Contract Source Code:
File 1 of 1 : Refuel
// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.18 ^0.8.20;
// node_modules/@openzeppelin/contracts/access/IAccessControl.sol
// OpenZeppelin Contracts (last updated v5.0.0) (access/IAccessControl.sol)
/**
* @dev External interface of AccessControl declared to support ERC165 detection.
*/
interface IAccessControl {
/**
* @dev The `account` is missing a role.
*/
error AccessControlUnauthorizedAccount(address account, bytes32 neededRole);
/**
* @dev The caller of a function is not the expected one.
*
* NOTE: Don't confuse with {AccessControlUnauthorizedAccount}.
*/
error AccessControlBadConfirmation();
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted signaling this.
*/
event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call, an admin role
* bearer except when using {AccessControl-_setupRole}.
*/
event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/
event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) external view returns (bool);
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {AccessControl-_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) external view returns (bytes32);
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function grantRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function revokeRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*/
function renounceRole(bytes32 role, address callerConfirmation) external;
}
// node_modules/@openzeppelin/contracts/token/ERC20/IERC20.sol
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/IERC20.sol)
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}
// node_modules/@openzeppelin/contracts/token/ERC20/extensions/IERC20Permit.sol
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/IERC20Permit.sol)
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*
* ==== Security Considerations
*
* There are two important considerations concerning the use of `permit`. The first is that a valid permit signature
* expresses an allowance, and it should not be assumed to convey additional meaning. In particular, it should not be
* considered as an intention to spend the allowance in any specific way. The second is that because permits have
* built-in replay protection and can be submitted by anyone, they can be frontrun. A protocol that uses permits should
* take this into consideration and allow a `permit` call to fail. Combining these two aspects, a pattern that may be
* generally recommended is:
*
* ```solidity
* function doThingWithPermit(..., uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s) public {
* try token.permit(msg.sender, address(this), value, deadline, v, r, s) {} catch {}
* doThing(..., value);
* }
*
* function doThing(..., uint256 value) public {
* token.safeTransferFrom(msg.sender, address(this), value);
* ...
* }
* ```
*
* Observe that: 1) `msg.sender` is used as the owner, leaving no ambiguity as to the signer intent, and 2) the use of
* `try/catch` allows the permit to fail and makes the code tolerant to frontrunning. (See also
* {SafeERC20-safeTransferFrom}).
*
* Additionally, note that smart contract wallets (such as Argent or Safe) are not able to produce permit signatures, so
* contracts should have entry points that don't rely on permit.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*
* CAUTION: See Security Considerations above.
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}
// node_modules/@openzeppelin/contracts/utils/Address.sol
// OpenZeppelin Contracts (last updated v5.0.0) (utils/Address.sol)
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev The ETH balance of the account is not enough to perform the operation.
*/
error AddressInsufficientBalance(address account);
/**
* @dev There's no code at `target` (it is not a contract).
*/
error AddressEmptyCode(address target);
/**
* @dev A call to an address target failed. The target may have reverted.
*/
error FailedInnerCall();
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
if (address(this).balance < amount) {
revert AddressInsufficientBalance(address(this));
}
(bool success, ) = recipient.call{value: amount}("");
if (!success) {
revert FailedInnerCall();
}
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason or custom error, it is bubbled
* up by this function (like regular Solidity function calls). However, if
* the call reverted with no returned reason, this function reverts with a
* {FailedInnerCall} error.
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
if (address(this).balance < value) {
revert AddressInsufficientBalance(address(this));
}
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target
* was not a contract or bubbling up the revert reason (falling back to {FailedInnerCall}) in case of an
* unsuccessful call.
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata
) internal view returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
// only check if target is a contract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
if (returndata.length == 0 && target.code.length == 0) {
revert AddressEmptyCode(target);
}
return returndata;
}
}
/**
* @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the
* revert reason or with a default {FailedInnerCall} error.
*/
function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {
if (!success) {
_revert(returndata);
} else {
return returndata;
}
}
/**
* @dev Reverts with returndata if present. Otherwise reverts with {FailedInnerCall}.
*/
function _revert(bytes memory returndata) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert FailedInnerCall();
}
}
}
// node_modules/@openzeppelin/contracts/utils/Context.sol
// OpenZeppelin Contracts (last updated v5.0.0) (utils/Context.sol)
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}
// node_modules/@openzeppelin/contracts/utils/introspection/IERC165.sol
// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/IERC165.sol)
/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
// node_modules/@openzeppelin/contracts/utils/math/Math.sol
// OpenZeppelin Contracts (last updated v5.0.0) (utils/math/Math.sol)
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
/**
* @dev Muldiv operation overflow.
*/
error MathOverflowedMulDiv();
enum Rounding {
Floor, // Toward negative infinity
Ceil, // Toward positive infinity
Trunc, // Toward zero
Expand // Away from zero
}
/**
* @dev Returns the addition of two unsigned integers, with an overflow flag.
*/
function tryAdd(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
uint256 c = a + b;
if (c < a) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with an overflow flag.
