Contract Source Code:
File 1 of 1 : STONER404
//SPDX-License-Identifier: UNLICENSED AND MIT
pragma solidity ^0.8.0;
/**
* @dev Standard signed math utilities missing in the Solidity language.
*/
library SignedMath {
/**
* @dev Returns the largest of two signed numbers.
*/
function max(int256 a, int256 b) internal pure returns (int256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two signed numbers.
*/
function min(int256 a, int256 b) internal pure returns (int256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two signed numbers without overflow.
* The result is rounded towards zero.
*/
function average(int256 a, int256 b) internal pure returns (int256) {
// Formula from the book "Hacker's Delight"
int256 x = (a & b) + ((a ^ b) >> 1);
return x + (int256(uint256(x) >> 255) & (a ^ b));
}
/**
* @dev Returns the absolute unsigned value of a signed value.
*/
function abs(int256 n) internal pure returns (uint256) {
unchecked {
// must be unchecked in order to support `n = type(int256).min`
return uint256(n >= 0 ? n : -n);
}
}
}
// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/IERC165.sol)
/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/ERC165.sol)
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*/
abstract contract ERC165 is IERC165 {
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}
abstract contract Ownable {
event OwnershipTransferred(address indexed user, address indexed newOwner);
error Unauthorized();
error InvalidOwner();
address public owner;
modifier onlyOwner() virtual {
if (msg.sender != owner) revert Unauthorized();
_;
}
constructor(address _owner) {
if (_owner == address(0)) revert InvalidOwner();
owner = _owner;
emit OwnershipTransferred(address(0), _owner);
}
function transferOwnership(address _owner) public virtual onlyOwner {
if (_owner == address(0)) revert InvalidOwner();
owner = _owner;
emit OwnershipTransferred(msg.sender, _owner);
}
function revokeOwnership() public virtual onlyOwner {
owner = address(0);
emit OwnershipTransferred(msg.sender, address(0));
}
}
// "Fantom is Really Cool"
abstract contract STONER is Ownable {
// Events
event ERC20Transfer(
address indexed from,
address indexed to,
uint256 amount
);
event Approval(
address indexed owner,
address indexed spender,
uint256 amount
);
event Transfer(
address indexed from,
address indexed to,
uint256 indexed id
);
event ERC721Approval(
address indexed owner,
address indexed spender,
uint256 indexed id
);
event ApprovalForAll(
address indexed owner,
address indexed operator,
bool approved
);
// Errors
error NotFound();
error AlreadyExists();
error InvalidRecipient();
error InvalidSender();
error UnsafeRecipient();
// Metadata
/// @dev Token name
string public name;
/// @dev Token symbol
string public symbol;
/// @dev Decimals for fractional representation
uint8 public immutable decimals;
/// @dev Total supply in fractionalized representation
uint256 public immutable totalSupply;
/// @dev Total supply in NFT representation
uint256 public immutable totalNativeSupply;
/// @dev Current mint counter, monotonically increasing to ensure accurate ownership
uint256 public minted;
// Mappings
/// @dev Balance of user in fractional representation
mapping(address => uint256) public balanceOf;
/// @dev Allowance of user in fractional representation
mapping(address => mapping(address => uint256)) public allowance;
/// @dev Approval in native representaion
mapping(uint256 => address) public getApproved;
/// @dev Approval for all in native representation
mapping(address => mapping(address => bool)) public isApprovedForAll;
/// @dev Owner of id in native representation
mapping(uint256 => address) internal _ownerOf;
/// @dev Array of owned ids in native representation
mapping(address => uint256[]) internal _owned;
mapping(address => uint256[]) internal _contractOwned;
/// @dev Tracks indices for the _owned mapping
mapping(uint256 => uint256) internal _ownedIndex;
/// @dev Addresses whitelisted from minting / burning for gas savings (pairs, routers, etc)
mapping(address => bool) public whitelist;
/// @dev Holds the IDs of NFTs that have been burned so that they can be re-used
uint256[] public availableIds;
// Constructor
constructor(
string memory _name,
string memory _symbol,
uint8 _decimals,
uint256 _totalNativeSupply,
address _owner
) Ownable(_owner) {
name = _name;
symbol = _symbol;
decimals = _decimals;
totalNativeSupply = _totalNativeSupply;
totalSupply = _totalNativeSupply * (10**decimals);
}
/// @notice Initialization function to set pairs / etc
/// saving gas by avoiding mint / burn on unnecessary targets
function setWhitelist(address target, bool state) public onlyOwner {
whitelist[target] = state;
}
/// @notice Function to find owner of a given native token
function ownerOf(uint256 id) public view virtual returns (address owner) {
