mirror of
https://github.com/tornadocash/tornado-nova
synced 2024-02-02 14:53:56 +01:00
857 lines
25 KiB
Solidity
857 lines
25 KiB
Solidity
// File: openzeppelin-solidity/contracts/token/ERC20/ERC20Basic.sol
|
|
|
|
pragma solidity ^0.4.24;
|
|
|
|
/**
|
|
* @title ERC20Basic
|
|
* @dev Simpler version of ERC20 interface
|
|
* See https://github.com/ethereum/EIPs/issues/179
|
|
*/
|
|
contract ERC20Basic {
|
|
function totalSupply() public view returns (uint256);
|
|
|
|
function balanceOf(address _who) public view returns (uint256);
|
|
|
|
function transfer(address _to, uint256 _value) public returns (bool);
|
|
|
|
event Transfer(address indexed from, address indexed to, uint256 value);
|
|
}
|
|
|
|
// File: openzeppelin-solidity/contracts/math/SafeMath.sol
|
|
|
|
pragma solidity ^0.4.24;
|
|
|
|
/**
|
|
* @title SafeMath
|
|
* @dev Math operations with safety checks that throw on error
|
|
*/
|
|
library SafeMath {
|
|
/**
|
|
* @dev Multiplies two numbers, throws on overflow.
|
|
*/
|
|
function mul(uint256 _a, uint256 _b) internal pure returns (uint256 c) {
|
|
// Gas optimization: this is cheaper than asserting 'a' not being zero, but the
|
|
// benefit is lost if 'b' is also tested.
|
|
// See: https://github.com/OpenZeppelin/openzeppelin-solidity/pull/522
|
|
if (_a == 0) {
|
|
return 0;
|
|
}
|
|
|
|
c = _a * _b;
|
|
assert(c / _a == _b);
|
|
return c;
|
|
}
|
|
|
|
/**
|
|
* @dev Integer division of two numbers, truncating the quotient.
|
|
*/
|
|
function div(uint256 _a, uint256 _b) internal pure returns (uint256) {
|
|
// assert(_b > 0); // Solidity automatically throws when dividing by 0
|
|
// uint256 c = _a / _b;
|
|
// assert(_a == _b * c + _a % _b); // There is no case in which this doesn't hold
|
|
return _a / _b;
|
|
}
|
|
|
|
/**
|
|
* @dev Subtracts two numbers, throws on overflow (i.e. if subtrahend is greater than minuend).
|
|
*/
|
|
function sub(uint256 _a, uint256 _b) internal pure returns (uint256) {
|
|
assert(_b <= _a);
|
|
return _a - _b;
|
|
}
|
|
|
|
/**
|
|
* @dev Adds two numbers, throws on overflow.
|
|
*/
|
|
function add(uint256 _a, uint256 _b) internal pure returns (uint256 c) {
|
|
c = _a + _b;
|
|
assert(c >= _a);
|
|
return c;
|
|
}
|
|
}
|
|
|
|
// File: openzeppelin-solidity/contracts/token/ERC20/BasicToken.sol
|
|
|
|
pragma solidity ^0.4.24;
|
|
|
|
/**
|
|
* @title Basic token
|
|
* @dev Basic version of StandardToken, with no allowances.
|
|
*/
|
|
contract BasicToken is ERC20Basic {
|
|
using SafeMath for uint256;
|
|
|
|
mapping(address => uint256) internal balances;
|
|
|
|
uint256 internal totalSupply_;
|
|
|
|
/**
|
|
* @dev Total number of tokens in existence
|
|
*/
|
|
function totalSupply() public view returns (uint256) {
|
|
return totalSupply_;
|
|
}
|
|
|
|
/**
|
|
* @dev Transfer token for a specified address
|
|
* @param _to The address to transfer to.
|
|
* @param _value The amount to be transferred.
|
|
*/
|
|
function transfer(address _to, uint256 _value) public returns (bool) {
|
|
require(_value <= balances[msg.sender]);
|
|
require(_to != address(0));
|
|
|
|
balances[msg.sender] = balances[msg.sender].sub(_value);
|
|
balances[_to] = balances[_to].add(_value);
|
|
emit Transfer(msg.sender, _to, _value);
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* @dev Gets the balance of the specified address.
