Warning! Contract bytecode has been changed and doesn't match the verified one. Therefore, interaction with this smart contract may be risky.
- Contract name:
- AuthorizerAdaptor
- Optimization enabled
- true
- Compiler version
- v0.7.1+commit.f4a555be
- Optimization runs
- 9999
- EVM Version
- default
- Verified at
- 2025-08-08T21:15:16.372669Z
Constructor Arguments
0x000000000000000000000000634f6b9cd1f860314871548d2224362825384b2d
Arg [0] (address) : 0x634f6b9cd1f860314871548d2224362825384b2d
contracts/AuthorizerAdaptor.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./solidity-utils/contracts/helpers/IAuthentication.sol";
import "./solidity-utils/contracts/openzeppelin/Address.sol";
import "./solidity-utils/contracts/openzeppelin/ReentrancyGuard.sol";
import "./vault/contracts/interfaces/IAuthorizer.sol";
import "./vault/contracts/interfaces/IVault.sol";
import "./interfaces/contracts/liquidity-mining/IAuthorizerAdaptor.sol";
/**
* @title Authorizer Adaptor
* @notice This contract is intended to act as an adaptor between systems which expect a single admin address
* and the Balancer Authorizer such that the Authorizer may grant/revoke admin powers to unlimited addresses.
*
* The permissions the Authorizer can grant are granular such they may be global or specific to a particular contract
*
* @dev When calculating the actionId to call a function on a target contract, it must be calculated as if it were
* to be called on this adaptor. This can be done by passing the function selector to the `getActionId` function.
*/
contract AuthorizerAdaptor is IAuthorizerAdaptor, ReentrancyGuard {
using Address for address;
bytes32 private immutable _actionIdDisambiguator;
IVault private immutable _vault;
constructor(IVault vault) {
// AuthorizerAdaptor is a singleton, so it simply uses its own address to disambiguate action identifiers
_actionIdDisambiguator = bytes32(uint256(address(this)));
_vault = vault;
}
/**
* @notice Returns the Balancer Vault
*/
function getVault() public view override returns (IVault) {
return _vault;
}
/**
* @notice Returns the Authorizer
*/
function getAuthorizer() public view override returns (IAuthorizer) {
return getVault().getAuthorizer();
}
function _canPerform(
bytes32 actionId,
address account,
address where
) internal view returns (bool) {
return getAuthorizer().canPerform(actionId, account, where);
}
/**
* @notice Returns the action ID associated with calling a given function through this adaptor
* @dev As the contracts managed by this adaptor don't have action ID disambiguators, we use the adaptor's globally.
* This means that contracts with the same function selector will have a matching action ID:
* if granularity is required then permissions must not be granted globally in the Authorizer.
*
* @param selector - The 4 byte selector of the function to be called using `performAction`
* @return The associated action ID
*/
function getActionId(bytes4 selector) public view override returns (bytes32) {
return keccak256(abi.encodePacked(_actionIdDisambiguator, selector));
}
/**
* @notice Performs an arbitrary function call on a target contract, provided the caller is authorized to do so.
* @param target - Address of the contract to be called
* @param data - Calldata to be sent to the target contract
* @return The bytes encoded return value from the performed function call
*/
function performAction(address target, bytes calldata data)
external
payable
override
nonReentrant
returns (bytes memory)
{
bytes4 selector;
// We want to check that the caller is authorized to call the function on the target rather than this function.
// We must then pull the function selector from `data` rather than `msg.sig`. The most effective way to do this
// is via assembly.
// Note that if `data` is empty this will return an empty function signature (0x00000000)
// solhint-disable-next-line no-inline-assembly
assembly {
// The function selector encoded in `data` has an offset relative to the start of msg.data of:
// - 4 bytes due to the function selector for `performAction`
// - 3 words (3 * 32 = 96 bytes) for `target` and the length and offset of `data`
// 96 + 4 = 100 bytes
selector := calldataload(100)
}
_require(_canPerform(getActionId(selector), msg.sender, target), Errors.SENDER_NOT_ALLOWED);
// We don't check that `target` is a contract so all calls to an EOA will succeed.
return target.functionCallWithValue(data, msg.value);
}
}
contracts/solidity-utils/contracts/openzeppelin/SafeMath.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.7.0;
import "../helpers/BalancerErrors.sol";
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
*
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
_require(c >= a, Errors.ADD_OVERFLOW);
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, Errors.SUB_OVERFLOW);
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b, uint256 errorCode) internal pure returns (uint256) {
_require(b <= a, errorCode);
uint256 c = a - b;
return c;
}
}
contracts/interfaces/contracts/ISmartWalletChecker.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
interface ISmartWalletChecker {
function check(address contractAddress) external view returns (bool);
}
contracts/LiquidityGaugeFactory.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "./interfaces/contracts/liquidity-mining/IBaseGaugeFactory.sol";
import "./interfaces/contracts/liquidity-mining/IStakingLiquidityGauge.sol";
import "./solidity-utils/contracts/openzeppelin/Clones.sol";
import "./BaseGaugeFactory.sol";
contract LiquidityGaugeFactory is BaseGaugeFactory {
constructor(IStakingLiquidityGauge gauge) BaseGaugeFactory(gauge) {
// solhint-disable-previous-line no-empty-blocks
}
/**
* @notice Deploys a new gauge for a Balancer pool.
* @dev As anyone can register arbitrary Balancer pools with the Vault,
* it's impossible to prove onchain that `pool` is a "valid" deployment.
*
* Care must be taken to ensure that gauges deployed from this factory are
* suitable before they are added to the GaugeController.
*
* It is possible to deploy multiple gauges for a single pool.
* @param pool The address of the pool for which to deploy a gauge
* @param relativeWeightCap The relative weight cap for the created gauge
* @return The address of the deployed gauge
*/
function create(address pool, uint256 relativeWeightCap) external override returns (address) {
address gauge = _create();
IStakingLiquidityGauge(gauge).initialize(pool, relativeWeightCap);
return gauge;
}
}
contracts/AuthorizerWithAdaptorValidation.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./interfaces/contracts/liquidity-mining/IAuthorizerAdaptorEntrypoint.sol";
import "./interfaces/contracts/liquidity-mining/IAuthorizerAdaptor.sol";
import "./vault/contracts/interfaces/IAuthorizer.sol";
/**
* @dev Temporary Authorizer upgrade that fixes the issue in the AuthorizerAdaptor and allows usage of
* the AuthorizerAdaptorEntrypoint. The previous Authorizer is the one that actually keeps track of permissions.
*
* This is expected to be replaced by the TimelockAuthorizer, which also includes this fix.
*/
contract AuthorizerWithAdaptorValidation is IAuthorizer {
IAuthorizerAdaptorEntrypoint private immutable _adaptorEntrypoint;
IAuthorizerAdaptor private immutable _authorizerAdaptor;
IAuthorizer private immutable _actualAuthorizer;
constructor(
IAuthorizer actualAuthorizer,
IAuthorizerAdaptor authorizerAdaptor,
IAuthorizerAdaptorEntrypoint adaptorEntrypoint
) {
_actualAuthorizer = actualAuthorizer;
_authorizerAdaptor = authorizerAdaptor;
_adaptorEntrypoint = adaptorEntrypoint;
}
/**
* @dev Return the address of the original Authorizer.
*/
function getActualAuthorizer() external view returns (IAuthorizer) {
return _actualAuthorizer;
}
/**
* @dev Return the address of the Authorizer Adaptor.
*/
function getAuthorizerAdaptor() external view returns (IAuthorizerAdaptor) {
return _authorizerAdaptor;
}
/**
* @dev Return the address of the Authorizer Adaptor Entrypoint.
*/
function getAuthorizerAdaptorEntrypoint() external view returns (IAuthorizerAdaptorEntrypoint) {
return _adaptorEntrypoint;
}
/**
* @dev Ensure that all requests either came through the AuthorizerAdaptor via the AuthorizerAdaptorEntrypoint
* (which we know has safely checked permissions), or can be validated with the actual Authorizer.
*/
function canPerform(
bytes32 actionId,
address account,
address where
) external view override returns (bool) {
if (msg.sender == address(_authorizerAdaptor)) {
// The situation where the caller is the `AuthorizerAdaptor` is a special case, as due to a bug it can be
// tricked into passing an incorrect `actionId` value, potentially resulting in escalation of privileges.
//
// To remedy this we force all calls to the `AuthorizerAdaptor` to be made through a singleton entrypoint
// contract, called the `AuthorizerAdaptorEntrypoint`. This contract correctly checks whether `account` can
// perform `actionId` on `where`, and then forwards the call onto the `AuthorizerAdaptor` to execute.
//
// The authorizer then rejects calls to the `AuthorizerAdaptor` which aren't made through the entrypoint,
// and approves all calls made through it (since the entrypoint will have already performed any necessary
// permission checks).
return account == address(_adaptorEntrypoint);
} else {
// A permission check performed by any other account is simply forwarded to the actual Authorizer, which
// is the one that keeps track of permissions.
return _actualAuthorizer.canPerform(actionId, account, where);
}
}
}
contracts/interfaces/contracts/liquidity-mining/IAuthorizerAdaptor.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity >=0.7.0 <0.9.0;
import "../../../solidity-utils/contracts/helpers/IAuthentication.sol";
import "../../../vault/contracts/interfaces/IVault.sol";
interface IAuthorizerAdaptor is IAuthentication {
/**
* @notice Returns the Balancer Vault
*/
function getVault() external view returns (IVault);
/**
* @notice Returns the Authorizer
*/
function getAuthorizer() external view returns (IAuthorizer);
/**
* @notice Performs an arbitrary function call on a target contract, provided the caller is authorized to do so.
* @param target - Address of the contract to be called
* @param data - Calldata to be sent to the target contract
* @return The bytes encoded return value from the performed function call
*/
function performAction(address target, bytes calldata data) external payable returns (bytes memory);
}
contracts/interfaces/contracts/liquidity-mining/IAuthorizerAdaptorEntrypoint.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity >=0.7.0 <0.9.0;
import "./IAuthorizerAdaptor.sol";
/**
* @notice Interface for `AuthorizerAdaptorEntrypoint`.
*/
interface IAuthorizerAdaptorEntrypoint is IAuthorizerAdaptor {
/**
* @notice Returns the Authorizer Adaptor
*/
function getAuthorizerAdaptor() external view returns (IAuthorizerAdaptor);
}
contracts/solidity-utils/contracts/helpers/IAuthentication.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
interface IAuthentication {
/**
* @dev Returns the action identifier associated with the external function described by `selector`.
*/
function getActionId(bytes4 selector) external view returns (bytes32);
}
contracts/VotingEscrowDelegationProxy.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./solidity-utils/contracts/helpers/Authentication.sol";
import "./vault/contracts/interfaces/IVault.sol";
import "./interfaces/contracts/IVeDelegation.sol";
contract VotingEscrowDelegationProxy is Authentication {
IVault private immutable _vault;
IERC20 private immutable _votingEscrow;
IVeDelegation private _delegation;
event DelegationImplementationUpdated(address indexed newImplementation);
constructor(
IVault vault,
IERC20 votingEscrow,
IVeDelegation delegation
) Authentication(bytes32(uint256(address(this)))) {
// VotingEscrowDelegationProxy is a singleton,
// so it simply uses its own address to disambiguate action identifiers
_vault = vault;
_votingEscrow = votingEscrow;
_delegation = delegation;
}
/**
* @notice Returns the current delegation implementation contract.
*/
function getDelegationImplementation() external view returns (IVeDelegation) {
return _delegation;
}
/**
* @notice Returns the Voting Escrow (veBAL) contract.
*/
function getVotingEscrow() external view returns (IERC20) {
return _votingEscrow;
}
/**
* @notice Returns the Balancer Vault.
*/
function getVault() public view returns (IVault) {
return _vault;
}
/**
* @notice Returns the Balancer Vault's current authorizer.
*/
function getAuthorizer() public view returns (IAuthorizer) {
return getVault().getAuthorizer();
}
/**
* @notice Get the adjusted veBAL balance from the active boost delegation contract
* @param user The user to query the adjusted veBAL balance of
* @return veBAL balance
*/
function adjustedBalanceOf(address user) external view returns (uint256) {
return _adjustedBalanceOf(user);
}
/**
* @notice Get the adjusted veBAL balance from the active boost delegation contract
* @param user The user to query the adjusted veBAL balance of
* @return veBAL balance
*/
// solhint-disable-next-line func-name-mixedcase
function adjusted_balance_of(address user) external view returns (uint256) {
return _adjustedBalanceOf(user);
}
// Internal functions
function _adjustedBalanceOf(address user) internal view returns (uint256) {
IVeDelegation implementation = _delegation;
if (implementation == IVeDelegation(0)) {
return IERC20(_votingEscrow).balanceOf(user);
}
return implementation.adjusted_balance_of(user);
}
function _canPerform(bytes32 actionId, address account) internal view override returns (bool) {
return getAuthorizer().canPerform(actionId, account, address(this));
}
// Admin functions
function setDelegation(IVeDelegation delegation) external authenticate {
// call `adjusted_balance_of` to make sure it works
delegation.adjusted_balance_of(msg.sender);
_delegation = delegation;
emit DelegationImplementationUpdated(address(delegation));
}
function killDelegation() external authenticate {
_delegation = IVeDelegation(0);
emit DelegationImplementationUpdated(address(0));
}
}
contracts/solidity-utils/contracts/openzeppelin/ReentrancyGuard.sol
// SPDX-License-Identifier: MIT
// Based on the ReentrancyGuard library from OpenZeppelin Contracts, altered to reduce bytecode size.
// Modifier code is inlined by the compiler, which causes its code to appear multiple times in the codebase. By using
// private functions, we achieve the same end result with slightly higher runtime gas costs, but reduced bytecode size.
pragma solidity ^0.7.0;
import "../helpers/BalancerErrors.sol";
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant _NOT_ENTERED = 1;
uint256 private constant _ENTERED = 2;
uint256 private _status;
constructor() {
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and make it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_enterNonReentrant();
_;
_exitNonReentrant();
}
function _enterNonReentrant() private {
// On the first call to nonReentrant, _status will be _NOT_ENTERED
_require(_status != _ENTERED, Errors.REENTRANCY);
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
}
function _exitNonReentrant() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
}
contracts/vault/contracts/interfaces/IProtocolFeesCollector.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "../../../solidity-utils/contracts/openzeppelin/IERC20.sol";
import "./IVault.sol";
import "./IAuthorizer.sol";
interface IProtocolFeesCollector {
event SwapFeePercentageChanged(uint256 newSwapFeePercentage);
event FlashLoanFeePercentageChanged(uint256 newFlashLoanFeePercentage);
function withdrawCollectedFees(
IERC20[] calldata tokens,
uint256[] calldata amounts,
address recipient
) external;
function setSwapFeePercentage(uint256 newSwapFeePercentage) external;
function setFlashLoanFeePercentage(uint256 newFlashLoanFeePercentage) external;
function getSwapFeePercentage() external view returns (uint256);
function getFlashLoanFeePercentage() external view returns (uint256);
function getCollectedFeeAmounts(IERC20[] memory tokens) external view returns (uint256[] memory feeAmounts);
function getAuthorizer() external view returns (IAuthorizer);
function vault() external view returns (IVault);
}
contracts/interfaces/contracts/IBALTokenHolder.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "../../solidity-utils/contracts/helpers/IAuthentication.sol";
import "../../solidity-utils/contracts/openzeppelin/IERC20.sol";
interface IBALTokenHolder is IAuthentication {
function withdrawFunds(address recipient, uint256 amount) external;
function sweepTokens(
IERC20 token,
address recipient,
uint256 amount
) external;
}
contracts/interfaces/contracts/IBALTokenHolderFactory.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "../../vault/contracts/interfaces/IVault.sol";
import "./IBalancerToken.sol";
import "./IBALTokenHolder.sol";
interface IBALTokenHolderFactory {
function getBalancerToken() external view returns (IBalancerToken);
function getVault() external view returns (IVault);
function isHolderFromFactory(address holder) external view returns (bool);
function create(string memory name) external returns (IBALTokenHolder);
}
contracts/BalancerMinter.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./solidity-utils/contracts/openzeppelin/ReentrancyGuard.sol";
import "./solidity-utils/contracts/openzeppelin/SafeMath.sol";
import "./solidity-utils/contracts/openzeppelin/EIP712.sol";
import "./interfaces/contracts/IBalancerMinter.sol";
import "./interfaces/contracts/IBalancerTokenAdmin.sol";
import "./interfaces/contracts/IGaugeController.sol";
import "./interfaces/contracts/liquidity-mining/ILiquidityGauge.sol";
contract BalancerMinter is IBalancerMinter, ReentrancyGuard, EIP712 {
using SafeMath for uint256;
IERC20 private immutable _token;
IBalancerTokenAdmin private immutable _tokenAdmin;
IGaugeController private immutable _gaugeController;
// user -> gauge -> value
mapping(address => mapping(address => uint256)) private _minted;
// minter -> user -> can mint?