owner = _ownerOf[id];
if (owner == address(0)) {
revert NotFound();
}
}
function totalAvailableIds() public view returns (uint256) {
return availableIds.length;
}
function totalNFTsOwned(address owner) public view returns (uint256) {
return _owned[owner].length;
}
/// @notice tokenURI must be implemented by child contract
function tokenURI(uint256 id) public view virtual returns (string memory);
/// @notice Function for token approvals
/// @dev This function assumes id / native if amount less than or equal to current max id
function approve(address spender, uint256 amountOrId)
public
virtual
returns (bool)
{
if (amountOrId <= minted && amountOrId > 0) {
address owner = _ownerOf[amountOrId];
if (msg.sender != owner && !isApprovedForAll[owner][msg.sender]) {
revert Unauthorized();
}
getApproved[amountOrId] = spender;
emit Approval(owner, spender, amountOrId);
} else {
allowance[msg.sender][spender] = amountOrId;
emit Approval(msg.sender, spender, amountOrId);
}
return true;
}
/// @notice Function native approvals
function setApprovalForAll(address operator, bool approved) public virtual {
isApprovedForAll[msg.sender][operator] = approved;
emit ApprovalForAll(msg.sender, operator, approved);
}
/// @notice Function for mixed transfers
/// @dev This function assumes id / native if amount less than or equal to current max id
function transferFrom(
address from,
address to,
uint256 amount
) public returns (bool) {
uint256 allowed = allowance[from][msg.sender];
require(allowed >= amount, "Not enough allowance.");
if (allowed != type(uint256).max)
allowance[from][msg.sender] = allowed - amount;
_transfer(from, to, amount);
return true;
}
/// @notice Function for fractional transfers
function transfer(address to, uint256 amount)
public
virtual
returns (bool)
{
return _transfer(msg.sender, to, amount);
}
/// @notice Function for native transfers with contract support
function safeTransferFrom(
address from,
address to,
uint256 id
) public virtual {
_nftTransferFrom(msg.sender, from, to, id);
if (
to.code.length != 0 &&
ERC721Receiver(to).onERC721Received(msg.sender, from, id, "") !=
ERC721Receiver.onERC721Received.selector
) {
revert UnsafeRecipient();
}
}
/// @notice Function for native transfers with contract support and callback data
function safeTransferFrom(
address from,
address to,
uint256 id,
bytes calldata data
) public virtual {
_nftTransferFrom(msg.sender, from, to, id);
if (
to.code.length != 0 &&
ERC721Receiver(to).onERC721Received(msg.sender, from, id, data) !=
ERC721Receiver.onERC721Received.selector
) {
revert UnsafeRecipient();
}
}
// testing only: delete before deploy
function contractTokenBalance(address _contract)
public
view
returns (uint256)
{
return
balanceOf[_contract] -
(_contractOwned[_contract].length * _getUnit());
}
function contractNFTBalance(address _contract)
public
view
returns (uint256)
{
return _contractOwned[_contract].length;
}
function enoughTokenBalance(address _contract, uint256 amount)
public
view
returns (bool)
{
uint256 tokenBalance = balanceOf[_contract] -
(_contractOwned[_contract].length * _getUnit());
return tokenBalance >= amount;
}
/// @notice Internal function for fractional transfers
function _transfer(
address from,
address to,
uint256 amount
) internal returns (bool) {
_beforeTokenTransfer(from, to, amount);
uint256 unit = _getUnit();
uint256 balanceBeforeSender = balanceOf[from];
uint256 balanceBeforeReceiver = balanceOf[to];
if (_isContract(from)) {
uint256 tokenBalance = balanceBeforeSender -
(_contractOwned[from].length * unit);
require(tokenBalance >= amount, "Not enough token balance.");
}
balanceOf[from] -= amount;
unchecked {
balanceOf[to] += amount;
}
// Skip burn for certain addresses to save gas
// Skip minting to smart contracts
if (!_shouldSkip(from) || _owned[from].length > 0) {
uint256 nftsToBurn = (balanceBeforeSender / unit) -
(balanceOf[from] / unit);
for (uint256 i = 0; i < nftsToBurn; i++) {
_burnNFT(from);
}
}
// Skip minting for certain addresses to save gas
// Skip burning from smart contracts
if (!_shouldSkip(to)) {
uint256 nftsToMint = (balanceOf[to] / unit) -
(balanceBeforeReceiver / unit);
for (uint256 i = 0; i < nftsToMint; i++) {
_mintNFT(to);
}
}
emit ERC20Transfer(from, to, amount);
return true;
}
function _mint(address recipient, uint256 quantity) internal {
balanceOf[recipient] += quantity * _getUnit();
for (uint256 index = 0; index < quantity; index++) {
_mintNFT(recipient);
}
}
function _nftTransferFrom(
address msgSender,
address from,
address to,
uint256 id
) internal {
require(from == _ownerOf[id], "Sender is not owner of NFT.");
require(to != address(0), "Cannot send to null address.");
require(
msgSender == from ||
isApprovedForAll[from][msgSender] ||
msgSender == getApproved[id],
"Operator is not approved."
