\n if (dyAdminFee != 0) {\n self.adminFees[tokenIndexTo] = self.adminFees[tokenIndexTo].add(dyAdminFee);\n }\n\n emit TokenSwap(msg.sender, dx, dy, tokenIndexFrom, tokenIndexTo);\n\n return dy;\n }\n\n /**\n * @notice Should get exact amount out of AMM for asset put in\n */\n function swapInternalOut(\n Swap storage self,\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dy,\n uint256 maxDx\n ) internal returns (uint256) {\n require(dy <= self.balances[tokenIndexTo], \"more than pool balance\");\n\n uint256 dx;\n uint256 dxFee;\n uint256[] memory balances = self.balances;\n (dx, dxFee) = _calculateSwapInv(self, tokenIndexFrom, tokenIndexTo, dy, balances);\n require(dx <= maxDx, \"dx > maxDx\");\n\n uint256 dxAdminFee = dxFee.mul(self.adminFee).div(FEE_DENOMINATOR).div(\n self.tokenPrecisionMultipliers[tokenIndexFrom]\n );\n\n self.balances[tokenIndexFrom] = balances[tokenIndexFrom].add(dx).sub(dxAdminFee);\n self.balances[tokenIndexTo] = balances[tokenIndexTo].sub(dy);\n\n if (dxAdminFee != 0) {\n self.adminFees[tokenIndexFrom] = self.adminFees[tokenIndexFrom].add(dxAdminFee);\n }\n\n emit TokenSwap(msg.sender, dx, dy, tokenIndexFrom, tokenIndexTo);\n\n return dx;\n }\n\n /**\n * @notice Add liquidity to the pool\n * @param self Swap struct to read from and write to\n * @param amounts the amounts of each token to add, in their native precision\n * @param minToMint the minimum LP tokens adding this amount of liquidity\n * should mint, otherwise revert. Handy for front-running mitigation\n * allowed addresses. If the pool is not in the guarded launch phase, this parameter will be ignored.\n * @return amount of LP token user received\n */\n function addLiquidity(\n Swap storage self,\n uint256[] memory amounts,\n uint256 minToMint\n ) internal returns (uint256) {\n IERC20[] memory pooledTokens = self.pooledTokens;\n uint256 numTokens = pooledTokens.length;\n require(amounts.length == numTokens, \"mismatch pooled tokens\");\n\n // current state\n ManageLiquidityInfo memory v = ManageLiquidityInfo(\n 0,\n 0,\n 0,\n _getAPrecise(self),\n self.lpToken,\n 0,\n self.balances,\n self.tokenPrecisionMultipliers\n );\n v.totalSupply = v.lpToken.totalSupply();\n if (v.totalSupply != 0) {\n v.d0 = getD(_xp(v.balances, v.multipliers), v.preciseA);\n }\n\n uint256[] memory newBalances = new uint256[](numTokens);\n\n for (uint256 i; i < numTokens; ) {\n require(v.totalSupply != 0 || amounts[i] != 0, \"!supply all tokens\");\n\n // Transfer tokens first to see if a fee was charged on transfer\n if (amounts[i] != 0) {\n uint256 beforeBalance = pooledTokens[i].balanceOf(address(this));\n pooledTokens[i].safeTransferFrom(msg.sender, address(this), amounts[i]);\n\n // Update the amounts[] with actual transfer amount\n amounts[i] = pooledTokens[i].balanceOf(address(this)).sub(beforeBalance);\n }\n\n newBalances[i] = v.balances[i].add(amounts[i]);\n\n unchecked {\n ++i;\n }\n }\n\n // invariant after change\n v.d1 = getD(_xp(newBalances, v.multipliers), v.preciseA);\n require(v.d1 > v.d0, \"D should increase\");\n\n // updated to reflect fees and calculate the user's LP tokens\n v.d2 = v.d1;\n uint256[] memory fees = new uint256[](numTokens);\n\n if (v.totalSupply != 0) {\n uint256 feePerToken = _feePerToken(self.swapFee, numTokens);\n for (uint256 i; i < numTokens; ) {\n uint256 idealBalance = v.d1.mul(v.balances[i]).div(v.d0);\n fees[i] = feePerToken.mul(idealBalance.difference(newBalances[i])).div(FEE_DENOMINATOR);\n uint256 adminFee = fees[i].mul(self.adminFee).div(FEE_DENOMINATOR);\n self.balances[i] = newBalances[i].sub(adminFee);\n self.adminFees[i] = self.adminFees[i].add(adminFee);\n newBalances[i] = newBalances[i].sub(fees[i]);\n\n unchecked {\n ++i;\n }\n }\n v.d2 = getD(_xp(newBalances, v.multipliers), v.preciseA);\n } else {\n // the initial depositor doesn't pay fees\n self.balances = newBalances;\n }\n\n uint256 toMint;\n if (v.totalSupply == 0) {\n toMint = v.d1;\n } else {\n toMint = v.d2.sub(v.d0).mul(v.totalSupply).div(v.d0);\n }\n\n require(toMint >= minToMint, \"mint < min\");\n\n // mint the user's LP tokens\n v.lpToken.mint(msg.sender, toMint);\n\n emit AddLiquidity(msg.sender, amounts, fees, v.d1, v.totalSupply.add(toMint));\n\n return toMint;\n }\n\n /**\n * @notice Burn LP tokens to remove liquidity from the pool.\n * @dev Liquidity can always be removed, even when the pool is paused.\n * @param self Swap struct to read from and write to\n * @param amount the amount of LP tokens to burn\n * @param minAmounts the minimum amounts of each token in the pool\n * acceptable for this burn. Useful as a front-running mitigation\n * @return amounts of tokens the user received\n */\n function removeLiquidity(\n Swap storage self,\n uint256 amount,\n uint256[] calldata minAmounts\n ) internal returns (uint256[] memory) {\n LPToken lpToken = self.lpToken;\n IERC20[] memory pooledTokens = self.pooledTokens;\n require(amount <= lpToken.balanceOf(msg.sender), \">LP.balanceOf\");\n uint256 numTokens = pooledTokens.length;\n require(minAmounts.length == numTokens, \"mismatch poolTokens\");\n\n uint256[] memory balances = self.balances;\n uint256 totalSupply = lpToken.totalSupply();\n\n uint256[] memory amounts = _calculateRemoveLiquidity(balances, amount, totalSupply);\n\n uint256 numAmounts = amounts.length;\n for (uint256 i; i < numAmounts; ) {\n require(amounts[i] >= minAmounts[i], \"amounts[i] < minAmounts[i]\");\n self.balances[i] = balances[i].sub(amounts[i]);\n pooledTokens[i].safeTransfer(msg.sender, amounts[i]);\n\n unchecked {\n ++i;\n }\n }\n\n lpToken.burnFrom(msg.sender, amount);\n\n emit RemoveLiquidity(msg.sender, amounts, totalSupply.sub(amount));\n\n return amounts;\n }\n\n /**\n * @notice Remove liquidity from the pool all in one token.\n * @param self Swap struct to read from and write to\n * @param tokenAmount the amount of the lp tokens to burn\n * @param tokenIndex the index of the token you want to receive\n * @param minAmount the minimum amount to withdraw, otherwise revert\n * @return amount chosen token that user received\n */\n function removeLiquidityOneToken(\n Swap storage self,\n uint256 tokenAmount,\n uint8 tokenIndex,\n uint256 minAmount\n ) internal returns (uint256) {\n LPToken lpToken = self.lpToken;\n IERC20[] memory pooledTokens = self.pooledTokens;\n\n require(tokenAmount <= lpToken.balanceOf(msg.sender), \">LP.balanceOf\");\n uint256 numTokens = pooledTokens.length;\n require(tokenIndex < numTokens, \"not found\");\n\n uint256 totalSupply = lpToken.totalSupply();\n\n (uint256 dy, uint256 dyFee) = _calculateWithdrawOneToken(self, tokenAmount, tokenIndex, totalSupply);\n\n require(dy >= minAmount, \"dy < minAmount\");\n\n uint256 adminFee = dyFee.mul(self.adminFee).div(FEE_DENOMINATOR);\n self.balances[tokenIndex] = self.balances[tokenIndex].sub(dy.add(adminFee));\n if (adminFee != 0) {\n self.adminFees[tokenIndex] = self.adminFees[tokenIndex].add(adminFee);\n }\n lpToken.burnFrom(msg.sender, tokenAmount);\n pooledTokens[tokenIndex].safeTransfer(msg.sender, dy);\n\n emit RemoveLiquidityOne(msg.sender, tokenAmount, totalSupply, tokenIndex, dy);\n\n return dy;\n }\n\n /**\n * @notice Remove liquidity from the pool, weighted differently than the\n * pool's current balances.\n *\n * @param self Swap struct to read from and write to\n * @param amounts how much of each token to withdraw\n * @param maxBurnAmount the max LP token provider is willing to pay to\n * remove liquidity. Useful as a front-running mitigation.\n * @return actual amount of LP tokens burned in the withdrawal\n */\n function removeLiquidityImbalance(\n Swap storage self,\n uint256[] memory amounts,\n uint256 maxBurnAmount\n ) internal returns (uint256) {\n ManageLiquidityInfo memory v = ManageLiquidityInfo(\n 0,\n 0,\n 0,\n _getAPrecise(self),\n self.lpToken,\n 0,\n self.balances,\n self.tokenPrecisionMultipliers\n );\n v.totalSupply = v.lpToken.totalSupply();\n\n IERC20[] memory pooledTokens = self.pooledTokens;\n\n uint256 numTokens = pooledTokens.length;\n uint256 numAmounts = amounts.length;\n require(numAmounts == numTokens, \"mismatch pool tokens\");\n\n require(maxBurnAmount <= v.lpToken.balanceOf(msg.sender) && maxBurnAmount != 0, \">LP.balanceOf\");\n\n uint256 feePerToken = _feePerToken(self.swapFee, numTokens);\n uint256[] memory fees = new uint256[](numTokens);\n {\n uint256[] memory balances1 = new uint256[](numTokens);\n v.d0 = getD(_xp(v.balances, v.multipliers), v.preciseA);\n for (uint256 i; i < numTokens; ) {\n balances1[i] = v.balances[i].sub(amounts[i], \"withdraw more than available\");\n\n unchecked {\n ++i;\n }\n }\n v.d1 = getD(_xp(balances1, v.multipliers), v.preciseA);\n\n for (uint256 i; i < numTokens; ) {\n {\n uint256 idealBalance = v.d1.mul(v.balances[i]).div(v.d0);\n uint256 difference = idealBalance.difference(balances1[i]);\n fees[i] = feePerToken.mul(difference).div(FEE_DENOMINATOR);\n }\n uint256 adminFee = fees[i].mul(self.adminFee).div(FEE_DENOMINATOR);\n self.balances[i] = balances1[i].sub(adminFee);\n self.adminFees[i] = self.adminFees[i].add(adminFee);\n balances1[i] = balances1[i].sub(fees[i]);\n\n unchecked {\n ++i;\n }\n }\n\n v.d2 = getD(_xp(balances1, v.multipliers), v.preciseA);\n }\n uint256 tokenAmount = v.d0.sub(v.d2).mul(v.totalSupply).div(v.d0);\n require(tokenAmount != 0, \"!zero amount\");\n tokenAmount = tokenAmount.add(1);\n\n require(tokenAmount <= maxBurnAmount, \"tokenAmount > maxBurnAmount\");\n\n v.lpToken.burnFrom(msg.sender, tokenAmount);\n\n for (uint256 i; i < numTokens; ) {\n pooledTokens[i].safeTransfer(msg.sender, amounts[i]);\n\n unchecked {\n ++i;\n }\n }\n\n emit RemoveLiquidityImbalance(msg.sender, amounts, fees, v.d1, v.totalSupply.sub(tokenAmount));\n\n return tokenAmount;\n }\n\n /**\n * @notice withdraw all admin fees to a given address\n * @param self Swap struct to withdraw fees from\n * @param to Address to send the fees to\n */\n function withdrawAdminFees(Swap storage self, address to) internal {\n IERC20[] memory pooledTokens = self.pooledTokens;\n for (uint256 i; i < pooledTokens.length; ) {\n IERC20 token = pooledTokens[i];\n uint256 balance = self.adminFees[i];\n if (balance != 0) {\n self.adminFees[i] = 0;\n token.safeTransfer(to, balance);\n }\n\n unchecked {\n ++i;\n }\n }\n }\n\n /**\n * @notice Sets the admin fee\n * @dev adminFee cannot be higher than 100% of the swap fee\n * @param self Swap struct to update\n * @param newAdminFee new admin fee to be applied on future transactions\n */\n function setAdminFee(Swap storage self, uint256 newAdminFee) internal {\n require(newAdminFee <= MAX_ADMIN_FEE, \"too high\");\n self.adminFee = newAdminFee;\n\n emit NewAdminFee(newAdminFee);\n }\n\n /**\n * @notice update the swap fee\n * @dev fee cannot be higher than 1% of each swap\n * @param self Swap struct to update\n * @param newSwapFee new swap fee to be applied on future transactions\n */\n function setSwapFee(Swap storage self, uint256 newSwapFee) internal {\n require(newSwapFee <= MAX_SWAP_FEE, \"too high\");\n self.swapFee = newSwapFee;\n\n emit NewSwapFee(newSwapFee);\n }\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/interfaces/IStableSwap.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\nimport {IERC20} from \"@openzeppelin/contracts/token/ERC20/IERC20.sol\";\n\ninterface IStableSwap {\n /*** EVENTS ***/\n\n // events replicated from SwapUtils to make the ABI easier for dumb\n // clients\n event TokenSwap(address indexed buyer, uint256 tokensSold, uint256 tokensBought, uint128 soldId, uint128 boughtId);\n event AddLiquidity(\n address indexed provider,\n uint256[] tokenAmounts,\n uint256[] fees,\n uint256 invariant,\n uint256 lpTokenSupply\n );\n event RemoveLiquidity(address indexed provider, uint256[] tokenAmounts, uint256 lpTokenSupply);\n event RemoveLiquidityOne(\n address indexed provider,\n uint256 lpTokenAmount,\n uint256 lpTokenSupply,\n uint256 boughtId,\n uint256 tokensBought\n );\n event RemoveLiquidityImbalance(\n address indexed provider,\n uint256[] tokenAmounts,\n uint256[] fees,\n uint256 invariant,\n uint256 lpTokenSupply\n );\n event NewAdminFee(uint256 newAdminFee);\n event NewSwapFee(uint256 newSwapFee);\n event NewWithdrawFee(uint256 newWithdrawFee);\n event RampA(uint256 oldA, uint256 newA, uint256 initialTime, uint256 futureTime);\n event StopRampA(uint256 currentA, uint256 time);\n\n function swapExact(\n uint256 amountIn,\n address assetIn,\n address assetOut,\n uint256 minAmountOut\n ) external payable returns (uint256);\n\n function swapExactOut(\n uint256 amountOut,\n address assetIn,\n address assetOut,\n uint256 maxAmountIn\n ) external payable returns (uint256);\n\n function getA() external view returns (uint256);\n\n function getToken(uint8 index) external view returns (IERC20);\n\n function getTokenIndex(address tokenAddress) external view returns (uint8);\n\n function getTokenBalance(uint8 index) external view returns (uint256);\n\n function getVirtualPrice() external view returns (uint256);\n\n // min return calculation functions\n function calculateSwap(\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dx\n ) external view returns (uint256);\n\n function calculateSwapOut(\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dy\n ) external view returns (uint256);\n\n function calculateSwapFromAddress(\n address assetIn,\n address assetOut,\n uint256 amountIn\n ) external view returns (uint256);\n\n function calculateSwapOutFromAddress(\n address assetIn,\n address assetOut,\n uint256 amountOut\n ) external view returns (uint256);\n\n function calculateTokenAmount(uint256[] calldata amounts, bool deposit) external view returns (uint256);\n\n function calculateRemoveLiquidity(uint256 amount) external view returns (uint256[] memory);\n\n function calculateRemoveLiquidityOneToken(uint256 tokenAmount, uint8 tokenIndex)\n external\n view\n returns (uint256 availableTokenAmount);\n\n // state modifying functions\n function initialize(\n IERC20[] memory pooledTokens,\n uint8[] memory decimals,\n string memory lpTokenName,\n string memory lpTokenSymbol,\n uint256 a,\n uint256 fee,\n uint256 adminFee,\n address lpTokenTargetAddress\n ) external;\n\n function swap(\n uint8 tokenIndexFrom,\n uint8 tokenIndexTo,\n uint256 dx,\n uint256 minDy,\n uint256 deadline\n ) external returns (uint256);\n\n function addLiquidity(\n uint256[] calldata amounts,\n uint256 minToMint,\n uint256 deadline\n ) external returns (uint256);\n\n function removeLiquidity(\n uint256 amount,\n uint256[] calldata minAmounts,\n uint256 deadline\n ) external returns (uint256[] memory);\n\n function removeLiquidityOneToken(\n uint256 tokenAmount,\n uint8 tokenIndex,\n uint256 minAmount,\n uint256 deadline\n ) external returns (uint256);\n\n function removeLiquidityImbalance(\n uint256[] calldata amounts,\n uint256 maxBurnAmount,\n uint256 deadline\n ) external returns (uint256);\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/interfaces/ITokenRegistry.