|
|
* @param _owner The address to query the the balance of.
|
|
* @return An uint256 representing the amount owned by the passed address.
|
|
*/
|
|
function balanceOf(address _owner) public view returns (uint256) {
|
|
return balances[_owner];
|
|
}
|
|
}
|
|
|
|
// File: openzeppelin-solidity/contracts/token/ERC20/BurnableToken.sol
|
|
|
|
pragma solidity ^0.4.24;
|
|
|
|
/**
|
|
* @title Burnable Token
|
|
* @dev Token that can be irreversibly burned (destroyed).
|
|
*/
|
|
contract BurnableToken is BasicToken {
|
|
event Burn(address indexed burner, uint256 value);
|
|
|
|
/**
|
|
* @dev Burns a specific amount of tokens.
|
|
* @param _value The amount of token to be burned.
|
|
*/
|
|
function burn(uint256 _value) public {
|
|
_burn(msg.sender, _value);
|
|
}
|
|
|
|
function _burn(address _who, uint256 _value) internal {
|
|
require(_value <= balances[_who]);
|
|
// no need to require value <= totalSupply, since that would imply the
|
|
// sender's balance is greater than the totalSupply, which *should* be an assertion failure
|
|
|
|
balances[_who] = balances[_who].sub(_value);
|
|
totalSupply_ = totalSupply_.sub(_value);
|
|
emit Burn(_who, _value);
|
|
emit Transfer(_who, address(0), _value);
|
|
}
|
|
}
|
|
|
|
// File: openzeppelin-solidity/contracts/token/ERC20/ERC20.sol
|
|
|
|
pragma solidity ^0.4.24;
|
|
|
|
/**
|
|
* @title ERC20 interface
|
|
* @dev see https://github.com/ethereum/EIPs/issues/20
|
|
*/
|
|
contract ERC20 is ERC20Basic {
|
|
function allowance(address _owner, address _spender) public view returns (uint256);
|
|
|
|
function transferFrom(
|
|
address _from,
|
|
address _to,
|
|
uint256 _value
|
|
) public returns (bool);
|
|
|
|
function approve(address _spender, uint256 _value) public returns (bool);
|
|
|
|
event Approval(address indexed owner, address indexed spender, uint256 value);
|
|
}
|
|
|
|
// File: openzeppelin-solidity/contracts/token/ERC20/StandardToken.sol
|
|
|
|
pragma solidity ^0.4.24;
|
|
|
|
/**
|
|
* @title Standard ERC20 token
|
|
*
|
|
* @dev Implementation of the basic standard token.
|
|
* https://github.com/ethereum/EIPs/issues/20
|
|
* Based on code by FirstBlood: https://github.com/Firstbloodio/token/blob/master/smart_contract/FirstBloodToken.sol
|
|
*/
|
|
contract StandardToken is ERC20, BasicToken {
|
|
mapping(address => mapping(address => uint256)) internal allowed;
|
|
|
|
/**
|
|
* @dev Transfer tokens from one address to another
|
|
* @param _from address The address which you want to send tokens from
|
|
* @param _to address The address which you want to transfer to
|
|
* @param _value uint256 the amount of tokens to be transferred
|
|
*/
|
|
function transferFrom(
|
|
address _from,
|
|
address _to,
|
|
uint256 _value
|
|
) public returns (bool) {
|
|
require(_value <= balances[_from]);
|
|
require(_value <= allowed[_from][msg.sender]);
|
|
require(_to != address(0));
|
|
|
|
balances[_from] = balances[_from].sub(_value);
|
|
balances[_to] = balances[_to].add(_value);
|
|
allowed[_from][msg.sender] = allowed[_from][msg.sender].sub(_value);
|
|
emit Transfer(_from, _to, _value);
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* @dev Approve the passed address to spend the specified amount of tokens on behalf of msg.sender.
|
|
* Beware that changing an allowance with this method brings the risk that someone may use both the old
|
|
* and the new allowance by unfortunate transaction ordering. One possible solution to mitigate this
|
|
* race condition is to first reduce the spender's allowance to 0 and set the desired value afterwards:
|
|
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
|
|
* @param _spender The address which will spend the funds.