mapping(address => mapping(address => bool)) private _allowedMinter;
// Signature replay attack prevention for each user.
mapping(address => uint256) internal _nextNonce;
// solhint-disable-next-line var-name-mixedcase
bytes32 private immutable _SET_MINTER_APPROVAL_TYPEHASH = keccak256(
"SetMinterApproval(address minter,bool approval,uint256 nonce,uint256 deadline)"
);
event MinterApprovalSet(address indexed user, address indexed minter, bool approval);
constructor(IBalancerTokenAdmin tokenAdmin, IGaugeController gaugeController) EIP712("Balancer Minter", "1") {
_token = tokenAdmin.getBalancerToken();
_tokenAdmin = tokenAdmin;
_gaugeController = gaugeController;
}
function getDomainSeparator() external view returns (bytes32) {
return _domainSeparatorV4();
}
function getNextNonce(address user) external view returns (uint256) {
return _nextNonce[user];
}
/**
* @notice Returns the address of the Balancer Governance Token
*/
function getBalancerToken() external view override returns (IERC20) {
return _token;
}
/**
* @notice Returns the address of the Balancer Token Admin contract
*/
function getBalancerTokenAdmin() external view override returns (IBalancerTokenAdmin) {
return _tokenAdmin;
}
/**
* @notice Returns the address of the Gauge Controller
*/
function getGaugeController() external view override returns (IGaugeController) {
return _gaugeController;
}
/**
* @notice Mint everything which belongs to `msg.sender` and send to them
* @param gauge `LiquidityGauge` address to get mintable amount from
*/
function mint(address gauge) external override nonReentrant returns (uint256) {
return _mintFor(gauge, msg.sender);
}
/**
* @notice Mint everything which belongs to `msg.sender` across multiple gauges
* @param gauges List of `LiquidityGauge` addresses
*/
function mintMany(address[] calldata gauges) external override nonReentrant returns (uint256) {
return _mintForMany(gauges, msg.sender);
}
/**
* @notice Mint tokens for `user`
* @dev Only possible when `msg.sender` has been approved by `user` to mint on their behalf
* @param gauge `LiquidityGauge` address to get mintable amount from
* @param user Address to mint to
*/
function mintFor(address gauge, address user) external override nonReentrant returns (uint256) {
require(_allowedMinter[msg.sender][user], "Caller not allowed to mint for user");
return _mintFor(gauge, user);
}
/**
* @notice Mint tokens for `user` across multiple gauges
* @dev Only possible when `msg.sender` has been approved by `user` to mint on their behalf
* @param gauges List of `LiquidityGauge` addresses
* @param user Address to mint to
*/
function mintManyFor(address[] calldata gauges, address user) external override nonReentrant returns (uint256) {
require(_allowedMinter[msg.sender][user], "Caller not allowed to mint for user");
return _mintForMany(gauges, user);
}
/**
* @notice The total number of tokens minted for `user` from `gauge`
*/
function minted(address user, address gauge) external view override returns (uint256) {
return _minted[user][gauge];
}
/**
* @notice Whether `minter` is approved to mint tokens for `user`
*/
function getMinterApproval(address minter, address user) external view override returns (bool) {
return _allowedMinter[minter][user];
}
/**
* @notice Set whether `minter` is approved to mint tokens on your behalf
*/
function setMinterApproval(address minter, bool approval) public override {
_setMinterApproval(minter, msg.sender, approval);
}
/**
* @notice Set whether `minter` is approved to mint tokens on behalf of `user`, who has signed a message authorizing
* them.
*/
function setMinterApprovalWithSignature(
address minter,
bool approval,
address user,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external override {
// solhint-disable-next-line not-rely-on-time
require(deadline > block.timestamp, "Signature expired");
uint256 nonce = _nextNonce[user]++;
bytes32 structHash = keccak256(abi.encode(_SET_MINTER_APPROVAL_TYPEHASH, minter, approval, nonce, deadline));
bytes32 digest = _hashTypedDataV4(structHash);
address recoveredAddress = ecrecover(digest, v, r, s);
// ecrecover returns the zero address on recover failure, so we need to handle that explicitly.
require(recoveredAddress != address(0) && recoveredAddress == user, "Invalid signature");
_setMinterApproval(minter, user, approval);
}
function _setMinterApproval(
address minter,
address user,
bool approval
) private {
_allowedMinter[minter][user] = approval;
emit MinterApprovalSet(user, minter, approval);
}
// Internal functions
function _mintFor(address gauge, address user) internal returns (uint256 tokensToMint) {
tokensToMint = _updateGauge(gauge, user);
if (tokensToMint > 0) {
_tokenAdmin.mint(user, tokensToMint);
}
}
function _mintForMany(address[] calldata gauges, address user) internal returns (uint256 tokensToMint) {
uint256 length = gauges.length;
for (uint256 i = 0; i < length; ++i) {
tokensToMint = tokensToMint.add(_updateGauge(gauges[i], user));
}
if (tokensToMint > 0) {
_tokenAdmin.mint(user, tokensToMint);
}
}
function _updateGauge(address gauge, address user) internal returns (uint256 tokensToMint) {
require(_gaugeController.gauge_types(gauge) >= 0, "Gauge does not exist on Controller");
ILiquidityGauge(gauge).user_checkpoint(user);
uint256 totalMint = ILiquidityGauge(gauge).integrate_fraction(user);
tokensToMint = totalMint.sub(_minted[user][gauge]);
if (tokensToMint > 0) {
_minted[user][gauge] = totalMint;
emit Minted(user, gauge, totalMint);
}
}
// The below functions are near-duplicates of functions available above.
// They are included for ABI compatibility with snake_casing as used in vyper contracts.
// solhint-disable func-name-mixedcase
/**
* @notice Whether `minter` is approved to mint tokens for `user`
*/
function allowed_to_mint_for(address minter, address user) external view override returns (bool) {
return _allowedMinter[minter][user];
}
/**
* @notice Mint everything which belongs to `msg.sender` across multiple gauges
* @dev This function is not recommended as `mintMany()` is more flexible and gas efficient
* @param gauges List of `LiquidityGauge` addresses
*/
function mint_many(address[8] calldata gauges) external override nonReentrant {
for (uint256 i = 0; i < 8; ++i) {
if (gauges[i] == address(0)) {
break;
}
_mintFor(gauges[i], msg.sender);
}
}
/**
* @notice Mint tokens for `user`
* @dev Only possible when `msg.sender` has been approved by `user` to mint on their behalf
* @param gauge `LiquidityGauge` address to get mintable amount from
* @param user Address to mint to
*/
function mint_for(address gauge, address user) external override nonReentrant {
if (_allowedMinter[msg.sender][user]) {
_mintFor(gauge, user);
}
}
/**
* @notice Toggle whether `minter` is approved to mint tokens for `user`
*/
function toggle_approve_mint(address minter) external override {
setMinterApproval(minter, !_allowedMinter[minter][msg.sender]);
}
}
contracts/solidity-utils/contracts/openzeppelin/EnumerableSet.sol
// SPDX-License-Identifier: MIT
// Based on the EnumerableSet library from OpenZeppelin Contracts, altered to remove the base private functions that
// work on bytes32, replacing them with a native implementation for address and bytes32 values, to reduce bytecode
// size and runtime costs.
// The `unchecked_at` function was also added, which allows for more gas efficient data reads in some scenarios.
pragma solidity ^0.7.0;
import "../helpers/BalancerErrors.sol";
/**
* @dev Library for managing
* https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive
* types.
*
* Sets have the following properties:
*
* - Elements are added, removed, and checked for existence in constant time
* (O(1)).
* - Elements are enumerated in O(n). No guarantees are made on the ordering.
*
* ```
* contract Example {
* // Add the library methods
* using EnumerableSet for EnumerableSet.AddressSet;
*
* // Declare a set state variable
* EnumerableSet.AddressSet private mySet;
* }
* ```
*
* As of v3.3.0, sets of type `bytes32` (`Bytes32Set`), `address` (`AddressSet`)
* and `uint256` (`UintSet`) are supported.
*/
library EnumerableSet {
// The original OpenZeppelin implementation uses a generic Set type with bytes32 values: this was replaced with
// AddressSet, which uses address keys natively, resulting in more dense bytecode.
struct AddressSet {
// Storage of set values
address[] _values;
// Position of the value in the `values` array, plus 1 because index 0
// means a value is not in the set.
mapping(address => uint256) _indexes;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(AddressSet storage set, address value) internal returns (bool) {
if (!contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes
// and use 0 as a sentinel value
set._indexes[value] = set._values.length;
return true;
} else {
return false;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(AddressSet storage set, address value) internal returns (bool) {
// We read and store the value's index to prevent multiple reads from the same storage slot
uint256 valueIndex = set._indexes[value];
if (valueIndex != 0) {
// Equivalent to contains(set, value)
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in
// the array, and then remove the last element (sometimes called as 'swap and pop').
// This modifies the order of the array, as noted in {at}.
uint256 toDeleteIndex = valueIndex - 1;
uint256 lastIndex = set._values.length - 1;
// The swap is only necessary if we're not removing the last element
if (toDeleteIndex != lastIndex) {
address lastValue = set._values[lastIndex];
// Move the last value to the index where the value to delete is
set._values[toDeleteIndex] = lastValue;
// Update the index for the moved value
set._indexes[lastValue] = toDeleteIndex + 1; // All indexes are 1-based
}
// Delete the slot where the moved value was stored
set._values.pop();
// Delete the index for the deleted slot
delete set._indexes[value];
return true;
} else {
return false;
}
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(AddressSet storage set, address value) internal view returns (bool) {
return set._indexes[value] != 0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/
function length(AddressSet storage set) internal view returns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(AddressSet storage set, uint256 index) internal view returns (address) {
_require(set._values.length > index, Errors.OUT_OF_BOUNDS);
return unchecked_at(set, index);
}
/**
* @dev Same as {at}, except this doesn't revert if `index` it outside of the set (i.e. if it is equal or larger
* than {length}). O(1).
*
* This function performs one less storage read than {at}, but should only be used when `index` is known to be
* within bounds.
*/
function unchecked_at(AddressSet storage set, uint256 index) internal view returns (address) {
return set._values[index];
}
function rawIndexOf(AddressSet storage set, address value) internal view returns (uint256) {
return set._indexes[value] - 1;
}
struct Bytes32Set {
// Storage of set values
bytes32[] _values;
// Position of the value in the `values` array, plus 1 because index 0
// means a value is not in the set.
mapping(bytes32 => uint256) _indexes;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(Bytes32Set storage set, bytes32 value) internal returns (bool) {
if (!contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes
// and use 0 as a sentinel value
set._indexes[value] = set._values.length;
return true;
} else {
return false;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was present.
*/
function remove(Bytes32Set storage set, bytes32 value) internal returns (bool) {
// We read and store the value's index to prevent multiple reads from the same storage slot
uint256 valueIndex = set._indexes[value];
if (valueIndex != 0) {
// Equivalent to contains(set, value)
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in
// the array, and then remove the last element (sometimes called as 'swap and pop').
// This modifies the order of the array, as noted in {at}.
uint256 toDeleteIndex = valueIndex - 1;
uint256 lastIndex = set._values.length - 1;
// The swap is only necessary if we're not removing the last element
if (toDeleteIndex != lastIndex) {
bytes32 lastValue = set._values[lastIndex];
// Move the last value to the index where the value to delete is
set._values[toDeleteIndex] = lastValue;
// Update the index for the moved value
set._indexes[lastValue] = toDeleteIndex + 1; // All indexes are 1-based
}
// Delete the slot where the moved value was stored
set._values.pop();
// Delete the index for the deleted slot
delete set._indexes[value];
return true;
} else {
return false;
}
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(Bytes32Set storage set, bytes32 value) internal view returns (bool) {
return set._indexes[value] != 0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/
function length(Bytes32Set storage set) internal view returns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(Bytes32Set storage set, uint256 index) internal view returns (bytes32) {
_require(set._values.length > index, Errors.OUT_OF_BOUNDS);
return unchecked_at(set, index);
}
/**
* @dev Same as {at}, except this doesn't revert if `index` it outside of the set (i.e. if it is equal or larger
* than {length}). O(1).
*
* This function performs one less storage read than {at}, but should only be used when `index` is known to be
* within bounds.
*/
function unchecked_at(Bytes32Set storage set, uint256 index) internal view returns (bytes32) {
return set._values[index];
}
function rawIndexOf(Bytes32Set storage set, bytes32 value) internal view returns (uint256) {
return set._indexes[value] - 1;
}
}
contracts/solidity-utils/contracts/openzeppelin/Address.sol
// SPDX-License-Identifier: MIT
// Based on the Address library from OpenZeppelin Contracts, altered by removing the `isContract` checks on
// `functionCall` and `functionDelegateCall` in order to save gas, as the recipients are known to be contracts.
pragma solidity ^0.7.0;
import "../helpers/BalancerErrors.sol";
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize, which returns 0 for contracts in
// construction, since the code is only stored at the end of the
// constructor execution.
uint256 size;
// solhint-disable-next-line no-inline-assembly
assembly {
size := extcodesize(account)
}
return size > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
_require(address(this).balance >= amount, Errors.ADDRESS_INSUFFICIENT_BALANCE);
// solhint-disable-next-line avoid-low-level-calls, avoid-call-value
(bool success, ) = recipient.call{ value: amount }("");
_require(success, Errors.ADDRESS_CANNOT_SEND_VALUE);
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.call(data);
return verifyCallResult(success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but passing some native ETH as msg.value to the call.
*
* _Available since v3.4._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResult(success, returndata);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResult(success, returndata);
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling up the
* revert reason or using the one provided.
*
* _Available since v4.3._
*/
function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
// solhint-disable-next-line no-inline-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
_revert(Errors.LOW_LEVEL_CALL_FAILED);
}
}
}
}
contracts/interfaces/contracts/liquidity-mining/ILiquidityGaugeFactory.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "./ILiquidityGauge.sol";
interface ILiquidityGaugeFactory {
/**
* @notice Returns true if `gauge` was created by this factory.
*/
function isGaugeFromFactory(address gauge) external view returns (bool);
}
contracts/interfaces/contracts/IBalancerMinter.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./IBalancerTokenAdmin.sol";
import "./IGaugeController.sol";
interface IBalancerMinter {
event Minted(address indexed recipient, address gauge, uint256 minted);
/**
* @notice Returns the address of the Balancer Governance Token
*/
function getBalancerToken() external view returns (IERC20);
/**
* @notice Returns the address of the Balancer Token Admin contract
*/
function getBalancerTokenAdmin() external view returns (IBalancerTokenAdmin);
/**
* @notice Returns the address of the Gauge Controller
*/
function getGaugeController() external view returns (IGaugeController);
/**
* @notice Mint everything which belongs to `msg.sender` and send to them
* @param gauge `LiquidityGauge` address to get mintable amount from
*/
function mint(address gauge) external returns (uint256);
/**
* @notice Mint everything which belongs to `msg.sender` across multiple gauges
* @param gauges List of `LiquidityGauge` addresses
*/
function mintMany(address[] calldata gauges) external returns (uint256);
/**
* @notice Mint tokens for `user`
* @dev Only possible when `msg.sender` has been approved by `user` to mint on their behalf
* @param gauge `LiquidityGauge` address to get mintable amount from
* @param user Address to mint to
*/
function mintFor(address gauge, address user) external returns (uint256);
/**
* @notice Mint tokens for `user` across multiple gauges
* @dev Only possible when `msg.sender` has been approved by `user` to mint on their behalf
* @param gauges List of `LiquidityGauge` addresses
* @param user Address to mint to
*/
function mintManyFor(address[] calldata gauges, address user) external returns (uint256);
/**
* @notice The total number of tokens minted for `user` from `gauge`
*/
function minted(address user, address gauge) external view returns (uint256);
/**
* @notice Whether `minter` is approved to mint tokens for `user`
*/
function getMinterApproval(address minter, address user) external view returns (bool);
/**
* @notice Set whether `minter` is approved to mint tokens on your behalf
*/
function setMinterApproval(address minter, bool approval) external;
/**
* @notice Set whether `minter` is approved to mint tokens on behalf of `user`, who has signed a message authorizing
* them.