*/
function trySub(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b > a) return (false, 0);
return (true, a - b);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with an overflow flag.
*/
function tryMul(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) return (true, 0);
uint256 c = a * b;
if (c / a != b) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the division of two unsigned integers, with a division by zero flag.
*/
function tryDiv(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b == 0) return (false, 0);
return (true, a / b);
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a division by zero flag.
*/
function tryMod(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b == 0) return (false, 0);
return (true, a % b);
}
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds towards infinity instead
* of rounding towards zero.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
if (b == 0) {
// Guarantee the same behavior as in a regular Solidity division.
return a / b;
}
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
* denominator == 0.
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
* Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0 = x * y; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
if (denominator <= prod1) {
revert MathOverflowedMulDiv();
}
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator.
// Always >= 1. See https://cs.stackexchange.com/q/138556/92363.
uint256 twos = denominator & (0 - denominator);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
// works in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded
* towards zero.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (unsignedRoundsUp(rounding) && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (unsignedRoundsUp(rounding) && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (unsignedRoundsUp(rounding) && 10 ** result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256 of a positive value rounded towards zero.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (unsignedRoundsUp(rounding) && 1 << (result << 3) < value ? 1 : 0);
}
}
/**
* @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.
*/
function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) {
return uint8(rounding) % 2 == 1;
}
}
// src/ReentrancyGuard.sol
/**
* @title A contract that provides modifiers to prevent reentrancy to state-changing and view-only methods. This contract
* is inspired by https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/ReentrancyGuard.sol
* and https://github.com/balancer-labs/balancer-core/blob/master/contracts/BPool.sol.
* @dev The reason why we use this local contract instead of importing from uma/contracts is because of the addition
* of the internal method `functionCallStackOriginatesFromOutsideThisContract` which doesn't exist in the one exported
* by uma/contracts.
*/
contract ReentrancyGuard {
bool internal _notEntered;
constructor() {
// Storing an initial non-zero value makes deployment a bit more expensive, but in exchange the refund on every
// call to nonReentrant will be lower in amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to increase the likelihood of the full
// refund coming into effect.
_notEntered = true;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a nonReentrant function from another nonReentrant function is not supported. It is possible to
* prevent this from happening by making the nonReentrant function external, and making it call a private
* function that does the actual state modification.
*/
modifier nonReentrant() {
_preEntranceCheck();
_preEntranceSet();
_;
_postEntranceReset();
}
/**
* @dev Designed to prevent a view-only method from being re-entered during a call to a nonReentrant() state-changing method.
*/
modifier nonReentrantView() {
_preEntranceCheck();
_;
}
/**
* @dev Returns true if the contract is currently in a non-entered state, meaning that the origination of the call
* came from outside the contract. This is relevant with fallback/receive methods to see if the call came from ETH
* being dropped onto the contract externally or due to ETH dropped on the the contract from within a method in this
* contract, such as unwrapping WETH to ETH within the contract.
*/
function functionCallStackOriginatesFromOutsideThisContract() internal view returns (bool) {
return _notEntered;
}
// Internal methods are used to avoid copying the require statement's bytecode to every nonReentrant() method.
// On entry into a function, _preEntranceCheck() should always be called to check if the function is being
// re-entered. Then, if the function modifies state, it should call _postEntranceSet(), perform its logic, and
// then call _postEntranceReset().
// View-only methods can simply call _preEntranceCheck() to make sure that it is not being re-entered.
function _preEntranceCheck() internal view {
// On the first call to nonReentrant, _notEntered will be true
require(_notEntered, "ReentrancyGuard: reentrant call");
}
function _preEntranceSet() internal {
// Any calls to nonReentrant after this point will fail
_notEntered = false;
}
function _postEntranceReset() internal {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_notEntered = true;
}
}
// src/interfaces/IAssetBridge.sol
/// @title Interface for Voyager contracts that support deposits and deposit executions.
/// @author Router Protocol.