);
balanceOf[from] -= _getUnit();
unchecked {
balanceOf[to] += _getUnit();
}
_removeSpecificNFT(from, id);
_deliverNFT(to, id);
emit Transfer(from, to, id);
emit ERC20Transfer(from, to, _getUnit());
}
// Internal utility logic
function _getUnit() internal view returns (uint256) {
return 10**decimals;
}
function _mintNFT(address to) internal virtual {
if (to == address(0)) {
revert InvalidRecipient();
}
uint256 id;
if (availableIds.length == 0) {
unchecked {
minted++;
}
require(
minted <= totalNativeSupply,
"Cannot mint more than given supply."
);
id = minted;
} else {
id = availableIds[availableIds.length - 1];
availableIds.pop();
}
if (_ownerOf[id] != address(0)) {
revert AlreadyExists();
}
_deliverNFT(to, id);
emit Transfer(address(0), to, id);
}
function _burnNFT(address from) internal virtual {
if (from == address(0)) {
revert InvalidSender();
}
// Indiscriminantly burn last NFT in list of owned NFTs for `from`
uint256 id = _owned[from][_owned[from].length - 1];
_owned[from].pop();
delete _ownedIndex[id];
delete _ownerOf[id];
delete getApproved[id];
availableIds.push(id);
emit Transfer(from, address(0), id);
}
function _removeSpecificNFT(address from, uint256 id) private {
uint256 lastId;
if (_isContract(from)) {
lastId = _contractOwned[from][_contractOwned[from].length - 1];
_contractOwned[from][_ownedIndex[id]] = lastId;
_contractOwned[from].pop();
} else {
lastId = _owned[from][_owned[from].length - 1];
_owned[from][_ownedIndex[id]] = lastId;
_owned[from].pop();
}
_ownedIndex[lastId] = _ownedIndex[id];
delete getApproved[id];
}
function _deliverNFT(address to, uint256 id) private {
_ownerOf[id] = to;
if (_isContract(to)) {
_contractOwned[to].push(id);
_ownedIndex[id] = _contractOwned[to].length - 1;
} else {
_owned[to].push(id);
_ownedIndex[id] = _owned[to].length - 1;
}
}
function _setNameSymbol(string memory _name, string memory _symbol)
internal
{
name = _name;
symbol = _symbol;
}
function _shouldSkip(address a) private view returns (bool) {
return whitelist[a] || _isContract(a);
}
function _isContract(address a) private view returns (bool result) {
assembly {
result := extcodesize(a)
}
}
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
}
contract STONER404 is STONER, ERC165 {
string public baseTokenURI;
uint256 public maxMintable;
uint256 public royaltyAmount;
uint256 public maxMintPerTx;
uint256 public price;
address public royaltyReceiver;
mapping(uint256 => mapping(address => uint256)) public phaseMintsRemaining;
uint256 public phases;
uint256 public phaseDuration;
bool public paused;
bytes4 private constant _INTERFACE_ID_ERC2981 = 0x2a55205a;
bool private _mintActive;
uint256 public startTime;
constructor(
address _owner,
uint256 _startTime
) STONER("STONER404", "$STONER", 18, 420, _owner) {
balanceOf[_owner] = 0 ether;
whitelist[_owner] = true;
price = 10 ether;
maxMintable = 420;
royaltyAmount = 250;
_mintActive = false;
maxMintPerTx = 420;
startTime = _startTime;
paused = false;
