Contract Source Code:
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/ERC20.sol)
pragma solidity ^0.8.0;
import "./IERC20.sol";
import "./extensions/IERC20Metadata.sol";
import "../../utils/Context.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20 is Context, IERC20, IERC20Metadata {
mapping(address => uint256) private _balances;
mapping(address => mapping(address => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* The default value of {decimals} is 18. To select a different value for
* {decimals} you should overload it.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual override returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual override returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless this function is
* overridden;
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual override returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address recipient, uint256 amount) public virtual override returns (bool) {
_transfer(_msgSender(), recipient, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual override returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
_approve(_msgSender(), spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* Requirements:
*
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
* - the caller must have allowance for ``sender``'s tokens of at least
* `amount`.
*/
function transferFrom(
address sender,
address recipient,
uint256 amount
) public virtual override returns (bool) {
_transfer(sender, recipient, amount);
uint256 currentAllowance = _allowances[sender][_msgSender()];
require(currentAllowance >= amount, "ERC20: transfer amount exceeds allowance");
unchecked {
_approve(sender, _msgSender(), currentAllowance - amount);
}
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender] + addedValue);
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
uint256 currentAllowance = _allowances[_msgSender()][spender];
require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
unchecked {
_approve(_msgSender(), spender, currentAllowance - subtractedValue);
}
return true;
}
/**
* @dev Moves `amount` of tokens from `sender` to `recipient`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/
function _transfer(
address sender,
address recipient,
uint256 amount
) internal virtual {
require(sender != address(0), "ERC20: transfer from the zero address");
require(recipient != address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(sender, recipient, amount);
uint256 senderBalance = _balances[sender];
require(senderBalance >= amount, "ERC20: transfer amount exceeds balance");
unchecked {
_balances[sender] = senderBalance - amount;
}
_balances[recipient] += amount;
emit Transfer(sender, recipient, amount);
_afterTokenTransfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply += amount;
_balances[account] += amount;
emit Transfer(address(0), account, amount);
_afterTokenTransfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
uint256 accountBalance = _balances[account];
require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
unchecked {
_balances[account] = accountBalance - amount;
}
_totalSupply -= amount;
emit Transfer(account, address(0), amount);
_afterTokenTransfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(
address owner,
address spender,
uint256 amount
) internal virtual {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* has been transferred to `to`.
* - when `from` is zero, `amount` tokens have been minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens have been burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _afterTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*
* _Available since v4.1._
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(
address sender,
address recipient,
uint256 amount
) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
import "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
function safeTransfer(
IERC20 token,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(
IERC20 token,
address from,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(
IERC20 token,
address spender,
uint256 value
) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
require(
(value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
function safeIncreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
uint256 newAllowance = token.allowance(address(this), spender) + value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function safeDecreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
uint256 newAllowance = oldAllowance - value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address.functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length > 0) {
// Return data is optional
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Address.sol)
pragma solidity ^0.8.0;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize, which returns 0 for contracts in
// construction, since the code is only stored at the end of the
// constructor execution.
uint256 size;
assembly {
size := extcodesize(account)
}
return size > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
require(isContract(target), "Address: call to non-contract");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
require(isContract(target), "Address: static call to non-contract");
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
require(isContract(target), "Address: delegate call to non-contract");
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Tool to verifies that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/math/SafeCast.sol)
pragma solidity ^0.8.0;
/**
* @dev Wrappers over Solidity's uintXX/intXX casting operators with added overflow
* checks.
*
* Downcasting from uint256/int256 in Solidity does not revert on overflow. This can
* easily result in undesired exploitation or bugs, since developers usually
* assume that overflows raise errors. `SafeCast` restores this intuition by
* reverting the transaction when such an operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*
* Can be combined with {SafeMath} and {SignedSafeMath} to extend it to smaller types, by performing
* all math on `uint256` and `int256` and then downcasting.
*/
library SafeCast {
/**
* @dev Returns the downcasted uint224 from uint256, reverting on
* overflow (when the input is greater than largest uint224).
*
* Counterpart to Solidity's `uint224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*/
function toUint224(uint256 value) internal pure returns (uint224) {
require(value <= type(uint224).max, "SafeCast: value doesn't fit in 224 bits");
return uint224(value);
}
/**
* @dev Returns the downcasted uint128 from uint256, reverting on
* overflow (when the input is greater than largest uint128).
*
* Counterpart to Solidity's `uint128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*/
function toUint128(uint256 value) internal pure returns (uint128) {
require(value <= type(uint128).max, "SafeCast: value doesn't fit in 128 bits");
return uint128(value);
}
/**
* @dev Returns the downcasted uint96 from uint256, reverting on
* overflow (when the input is greater than largest uint96).
*
* Counterpart to Solidity's `uint96` operator.
*
* Requirements:
*
* - input must fit into 96 bits
*/
function toUint96(uint256 value) internal pure returns (uint96) {
require(value <= type(uint96).max, "SafeCast: value doesn't fit in 96 bits");
return uint96(value);
}
/**
* @dev Returns the downcasted uint64 from uint256, reverting on
* overflow (when the input is greater than largest uint64).
*
* Counterpart to Solidity's `uint64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*/
function toUint64(uint256 value) internal pure returns (uint64) {
require(value <= type(uint64).max, "SafeCast: value doesn't fit in 64 bits");
return uint64(value);
}
/**
* @dev Returns the downcasted uint32 from uint256, reverting on
* overflow (when the input is greater than largest uint32).
*
* Counterpart to Solidity's `uint32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*/
function toUint32(uint256 value) internal pure returns (uint32) {
require(value <= type(uint32).max, "SafeCast: value doesn't fit in 32 bits");
return uint32(value);
}
/**
* @dev Returns the downcasted uint16 from uint256, reverting on
* overflow (when the input is greater than largest uint16).
*
* Counterpart to Solidity's `uint16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*/
function toUint16(uint256 value) internal pure returns (uint16) {
require(value <= type(uint16).max, "SafeCast: value doesn't fit in 16 bits");
return uint16(value);
}
/**
* @dev Returns the downcasted uint8 from uint256, reverting on
* overflow (when the input is greater than largest uint8).
*
* Counterpart to Solidity's `uint8` operator.
*
* Requirements:
*
* - input must fit into 8 bits.
*/
function toUint8(uint256 value) internal pure returns (uint8) {
require(value <= type(uint8).max, "SafeCast: value doesn't fit in 8 bits");
return uint8(value);
}
/**
* @dev Converts a signed int256 into an unsigned uint256.