*/
function setMinterApprovalWithSignature(
address minter,
bool approval,
address user,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
// The below functions are near-duplicates of functions available above.
// They are included for ABI compatibility with snake_casing as used in vyper contracts.
// solhint-disable func-name-mixedcase
/**
* @notice Whether `minter` is approved to mint tokens for `user`
*/
function allowed_to_mint_for(address minter, address user) external view returns (bool);
/**
* @notice Mint everything which belongs to `msg.sender` across multiple gauges
* @dev This function is not recommended as `mintMany()` is more flexible and gas efficient
* @param gauges List of `LiquidityGauge` addresses
*/
function mint_many(address[8] calldata gauges) external;
/**
* @notice Mint tokens for `user`
* @dev Only possible when `msg.sender` has been approved by `user` to mint on their behalf
* @param gauge `LiquidityGauge` address to get mintable amount from
* @param user Address to mint to
*/
function mint_for(address gauge, address user) external;
/**
* @notice Toggle whether `minter` is approved to mint tokens for `user`
*/
function toggle_approve_mint(address minter) external;
}
contracts/vault/contracts/interfaces/IAsset.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
/**
* @dev This is an empty interface used to represent either ERC20-conforming token contracts or ETH (using the zero
* address sentinel value). We're just relying on the fact that `interface` can be used to declare new address-like
* types.
*
* This concept is unrelated to a Pool's Asset Managers.
*/
interface IAsset {
// solhint-disable-previous-line no-empty-blocks
}
contracts/interfaces/contracts/IGaugeController.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "../../solidity-utils/contracts/openzeppelin/IERC20.sol";
import "./liquidity-mining/IAuthorizerAdaptor.sol";
import "./IVotingEscrow.sol";
// For compatibility, we're keeping the same function names as in the original Curve code, including the mixed-case
// naming convention.
// solhint-disable func-name-mixedcase
interface IGaugeController {
function checkpoint_gauge(address gauge) external;
function gauge_relative_weight(address gauge, uint256 time) external returns (uint256);
function voting_escrow() external view returns (IVotingEscrow);
function token() external view returns (IERC20);
function add_type(string calldata name, uint256 weight) external;
function change_type_weight(int128 typeId, uint256 weight) external;
// Gauges are to be added with zero initial weight so the full signature is not required
function add_gauge(address gauge, int128 gaugeType) external;
function n_gauge_types() external view returns (int128);
function gauge_types(address gauge) external view returns (int128);
function admin() external view returns (IAuthorizerAdaptor);
}
contracts/vault/contracts/interfaces/IAuthorizer.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
interface IAuthorizer {
/**
* @dev Returns true if `account` can perform the action described by `actionId` in the contract `where`.
*/
function canPerform(
bytes32 actionId,
address account,
address where
) external view returns (bool);
}
contracts/solidity-utils/contracts/helpers/BalancerErrors.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
// solhint-disable
/**
* @dev Reverts if `condition` is false, with a revert reason containing `errorCode`. Only codes up to 999 are
* supported.
*/
function _require(bool condition, uint256 errorCode) pure {
if (!condition) _revert(errorCode);
}
/**
* @dev Reverts with a revert reason containing `errorCode`. Only codes up to 999 are supported.
*/
function _revert(uint256 errorCode) pure {
// We're going to dynamically create a revert string based on the error code, with the following format:
// 'BAL#{errorCode}'
// where the code is left-padded with zeroes to three digits (so they range from 000 to 999).
//
// We don't have revert strings embedded in the contract to save bytecode size: it takes much less space to store a
// number (8 to 16 bits) than the individual string characters.
//
// The dynamic string creation algorithm that follows could be implemented in Solidity, but assembly allows for a
// much denser implementation, again saving bytecode size. Given this function unconditionally reverts, this is a
// safe place to rely on it without worrying about how its usage might affect e.g. memory contents.
assembly {
// First, we need to compute the ASCII representation of the error code. We assume that it is in the 0-999
// range, so we only need to convert three digits. To convert the digits to ASCII, we add 0x30, the value for
// the '0' character.
let units := add(mod(errorCode, 10), 0x30)
errorCode := div(errorCode, 10)
let tenths := add(mod(errorCode, 10), 0x30)
errorCode := div(errorCode, 10)
let hundreds := add(mod(errorCode, 10), 0x30)
// With the individual characters, we can now construct the full string. The "BAL#" part is a known constant
// (0x42414c23): we simply shift this by 24 (to provide space for the 3 bytes of the error code), and add the
// characters to it, each shifted by a multiple of 8.
// The revert reason is then shifted left by 200 bits (256 minus the length of the string, 7 characters * 8 bits
// per character = 56) to locate it in the most significant part of the 256 slot (the beginning of a byte
// array).
let revertReason := shl(200, add(0x42414c23000000, add(add(units, shl(8, tenths)), shl(16, hundreds))))
// We can now encode the reason in memory, which can be safely overwritten as we're about to revert. The encoded
// message will have the following layout:
// [ revert reason identifier ] [ string location offset ] [ string length ] [ string contents ]
// The Solidity revert reason identifier is 0x08c739a0, the function selector of the Error(string) function. We
// also write zeroes to the next 28 bytes of memory, but those are about to be overwritten.
mstore(0x0, 0x08c379a000000000000000000000000000000000000000000000000000000000)
// Next is the offset to the location of the string, which will be placed immediately after (20 bytes away).
mstore(0x04, 0x0000000000000000000000000000000000000000000000000000000000000020)
// The string length is fixed: 7 characters.
mstore(0x24, 7)
// Finally, the string itself is stored.
mstore(0x44, revertReason)
// Even if the string is only 7 bytes long, we need to return a full 32 byte slot containing it. The length of
// the encoded message is therefore 4 + 32 + 32 + 32 = 100.
revert(0, 100)
}
}
library Errors {
// Math
uint256 internal constant ADD_OVERFLOW = 0;
uint256 internal constant SUB_OVERFLOW = 1;
uint256 internal constant SUB_UNDERFLOW = 2;
uint256 internal constant MUL_OVERFLOW = 3;
uint256 internal constant ZERO_DIVISION = 4;
uint256 internal constant DIV_INTERNAL = 5;
uint256 internal constant X_OUT_OF_BOUNDS = 6;
uint256 internal constant Y_OUT_OF_BOUNDS = 7;
uint256 internal constant PRODUCT_OUT_OF_BOUNDS = 8;
uint256 internal constant INVALID_EXPONENT = 9;
// Input
uint256 internal constant OUT_OF_BOUNDS = 100;
uint256 internal constant UNSORTED_ARRAY = 101;
uint256 internal constant UNSORTED_TOKENS = 102;
uint256 internal constant INPUT_LENGTH_MISMATCH = 103;
uint256 internal constant ZERO_TOKEN = 104;
// Shared pools
uint256 internal constant MIN_TOKENS = 200;
uint256 internal constant MAX_TOKENS = 201;
uint256 internal constant MAX_SWAP_FEE_PERCENTAGE = 202;
uint256 internal constant MIN_SWAP_FEE_PERCENTAGE = 203;
uint256 internal constant MINIMUM_BPT = 204;
uint256 internal constant CALLER_NOT_VAULT = 205;
uint256 internal constant UNINITIALIZED = 206;
uint256 internal constant BPT_IN_MAX_AMOUNT = 207;
uint256 internal constant BPT_OUT_MIN_AMOUNT = 208;
uint256 internal constant EXPIRED_PERMIT = 209;
uint256 internal constant NOT_TWO_TOKENS = 210;
uint256 internal constant DISABLED = 211;
// Pools
uint256 internal constant MIN_AMP = 300;
uint256 internal constant MAX_AMP = 301;
uint256 internal constant MIN_WEIGHT = 302;
uint256 internal constant MAX_STABLE_TOKENS = 303;
uint256 internal constant MAX_IN_RATIO = 304;
uint256 internal constant MAX_OUT_RATIO = 305;
uint256 internal constant MIN_BPT_IN_FOR_TOKEN_OUT = 306;
uint256 internal constant MAX_OUT_BPT_FOR_TOKEN_IN = 307;
uint256 internal constant NORMALIZED_WEIGHT_INVARIANT = 308;
uint256 internal constant INVALID_TOKEN = 309;
uint256 internal constant UNHANDLED_JOIN_KIND = 310;
uint256 internal constant ZERO_INVARIANT = 311;
uint256 internal constant ORACLE_INVALID_SECONDS_QUERY = 312;
uint256 internal constant ORACLE_NOT_INITIALIZED = 313;
uint256 internal constant ORACLE_QUERY_TOO_OLD = 314;
uint256 internal constant ORACLE_INVALID_INDEX = 315;
uint256 internal constant ORACLE_BAD_SECS = 316;
uint256 internal constant AMP_END_TIME_TOO_CLOSE = 317;
uint256 internal constant AMP_ONGOING_UPDATE = 318;
uint256 internal constant AMP_RATE_TOO_HIGH = 319;
uint256 internal constant AMP_NO_ONGOING_UPDATE = 320;
uint256 internal constant STABLE_INVARIANT_DIDNT_CONVERGE = 321;
uint256 internal constant STABLE_GET_BALANCE_DIDNT_CONVERGE = 322;
uint256 internal constant RELAYER_NOT_CONTRACT = 323;
uint256 internal constant BASE_POOL_RELAYER_NOT_CALLED = 324;
uint256 internal constant REBALANCING_RELAYER_REENTERED = 325;
uint256 internal constant GRADUAL_UPDATE_TIME_TRAVEL = 326;
uint256 internal constant SWAPS_DISABLED = 327;
uint256 internal constant CALLER_IS_NOT_LBP_OWNER = 328;
uint256 internal constant PRICE_RATE_OVERFLOW = 329;
uint256 internal constant INVALID_JOIN_EXIT_KIND_WHILE_SWAPS_DISABLED = 330;
uint256 internal constant WEIGHT_CHANGE_TOO_FAST = 331;
uint256 internal constant LOWER_GREATER_THAN_UPPER_TARGET = 332;
uint256 internal constant UPPER_TARGET_TOO_HIGH = 333;
uint256 internal constant UNHANDLED_BY_LINEAR_POOL = 334;
uint256 internal constant OUT_OF_TARGET_RANGE = 335;
uint256 internal constant UNHANDLED_EXIT_KIND = 336;
uint256 internal constant UNAUTHORIZED_EXIT = 337;
uint256 internal constant MAX_MANAGEMENT_SWAP_FEE_PERCENTAGE = 338;
uint256 internal constant UNHANDLED_BY_MANAGED_POOL = 339;
uint256 internal constant UNHANDLED_BY_PHANTOM_POOL = 340;
uint256 internal constant TOKEN_DOES_NOT_HAVE_RATE_PROVIDER = 341;
uint256 internal constant INVALID_INITIALIZATION = 342;
uint256 internal constant OUT_OF_NEW_TARGET_RANGE = 343;
uint256 internal constant UNAUTHORIZED_OPERATION = 344;
uint256 internal constant UNINITIALIZED_POOL_CONTROLLER = 345;
// Lib
uint256 internal constant REENTRANCY = 400;
uint256 internal constant SENDER_NOT_ALLOWED = 401;
uint256 internal constant PAUSED = 402;
uint256 internal constant PAUSE_WINDOW_EXPIRED = 403;
uint256 internal constant MAX_PAUSE_WINDOW_DURATION = 404;
uint256 internal constant MAX_BUFFER_PERIOD_DURATION = 405;
uint256 internal constant INSUFFICIENT_BALANCE = 406;
uint256 internal constant INSUFFICIENT_ALLOWANCE = 407;
uint256 internal constant ERC20_TRANSFER_FROM_ZERO_ADDRESS = 408;
uint256 internal constant ERC20_TRANSFER_TO_ZERO_ADDRESS = 409;
uint256 internal constant ERC20_MINT_TO_ZERO_ADDRESS = 410;
uint256 internal constant ERC20_BURN_FROM_ZERO_ADDRESS = 411;
uint256 internal constant ERC20_APPROVE_FROM_ZERO_ADDRESS = 412;
uint256 internal constant ERC20_APPROVE_TO_ZERO_ADDRESS = 413;
uint256 internal constant ERC20_TRANSFER_EXCEEDS_ALLOWANCE = 414;
uint256 internal constant ERC20_DECREASED_ALLOWANCE_BELOW_ZERO = 415;
uint256 internal constant ERC20_TRANSFER_EXCEEDS_BALANCE = 416;
uint256 internal constant ERC20_BURN_EXCEEDS_ALLOWANCE = 417;
uint256 internal constant SAFE_ERC20_CALL_FAILED = 418;
uint256 internal constant ADDRESS_INSUFFICIENT_BALANCE = 419;
uint256 internal constant ADDRESS_CANNOT_SEND_VALUE = 420;
uint256 internal constant SAFE_CAST_VALUE_CANT_FIT_INT256 = 421;
uint256 internal constant GRANT_SENDER_NOT_ADMIN = 422;
uint256 internal constant REVOKE_SENDER_NOT_ADMIN = 423;
uint256 internal constant RENOUNCE_SENDER_NOT_ALLOWED = 424;
uint256 internal constant BUFFER_PERIOD_EXPIRED = 425;
uint256 internal constant CALLER_IS_NOT_OWNER = 426;
uint256 internal constant NEW_OWNER_IS_ZERO = 427;
uint256 internal constant CODE_DEPLOYMENT_FAILED = 428;
uint256 internal constant CALL_TO_NON_CONTRACT = 429;
uint256 internal constant LOW_LEVEL_CALL_FAILED = 430;
uint256 internal constant NOT_PAUSED = 431;
uint256 internal constant ADDRESS_ALREADY_ALLOWLISTED = 432;
uint256 internal constant ADDRESS_NOT_ALLOWLISTED = 433;
uint256 internal constant ERC20_BURN_EXCEEDS_BALANCE = 434;
// Vault
uint256 internal constant INVALID_POOL_ID = 500;
uint256 internal constant CALLER_NOT_POOL = 501;
uint256 internal constant SENDER_NOT_ASSET_MANAGER = 502;
uint256 internal constant USER_DOESNT_ALLOW_RELAYER = 503;
uint256 internal constant INVALID_SIGNATURE = 504;
uint256 internal constant EXIT_BELOW_MIN = 505;
uint256 internal constant JOIN_ABOVE_MAX = 506;
uint256 internal constant SWAP_LIMIT = 507;
uint256 internal constant SWAP_DEADLINE = 508;
uint256 internal constant CANNOT_SWAP_SAME_TOKEN = 509;
uint256 internal constant UNKNOWN_AMOUNT_IN_FIRST_SWAP = 510;
uint256 internal constant MALCONSTRUCTED_MULTIHOP_SWAP = 511;
uint256 internal constant INTERNAL_BALANCE_OVERFLOW = 512;
uint256 internal constant INSUFFICIENT_INTERNAL_BALANCE = 513;
uint256 internal constant INVALID_ETH_INTERNAL_BALANCE = 514;
uint256 internal constant INVALID_POST_LOAN_BALANCE = 515;
uint256 internal constant INSUFFICIENT_ETH = 516;
uint256 internal constant UNALLOCATED_ETH = 517;
uint256 internal constant ETH_TRANSFER = 518;
uint256 internal constant CANNOT_USE_ETH_SENTINEL = 519;
uint256 internal constant TOKENS_MISMATCH = 520;
uint256 internal constant TOKEN_NOT_REGISTERED = 521;
uint256 internal constant TOKEN_ALREADY_REGISTERED = 522;
uint256 internal constant TOKENS_ALREADY_SET = 523;
uint256 internal constant TOKENS_LENGTH_MUST_BE_2 = 524;
uint256 internal constant NONZERO_TOKEN_BALANCE = 525;
uint256 internal constant BALANCE_TOTAL_OVERFLOW = 526;
uint256 internal constant POOL_NO_TOKENS = 527;
uint256 internal constant INSUFFICIENT_FLASH_LOAN_BALANCE = 528;
// Fees
uint256 internal constant SWAP_FEE_PERCENTAGE_TOO_HIGH = 600;
uint256 internal constant FLASH_LOAN_FEE_PERCENTAGE_TOO_HIGH = 601;
uint256 internal constant INSUFFICIENT_FLASH_LOAN_FEE_AMOUNT = 602;
}
contracts/vault/contracts/interfaces/IFlashLoanRecipient.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
// Inspired by Aave Protocol's IFlashLoanReceiver.
import "../../../solidity-utils/contracts/openzeppelin/IERC20.sol";
interface IFlashLoanRecipient {
/**
* @dev When `flashLoan` is called on the Vault, it invokes the `receiveFlashLoan` hook on the recipient.