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity 0.8.15;\n\nimport {IERC20} from \"@openzeppelin/contracts/token/ERC20/IERC20.sol\";\n\ninterface ITokenRegistry {\n function isLocalOrigin(address _token) external view returns (bool);\n\n function ensureLocalToken(uint32 _domain, bytes32 _id) external returns (address _local);\n\n function mustHaveLocalToken(uint32 _domain, bytes32 _id) external view returns (IERC20);\n\n function getLocalAddress(uint32 _domain, bytes32 _id) external view returns (address _local);\n\n function getTokenId(address _token) external view returns (uint32, bytes32);\n\n function enrollCustom(\n uint32 _domain,\n bytes32 _id,\n address _custom\n ) external;\n\n function oldReprToCurrentRepr(address _oldRepr) external view returns (address _currentRepr);\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/interfaces/IWrapped.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\ninterface IWrapped {\n function deposit() external payable;\n\n function withdraw(uint256 amount) external;\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/interfaces/IExecutor.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\ninterface IExecutor {\n /**\n * @param _transferId Unique identifier of transaction id that necessitated\n * calldata execution\n * @param _amount The amount to approve or send with the call\n * @param _to The address to execute the calldata on\n * @param _assetId The assetId of the funds to approve to the contract or\n * send along with the call\n * @param _properties The origin properties\n * @param _callData The data to execute\n */\n struct ExecutorArgs {\n bytes32 transferId;\n uint256 amount;\n address to;\n address recovery;\n address assetId;\n bytes properties;\n bytes callData;\n }\n\n event Executed(\n bytes32 indexed transferId,\n address indexed to,\n address indexed recovery,\n address assetId,\n uint256 amount,\n bytes _properties,\n bytes callData,\n bytes returnData,\n bool success\n );\n\n function getConnext() external returns (address);\n\n function originSender() external returns (address);\n\n function origin() external returns (uint32);\n\n function amount() external returns (uint256);\n\n function execute(ExecutorArgs calldata _args) external payable returns (bool success, bytes memory returnData);\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/interfaces/ISponsorVault.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\ninterface ISponsorVault {\n // Should be callable by the Connext contract only. Should:\n // - call `addLiquidityFor` to send the calculated fee to the router\n // - return the amount of liquidity router was reimbursed\n function reimburseLiquidityFees(\n address token,\n uint256 amount,\n address receiver\n ) external returns (uint256);\n\n // Should be callable by the Connext contract only. Should:\n // - take in an amount of relayer fee specified on origin chain\n // - convert that amount to destination domain gas\n // - send the user the destination domain gas\n function reimburseRelayerFees(\n uint32 originDomain,\n address payable receiver,\n uint256 amount\n ) external;\n\n // Should allow anyone to send funds to the vault for sponsoring fees\n function deposit(address _token, uint256 _amount) external payable;\n\n // Should allow the owner of the vault to withdraw funds put in to a given\n // address\n function withdraw(\n address token,\n address receiver,\n uint256 amount\n ) external;\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/interfaces/IDiamondCut.sol": { "content": "// SPDX-License-Identifier: MIT\npragma solidity 0.8.15;\n\n/******************************************************************************\\\n* Author: Nick Mudge (https://twitter.com/mudgen)\n* EIP-2535 Diamonds: https://eips.ethereum.org/EIPS/eip-2535\n/******************************************************************************/\n\ninterface IDiamondCut {\n enum FacetCutAction {\n Add,\n Replace,\n Remove\n }\n // Add=0, Replace=1, Remove=2\n\n struct FacetCut {\n address facetAddress;\n FacetCutAction action;\n bytes4[] functionSelectors;\n }\n\n /// @notice Add/replace/remove any number of functions and optionally execute\n /// a function with delegatecall\n /// @param _diamondCut Contains the facet addresses and function selectors\n /// @param _init The address of the contract or facet to execute _calldata\n /// @param _calldata A function call, including function selector and arguments\n /// _calldata is executed with delegatecall on _init\n function diamondCut(\n FacetCut[] calldata _diamondCut,\n address _init,\n bytes calldata _calldata\n ) external;\n\n event DiamondCut(FacetCut[] _diamondCut, address _init, bytes _calldata);\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/contracts/Replica.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\n// ============ Internal Imports ============\nimport {Version0} from \"./Version0.sol\";\nimport {NomadBase} from \"./NomadBase.sol\";\nimport {MerkleLib} from \"../libs/Merkle.sol\";\nimport {Message} from \"../libs/Message.sol\";\n// ============ External Imports ============\n// import {TypedMemView} from \"@summa-tx/memview-sol/contracts/TypedMemView.sol\";\nimport {TypedMemView} from \"../libs/TypedMemView.sol\";\n\n/**\n * @title Replica\n * @author Illusory Systems Inc.\n * @notice Track root updates on Home,\n * prove and dispatch messages to end recipients.\n */\ncontract Replica is Version0, NomadBase {\n // ============ Libraries ============\n\n using MerkleLib for MerkleLib.Tree;\n using TypedMemView for bytes;\n using TypedMemView for bytes29;\n using Message for bytes29;\n\n // ============ Enums ============\n\n // Status of Message:\n // 0 - None - message has not been proven or processed\n // 1 - Proven - message inclusion proof has been validated\n // 2 - Processed - message has been dispatched to recipient\n enum MessageStatus {\n None,\n Proven,\n Processed\n }\n\n // ============ Immutables ============\n\n // Minimum gas for message processing\n uint256 public immutable PROCESS_GAS;\n // Reserved gas (to ensure tx completes in case message processing runs out)\n uint256 public immutable RESERVE_GAS;\n\n // ============ Public Storage ============\n\n // Domain of home chain\n uint32 public remoteDomain;\n // Number of seconds to wait before root becomes confirmable\n uint256 public optimisticSeconds;\n // re-entrancy guard\n uint8 private entered;\n // Mapping of roots to allowable confirmation times\n mapping(bytes32 => uint256) public confirmAt;\n // Mapping of message leaves to MessageStatus\n mapping(bytes32 => MessageStatus) public messages;\n\n // ============ Upgrade Gap ============\n\n // gap for upgrade safety\n uint256[45] private __GAP;\n\n // ============ Events ============\n\n /**\n * @notice Emitted when message is processed\n * @param messageHash Hash of message that failed to process\n * @param success TRUE if the call was executed successfully, FALSE if the call reverted\n * @param returnData the return data from the external call\n */\n event Process(bytes32 indexed messageHash, bool indexed success, bytes indexed returnData);\n\n /**\n * @notice Emitted when the value for optimisticTimeout is set\n * @param timeout The new value for optimistic timeout\n */\n event SetOptimisticTimeout(uint256 timeout);\n\n /**\n * @notice Emitted when a root's confirmation is modified by governance\n * @param root The root for which confirmAt has been set\n * @param previousConfirmAt The previous value of confirmAt\n * @param newConfirmAt The new value of confirmAt\n */\n event SetConfirmation(bytes32 indexed root, uint256 previousConfirmAt, uint256 newConfirmAt);\n\n // ============ Constructor ============\n\n // solhint-disable-next-line no-empty-blocks\n constructor(\n uint32 _localDomain,\n uint256 _processGas,\n uint256 _reserveGas\n ) NomadBase(_localDomain) {\n require(_processGas >= 850_000, \"!process gas\");\n require(_reserveGas >= 15_000, \"!reserve gas\");\n PROCESS_GAS = _processGas;\n RESERVE_GAS = _reserveGas;\n }\n\n // ============ Initializer ============\n\n function initialize(\n uint32 _remoteDomain,\n address _updater,\n bytes32 _committedRoot,\n uint256 _optimisticSeconds\n ) public initializer {\n __NomadBase_initialize(_updater);\n // set storage variables\n entered = 1;\n remoteDomain = _remoteDomain;\n committedRoot = _committedRoot;\n confirmAt[_committedRoot] = 1;\n optimisticSeconds = _optimisticSeconds;\n emit SetOptimisticTimeout(_optimisticSeconds);\n }\n\n // ============ External Functions ============\n\n /**\n * @notice Called by external agent. Submits the signed update's new root,\n * marks root's allowable confirmation time, and emits an `Update` event.\n * @dev Reverts if update doesn't build off latest committedRoot\n * or if signature is invalid.\n * @param _oldRoot Old merkle root\n * @param _newRoot New merkle root\n * @param _signature Updater's signature on `_oldRoot` and `_newRoot`\n */\n function update(\n bytes32 _oldRoot,\n bytes32 _newRoot,\n bytes memory _signature\n ) external notFailed {\n // ensure that update is building off the last submitted root\n require(_oldRoot == committedRoot, \"not current update\");\n // validate updater signature\n require(_isUpdaterSignature(_oldRoot, _newRoot, _signature), \"!updater sig\");\n // Hook for future use\n _beforeUpdate();\n // set the new root's confirmation timer\n confirmAt[_newRoot] = block.timestamp + optimisticSeconds;\n // update committedRoot\n committedRoot = _newRoot;\n emit Update(remoteDomain, _oldRoot, _newRoot, _signature);\n }\n\n /**\n * @notice First attempts to prove the validity of provided formatted\n * `message`. If the message is successfully proven, then tries to process\n * message.\n * @dev Reverts if `prove` call returns false\n * @param _message Formatted message (refer to NomadBase.sol Message library)\n * @param _proof Merkle proof of inclusion for message's leaf\n * @param _index Index of leaf in home's merkle tree\n */\n function proveAndProcess(\n bytes memory _message,\n bytes32[32] calldata _proof,\n uint256 _index\n ) external {\n require(prove(keccak256(_message), _proof, _index), \"!prove\");\n process(_message);\n }\n\n /**\n * @notice Given formatted message, attempts to dispatch\n * message payload to end recipient.\n * @dev Recipient must implement a `handle` method (refer to IMessageRecipient.sol)\n * Reverts if formatted message's destination domain is not the Replica's domain,\n * if message has not been proven,\n * or if not enough gas is provided for the dispatch transaction.\n * @param _message Formatted message\n * @return _success TRUE iff dispatch transaction succeeded\n */\n function process(bytes memory _message) public returns (bool _success) {\n bytes29 _m = _message.ref(0);\n // ensure message was meant for this domain\n require(_m.destination() == localDomain, \"!destination\");\n // ensure message has been proven\n bytes32 _messageHash = _m.keccak();\n require(messages[_messageHash] == MessageStatus.Proven, \"!proven\");\n // check re-entrancy guard\n require(entered == 1, \"!reentrant\");\n entered = 0;\n // update message status as processed\n messages[_messageHash] = MessageStatus.Processed;\n // A call running out of gas TYPICALLY errors the whole tx. We want to\n // a) ensure the call has a sufficient amount of gas to make a\n // meaningful state change.\n // b) ensure that if the subcall runs out of gas, that the tx as a whole\n // does not revert (i.e. we still mark the message processed)\n // To do this, we require that we have enough gas to process\n // and still return. We then delegate only the minimum processing gas.