*
* Requirements:
*
* - input must be greater than or equal to 0.
*/
function toUint256(int256 value) internal pure returns (uint256) {
require(value >= 0, "SafeCast: value must be positive");
return uint256(value);
}
/**
* @dev Returns the downcasted int128 from int256, reverting on
* overflow (when the input is less than smallest int128 or
* greater than largest int128).
*
* Counterpart to Solidity's `int128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*
* _Available since v3.1._
*/
function toInt128(int256 value) internal pure returns (int128) {
require(value >= type(int128).min && value <= type(int128).max, "SafeCast: value doesn't fit in 128 bits");
return int128(value);
}
/**
* @dev Returns the downcasted int64 from int256, reverting on
* overflow (when the input is less than smallest int64 or
* greater than largest int64).
*
* Counterpart to Solidity's `int64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*
* _Available since v3.1._
*/
function toInt64(int256 value) internal pure returns (int64) {
require(value >= type(int64).min && value <= type(int64).max, "SafeCast: value doesn't fit in 64 bits");
return int64(value);
}
/**
* @dev Returns the downcasted int32 from int256, reverting on
* overflow (when the input is less than smallest int32 or
* greater than largest int32).
*
* Counterpart to Solidity's `int32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*
* _Available since v3.1._
*/
function toInt32(int256 value) internal pure returns (int32) {
require(value >= type(int32).min && value <= type(int32).max, "SafeCast: value doesn't fit in 32 bits");
return int32(value);
}
/**
* @dev Returns the downcasted int16 from int256, reverting on
* overflow (when the input is less than smallest int16 or
* greater than largest int16).
*
* Counterpart to Solidity's `int16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*
* _Available since v3.1._
*/
function toInt16(int256 value) internal pure returns (int16) {
require(value >= type(int16).min && value <= type(int16).max, "SafeCast: value doesn't fit in 16 bits");
return int16(value);
}
/**
* @dev Returns the downcasted int8 from int256, reverting on
* overflow (when the input is less than smallest int8 or
* greater than largest int8).
*
* Counterpart to Solidity's `int8` operator.
*
* Requirements:
*
* - input must fit into 8 bits.
*
* _Available since v3.1._
*/
function toInt8(int256 value) internal pure returns (int8) {
require(value >= type(int8).min && value <= type(int8).max, "SafeCast: value doesn't fit in 8 bits");
return int8(value);
}
/**
* @dev Converts an unsigned uint256 into a signed int256.
*
* Requirements:
*
* - input must be less than or equal to maxInt256.
*/
function toInt256(uint256 value) internal pure returns (int256) {
// Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive
require(value <= uint256(type(int256).max), "SafeCast: value doesn't fit in an int256");
return int256(value);
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/**
* @title Base for contracts that are managed by the Origin Protocol's Governor.
* @dev Copy of the openzeppelin Ownable.sol contract with nomenclature change
* from owner to governor and renounce methods removed. Does not use
* Context.sol like Ownable.sol does for simplification.
* @author Origin Protocol Inc
*/
contract Governable {
// Storage position of the owner and pendingOwner of the contract
// keccak256("OUSD.governor");
bytes32 private constant governorPosition =
0x7bea13895fa79d2831e0a9e28edede30099005a50d652d8957cf8a607ee6ca4a;
// keccak256("OUSD.pending.governor");
bytes32 private constant pendingGovernorPosition =
0x44c4d30b2eaad5130ad70c3ba6972730566f3e6359ab83e800d905c61b1c51db;
// keccak256("OUSD.reentry.status");
bytes32 private constant reentryStatusPosition =
0x53bf423e48ed90e97d02ab0ebab13b2a235a6bfbe9c321847d5c175333ac4535;
// See OpenZeppelin ReentrancyGuard implementation
uint256 constant _NOT_ENTERED = 1;
uint256 constant _ENTERED = 2;
event PendingGovernorshipTransfer(
address indexed previousGovernor,
address indexed newGovernor
);
event GovernorshipTransferred(
address indexed previousGovernor,
address indexed newGovernor
);
/**
* @dev Initializes the contract setting the deployer as the initial Governor.
*/
constructor() {
_setGovernor(msg.sender);
emit GovernorshipTransferred(address(0), _governor());
}
/**
* @notice Returns the address of the current Governor.
*/
function governor() public view returns (address) {
return _governor();
}
/**
* @dev Returns the address of the current Governor.
*/
function _governor() internal view returns (address governorOut) {
bytes32 position = governorPosition;
// solhint-disable-next-line no-inline-assembly
assembly {
governorOut := sload(position)
}
}
/**
* @dev Returns the address of the pending Governor.
*/
function _pendingGovernor()
internal
view
returns (address pendingGovernor)
{
bytes32 position = pendingGovernorPosition;
// solhint-disable-next-line no-inline-assembly
assembly {
pendingGovernor := sload(position)
}
}
/**
* @dev Throws if called by any account other than the Governor.
*/
modifier onlyGovernor() {
require(isGovernor(), "Caller is not the Governor");
_;
}
/**
* @notice Returns true if the caller is the current Governor.
*/
function isGovernor() public view returns (bool) {
return msg.sender == _governor();
}
function _setGovernor(address newGovernor) internal {
bytes32 position = governorPosition;
// solhint-disable-next-line no-inline-assembly
assembly {
sstore(position, newGovernor)
}
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and make it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
bytes32 position = reentryStatusPosition;
uint256 _reentry_status;
// solhint-disable-next-line no-inline-assembly
assembly {
_reentry_status := sload(position)
}
// On the first call to nonReentrant, _notEntered will be true
require(_reentry_status != _ENTERED, "Reentrant call");
// Any calls to nonReentrant after this point will fail
// solhint-disable-next-line no-inline-assembly
assembly {
sstore(position, _ENTERED)
}
_;
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
// solhint-disable-next-line no-inline-assembly
assembly {
sstore(position, _NOT_ENTERED)
}
}
function _setPendingGovernor(address newGovernor) internal {
bytes32 position = pendingGovernorPosition;
// solhint-disable-next-line no-inline-assembly
assembly {
sstore(position, newGovernor)
}
}
/**
* @notice Transfers Governance of the contract to a new account (`newGovernor`).
* Can only be called by the current Governor. Must be claimed for this to complete
* @param _newGovernor Address of the new Governor
*/
function transferGovernance(address _newGovernor) external onlyGovernor {
_setPendingGovernor(_newGovernor);
emit PendingGovernorshipTransfer(_governor(), _newGovernor);
}
/**
* @notice Claim Governance of the contract to a new account (`newGovernor`).