|
|
* @param _value The amount of tokens to be spent.
|
|
*/
|
|
function approve(address _spender, uint256 _value) public returns (bool) {
|
|
allowed[msg.sender][_spender] = _value;
|
|
emit Approval(msg.sender, _spender, _value);
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* @dev Function to check the amount of tokens that an owner allowed to a spender.
|
|
* @param _owner address The address which owns the funds.
|
|
* @param _spender address The address which will spend the funds.
|
|
* @return A uint256 specifying the amount of tokens still available for the spender.
|
|
*/
|
|
function allowance(address _owner, address _spender) public view returns (uint256) {
|
|
return allowed[_owner][_spender];
|
|
}
|
|
|
|
/**
|
|
* @dev Increase the amount of tokens that an owner allowed to a spender.
|
|
* approve should be called when allowed[_spender] == 0. To increment
|
|
* allowed value is better to use this function to avoid 2 calls (and wait until
|
|
* the first transaction is mined)
|
|
* From MonolithDAO Token.sol
|
|
* @param _spender The address which will spend the funds.
|
|
* @param _addedValue The amount of tokens to increase the allowance by.
|
|
*/
|
|
function increaseApproval(address _spender, uint256 _addedValue) public returns (bool) {
|
|
allowed[msg.sender][_spender] = (allowed[msg.sender][_spender].add(_addedValue));
|
|
emit Approval(msg.sender, _spender, allowed[msg.sender][_spender]);
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* @dev Decrease the amount of tokens that an owner allowed to a spender.
|
|
* approve should be called when allowed[_spender] == 0. To decrement
|
|
* allowed value is better to use this function to avoid 2 calls (and wait until
|
|
* the first transaction is mined)
|
|
* From MonolithDAO Token.sol
|
|
* @param _spender The address which will spend the funds.
|
|
* @param _subtractedValue The amount of tokens to decrease the allowance by.
|
|
*/
|
|
function decreaseApproval(address _spender, uint256 _subtractedValue) public returns (bool) {
|
|
uint256 oldValue = allowed[msg.sender][_spender];
|
|
if (_subtractedValue >= oldValue) {
|
|
allowed[msg.sender][_spender] = 0;
|
|
} else {
|
|
allowed[msg.sender][_spender] = oldValue.sub(_subtractedValue);
|
|
}
|
|
emit Approval(msg.sender, _spender, allowed[msg.sender][_spender]);
|
|
return true;
|
|
}
|
|
}
|
|
|
|
// File: openzeppelin-solidity/contracts/ownership/Ownable.sol
|
|
|
|
pragma solidity ^0.4.24;
|
|
|
|
/**
|
|
* @title Ownable
|
|
* @dev The Ownable contract has an owner address, and provides basic authorization control
|
|
* functions, this simplifies the implementation of "user permissions".
|
|
*/
|
|
contract Ownable {
|
|
address public owner;
|
|
|
|
event OwnershipRenounced(address indexed previousOwner);
|
|
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
|
|
|
|
/**
|
|
* @dev The Ownable constructor sets the original `owner` of the contract to the sender
|
|
* account.
|
|
*/
|
|
constructor() public {
|
|
owner = msg.sender;
|
|
}
|
|
|
|
/**
|
|
* @dev Throws if called by any account other than the owner.
|
|
*/
|
|
modifier onlyOwner() {
|
|
require(msg.sender == owner);
|
|
_;
|
|
}
|
|
|
|
/**
|
|
* @dev Allows the current owner to relinquish control of the contract.
|
|
* @notice Renouncing to ownership will leave the contract without an owner.
|
|
* It will not be possible to call the functions with the `onlyOwner`
|
|
* modifier anymore.
|
|
*/
|
|
function renounceOwnership() public onlyOwner {
|
|
emit OwnershipRenounced(owner);
|
|
owner = address(0);
|
|
}
|
|
|
|
/**
|
|
* @dev Allows the current owner to transfer control of the contract to a newOwner.
|
|
* @param _newOwner The address to transfer ownership to.