interface IAssetBridge {
//TODO: can remove some field to optimize gas
event TokenTransfer(
bytes32 indexed destChainIdBytes,
address indexed srcTokenAddress,
uint256 srcTokenAmount,
bytes recipient,
uint256 partnerId,
uint256 depositId
);
//TODO: can remove some field to optimize gas
event TokenTransferWithInstruction(
bytes32 indexed destChainIdBytes,
address indexed srcTokenAddress,
uint256 srcTokenAmount,
bytes recipient,
uint256 partnerId,
uint64 destGasLimit,
bytes instruction,
uint256 depositId
);
event DepositReverted(
bytes32 indexed destChainIdBytes,
uint256 indexed depositNonce,
address indexed sender,
address srcSettlementToken,
uint256 srcSettlementAmount
);
event Execute(
uint8 executeType,
bytes32 indexed sourceChainIdBytes,
uint256 indexed depositNonce,
address settlementToken,
uint256 settlementAmount,
address recipient
);
event ExecuteWithMessage(
uint8 executeType,
bytes32 indexed sourceChainIdBytes,
uint256 indexed depositNonce,
address settlementToken,
uint256 settlementAmount,
address recipient,
bool flag,
bytes data
);
struct ExecuteInfo {
address recipient;
address destTokenAddress;
uint256 destTokenAmount;
uint256 depositNonce;
}
struct DepositData {
address sender;
address srcTokenAddress;
uint256 srcTokenAmount;
uint256 depositNonce;
}
struct TransferPayload {
bytes32 destChainIdBytes;
address srcTokenAddress;
uint256 srcTokenAmount;
bytes recipient;
uint256 widgetId;
}
struct SwapTransferPayload {
bytes32 destChainIdBytes;
address[] tokens; // index 0 will be src token and index n-1 will be to address
uint256[] flags;
bytes[] dataTx;
uint256 srcTokenAmount;
uint256 minToAmount;
bytes recipient;
uint256 widgetId;
}
function transferTokenWithInstruction(
TransferPayload memory transferPayload,
uint64 destGasLimit,
bytes calldata instruction
) external payable;
function transferToken(
TransferPayload memory transferPayload
) external payable;
function swapAndTransferToken(
SwapTransferPayload memory transferPayload
) external payable;
function swapAndTransferTokenWithInstruction(
SwapTransferPayload memory transferPayload,
uint64 destGasLimit,
bytes calldata instruction
) external payable;
}
// src/interfaces/IAssetForwarder.sol
/// @title Interface for handler contracts that support deposits and deposit executions.
/// @author Router Protocol.
interface IAssetForwarder {
event FundsDeposited(
uint256 partnerId,
uint256 amount,
bytes32 destChainIdBytes,
uint256 destAmount,
uint256 depositId,
address srcToken,
address depositor,
bytes recipient,
bytes destToken
);
event iUSDCDeposited(
uint256 partnerId,
uint256 amount,
bytes32 destChainIdBytes,
uint256 usdcNonce,
address srcToken,
bytes32 recipient,
address depositor
);
event FundsDepositedWithMessage(
uint256 partnerId,
uint256 amount,
bytes32 destChainIdBytes,
uint256 destAmount,
uint256 depositId,
address srcToken,
bytes recipient,
address depositor,
bytes destToken,
bytes message
);
event FundsPaid(bytes32 messageHash, address forwarder, uint256 nonce);
event DepositInfoUpdate(
address srcToken,
uint256 feeAmount,
uint256 depositId,
uint256 eventNonce,
bool initiatewithdrawal,
address depositor
);
event FundsPaidWithMessage(
bytes32 messageHash,
address forwarder,
uint256 nonce,
bool execFlag,
bytes execData
);
struct DestDetails {
uint32 domainId;
uint256 fee;
bool isSet;
}
struct RelayData {
uint256 amount;
bytes32 srcChainId;
uint256 depositId;
address destToken;
address recipient;
}
struct RelayDataMessage {
uint256 amount;
bytes32 srcChainId;
uint256 depositId;
address destToken;
address recipient;
bytes message;
}
struct DepositData {
uint256 partnerId;
uint256 amount;
uint256 destAmount;
address srcToken;
address refundRecipient;
bytes32 destChainIdBytes;
}
function iDepositUSDC(
uint256 partnerId,
bytes32 destChainIdBytes,
bytes32 recipient,
uint256 amount
) external payable;
function iDeposit(
DepositData memory depositData,
bytes memory destToken,
bytes memory recipient
) external payable;
function iDepositInfoUpdate(
address srcToken,
uint256 feeAmount,
uint256 depositId,
bool initiatewithdrawal
) external payable;
function iDepositMessage(
DepositData memory depositData,
bytes memory destToken,
bytes memory recipient,
bytes memory message
) external payable;
function iRelay(RelayData memory relayData) external payable;
function iRelayMessage(RelayDataMessage memory relayData) external payable;
}
// src/interfaces/IDexSpan.sol
contract IDexSpanConsts {
// flags = FLAG_DISABLE_UNISWAP + FLAG_DISABLE_BANCOR + ...