*
* At the time of the call, the Vault will have transferred `amounts` for `tokens` to the recipient. Before this
* call returns, the recipient must have transferred `amounts` plus `feeAmounts` for each token back to the
* Vault, or else the entire flash loan will revert.
*
* `userData` is the same value passed in the `IVault.flashLoan` call.
*/
function receiveFlashLoan(
IERC20[] memory tokens,
uint256[] memory amounts,
uint256[] memory feeAmounts,
bytes memory userData
) external;
}
contracts/solidity-utils/contracts/helpers/Authentication.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./BalancerErrors.sol";
import "./IAuthentication.sol";
/**
* @dev Building block for performing access control on external functions.
*
* This contract is used via the `authenticate` modifier (or the `_authenticateCaller` function), which can be applied
* to external functions to only make them callable by authorized accounts.
*
* Derived contracts must implement the `_canPerform` function, which holds the actual access control logic.
*/
abstract contract Authentication is IAuthentication {
bytes32 private immutable _actionIdDisambiguator;
/**
* @dev The main purpose of the `actionIdDisambiguator` is to prevent accidental function selector collisions in
* multi contract systems.
*
* There are two main uses for it:
* - if the contract is a singleton, any unique identifier can be used to make the associated action identifiers
* unique. The contract's own address is a good option.
* - if the contract belongs to a family that shares action identifiers for the same functions, an identifier
* shared by the entire family (and no other contract) should be used instead.
*/
constructor(bytes32 actionIdDisambiguator) {
_actionIdDisambiguator = actionIdDisambiguator;
}
/**
* @dev Reverts unless the caller is allowed to call this function. Should only be applied to external functions.
*/
modifier authenticate() {
_authenticateCaller();
_;
}
/**
* @dev Reverts unless the caller is allowed to call the entry point function.
*/
function _authenticateCaller() internal view {
bytes32 actionId = getActionId(msg.sig);
_require(_canPerform(actionId, msg.sender), Errors.SENDER_NOT_ALLOWED);
}
function getActionId(bytes4 selector) public view override returns (bytes32) {
// Each external function is dynamically assigned an action identifier as the hash of the disambiguator and the
// function selector. Disambiguation is necessary to avoid potential collisions in the function selectors of
// multiple contracts.
return keccak256(abi.encodePacked(_actionIdDisambiguator, selector));
}
function _canPerform(bytes32 actionId, address user) internal view virtual returns (bool);
}
contracts/vault/contracts/interfaces/IVault.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma experimental ABIEncoderV2;
import "../../../solidity-utils/contracts/openzeppelin/IERC20.sol";
import "../../../solidity-utils/contracts/helpers/ISignaturesValidator.sol";
import "../../../solidity-utils/contracts/helpers/ITemporarilyPausable.sol";
import "../../../solidity-utils/contracts/misc/IWETH.sol";
import "./IAsset.sol";
import "./IAuthorizer.sol";
import "./IFlashLoanRecipient.sol";
import "./IProtocolFeesCollector.sol";
pragma solidity ^0.7.0;
/**
* @dev Full external interface for the Vault core contract - no external or public methods exist in the contract that
* don't override one of these declarations.
*/
interface IVault is ISignaturesValidator, ITemporarilyPausable {
// Generalities about the Vault:
//
// - Whenever documentation refers to 'tokens', it strictly refers to ERC20-compliant token contracts. Tokens are
// transferred out of the Vault by calling the `IERC20.transfer` function, and transferred in by calling
// `IERC20.transferFrom`. In these cases, the sender must have previously allowed the Vault to use their tokens by
// calling `IERC20.approve`. The only deviation from the ERC20 standard that is supported is functions not returning
// a boolean value: in these scenarios, a non-reverting call is assumed to be successful.
//
// - All non-view functions in the Vault are non-reentrant: calling them while another one is mid-execution (e.g.
// while execution control is transferred to a token contract during a swap) will result in a revert. View
// functions can be called in a re-reentrant way, but doing so might cause them to return inconsistent results.
// Contracts calling view functions in the Vault must make sure the Vault has not already been entered.
//
// - View functions revert if referring to either unregistered Pools, or unregistered tokens for registered Pools.
// Authorizer
//
// Some system actions are permissioned, like setting and collecting protocol fees. This permissioning system exists
// outside of the Vault in the Authorizer contract: the Vault simply calls the Authorizer to check if the caller
// can perform a given action.
/**
* @dev Returns the Vault's Authorizer.
*/
function getAuthorizer() external view returns (IAuthorizer);
/**
* @dev Sets a new Authorizer for the Vault. The caller must be allowed by the current Authorizer to do this.
*
* Emits an `AuthorizerChanged` event.
*/
function setAuthorizer(IAuthorizer newAuthorizer) external;
/**
* @dev Emitted when a new authorizer is set by `setAuthorizer`.
*/
event AuthorizerChanged(IAuthorizer indexed newAuthorizer);
// Relayers
//
// Additionally, it is possible for an account to perform certain actions on behalf of another one, using their
// Vault ERC20 allowance and Internal Balance. These accounts are said to be 'relayers' for these Vault functions,
// and are expected to be smart contracts with sound authentication mechanisms. For an account to be able to wield
// this power, two things must occur:
// - The Authorizer must grant the account the permission to be a relayer for the relevant Vault function. This
// means that Balancer governance must approve each individual contract to act as a relayer for the intended
// functions.
// - Each user must approve the relayer to act on their behalf.
// This double protection means users cannot be tricked into approving malicious relayers (because they will not
// have been allowed by the Authorizer via governance), nor can malicious relayers approved by a compromised
// Authorizer or governance drain user funds, since they would also need to be approved by each individual user.
/**
* @dev Returns true if `user` has approved `relayer` to act as a relayer for them.
*/
function hasApprovedRelayer(address user, address relayer) external view returns (bool);
/**
* @dev Allows `relayer` to act as a relayer for `sender` if `approved` is true, and disallows it otherwise.
*
* Emits a `RelayerApprovalChanged` event.
*/
function setRelayerApproval(
address sender,
address relayer,
bool approved
) external;
/**
* @dev Emitted every time a relayer is approved or disapproved by `setRelayerApproval`.
*/
event RelayerApprovalChanged(address indexed relayer, address indexed sender, bool approved);
// Internal Balance
//
// Users can deposit tokens into the Vault, where they are allocated to their Internal Balance, and later
// transferred or withdrawn. It can also be used as a source of tokens when joining Pools, as a destination
// when exiting them, and as either when performing swaps. This usage of Internal Balance results in greatly reduced
// gas costs when compared to relying on plain ERC20 transfers, leading to large savings for frequent users.
//
// Internal Balance management features batching, which means a single contract call can be used to perform multiple
// operations of different kinds, with different senders and recipients, at once.
/**
* @dev Returns `user`'s Internal Balance for a set of tokens.
*/
function getInternalBalance(address user, IERC20[] memory tokens) external view returns (uint256[] memory);
/**
* @dev Performs a set of user balance operations, which involve Internal Balance (deposit, withdraw or transfer)
* and plain ERC20 transfers using the Vault's allowance. This last feature is particularly useful for relayers, as
* it lets integrators reuse a user's Vault allowance.
*
* For each operation, if the caller is not `sender`, it must be an authorized relayer for them.
*/
function manageUserBalance(UserBalanceOp[] memory ops) external payable;
/**
* @dev Data for `manageUserBalance` operations, which include the possibility for ETH to be sent and received
without manual WETH wrapping or unwrapping.
*/
struct UserBalanceOp {
UserBalanceOpKind kind;
IAsset asset;
uint256 amount;
address sender;
address payable recipient;
}
// There are four possible operations in `manageUserBalance`:
//
// - DEPOSIT_INTERNAL
// Increases the Internal Balance of the `recipient` account by transferring tokens from the corresponding
// `sender`. The sender must have allowed the Vault to use their tokens via `IERC20.approve()`.
//
// ETH can be used by passing the ETH sentinel value as the asset and forwarding ETH in the call: it will be wrapped
// and deposited as WETH. Any ETH amount remaining will be sent back to the caller (not the sender, which is
// relevant for relayers).
//
// Emits an `InternalBalanceChanged` event.
//
//
// - WITHDRAW_INTERNAL
// Decreases the Internal Balance of the `sender` account by transferring tokens to the `recipient`.
//
// ETH can be used by passing the ETH sentinel value as the asset. This will deduct WETH instead, unwrap it and send
// it to the recipient as ETH.
//
// Emits an `InternalBalanceChanged` event.
//
//
// - TRANSFER_INTERNAL
// Transfers tokens from the Internal Balance of the `sender` account to the Internal Balance of `recipient`.
//
// Reverts if the ETH sentinel value is passed.
//
// Emits an `InternalBalanceChanged` event.
//
//
// - TRANSFER_EXTERNAL
// Transfers tokens from `sender` to `recipient`, using the Vault's ERC20 allowance. This is typically used by
// relayers, as it lets them reuse a user's Vault allowance.
//
// Reverts if the ETH sentinel value is passed.
//
// Emits an `ExternalBalanceTransfer` event.
enum UserBalanceOpKind { DEPOSIT_INTERNAL, WITHDRAW_INTERNAL, TRANSFER_INTERNAL, TRANSFER_EXTERNAL }
/**
* @dev Emitted when a user's Internal Balance changes, either from calls to `manageUserBalance`, or through
* interacting with Pools using Internal Balance.
*
* Because Internal Balance works exclusively with ERC20 tokens, ETH deposits and withdrawals will use the WETH
* address.
*/
event InternalBalanceChanged(address indexed user, IERC20 indexed token, int256 delta);
/**
* @dev Emitted when a user's Vault ERC20 allowance is used by the Vault to transfer tokens to an external account.
*/
event ExternalBalanceTransfer(IERC20 indexed token, address indexed sender, address recipient, uint256 amount);
// Pools
//
// There are three specialization settings for Pools, which allow for cheaper swaps at the cost of reduced
// functionality:
//
// - General: no specialization, suited for all Pools. IGeneralPool is used for swap request callbacks, passing the
// balance of all tokens in the Pool. These Pools have the largest swap costs (because of the extra storage reads),
// which increase with the number of registered tokens.
//
// - Minimal Swap Info: IMinimalSwapInfoPool is used instead of IGeneralPool, which saves gas by only passing the
// balance of the two tokens involved in the swap. This is suitable for some pricing algorithms, like the weighted
// constant product one popularized by Balancer V1. Swap costs are smaller compared to general Pools, and are
// independent of the number of registered tokens.
//
// - Two Token: only allows two tokens to be registered. This achieves the lowest possible swap gas cost. Like
// minimal swap info Pools, these are called via IMinimalSwapInfoPool.
enum PoolSpecialization { GENERAL, MINIMAL_SWAP_INFO, TWO_TOKEN }
/**
* @dev Registers the caller account as a Pool with a given specialization setting. Returns the Pool's ID, which
* is used in all Pool-related functions. Pools cannot be deregistered, nor can the Pool's specialization be
* changed.
*
* The caller is expected to be a smart contract that implements either `IGeneralPool` or `IMinimalSwapInfoPool`,
* depending on the chosen specialization setting. This contract is known as the Pool's contract.
*
* Note that the same contract may register itself as multiple Pools with unique Pool IDs, or in other words,
* multiple Pools may share the same contract.
*
* Emits a `PoolRegistered` event.
*/
function registerPool(PoolSpecialization specialization) external returns (bytes32);
/**
* @dev Emitted when a Pool is registered by calling `registerPool`.
*/
event PoolRegistered(bytes32 indexed poolId, address indexed poolAddress, PoolSpecialization specialization);
/**
* @dev Returns a Pool's contract address and specialization setting.
*/
function getPool(bytes32 poolId) external view returns (address, PoolSpecialization);
/**
* @dev Registers `tokens` for the `poolId` Pool. Must be called by the Pool's contract.
*
* Pools can only interact with tokens they have registered. Users join a Pool by transferring registered tokens,
* exit by receiving registered tokens, and can only swap registered tokens.
*
* Each token can only be registered once. For Pools with the Two Token specialization, `tokens` must have a length
* of two, that is, both tokens must be registered in the same `registerTokens` call, and they must be sorted in
* ascending order.
*
* The `tokens` and `assetManagers` arrays must have the same length, and each entry in these indicates the Asset
* Manager for the corresponding token. Asset Managers can manage a Pool's tokens via `managePoolBalance`,
* depositing and withdrawing them directly, and can even set their balance to arbitrary amounts. They are therefore
* expected to be highly secured smart contracts with sound design principles, and the decision to register an
* Asset Manager should not be made lightly.
*
* Pools can choose not to assign an Asset Manager to a given token by passing in the zero address. Once an Asset
* Manager is set, it cannot be changed except by deregistering the associated token and registering again with a
* different Asset Manager.
*
* Emits a `TokensRegistered` event.
*/
function registerTokens(
bytes32 poolId,
IERC20[] memory tokens,
address[] memory assetManagers
) external;
/**
* @dev Emitted when a Pool registers tokens by calling `registerTokens`.
*/
event TokensRegistered(bytes32 indexed poolId, IERC20[] tokens, address[] assetManagers);
/**
* @dev Deregisters `tokens` for the `poolId` Pool. Must be called by the Pool's contract.
*
* Only registered tokens (via `registerTokens`) can be deregistered. Additionally, they must have zero total
* balance. For Pools with the Two Token specialization, `tokens` must have a length of two, that is, both tokens
* must be deregistered in the same `deregisterTokens` call.
*
* A deregistered token can be re-registered later on, possibly with a different Asset Manager.
*
* Emits a `TokensDeregistered` event.
*/
function deregisterTokens(bytes32 poolId, IERC20[] memory tokens) external;
/**
* @dev Emitted when a Pool deregisters tokens by calling `deregisterTokens`.
*/
event TokensDeregistered(bytes32 indexed poolId, IERC20[] tokens);
/**
* @dev Returns detailed information for a Pool's registered token.
*
* `cash` is the number of tokens the Vault currently holds for the Pool. `managed` is the number of tokens
* withdrawn and held outside the Vault by the Pool's token Asset Manager. The Pool's total balance for `token`
* equals the sum of `cash` and `managed`.
*
* Internally, `cash` and `managed` are stored using 112 bits. No action can ever cause a Pool's token `cash`,
* `managed` or `total` balance to be greater than 2^112 - 1.
*
* `lastChangeBlock` is the number of the block in which `token`'s total balance was last modified (via either a
* join, exit, swap, or Asset Manager update). This value is useful to avoid so-called 'sandwich attacks', for
* example when developing price oracles. A change of zero (e.g. caused by a swap with amount zero) is considered a
* change for this purpose, and will update `lastChangeBlock`.
*
* `assetManager` is the Pool's token Asset Manager.
*/
function getPoolTokenInfo(bytes32 poolId, IERC20 token)
external
view
returns (
uint256 cash,
uint256 managed,
uint256 lastChangeBlock,
address assetManager
);
/**
* @dev Returns a Pool's registered tokens, the total balance for each, and the latest block when *any* of
* the tokens' `balances` changed.
*
* The order of the `tokens` array is the same order that will be used in `joinPool`, `exitPool`, as well as in all
* Pool hooks (where applicable). Calls to `registerTokens` and `deregisterTokens` may change this order.
*
* If a Pool only registers tokens once, and these are sorted in ascending order, they will be stored in the same
* order as passed to `registerTokens`.