|
|
*/
|
|
function transferOwnership(address _newOwner) public onlyOwner {
|
|
_transferOwnership(_newOwner);
|
|
}
|
|
|
|
/**
|
|
* @dev Transfers control of the contract to a newOwner.
|
|
* @param _newOwner The address to transfer ownership to.
|
|
*/
|
|
function _transferOwnership(address _newOwner) internal {
|
|
require(_newOwner != address(0));
|
|
emit OwnershipTransferred(owner, _newOwner);
|
|
owner = _newOwner;
|
|
}
|
|
}
|
|
|
|
// File: openzeppelin-solidity/contracts/token/ERC20/MintableToken.sol
|
|
|
|
pragma solidity ^0.4.24;
|
|
|
|
/**
|
|
* @title Mintable token
|
|
* @dev Simple ERC20 Token example, with mintable token creation
|
|
* Based on code by TokenMarketNet: https://github.com/TokenMarketNet/ico/blob/master/contracts/MintableToken.sol
|
|
*/
|
|
contract MintableToken is StandardToken, Ownable {
|
|
event Mint(address indexed to, uint256 amount);
|
|
event MintFinished();
|
|
|
|
bool public mintingFinished = false;
|
|
|
|
modifier canMint() {
|
|
require(!mintingFinished);
|
|
_;
|
|
}
|
|
|
|
modifier hasMintPermission() {
|
|
require(msg.sender == owner);
|
|
_;
|
|
}
|
|
|
|
/**
|
|
* @dev Function to mint tokens
|
|
* @param _to The address that will receive the minted tokens.
|
|
* @param _amount The amount of tokens to mint.
|
|
* @return A boolean that indicates if the operation was successful.
|
|
*/
|
|
function mint(address _to, uint256 _amount) public hasMintPermission canMint returns (bool) {
|
|
totalSupply_ = totalSupply_.add(_amount);
|
|
balances[_to] = balances[_to].add(_amount);
|
|
emit Mint(_to, _amount);
|
|
emit Transfer(address(0), _to, _amount);
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* @dev Function to stop minting new tokens.
|
|
* @return True if the operation was successful.
|
|
*/
|
|
function finishMinting() public onlyOwner canMint returns (bool) {
|
|
mintingFinished = true;
|
|
emit MintFinished();
|
|
return true;
|
|
}
|
|
}
|
|
|
|
// File: openzeppelin-solidity/contracts/token/ERC20/DetailedERC20.sol
|
|
|
|
pragma solidity ^0.4.24;
|
|
|
|
/**
|
|
* @title DetailedERC20 token
|
|
* @dev The decimals are only for visualization purposes.
|
|
* All the operations are done using the smallest and indivisible token unit,
|
|
* just as on Ethereum all the operations are done in wei.
|
|
*/
|
|
contract DetailedERC20 is ERC20 {
|
|
string public name;
|
|
string public symbol;
|
|
uint8 public decimals;
|
|
|
|
constructor(
|
|
string _name,
|
|
string _symbol,
|
|
uint8 _decimals
|
|
) public {
|
|
name = _name;
|
|
symbol = _symbol;
|
|
decimals = _decimals;
|
|
}
|
|
}
|
|
|
|
// File: openzeppelin-solidity/contracts/AddressUtils.sol
|
|
|
|
pragma solidity ^0.4.24;
|
|
|
|
/**
|
|
* Utility library of inline functions on addresses
|
|
*/
|
|
library AddressUtils {
|
|
/**
|
|
* Returns whether the target address is a contract
|
|
* @dev This function will return false if invoked during the constructor of a contract,
|
|
* as the code is not actually created until after the constructor finishes.
|
|
* @param _addr address to check
|
|
* @return whether the target address is a contract
|
|
*/
|
|
function isContract(address _addr) internal view returns (bool) {
|
|
uint256 size;
|
|
// XXX Currently there is no better way to check if there is a contract in an address
|
|
// than to check the size of the code at that address.
|
|
// See https://ethereum.stackexchange.com/a/14016/36603
|
|
// for more details about how this works.
|
|
// TODO Check this again before the Serenity release, because all addresses will be
|
|
// contracts then.