\n require(gasleft() >= PROCESS_GAS + RESERVE_GAS, \"!gas\");\n // get the message recipient\n address _recipient = _m.recipientAddress();\n // set up for assembly call\n uint256 _toCopy;\n uint256 _maxCopy = 256;\n uint256 _gas = PROCESS_GAS;\n // allocate memory for returndata\n bytes memory _returnData = new bytes(_maxCopy);\n bytes memory _calldata = abi.encodeWithSignature(\n \"handle(uint32,uint32,bytes32,bytes)\",\n _m.origin(),\n _m.nonce(),\n _m.sender(),\n _m.body().clone()\n );\n // dispatch message to recipient\n // by assembly calling \"handle\" function\n // we call via assembly to avoid memcopying a very large returndata\n // returned by a malicious contract\n assembly {\n _success := call(\n _gas, // gas\n _recipient, // recipient\n 0, // ether value\n add(_calldata, 0x20), // inloc\n mload(_calldata), // inlen\n 0, // outloc\n 0 // outlen\n )\n // limit our copy to 256 bytes\n _toCopy := returndatasize()\n if gt(_toCopy, _maxCopy) {\n _toCopy := _maxCopy\n }\n // Store the length of the copied bytes\n mstore(_returnData, _toCopy)\n // copy the bytes from returndata[0:_toCopy]\n returndatacopy(add(_returnData, 0x20), 0, _toCopy)\n }\n // emit process results\n emit Process(_messageHash, _success, _returnData);\n // reset re-entrancy guard\n entered = 1;\n }\n\n // ============ External Owner Functions ============\n\n /**\n * @notice Set optimistic timeout period for new roots\n * @dev Only callable by owner (Governance)\n * @param _optimisticSeconds New optimistic timeout period\n */\n function setOptimisticTimeout(uint256 _optimisticSeconds) external onlyOwner {\n optimisticSeconds = _optimisticSeconds;\n emit SetOptimisticTimeout(_optimisticSeconds);\n }\n\n /**\n * @notice Set Updater role\n * @dev MUST ensure that all roots signed by previous Updater have\n * been relayed before calling. Only callable by owner (Governance)\n * @param _updater New Updater\n */\n function setUpdater(address _updater) external onlyOwner {\n _setUpdater(_updater);\n }\n\n /**\n * @notice Set confirmAt for a given root\n * @dev To be used if in the case that fraud is proven\n * and roots need to be deleted / added. Only callable by owner (Governance)\n * @param _root The root for which to modify confirm time\n * @param _confirmAt The new confirmation time. Set to 0 to \"delete\" a root.\n */\n function setConfirmation(bytes32 _root, uint256 _confirmAt) external onlyOwner {\n uint256 _previousConfirmAt = confirmAt[_root];\n confirmAt[_root] = _confirmAt;\n emit SetConfirmation(_root, _previousConfirmAt, _confirmAt);\n }\n\n // ============ Public Functions ============\n\n /**\n * @notice Check that the root has been submitted\n * and that the optimistic timeout period has expired,\n * meaning the root can be processed\n * @param _root the Merkle root, submitted in an update, to check\n * @return TRUE iff root has been submitted & timeout has expired\n */\n function acceptableRoot(bytes32 _root) public view returns (bool) {\n uint256 _time = confirmAt[_root];\n if (_time == 0) {\n return false;\n }\n return block.timestamp >= _time;\n }\n\n /**\n * @notice Attempts to prove the validity of message given its leaf, the\n * merkle proof of inclusion for the leaf, and the index of the leaf.\n * @dev Reverts if message's MessageStatus != None (i.e. if message was\n * already proven or processed)\n * @dev For convenience, we allow proving against any previous root.\n * This means that witnesses never need to be updated for the new root\n * @param _leaf Leaf of message to prove\n * @param _proof Merkle proof of inclusion for leaf\n * @param _index Index of leaf in home's merkle tree\n * @return Returns true if proof was valid and `prove` call succeeded\n **/\n function prove(\n bytes32 _leaf,\n bytes32[32] calldata _proof,\n uint256 _index\n ) public returns (bool) {\n // ensure that message has not been proven or processed\n require(messages[_leaf] == MessageStatus.None, \"!MessageStatus.None\");\n // calculate the expected root based on the proof\n bytes32 _calculatedRoot = MerkleLib.branchRoot(_leaf, _proof, _index);\n // if the root is valid, change status to Proven\n if (acceptableRoot(_calculatedRoot)) {\n messages[_leaf] = MessageStatus.Proven;\n return true;\n }\n return false;\n }\n\n /**\n * @notice Hash of Home domain concatenated with \"NOMAD\"\n */\n function homeDomainHash() public view override returns (bytes32) {\n return _homeDomainHash(remoteDomain);\n }\n\n // ============ Internal Functions ============\n\n /**\n * @notice Moves the contract into failed state\n * @dev Called when a Double Update is submitted\n */\n function _fail() internal override {\n _setFailed();\n }\n\n /// @notice Hook for potential future use\n // solhint-disable-next-line no-empty-blocks\n function _beforeUpdate() internal {}\n}\n" }, "@openzeppelin/contracts/access/Ownable.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (access/Ownable.sol)\n\npragma solidity ^0.8.0;\n\nimport \"../utils/Context.sol\";\n\n/**\n * @dev Contract module which provides a basic access control mechanism, where\n * there is an account (an owner) that can be granted exclusive access to\n * specific functions.\n *\n * By default, the owner account will be the one that deploys the contract. This\n * can later be changed with {transferOwnership}.\n *\n * This module is used through inheritance. It will make available the modifier\n * `onlyOwner`, which can be applied to your functions to restrict their use to\n * the owner.\n */\nabstract contract Ownable is Context {\n address private _owner;\n\n event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);\n\n /**\n * @dev Initializes the contract setting the deployer as the initial owner.\n */\n constructor() {\n _transferOwnership(_msgSender());\n }\n\n /**\n * @dev Returns the address of the current owner.\n */\n function owner() public view virtual returns (address) {\n return _owner;\n }\n\n /**\n * @dev Throws if called by any account other than the owner.\n */\n modifier onlyOwner() {\n require(owner() == _msgSender(), \"Ownable: caller is not the owner\");\n _;\n }\n\n /**\n * @dev Leaves the contract without owner. It will not be possible to call\n * `onlyOwner` functions anymore. Can only be called by the current owner.\n *\n * NOTE: Renouncing ownership will leave the contract without an owner,\n * thereby removing any functionality that is only available to the owner.\n */\n function renounceOwnership() public virtual onlyOwner {\n _transferOwnership(address(0));\n }\n\n /**\n * @dev Transfers ownership of the contract to a new account (`newOwner`).\n * Can only be called by the current owner.\n */\n function transferOwnership(address newOwner) public virtual onlyOwner {\n require(newOwner != address(0), \"Ownable: new owner is the zero address\");\n _transferOwnership(newOwner);\n }\n\n /**\n * @dev Transfers ownership of the contract to a new account (`newOwner`).\n * Internal function without access restriction.\n */\n function _transferOwnership(address newOwner) internal virtual {\n address oldOwner = _owner;\n _owner = newOwner;\n emit OwnershipTransferred(oldOwner, newOwner);\n }\n}\n" }, "@openzeppelin/contracts/utils/Context.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)\n\npragma solidity ^0.8.0;\n\n/**\n * @dev Provides information about the current execution context, including the\n * sender of the transaction and its data. While these are generally available\n * via msg.sender and msg.data, they should not be accessed in such a direct\n * manner, since when dealing with meta-transactions the account sending and\n * paying for execution may not be the actual sender (as far as an application\n * is concerned).\n *\n * This contract is only required for intermediate, library-like contracts.\n */\nabstract contract Context {\n function _msgSender() internal view virtual returns (address) {\n return msg.sender;\n }\n\n function _msgData() internal view virtual returns (bytes calldata) {\n return msg.data;\n }\n}\n" }, "@connext/nxtp-contracts/contracts/core/relayer-fee/libraries/RelayerFeeMessage.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity 0.8.15;\n\n// ============ External Imports ============\nimport {TypedMemView} from \"../../../nomad-core/libs/TypedMemView.sol\";\n\nlibrary RelayerFeeMessage {\n // ============ Libraries ============\n\n using TypedMemView for bytes;\n using TypedMemView for bytes29;\n\n // ============ Enums ============\n\n // WARNING: do NOT re-write the numbers / order\n // of message types in an upgrade;\n // will cause in-flight messages to be mis-interpreted\n enum Types {\n Invalid, // 0\n ClaimFees // 1\n }\n\n // ============ Constants ============\n\n // before: 1 byte identifier + 20 bytes recipient + 32 bytes length + 32 bytes 1 transfer id = 85 bytes\n uint256 private constant MIN_CLAIM_LEN = 85;\n // before: 1 byte identifier + 20 bytes recipient = 21 bytes\n uint256 private constant LENGTH_ID_START = 21;\n uint8 private constant LENGTH_ID_LEN = 32;\n // before: 1 byte identifier\n uint256 private constant RECIPIENT_START = 1;\n // before: 1 byte identifier + 20 bytes recipient + 32 bytes length = 53 bytes\n uint256 private constant TRANSFER_IDS_START = 53;\n uint8 private constant TRANSFER_ID_LEN = 32;\n\n // ============ Modifiers ============\n\n /**\n * @notice Asserts a message is of type `_t`\n * @param _view The message\n * @param _t The expected type\n */\n modifier typeAssert(bytes29 _view, Types _t) {\n _view.assertType(uint40(_t));\n _;\n }\n\n // ============ Formatters ============\n\n /**\n * @notice Formats an claim fees message\n * @param _recipient The address of the relayer\n * @param _transferIds A group of transfers ids to claim for fee bumps\n * @return The formatted message\n */\n function formatClaimFees(address _recipient, bytes32[] calldata _transferIds) internal pure returns (bytes memory) {\n return abi.encodePacked(uint8(Types.ClaimFees), _recipient, _transferIds.length, _transferIds);\n }\n\n // ============ Getters ============\n\n /**\n * @notice Parse the recipient address of the fees\n * @param _view The message\n * @return The recipient address\n */\n function recipient(bytes29 _view) internal pure typeAssert(_view, Types.ClaimFees) returns (address) {\n // before = 1 byte identifier\n return _view.indexAddress(1);\n }\n\n /**\n * @notice Parse The group of transfers ids to claim for fee bumps\n * @param _view The message\n * @return The group of transfers ids to claim for fee bumps\n */\n function transferIds(bytes29 _view) internal pure typeAssert(_view, Types.ClaimFees) returns (bytes32[] memory) {\n uint256 length = _view.indexUint(LENGTH_ID_START, LENGTH_ID_LEN);\n\n bytes32[] memory ids = new bytes32[](length);\n for (uint256 i; i < length; ) {\n ids[i] = _view.index(TRANSFER_IDS_START + i * TRANSFER_ID_LEN, TRANSFER_ID_LEN);\n\n unchecked {\n ++i;\n }\n }\n return ids;\n }\n\n /**\n * @notice Checks that view is a valid message length\n * @param _view The bytes string\n * @return TRUE if message is valid\n */\n function isValidClaimFeesLength(bytes29 _view) internal pure returns (bool) {\n uint256 _len = _view.len();\n // at least 1 transfer id where the excess is multiplier of transfer id length\n return _len >= MIN_CLAIM_LEN && (_len - TRANSFER_IDS_START) % TRANSFER_ID_LEN == 0;\n }\n\n /**\n * @notice Converts to a ClaimFees\n * @param _view The message\n * @return The newly typed message\n */\n function tryAsClaimFees(bytes29 _view) internal pure returns (bytes29) {\n if (isValidClaimFeesLength(_view)) {\n return _view.castTo(uint40(Types.ClaimFees));\n }\n return TypedMemView.nullView();\n }\n\n /**\n * @notice Asserts that the message is of type ClaimFees\n * @param _view The message\n * @return The message\n */\n function mustBeClaimFees(bytes29 _view) internal pure returns (bytes29) {\n return tryAsClaimFees(_view).assertValid();\n }\n}\n" }, "@connext/nxtp-contracts/contracts/nomad-core/interfaces/IMessageRecipient.sol": { "content": "// SPDX-License-Identifier: MIT OR Apache-2.0\npragma solidity >=0.6.11;\n\ninterface IMessageRecipient {\n function handle(\n uint32 _origin,\n uint32 _nonce,\n bytes32 _sender,\n bytes memory _message\n ) external;\n}\n" }, "@connext/nxtp-contracts/contracts/core/shared/ProposedOwnable.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\nimport {Initializable} from \"@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol\";\n\nimport {IProposedOwnable} from \"./interfaces/IProposedOwnable.sol\";\n\n/**\n * @title ProposedOwnable\n * @notice Contract module which provides a basic access control mechanism,\n * where there is an account (an owner) that can be granted exclusive access to\n * specific functions.\n *\n * By default, the owner account will be the one that deploys the contract. This\n * can later be changed via a two step process:\n * 1. Call `proposeOwner`\n * 2. Wait out the delay period\n * 3. Call `acceptOwner`\n *\n * @dev This module is used through inheritance. It will make available the\n * modifier `onlyOwner`, which can be applied to your functions to restrict\n * their use to the owner.\n *\n * @dev The majority of this code was taken from the openzeppelin Ownable\n * contract\n *\n */\nabstract contract ProposedOwnable is IProposedOwnable {\n // ========== Custom Errors ===========\n\n error ProposedOwnable__onlyOwner_notOwner();\n error ProposedOwnable__onlyProposed_notProposedOwner();\n error ProposedOwnable__proposeNewOwner_invalidProposal();\n error ProposedOwnable__proposeNewOwner_noOwnershipChange();\n error ProposedOwnable__renounceOwnership_noProposal();\n error ProposedOwnable__renounceOwnership_delayNotElapsed();\n error ProposedOwnable__renounceOwnership_invalidProposal();\n error ProposedOwnable__acceptProposedOwner_delayNotElapsed();\n\n // ============ Properties ============\n\n address private _owner;\n\n address private _proposed;\n uint256 private _proposedOwnershipTimestamp;\n\n uint256 private constant _delay = 7 days;\n\n // ======== Getters =========\n\n /**\n * @notice Returns the address of the current owner.