* Can only be called by the new Governor.
*/
function claimGovernance() external {
require(
msg.sender == _pendingGovernor(),
"Only the pending Governor can complete the claim"
);
_changeGovernor(msg.sender);
}
/**
* @dev Change Governance of the contract to a new account (`newGovernor`).
* @param _newGovernor Address of the new Governor
*/
function _changeGovernor(address _newGovernor) internal {
require(_newGovernor != address(0), "New Governor is address(0)");
emit GovernorshipTransferred(_governor(), _newGovernor);
_setGovernor(_newGovernor);
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import { OUSD } from "./OUSD.sol";
/**
* @title Origin Sonic (OS) token on Sonic
* @author Origin Protocol Inc
*/
contract OSonic is OUSD {
function symbol() external pure override returns (string memory) {
return "OS";
}
function name() external pure override returns (string memory) {
return "Origin Sonic";
}
}
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;
/**
* @title OUSD Token Contract
* @dev ERC20 compatible contract for OUSD
* @dev Implements an elastic supply
* @author Origin Protocol Inc
*/
import { Governable } from "../governance/Governable.sol";
import { SafeCast } from "@openzeppelin/contracts/utils/math/SafeCast.sol";
contract OUSD is Governable {
using SafeCast for int256;
using SafeCast for uint256;
/// @dev Event triggered when the supply changes
/// @param totalSupply Updated token total supply
/// @param rebasingCredits Updated token rebasing credits
/// @param rebasingCreditsPerToken Updated token rebasing credits per token
event TotalSupplyUpdatedHighres(
uint256 totalSupply,
uint256 rebasingCredits,
uint256 rebasingCreditsPerToken
);
/// @dev Event triggered when an account opts in for rebasing
/// @param account Address of the account
event AccountRebasingEnabled(address account);
/// @dev Event triggered when an account opts out of rebasing
/// @param account Address of the account
event AccountRebasingDisabled(address account);
/// @dev Emitted when `value` tokens are moved from one account `from` to
/// another `to`.
/// @param from Address of the account tokens are moved from
/// @param to Address of the account tokens are moved to
/// @param value Amount of tokens transferred
event Transfer(address indexed from, address indexed to, uint256 value);
/// @dev Emitted when the allowance of a `spender` for an `owner` is set by
/// a call to {approve}. `value` is the new allowance.
/// @param owner Address of the owner approving allowance
/// @param spender Address of the spender allowance is granted to
/// @param value Amount of tokens spender can transfer
event Approval(
address indexed owner,
address indexed spender,
uint256 value
);
/// @dev Yield resulting from {changeSupply} that a `source` account would
/// receive is directed to `target` account.
/// @param source Address of the source forwarding the yield
/// @param target Address of the target receiving the yield
event YieldDelegated(address source, address target);
/// @dev Yield delegation from `source` account to the `target` account is
/// suspended.
/// @param source Address of the source suspending yield forwarding
/// @param target Address of the target no longer receiving yield from `source`
/// account
event YieldUndelegated(address source, address target);
enum RebaseOptions {
NotSet,
StdNonRebasing,
StdRebasing,
YieldDelegationSource,
YieldDelegationTarget
}
uint256[154] private _gap; // Slots to align with deployed contract
uint256 private constant MAX_SUPPLY = type(uint128).max;
/// @dev The amount of tokens in existence
uint256 public totalSupply;
mapping(address => mapping(address => uint256)) private allowances;
/// @dev The vault with privileges to execute {mint}, {burn}
/// and {changeSupply}
address public vaultAddress;
mapping(address => uint256) internal creditBalances;
// the 2 storage variables below need trailing underscores to not name collide with public functions
uint256 private rebasingCredits_; // Sum of all rebasing credits (creditBalances for rebasing accounts)
uint256 private rebasingCreditsPerToken_;
/// @dev The amount of tokens that are not rebasing - receiving yield
uint256 public nonRebasingSupply;
mapping(address => uint256) internal alternativeCreditsPerToken;
/// @dev A map of all addresses and their respective RebaseOptions
mapping(address => RebaseOptions) public rebaseState;
mapping(address => uint256) private __deprecated_isUpgraded;
/// @dev A map of addresses that have yields forwarded to. This is an
/// inverse mapping of {yieldFrom}
/// Key Account forwarding yield
/// Value Account receiving yield
mapping(address => address) public yieldTo;
/// @dev A map of addresses that are receiving the yield. This is an
/// inverse mapping of {yieldTo}
/// Key Account receiving yield
/// Value Account forwarding yield
mapping(address => address) public yieldFrom;
uint256 private constant RESOLUTION_INCREASE = 1e9;
uint256[34] private __gap; // including below gap totals up to 200
/// @dev Initializes the contract and sets necessary variables.
/// @param _vaultAddress Address of the vault contract
/// @param _initialCreditsPerToken The starting rebasing credits per token.
function initialize(address _vaultAddress, uint256 _initialCreditsPerToken)
external
onlyGovernor
{
require(_vaultAddress != address(0), "Zero vault address");
require(vaultAddress == address(0), "Already initialized");
rebasingCreditsPerToken_ = _initialCreditsPerToken;
vaultAddress = _vaultAddress;
}
/// @dev Returns the symbol of the token, a shorter version
/// of the name.
function symbol() external pure virtual returns (string memory) {
return "OUSD";
}
/// @dev Returns the name of the token.
function name() external pure virtual returns (string memory) {
return "Origin Dollar";
}
/// @dev Returns the number of decimals used to get its user representation.
function decimals() external pure virtual returns (uint8) {
return 18;
}
/**
* @dev Verifies that the caller is the Vault contract
*/
modifier onlyVault() {
require(vaultAddress == msg.sender, "Caller is not the Vault");
_;
}
/**
* @return High resolution rebasingCreditsPerToken
*/
function rebasingCreditsPerTokenHighres() external view returns (uint256) {
return rebasingCreditsPerToken_;
}
/**
* @return Low resolution rebasingCreditsPerToken
*/
function rebasingCreditsPerToken() external view returns (uint256) {
return rebasingCreditsPerToken_ / RESOLUTION_INCREASE;
}
/**
* @return High resolution total number of rebasing credits
*/
function rebasingCreditsHighres() external view returns (uint256) {
return rebasingCredits_;
}
/**
* @return Low resolution total number of rebasing credits
*/
function rebasingCredits() external view returns (uint256) {
return rebasingCredits_ / RESOLUTION_INCREASE;
}
/**
* @notice Gets the balance of the specified address.