*
* Total balances include both tokens held by the Vault and those withdrawn by the Pool's Asset Managers. These are
* the amounts used by joins, exits and swaps. For a detailed breakdown of token balances, use `getPoolTokenInfo`
* instead.
*/
function getPoolTokens(bytes32 poolId)
external
view
returns (
IERC20[] memory tokens,
uint256[] memory balances,
uint256 lastChangeBlock
);
/**
* @dev Called by users to join a Pool, which transfers tokens from `sender` into the Pool's balance. This will
* trigger custom Pool behavior, which will typically grant something in return to `recipient` - often tokenized
* Pool shares.
*
* If the caller is not `sender`, it must be an authorized relayer for them.
*
* The `assets` and `maxAmountsIn` arrays must have the same length, and each entry indicates the maximum amount
* to send for each asset. The amounts to send are decided by the Pool and not the Vault: it just enforces
* these maximums.
*
* If joining a Pool that holds WETH, it is possible to send ETH directly: the Vault will do the wrapping. To enable
* this mechanism, the IAsset sentinel value (the zero address) must be passed in the `assets` array instead of the
* WETH address. Note that it is not possible to combine ETH and WETH in the same join. Any excess ETH will be sent
* back to the caller (not the sender, which is important for relayers).
*
* `assets` must have the same length and order as the array returned by `getPoolTokens`. This prevents issues when
* interacting with Pools that register and deregister tokens frequently. If sending ETH however, the array must be
* sorted *before* replacing the WETH address with the ETH sentinel value (the zero address), which means the final
* `assets` array might not be sorted. Pools with no registered tokens cannot be joined.
*
* If `fromInternalBalance` is true, the caller's Internal Balance will be preferred: ERC20 transfers will only
* be made for the difference between the requested amount and Internal Balance (if any). Note that ETH cannot be
* withdrawn from Internal Balance: attempting to do so will trigger a revert.
*
* This causes the Vault to call the `IBasePool.onJoinPool` hook on the Pool's contract, where Pools implement
* their own custom logic. This typically requires additional information from the user (such as the expected number
* of Pool shares). This can be encoded in the `userData` argument, which is ignored by the Vault and passed
* directly to the Pool's contract, as is `recipient`.
*
* Emits a `PoolBalanceChanged` event.
*/
function joinPool(
bytes32 poolId,
address sender,
address recipient,
JoinPoolRequest memory request
) external payable;
struct JoinPoolRequest {
IAsset[] assets;
uint256[] maxAmountsIn;
bytes userData;
bool fromInternalBalance;
}
/**
* @dev Called by users to exit a Pool, which transfers tokens from the Pool's balance to `recipient`. This will
* trigger custom Pool behavior, which will typically ask for something in return from `sender` - often tokenized
* Pool shares. The amount of tokens that can be withdrawn is limited by the Pool's `cash` balance (see
* `getPoolTokenInfo`).
*
* If the caller is not `sender`, it must be an authorized relayer for them.
*
* The `tokens` and `minAmountsOut` arrays must have the same length, and each entry in these indicates the minimum
* token amount to receive for each token contract. The amounts to send are decided by the Pool and not the Vault:
* it just enforces these minimums.
*
* If exiting a Pool that holds WETH, it is possible to receive ETH directly: the Vault will do the unwrapping. To
* enable this mechanism, the IAsset sentinel value (the zero address) must be passed in the `assets` array instead
* of the WETH address. Note that it is not possible to combine ETH and WETH in the same exit.
*
* `assets` must have the same length and order as the array returned by `getPoolTokens`. This prevents issues when
* interacting with Pools that register and deregister tokens frequently. If receiving ETH however, the array must
* be sorted *before* replacing the WETH address with the ETH sentinel value (the zero address), which means the
* final `assets` array might not be sorted. Pools with no registered tokens cannot be exited.
*
* If `toInternalBalance` is true, the tokens will be deposited to `recipient`'s Internal Balance. Otherwise,
* an ERC20 transfer will be performed. Note that ETH cannot be deposited to Internal Balance: attempting to
* do so will trigger a revert.
*
* `minAmountsOut` is the minimum amount of tokens the user expects to get out of the Pool, for each token in the
* `tokens` array. This array must match the Pool's registered tokens.
*
* This causes the Vault to call the `IBasePool.onExitPool` hook on the Pool's contract, where Pools implement
* their own custom logic. This typically requires additional information from the user (such as the expected number
* of Pool shares to return). This can be encoded in the `userData` argument, which is ignored by the Vault and
* passed directly to the Pool's contract.
*
* Emits a `PoolBalanceChanged` event.
*/
function exitPool(
bytes32 poolId,
address sender,
address payable recipient,
ExitPoolRequest memory request
) external;
struct ExitPoolRequest {
IAsset[] assets;
uint256[] minAmountsOut;
bytes userData;
bool toInternalBalance;
}
/**
* @dev Emitted when a user joins or exits a Pool by calling `joinPool` or `exitPool`, respectively.
*/
event PoolBalanceChanged(
bytes32 indexed poolId,
address indexed liquidityProvider,
IERC20[] tokens,
int256[] deltas,
uint256[] protocolFeeAmounts
);
enum PoolBalanceChangeKind { JOIN, EXIT }
// Swaps
//
// Users can swap tokens with Pools by calling the `swap` and `batchSwap` functions. To do this,
// they need not trust Pool contracts in any way: all security checks are made by the Vault. They must however be
// aware of the Pools' pricing algorithms in order to estimate the prices Pools will quote.
//
// The `swap` function executes a single swap, while `batchSwap` can perform multiple swaps in sequence.
// In each individual swap, tokens of one kind are sent from the sender to the Pool (this is the 'token in'),
// and tokens of another kind are sent from the Pool to the recipient in exchange (this is the 'token out').
// More complex swaps, such as one token in to multiple tokens out can be achieved by batching together
// individual swaps.
//
// There are two swap kinds:
// - 'given in' swaps, where the amount of tokens in (sent to the Pool) is known, and the Pool determines (via the
// `onSwap` hook) the amount of tokens out (to send to the recipient).
// - 'given out' swaps, where the amount of tokens out (received from the Pool) is known, and the Pool determines
// (via the `onSwap` hook) the amount of tokens in (to receive from the sender).
//
// Additionally, it is possible to chain swaps using a placeholder input amount, which the Vault replaces with
// the calculated output of the previous swap. If the previous swap was 'given in', this will be the calculated
// tokenOut amount. If the previous swap was 'given out', it will use the calculated tokenIn amount. These extended
// swaps are known as 'multihop' swaps, since they 'hop' through a number of intermediate tokens before arriving at
// the final intended token.
//
// In all cases, tokens are only transferred in and out of the Vault (or withdrawn from and deposited into Internal
// Balance) after all individual swaps have been completed, and the net token balance change computed. This makes
// certain swap patterns, such as multihops, or swaps that interact with the same token pair in multiple Pools, cost
// much less gas than they would otherwise.
//
// It also means that under certain conditions it is possible to perform arbitrage by swapping with multiple
// Pools in a way that results in net token movement out of the Vault (profit), with no tokens being sent in (only
// updating the Pool's internal accounting).
//
// To protect users from front-running or the market changing rapidly, they supply a list of 'limits' for each token
// involved in the swap, where either the maximum number of tokens to send (by passing a positive value) or the
// minimum amount of tokens to receive (by passing a negative value) is specified.
//
// Additionally, a 'deadline' timestamp can also be provided, forcing the swap to fail if it occurs after
// this point in time (e.g. if the transaction failed to be included in a block promptly).
//
// If interacting with Pools that hold WETH, it is possible to both send and receive ETH directly: the Vault will do
// the wrapping and unwrapping. To enable this mechanism, the IAsset sentinel value (the zero address) must be
// passed in the `assets` array instead of the WETH address. Note that it is possible to combine ETH and WETH in the
// same swap. Any excess ETH will be sent back to the caller (not the sender, which is relevant for relayers).
//
// Finally, Internal Balance can be used when either sending or receiving tokens.
enum SwapKind { GIVEN_IN, GIVEN_OUT }
/**
* @dev Performs a swap with a single Pool.
*
* If the swap is 'given in' (the number of tokens to send to the Pool is known), it returns the amount of tokens
* taken from the Pool, which must be greater than or equal to `limit`.
*
* If the swap is 'given out' (the number of tokens to take from the Pool is known), it returns the amount of tokens
* sent to the Pool, which must be less than or equal to `limit`.
*
* Internal Balance usage and the recipient are determined by the `funds` struct.
*
* Emits a `Swap` event.
*/
function swap(
SingleSwap memory singleSwap,
FundManagement memory funds,
uint256 limit,
uint256 deadline
) external payable returns (uint256);
/**
* @dev Data for a single swap executed by `swap`. `amount` is either `amountIn` or `amountOut` depending on
* the `kind` value.
*
* `assetIn` and `assetOut` are either token addresses, or the IAsset sentinel value for ETH (the zero address).
* Note that Pools never interact with ETH directly: it will be wrapped to or unwrapped from WETH by the Vault.
*
* The `userData` field is ignored by the Vault, but forwarded to the Pool in the `onSwap` hook, and may be
* used to extend swap behavior.
*/
struct SingleSwap {
bytes32 poolId;
SwapKind kind;
IAsset assetIn;
IAsset assetOut;
uint256 amount;
bytes userData;
}
/**
* @dev Performs a series of swaps with one or multiple Pools. In each individual swap, the caller determines either
* the amount of tokens sent to or received from the Pool, depending on the `kind` value.
*
* Returns an array with the net Vault asset balance deltas. Positive amounts represent tokens (or ETH) sent to the
* Vault, and negative amounts represent tokens (or ETH) sent by the Vault. Each delta corresponds to the asset at
* the same index in the `assets` array.
*
* Swaps are executed sequentially, in the order specified by the `swaps` array. Each array element describes a
* Pool, the token to be sent to this Pool, the token to receive from it, and an amount that is either `amountIn` or
* `amountOut` depending on the swap kind.
*
* Multihop swaps can be executed by passing an `amount` value of zero for a swap. This will cause the amount in/out
* of the previous swap to be used as the amount in for the current one. In a 'given in' swap, 'tokenIn' must equal
* the previous swap's `tokenOut`. For a 'given out' swap, `tokenOut` must equal the previous swap's `tokenIn`.
*
* The `assets` array contains the addresses of all assets involved in the swaps. These are either token addresses,
* or the IAsset sentinel value for ETH (the zero address). Each entry in the `swaps` array specifies tokens in and
* out by referencing an index in `assets`. Note that Pools never interact with ETH directly: it will be wrapped to
* or unwrapped from WETH by the Vault.
*
* Internal Balance usage, sender, and recipient are determined by the `funds` struct. The `limits` array specifies
* the minimum or maximum amount of each token the vault is allowed to transfer.
*
* `batchSwap` can be used to make a single swap, like `swap` does, but doing so requires more gas than the
* equivalent `swap` call.
*
* Emits `Swap` events.
*/
function batchSwap(
SwapKind kind,
BatchSwapStep[] memory swaps,
IAsset[] memory assets,
FundManagement memory funds,
int256[] memory limits,
uint256 deadline
) external payable returns (int256[] memory);
/**
* @dev Data for each individual swap executed by `batchSwap`. The asset in and out fields are indexes into the
* `assets` array passed to that function, and ETH assets are converted to WETH.
*
* If `amount` is zero, the multihop mechanism is used to determine the actual amount based on the amount in/out
* from the previous swap, depending on the swap kind.
*
* The `userData` field is ignored by the Vault, but forwarded to the Pool in the `onSwap` hook, and may be
* used to extend swap behavior.
*/
struct BatchSwapStep {
bytes32 poolId;
uint256 assetInIndex;
uint256 assetOutIndex;
uint256 amount;
bytes userData;
}
/**
* @dev Emitted for each individual swap performed by `swap` or `batchSwap`.
*/
event Swap(
bytes32 indexed poolId,
IERC20 indexed tokenIn,
IERC20 indexed tokenOut,
uint256 amountIn,
uint256 amountOut
);
/**
* @dev All tokens in a swap are either sent from the `sender` account to the Vault, or from the Vault to the
* `recipient` account.
*
* If the caller is not `sender`, it must be an authorized relayer for them.
*
* If `fromInternalBalance` is true, the `sender`'s Internal Balance will be preferred, performing an ERC20
* transfer for the difference between the requested amount and the User's Internal Balance (if any). The `sender`
* must have allowed the Vault to use their tokens via `IERC20.approve()`. This matches the behavior of
* `joinPool`.
*
* If `toInternalBalance` is true, tokens will be deposited to `recipient`'s internal balance instead of
* transferred. This matches the behavior of `exitPool`.
*
* Note that ETH cannot be deposited to or withdrawn from Internal Balance: attempting to do so will trigger a
* revert.
*/
struct FundManagement {
address sender;
bool fromInternalBalance;
address payable recipient;
bool toInternalBalance;
}
/**
* @dev Simulates a call to `batchSwap`, returning an array of Vault asset deltas. Calls to `swap` cannot be
* simulated directly, but an equivalent `batchSwap` call can and will yield the exact same result.
*
* Each element in the array corresponds to the asset at the same index, and indicates the number of tokens (or ETH)
* the Vault would take from the sender (if positive) or send to the recipient (if negative). The arguments it
* receives are the same that an equivalent `batchSwap` call would receive.
*
* Unlike `batchSwap`, this function performs no checks on the sender or recipient field in the `funds` struct.
* This makes it suitable to be called by off-chain applications via eth_call without needing to hold tokens,
* approve them for the Vault, or even know a user's address.
*
* Note that this function is not 'view' (due to implementation details): the client code must explicitly execute
* eth_call instead of eth_sendTransaction.
*/
function queryBatchSwap(
SwapKind kind,
BatchSwapStep[] memory swaps,
IAsset[] memory assets,
FundManagement memory funds
) external returns (int256[] memory assetDeltas);
// Flash Loans
/**
* @dev Performs a 'flash loan', sending tokens to `recipient`, executing the `receiveFlashLoan` hook on it,
* and then reverting unless the tokens plus a proportional protocol fee have been returned.
*
* The `tokens` and `amounts` arrays must have the same length, and each entry in these indicates the loan amount
* for each token contract. `tokens` must be sorted in ascending order.
*
* The 'userData' field is ignored by the Vault, and forwarded as-is to `recipient` as part of the
* `receiveFlashLoan` call.
*
* Emits `FlashLoan` events.
*/
function flashLoan(
IFlashLoanRecipient recipient,
IERC20[] memory tokens,
uint256[] memory amounts,
bytes memory userData
) external;
/**
* @dev Emitted for each individual flash loan performed by `flashLoan`.
*/
event FlashLoan(IFlashLoanRecipient indexed recipient, IERC20 indexed token, uint256 amount, uint256 feeAmount);
// Asset Management
//
// Each token registered for a Pool can be assigned an Asset Manager, which is able to freely withdraw the Pool's
// tokens from the Vault, deposit them, or assign arbitrary values to its `managed` balance (see
// `getPoolTokenInfo`). This makes them extremely powerful and dangerous. Even if an Asset Manager only directly
// controls one of the tokens in a Pool, a malicious manager could set that token's balance to manipulate the
// prices of the other tokens, and then drain the Pool with swaps. The risk of using Asset Managers is therefore
// not constrained to the tokens they are managing, but extends to the entire Pool's holdings.
//
// However, a properly designed Asset Manager smart contract can be safely used for the Pool's benefit,
// for example by lending unused tokens out for interest, or using them to participate in voting protocols.
//
// This concept is unrelated to the IAsset interface.
/**
* @dev Performs a set of Pool balance operations, which may be either withdrawals, deposits or updates.
*
* Pool Balance management features batching, which means a single contract call can be used to perform multiple
* operations of different kinds, with different Pools and tokens, at once.
*
* For each operation, the caller must be registered as the Asset Manager for `token` in `poolId`.
*/
function managePoolBalance(PoolBalanceOp[] memory ops) external;
struct PoolBalanceOp {
PoolBalanceOpKind kind;
bytes32 poolId;
IERC20 token;
uint256 amount;
}
/**
* Withdrawals decrease the Pool's cash, but increase its managed balance, leaving the total balance unchanged.
*
* Deposits increase the Pool's cash, but decrease its managed balance, leaving the total balance unchanged.