\n */\n function owner() public view virtual returns (address) {\n return _owner;\n }\n\n /**\n * @notice Returns the address of the proposed owner.\n */\n function proposed() public view virtual returns (address) {\n return _proposed;\n }\n\n /**\n * @notice Returns the address of the proposed owner.\n */\n function proposedTimestamp() public view virtual returns (uint256) {\n return _proposedOwnershipTimestamp;\n }\n\n /**\n * @notice Returns the delay period before a new owner can be accepted.\n */\n function delay() public view virtual returns (uint256) {\n return _delay;\n }\n\n /**\n * @notice Throws if called by any account other than the owner.\n */\n modifier onlyOwner() {\n if (_owner != msg.sender) revert ProposedOwnable__onlyOwner_notOwner();\n _;\n }\n\n /**\n * @notice Throws if called by any account other than the proposed owner.\n */\n modifier onlyProposed() {\n if (_proposed != msg.sender) revert ProposedOwnable__onlyProposed_notProposedOwner();\n _;\n }\n\n /**\n * @notice Indicates if the ownership has been renounced() by\n * checking if current owner is address(0)\n */\n function renounced() public view returns (bool) {\n return _owner == address(0);\n }\n\n // ======== External =========\n\n /**\n * @notice Sets the timestamp for an owner to be proposed, and sets the\n * newly proposed owner as step 1 in a 2-step process\n */\n function proposeNewOwner(address newlyProposed) public virtual onlyOwner {\n // Contract as source of truth\n if (_proposed == newlyProposed && newlyProposed != address(0))\n revert ProposedOwnable__proposeNewOwner_invalidProposal();\n\n // Sanity check: reasonable proposal\n if (_owner == newlyProposed) revert ProposedOwnable__proposeNewOwner_noOwnershipChange();\n\n _setProposed(newlyProposed);\n }\n\n /**\n * @notice Renounces ownership of the contract after a delay\n */\n function renounceOwnership() public virtual onlyOwner {\n // Ensure there has been a proposal cycle started\n if (_proposedOwnershipTimestamp == 0) revert ProposedOwnable__renounceOwnership_noProposal();\n\n // Ensure delay has elapsed\n if ((block.timestamp - _proposedOwnershipTimestamp) <= _delay)\n revert ProposedOwnable__renounceOwnership_delayNotElapsed();\n\n // Require proposed is set to 0\n if (_proposed != address(0)) revert ProposedOwnable__renounceOwnership_invalidProposal();\n\n // Emit event, set new owner, reset timestamp\n _setOwner(_proposed);\n }\n\n /**\n * @notice Transfers ownership of the contract to a new account (`newOwner`).\n * Can only be called by the current owner.\n */\n function acceptProposedOwner() public virtual onlyProposed {\n // NOTE: no need to check if _owner == _proposed, because the _proposed\n // is 0-d out and this check is implicitly enforced by modifier\n\n // NOTE: no need to check if _proposedOwnershipTimestamp > 0 because\n // the only time this would happen is if the _proposed was never\n // set (will fail from modifier) or if the owner == _proposed (checked\n // above)\n\n // Ensure delay has elapsed\n if ((block.timestamp - _proposedOwnershipTimestamp) <= _delay)\n revert ProposedOwnable__acceptProposedOwner_delayNotElapsed();\n\n // Emit event, set new owner, reset timestamp\n _setOwner(_proposed);\n }\n\n // ======== Internal =========\n\n function _setOwner(address newOwner) internal {\n address oldOwner = _owner;\n _owner = newOwner;\n _proposedOwnershipTimestamp = 0;\n _proposed = address(0);\n emit OwnershipTransferred(oldOwner, newOwner);\n }\n\n function _setProposed(address newlyProposed) private {\n _proposedOwnershipTimestamp = block.timestamp;\n _proposed = newlyProposed;\n emit OwnershipProposed(newlyProposed);\n }\n}\n\nabstract contract ProposedOwnableUpgradeable is Initializable, ProposedOwnable {\n /**\n * @dev Initializes the contract setting the deployer as the initial\n */\n function __ProposedOwnable_init() internal onlyInitializing {\n __ProposedOwnable_init_unchained();\n }\n\n function __ProposedOwnable_init_unchained() internal onlyInitializing {\n _setOwner(msg.sender);\n }\n\n /**\n * @dev This empty reserved space is put in place to allow future versions to add new\n * variables without shifting down storage in the inheritance chain.\n * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n */\n uint256[49] private __GAP;\n}\n" }, "@connext/nxtp-contracts/contracts/core/shared/interfaces/IProposedOwnable.sol": { "content": "// SPDX-License-Identifier: MIT\npragma solidity 0.8.15;\n\n/**\n * @title IProposedOwnable\n * @notice Defines a minimal interface for ownership with a two step proposal and acceptance\n * process\n */\ninterface IProposedOwnable {\n /**\n * @dev This emits when change in ownership of a contract is proposed.\n */\n event OwnershipProposed(address indexed proposedOwner);\n\n /**\n * @dev This emits when ownership of a contract changes.\n */\n event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);\n\n /**\n * @notice Get the address of the owner\n * @return owner_ The address of the owner.\n */\n function owner() external view returns (address owner_);\n\n /**\n * @notice Get the address of the proposed owner\n * @return proposed_ The address of the proposed.\n */\n function proposed() external view returns (address proposed_);\n\n /**\n * @notice Set the address of the proposed owner of the contract\n * @param newlyProposed The proposed new owner of the contract\n */\n function proposeNewOwner(address newlyProposed) external;\n\n /**\n * @notice Set the address of the proposed owner of the contract\n */\n function acceptProposedOwner() external;\n}\n" }, "@openzeppelin/contracts/utils/math/SafeMath.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.6.0) (utils/math/SafeMath.sol)\n\npragma solidity ^0.8.0;\n\n// CAUTION\n// This version of SafeMath should only be used with Solidity 0.8 or later,\n// because it relies on the compiler's built in overflow checks.\n\n/**\n * @dev Wrappers over Solidity's arithmetic operations.\n *\n * NOTE: `SafeMath` is generally not needed starting with Solidity 0.8, since the compiler\n * now has built in overflow checking.\n */\nlibrary SafeMath {\n /**\n * @dev Returns the addition of two unsigned integers, with an overflow flag.\n *\n * _Available since v3.4._\n */\n function tryAdd(uint256 a, uint256 b) internal pure returns (bool, uint256) {\n unchecked {\n uint256 c = a + b;\n if (c < a) return (false, 0);\n return (true, c);\n }\n }\n\n /**\n * @dev Returns the subtraction of two unsigned integers, with an overflow flag.\n *\n * _Available since v3.4._\n */\n function trySub(uint256 a, uint256 b) internal pure returns (bool, uint256) {\n unchecked {\n if (b > a) return (false, 0);\n return (true, a - b);\n }\n }\n\n /**\n * @dev Returns the multiplication of two unsigned integers, with an overflow flag.\n *\n * _Available since v3.4._\n */\n function tryMul(uint256 a, uint256 b) internal pure returns (bool, uint256) {\n unchecked {\n // Gas optimization: this is cheaper than requiring 'a' not being zero, but the\n // benefit is lost if 'b' is also tested.\n // See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522\n if (a == 0) return (true, 0);\n uint256 c = a * b;\n if (c / a != b) return (false, 0);\n return (true, c);\n }\n }\n\n /**\n * @dev Returns the division of two unsigned integers, with a division by zero flag.\n *\n * _Available since v3.4._\n */\n function tryDiv(uint256 a, uint256 b) internal pure returns (bool, uint256) {\n unchecked {\n if (b == 0) return (false, 0);\n return (true, a / b);\n }\n }\n\n /**\n * @dev Returns the remainder of dividing two unsigned integers, with a division by zero flag.\n *\n * _Available since v3.4._\n */\n function tryMod(uint256 a, uint256 b) internal pure returns (bool, uint256) {\n unchecked {\n if (b == 0) return (false, 0);\n return (true, a % b);\n }\n }\n\n /**\n * @dev Returns the addition of two unsigned integers, reverting on\n * overflow.\n *\n * Counterpart to Solidity's `+` operator.\n *\n * Requirements:\n *\n * - Addition cannot overflow.\n */\n function add(uint256 a, uint256 b) internal pure returns (uint256) {\n return a + b;\n }\n\n /**\n * @dev Returns the subtraction of two unsigned integers, reverting on\n * overflow (when the result is negative).\n *\n * Counterpart to Solidity's `-` operator.\n *\n * Requirements:\n *\n * - Subtraction cannot overflow.\n */\n function sub(uint256 a, uint256 b) internal pure returns (uint256) {\n return a - b;\n }\n\n /**\n * @dev Returns the multiplication of two unsigned integers, reverting on\n * overflow.\n *\n * Counterpart to Solidity's `*` operator.\n *\n * Requirements:\n *\n * - Multiplication cannot overflow.\n */\n function mul(uint256 a, uint256 b) internal pure returns (uint256) {\n return a * b;\n }\n\n /**\n * @dev Returns the integer division of two unsigned integers, reverting on\n * division by zero. The result is rounded towards zero.\n *\n * Counterpart to Solidity's `/` operator.\n *\n * Requirements:\n *\n * - The divisor cannot be zero.\n */\n function div(uint256 a, uint256 b) internal pure returns (uint256) {\n return a / b;\n }\n\n /**\n * @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),\n * reverting when dividing by zero.\n *\n * Counterpart to Solidity's `%` operator. This function uses a `revert`\n * opcode (which leaves remaining gas untouched) while Solidity uses an\n * invalid opcode to revert (consuming all remaining gas).\n *\n * Requirements:\n *\n * - The divisor cannot be zero.\n */\n function mod(uint256 a, uint256 b) internal pure returns (uint256) {\n return a % b;\n }\n\n /**\n * @dev Returns the subtraction of two unsigned integers, reverting with custom message on\n * overflow (when the result is negative).\n *\n * CAUTION: This function is deprecated because it requires allocating memory for the error\n * message unnecessarily. For custom revert reasons use {trySub}.\n *\n * Counterpart to Solidity's `-` operator.\n *\n * Requirements:\n *\n * - Subtraction cannot overflow.\n */\n function sub(\n uint256 a,\n uint256 b,\n string memory errorMessage\n ) internal pure returns (uint256) {\n unchecked {\n require(b <= a, errorMessage);\n return a - b;\n }\n }\n\n /**\n * @dev Returns the integer division of two unsigned integers, reverting with custom message on\n * division by zero. The result is rounded towards zero.\n *\n * Counterpart to Solidity's `/` operator. Note: this function uses a\n * `revert` opcode (which leaves remaining gas untouched) while Solidity\n * uses an invalid opcode to revert (consuming all remaining gas).\n *\n * Requirements:\n *\n * - The divisor cannot be zero.\n */\n function div(\n uint256 a,\n uint256 b,\n string memory errorMessage\n ) internal pure returns (uint256) {\n unchecked {\n require(b > 0, errorMessage);\n return a / b;\n }\n }\n\n /**\n * @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),\n * reverting with custom message when dividing by zero.\n *\n * CAUTION: This function is deprecated because it requires allocating memory for the error\n * message unnecessarily. For custom revert reasons use {tryMod}.\n *\n * Counterpart to Solidity's `%` operator. This function uses a `revert`\n * opcode (which leaves remaining gas untouched) while Solidity uses an\n * invalid opcode to revert (consuming all remaining gas).\n *\n * Requirements:\n *\n * - The divisor cannot be zero.\n */\n function mod(\n uint256 a,\n uint256 b,\n string memory errorMessage\n ) internal pure returns (uint256) {\n unchecked {\n require(b > 0, errorMessage);\n return a % b;\n }\n }\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/helpers/LPToken.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\nimport {ERC20BurnableUpgradeable, ERC20Upgradeable} from \"@openzeppelin/contracts-upgradeable/token/ERC20/extensions/ERC20BurnableUpgradeable.sol\";\nimport {OwnableUpgradeable} from \"@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol\";\n\n/**\n * @title Liquidity Provider Token\n * @notice This token is an ERC20 detailed token with added capability to be minted by the owner.\n * It is used to represent user's shares when providing liquidity to swap contracts.\n * @dev Only Swap contracts should initialize and own LPToken contracts.\n */\ncontract LPToken is ERC20BurnableUpgradeable, OwnableUpgradeable {\n // ============ Upgrade Gap ============\n\n uint256[49] private __GAP; // gap for upgrade safety\n\n // ============ Storage ============\n\n /**\n * @notice Used to enforce proper token dilution\n * @dev If this is the first mint of the LP token, this amount of funds are burned.\n * See audit recommendations here:\n * - https://github.com/code-423n4/2022-03-prepo-findings/issues/27\n * - https://github.com/code-423n4/2022-04-jpegd-findings/issues/12\n * and uniswap v2 implementation here:\n * https://github.com/Uniswap/v2-core/blob/8b82b04a0b9e696c0e83f8b2f00e5d7be6888c79/contracts/UniswapV2Pair.sol#L15\n */\n uint256 public constant MINIMUM_LIQUIDITY = 10**3;\n\n // ============ Initializer ============\n\n /**\n * @notice Initializes this LPToken contract with the given name and symbol\n * @dev The caller of this function will become the owner. A Swap contract should call this\n * in its initializer function.\n * @param name name of this token\n * @param symbol symbol of this token\n */\n function initialize(string memory name, string memory symbol) external initializer returns (bool) {\n __Context_init_unchained();\n __ERC20_init_unchained(name, symbol);\n __Ownable_init_unchained();\n return true;\n }\n\n // ============ External functions ============\n\n /**\n * @notice Mints the given amount of LPToken to the recipient.