* @param _account Address to query the balance of.
* @return A uint256 representing the amount of base units owned by the
* specified address.
*/
function balanceOf(address _account) public view returns (uint256) {
RebaseOptions state = rebaseState[_account];
if (state == RebaseOptions.YieldDelegationSource) {
// Saves a slot read when transferring to or from a yield delegating source
// since we know creditBalances equals the balance.
return creditBalances[_account];
}
uint256 baseBalance = (creditBalances[_account] * 1e18) /
_creditsPerToken(_account);
if (state == RebaseOptions.YieldDelegationTarget) {
// creditBalances of yieldFrom accounts equals token balances
return baseBalance - creditBalances[yieldFrom[_account]];
}
return baseBalance;
}
/**
* @notice Gets the credits balance of the specified address.
* @dev Backwards compatible with old low res credits per token.
* @param _account The address to query the balance of.
* @return (uint256, uint256) Credit balance and credits per token of the
* address
*/
function creditsBalanceOf(address _account)
external
view
returns (uint256, uint256)
{
uint256 cpt = _creditsPerToken(_account);
if (cpt == 1e27) {
// For a period before the resolution upgrade, we created all new
// contract accounts at high resolution. Since they are not changing
// as a result of this upgrade, we will return their true values
return (creditBalances[_account], cpt);
} else {
return (
creditBalances[_account] / RESOLUTION_INCREASE,
cpt / RESOLUTION_INCREASE
);
}
}
/**
* @notice Gets the credits balance of the specified address.
* @param _account The address to query the balance of.
* @return (uint256, uint256, bool) Credit balance, credits per token of the
* address, and isUpgraded
*/
function creditsBalanceOfHighres(address _account)
external
view
returns (
uint256,
uint256,
bool
)
{
return (
creditBalances[_account],
_creditsPerToken(_account),
true // all accounts have their resolution "upgraded"
);
}
// Backwards compatible view
function nonRebasingCreditsPerToken(address _account)
external
view
returns (uint256)
{
return alternativeCreditsPerToken[_account];
}
/**
* @notice Transfer tokens to a specified address.
* @param _to the address to transfer to.
* @param _value the amount to be transferred.
* @return true on success.
*/
function transfer(address _to, uint256 _value) external returns (bool) {
require(_to != address(0), "Transfer to zero address");
_executeTransfer(msg.sender, _to, _value);
emit Transfer(msg.sender, _to, _value);
return true;
}
/**
* @notice Transfer tokens from one address to another.
* @param _from The address you want to send tokens from.
* @param _to The address you want to transfer to.
* @param _value The amount of tokens to be transferred.
* @return true on success.
*/
function transferFrom(
address _from,
address _to,
uint256 _value
) external returns (bool) {
require(_to != address(0), "Transfer to zero address");
uint256 userAllowance = allowances[_from][msg.sender];
require(_value <= userAllowance, "Allowance exceeded");
unchecked {
allowances[_from][msg.sender] = userAllowance - _value;
}
_executeTransfer(_from, _to, _value);
emit Transfer(_from, _to, _value);
return true;
}
function _executeTransfer(
address _from,
address _to,
uint256 _value
) internal {
(
int256 fromRebasingCreditsDiff,
int256 fromNonRebasingSupplyDiff
) = _adjustAccount(_from, -_value.toInt256());
(
int256 toRebasingCreditsDiff,
int256 toNonRebasingSupplyDiff
) = _adjustAccount(_to, _value.toInt256());
_adjustGlobals(
fromRebasingCreditsDiff + toRebasingCreditsDiff,
fromNonRebasingSupplyDiff + toNonRebasingSupplyDiff
);
}
function _adjustAccount(address _account, int256 _balanceChange)
internal
returns (int256 rebasingCreditsDiff, int256 nonRebasingSupplyDiff)
{
RebaseOptions state = rebaseState[_account];
int256 currentBalance = balanceOf(_account).toInt256();
if (currentBalance + _balanceChange < 0) {
revert("Transfer amount exceeds balance");
}
uint256 newBalance = (currentBalance + _balanceChange).toUint256();
if (state == RebaseOptions.YieldDelegationSource) {
address target = yieldTo[_account];
uint256 targetOldBalance = balanceOf(target);
uint256 targetNewCredits = _balanceToRebasingCredits(
targetOldBalance + newBalance
);
rebasingCreditsDiff =
targetNewCredits.toInt256() -
creditBalances[target].toInt256();
creditBalances[_account] = newBalance;
creditBalances[target] = targetNewCredits;
} else if (state == RebaseOptions.YieldDelegationTarget) {
uint256 newCredits = _balanceToRebasingCredits(
newBalance + creditBalances[yieldFrom[_account]]
);
rebasingCreditsDiff =
newCredits.toInt256() -
creditBalances[_account].toInt256();
creditBalances[_account] = newCredits;
} else {
_autoMigrate(_account);
uint256 alternativeCreditsPerTokenMem = alternativeCreditsPerToken[
_account
];
if (alternativeCreditsPerTokenMem > 0) {
nonRebasingSupplyDiff = _balanceChange;
if (alternativeCreditsPerTokenMem != 1e18) {
alternativeCreditsPerToken[_account] = 1e18;
}
creditBalances[_account] = newBalance;
} else {
uint256 newCredits = _balanceToRebasingCredits(newBalance);
rebasingCreditsDiff =
newCredits.toInt256() -
creditBalances[_account].toInt256();
creditBalances[_account] = newCredits;
}
}
}
function _adjustGlobals(
int256 _rebasingCreditsDiff,
int256 _nonRebasingSupplyDiff
) internal {
if (_rebasingCreditsDiff != 0) {
rebasingCredits_ = (rebasingCredits_.toInt256() +
_rebasingCreditsDiff).toUint256();
}
if (_nonRebasingSupplyDiff != 0) {
nonRebasingSupply = (nonRebasingSupply.toInt256() +
_nonRebasingSupplyDiff).toUint256();
}
}
/**
* @notice Function to check the amount of tokens that _owner has allowed
* to `_spender`.
* @param _owner The address which owns the funds.
* @param _spender The address which will spend the funds.
* @return The number of tokens still available for the _spender.
*/
function allowance(address _owner, address _spender)
external
view
returns (uint256)
{
return allowances[_owner][_spender];
}
/**
* @notice Approve the passed address to spend the specified amount of
* tokens on behalf of msg.sender.