uint256 internal constant FLAG_DISABLE_UNISWAP = 0x400;
uint256 internal constant FLAG_DISABLE_SPLIT_RECALCULATION = 0x800000000000;
uint256 internal constant FLAG_DISABLE_ALL_SPLIT_SOURCES = 0x20000000;
uint256 internal constant FLAG_DISABLE_UNISWAP_V2_ALL = 0x400;
uint256 internal constant FLAG_DISABLE_EMPTY = 0x100000000000;
uint256 internal constant FLAG_DISABLE_DFYN = 0x800;
uint256 internal constant FLAG_DISABLE_PANCAKESWAP = 0x80;
uint256 internal constant FLAG_DISABLE_QUICKSWAP = 0x40000000000;
uint256 internal constant FLAG_DISABLE_SUSHISWAP = 0x1000000;
uint256 internal constant FLAG_DISABLE_ONEINCH = 0x100000;
}
abstract contract IDexSpan is IDexSpanConsts {
function getExpectedReturn(
address fromToken,
address destToken,
uint256 amount,
uint256 parts,
uint256 flags // See constants in IOneSplit.sol
)
public
view
virtual
returns (uint256 returnAmount, uint256[] memory distribution);
function getExpectedReturnWithGasMulti(
address[] memory tokens,
uint256 amount,
uint256[] memory parts,
uint256[] memory flags,
uint256[] memory destTokenEthPriceTimesGasPrices
)
public
view
virtual
returns (
uint256[] memory returnAmounts,
uint256 estimateGasAmount,
uint256[] memory distribution
);
function getExpectedReturnWithGas(
address fromToken,
address destToken,
uint256 amount,
uint256 parts,
uint256 flags, // See constants in IOneSplit.sol
uint256 destTokenEthPriceTimesGasPrice
)
public
view
virtual
returns (
uint256 returnAmount,
uint256 estimateGasAmount,
uint256[] memory distribution
);
function setHandlerAddress(
address _handlerAddress
) external virtual returns (bool);
function setReserveAddress(
address _reserveAddress
) external virtual returns (bool);
function setBridgeAddress(
address _bridgeAddress
) external virtual returns (bool);
function withdraw(
address tokenAddress,
address recipient,
uint256 amount
) public payable virtual returns (bool);
function swap(
address fromToken,
address destToken,
uint256 amount,
uint256 minReturn,
uint256 flags,
bytes memory dataTx,
bool isWrapper
) public payable virtual returns (uint256 returnAmount);
function swapWithRecipient(
address fromToken,
address destToken,
uint256 amount,
uint256 minReturn,
uint256 flags,
bytes memory dataTx,
bool isWrapper,
address recipient
) public payable virtual returns (uint256 returnAmount);
function swapMulti(
address[] memory tokens,
uint256 amount,
uint256 minReturn,
uint256[] memory flags,
bytes[] memory dataTx,
bool isWrapper
) public payable virtual returns (uint256 returnAmount);
function swapMultiWithRecipient(
address[] memory tokens,
uint256 amount,
uint256 minReturn,
uint256[] memory flags,
bytes[] memory dataTx,
bool isWrapper,
address recipient
) public payable virtual returns (uint256 returnAmount);
function getExpectedReturnETH(
address srcStablefromtoken,
uint256 srcStableFromTokenAmount,
uint256 parts,
uint256 flags
) public view virtual returns (uint256 returnAmount);
}
// src/interfaces/IRefuel.sol
interface IRefuel {
event Deposit(address srcToken, uint256 amount, uint8 path);
event GasLeaked(
address ttoken,
uint256 ttokenAmount,
uint256 nativeAmount,
address recipient
);
struct TokenDetails {
uint256 minAmount;
uint256 conversionMultiplier;
uint256 threshold;
bool isSet; // isWhilisted
}
struct DepositPayload {
bytes32 destChainIdBytes;
uint256 srcTokenAmount;
uint256 partnerId;
address srcToken;
address refundRecipient;
uint8 path;
}
struct SwapPayload {
uint256[] flags;
uint256 minToAmount;
address[] tokens;
bytes[] dataTx;
}
}
// src/interfaces/IWETH.sol
interface IWETH {
function deposit() external payable;
function transfer(address to, uint256 value) external returns (bool);
function withdraw(uint256) external;
function transferFrom(
address src,
address dst,
uint256 wad
) external returns (bool);
function approve(address guy, uint256 wad) external returns (bool);
}
// node_modules/@openzeppelin/contracts/utils/Pausable.sol
// OpenZeppelin Contracts (last updated v5.0.0) (utils/Pausable.sol)
/**
* @dev Contract module which allows children to implement an emergency stop
* mechanism that can be triggered by an authorized account.
*
* This module is used through inheritance. It will make available the
* modifiers `whenNotPaused` and `whenPaused`, which can be applied to
* the functions of your contract. Note that they will not be pausable by
* simply including this module, only once the modifiers are put in place.
*/
abstract contract Pausable is Context {
bool private _paused;
/**
* @dev Emitted when the pause is triggered by `account`.
*/
event Paused(address account);
/**
* @dev Emitted when the pause is lifted by `account`.
*/
event Unpaused(address account);
/**
* @dev The operation failed because the contract is paused.
*/
error EnforcedPause();
/**
* @dev The operation failed because the contract is not paused.
*/
error ExpectedPause();
/**
* @dev Initializes the contract in unpaused state.
*/
constructor() {
_paused = false;
}
/**
* @dev Modifier to make a function callable only when the contract is not paused.
*
* Requirements:
*
* - The contract must not be paused.
*/
modifier whenNotPaused() {
_requireNotPaused();
_;
}
/**
* @dev Modifier to make a function callable only when the contract is paused.
*
* Requirements:
*
* - The contract must be paused.
*/
modifier whenPaused() {
_requirePaused();
_;
}
/**
* @dev Returns true if the contract is paused, and false otherwise.
*/
function paused() public view virtual returns (bool) {
return _paused;
}
/**
* @dev Throws if the contract is paused.
*/
function _requireNotPaused() internal view virtual {
if (paused()) {
revert EnforcedPause();
}
}
/**
* @dev Throws if the contract is not paused.
*/
function _requirePaused() internal view virtual {
if (!paused()) {
revert ExpectedPause();
}
}
/**
* @dev Triggers stopped state.