\n * @dev only owner can call this mint function\n * @param recipient address of account to receive the tokens\n * @param amount amount of tokens to mint\n */\n function mint(address recipient, uint256 amount) external onlyOwner {\n require(amount != 0, \"LPToken: cannot mint 0\");\n if (totalSupply() == 0) {\n // NOTE: using the _mint function directly will error because it is going\n // to the 0 address. fix by using the address(1) here instead\n _mint(address(1), MINIMUM_LIQUIDITY);\n }\n _mint(recipient, amount);\n }\n\n // ============ Internal functions ============\n\n /**\n * @dev Overrides ERC20._beforeTokenTransfer() which get called on every transfers including\n * minting and burning. This ensures that Swap.updateUserWithdrawFees are called everytime.\n * This assumes the owner is set to a Swap contract's address.\n */\n function _beforeTokenTransfer(\n address from,\n address to,\n uint256 amount\n ) internal virtual override(ERC20Upgradeable) {\n super._beforeTokenTransfer(from, to, amount);\n require(to != address(this), \"LPToken: cannot send to itself\");\n }\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/libraries/AmplificationUtils.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\nimport {SafeERC20} from \"@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol\";\nimport {SafeMath} from \"@openzeppelin/contracts/utils/math/SafeMath.sol\";\n\nimport {SwapUtils} from \"./SwapUtils.sol\";\n\n/**\n * @title AmplificationUtils library\n * @notice A library to calculate and ramp the A parameter of a given `SwapUtils.Swap` struct.\n * This library assumes the struct is fully validated.\n */\nlibrary AmplificationUtils {\n using SafeMath for uint256;\n\n event RampA(uint256 oldA, uint256 newA, uint256 initialTime, uint256 futureTime);\n event StopRampA(uint256 currentA, uint256 time);\n\n // Constant values used in ramping A calculations\n uint256 public constant A_PRECISION = 100;\n uint256 public constant MAX_A = 10**6;\n uint256 private constant MAX_A_CHANGE = 2;\n uint256 private constant MIN_RAMP_TIME = 14 days;\n\n /**\n * @notice Return A, the amplification coefficient * n * (n - 1)\n * @dev See the StableSwap paper for details\n * @param self Swap struct to read from\n * @return A parameter\n */\n function getA(SwapUtils.Swap storage self) internal view returns (uint256) {\n return _getAPrecise(self).div(A_PRECISION);\n }\n\n /**\n * @notice Return A in its raw precision\n * @dev See the StableSwap paper for details\n * @param self Swap struct to read from\n * @return A parameter in its raw precision form\n */\n function getAPrecise(SwapUtils.Swap storage self) internal view returns (uint256) {\n return _getAPrecise(self);\n }\n\n /**\n * @notice Return A in its raw precision\n * @dev See the StableSwap paper for details\n * @param self Swap struct to read from\n * @return A parameter in its raw precision form\n */\n function _getAPrecise(SwapUtils.Swap storage self) internal view returns (uint256) {\n uint256 t1 = self.futureATime; // time when ramp is finished\n uint256 a1 = self.futureA; // final A value when ramp is finished\n\n if (block.timestamp < t1) {\n uint256 t0 = self.initialATime; // time when ramp is started\n uint256 a0 = self.initialA; // initial A value when ramp is started\n if (a1 > a0) {\n // a0 + (a1 - a0) * (block.timestamp - t0) / (t1 - t0)\n return a0.add(a1.sub(a0).mul(block.timestamp.sub(t0)).div(t1.sub(t0)));\n } else {\n // a0 - (a0 - a1) * (block.timestamp - t0) / (t1 - t0)\n return a0.sub(a0.sub(a1).mul(block.timestamp.sub(t0)).div(t1.sub(t0)));\n }\n } else {\n return a1;\n }\n }\n\n /**\n * @notice Start ramping up or down A parameter towards given futureA_ and futureTime_\n * Checks if the change is too rapid, and commits the new A value only when it falls under\n * the limit range.\n * @param self Swap struct to update\n * @param futureA_ the new A to ramp towards\n * @param futureTime_ timestamp when the new A should be reached\n */\n function rampA(\n SwapUtils.Swap storage self,\n uint256 futureA_,\n uint256 futureTime_\n ) internal {\n require(block.timestamp >= self.initialATime.add(1 days), \"Wait 1 day before starting ramp\");\n require(futureTime_ >= block.timestamp.add(MIN_RAMP_TIME), \"Insufficient ramp time\");\n require(futureA_ != 0 && futureA_ < MAX_A, \"futureA_ must be > 0 and < MAX_A\");\n\n uint256 initialAPrecise = _getAPrecise(self);\n uint256 futureAPrecise = futureA_.mul(A_PRECISION);\n\n if (futureAPrecise < initialAPrecise) {\n require(futureAPrecise.mul(MAX_A_CHANGE) >= initialAPrecise, \"futureA_ is too small\");\n } else {\n require(futureAPrecise <= initialAPrecise.mul(MAX_A_CHANGE), \"futureA_ is too large\");\n }\n\n self.initialA = initialAPrecise;\n self.futureA = futureAPrecise;\n self.initialATime = block.timestamp;\n self.futureATime = futureTime_;\n\n emit RampA(initialAPrecise, futureAPrecise, block.timestamp, futureTime_);\n }\n\n /**\n * @notice Stops ramping A immediately. Once this function is called, rampA()\n * cannot be called for another 24 hours\n * @param self Swap struct to update\n */\n function stopRampA(SwapUtils.Swap storage self) internal {\n require(self.futureATime > block.timestamp, \"Ramp is already stopped\");\n\n uint256 currentA = _getAPrecise(self);\n self.initialA = currentA;\n self.futureA = currentA;\n self.initialATime = block.timestamp;\n self.futureATime = block.timestamp;\n\n emit StopRampA(currentA, block.timestamp);\n }\n}\n" }, "@connext/nxtp-contracts/contracts/core/connext/libraries/MathUtils.sol": { "content": "// SPDX-License-Identifier: UNLICENSED\npragma solidity 0.8.15;\n\n/**\n * @title MathUtils library\n * @notice A library to be used in conjunction with SafeMath. Contains functions for calculating\n * differences between two uint256.\n */\nlibrary MathUtils {\n /**\n * @notice Compares a and b and returns true if the difference between a and b\n * is less than 1 or equal to each other.\n * @param a uint256 to compare with\n * @param b uint256 to compare with\n * @return True if the difference between a and b is less than 1 or equal,\n * otherwise return false\n */\n function within1(uint256 a, uint256 b) internal pure returns (bool) {\n return (difference(a, b) <= 1);\n }\n\n /**\n * @notice Calculates absolute difference between a and b\n * @param a uint256 to compare with\n * @param b uint256 to compare with\n * @return Difference between a and b\n */\n function difference(uint256 a, uint256 b) internal pure returns (uint256) {\n if (a > b) {\n return a - b;\n }\n return b - a;\n }\n}\n" }, "@openzeppelin/contracts-upgradeable/token/ERC20/extensions/ERC20BurnableUpgradeable.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.5.0) (token/ERC20/extensions/ERC20Burnable.sol)\n\npragma solidity ^0.8.0;\n\nimport \"../ERC20Upgradeable.sol\";\nimport \"../../../utils/ContextUpgradeable.sol\";\nimport \"../../../proxy/utils/Initializable.sol\";\n\n/**\n * @dev Extension of {ERC20} that allows token holders to destroy both their own\n * tokens and those that they have an allowance for, in a way that can be\n * recognized off-chain (via event analysis).\n */\nabstract contract ERC20BurnableUpgradeable is Initializable, ContextUpgradeable, ERC20Upgradeable {\n function __ERC20Burnable_init() internal onlyInitializing {\n }\n\n function __ERC20Burnable_init_unchained() internal onlyInitializing {\n }\n /**\n * @dev Destroys `amount` tokens from the caller.\n *\n * See {ERC20-_burn}.\n */\n function burn(uint256 amount) public virtual {\n _burn(_msgSender(), amount);\n }\n\n /**\n * @dev Destroys `amount` tokens from `account`, deducting from the caller's\n * allowance.\n *\n * See {ERC20-_burn} and {ERC20-allowance}.\n *\n * Requirements:\n *\n * - the caller must have allowance for ``accounts``'s tokens of at least\n * `amount`.\n */\n function burnFrom(address account, uint256 amount) public virtual {\n _spendAllowance(account, _msgSender(), amount);\n _burn(account, amount);\n }\n\n /**\n * @dev This empty reserved space is put in place to allow future versions to add new\n * variables without shifting down storage in the inheritance chain.\n * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n */\n uint256[50] private __gap;\n}\n" }, "@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/ERC20.sol)\n\npragma solidity ^0.8.0;\n\nimport \"./IERC20Upgradeable.sol\";\nimport \"./extensions/IERC20MetadataUpgradeable.sol\";\nimport \"../../utils/ContextUpgradeable.sol\";\nimport \"../../proxy/utils/Initializable.sol\";\n\n/**\n * @dev Implementation of the {IERC20} interface.\n *\n * This implementation is agnostic to the way tokens are created. This means\n * that a supply mechanism has to be added in a derived contract using {_mint}.\n * For a generic mechanism see {ERC20PresetMinterPauser}.\n *\n * TIP: For a detailed writeup see our guide\n * https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How\n * to implement supply mechanisms].\n *\n * We have followed general OpenZeppelin Contracts guidelines: functions revert\n * instead returning `false` on failure. This behavior is nonetheless\n * conventional and does not conflict with the expectations of ERC20\n * applications.\n *\n * Additionally, an {Approval} event is emitted on calls to {transferFrom}.\n * This allows applications to reconstruct the allowance for all accounts just\n * by listening to said events. Other implementations of the EIP may not emit\n * these events, as it isn't required by the specification.\n *\n * Finally, the non-standard {decreaseAllowance} and {increaseAllowance}\n * functions have been added to mitigate the well-known issues around setting\n * allowances. See {IERC20-approve}.\n */\ncontract ERC20Upgradeable is Initializable, ContextUpgradeable, IERC20Upgradeable, IERC20MetadataUpgradeable {\n mapping(address => uint256) private _balances;\n\n mapping(address => mapping(address => uint256)) private _allowances;\n\n uint256 private _totalSupply;\n\n string private _name;\n string private _symbol;\n\n /**\n * @dev Sets the values for {name} and {symbol}.\n *\n * The default value of {decimals} is 18. To select a different value for\n * {decimals} you should overload it.\n *\n * All two of these values are immutable: they can only be set once during\n * construction.\n */\n function __ERC20_init(string memory name_, string memory symbol_) internal onlyInitializing {\n __ERC20_init_unchained(name_, symbol_);\n }\n\n function __ERC20_init_unchained(string memory name_, string memory symbol_) internal onlyInitializing {\n _name = name_;\n _symbol = symbol_;\n }\n\n /**\n * @dev Returns the name of the token.\n */\n function name() public view virtual override returns (string memory) {\n return _name;\n }\n\n /**\n * @dev Returns the symbol of the token, usually a shorter version of the\n * name.\n */\n function symbol() public view virtual override returns (string memory) {\n return _symbol;\n }\n\n /**\n * @dev Returns the number of decimals used to get its user representation.\n * For example, if `decimals` equals `2`, a balance of `505` tokens should\n * be displayed to a user as `5.05` (`505 / 10 ** 2`).\n *\n * Tokens usually opt for a value of 18, imitating the relationship between\n * Ether and Wei. This is the value {ERC20} uses, unless this function is\n * overridden;\n *\n * NOTE: This information is only used for _display_ purposes: it in\n * no way affects any of the arithmetic of the contract, including\n * {IERC20-balanceOf} and {IERC20-transfer}.\n */\n function decimals() public view virtual override returns (uint8) {\n return 18;\n }\n\n /**\n * @dev See {IERC20-totalSupply}.\n */\n function totalSupply() public view virtual override returns (uint256) {\n return _totalSupply;\n }\n\n /**\n * @dev See {IERC20-balanceOf}.\n */\n function balanceOf(address account) public view virtual override returns (uint256) {\n return _balances[account];\n }\n\n /**\n * @dev See {IERC20-transfer}.\n *\n * Requirements:\n *\n * - `to` cannot be the zero address.\n * - the caller must have a balance of at least `amount`.\n */\n function transfer(address to, uint256 amount) public virtual override returns (bool) {\n address owner = _msgSender();\n _transfer(owner, to, amount);\n return true;\n }\n\n /**\n * @dev See {IERC20-allowance}.\n */\n function allowance(address owner, address spender) public view virtual override returns (uint256) {\n return _allowances[owner][spender];\n }\n\n /**\n * @dev See {IERC20-approve}.\n *\n * NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on\n * `transferFrom`. This is semantically equivalent to an infinite approval.\n *\n * Requirements:\n *\n * - `spender` cannot be the zero address.\n */\n function approve(address spender, uint256 amount) public virtual override returns (bool) {\n address owner = _msgSender();\n _approve(owner, spender, amount);\n return true;\n }\n\n /**\n * @dev See {IERC20-transferFrom}.\n *\n * Emits an {Approval} event indicating the updated allowance. This is not\n * required by the EIP. See the note at the beginning of {ERC20}.\n *\n * NOTE: Does not update the allowance if the current allowance\n * is the maximum `uint256`.\n *\n * Requirements:\n *\n * - `from` and `to` cannot be the zero address.\n * - `from` must have a balance of at least `amount`.