* @param _spender The address which will spend the funds.
* @param _value The amount of tokens to be spent.
* @return true on success.
*/
function approve(address _spender, uint256 _value) external returns (bool) {
allowances[msg.sender][_spender] = _value;
emit Approval(msg.sender, _spender, _value);
return true;
}
/**
* @notice Creates `_amount` tokens and assigns them to `_account`,
* increasing the total supply.
*/
function mint(address _account, uint256 _amount) external onlyVault {
require(_account != address(0), "Mint to the zero address");
// Account
(
int256 toRebasingCreditsDiff,
int256 toNonRebasingSupplyDiff
) = _adjustAccount(_account, _amount.toInt256());
// Globals
_adjustGlobals(toRebasingCreditsDiff, toNonRebasingSupplyDiff);
totalSupply = totalSupply + _amount;
require(totalSupply < MAX_SUPPLY, "Max supply");
emit Transfer(address(0), _account, _amount);
}
/**
* @notice Destroys `_amount` tokens from `_account`,
* reducing the total supply.
*/
function burn(address _account, uint256 _amount) external onlyVault {
require(_account != address(0), "Burn from the zero address");
if (_amount == 0) {
return;
}
// Account
(
int256 toRebasingCreditsDiff,
int256 toNonRebasingSupplyDiff
) = _adjustAccount(_account, -_amount.toInt256());
// Globals
_adjustGlobals(toRebasingCreditsDiff, toNonRebasingSupplyDiff);
totalSupply = totalSupply - _amount;
emit Transfer(_account, address(0), _amount);
}
/**
* @dev Get the credits per token for an account. Returns a fixed amount
* if the account is non-rebasing.
* @param _account Address of the account.
*/
function _creditsPerToken(address _account)
internal
view
returns (uint256)
{
uint256 alternativeCreditsPerTokenMem = alternativeCreditsPerToken[
_account
];
if (alternativeCreditsPerTokenMem != 0) {
return alternativeCreditsPerTokenMem;
} else {
return rebasingCreditsPerToken_;
}
}
/**
* @dev Auto migrate contracts to be non rebasing,
* unless they have opted into yield.
* @param _account Address of the account.
*/
function _autoMigrate(address _account) internal {
bool isContract = _account.code.length > 0;
// In previous code versions, contracts would not have had their
// rebaseState[_account] set to RebaseOptions.NonRebasing when migrated
// therefore we check the actual accounting used on the account instead.
if (
isContract &&
rebaseState[_account] == RebaseOptions.NotSet &&
alternativeCreditsPerToken[_account] == 0
) {
_rebaseOptOut(_account);
}
}
/**
* @dev Calculates credits from contract's global rebasingCreditsPerToken_, and
* also balance that corresponds to those credits. The latter is important
* when adjusting the contract's global nonRebasingSupply to circumvent any
* possible rounding errors.
*
* @param _balance Balance of the account.
*/
function _balanceToRebasingCredits(uint256 _balance)
internal
view
returns (uint256 rebasingCredits)
{
// Rounds up, because we need to ensure that accounts always have
// at least the balance that they should have.
// Note this should always be used on an absolute account value,
// not on a possibly negative diff, because then the rounding would be wrong.
return ((_balance) * rebasingCreditsPerToken_ + 1e18 - 1) / 1e18;
}
/**
* @notice The calling account will start receiving yield after a successful call.
* @param _account Address of the account.
*/
function governanceRebaseOptIn(address _account) external onlyGovernor {
require(_account != address(0), "Zero address not allowed");
_rebaseOptIn(_account);
}
/**
* @notice The calling account will start receiving yield after a successful call.
*/
function rebaseOptIn() external {
_rebaseOptIn(msg.sender);
}
function _rebaseOptIn(address _account) internal {
uint256 balance = balanceOf(_account);
// prettier-ignore
require(
alternativeCreditsPerToken[_account] > 0 ||
// Accounts may explicitly `rebaseOptIn` regardless of
// accounting if they have a 0 balance.
creditBalances[_account] == 0
,
"Account must be non-rebasing"
);
RebaseOptions state = rebaseState[_account];
// prettier-ignore
require(
state == RebaseOptions.StdNonRebasing ||
state == RebaseOptions.NotSet,
"Only standard non-rebasing accounts can opt in"
);
uint256 newCredits = _balanceToRebasingCredits(balance);
// Account
rebaseState[_account] = RebaseOptions.StdRebasing;
alternativeCreditsPerToken[_account] = 0;
creditBalances[_account] = newCredits;
// Globals
_adjustGlobals(newCredits.toInt256(), -balance.toInt256());
emit AccountRebasingEnabled(_account);
}
/**
* @notice The calling account will no longer receive yield
*/
function rebaseOptOut() external {
_rebaseOptOut(msg.sender);
}
function _rebaseOptOut(address _account) internal {
require(
alternativeCreditsPerToken[_account] == 0,
"Account must be rebasing"
);
RebaseOptions state = rebaseState[_account];
require(
state == RebaseOptions.StdRebasing || state == RebaseOptions.NotSet,
"Only standard rebasing accounts can opt out"
);
uint256 oldCredits = creditBalances[_account];
uint256 balance = balanceOf(_account);
// Account
rebaseState[_account] = RebaseOptions.StdNonRebasing;
alternativeCreditsPerToken[_account] = 1e18;
creditBalances[_account] = balance;
// Globals
_adjustGlobals(-oldCredits.toInt256(), balance.toInt256());
emit AccountRebasingDisabled(_account);
}
/**
* @notice Distribute yield to users. This changes the exchange rate
* between "credits" and OUSD tokens to change rebasing user's balances.
* @param _newTotalSupply New total supply of OUSD.
*/
function changeSupply(uint256 _newTotalSupply) external onlyVault {
require(totalSupply > 0, "Cannot increase 0 supply");
if (totalSupply == _newTotalSupply) {
emit TotalSupplyUpdatedHighres(
totalSupply,
rebasingCredits_,
rebasingCreditsPerToken_
);
return;
}
totalSupply = _newTotalSupply > MAX_SUPPLY
? MAX_SUPPLY
: _newTotalSupply;
uint256 rebasingSupply = totalSupply - nonRebasingSupply;
// round up in the favour of the protocol
rebasingCreditsPerToken_ =
(rebasingCredits_ * 1e18 + rebasingSupply - 1) /
rebasingSupply;
require(rebasingCreditsPerToken_ > 0, "Invalid change in supply");
emit TotalSupplyUpdatedHighres(
totalSupply,
rebasingCredits_,
rebasingCreditsPerToken_
);
}
/*
* @notice Send the yield from one account to another account.