|
|
// solium-disable-next-line security/no-inline-assembly
|
|
assembly {
|
|
size := extcodesize(_addr)
|
|
}
|
|
return size > 0;
|
|
}
|
|
}
|
|
|
|
// File: contracts/interfaces/ERC677.sol
|
|
|
|
pragma solidity 0.4.24;
|
|
|
|
contract ERC677 is ERC20 {
|
|
event Transfer(address indexed from, address indexed to, uint256 value, bytes data);
|
|
|
|
function transferAndCall(
|
|
address,
|
|
uint256,
|
|
bytes
|
|
) external returns (bool);
|
|
|
|
function increaseAllowance(address spender, uint256 addedValue) public returns (bool);
|
|
|
|
function decreaseAllowance(address spender, uint256 subtractedValue) public returns (bool);
|
|
}
|
|
|
|
// File: contracts/interfaces/IBurnableMintableERC677Token.sol
|
|
|
|
pragma solidity 0.4.24;
|
|
|
|
contract IBurnableMintableERC677Token is ERC677 {
|
|
function mint(address _to, uint256 _amount) public returns (bool);
|
|
|
|
function burn(uint256 _value) public;
|
|
|
|
function claimTokens(address _token, address _to) public;
|
|
}
|
|
|
|
// File: contracts/upgradeable_contracts/Sacrifice.sol
|
|
|
|
pragma solidity 0.4.24;
|
|
|
|
contract Sacrifice {
|
|
constructor(address _recipient) public payable {
|
|
selfdestruct(_recipient);
|
|
}
|
|
}
|
|
|
|
// File: contracts/libraries/Address.sol
|
|
|
|
pragma solidity 0.4.24;
|
|
|
|
/**
|
|
* @title Address
|
|
* @dev Helper methods for Address type.
|
|
*/
|
|
library Address {
|
|
/**
|
|
* @dev Try to send native tokens to the address. If it fails, it will force the transfer by creating a selfdestruct contract
|
|
* @param _receiver address that will receive the native tokens
|
|
* @param _value the amount of native tokens to send
|
|
*/
|
|
function safeSendValue(address _receiver, uint256 _value) internal {
|
|
if (!_receiver.send(_value)) {
|
|
(new Sacrifice).value(_value)(_receiver);
|
|
}
|
|
}
|
|
}
|
|
|
|
// File: contracts/upgradeable_contracts/Claimable.sol
|
|
|
|
pragma solidity 0.4.24;
|
|
|
|
contract Claimable {
|
|
bytes4 internal constant TRANSFER = 0xa9059cbb; // transfer(address,uint256)
|
|
|
|
modifier validAddress(address _to) {
|
|
require(_to != address(0));
|
|
/* solcov ignore next */
|
|
_;
|
|
}
|
|
|
|
function claimValues(address _token, address _to) internal {
|
|
if (_token == address(0)) {
|
|
claimNativeCoins(_to);
|
|
} else {
|
|
claimErc20Tokens(_token, _to);
|
|
}
|
|
}
|
|
|
|
function claimNativeCoins(address _to) internal {
|
|
uint256 value = address(this).balance;
|
|
Address.safeSendValue(_to, value);
|
|
}
|
|
|
|
function claimErc20Tokens(address _token, address _to) internal {
|
|
ERC20Basic token = ERC20Basic(_token);
|
|
uint256 balance = token.balanceOf(this);
|
|
safeTransfer(_token, _to, balance);
|
|
}
|
|
|
|
function safeTransfer(
|
|
address _token,
|
|
address _to,
|
|
uint256 _value
|
|
) internal {
|
|
bytes memory returnData;
|
|
bool returnDataResult;
|
|
bytes memory callData = abi.encodeWithSelector(TRANSFER, _to, _value);
|
|
assembly {
|
|
let result := call(gas, _token, 0x0, add(callData, 0x20), mload(callData), 0, 32)
|
|
returnData := mload(0)
|
|
returnDataResult := mload(0)
|
|
|
|
switch result
|
|
case 0 {
|
|
revert(0, 0)
|
|
}
|
|
}
|
|
|
|
// Return data is optional
|
|
if (returnData.length > 0) {
|
|
require(returnDataResult);
|
|
}
|
|
}