\n * - the caller must have allowance for ``from``'s tokens of at least\n * `amount`.\n */\n function transferFrom(\n address from,\n address to,\n uint256 amount\n ) public virtual override returns (bool) {\n address spender = _msgSender();\n _spendAllowance(from, spender, amount);\n _transfer(from, to, amount);\n return true;\n }\n\n /**\n * @dev Atomically increases the allowance granted to `spender` by the caller.\n *\n * This is an alternative to {approve} that can be used as a mitigation for\n * problems described in {IERC20-approve}.\n *\n * Emits an {Approval} event indicating the updated allowance.\n *\n * Requirements:\n *\n * - `spender` cannot be the zero address.\n */\n function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {\n address owner = _msgSender();\n _approve(owner, spender, allowance(owner, spender) + addedValue);\n return true;\n }\n\n /**\n * @dev Atomically decreases the allowance granted to `spender` by the caller.\n *\n * This is an alternative to {approve} that can be used as a mitigation for\n * problems described in {IERC20-approve}.\n *\n * Emits an {Approval} event indicating the updated allowance.\n *\n * Requirements:\n *\n * - `spender` cannot be the zero address.\n * - `spender` must have allowance for the caller of at least\n * `subtractedValue`.\n */\n function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {\n address owner = _msgSender();\n uint256 currentAllowance = allowance(owner, spender);\n require(currentAllowance >= subtractedValue, \"ERC20: decreased allowance below zero\");\n unchecked {\n _approve(owner, spender, currentAllowance - subtractedValue);\n }\n\n return true;\n }\n\n /**\n * @dev Moves `amount` of tokens from `sender` to `recipient`.\n *\n * This internal function is equivalent to {transfer}, and can be used to\n * e.g. implement automatic token fees, slashing mechanisms, etc.\n *\n * Emits a {Transfer} event.\n *\n * Requirements:\n *\n * - `from` cannot be the zero address.\n * - `to` cannot be the zero address.\n * - `from` must have a balance of at least `amount`.\n */\n function _transfer(\n address from,\n address to,\n uint256 amount\n ) internal virtual {\n require(from != address(0), \"ERC20: transfer from the zero address\");\n require(to != address(0), \"ERC20: transfer to the zero address\");\n\n _beforeTokenTransfer(from, to, amount);\n\n uint256 fromBalance = _balances[from];\n require(fromBalance >= amount, \"ERC20: transfer amount exceeds balance\");\n unchecked {\n _balances[from] = fromBalance - amount;\n }\n _balances[to] += amount;\n\n emit Transfer(from, to, amount);\n\n _afterTokenTransfer(from, to, amount);\n }\n\n /** @dev Creates `amount` tokens and assigns them to `account`, increasing\n * the total supply.\n *\n * Emits a {Transfer} event with `from` set to the zero address.\n *\n * Requirements:\n *\n * - `account` cannot be the zero address.\n */\n function _mint(address account, uint256 amount) internal virtual {\n require(account != address(0), \"ERC20: mint to the zero address\");\n\n _beforeTokenTransfer(address(0), account, amount);\n\n _totalSupply += amount;\n _balances[account] += amount;\n emit Transfer(address(0), account, amount);\n\n _afterTokenTransfer(address(0), account, amount);\n }\n\n /**\n * @dev Destroys `amount` tokens from `account`, reducing the\n * total supply.\n *\n * Emits a {Transfer} event with `to` set to the zero address.\n *\n * Requirements:\n *\n * - `account` cannot be the zero address.\n * - `account` must have at least `amount` tokens.\n */\n function _burn(address account, uint256 amount) internal virtual {\n require(account != address(0), \"ERC20: burn from the zero address\");\n\n _beforeTokenTransfer(account, address(0), amount);\n\n uint256 accountBalance = _balances[account];\n require(accountBalance >= amount, \"ERC20: burn amount exceeds balance\");\n unchecked {\n _balances[account] = accountBalance - amount;\n }\n _totalSupply -= amount;\n\n emit Transfer(account, address(0), amount);\n\n _afterTokenTransfer(account, address(0), amount);\n }\n\n /**\n * @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.\n *\n * This internal function is equivalent to `approve`, and can be used to\n * e.g. set automatic allowances for certain subsystems, etc.\n *\n * Emits an {Approval} event.\n *\n * Requirements:\n *\n * - `owner` cannot be the zero address.\n * - `spender` cannot be the zero address.\n */\n function _approve(\n address owner,\n address spender,\n uint256 amount\n ) internal virtual {\n require(owner != address(0), \"ERC20: approve from the zero address\");\n require(spender != address(0), \"ERC20: approve to the zero address\");\n\n _allowances[owner][spender] = amount;\n emit Approval(owner, spender, amount);\n }\n\n /**\n * @dev Updates `owner` s allowance for `spender` based on spent `amount`.\n *\n * Does not update the allowance amount in case of infinite allowance.\n * Revert if not enough allowance is available.\n *\n * Might emit an {Approval} event.\n */\n function _spendAllowance(\n address owner,\n address spender,\n uint256 amount\n ) internal virtual {\n uint256 currentAllowance = allowance(owner, spender);\n if (currentAllowance != type(uint256).max) {\n require(currentAllowance >= amount, \"ERC20: insufficient allowance\");\n unchecked {\n _approve(owner, spender, currentAllowance - amount);\n }\n }\n }\n\n /**\n * @dev Hook that is called before any transfer of tokens. This includes\n * minting and burning.\n *\n * Calling conditions:\n *\n * - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens\n * will be transferred to `to`.\n * - when `from` is zero, `amount` tokens will be minted for `to`.\n * - when `to` is zero, `amount` of ``from``'s tokens will be burned.\n * - `from` and `to` are never both zero.\n *\n * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].\n */\n function _beforeTokenTransfer(\n address from,\n address to,\n uint256 amount\n ) internal virtual {}\n\n /**\n * @dev Hook that is called after any transfer of tokens. This includes\n * minting and burning.\n *\n * Calling conditions:\n *\n * - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens\n * has been transferred to `to`.\n * - when `from` is zero, `amount` tokens have been minted for `to`.\n * - when `to` is zero, `amount` of ``from``'s tokens have been burned.\n * - `from` and `to` are never both zero.\n *\n * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].\n */\n function _afterTokenTransfer(\n address from,\n address to,\n uint256 amount\n ) internal virtual {}\n\n /**\n * @dev This empty reserved space is put in place to allow future versions to add new\n * variables without shifting down storage in the inheritance chain.\n * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n */\n uint256[45] private __gap;\n}\n" }, "@openzeppelin/contracts-upgradeable/token/ERC20/IERC20Upgradeable.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)\n\npragma solidity ^0.8.0;\n\n/**\n * @dev Interface of the ERC20 standard as defined in the EIP.\n */\ninterface IERC20Upgradeable {\n /**\n * @dev Emitted when `value` tokens are moved from one account (`from`) to\n * another (`to`).\n *\n * Note that `value` may be zero.\n */\n event Transfer(address indexed from, address indexed to, uint256 value);\n\n /**\n * @dev Emitted when the allowance of a `spender` for an `owner` is set by\n * a call to {approve}. `value` is the new allowance.\n */\n event Approval(address indexed owner, address indexed spender, uint256 value);\n\n /**\n * @dev Returns the amount of tokens in existence.\n */\n function totalSupply() external view returns (uint256);\n\n /**\n * @dev Returns the amount of tokens owned by `account`.\n */\n function balanceOf(address account) external view returns (uint256);\n\n /**\n * @dev Moves `amount` tokens from the caller's account to `to`.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * Emits a {Transfer} event.\n */\n function transfer(address to, uint256 amount) external returns (bool);\n\n /**\n * @dev Returns the remaining number of tokens that `spender` will be\n * allowed to spend on behalf of `owner` through {transferFrom}. This is\n * zero by default.\n *\n * This value changes when {approve} or {transferFrom} are called.\n */\n function allowance(address owner, address spender) external view returns (uint256);\n\n /**\n * @dev Sets `amount` as the allowance of `spender` over the caller's tokens.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * IMPORTANT: Beware that changing an allowance with this method brings the risk\n * that someone may use both the old and the new allowance by unfortunate\n * transaction ordering. One possible solution to mitigate this race\n * condition is to first reduce the spender's allowance to 0 and set the\n * desired value afterwards:\n * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729\n *\n * Emits an {Approval} event.\n */\n function approve(address spender, uint256 amount) external returns (bool);\n\n /**\n * @dev Moves `amount` tokens from `from` to `to` using the\n * allowance mechanism. `amount` is then deducted from the caller's\n * allowance.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * Emits a {Transfer} event.\n */\n function transferFrom(\n address from,\n address to,\n uint256 amount\n ) external returns (bool);\n}\n" }, "@openzeppelin/contracts-upgradeable/token/ERC20/extensions/IERC20MetadataUpgradeable.sol": { "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)\n\npragma solidity ^0.8.0;\n\nimport \"../IERC20Upgradeable.sol\";\n\n/**\n * @dev Interface for the optional metadata functions from the ERC20 standard.\n *\n * _Available since v4.1._\n */\ninterface IERC20MetadataUpgradeable is IERC20Upgradeable {\n /**\n * @dev Returns the name of the token.\n */\n function name() external view returns (string memory);\n\n /**\n * @dev Returns the symbol of the token.\n */\n function symbol() external view returns (string memory);\n\n /**\n * @dev Returns the decimals places of the token.\n */\n function decimals() external view returns (uint8);\n}\n" }, "src/bridges/facets/ConnextFacet.sol": { "content": "// SPDX-License-Identifier: MIT\r\npragma solidity 0.8.15;\r\n\r\nimport { IConnextHandler } from \"@connext/nxtp-contracts/contracts/core/connext/interfaces/IConnextHandler.sol\";\r\nimport { CallParams, XCallArgs } from \"@connext/nxtp-contracts/contracts/core/connext/libraries/LibConnextStorage.sol\";\r\nimport { IERC20 } from \"@openzeppelin/contracts/token/ERC20/IERC20.sol\";\r\nimport { LibDiamond } from \"../libs/LibDiamond.sol\";\r\n\r\n/**\r\n * @title Connext Amarok Integration\r\n *\r\n * @notice Contract which provides bridging functionality through Connext\r\n *\r\n */\r\ncontract ConnextFacet {\r\n // storage\r\n \r\n bytes32 internal constant NAMESPACE = keccak256(\"io.etherspot.facets.connext\");\r\n struct Storage {\r\n address connext;\r\n uint32 domainId;\r\n }\r\n\r\n // events\r\n\r\n /**\r\n * @dev Emitted when facet initializes\r\n * @param _connext connext handler address\r\n */\r\n event ConnextInitialized(address _connext);\r\n\r\n /**\r\n * @dev Emitted on erc20 token swap\r\n * @param _destination destination domain\r\n * @param _recipient recipient\r\n * @param _asset address of the asset\r\n * @param _amount amount of assets\r\n * @param _relayerFee fee\r\n * @param _transferId transfer ID of created crosschain transfer\r\n */\r\n event ConnextTokenSwap(\r\n uint32 indexed _destination,\r\n address indexed _recipient,\r\n address indexed _asset,\r\n uint256 _amount,\r\n uint256 _relayerFee,\r\n bytes32 _transferId\r\n );\r\n\r\n /**\r\n * @dev Emitted on native asset swap\r\n * @param _destination destination domain\r\n * @param _recipient recipient\r\n * @param _amount amount of assets\r\n * @param _relayerFee fee\r\n * @param _transferId transfer ID of created crosschain transfer\r\n */\r\n event ConnextNativeSwap(\r\n uint32 indexed _destination,\r\n address indexed _recipient,\r\n uint256 _amount,\r\n uint256 _relayerFee,\r\n bytes32 _transferId\r\n );\r\n\r\n /**\r\n * @dev Emitted on connext crosschain call\r\n * @param _destination destination domain\r\n * @param _recipient recipient of a call\r\n * @param _asset asset being sent / traded\r\n * @param _amount amount of asset\r\n * @param _callData call data\r\n * @param _relayerFee fee\r\n * @param _transferId transfer ID of created crosschain transfer\r\n */\r\n event ConnextXCall(\r\n uint32 indexed _destination,\r\n address indexed _recipient,\r\n address _asset,\r\n uint256 _amount,\r\n bytes _callData,\r\n uint256 _relayerFee,\r\n bytes32 _transferId\r\n );\r\n\r\n // init\r\n\r\n /**\r\n * @notice Initializes local variables for the Connext facet\r\n * @param _connext connext handler address\r\n */\r\n function initConnext(address _connext, uint32 _domainId) external {\r\n LibDiamond.enforceIsContractOwner();\r\n require(\r\n _connext != address(0),\r\n \"Connext: invalid address\"\r\n );\r\n Storage storage s = getStorage();\r\n s.connext = _connext;\r\n s.domainId = _domainId;\r\n emit ConnextInitialized(_connext);\r\n }\r\n\r\n /**\r\n * @notice Transfer ERC20 tokens\r\n * @param _asset - The asset the caller sent with the transfer\r\n * @param _to - The address you are sending funds (and potentially data) to\r\n * @param _destinationDomain - The final domain (i.e. where `execute` / `reconcile` are called)\r\n * @param _amount - The amount of transferring asset the tx called xcall with\r\n * @param _relayerFee - The amount of relayer fee the tx called xcall with\r\n */\r\n function connextTokenTransfer(\r\n address _asset,\r\n address _to,\r\n uint32 _destinationDomain,\r\n uint256 _amount,\r\n uint256 _relayerFee\r\n ) external payable {\r\n bytes32 transferId = xcall(\r\n _to,\r\n \"\",\r\n getDomainId(),\r\n _destinationDomain,\r\n _asset,\r\n _amount,\r\n _relayerFee,\r\n msg.sender,\r\n address(0),\r\n 0,\r\n false\r\n );\r\n emit ConnextTokenSwap(\r\n _destinationDomain,\r\n _to,\r\n _asset,\r\n _amount,\r\n _relayerFee,\r\n transferId\r\n );\r\n }\r\n\r\n /**\r\n * @notice Transfer native asset\r\n * @param _to - The address you are sending funds (and potentially data) to\r\n * @param _destinationDomain - The final domain (i.e. where `execute` / `reconcile` are called)\r\n * @param _relayerFee - The amount of relayer fee the tx called xcall with\r\n */\r\n function connextNativeAssetTransfer(\r\n address _to,\r\n uint32 _destinationDomain,\r\n uint256 _relayerFee\r\n ) external payable {\r\n bytes32 transferId = xcall(\r\n _to,\r\n \"\",\r\n getDomainId(),\r\n _destinationDomain,\r\n address(0),\r\n msg.value,\r\n _relayerFee,\r\n msg.sender,\r\n address(0),\r\n 0,\r\n false\r\n );\r\n emit ConnextNativeSwap(\r\n _destinationDomain,\r\n _to,\r\n msg.value,\r\n _relayerFee,\r\n transferId\r\n );\r\n }\r\n\r\n /**\r\n * @notice Crosschain function call\r\n * @param _to - The address you are sending funds (and potentially data) to\r\n * @param _callData - The data to execute on the receiving chain. If no crosschain call is needed, then leave empty\r\n * @param _destinationDomain - The final domain (i.e. where `execute` / `reconcile` are called)\r\n * @param _asset - The asset the caller sent with the transfer\r\n * @param _amount - The amount of transferring asset the tx called xcall with\r\n * @param _relayerFee - The amount of relayer fee the tx called xcall with\r\n * @param _recovery - The address to send funds to if your `Executor.execute call` fails\r\n * @param _callback - The address on the origin domain of the callback contract\r\n * @param _callbackFee - The relayer fee to execute the callback\r\n */\r\n function connextCall(\r\n address _to,\r\n bytes memory _callData,\r\n uint32 _destinationDomain,\r\n address _asset,\r\n uint256 _amount,\r\n uint256 _relayerFee,\r\n address _recovery,\r\n address _callback,\r\n uint256 _callbackFee\r\n ) external payable {\r\n bytes32 transferId = xcall(\r\n _to,\r\n _callData,\r\n getDomainId(),\r\n _destinationDomain,\r\n _asset,\r\n _amount,\r\n _relayerFee,\r\n _recovery,\r\n _callback,\r\n _callbackFee,\r\n false\r\n );\r\n emit ConnextXCall(\r\n _destinationDomain,\r\n _to,\r\n _asset,\r\n _amount,\r\n _callData,\r\n _relayerFee,\r\n transferId\r\n );\r\n }\r\n\r\n\r\n /**\r\n * @notice Wrapper over connext.call\r\n * @param _to - The address you are sending funds (and potentially data) to\r\n * @param _callData - The data to execute on the receiving chain. If no crosschain call is needed, then leave empty\r\n * @param _originDomain - The originating domain (i.e. where `xcall` is called)\r\n * @param _destinationDomain - The final domain (i.e. where `execute` / `reconcile` are called)\r\n * @param _asset - The asset the caller sent with the transfer\r\n * @param _amount - The amount of transferring asset the tx called xcall with\r\n * @param _relayerFee - The amount of relayer fee the tx called xcall with\r\n * @param _recovery - The address to send funds to if your `Executor.execute call` fails\r\n * @param _callback - The address on the origin domain of the callback contract\r\n * @param _callbackFee - The relayer fee to execute the callback\r\n * @param _forceSlow - If true, will take slow liquidity path even if it is not a permissioned call\r\n */\r\n function xcall(\r\n address _to,\r\n bytes memory _callData,\r\n uint32 _originDomain,\r\n uint32 _destinationDomain,\r\n address _asset,\r\n uint256 _amount,\r\n uint256 _relayerFee,\r\n address _recovery,\r\n address _callback,\r\n uint256 _callbackFee,\r\n bool _forceSlow\r\n ) internal returns (bytes32 transferId) {\r\n depositAssetAndFees(_asset, _amount, _relayerFee, _callbackFee);\r\n if (_asset != address(0)) {\r\n IERC20(_asset).approve(getConnext(), _amount);\r\n }\r\n IConnextHandler connext = IConnextHandler(getConnext());\r\n CallParams memory callParams = CallParams({\r\n to: _to,\r\n callData: _callData,\r\n originDomain: _originDomain,\r\n destinationDomain: _destinationDomain,\r\n recovery: _recovery,\r\n callback: _callback,\r\n callbackFee: _callbackFee,\r\n forceSlow: _forceSlow,\r\n receiveLocal: false,\r\n relayerFee: _relayerFee,\r\n slippageTol: 9995, // .05% slippage\r\n agent: _to\r\n });\r\n XCallArgs memory xcallArgs = XCallArgs({\r\n params: callParams,\r\n transactingAssetId: _asset,\r\n amount: _amount\r\n });\r\n transferId = connext.xcall{value: msg.value}(xcallArgs);\r\n }\r\n\r\n /**\r\n * @dev handles asset deposit\r\n * @param _asset asset address, 0 for native asset\r\n * @param _amount amount of asset\r\n */\r\n function depositAssetAndFees(\r\n address _asset,\r\n uint256 _amount,\r\n uint256 _relayerFee,\r\n uint256 _callbackFee\r\n )\r\n private\r\n {\r\n if (_asset == address(0)) {\r\n require(msg.value == _amount + _relayerFee + _callbackFee, \"Connext: Invalid value\");\r\n } else {\r\n require(msg.value == _relayerFee + _callbackFee, \"Connext: Invalid value\");\r\n uint256 _tokenBalanceBefore = IERC20(_asset).balanceOf(address(this));\r\n IERC20(_asset).transferFrom(msg.sender, address(this), _amount);\r\n uint256 _tokenBalanceAfter = IERC20(_asset).balanceOf(address(this));\r\n require(_tokenBalanceAfter - _tokenBalanceBefore == _amount, \"Connext: Invalid value\");\r\n }\r\n }\r\n\r\n\r\n /**\r\n * @dev returns connext handler\r\n * @return IConnextHandler connext handler\r\n */\r\n function getConnext() private view returns (address) {\r\n Storage storage s = getStorage();\r\n return s.connext;\r\n }\r\n\r\n /**\r\n * @dev returns chain id\r\n * @return uint32 chain id\r\n */\r\n function getDomainId() private view returns (uint32) {\r\n Storage storage s = getStorage();\r\n return s.domainId;\r\n }\r\n\r\n /**\r\n * @dev fetch local storage\r\n */\r\n function getStorage() private pure returns (Storage storage s) {\r\n bytes32 namespace = NAMESPACE;\r\n // solhint-disable-next-line no-inline-assembly\r\n assembly {\r\n s.slot := namespace\r\n }\r\n }\r\n}\r\n" }, "@superfluid-finance/ethereum-contracts/contracts/interfaces/superfluid/ISuperfluidToken.sol": { "content": "// SPDX-License-Identifier: AGPLv3\npragma solidity >= 0.8.0;\n\nimport { ISuperAgreement } from \"./ISuperAgreement.sol\";\n\n\n/**\n * @title Superfluid token interface\n * @author Superfluid\n */\ninterface ISuperfluidToken {\n\n /**************************************************************************\n * Basic information\n *************************************************************************/\n\n /**\n * @dev Get superfluid host contract address\n */\n function getHost() external view returns(address host);\n\n /**\n * @dev Encoded liquidation type data mainly used for handling stack to deep errors\n *\n * Note:\n * - version: 1\n * - liquidationType key:\n * - 0 = reward account receives reward (PIC period)\n * - 1 = liquidator account receives reward (Pleb period)\n * - 2 = liquidator account receives reward (Pirate period/bailout)\n */\n struct LiquidationTypeData {\n uint256 version;\n uint8 liquidationType;\n }\n\n /**************************************************************************\n * Real-time balance functions\n *************************************************************************/\n\n /**\n * @dev Calculate the real balance of a user, taking in consideration all agreements of the account\n * @param account for the query\n * @param timestamp Time of balance\n * @return availableBalance Real-time balance\n * @return deposit Account deposit\n * @return owedDeposit Account owed Deposit\n */\n function realtimeBalanceOf(\n address account,\n uint256 timestamp\n )\n external view\n returns (\n int256 availableBalance,\n uint256 deposit,\n uint256 owedDeposit);\n\n /**\n * @notice Calculate the realtime balance given the current host.getNow() value\n * @dev realtimeBalanceOf with timestamp equals to block timestamp\n * @param account for the query\n * @return availableBalance Real-time balance\n * @return deposit Account deposit\n * @return owedDeposit Account owed Deposit\n */\n function realtimeBalanceOfNow(\n address account\n )\n external view\n returns (\n int256 availableBalance,\n uint256 deposit,\n uint256 owedDeposit,\n uint256 timestamp);\n\n /**\n * @notice Check if account is critical\n * @dev A critical account is when availableBalance < 0\n * @param account The account to check\n * @param timestamp The time we'd like to check if the account is critical (should use future)\n * @return isCritical Whether the account is critical\n */\n function isAccountCritical(\n address account,\n uint256 timestamp\n )\n external view\n returns(bool isCritical);\n\n /**\n * @notice Check if account is critical now (current host.getNow())\n * @dev A critical account is when availableBalance < 0\n * @param account The account to check\n * @return isCritical Whether the account is critical\n */\n function isAccountCriticalNow(\n address account\n )\n external view\n returns(bool isCritical);\n\n /**\n * @notice Check if account is solvent\n * @dev An account is insolvent when the sum of deposits for a token can't cover the negative availableBalance\n * @param account The account to check\n * @param timestamp The time we'd like to check if the account is solvent (should use future)\n * @return isSolvent\n */\n function isAccountSolvent(\n address account,\n uint256 timestamp\n )\n external view\n returns(bool isSolvent);\n\n /**\n * @notice Check if account is solvent now\n * @dev An account is insolvent when the sum of deposits for a token can't cover the negative availableBalance\n * @param account The account to check\n * @return isSolvent\n */\n function isAccountSolventNow(\n address account\n )\n external view\n returns(bool isSolvent);\n\n /**\n * @notice Get a list of agreements that is active for the account\n * @dev An active agreement is one that has state for the account\n * @param account Account to query\n * @return activeAgreements List of accounts that have non-zero states for the account\n */\n function getAccountActiveAgreements(address account)\n external view\n returns(ISuperAgreement[] memory activeAgreements);\n\n\n /**************************************************************************\n * Super Agreement hosting functions\n *************************************************************************/\n\n /**\n * @dev Create a new agreement\n * @param id Agreement ID\n * @param data Agreement data\n */\n function createAgreement(\n bytes32 id,\n bytes32[] calldata data\n )\n external;\n /**\n * @dev Agreement created event\n * @param agreementClass Contract address of the agreement\n * @param id Agreement ID\n * @param data Agreement data\n */\n event AgreementCreated(\n address indexed agreementClass,\n bytes32 id,\n bytes32[] data\n );\n\n /**\n * @dev Get data of the agreement\n * @param agreementClass Contract address of the agreement\n * @param id Agreement ID\n * @return data Data of the agreement\n */\n function getAgreementData(\n address agreementClass,\n bytes32 id,\n uint dataLength\n )\n external view\n returns(bytes32[] memory data);\n\n /**\n * @dev Create a new agreement\n * @param id Agreement ID\n * @param data Agreement data\n */\n function updateAgreementData(\n bytes32 id,\n bytes32[] calldata data\n )\n external;\n /**\n * @dev Agreement updated event\n * @param agreementClass Contract address of the agreement\n * @param id Agreement ID\n * @param data Agreement data\n */\n event AgreementUpdated(\n address indexed agreementClass,\n bytes32 id,\n bytes32[] data\n );\n\n /**\n * @dev Close the agreement\n * @param id Agreement ID\n */\n function terminateAgreement(\n bytes32 id,\n uint dataLength\n )\n external;\n /**\n * @dev Agreement terminated event\n * @param agreementClass Contract address of the agreement\n * @param id Agreement ID\n */\n event AgreementTerminated(\n address indexed agreementClass,\n bytes32 id\n );\n\n /**\n * @dev Update agreement state slot\n * @param account Account to be updated\n *\n * NOTE\n * - To clear the storage out, provide zero-ed array of intended length\n */\n function updateAgreementStateSlot(\n address account,\n uint256 slotId,\n bytes32[] calldata slotData\n )\n external;\n /**\n * @dev Agreement account state updated event\n * @param agreementClass Contract address of the agreement\n * @param account Account updated\n * @param slotId slot id of the agreement state\n */\n event AgreementStateUpdated(\n address indexed agreementClass,\n address indexed account,\n uint256 slotId\n );\n\n /**\n * @dev Get data of the slot of the state of an agreement\n * @param agreementClass Contract address of the agreement\n * @param account Account to query\n * @param slotId slot id of the state\n * @param dataLength length of the state data\n */\n function getAgreementStateSlot(\n address agreementClass,\n address account,\n uint256 slotId,\n uint dataLength\n )\n external view\n returns (bytes32[] memory slotData);\n\n /**\n * @notice Settle balance from an account by the agreement\n * @dev The agreement needs to make sure that the balance delta is balanced afterwards\n * @param account Account to query.