* Each account keeps its own balances.
*/
function delegateYield(address _from, address _to) external onlyGovernor {
require(_from != address(0), "Zero from address not allowed");
require(_to != address(0), "Zero to address not allowed");
require(_from != _to, "Cannot delegate to self");
require(
yieldFrom[_to] == address(0) &&
yieldTo[_to] == address(0) &&
yieldFrom[_from] == address(0) &&
yieldTo[_from] == address(0),
"Blocked by existing yield delegation"
);
RebaseOptions stateFrom = rebaseState[_from];
RebaseOptions stateTo = rebaseState[_to];
require(
stateFrom == RebaseOptions.NotSet ||
stateFrom == RebaseOptions.StdNonRebasing ||
stateFrom == RebaseOptions.StdRebasing,
"Invalid rebaseState from"
);
require(
stateTo == RebaseOptions.NotSet ||
stateTo == RebaseOptions.StdNonRebasing ||
stateTo == RebaseOptions.StdRebasing,
"Invalid rebaseState to"
);
if (alternativeCreditsPerToken[_from] == 0) {
_rebaseOptOut(_from);
}
if (alternativeCreditsPerToken[_to] > 0) {
_rebaseOptIn(_to);
}
uint256 fromBalance = balanceOf(_from);
uint256 toBalance = balanceOf(_to);
uint256 oldToCredits = creditBalances[_to];
uint256 newToCredits = _balanceToRebasingCredits(
fromBalance + toBalance
);
// Set up the bidirectional links
yieldTo[_from] = _to;
yieldFrom[_to] = _from;
// Local
rebaseState[_from] = RebaseOptions.YieldDelegationSource;
alternativeCreditsPerToken[_from] = 1e18;
creditBalances[_from] = fromBalance;
rebaseState[_to] = RebaseOptions.YieldDelegationTarget;
creditBalances[_to] = newToCredits;
// Global
int256 creditsChange = newToCredits.toInt256() -
oldToCredits.toInt256();
_adjustGlobals(creditsChange, -(fromBalance).toInt256());
emit YieldDelegated(_from, _to);
}
/*
* @notice Stop sending the yield from one account to another account.
*/
function undelegateYield(address _from) external onlyGovernor {
// Require a delegation, which will also ensure a valid delegation
require(yieldTo[_from] != address(0), "Zero address not allowed");
address to = yieldTo[_from];
uint256 fromBalance = balanceOf(_from);
uint256 toBalance = balanceOf(to);
uint256 oldToCredits = creditBalances[to];
uint256 newToCredits = _balanceToRebasingCredits(toBalance);
// Remove the bidirectional links
yieldFrom[to] = address(0);
yieldTo[_from] = address(0);
// Local
rebaseState[_from] = RebaseOptions.StdNonRebasing;
// alternativeCreditsPerToken[from] already 1e18 from `delegateYield()`
creditBalances[_from] = fromBalance;
rebaseState[to] = RebaseOptions.StdRebasing;
// alternativeCreditsPerToken[to] already 0 from `delegateYield()`
creditBalances[to] = newToCredits;
// Global
int256 creditsChange = newToCredits.toInt256() -
oldToCredits.toInt256();
_adjustGlobals(creditsChange, fromBalance.toInt256());
emit YieldUndelegated(_from, to);
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import { ERC4626 } from "../../lib/openzeppelin/contracts/token/ERC20/extensions/ERC4626.sol";
import { ERC20 } from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import { IERC20 } from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import { IERC20Metadata } from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { SafeERC20 } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import { Governable } from "../governance/Governable.sol";
import { Initializable } from "../utils/Initializable.sol";
import { OSonic } from "./OSonic.sol";
/**
* @title Wrapped Origin Sonic (wOS) token on Sonic
* @author Origin Protocol Inc
*/
contract WOSonic is ERC4626, Governable, Initializable {
using SafeERC20 for IERC20;
constructor(
ERC20 underlying_,
string memory name_,
string memory symbol_
) ERC20(name_, symbol_) ERC4626(underlying_) Governable() {}
/**
* @notice Enable Origin Sonic rebasing for this contract
*/
function initialize() external onlyGovernor initializer {
OSonic(address(asset())).rebaseOptIn();
}
function name()
public
view
virtual
override(ERC20, IERC20Metadata)
returns (string memory)
{
return "Wrapped Origin Sonic";
}
function symbol()
public
view
virtual
override(ERC20, IERC20Metadata)
returns (string memory)
{
return "wOS";
}
/**
* @notice Transfer token to governor. Intended for recovering tokens stuck in
* contract, i.e. mistaken sends. Cannot transfer Origin S
* @param asset_ Address for the asset
* @param amount_ Amount of the asset to transfer
*/
function transferToken(address asset_, uint256 amount_)
external
onlyGovernor
{
require(asset_ != address(asset()), "Cannot collect OS");
IERC20(asset_).safeTransfer(governor(), amount_);
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/**
* @title Base contract any contracts that need to initialize state after deployment.
* @author Origin Protocol Inc
*/
abstract contract Initializable {
/**
* @dev Indicates that the contract has been initialized.
*/
bool private initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool private initializing;
/**
* @dev Modifier to protect an initializer function from being invoked twice.
*/
modifier initializer() {
require(
initializing || !initialized,
"Initializable: contract is already initialized"
);
bool isTopLevelCall = !initializing;
if (isTopLevelCall) {
initializing = true;
initialized = true;
}
_;
if (isTopLevelCall) {
initializing = false;
}
}
uint256[50] private ______gap;
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import { IERC4626 } from "../../../../interfaces/IERC4626.sol";
import { ERC20 } from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import { SafeERC20 } from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import { IERC20Metadata } from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
// From Open Zeppelin draft PR commit:
// fac43034dca85ff539db3fc8aa2a7084b843d454
// https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3171
abstract contract ERC4626 is ERC20, IERC4626 {
IERC20Metadata private immutable _asset;
constructor(IERC20Metadata __asset) {
_asset = __asset;
}
/** @dev See {IERC4262-asset} */
function asset() public view virtual override returns (address) {
return address(_asset);
}
/** @dev See {IERC4262-totalAssets} */
function totalAssets() public view virtual override returns (uint256) {
return _asset.balanceOf(address(this));
}
/**
* @dev See {IERC4262-convertToShares}
*
* Will revert if asserts > 0, totalSupply > 0 and totalAssets = 0. That corresponds to a case where any asset
* would represent an infinite amout of shares.