|
|
}
|
|
|
|
// File: contracts/ERC677BridgeToken.sol
|
|
|
|
pragma solidity 0.4.24;
|
|
|
|
/**
|
|
* @title ERC677BridgeToken
|
|
* @dev The basic implementation of a bridgeable ERC677-compatible token
|
|
*/
|
|
contract ERC677BridgeToken is IBurnableMintableERC677Token, DetailedERC20, BurnableToken, MintableToken, Claimable {
|
|
bytes4 internal constant ON_TOKEN_TRANSFER = 0xa4c0ed36; // onTokenTransfer(address,uint256,bytes)
|
|
|
|
address internal bridgeContractAddr;
|
|
|
|
event ContractFallbackCallFailed(address from, address to, uint256 value);
|
|
|
|
constructor(
|
|
string _name,
|
|
string _symbol,
|
|
uint8 _decimals
|
|
) public DetailedERC20(_name, _symbol, _decimals) {
|
|
// solhint-disable-previous-line no-empty-blocks
|
|
}
|
|
|
|
function bridgeContract() external view returns (address) {
|
|
return bridgeContractAddr;
|
|
}
|
|
|
|
function setBridgeContract(address _bridgeContract) external onlyOwner {
|
|
require(AddressUtils.isContract(_bridgeContract));
|
|
bridgeContractAddr = _bridgeContract;
|
|
}
|
|
|
|
modifier validRecipient(address _recipient) {
|
|
require(_recipient != address(0) && _recipient != address(this));
|
|
/* solcov ignore next */
|
|
_;
|
|
}
|
|
|
|
function transferAndCall(
|
|
address _to,
|
|
uint256 _value,
|
|
bytes _data
|
|
) external validRecipient(_to) returns (bool) {
|
|
require(superTransfer(_to, _value));
|
|
emit Transfer(msg.sender, _to, _value, _data);
|
|
|
|
if (AddressUtils.isContract(_to)) {
|
|
require(contractFallback(msg.sender, _to, _value, _data));
|
|
}
|
|
return true;
|
|
}
|
|
|
|
function getTokenInterfacesVersion()
|
|
external
|
|
pure
|
|
returns (
|
|
uint64 major,
|
|
uint64 minor,
|
|
uint64 patch
|
|
)
|
|
{
|
|
return (2, 2, 0);
|
|
}
|
|
|
|
function superTransfer(address _to, uint256 _value) internal returns (bool) {
|
|
return super.transfer(_to, _value);
|
|
}
|
|
|
|
function transfer(address _to, uint256 _value) public returns (bool) {
|
|
require(superTransfer(_to, _value));
|
|
callAfterTransfer(msg.sender, _to, _value);
|
|
return true;
|
|
}
|
|
|
|
function transferFrom(
|
|
address _from,
|
|
address _to,
|
|
uint256 _value
|
|
) public returns (bool) {
|
|
require(super.transferFrom(_from, _to, _value));
|
|
callAfterTransfer(_from, _to, _value);
|
|
return true;
|
|
}
|
|
|
|
function callAfterTransfer(
|
|
address _from,
|
|
address _to,
|
|
uint256 _value
|
|
) internal {
|
|
if (AddressUtils.isContract(_to) && !contractFallback(_from, _to, _value, new bytes(0))) {
|
|
require(!isBridge(_to));
|
|
emit ContractFallbackCallFailed(_from, _to, _value);
|
|
}
|
|
}
|
|
|
|
function isBridge(address _address) public view returns (bool) {
|
|
return _address == bridgeContractAddr;
|
|
}
|
|
|
|
/**
|
|
* @dev call onTokenTransfer fallback on the token recipient contract
|
|
* @param _from tokens sender
|
|
* @param _to tokens recipient
|
|
* @param _value amount of tokens that was sent
|
|
* @param _data set of extra bytes that can be passed to the recipient
|
|
*/
|
|
function contractFallback(
|
|
address _from,
|
|
address _to,
|
|
uint256 _value,
|
|
bytes _data
|
|
) private returns (bool) {
|
|
return _to.call(abi.encodeWithSelector(ON_TOKEN_TRANSFER, _from, _value, _data));
|
|
}
|
|
|
|
function finishMinting() public returns (bool) {