*
* Updates don't affect the Pool's cash balance, but because the managed balance changes, it does alter the total.
* The external amount can be either increased or decreased by this call (i.e., reporting a gain or a loss).
*/
enum PoolBalanceOpKind { WITHDRAW, DEPOSIT, UPDATE }
/**
* @dev Emitted when a Pool's token Asset Manager alters its balance via `managePoolBalance`.
*/
event PoolBalanceManaged(
bytes32 indexed poolId,
address indexed assetManager,
IERC20 indexed token,
int256 cashDelta,
int256 managedDelta
);
// Protocol Fees
//
// Some operations cause the Vault to collect tokens in the form of protocol fees, which can then be withdrawn by
// permissioned accounts.
//
// There are two kinds of protocol fees:
//
// - flash loan fees: charged on all flash loans, as a percentage of the amounts lent.
//
// - swap fees: a percentage of the fees charged by Pools when performing swaps. For a number of reasons, including
// swap gas costs and interface simplicity, protocol swap fees are not charged on each individual swap. Rather,
// Pools are expected to keep track of how much they have charged in swap fees, and pay any outstanding debts to the
// Vault when they are joined or exited. This prevents users from joining a Pool with unpaid debt, as well as
// exiting a Pool in debt without first paying their share.
/**
* @dev Returns the current protocol fee module.
*/
function getProtocolFeesCollector() external view returns (IProtocolFeesCollector);
/**
* @dev Safety mechanism to pause most Vault operations in the event of an emergency - typically detection of an
* error in some part of the system.
*
* The Vault can only be paused during an initial time period, after which pausing is forever disabled.
*
* While the contract is paused, the following features are disabled:
* - depositing and transferring internal balance
* - transferring external balance (using the Vault's allowance)
* - swaps
* - joining Pools
* - Asset Manager interactions
*
* Internal Balance can still be withdrawn, and Pools exited.
*/
function setPaused(bool paused) external;
/**
* @dev Returns the Vault's WETH instance.
*/
function WETH() external view returns (IWETH);
// solhint-disable-previous-line func-name-mixedcase
}
contracts/solidity-utils/contracts/openzeppelin/IERC20.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.7.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(
address sender,
address recipient,
uint256 amount
) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}
contracts/BALTokenHolderFactory.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./solidity-utils/contracts/helpers/Authentication.sol";
import "./vault/contracts/interfaces/IVault.sol";
import "./interfaces/contracts/IBalancerToken.sol";
import "./BALTokenHolder.sol";
import "./interfaces/contracts/IBALTokenHolderFactory.sol";
contract BALTokenHolderFactory is IBALTokenHolderFactory {
IBalancerToken private immutable _balancerToken;
IVault private immutable _vault;
mapping(address => bool) private _factoryCreatedHolders;
event BALTokenHolderCreated(BALTokenHolder balTokenHolder, string name);
constructor(IBalancerToken balancerToken, IVault vault) {
_balancerToken = balancerToken;
_vault = vault;
}
function getBalancerToken() public view override returns (IBalancerToken) {
return _balancerToken;
}
function getVault() public view override returns (IVault) {
return _vault;
}
function isHolderFromFactory(address holder) external view override returns (bool) {
return _factoryCreatedHolders[holder];
}
function create(string memory name) external override returns (IBALTokenHolder) {
BALTokenHolder holder = new BALTokenHolder(getBalancerToken(), getVault(), name);
_factoryCreatedHolders[address(holder)] = true;
emit BALTokenHolderCreated(holder, name);
return holder;
}
}
contracts/solidity-utils/contracts/openzeppelin/SafeERC20.sol
// SPDX-License-Identifier: MIT
// Based on the ReentrancyGuard library from OpenZeppelin Contracts, altered to reduce gas costs.
// The `safeTransfer` and `safeTransferFrom` functions assume that `token` is a contract (an account with code), and
// work differently from the OpenZeppelin version if it is not.
pragma solidity ^0.7.0;
import "../helpers/BalancerErrors.sol";
import "./IERC20.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
function safeTransfer(
IERC20 token,
address to,
uint256 value
) internal {
_callOptionalReturn(address(token), abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(
IERC20 token,
address from,
address to,
uint256 value
) internal {
_callOptionalReturn(address(token), abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
*
* WARNING: `token` is assumed to be a contract: calls to EOAs will *not* revert.
*/
function _callOptionalReturn(address token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves.
(bool success, bytes memory returndata) = token.call(data);
// If the low-level call didn't succeed we return whatever was returned from it.
assembly {
if eq(success, 0) {
returndatacopy(0, 0, returndatasize())
revert(0, returndatasize())
}
}
// Finally we check the returndata size is either zero or true - note that this check will always pass for EOAs
_require(returndata.length == 0 || abi.decode(returndata, (bool)), Errors.SAFE_ERC20_CALL_FAILED);
}
}
contracts/interfaces/contracts/liquidity-mining/IStakingLiquidityGauge.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "../../../solidity-utils/contracts/openzeppelin/IERC20.sol";
import "./ILiquidityGauge.sol";
import "../IRewardTokenDistributor.sol";
// For compatibility, we're keeping the same function names as in the original Curve code, including the mixed-case
// naming convention.
// solhint-disable func-name-mixedcase, var-name-mixedcase
interface IStakingLiquidityGauge is IRewardTokenDistributor, ILiquidityGauge, IERC20 {
function initialize(address lpToken, uint256 relativeWeightCap) external;
function lp_token() external view returns (IERC20);
function deposit(uint256 value, address recipient) external;
function withdraw(uint256 value) external;
}
contracts/interfaces/contracts/ILiquidityGaugeFactory.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "./liquidity-mining/ILiquidityGauge.sol";
interface ILiquidityGaugeFactory {
/**
* @notice Returns true if `gauge` was created by this factory.
*/
function isGaugeFromFactory(address gauge) external view returns (bool);
}
contracts/solidity-utils/contracts/helpers/ITemporarilyPausable.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
/**
* @dev Interface for the TemporarilyPausable helper.
*/
interface ITemporarilyPausable {
/**
* @dev Emitted every time the pause state changes by `_setPaused`.
*/
event PausedStateChanged(bool paused);
/**
* @dev Returns the current paused state.
*/
function getPausedState()
external
view
returns (
bool paused,
uint256 pauseWindowEndTime,
uint256 bufferPeriodEndTime
);
}
contracts/SmartWalletChecker.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./solidity-utils/contracts/helpers/Authentication.sol";
import "./solidity-utils/contracts/openzeppelin/EnumerableSet.sol";
import "./vault/contracts/interfaces/IVault.sol";
import "./interfaces/contracts/ISmartWalletChecker.sol";
contract SmartWalletChecker is ISmartWalletChecker, Authentication {
using EnumerableSet for EnumerableSet.AddressSet;
IVault private immutable _vault;
event ContractAddressAdded(address contractAddress);
event ContractAddressRemoved(address contractAddress);
EnumerableSet.AddressSet private _allowlistedAddresses;
constructor(IVault vault, address[] memory initialAllowedAddresses)
Authentication(bytes32(uint256(address(this))))
{
// SmartWalletChecker is a singleton, so it simply uses its own address to disambiguate action identifiers
_vault = vault;
uint256 addressesLength = initialAllowedAddresses.length;
for (uint256 i = 0; i < addressesLength; ++i) {
_allowlistAddress(initialAllowedAddresses[i]);
}
}
function getVault() public view returns (IVault) {
return _vault;
}
function getAuthorizer() public view returns (IAuthorizer) {
return getVault().getAuthorizer();
}
function check(address contractAddress) external view override returns (bool) {
return _allowlistedAddresses.contains(contractAddress);
}
function getAllowlistedAddress(uint256 index) external view returns (address) {
return _allowlistedAddresses.at(index);
}
function getAllowlistedAddressesLength() external view returns (uint256) {
return _allowlistedAddresses.length();
}
function allowlistAddress(address contractAddress) external authenticate {
_allowlistAddress(contractAddress);
}
function denylistAddress(address contractAddress) external authenticate {
require(_allowlistedAddresses.remove(contractAddress), "Address is not allowlisted");
emit ContractAddressRemoved(contractAddress);
}
// Internal functions
function _allowlistAddress(address contractAddress) internal {
require(_allowlistedAddresses.add(contractAddress), "Address already allowlisted");
emit ContractAddressAdded(contractAddress);
}
function _canPerform(bytes32 actionId, address account) internal view override returns (bool) {
return getAuthorizer().canPerform(actionId, account, address(this));
}
}
contracts/interfaces/contracts/IBalancerToken.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "../../solidity-utils/contracts/openzeppelin/IERC20.sol";
interface IBalancerToken is IERC20 {
function mint(address to, uint256 amount) external;
function getRoleMemberCount(bytes32 role) external view returns (uint256);
function getRoleMember(bytes32 role, uint256 index) external view returns (address);
function hasRole(bytes32 role, address account) external view returns (bool);
function getRoleAdmin(bytes32 role) external view returns (bytes32);
function grantRole(bytes32 role, address account) external;
function revokeRole(bytes32 role, address account) external;
// solhint-disable-next-line func-name-mixedcase
function DEFAULT_ADMIN_ROLE() external view returns (bytes32);
// solhint-disable-next-line func-name-mixedcase
function MINTER_ROLE() external view returns (bytes32);
// solhint-disable-next-line func-name-mixedcase
function SNAPSHOT_ROLE() external view returns (bytes32);
function snapshot() external;
}
contracts/solidity-utils/contracts/math/Math.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.7.0;
import "../helpers/BalancerErrors.sol";
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow checks.
* Adapted from OpenZeppelin's SafeMath library.
*/
library Math {
/**
* @dev Returns the absolute value of a signed integer.
*/
function abs(int256 a) internal pure returns (uint256) {
return a > 0 ? uint256(a) : uint256(-a);
}
/**
* @dev Returns the addition of two unsigned integers of 256 bits, reverting on overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
_require(c >= a, Errors.ADD_OVERFLOW);
return c;
}
/**
* @dev Returns the addition of two signed integers, reverting on overflow.
*/
function add(int256 a, int256 b) internal pure returns (int256) {
int256 c = a + b;
_require((b >= 0 && c >= a) || (b < 0 && c < a), Errors.ADD_OVERFLOW);
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers of 256 bits, reverting on overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
_require(b <= a, Errors.SUB_OVERFLOW);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the subtraction of two signed integers, reverting on overflow.
*/
function sub(int256 a, int256 b) internal pure returns (int256) {
int256 c = a - b;
_require((b >= 0 && c <= a) || (b < 0 && c > a), Errors.SUB_OVERFLOW);
return c;
}
/**
* @dev Returns the largest of two numbers of 256 bits.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a >= b ? a : b;
}
/**
* @dev Returns the smallest of two numbers of 256 bits.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a * b;
_require(a == 0 || c / a == b, Errors.MUL_OVERFLOW);
return c;
}
function div(
uint256 a,
uint256 b,
bool roundUp
) internal pure returns (uint256) {
return roundUp ? divUp(a, b) : divDown(a, b);
}
function divDown(uint256 a, uint256 b) internal pure returns (uint256) {
_require(b != 0, Errors.ZERO_DIVISION);
return a / b;
}
function divUp(uint256 a, uint256 b) internal pure returns (uint256) {
_require(b != 0, Errors.ZERO_DIVISION);
if (a == 0) {
return 0;
} else {
return 1 + (a - 1) / b;
}
}
}
contracts/solidity-utils/contracts/misc/IWETH.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "../openzeppelin/IERC20.sol";
/**
* @dev Interface for WETH9.
* See https://github.com/gnosis/canonical-weth/blob/0dd1ea3e295eef916d0c6223ec63141137d22d67/contracts/WETH9.sol
*/
interface IWETH is IERC20 {
function deposit() external payable;
function withdraw(uint256 amount) external;
}
contracts/solidity-utils/contracts/openzeppelin/Clones.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/Clones.sol)
pragma solidity ^0.7.0;
/**
* @dev https://eips.ethereum.org/EIPS/eip-1167[EIP 1167] is a standard for
* deploying minimal proxy contracts, also known as "clones".
*
* > To simply and cheaply clone contract functionality in an immutable way, this standard specifies
* > a minimal bytecode implementation that delegates all calls to a known, fixed address.
*
* The library includes functions to deploy a proxy using either `create` (traditional deployment) or `create2`
* (salted deterministic deployment). It also includes functions to predict the addresses of clones deployed using the
* deterministic method.
*
* _Available since v3.4._
*/
library Clones {
/**
* @dev Deploys and returns the address of a clone that mimics the behaviour of `implementation`.
*
* This function uses the create opcode, which should never revert.
*/
function clone(address implementation) internal returns (address instance) {
assembly {
let ptr := mload(0x40)
mstore(ptr, 0x3d602d80600a3d3981f3363d3d373d3d3d363d73000000000000000000000000)
mstore(add(ptr, 0x14), shl(0x60, implementation))
mstore(add(ptr, 0x28), 0x5af43d82803e903d91602b57fd5bf30000000000000000000000000000000000)
instance := create(0, ptr, 0x37)
}
require(instance != address(0), "ERC1167: create failed");
}
/**
* @dev Deploys and returns the address of a clone that mimics the behaviour of `implementation`.
*
* This function uses the create2 opcode and a `salt` to deterministically deploy
* the clone. Using the same `implementation` and `salt` multiple time will revert, since
* the clones cannot be deployed twice at the same address.
*/
function cloneDeterministic(address implementation, bytes32 salt) internal returns (address instance) {
assembly {
let ptr := mload(0x40)
mstore(ptr, 0x3d602d80600a3d3981f3363d3d373d3d3d363d73000000000000000000000000)
mstore(add(ptr, 0x14), shl(0x60, implementation))
mstore(add(ptr, 0x28), 0x5af43d82803e903d91602b57fd5bf30000000000000000000000000000000000)
instance := create2(0, ptr, 0x37, salt)
}
require(instance != address(0), "ERC1167: create2 failed");
}
/**
* @dev Computes the address of a clone deployed using {Clones-cloneDeterministic}.
*/
function predictDeterministicAddress(
address implementation,
bytes32 salt,
address deployer
) internal pure returns (address predicted) {
assembly {
let ptr := mload(0x40)
mstore(ptr, 0x3d602d80600a3d3981f3363d3d373d3d3d363d73000000000000000000000000)
mstore(add(ptr, 0x14), shl(0x60, implementation))
mstore(add(ptr, 0x28), 0x5af43d82803e903d91602b57fd5bf3ff00000000000000000000000000000000)
mstore(add(ptr, 0x38), shl(0x60, deployer))
mstore(add(ptr, 0x4c), salt)
mstore(add(ptr, 0x6c), keccak256(ptr, 0x37))
predicted := keccak256(add(ptr, 0x37), 0x55)
}
}
/**
* @dev Computes the address of a clone deployed using {Clones-cloneDeterministic}.
*/
function predictDeterministicAddress(address implementation, bytes32 salt)
internal
view
returns (address predicted)
{
return predictDeterministicAddress(implementation, salt, address(this));
}
}
contracts/interfaces/contracts/liquidity-mining/ILiquidityGauge.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
// For compatibility, we're keeping the same function names as in the original Curve code, including the mixed-case
// naming convention.
// solhint-disable func-name-mixedcase
// solhint-disable func-param-name-mixedcase
interface ILiquidityGauge {
// solhint-disable-next-line var-name-mixedcase
event RelativeWeightCapChanged(uint256 new_relative_weight_cap);
/**
* @notice Returns BAL liquidity emissions calculated during checkpoints for the given user.
* @param user User address.
* @return uint256 BAL amount to issue for the address.
*/
function integrate_fraction(address user) external view returns (uint256);
/**
* @notice Record a checkpoint for a given user.
* @param user User address.
* @return bool Always true.
*/
function user_checkpoint(address user) external returns (bool);
/**
* @notice Returns true if gauge is killed; false otherwise.
*/
function is_killed() external view returns (bool);
/**
* @notice Kills the gauge so it cannot mint BAL.
*/
function killGauge() external;
/**
* @notice Unkills the gauge so it can mint BAL again.
*/
function unkillGauge() external;
/**
* @notice Sets a new relative weight cap for the gauge.
* The value shall be normalized to 1e18, and not greater than MAX_RELATIVE_WEIGHT_CAP.
* @param relativeWeightCap New relative weight cap.