*
* Requirements:
*
* - The contract must not be paused.
*/
function _pause() internal virtual whenNotPaused {
_paused = true;
emit Paused(_msgSender());
}
/**
* @dev Returns to normal state.
*
* Requirements:
*
* - The contract must be paused.
*/
function _unpause() internal virtual whenPaused {
_paused = false;
emit Unpaused(_msgSender());
}
}
// node_modules/@openzeppelin/contracts/utils/introspection/ERC165.sol
// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/ERC165.sol)
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*/
abstract contract ERC165 is IERC165 {
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}
// node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/utils/SafeERC20.sol)
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
/**
* @dev An operation with an ERC20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value));
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeCall(token.approve, (spender, 0)));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data);
if (returndata.length != 0 && !abi.decode(returndata, (bool))) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false
// and not revert is the subcall reverts.
(bool success, bytes memory returndata) = address(token).call(data);
return success && (returndata.length == 0 || abi.decode(returndata, (bool))) && address(token).code.length > 0;
}
}
// node_modules/@openzeppelin/contracts/access/AccessControl.sol
// OpenZeppelin Contracts (last updated v5.0.0) (access/AccessControl.sol)
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms. This is a lightweight version that doesn't allow enumerating role
* members except through off-chain means by accessing the contract event logs. Some
* applications may benefit from on-chain enumerability, for those cases see
* {AccessControlEnumerable}.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```solidity
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```solidity
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules}
* to enforce additional security measures for this role.
*/
abstract contract AccessControl is Context, IAccessControl, ERC165 {
struct RoleData {
mapping(address account => bool) hasRole;
bytes32 adminRole;
}
mapping(bytes32 role => RoleData) private _roles;
bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;
/**
* @dev Modifier that checks that an account has a specific role. Reverts
* with an {AccessControlUnauthorizedAccount} error including the required role.
*/
modifier onlyRole(bytes32 role) {
_checkRole(role);
_;
}
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId);
}
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) public view virtual returns (bool) {
return _roles[role].hasRole[account];
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `_msgSender()`
* is missing `role`. Overriding this function changes the behavior of the {onlyRole} modifier.
*/
function _checkRole(bytes32 role) internal view virtual {
_checkRole(role, _msgSender());
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `account`
* is missing `role`.
*/
function _checkRole(bytes32 role, address account) internal view virtual {
if (!hasRole(role, account)) {
revert AccessControlUnauthorizedAccount(account, role);
}
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) public view virtual returns (bytes32) {
return _roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleGranted} event.
*/
function grantRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleRevoked} event.
*/
function revokeRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been revoked `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*
* May emit a {RoleRevoked} event.
*/
function renounceRole(bytes32 role, address callerConfirmation) public virtual {
if (callerConfirmation != _msgSender()) {
revert AccessControlBadConfirmation();
}
_revokeRole(role, callerConfirmation);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
bytes32 previousAdminRole = getRoleAdmin(role);
_roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
/**
* @dev Attempts to grant `role` to `account` and returns a boolean indicating if `role` was granted.
*
* Internal function without access restriction.
*
* May emit a {RoleGranted} event.
*/
function _grantRole(bytes32 role, address account) internal virtual returns (bool) {
if (!hasRole(role, account)) {
_roles[role].hasRole[account] = true;
emit RoleGranted(role, account, _msgSender());
return true;
} else {
return false;
}
}
/**
* @dev Attempts to revoke `role` to `account` and returns a boolean indicating if `role` was revoked.
*
* Internal function without access restriction.
*
* May emit a {RoleRevoked} event.