royaltyReceiver = _owner;
baseTokenURI = "ipfs://bafybeibrmm2ovy7aj3sqng256u3bzc2lvtywsmast5glwxs63actlbkenq/";
phaseDuration = 600; // 10 minutes for each phase
phases = 2;
}
function tokenURI(uint256 id) public view override returns (string memory) {
return string.concat(baseTokenURI, Strings.toString(id));
}
function hasPhaseAccess(
uint256 phase,
address account
) public view returns (bool) {
return phaseMintsRemaining[phase][account] > 0;
}
function canMintAmountInPhase(
uint256 phase,
address account,
uint256 quantity
) public view returns (bool) {
return phaseMintsRemaining[phase][account] >= quantity;
}
function activePhase() public view returns (uint256) {
if (!mintHasStarted()) {
return 0;
} else {
uint256 secondsPastStart = block.timestamp - startTime;
uint256 phase = (secondsPastStart / phaseDuration) + 1;
if (phase > phases) {
return phases + 1; // +1 for public
} else {
return phase;
}
}
}
function mintHasStarted() public view returns (bool) {
return block.timestamp >= startTime;
}
function secondsUntilStart() public view returns (uint256) {
if (!mintHasStarted()) {
return startTime - block.timestamp;
} else {
return 0;
}
}
function mintActive() public view returns (bool) {
return _mintActive || (block.timestamp >= startTime); // use timer w/ability to override
}
function mint(uint256 quantity) public payable {
require(mintActive(), "Minting is not active.");
require(!paused);
require(quantity <= maxMintPerTx, "Cannot mint that many at once.");
require(minted + quantity <= maxMintable, "Finished minting.");
require(msg.value >= (quantity * price), "Not enough FTM sent.");
for (uint256 phase = 1; phase <= phases; phase++) {
if (activePhase() == phase) {
require(
canMintAmountInPhase(phase, msg.sender, quantity),
string.concat(
"Currently in phase ",
Strings.toString(phase),
"."
)
);
phaseMintsRemaining[phase][msg.sender] -= quantity;
}
}
if (msg.value > 0) {
payable(owner).transfer(msg.value);
}
_mint(msg.sender, quantity);
}
// ROYALTIES
function royaltyInfo(
uint256 _tokenId,
uint256 _salePrice
) external view returns (address receiver, uint256 amount) {
return (royaltyReceiver, ((_salePrice * royaltyAmount) / 10000));
}
function supportsInterface(
bytes4 interfaceId
) public view virtual override(ERC165) returns (bool) {
return
interfaceId == type(IERC721).interfaceId ||
interfaceId == type(IERC721Metadata).interfaceId ||
interfaceId == _INTERFACE_ID_ERC2981 ||
super.supportsInterface(interfaceId);
}
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual override {
super._beforeTokenTransfer(from, to, amount);
if (activePhase() <= phases) {
// still within a mint phase
require(
from == owner || to == owner,
"Cannot transfer until mint enters public."
);
return;
} else if (
block.timestamp < (startTime + (phases * phaseDuration) + 180)
) {
// 3 minutes of anti-whale when trading goes live
require(
balanceOf[to] <= ((5 * totalSupply) / 1000),
"No more than 0.5% at this stage."