*/
function setRelativeWeightCap(uint256 relativeWeightCap) external;
/**
* @notice Gets the relative weight cap for the gauge.
*/
function getRelativeWeightCap() external view returns (uint256);
/**
* @notice Returns the gauge's relative weight for a given time, capped to its relative weight cap attribute.
* @param time Timestamp in the past or present.
*/
function getCappedRelativeWeight(uint256 time) external view returns (uint256);
}
contracts/interfaces/contracts/IVotingEscrow.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./liquidity-mining/IAuthorizerAdaptor.sol";
// For compatibility, we're keeping the same function names as in the original Curve code, including the mixed-case
// naming convention.
// solhint-disable func-name-mixedcase
interface IVotingEscrow {
function admin() external view returns (IAuthorizerAdaptor);
}
contracts/BaseGaugeFactory.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./interfaces/contracts/liquidity-mining/IBaseGaugeFactory.sol";
import "./interfaces/contracts/liquidity-mining/ILiquidityGauge.sol";
import "./solidity-utils/contracts/openzeppelin/Clones.sol";
abstract contract BaseGaugeFactory is IBaseGaugeFactory {
ILiquidityGauge private _gaugeImplementation;
mapping(address => bool) private _isGaugeFromFactory;
event GaugeCreated(address indexed gauge);
constructor(ILiquidityGauge gaugeImplementation) {
_gaugeImplementation = gaugeImplementation;
}
/**
* @notice Returns the address of the implementation used for gauge deployments.
*/
function getGaugeImplementation() public view returns (ILiquidityGauge) {
return _gaugeImplementation;
}
/**
* @notice Returns true if `gauge` was created by this factory.
*/
function isGaugeFromFactory(address gauge) external view override returns (bool) {
return _isGaugeFromFactory[gauge];
}
/**
* @dev Deploys a new gauge as a proxy of the implementation in storage.
* The deployed gauge must be initialized by the caller method.
* @return The address of the deployed gauge
*/
function _create() internal returns (address) {
address gauge = Clones.clone(address(_gaugeImplementation));
_isGaugeFromFactory[gauge] = true;
emit GaugeCreated(gauge);
return gauge;
}
}
contracts/interfaces/contracts/liquidity-mining/IBaseGaugeFactory.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./ILiquidityGaugeFactory.sol";
interface IBaseGaugeFactory is ILiquidityGaugeFactory {
/**
* @notice Deploys a new gauge for the given recipient, with an initial maximum relative weight cap.
* The recipient can either be a pool in mainnet, or a recipient in a child chain.
* @param recipient The address to receive BAL minted from the gauge
* @param relativeWeightCap The relative weight cap for the created gauge
* @return The address of the deployed gauge
*/
function create(address recipient, uint256 relativeWeightCap) external returns (address);
}
contracts/BalancerTokenAdmin.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./solidity-utils/contracts/helpers/Authentication.sol";
import "./solidity-utils/contracts/openzeppelin/ReentrancyGuard.sol";
import "./solidity-utils/contracts/math/Math.sol";
import "./interfaces/contracts/IBalancerTokenAdmin.sol";
// solhint-disable not-rely-on-time
/**
* @title Balancer Token Admin
* @notice This contract holds all admin powers over the BAL token passing through calls
* while delegating access control to the Balancer Authorizer
*
* In addition, calls to the mint function must respect the inflation schedule as defined in this contract.
* As this contract is the only way to mint BAL tokens this ensures that the maximum allowed supply is enforced
* @dev This contract exists as a consequence of the gauge systems needing to know a fixed inflation schedule
* in order to know how much BAL a gauge is allowed to mint. As this does not exist within the BAL token itself
* it is defined here, we must then wrap the token's minting functionality in order for this to be meaningful.
*/
contract BalancerTokenAdmin is IBalancerTokenAdmin, Authentication, ReentrancyGuard {
using Math for uint256;
// Initial inflation rate of 145k TIDE per week.
uint256 public constant override INITIAL_RATE = (2880000 * 1e18) / uint256(1 weeks); // TIDE has 18 decimals
uint256 public constant override RATE_REDUCTION_TIME = 365 days;
uint256 public constant override RATE_REDUCTION_COEFFICIENT = 1414213562373095049; // 2 ** (1/4) * 1e18
uint256 public constant override RATE_DENOMINATOR = 1e18;
IVault private immutable _vault;
IBalancerToken private immutable _balancerToken;
event MiningParametersUpdated(uint256 rate, uint256 supply);
// Supply Variables
uint256 private _miningEpoch;
uint256 private _startEpochTime = type(uint256).max; // Sentinel value for contract not being activated
uint256 private _startEpochSupply;
uint256 private _rate;
constructor(IVault vault, IBalancerToken balancerToken) Authentication(bytes32(uint256(address(this)))) {
// BalancerTokenAdmin is a singleton, so it simply uses its own address to disambiguate action identifiers
_balancerToken = balancerToken;
_vault = vault;
}
/**
* @dev Returns the Balancer token.
*/
function getBalancerToken() external view override returns (IBalancerToken) {
return _balancerToken;
}
/**
* @notice Returns the Balancer Vault.
*/
function getVault() public view override returns (IVault) {
return _vault;
}
/**
* @notice Returns the Balancer Vault's current authorizer.
*/
function getAuthorizer() public view returns (IAuthorizer) {
return getVault().getAuthorizer();
}
/**
* @notice Initiate BAL token inflation schedule
* @dev Reverts if contract does not have sole minting powers over BAL (and no other minters can be added).
*/
function activate() external override nonReentrant authenticate {
require(_startEpochTime == type(uint256).max, "Already activated");
// We need to check that this contract can't be bypassed to mint more BAL in the future.
// If other addresses had minting rights over the BAL token then this inflation schedule
// could be bypassed by minting new tokens directly on the BalancerGovernanceToken contract.
// On the BalancerGovernanceToken contract the minter role's admin is the DEFAULT_ADMIN_ROLE.
// No external function exists to change the minter role's admin so we cannot make the list of
// minters immutable without revoking all access to DEFAULT_ADMIN_ROLE.
bytes32 minterRole = _balancerToken.MINTER_ROLE();
bytes32 snapshotRole = _balancerToken.SNAPSHOT_ROLE();
bytes32 adminRole = _balancerToken.DEFAULT_ADMIN_ROLE();
require(_balancerToken.hasRole(adminRole, address(this)), "BalancerTokenAdmin is not an admin");
// All other minters must be removed to avoid inflation schedule enforcement being bypassed.
uint256 numberOfMinters = _balancerToken.getRoleMemberCount(minterRole);
for (uint256 i = 0; i < numberOfMinters; ++i) {
address minter = _balancerToken.getRoleMember(minterRole, 0);
_balancerToken.revokeRole(minterRole, minter);
}
// Give this contract minting rights over the BAL token
_balancerToken.grantRole(minterRole, address(this));
// BalancerGovernanceToken exposes a role-restricted `snapshot` function for performing onchain voting.
// We delegate control over this to the Balancer Authorizer by removing this role from all current addresses
// and exposing a function which defers to the Authorizer for access control.
uint256 numberOfSnapshotters = _balancerToken.getRoleMemberCount(snapshotRole);
for (uint256 i = 0; i < numberOfSnapshotters; ++i) {
address snapshotter = _balancerToken.getRoleMember(snapshotRole, 0);
_balancerToken.revokeRole(snapshotRole, snapshotter);
}
// Give this contract snapshotting rights over the BAL token
_balancerToken.grantRole(snapshotRole, address(this));
// BalancerTokenAdmin now is the only holder of MINTER_ROLE and SNAPSHOT_ROLE for BalancerGovernanceToken.
// We can't prevent any other admins from granting other addresses these roles however.
// This undermines the ability for BalancerTokenAdmin to enforce the correct inflation schedule.
// The only way to prevent this is for BalancerTokenAdmin to be the only admin. We then remove all other admins.
uint256 numberOfAdmins = _balancerToken.getRoleMemberCount(adminRole);
uint256 skipSelf = 0;
for (uint256 i = 0; i < numberOfAdmins; ++i) {
address admin = _balancerToken.getRoleMember(adminRole, skipSelf);
if (admin != address(this)) {
_balancerToken.revokeRole(adminRole, admin);
} else {
// This contract is now the admin with index 0, we now delete the address with index 1 instead
skipSelf = 1;
}
}
// BalancerTokenAdmin doesn't actually need admin rights any more and won't grant rights to any more addresses
// We then renounce our admin role to ensure that another address won't gain absolute minting powers.
_balancerToken.revokeRole(adminRole, address(this));
// Perform sanity checks to make sure we're not leaving the roles in a broken state
require(_balancerToken.getRoleMemberCount(adminRole) == 0, "Address exists with admin rights");
require(_balancerToken.hasRole(minterRole, address(this)), "BalancerTokenAdmin is not a minter");
require(_balancerToken.hasRole(snapshotRole, address(this)), "BalancerTokenAdmin is not a snapshotter");
require(_balancerToken.getRoleMemberCount(minterRole) == 1, "Multiple minters exist");
require(_balancerToken.getRoleMemberCount(snapshotRole) == 1, "Multiple snapshotters exist");
// As BAL inflation is now enforced by this contract we can initialise the relevant variables.
_startEpochSupply = _balancerToken.totalSupply();
_startEpochTime = block.timestamp;
_rate = INITIAL_RATE;
emit MiningParametersUpdated(INITIAL_RATE, _startEpochSupply);
}
/**
* @notice Mint BAL tokens subject to the defined inflation schedule
* @dev Callable only by addresses defined in the Balancer Authorizer contract
*/
function mint(address to, uint256 amount) external override authenticate {
// Check if we've passed into a new epoch such that we should calculate available supply with a smaller rate.
if (block.timestamp >= _startEpochTime.add(RATE_REDUCTION_TIME)) {
_updateMiningParameters();
}
require(
_balancerToken.totalSupply().add(amount) <= _availableSupply(),
"Mint amount exceeds remaining available supply"
);
_balancerToken.mint(to, amount);
}
/**
* @notice Perform a snapshot of BAL token balances
* @dev Callable only by addresses defined in the Balancer Authorizer contract
*/
function snapshot() external authenticate {
_balancerToken.snapshot();
}
/**
* @notice Returns the current epoch number.
*/
function getMiningEpoch() external view returns (uint256) {
return _miningEpoch;
}
/**
* @notice Returns the start timestamp of the current epoch.
*/
function getStartEpochTime() external view returns (uint256) {
return _startEpochTime;
}
/**
* @notice Returns the start timestamp of the next epoch.
*/
function getFutureEpochTime() external view returns (uint256) {
return _startEpochTime.add(RATE_REDUCTION_TIME);
}
/**
* @notice Returns the available supply at the beginning of the current epoch.
*/
function getStartEpochSupply() external view returns (uint256) {
return _startEpochSupply;
}
/**
* @notice Returns the current inflation rate of BAL per second
*/
function getInflationRate() external view returns (uint256) {
return _rate;
}
/**
* @notice Maximum allowable number of tokens in existence (claimed or unclaimed)
*/
function getAvailableSupply() external view returns (uint256) {
return _availableSupply();
}
/**
* @notice Get timestamp of the current mining epoch start while simultaneously updating mining parameters
* @return Timestamp of the current epoch
*/
function startEpochTimeWrite() external override returns (uint256) {
return _startEpochTimeWrite();
}
/**
* @notice Get timestamp of the next mining epoch start while simultaneously updating mining parameters
* @return Timestamp of the next epoch
*/
function futureEpochTimeWrite() external returns (uint256) {
return _startEpochTimeWrite().add(RATE_REDUCTION_TIME);
}
/**
* @notice Update mining rate and supply at the start of the epoch
* @dev Callable by any address, but only once per epoch
* Total supply becomes slightly larger if this function is called late
*/
function updateMiningParameters() external {
require(block.timestamp >= _startEpochTime.add(RATE_REDUCTION_TIME), "Epoch has not finished yet");
_updateMiningParameters();
}
/**
* @notice How much supply is mintable from start timestamp till end timestamp
* @param start Start of the time interval (timestamp)
* @param end End of the time interval (timestamp)
* @return Tokens mintable from `start` till `end`
*/
function mintableInTimeframe(uint256 start, uint256 end) external view returns (uint256) {
return _mintableInTimeframe(start, end);
}
// Internal functions
function _canPerform(bytes32 actionId, address account) internal view override returns (bool) {
return getAuthorizer().canPerform(actionId, account, address(this));
}
/**
* @notice Maximum allowable number of tokens in existence (claimed or unclaimed)
*/
function _availableSupply() internal view returns (uint256) {
uint256 newSupplyFromCurrentEpoch = (block.timestamp.sub(_startEpochTime)).mul(_rate);
return _startEpochSupply.add(newSupplyFromCurrentEpoch);
}
/**
* @notice Get timestamp of the current mining epoch start while simultaneously updating mining parameters
* @return Timestamp of the current epoch
*/
function _startEpochTimeWrite() internal returns (uint256) {
uint256 startEpochTime = _startEpochTime;
if (block.timestamp >= startEpochTime.add(RATE_REDUCTION_TIME)) {
_updateMiningParameters();
return _startEpochTime;
}
return startEpochTime;
}
function _updateMiningParameters() internal {
uint256 inflationRate = _rate;
uint256 startEpochSupply = _startEpochSupply.add(inflationRate.mul(RATE_REDUCTION_TIME));
inflationRate = inflationRate.mul(RATE_DENOMINATOR).divDown(RATE_REDUCTION_COEFFICIENT);
_miningEpoch = _miningEpoch.add(1);
_startEpochTime = _startEpochTime.add(RATE_REDUCTION_TIME);
_rate = inflationRate;
_startEpochSupply = startEpochSupply;
emit MiningParametersUpdated(inflationRate, startEpochSupply);
}
/**
* @notice How much supply is mintable from start timestamp till end timestamp
* @param start Start of the time interval (timestamp)
* @param end End of the time interval (timestamp)
* @return Tokens mintable from `start` till `end`
*/
function _mintableInTimeframe(uint256 start, uint256 end) internal view returns (uint256) {
require(start <= end, "start > end");
uint256 currentEpochTime = _startEpochTime;
uint256 currentRate = _rate;
// It shouldn't be possible to over/underflow in here but we add checked maths to be safe
// Special case if end is in future (not yet minted) epoch
if (end > currentEpochTime.add(RATE_REDUCTION_TIME)) {
currentEpochTime = currentEpochTime.add(RATE_REDUCTION_TIME);
currentRate = currentRate.mul(RATE_DENOMINATOR).divDown(RATE_REDUCTION_COEFFICIENT);
}
require(end <= currentEpochTime.add(RATE_REDUCTION_TIME), "too far in future");
uint256 toMint = 0;
for (uint256 epoch = 0; epoch < 999; ++epoch) {
if (end >= currentEpochTime) {
uint256 currentEnd = end;
if (currentEnd > currentEpochTime.add(RATE_REDUCTION_TIME)) {
currentEnd = currentEpochTime.add(RATE_REDUCTION_TIME);
}
uint256 currentStart = start;
if (currentStart >= currentEpochTime.add(RATE_REDUCTION_TIME)) {
// We should never get here but what if...
break;
} else if (currentStart < currentEpochTime) {
currentStart = currentEpochTime;
}
toMint = toMint.add(currentRate.mul(currentEnd.sub(currentStart)));
if (start >= currentEpochTime) {
break;
}
}
currentEpochTime = currentEpochTime.sub(RATE_REDUCTION_TIME);
// double-division with rounding made rate a bit less => good
currentRate = currentRate.mul(RATE_REDUCTION_COEFFICIENT).divDown(RATE_DENOMINATOR);
assert(currentRate <= INITIAL_RATE);
}
return toMint;
}
// The below functions are duplicates of functions available above.
// They are included for ABI compatibility with snake_casing as used in vyper contracts.