*/
function _revokeRole(bytes32 role, address account) internal virtual returns (bool) {
if (hasRole(role, account)) {
_roles[role].hasRole[account] = false;
emit RoleRevoked(role, account, _msgSender());
return true;
} else {
return false;
}
}
}
// src/Refuel.sol
contract Refuel is IRefuel, AccessControl, ReentrancyGuard, Pausable {
using SafeERC20 for IERC20;
using Math for uint256;
address public constant NATIVE_ADDRESS =
0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;
bytes32 public constant RESOURCE_SETTER = keccak256("RESOURCE_SETTER");
bytes32 public constant PAUSER = keccak256("PAUSER");
IWETH public immutable wrappedNativeToken;
IAssetForwarder public forwarder;
IAssetBridge public bridge;
IDexSpan public dexspan;
mapping(address => TokenDetails) tdetails;
mapping(bytes32 => bytes) public dstRefuelMp;
error InvalidArrayLength();
error TokenNotWhiteListed();
error InvalidDstChain();
error InvalidForwarderOrBridge();
error InvalidMsgValue();
error InvalidPath();
error InvalidType();
error InvalidSwapAmount();
constructor(
address _bridgeAddress,
address _forwarderAddress,
address _dexSpan,
address _wrappedNativeTokenAddress
) {
_grantRole(DEFAULT_ADMIN_ROLE, msg.sender);
_grantRole(RESOURCE_SETTER, msg.sender);
_grantRole(PAUSER, msg.sender);
forwarder = IAssetForwarder(_forwarderAddress);
bridge = IAssetBridge(_bridgeAddress);
dexspan = IDexSpan(_dexSpan);
wrappedNativeToken = IWETH(_wrappedNativeTokenAddress);
}
function pause() external onlyRole(PAUSER) whenNotPaused {
_pause();
}
function unpause() external onlyRole(PAUSER) whenPaused {
_unpause();
}
function update(
address fadAddress,
uint8 updateType
) public onlyRole(RESOURCE_SETTER) {
if (updateType == 0) forwarder = IAssetForwarder(fadAddress);
if (updateType == 1) bridge = IAssetBridge(fadAddress);
if (updateType == 2) dexspan = IDexSpan(fadAddress);
if (updateType > 2) revert InvalidType();
}
// set destination chain refuel contracts
function setDstRefuelMp(
bytes32[] memory chainIds,
bytes[] memory dstRefuelAddresses
) public onlyRole(RESOURCE_SETTER) {
if (
!(chainIds.length != 0 &&
chainIds.length == dstRefuelAddresses.length)
) revert InvalidArrayLength();
for (uint256 idx = 0; idx < chainIds.length; ) {
dstRefuelMp[chainIds[idx]] = dstRefuelAddresses[idx];
unchecked {
++idx;
}
}
}
// update token conversion multiplier
function setConversionMultiplierOrThresholds(
address[] calldata tokens,
uint256[] calldata conversionMultipliers,
uint256[] calldata thresholds
) public onlyRole(RESOURCE_SETTER) {
if (
!(tokens.length != 0 &&
tokens.length == conversionMultipliers.length &&
thresholds.length == tokens.length)
) revert InvalidArrayLength();
for (uint256 i = 0; i < tokens.length; ) {
if (!tdetails[tokens[i]].isSet) revert TokenNotWhiteListed();
if (conversionMultipliers[i] != 0)
tdetails[tokens[i]]
.conversionMultiplier = conversionMultipliers[i];
if (thresholds[i] != 0)
tdetails[tokens[i]].threshold = thresholds[i];
unchecked {
++i;
}
}
}
// update or add token info
function updateTokenDetails(
address[] calldata token,
TokenDetails[] calldata tokenDetail
) public onlyRole(RESOURCE_SETTER) {
if (!(token.length != 0 && token.length == tokenDetail.length))
revert InvalidArrayLength();
for (uint256 i = 0; i < token.length; ) {
tdetails[token[i]] = tokenDetail[i];
unchecked {
++i;
}
}
}
// creates packet for dst refuel contract without any swap on dst contract
function getMessagePacket(
bytes memory recipient,
uint256 x
) public pure returns (bytes memory) {
return abi.encode(uint8(0), recipient, x);
}
function getTokenDetails(
address[] memory tokens
) public view returns (TokenDetails[] memory) {
TokenDetails[] memory td = new TokenDetails[](tokens.length);
for (uint256 idx = 0; idx < tokens.length; idx++)
td[idx] = tdetails[tokens[idx]];
return td;
}
function getDstRefuelAdresses(
bytes32[] memory chainBytes
) public view returns (bytes[] memory) {
bytes[] memory drAdrr = new bytes[](chainBytes.length);
for (uint256 idx = 0; idx < chainBytes.length; idx++)
drAdrr[idx] = dstRefuelMp[chainBytes[idx]];
return drAdrr;
}
// creates packet for dst refuel contract without swap on dst contract
// since swap only exist on evm, so forming data only for evm chains
function getMessagePacketWithSwap(
bytes memory recipient,
uint256 x,
SwapPayload memory dstSwapPayload
) public pure returns (bytes memory) {
return
abi.encode(
uint8(1),
recipient, //bytes: end token receiver
x,
dstSwapPayload
);
}
function _beforeDeposit(
address srcToken,
uint256 srcAmount
) internal returns (address) {
if (NATIVE_ADDRESS == srcToken) {
if (msg.value != srcAmount) revert InvalidMsgValue();
wrappedNativeToken.deposit{value: msg.value}();
srcToken = address(wrappedNativeToken);
} else {
if (msg.value != 0) revert InvalidMsgValue();
IERC20(srcToken).safeTransferFrom(