*/
function convertToShares(uint256 assets) public view virtual override returns (uint256 shares) {
uint256 supply = totalSupply();
return
(assets == 0 || supply == 0)
? (assets * 10**decimals()) / 10**_asset.decimals()
: (assets * supply) / totalAssets();
}
/** @dev See {IERC4262-convertToAssets} */
function convertToAssets(uint256 shares) public view virtual override returns (uint256 assets) {
uint256 supply = totalSupply();
return (supply == 0) ? (shares * 10**_asset.decimals()) / 10**decimals() : (shares * totalAssets()) / supply;
}
/** @dev See {IERC4262-maxDeposit} */
function maxDeposit(address) public view virtual override returns (uint256) {
return type(uint256).max;
}
/** @dev See {IERC4262-maxMint} */
function maxMint(address) public view virtual override returns (uint256) {
return type(uint256).max;
}
/** @dev See {IERC4262-maxWithdraw} */
function maxWithdraw(address owner) public view virtual override returns (uint256) {
return convertToAssets(balanceOf(owner));
}
/** @dev See {IERC4262-maxRedeem} */
function maxRedeem(address owner) public view virtual override returns (uint256) {
return balanceOf(owner);
}
/** @dev See {IERC4262-previewDeposit} */
function previewDeposit(uint256 assets) public view virtual override returns (uint256) {
return convertToShares(assets);
}
/** @dev See {IERC4262-previewMint} */
function previewMint(uint256 shares) public view virtual override returns (uint256) {
uint256 assets = convertToAssets(shares);
return assets + (convertToShares(assets) < shares ? 1 : 0);
}
/** @dev See {IERC4262-previewWithdraw} */
function previewWithdraw(uint256 assets) public view virtual override returns (uint256) {
uint256 shares = convertToShares(assets);
return shares + (convertToAssets(shares) < assets ? 1 : 0);
}
/** @dev See {IERC4262-previewRedeem} */
function previewRedeem(uint256 shares) public view virtual override returns (uint256) {
return convertToAssets(shares);
}
/** @dev See {IERC4262-deposit} */
function deposit(uint256 assets, address receiver) public virtual override returns (uint256) {
require(assets <= maxDeposit(receiver), "ERC4626: deposit more then max");
address caller = _msgSender();
uint256 shares = previewDeposit(assets);
// if _asset is ERC777, transferFrom can call reenter BEFORE the transfer happens through
// the tokensToSend hook, so we need to transfer before we mint to keep the invariants.
SafeERC20.safeTransferFrom(_asset, caller, address(this), assets);
_mint(receiver, shares);
emit Deposit(caller, receiver, assets, shares);
return shares;
}
/** @dev See {IERC4262-mint} */
function mint(uint256 shares, address receiver) public virtual override returns (uint256) {
require(shares <= maxMint(receiver), "ERC4626: mint more then max");
address caller = _msgSender();
uint256 assets = previewMint(shares);
// if _asset is ERC777, transferFrom can call reenter BEFORE the transfer happens through
// the tokensToSend hook, so we need to transfer before we mint to keep the invariants.
SafeERC20.safeTransferFrom(_asset, caller, address(this), assets);
_mint(receiver, shares);
emit Deposit(caller, receiver, assets, shares);
return assets;
}
/** @dev See {IERC4262-withdraw} */
function withdraw(
uint256 assets,
address receiver,
address owner
) public virtual override returns (uint256) {
require(assets <= maxWithdraw(owner), "ERC4626: withdraw more then max");
address caller = _msgSender();
uint256 shares = previewWithdraw(assets);
if (caller != owner) {
_spendAllowance(owner, caller, shares);
}
// if _asset is ERC777, transfer can call reenter AFTER the transfer happens through
// the tokensReceived hook, so we need to transfer after we burn to keep the invariants.
_burn(owner, shares);
SafeERC20.safeTransfer(_asset, receiver, assets);
emit Withdraw(caller, receiver, owner, assets, shares);
return shares;
}
/** @dev See {IERC4262-redeem} */
function redeem(
uint256 shares,
address receiver,
address owner
) public virtual override returns (uint256) {
require(shares <= maxRedeem(owner), "ERC4626: redeem more then max");
address caller = _msgSender();
uint256 assets = previewRedeem(shares);
if (caller != owner) {
_spendAllowance(owner, caller, shares);
}
// if _asset is ERC777, transfer can call reenter AFTER the transfer happens through
// the tokensReceived hook, so we need to transfer after we burn to keep the invariants.
_burn(owner, shares);
SafeERC20.safeTransfer(_asset, receiver, assets);
emit Withdraw(caller, receiver, owner, assets, shares);
return assets;
}
// Included here, since this method was not yet present in
// the version of Open Zeppelin ERC20 code we use.
function _spendAllowance(
address owner,
address spender,
uint256 amount
) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
require(currentAllowance >= amount, "ERC20: insufficient allowance");
unchecked {
_approve(owner, spender, currentAllowance - amount);
}
}
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import { IERC20Metadata } from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import { IERC20 } from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
interface IERC4626 is IERC20, IERC20Metadata {
event Deposit(address indexed caller, address indexed owner, uint256 assets, uint256 shares);
event Withdraw(
address indexed caller,
address indexed receiver,
address indexed owner,
uint256 assets,
uint256 shares
);
/**
* @dev Returns the address of the underlying token used for the Vault for accounting, depositing, and withdrawing.
*
* - MUST be an ERC-20 token contract.
* - MUST NOT revert.
*/
function asset() external view returns (address assetTokenAddress);
/**
* @dev Returns the total amount of the underlying asset that is “managed” by Vault.
*
* - SHOULD include any compounding that occurs from yield.
* - MUST be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT revert.
*/
function totalAssets() external view returns (uint256 totalManagedAssets);
/**
* @dev Returns the amount of shares that the Vault would exchange for the amount of assets provided, in an ideal
* scenario where all the conditions are met.
*
* - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT show any variations depending on the caller.
* - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
* - MUST NOT revert.
*
* NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
* “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
* from.
*/
function convertToShares(uint256 assets) external view returns (uint256 shares);
/**
* @dev Returns the amount of assets that the Vault would exchange for the amount of shares provided, in an ideal
* scenario where all the conditions are met.
*
* - MUST NOT be inclusive of any fees that are charged against assets in the Vault.