// solhint-disable func-name-mixedcase
function rate() external view override returns (uint256) {
return _rate;
}
function available_supply() external view returns (uint256) {
return _availableSupply();
}
/**
* @notice Get timestamp of the current mining epoch start while simultaneously updating mining parameters
* @return Timestamp of the current epoch
*/
function start_epoch_time_write() external returns (uint256) {
return _startEpochTimeWrite();
}
/**
* @notice Get timestamp of the next mining epoch start while simultaneously updating mining parameters
* @return Timestamp of the next epoch
*/
function future_epoch_time_write() external returns (uint256) {
return _startEpochTimeWrite().add(RATE_REDUCTION_TIME);
}
/**
* @notice Update mining rate and supply at the start of the epoch
* @dev Callable by any address, but only once per epoch
* Total supply becomes slightly larger if this function is called late
*/
function update_mining_parameters() external {
require(block.timestamp >= _startEpochTime.add(RATE_REDUCTION_TIME), "Epoch has not finished yet");
_updateMiningParameters();
}
/**
* @notice How much supply is mintable from start timestamp till end timestamp
* @param start Start of the time interval (timestamp)
* @param end End of the time interval (timestamp)
* @return Tokens mintable from `start` till `end`
*/
function mintable_in_timeframe(uint256 start, uint256 end) external view returns (uint256) {
return _mintableInTimeframe(start, end);
}
}
contracts/interfaces/contracts/IBalancerTokenAdmin.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "../../solidity-utils/contracts/helpers/IAuthentication.sol";
import "../../vault/contracts/interfaces/IVault.sol";
import "./IBalancerToken.sol";
interface IBalancerTokenAdmin is IAuthentication {
// solhint-disable func-name-mixedcase
function INITIAL_RATE() external view returns (uint256);
function RATE_REDUCTION_TIME() external view returns (uint256);
function RATE_REDUCTION_COEFFICIENT() external view returns (uint256);
function RATE_DENOMINATOR() external view returns (uint256);
// solhint-enable func-name-mixedcase
/**
* @notice Returns the address of the Balancer Governance Token
*/
function getBalancerToken() external view returns (IBalancerToken);
/**
* @notice Returns the Balancer Vault.
*/
function getVault() external view returns (IVault);
function activate() external;
function rate() external view returns (uint256);
function startEpochTimeWrite() external returns (uint256);
function mint(address to, uint256 amount) external;
}
contracts/interfaces/contracts/IRewardTokenDistributor.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
import "../../solidity-utils/contracts/openzeppelin/IERC20.sol";
// For compatibility, we're keeping the same function names as in the original Curve code, including the mixed-case
// naming convention.
// solhint-disable func-name-mixedcase, var-name-mixedcase
interface IRewardTokenDistributor {
struct Reward {
IERC20 token;
address distributor;
uint256 period_finish;
uint256 rate;
uint256 last_update;
uint256 integral;
}
function reward_tokens(uint256 index) external view returns (IERC20);
function reward_data(IERC20 token) external view returns (Reward memory);
function claim_rewards(address user) external;
function add_reward(IERC20 rewardToken, address distributor) external;
function set_reward_distributor(IERC20 rewardToken, address distributor) external;
function deposit_reward_token(IERC20 rewardToken, uint256 amount) external;
function claimable_reward(address rewardToken, address user) external view returns (uint256);
function claimable_reward_write(address rewardToken, address user) external returns (uint256);
}
contracts/solidity-utils/contracts/helpers/ISignaturesValidator.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
/**
* @dev Interface for the SignatureValidator helper, used to support meta-transactions.
*/
interface ISignaturesValidator {
/**
* @dev Returns the EIP712 domain separator.
*/
function getDomainSeparator() external view returns (bytes32);
/**
* @dev Returns the next nonce used by an address to sign messages.
*/
function getNextNonce(address user) external view returns (uint256);
}
contracts/solidity-utils/contracts/openzeppelin/EIP712.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.7.0;
/**
* @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data.
*
* The encoding specified in the EIP is very generic, and such a generic implementation in Solidity is not feasible,
* thus this contract does not implement the encoding itself. Protocols need to implement the type-specific encoding
* they need in their contracts using a combination of `abi.encode` and `keccak256`.
*
* This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding
* scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA
* ({_hashTypedDataV4}).
*
* The implementation of the domain separator was designed to be as efficient as possible while still properly updating
* the chain id to protect against replay attacks on an eventual fork of the chain.
*
* NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method
* https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask].
*
* _Available since v3.4._
*/
abstract contract EIP712 {
/* solhint-disable var-name-mixedcase */
bytes32 private immutable _HASHED_NAME;
bytes32 private immutable _HASHED_VERSION;
bytes32 private immutable _TYPE_HASH;
/* solhint-enable var-name-mixedcase */
/**
* @dev Initializes the domain separator and parameter caches.
*
* The meaning of `name` and `version` is specified in
* https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]:
*
* - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol.
* - `version`: the current major version of the signing domain.
*
* NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart
* contract upgrade].
*/
constructor(string memory name, string memory version) {
_HASHED_NAME = keccak256(bytes(name));
_HASHED_VERSION = keccak256(bytes(version));
_TYPE_HASH = keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)");
}
/**
* @dev Returns the domain separator for the current chain.
*/
function _domainSeparatorV4() internal view virtual returns (bytes32) {
return keccak256(abi.encode(_TYPE_HASH, _HASHED_NAME, _HASHED_VERSION, _getChainId(), address(this)));
}
/**
* @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this
* function returns the hash of the fully encoded EIP712 message for this domain.
*
* This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example:
*
* ```solidity
* bytes32 digest = _hashTypedDataV4(keccak256(abi.encode(
* keccak256("Mail(address to,string contents)"),
* mailTo,
* keccak256(bytes(mailContents))
* )));
* address signer = ECDSA.recover(digest, signature);
* ```
*/
function _hashTypedDataV4(bytes32 structHash) internal view virtual returns (bytes32) {
return keccak256(abi.encodePacked("\x19\x01", _domainSeparatorV4(), structHash));
}
function _getChainId() private view returns (uint256 chainId) {
// Silence state mutability warning without generating bytecode.
// See https://github.com/ethereum/solidity/issues/10090#issuecomment-741789128 and
// https://github.com/ethereum/solidity/issues/2691
this;
// solhint-disable-next-line no-inline-assembly
assembly {
chainId := chainid()
}
}
}
contracts/interfaces/contracts/IVeDelegation.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
// For compatibility, we're keeping the same function names as in the original Curve code, including the mixed-case
// naming convention.
// solhint-disable func-name-mixedcase
interface IVeDelegation {
// solhint-disable-next-line func-name-mixedcase
function adjusted_balance_of(address user) external view returns (uint256);
}
contracts/BALTokenHolder.sol
// SPDX-License-Identifier: GPL-3.0-or-later
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
pragma solidity ^0.7.0;
import "./solidity-utils/contracts/helpers/Authentication.sol";
import "./solidity-utils/contracts/openzeppelin/SafeERC20.sol";
import "./vault/contracts/interfaces/IVault.sol";
import "./interfaces/contracts/IBalancerToken.sol";
import "./interfaces/contracts/IBALTokenHolder.sol";
/**
* @dev This contract simply holds the BAL token and delegates to Balancer Governance the permission to withdraw it. It
* is intended to serve as the recipient of automated BAL minting via the liquidity mining gauges, allowing for the
* final recipient of the funds to be configurable without having to alter the gauges themselves.
*
* There is also a separate auxiliary function to sweep any non-BAL tokens sent here by mistake.
*/
contract BALTokenHolder is IBALTokenHolder, Authentication {
using SafeERC20 for IERC20;
IBalancerToken private immutable _balancerToken;
IVault private immutable _vault;
string private _name;
constructor(
IBalancerToken balancerToken,
IVault vault,
string memory name
) Authentication(bytes32(uint256(address(this)))) {
// BALTokenHolder is often deployed from a factory for convenience, but it uses its own address instead of
// the factory's as a disambiguator to make sure the action IDs of all instances are unique, reducing likelihood
// of errors.
_balancerToken = balancerToken;
_vault = vault;
_name = name;
}
function getBalancerToken() external view returns (IBalancerToken) {
return _balancerToken;
}
function getVault() public view returns (IVault) {
return _vault;
}
function getName() external view returns (string memory) {
return _name;
}
function getAuthorizer() public view returns (IAuthorizer) {
return getVault().getAuthorizer();
}
function _canPerform(bytes32 actionId, address account) internal view override returns (bool) {
return getAuthorizer().canPerform(actionId, account, address(this));
}
function withdrawFunds(address recipient, uint256 amount) external override authenticate {
IERC20(_balancerToken).safeTransfer(recipient, amount);
}
function sweepTokens(
IERC20 token,
address recipient,
uint256 amount
) external override authenticate {
require(token != _balancerToken, "Cannot sweep BAL");
IERC20(token).safeTransfer(recipient, amount);
}
}
Compiler Settings
{"outputSelection":{"*":{"*":["abi","evm.bytecode","evm.deployedBytecode","evm.methodIdentifiers","metadata"],"":["ast"]}},"optimizer":{"runs":9999,"enabled":true},"libraries":{}}
Contract ABI
[{"type":"constructor","stateMutability":"nonpayable","inputs":[{"type":"address","name":"vault","internalType":"contract IVault"}]},{"type":"function","stateMutability":"view","outputs":[{"type":"bytes32","name":"","internalType":"bytes32"}],"name":"getActionId","inputs":[{"type":"bytes4","name":"selector","internalType":"bytes4"}]},{"type":"function","stateMutability":"view","outputs":[{"type":"address","name":"","internalType":"contract IAuthorizer"}],"name":"getAuthorizer","inputs":[]},{"type":"function","stateMutability":"view","outputs":[{"type":"address","name":"","internalType":"contract IVault"}],"name":"getVault","inputs":[]},{"type":"function","stateMutability":"payable","outputs":[{"type":"bytes","name":"","internalType":"bytes"}],"name":"performAction","inputs":[{"type":"address","name":"target","internalType":"address"},{"type":"bytes","name":"data","internalType":"bytes"}]}]
Contract Creation Code
0x60c060405234801561001057600080fd5b506040516106d33803806106d38339818101604052602081101561003357600080fd5b50516001600055306080526001600160601b031960609190911b1660a05260805160a05160601c61065c610077600039806102ff525080610292525061065c6000f3fe60806040526004361061003f5760003560e01c80634036176a14610044578063851c1bb3146101465780638d928af8146101a4578063aaabadc5146101e2575b600080fd5b6100d16004803603604081101561005a57600080fd5b73ffffffffffffffffffffffffffffffffffffffff823516919081019060408101602082013564010000000081111561009257600080fd5b8201836020820111156100a457600080fd5b803590602001918460018302840111640100000000831117156100c657600080fd5b5090925090506101f7565b6040805160208082528351818301528351919283929083019185019080838360005b8381101561010b5781810151838201526020016100f3565b50505050905090810190601f1680156101385780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b34801561015257600080fd5b506101926004803603602081101561016957600080fd5b50357fffffffff000000000000000000000000000000000000000000000000000000001661028c565b60408051918252519081900360200190f35b3480156101b057600080fd5b506101b96102fd565b6040805173ffffffffffffffffffffffffffffffffffffffff9092168252519081900360200190f35b3480156101ee57600080fd5b506101b9610321565b60606102016103a1565b60643561022261021a6102138361028c565b33886103ba565b610191610484565b61027a84848080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250505073ffffffffffffffffffffffffffffffffffffffff881691905034610496565b915050610285610582565b9392505050565b604080517f00000000000000000000000000000000000000000000000000000000000000006020808301919091527fffffffff000000000000000000000000000000000000000000000000000000008416828401528251602481840301815260449092019092528051910120919050565b7f000000000000000000000000000000000000000000000000000000000000000090565b600061032b6102fd565b73ffffffffffffffffffffffffffffffffffffffff1663aaabadc56040518163ffffffff1660e01b815260040160206040518083038186803b15801561037057600080fd5b505afa158015610384573d6000803e3d6000fd5b505050506040513d602081101561039a57600080fd5b5051905090565b6103b360026000541415610190610484565b6002600055565b60006103c4610321565b73ffffffffffffffffffffffffffffffffffffffff16639be2a8848585856040518463ffffffff1660e01b8152600401808481526020018373ffffffffffffffffffffffffffffffffffffffff1681526020018273ffffffffffffffffffffffffffffffffffffffff168152602001935050505060206040518083038186803b15801561045057600080fd5b505afa158015610464573d6000803e3d6000fd5b505050506040513d602081101561047a57600080fd5b5051949350505050565b816104925761049281610589565b5050565b6060600060608573ffffffffffffffffffffffffffffffffffffffff1684866040518082805190602001908083835b6020831061050257805182527fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe090920191602091820191016104c5565b6001836020036101000a03801982511681845116808217855250505050505090500191505060006040518083038185875af1925050503d8060008114610564576040519150601f19603f3d011682016040523d82523d6000602084013e610569565b606091505b509150915061057882826105f6565b9695505050505050565b6001600055565b7f08c379a0000000000000000000000000000000000000000000000000000000006000908152602060045260076024526642414c23000030600a808404818106603090810160081b95839006959095019082900491820690940160101b939093010160c81b604452606490fd5b60608215610605575080610620565b8151156106155781518083602001fd5b6106206101ae610589565b9291505056fea2646970667358221220937127e2d5c783249afc0c256b8e7aaa3e86516bf50f53609f3dccad94c815a264736f6c63430007010033000000000000000000000000634f6b9cd1f860314871548d2224362825384b2dDeployed ByteCode
0x60806040526004361061003f5760003560e01c80634036176a14610044578063851c1bb3146101465780638d928af8146101a4578063aaabadc5146101e2575b600080fd5b6100d16004803603604081101561005a57600080fd5b73ffffffffffffffffffffffffffffffffffffffff823516919081019060408101602082013564010000000081111561009257600080fd5b8201836020820111156100a457600080fd5b803590602001918460018302840111640100000000831117156100c657600080fd5b5090925090506101f7565b6040805160208082528351818301528351919283929083019185019080838360005b8381101561010b5781810151838201526020016100f3565b50505050905090810190601f1680156101385780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b34801561015257600080fd5b506101926004803603602081101561016957600080fd5b50357fffffffff000000000000000000000000000000000000000000000000000000001661028c565b60408051918252519081900360200190f35b3480156101b057600080fd5b506101b96102fd565b6040805173ffffffffffffffffffffffffffffffffffffffff9092168252519081900360200190f35b3480156101ee57600080fd5b506101b9610321565b60606102016103a1565b60643561022261021a6102138361028c565b33886103ba565b610191610484565b61027a84848080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250505073ffffffffffffffffffffffffffffffffffffffff881691905034610496565b915050610285610582565b9392505050565b604080517f000000000000000000000000be0d92a98a7892258b08669479527efb910bcf976020808301919091527fffffffff000000000000000000000000000000000000000000000000000000008416828401528251602481840301815260449092019092528051910120919050565b7f000000000000000000000000634f6b9cd1f860314871548d2224362825384b2d90565b600061032b6102fd565b73ffffffffffffffffffffffffffffffffffffffff1663aaabadc56040518163ffffffff1660e01b815260040160206040518083038186803b15801561037057600080fd5b505afa158015610384573d6000803e3d6000fd5b505050506040513d602081101561039a57600080fd5b5051905090565b6103b360026000541415610190610484565b6002600055565b60006103c4610321565b73ffffffffffffffffffffffffffffffffffffffff16639be2a8848585856040518463ffffffff1660e01b8152600401808481526020018373ffffffffffffffffffffffffffffffffffffffff1681526020018273ffffffffffffffffffffffffffffffffffffffff168152602001935050505060206040518083038186803b15801561045057600080fd5b505afa158015610464573d6000803e3d6000fd5b505050506040513d602081101561047a57600080fd5b5051949350505050565b816104925761049281610589565b5050565b6060600060608573ffffffffffffffffffffffffffffffffffffffff1684866040518082805190602001908083835b6020831061050257805182527fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe090920191602091820191016104c5565b6001836020036101000a03801982511681845116808217855250505050505090500191505060006040518083038185875af1925050503d8060008114610564576040519150601f19603f3d011682016040523d82523d6000602084013e610569565b606091505b509150915061057882826105f6565b9695505050505050565b6001600055565b7f08c379a0000000000000000000000000000000000000000000000000000000006000908152602060045260076024526642414c23000030600a808404818106603090810160081b95839006959095019082900491820690940160101b939093010160c81b604452606490fd5b60608215610605575080610620565b8151156106155781518083602001fd5b6106206101ae610589565b9291505056fea2646970667358221220937127e2d5c783249afc0c256b8e7aaa3e86516bf50f53609f3dccad94c815a264736f6c63430007010033