msg.sender,
address(this),
srcAmount
);
}
return srcToken;
}
// no swap on src_chain
function depositWithOutSwap(
DepositPayload memory depositData,
bytes memory dstPacket, // encode [recipient,x]
bytes memory extraData // for forwarder flow pass dst token and dst amount
) private {
if (!tdetails[depositData.srcToken].isSet) revert TokenNotWhiteListed();
address srcToken = _beforeDeposit(
depositData.srcToken,
depositData.srcTokenAmount
);
_afterDeposit(
srcToken,
depositData.srcTokenAmount,
depositData,
dstPacket,
extraData
);
}
function depositWithSwap(
DepositPayload memory depositData,
bytes memory dstPacket,
bytes memory extraData, // for forwarder flow pass dst token and dst amount
SwapPayload memory srcSwapPayload
) private {
address srcToken = _beforeDeposit(
depositData.srcToken,
depositData.srcTokenAmount
);
srcSwapPayload.tokens[0] = srcToken; // not if depositing native then tokens[0] = wrappedNative
IERC20(srcToken).safeIncreaseAllowance(
address(dexspan),
depositData.srcTokenAmount
);
uint256 returnAmount = dexspan.swapMultiWithRecipient( // recipient will be address(this)
srcSwapPayload.tokens,
depositData.srcTokenAmount,
srcSwapPayload.minToAmount,
srcSwapPayload.flags,
srcSwapPayload.dataTx,
false,
address(this)
);
address returnToken = srcSwapPayload.tokens[
srcSwapPayload.tokens.length - 1
];
if (!tdetails[returnToken].isSet) revert TokenNotWhiteListed();
_afterDeposit(
returnToken,
returnAmount,
depositData,
dstPacket,
extraData
);
}
function _afterDeposit(
address token,
uint256 amount,
DepositPayload memory depositData,
bytes memory packet,
bytes memory extraData
) internal {
if (dstRefuelMp[depositData.destChainIdBytes].length == 0)
revert InvalidDstChain();
// AssetForwarder
if (depositData.path == 0) {
(bytes memory dstToken, uint256 feeAmount) = abi.decode(
extraData,
(bytes, uint256)
);
IERC20(token).safeIncreaseAllowance(address(forwarder), amount);
forwarder.iDepositMessage(
IAssetForwarder.DepositData(
depositData.partnerId,
amount,
amount - feeAmount,
token,
depositData.refundRecipient,
depositData.destChainIdBytes
),
dstToken,
dstRefuelMp[depositData.destChainIdBytes],
packet
);
emit Deposit(token, amount, 0);
return;
}
// AssetBridge
if (depositData.path == 1) {
uint64 destGasLimit = abi.decode(extraData, (uint64));
IERC20(token).safeIncreaseAllowance(address(bridge), amount);
bridge.transferTokenWithInstruction(
IAssetBridge.TransferPayload(
depositData.destChainIdBytes,
token,
amount,
dstRefuelMp[depositData.destChainIdBytes],
depositData.partnerId
),
destGasLimit,
packet
);
emit Deposit(token, amount, 1);
return;
}
revert InvalidPath();
}
function iDepositInfoUpdate(
address srcToken,
uint256 feeAmount,
uint256 depositId,
bool initiatewithdrawal
) external payable nonReentrant whenNotPaused {
forwarder.iDepositInfoUpdate{value: msg.value}(
srcToken,
feeAmount,
depositId,
initiatewithdrawal
);
}
// no swap, neither on src nor on dst chain
function deposit(
DepositPayload memory depositData,
bytes memory dstPacket, // encode [recipient,x]
bytes memory extraData // for forwarder flow pass dst token and feeAmount
) public payable whenNotPaused {
depositWithOutSwap(depositData, dstPacket, extraData);
}
// no swap on src but swap on dst
function depositAndSwap(
DepositPayload memory depositData,
bytes memory dstPacket, // encode [recipient,x,dstSwapPayload]
bytes memory extraData // for forwarder flow pass dst token and feeAmount
) public payable whenNotPaused {
depositWithOutSwap(depositData, dstPacket, extraData);
}
// swap on src but no swap on dst
function swapAndDeposit(
DepositPayload memory depositData,
bytes memory dstPacket, // encode [recipient,x]
bytes memory extraData, // for forwarder flow pass dst token and feeAmount
SwapPayload memory srcSwapPayload
) public payable whenNotPaused {
depositWithSwap(depositData, dstPacket, extraData, srcSwapPayload);
}
// swap on src and swap on dst
function swapAndDepositAndSwap(
DepositPayload memory depositData,
bytes memory dstPacket, // encode [recipient,x,dstSwapPayload]
bytes memory extraData, // for forwarder flow pass dst token and feeAmount
SwapPayload memory srcSwapPayload // SwapPayload memory dstSwapPayload
) public payable whenNotPaused {
depositWithSwap(depositData, dstPacket, extraData, srcSwapPayload);
}
function safeTransferNative(address to, uint256 value) internal {
require(to != address(0), "safeTransferETH: transfer to address 0");
(bool success, ) = to.call{value: value}(new bytes(0));
require(success, "safeTransferETH: ETH transfer failed");
}
function safeTransferToken(
address token,
address to,
uint256 value
) internal {
IERC20(token).safeTransfer(to, value);
// Uncomment For Tron
// if (token != 0xa614f803B6FD780986A42c78Ec9c7f77e6DeD13C)
// IERC20(token).safeTransfer(to, value);
// else {