);
return;
}
}
// admin
function ownerMint(address recipient, uint256 quantity) public onlyOwner {
_mint(recipient, quantity);
}
function grantPhaseAccess(
uint256 phase,
address[] memory accounts,
uint256 quantity
) public onlyOwner {
for (uint256 i = 0; i < accounts.length; i++) {
phaseMintsRemaining[phase][accounts[i]] += quantity;
}
}
function setPaused(bool _paused) public onlyOwner {
paused = _paused;
}
function setMintActive(bool mintActive_) public onlyOwner {
_mintActive = mintActive_;
}
function setRoyaltyReceiver(address _receiver) public onlyOwner {
royaltyReceiver = _receiver;
}
function setStartTime(uint256 _startTime) public onlyOwner {
startTime = _startTime;
}
function setRoyaltyAmount(uint256 _royaltyAmount) public onlyOwner {
royaltyAmount = _royaltyAmount;
}
function setBaseURI(string memory _baseURI) public onlyOwner {
baseTokenURI = _baseURI;
}
function setMaxPerTx(uint256 _maxMintPerTx) public onlyOwner {
maxMintPerTx = _maxMintPerTx;
}
function setPrice(uint256 _price) public onlyOwner {
price = _price;
}
}
abstract contract ERC721Receiver {
function onERC721Received(
address,
address,
uint256,
bytes calldata
) external virtual returns (bytes4) {
return ERC721Receiver.onERC721Received.selector;
}
}
// OpenZeppelin Contracts (last updated v5.0.0) (utils/Strings.sol)
/**
* @dev String operations.
*/
library Strings {
bytes16 private constant HEX_DIGITS = "0123456789abcdef";
uint8 private constant ADDRESS_LENGTH = 20;
/**
* @dev The `value` string doesn't fit in the specified `length`.
*/
error StringsInsufficientHexLength(uint256 value, uint256 length);
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/
function toString(uint256 value) internal pure returns (string memory) {
unchecked {
uint256 length = Math.log10(value) + 1;
string memory buffer = new string(length);
uint256 ptr;
/// @solidity memory-safe-assembly
assembly {
ptr := add(buffer, add(32, length))
}
while (true) {
ptr--;
/// @solidity memory-safe-assembly
assembly {
mstore8(ptr, byte(mod(value, 10), HEX_DIGITS))
}
value /= 10;
if (value == 0) break;
}
return buffer;
}
}
/**
* @dev Converts a `int256` to its ASCII `string` decimal representation.
*/
function toStringSigned(int256 value) internal pure returns (string memory) {
return string.concat(value < 0 ? "-" : "", toString(SignedMath.abs(value)));
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/
function toHexString(uint256 value) internal pure returns (string memory) {
unchecked {
return toHexString(value, Math.log256(value) + 1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
uint256 localValue = value;
bytes memory buffer = new bytes(2 * length + 2);
buffer[0] = "0";
buffer[1] = "x";
for (uint256 i = 2 * length + 1; i > 1; --i) {
buffer[i] = HEX_DIGITS[localValue & 0xf];
localValue >>= 4;
}
if (localValue != 0) {
revert StringsInsufficientHexLength(value, length);
}
return string(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal
* representation.
*/
function toHexString(address addr) internal pure returns (string memory) {
return toHexString(uint256(uint160(addr)), ADDRESS_LENGTH);
}
/**
* @dev Returns true if the two strings are equal.
*/
function equal(string memory a, string memory b) internal pure returns (bool) {
return bytes(a).length == bytes(b).length && keccak256(bytes(a)) == keccak256(bytes(b));
}
}
// OpenZeppelin Contracts (last updated v5.0.0) (utils/math/Math.sol)
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
/**
* @dev Muldiv operation overflow.
*/
error MathOverflowedMulDiv();
enum Rounding {
Floor, // Toward negative infinity
Ceil, // Toward positive infinity
Trunc, // Toward zero
Expand // Away from zero
}
/**
* @dev Returns the addition of two unsigned integers, with an overflow flag.
*/
function tryAdd(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
uint256 c = a + b;
if (c < a) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with an overflow flag.
*/
function trySub(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b > a) return (false, 0);
return (true, a - b);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with an overflow flag.
*/
function tryMul(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) return (true, 0);
uint256 c = a * b;
if (c / a != b) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the division of two unsigned integers, with a division by zero flag.
*/
function tryDiv(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b == 0) return (false, 0);
return (true, a / b);
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a division by zero flag.
*/
function tryMod(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b == 0) return (false, 0);
return (true, a % b);
}
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds towards infinity instead
* of rounding towards zero.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
if (b == 0) {
// Guarantee the same behavior as in a regular Solidity division.
return a / b;
}
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
* denominator == 0.
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
* Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0 = x * y; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
if (denominator <= prod1) {
revert MathOverflowedMulDiv();
}
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator.