\n * @param delta Amount of balance delta to be settled\n *\n * Modifiers:\n * - onlyAgreement\n */\n function settleBalance(\n address account,\n int256 delta\n )\n external;\n\n /**\n * @dev Make liquidation payouts (v2)\n * @param id Agreement ID\n * @param liquidationTypeData Data regarding the version of the liquidation schema and the type\n * @param liquidatorAccount Address of the executor of the liquidation\n * @param useDefaultRewardAccount Whether or not the default reward account receives the rewardAmount\n * @param targetAccount Account of the stream sender\n * @param rewardAmount The amount the reward recepient account will receive\n * @param targetAccountBalanceDelta The amount the sender account balance should change by\n *\n * - If a bailout is required (bailoutAmount > 0)\n * - the actual reward (single deposit) goes to the executor,\n * - while the reward account becomes the bailout account\n * - total bailout include: bailout amount + reward amount\n * - the targetAccount will be bailed out\n * - If a bailout is not required\n * - the targetAccount will pay the rewardAmount\n * - the liquidator (reward account in PIC period) will receive the rewardAmount\n *\n * Modifiers:\n * - onlyAgreement\n */\n function makeLiquidationPayoutsV2\n (\n bytes32 id,\n bytes memory liquidationTypeData,\n address liquidatorAccount,\n bool useDefaultRewardAccount,\n address targetAccount,\n uint256 rewardAmount,\n int256 targetAccountBalanceDelta\n ) external;\n /**\n * @dev Agreement liquidation event v2 (including agent account)\n * @param agreementClass Contract address of the agreement\n * @param id Agreement ID\n * @param liquidatorAccount Address of the executor of the liquidation\n * @param targetAccount Account of the stream sender\n * @param rewardAccount Account that collects the reward or bails out insolvent accounts\n * @param rewardAmount The amount the reward recipient account balance should change by\n * @param targetAccountBalanceDelta The amount the sender account balance should change by\n * @param liquidationTypeData The encoded liquidation type data including the version (how to decode)\n *\n * NOTE:\n * Reward account rule:\n * - if the agreement is liquidated during the PIC period\n * - the rewardAccount will get the rewardAmount (remaining deposit), regardless of the liquidatorAccount\n * - the targetAccount will pay for the rewardAmount\n * - if the agreement is liquidated after the PIC period AND the targetAccount is solvent\n * - the liquidatorAccount will get the rewardAmount (remaining deposit)\n * - the targetAccount will pay for the rewardAmount\n * - if the targetAccount is insolvent\n * - the liquidatorAccount will get the rewardAmount (single deposit)\n * - the rewardAccount will pay for both the rewardAmount and bailoutAmount\n * - the targetAccount will receive the bailoutAmount\n */\n event AgreementLiquidatedV2(\n address indexed agreementClass,\n bytes32 id,\n address indexed liquidatorAccount,\n address indexed targetAccount,\n address rewardAccount,\n uint256 rewardAmount,\n int256 targetAccountBalanceDelta,\n bytes liquidationTypeData\n );\n\n /**************************************************************************\n * Function modifiers for access control and parameter validations\n *\n * While they cannot be explicitly stated in function definitions, they are\n * listed in function definition comments instead for clarity.\n *\n * NOTE: solidity-coverage not supporting it\n *************************************************************************/\n\n /// @dev The msg.sender must be host contract\n //modifier onlyHost() virtual;\n\n /// @dev The msg.sender must be a listed agreement.\n //modifier onlyAgreement() virtual;\n\n /**************************************************************************\n * DEPRECATED\n *************************************************************************/\n\n /**\n * @dev Agreement liquidation event (DEPRECATED BY AgreementLiquidatedBy)\n * @param agreementClass Contract address of the agreement\n * @param id Agreement ID\n * @param penaltyAccount Account of the agreement to be penalized\n * @param rewardAccount Account that collect the reward\n * @param rewardAmount Amount of liquidation reward\n *\n * NOTE:\n *\n * [DEPRECATED] Use AgreementLiquidatedV2 instead\n */\n event AgreementLiquidated(\n address indexed agreementClass,\n bytes32 id,\n address indexed penaltyAccount,\n address indexed rewardAccount,\n uint256 rewardAmount\n );\n\n /**\n * @dev System bailout occurred (DEPRECATED BY AgreementLiquidatedBy)\n * @param bailoutAccount Account that bailout the penalty account\n * @param bailoutAmount Amount of account bailout\n *\n * NOTE:\n *\n * [DEPRECATED] Use AgreementLiquidatedV2 instead\n */\n event Bailout(\n address indexed bailoutAccount,\n uint256 bailoutAmount\n );\n\n /**\n * @dev Agreement liquidation event (DEPRECATED BY AgreementLiquidatedV2)\n * @param liquidatorAccount Account of the agent that performed the liquidation.\n * @param agreementClass Contract address of the agreement\n * @param id Agreement ID\n * @param penaltyAccount Account of the agreement to be penalized\n * @param bondAccount Account that collect the reward or bailout accounts\n * @param rewardAmount Amount of liquidation reward\n * @param bailoutAmount Amount of liquidation bailouot\n *\n * NOTE:\n * Reward account rule:\n * - if bailout is equal to 0, then\n * - the bondAccount will get the rewardAmount,\n * - the penaltyAccount will pay for the rewardAmount.\n * - if bailout is larger than 0, then\n * - the liquidatorAccount will get the rewardAmouont,\n * - the bondAccount will pay for both the rewardAmount and bailoutAmount,\n * - the penaltyAccount will pay for the rewardAmount while get the bailoutAmount.\n */\n event AgreementLiquidatedBy(\n address liquidatorAccount,\n address indexed agreementClass,\n bytes32 id,\n address indexed penaltyAccount,\n address indexed bondAccount,\n uint256 rewardAmount,\n uint256 bailoutAmount\n );\n}\n" }, "@superfluid-finance/ethereum-contracts/contracts/interfaces/superfluid/ISuperAgreement.sol": { "content": "// SPDX-License-Identifier: AGPLv3\npragma solidity >= 0.8.0;\n\nimport { ISuperfluidToken } from \"./ISuperfluidToken.sol\";\n\n/**\n * @title Super agreement interface\n * @author Superfluid\n */\ninterface ISuperAgreement {\n\n /**\n * @dev Get the type of the agreement class\n */\n function agreementType() external view returns (bytes32);\n\n /**\n * @dev Calculate the real-time balance for the account of this agreement class\n * @param account Account the state belongs to\n * @param time Time used for the calculation\n * @return dynamicBalance Dynamic balance portion of real-time balance of this agreement\n * @return deposit Account deposit amount of this agreement\n * @return owedDeposit Account owed deposit amount of this agreement\n */\n function realtimeBalanceOf(\n ISuperfluidToken token,\n address account,\n uint256 time\n )\n external\n view\n returns (\n int256 dynamicBalance,\n uint256 deposit,\n uint256 owedDeposit\n );\n\n}\n" }, "src/bridges/facets/OwnershipFacet.sol": { "content": "// SPDX-License-Identifier: MIT\r\npragma solidity >=0.8.4 <0.9.0;\r\n\r\nimport { LibDiamond } from \"../libs/LibDiamond.sol\";\r\nimport { IERC173 } from \"../interfaces/IERC173.sol\";\r\n\r\ncontract OwnershipFacet is IERC173 {\r\n function transferOwnership(address _newOwner) external override {\r\n LibDiamond.enforceIsContractOwner();\r\n LibDiamond.setContractOwner(_newOwner);\r\n }\r\n\r\n function owner() external view override returns (address owner_) {\r\n owner_ = LibDiamond.contractOwner();\r\n }\r\n}" }, "src/bridges/interfaces/IERC173.sol": { "content": "// SPDX-License-Identifier: MIT\r\npragma solidity >=0.8.4 <0.9.0;\r\n\r\n/// @title ERC-173 Contract Ownership Standard\r\n/// Note: the ERC-165 identifier for this interface is 0x7f5828d0\r\n/* is ERC165 */\r\ninterface IERC173 {\r\n /// @notice Get the address of the owner\r\n /// @return owner_ The address of the owner.\r\n function owner() external view returns (address owner_);\r\n\r\n /// @notice Set the address of the new owner of the contract\r\n /// @dev Set _newOwner to address(0) to renounce any ownership.\r\n /// @param _newOwner The address of the new owner of the contract\r\n function transferOwnership(address _newOwner) external;\r\n}\r\n" }, "src/bridges/facets/DiamondLoupeFacet.sol": { "content": "// SPDX-License-Identifier: MIT\r\npragma solidity >=0.8.4 <0.9.0;\r\n\r\nimport { LibDiamond } from \"../libs/LibDiamond.sol\";\r\nimport { IDiamondLoupe } from \"../interfaces/IDiamondLoupe.sol\";\r\nimport { IERC165 } from \"../interfaces/IERC165.sol\";\r\n\r\ncontract DiamondLoupeFacet is IDiamondLoupe, IERC165 {\r\n // Diamond Loupe Functions\r\n ////////////////////////////////////////////////////////////////////\r\n /// These functions are expected to be called frequently by tools.\r\n //\r\n // struct Facet {\r\n // address facetAddress;\r\n // bytes4[] functionSelectors;\r\n // }\r\n\r\n /// @notice Gets all facets and their selectors.\r\n /// @return facets_ Facet\r\n function facets() external view override returns (Facet[] memory facets_) {\r\n LibDiamond.DiamondStorage storage ds = LibDiamond.diamondStorage();\r\n uint256 numFacets = ds.facetAddresses.length;\r\n facets_ = new Facet[](numFacets);\r\n for (uint256 i = 0; i < numFacets; i++) {\r\n address facetAddress_ = ds.facetAddresses[i];\r\n facets_[i].facetAddress = facetAddress_;\r\n facets_[i].functionSelectors = ds.facetFunctionSelectors[facetAddress_].functionSelectors;\r\n }\r\n }\r\n\r\n /// @notice Gets all the function selectors provided by a facet.\r\n /// @param _facet The facet address.\r\n /// @return facetFunctionSelectors_\r\n function facetFunctionSelectors(address _facet)\r\n external\r\n view\r\n override\r\n returns (bytes4[] memory facetFunctionSelectors_)\r\n {\r\n LibDiamond.DiamondStorage storage ds = LibDiamond.diamondStorage();\r\n facetFunctionSelectors_ = ds.facetFunctionSelectors[_facet].functionSelectors;\r\n }\r\n\r\n /// @notice Get all the facet addresses used by a diamond.\r\n /// @return facetAddresses_\r\n function facetAddresses() external view override returns (address[] memory facetAddresses_) {\r\n LibDiamond.DiamondStorage storage ds = LibDiamond.diamondStorage();\r\n facetAddresses_ = ds.facetAddresses;\r\n }\r\n\r\n /// @notice Gets the facet that supports the given selector.\r\n /// @dev If facet is not found return address(0).\r\n /// @param _functionSelector The function selector.\r\n /// @return facetAddress_ The facet address.\r\n function facetAddress(bytes4 _functionSelector) external view override returns (address facetAddress_) {\r\n LibDiamond.DiamondStorage storage ds = LibDiamond.diamondStorage();\r\n facetAddress_ = ds.selectorToFacetAndPosition[_functionSelector].facetAddress;\r\n }\r\n\r\n // This implements ERC-165.\r\n function supportsInterface(bytes4 _interfaceId) external view override returns (bool) {\r\n LibDiamond.DiamondStorage storage ds = LibDiamond.diamondStorage();\r\n return ds.supportedInterfaces[_interfaceId];\r\n }\r\n}\r\n" }, "src/bridges/interfaces/IDiamondLoupe.sol": { "content": "// SPDX-License-Identifier: MIT\r\npragma solidity >=0.8.4 <0.9.0;\r\n\r\n// A loupe is a small magnifying glass used to look at diamonds.\r\n// These functions look at diamonds\r\ninterface IDiamondLoupe {\r\n /// These functions are expected to be called frequently\r\n /// by tools.\r\n\r\n struct Facet {\r\n address facetAddress;\r\n bytes4[] functionSelectors;\r\n }\r\n\r\n /// @notice Gets all facet addresses and their four byte function selectors.\r\n /// @return facets_ Facet\r\n function facets() external view returns (Facet[] memory facets_);\r\n\r\n /// @notice Gets all the function selectors supported by a specific facet.\r\n /// @param _facet The facet address.\r\n /// @return facetFunctionSelectors_\r\n function facetFunctionSelectors(address _facet) external view returns (bytes4[] memory facetFunctionSelectors_);\r\n\r\n /// @notice Get all the facet addresses used by a diamond.\r\n /// @return facetAddresses_\r\n function facetAddresses() external view returns (address[] memory facetAddresses_);\r\n\r\n /// @notice Gets the facet that supports the given selector.\r\n /// @dev If facet is not found return address(0).\r\n /// @param _functionSelector The function selector.\r\n /// @return facetAddress_ The facet address.\r\n function facetAddress(bytes4 _functionSelector) external view returns (address facetAddress_);\r\n}\r\n" }, "src/bridges/interfaces/IERC165.sol": { "content": "// SPDX-License-Identifier: MIT\r\npragma solidity >=0.8.4 <0.9.0;\r\n\r\ninterface IERC165 {\r\n /// @notice Query if a contract implements an interface\r\n /// @param interfaceId The interface identifier, as specified in ERC-165\r\n /// @dev Interface identification is specified in ERC-165. This function\r\n /// uses less than 30,000 gas.\r\n /// @return `true` if the contract implements `interfaceID` and\r\n /// `interfaceID` is not 0xffffffff, `false` otherwise\r\n function supportsInterface(bytes4 interfaceId) external view returns (bool);\r\n}" } }, "settings": { "evmVersion": "istanbul", "metadata": { "bytecodeHash": "none", "useLiteralContent": true }, "optimizer": { "enabled": false, "runs": 200 }, "outputSelection": { "*": { "*": [ "abi", "evm.bytecode", "evm.deployedBytecode", "evm.methodIdentifiers", "metadata", "devdoc", "userdoc", "storageLayout", "evm.gasEstimates" ], "": [ "ast" ] } } } }