// (bool success, ) = token.call{gas: gasleft()}(
// abi.encodeWithSelector(IERC20.transfer.selector, to, value)
// ); // no check on return data for usdt on tron mainnet
// require(success, "safeTransferToken: token transfer failed");
// }
}
function revertTx(
address tokenSent,
uint256 amount,
address recipient
) internal {
// invalid tx type then refund to recipient
if (tokenSent != NATIVE_ADDRESS)
safeTransferToken(tokenSent, recipient, amount);
else safeTransferNative(recipient, amount);
emit GasLeaked(tokenSent, amount, 0, recipient);
}
function _leakGas(
address ttoken,
uint256 tamount,
uint256 namount,
address recipient
) internal {
if (tamount != 0) safeTransferToken(ttoken, recipient, tamount);
if (namount != 0) safeTransferNative(recipient, namount);
emit GasLeaked(ttoken, tamount, namount, recipient);
}
function handleMessage(
address tokenSent,
uint256 amount,
bytes memory message
) external nonReentrant whenNotPaused {
//Note: If wrong packet is sent then fund remains stuck in refuel
if (msg.sender != address(forwarder) && msg.sender != address(bridge))
revert InvalidForwarderOrBridge();
(uint8 tx_type, bytes memory brecipient, uint256 amountToConvert) = abi
.decode(message, (uint8, bytes, uint256));
address recipient = toAddress(brecipient);
// invalid tx type then refund to recipient or
// if token not whitelisted revert it to recipient
if ((tx_type != 0 && tx_type != 1) || !tdetails[tokenSent].isSet)
return revertTx(tokenSent, amount, recipient);
// tx_type == 0 no swap
if (tx_type == 0 && tokenSent == NATIVE_ADDRESS)
// if no swap and native is sent then transfer full amount to recipient regardless of x
return safeTransferNative(recipient, amount);
// tx_type == 1 swap
if (tx_type == 1)
return
handleMessageWithSwap(
message,
tokenSent,
amount,
recipient,
amountToConvert
);
(uint256 tamount, uint256 namount) = handleConversion(
tokenSent,
amount,
amountToConvert
);
// native balance not available, revert tx
if (address(this).balance < namount)
return revertTx(tokenSent, amount, recipient);
_leakGas(tokenSent, tamount, namount, recipient);
}
function handleMessageWithSwap(
bytes memory message,
address tokenSent,
uint256 amount,
address recipient,
uint256 tAmtToConvert
) internal {
//Note: If wrong packet is sent then fund remains stuck in refuel
(, , , uint256 swapAmount, SwapPayload memory dstSwapPayload) = abi
.decode(message, (uint8, bytes, uint256, uint256, SwapPayload));
if (swapAmount > amount) {
(uint256 _tamount, uint256 _namount) = handleConversion(
tokenSent,
amount,
tAmtToConvert
);
if (address(this).balance < _namount)
return revertTx(tokenSent, amount, recipient);
return _leakGas(tokenSent, _tamount, _namount, recipient);
}
(uint256 tamount, uint256 namount) = handleConversion(
tokenSent,
amount,
amount - swapAmount
);
if (address(this).balance < namount)
return revertTx(tokenSent, amount, recipient);
if (tokenSent == NATIVE_ADDRESS) {
wrappedNativeToken.deposit{value: amount}();
dstSwapPayload.tokens[0] = address(wrappedNativeToken);
}
IERC20(dstSwapPayload.tokens[0]).safeIncreaseAllowance(
address(dexspan),
swapAmount
);
(bool execFlag, ) = address(dexspan).call{gas: gasleft()}( //Note: To Ensure .call Doesn't Fail Due To Out Of Gas, Just To Check Is There Any Case Where This Cases Any Issue
abi.encodeWithSelector(
IDexSpan.swapMultiWithRecipient.selector,
dstSwapPayload.tokens,
swapAmount,
dstSwapPayload.minToAmount,
dstSwapPayload.flags,
dstSwapPayload.dataTx,
false,
recipient
)
);
if (!execFlag) return _leakGas(tokenSent, tamount, namount, recipient);
if (namount != 0) safeTransferNative(recipient, namount);
emit GasLeaked(tokenSent, tamount, namount, recipient);
}
function handleConversion(
address tSent,
uint256 amt,
uint256 tAmtToConvert
) internal view returns (uint256 tamount, uint256 namount) {
//NOTE: it's constant only, so doesn't matter
if (tAmtToConvert > (tdetails[tSent].threshold * 12) / 10)
tAmtToConvert = tdetails[tSent].threshold;
if (amt > tAmtToConvert) tamount = (amt - tAmtToConvert);
else tAmtToConvert = amt;
namount = tAmtToConvert;
if (tSent != NATIVE_ADDRESS)
namount =
(tAmtToConvert * tdetails[tSent].conversionMultiplier) /
1000000000; // / (10^9)
}
function rescue(
address token,
address recipient,
uint256 amount
) external onlyRole(DEFAULT_ADMIN_ROLE) nonReentrant {
if (token == NATIVE_ADDRESS) {
if (amount == 0) amount = address(this).balance;
safeTransferNative(recipient, amount);
} else {
if (amount == 0) amount = IERC20(token).balanceOf(address(this));
safeTransferToken(token, recipient, amount);
}
}
function toAddress(
bytes memory data
) internal pure returns (address convertedAddress) {
require(data.length == 20, "Input data must be 20 bytes long");
assembly {
convertedAddress := mload(add(data, 20))
}
}
receive() external payable {}
}