// Always >= 1. See https://cs.stackexchange.com/q/138556/92363.
uint256 twos = denominator & (0 - denominator);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
// works in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded
* towards zero.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (unsignedRoundsUp(rounding) && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (unsignedRoundsUp(rounding) && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (unsignedRoundsUp(rounding) && 10 ** result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256 of a positive value rounded towards zero.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (unsignedRoundsUp(rounding) && 1 << (result << 3) < value ? 1 : 0);
}
}
/**
* @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.
*/
function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) {
return uint8(rounding) % 2 == 1;
}
}
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC721/IERC721.sol)
/**
* @dev Required interface of an ERC721 compliant contract.
*/
interface IERC721 is IERC165 {
/**
* @dev Emitted when `tokenId` token is transferred from `from` to `to`.
*/
event Transfer(address indexed from, address indexed to, uint256 indexed tokenId);
/**
* @dev Emitted when `owner` enables `approved` to manage the `tokenId` token.
*/
event Approval(address indexed owner, address indexed approved, uint256 indexed tokenId);
/**
* @dev Emitted when `owner` enables or disables (`approved`) `operator` to manage all of its assets.
*/
event ApprovalForAll(address indexed owner, address indexed operator, bool approved);
/**
* @dev Returns the number of tokens in ``owner``'s account.
*/
function balanceOf(address owner) external view returns (uint256 balance);
/**
* @dev Returns the owner of the `tokenId` token.
*
* Requirements:
*
* - `tokenId` must exist.
*/
function ownerOf(uint256 tokenId) external view returns (address owner);
/**
* @dev Safely transfers `tokenId` token from `from` to `to`.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must exist and be owned by `from`.
* - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon
* a safe transfer.
*
* Emits a {Transfer} event.
*/
function safeTransferFrom(address from, address to, uint256 tokenId, bytes calldata data) external;
/**
* @dev Safely transfers `tokenId` token from `from` to `to`, checking first that contract recipients
* are aware of the ERC721 protocol to prevent tokens from being forever locked.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must exist and be owned by `from`.
* - If the caller is not `from`, it must have been allowed to move this token by either {approve} or
* {setApprovalForAll}.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon
* a safe transfer.
*
* Emits a {Transfer} event.
*/
function safeTransferFrom(address from, address to, uint256 tokenId) external;
/**
* @dev Transfers `tokenId` token from `from` to `to`.
*
* WARNING: Note that the caller is responsible to confirm that the recipient is capable of receiving ERC721
* or else they may be permanently lost. Usage of {safeTransferFrom} prevents loss, though the caller must
* understand this adds an external call which potentially creates a reentrancy vulnerability.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must be owned by `from`.
* - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 tokenId) external;
/**
* @dev Gives permission to `to` to transfer `tokenId` token to another account.
* The approval is cleared when the token is transferred.
*
* Only a single account can be approved at a time, so approving the zero address clears previous approvals.
*
* Requirements:
*
* - The caller must own the token or be an approved operator.
* - `tokenId` must exist.
*
* Emits an {Approval} event.
*/
function approve(address to, uint256 tokenId) external;
/**
* @dev Approve or remove `operator` as an operator for the caller.
* Operators can call {transferFrom} or {safeTransferFrom} for any token owned by the caller.
*
* Requirements:
*
* - The `operator` cannot be the address zero.
*
* Emits an {ApprovalForAll} event.
*/
function setApprovalForAll(address operator, bool approved) external;
/**
* @dev Returns the account approved for `tokenId` token.
*
* Requirements:
*
* - `tokenId` must exist.
*/
function getApproved(uint256 tokenId) external view returns (address operator);
/**
* @dev Returns if the `operator` is allowed to manage all of the assets of `owner`.
*
* See {setApprovalForAll}
*/
function isApprovedForAll(address owner, address operator) external view returns (bool);
}
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC721/extensions/IERC721Metadata.sol)
/**
* @title ERC-721 Non-Fungible Token Standard, optional metadata extension
* @dev See https://eips.ethereum.org/EIPS/eip-721
*/
interface IERC721Metadata is IERC721 {
/**
* @dev Returns the token collection name.
*/
function name() external view returns (string memory);
/**
* @dev Returns the token collection symbol.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the Uniform Resource Identifier (URI) for `tokenId` token.
*/
function tokenURI(uint256 tokenId) external view returns (string memory);
}