* - MUST NOT show any variations depending on the caller.
* - MUST NOT reflect slippage or other on-chain conditions, when performing the actual exchange.
* - MUST NOT revert.
*
* NOTE: This calculation MAY NOT reflect the “per-user” price-per-share, and instead should reflect the
* “average-user’s” price-per-share, meaning what the average user should expect to see when exchanging to and
* from.
*/
function convertToAssets(uint256 shares) external view returns (uint256 assets);
/**
* @dev Returns the maximum amount of the underlying asset that can be deposited into the Vault for the receiver,
* through a deposit call.
*
* - MUST return a limited value if receiver is subject to some deposit limit.
* - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of assets that may be deposited.
* - MUST NOT revert.
*/
function maxDeposit(address receiver) external view returns (uint256 maxAssets);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their deposit at the current block, given
* current on-chain conditions.
*
* - MUST return as close to and no more than the exact amount of Vault shares that would be minted in a deposit
* call in the same transaction. I.e. deposit should return the same or more shares as previewDeposit if called
* in the same transaction.
* - MUST NOT account for deposit limits like those returned from maxDeposit and should always act as though the
* deposit would be accepted, regardless if the user has enough tokens approved, etc.
* - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToShares and previewDeposit SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by depositing.
*/
function previewDeposit(uint256 assets) external view returns (uint256 shares);
/**
* @dev Mints shares Vault shares to receiver by depositing exactly amount of underlying tokens.
*
* - MUST emit the Deposit event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* deposit execution, and are accounted for during deposit.
* - MUST revert if all of assets cannot be deposited (due to deposit limit being reached, slippage, the user not
* approving enough underlying tokens to the Vault contract, etc).
*
* NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
*/
function deposit(uint256 assets, address receiver) external returns (uint256 shares);
/**
* @dev Returns the maximum amount of the Vault shares that can be minted for the receiver, through a mint call.
* - MUST return a limited value if receiver is subject to some mint limit.
* - MUST return 2 ** 256 - 1 if there is no limit on the maximum amount of shares that may be minted.
* - MUST NOT revert.
*/
function maxMint(address receiver) external view returns (uint256 maxShares);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their mint at the current block, given
* current on-chain conditions.
*
* - MUST return as close to and no fewer than the exact amount of assets that would be deposited in a mint call
* in the same transaction. I.e. mint should return the same or fewer assets as previewMint if called in the
* same transaction.
* - MUST NOT account for mint limits like those returned from maxMint and should always act as though the mint
* would be accepted, regardless if the user has enough tokens approved, etc.
* - MUST be inclusive of deposit fees. Integrators should be aware of the existence of deposit fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToAssets and previewMint SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by minting.
*/
function previewMint(uint256 shares) external view returns (uint256 assets);
/**
* @dev Mints exactly shares Vault shares to receiver by depositing amount of underlying tokens.
*
* - MUST emit the Deposit event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the mint
* execution, and are accounted for during mint.
* - MUST revert if all of shares cannot be minted (due to deposit limit being reached, slippage, the user not
* approving enough underlying tokens to the Vault contract, etc).
*
* NOTE: most implementations will require pre-approval of the Vault with the Vault’s underlying asset token.
*/
function mint(uint256 shares, address receiver) external returns (uint256 assets);
/**
* @dev Returns the maximum amount of the underlying asset that can be withdrawn from the owner balance in the
* Vault, through a withdraw call.
*
* - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
* - MUST NOT revert.
*/
function maxWithdraw(address owner) external view returns (uint256 maxAssets);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their withdrawal at the current block,
* given current on-chain conditions.
*
* - MUST return as close to and no fewer than the exact amount of Vault shares that would be burned in a withdraw
* call in the same transaction. I.e. withdraw should return the same or fewer shares as previewWithdraw if
* called
* in the same transaction.
* - MUST NOT account for withdrawal limits like those returned from maxWithdraw and should always act as though
* the withdrawal would be accepted, regardless if the user has enough shares, etc.
* - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToShares and previewWithdraw SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by depositing.
*/
function previewWithdraw(uint256 assets) external view returns (uint256 shares);
/**
* @dev Burns shares from owner and sends exactly assets of underlying tokens to receiver.
*
* - MUST emit the Withdraw event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* withdraw execution, and are accounted for during withdraw.
* - MUST revert if all of assets cannot be withdrawn (due to withdrawal limit being reached, slippage, the owner
* not having enough shares, etc).
*
* Note that some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
* Those methods should be performed separately.
*/
function withdraw(
uint256 assets,
address receiver,
address owner
) external returns (uint256 shares);
/**
* @dev Returns the maximum amount of Vault shares that can be redeemed from the owner balance in the Vault,
* through a redeem call.
*
* - MUST return a limited value if owner is subject to some withdrawal limit or timelock.
* - MUST return balanceOf(owner) if owner is not subject to any withdrawal limit or timelock.
* - MUST NOT revert.
*/
function maxRedeem(address owner) external view returns (uint256 maxShares);
/**
* @dev Allows an on-chain or off-chain user to simulate the effects of their redeemption at the current block,
* given current on-chain conditions.
*
* - MUST return as close to and no more than the exact amount of assets that would be withdrawn in a redeem call
* in the same transaction. I.e. redeem should return the same or more assets as previewRedeem if called in the
* same transaction.
* - MUST NOT account for redemption limits like those returned from maxRedeem and should always act as though the
* redemption would be accepted, regardless if the user has enough shares, etc.
* - MUST be inclusive of withdrawal fees. Integrators should be aware of the existence of withdrawal fees.
* - MUST NOT revert.
*
* NOTE: any unfavorable discrepancy between convertToAssets and previewRedeem SHOULD be considered slippage in
* share price or some other type of condition, meaning the depositor will lose assets by redeeming.
*/
function previewRedeem(uint256 shares) external view returns (uint256 assets);
/**
* @dev Burns exactly shares from owner and sends assets of underlying tokens to receiver.
*
* - MUST emit the Withdraw event.
* - MAY support an additional flow in which the underlying tokens are owned by the Vault contract before the
* redeem execution, and are accounted for during redeem.
* - MUST revert if all of shares cannot be redeemed (due to withdrawal limit being reached, slippage, the owner
* not having enough shares, etc).
*
* NOTE: some implementations will require pre-requesting to the Vault before a withdrawal may be performed.
* Those methods should be performed separately.
*/
function redeem(
uint256 shares,
address receiver,
address owner
) external returns (uint256 assets);
}