|
|
revert();
|
|
}
|
|
|
|
function renounceOwnership() public onlyOwner {
|
|
revert();
|
|
}
|
|
|
|
function claimTokens(address _token, address _to) public onlyOwner validAddress(_to) {
|
|
claimValues(_token, _to);
|
|
}
|
|
|
|
function increaseAllowance(address spender, uint256 addedValue) public returns (bool) {
|
|
return super.increaseApproval(spender, addedValue);
|
|
}
|
|
|
|
function decreaseAllowance(address spender, uint256 subtractedValue) public returns (bool) {
|
|
return super.decreaseApproval(spender, subtractedValue);
|
|
}
|
|
}
|
|
|
|
// File: contracts/PermittableToken.sol
|
|
|
|
pragma solidity 0.4.24;
|
|
|
|
contract PermittableToken is ERC677BridgeToken {
|
|
string public constant version = "1";
|
|
|
|
// EIP712 niceties
|
|
bytes32 public DOMAIN_SEPARATOR;
|
|
// bytes32 public constant PERMIT_TYPEHASH = keccak256("Permit(address holder,address spender,uint256 nonce,uint256 expiry,bool allowed)");
|
|
bytes32 public constant PERMIT_TYPEHASH = 0xea2aa0a1be11a07ed86d755c93467f4f82362b452371d1ba94d1715123511acb;
|
|
|
|
mapping(address => uint256) public nonces;
|
|
mapping(address => mapping(address => uint256)) public expirations;
|
|
|
|
constructor(
|
|
string memory _name,
|
|
string memory _symbol,
|
|
uint8 _decimals,
|
|
uint256 _chainId
|
|
) public ERC677BridgeToken(_name, _symbol, _decimals) {
|
|
require(_chainId != 0);
|
|
DOMAIN_SEPARATOR = keccak256(
|
|
abi.encode(
|
|
keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"),
|
|
keccak256(bytes(_name)),
|
|
keccak256(bytes(version)),
|
|
_chainId,
|
|
address(this)
|
|
)
|
|
);
|
|
}
|
|
|
|
/// @dev transferFrom in this contract works in a slightly different form than the generic
|
|
/// transferFrom function. This contract allows for "unlimited approval".
|
|
/// Should the user approve an address for the maximum uint256 value,
|
|
/// then that address will have unlimited approval until told otherwise.
|
|
/// @param _sender The address of the sender.
|
|
/// @param _recipient The address of the recipient.
|
|
/// @param _amount The value to transfer.
|
|
/// @return Success status.
|
|
function transferFrom(
|
|
address _sender,
|
|
address _recipient,
|
|
uint256 _amount
|
|
) public returns (bool) {
|
|
require(_sender != address(0));
|
|
require(_recipient != address(0));
|
|
|
|
balances[_sender] = balances[_sender].sub(_amount);
|
|
balances[_recipient] = balances[_recipient].add(_amount);
|
|
emit Transfer(_sender, _recipient, _amount);
|
|
|
|
if (_sender != msg.sender) {
|
|
uint256 allowedAmount = allowance(_sender, msg.sender);
|
|
|
|
if (allowedAmount != uint256(-1)) {
|
|
// If allowance is limited, adjust it.
|
|
// In this case `transferFrom` works like the generic
|
|
allowed[_sender][msg.sender] = allowedAmount.sub(_amount);
|
|
emit Approval(_sender, msg.sender, allowed[_sender][msg.sender]);
|
|
} else {
|
|
// If allowance is unlimited by `permit`, `approve`, or `increaseAllowance`
|
|
// function, don't adjust it. But the expiration date must be empty or in the future
|
|
require(expirations[_sender][msg.sender] == 0 || expirations[_sender][msg.sender] >= _now());
|
|
}
|
|
} else {
|
|
// If `_sender` is `msg.sender`,
|
|
// the function works just like `transfer()`
|
|
}
|
|
|
|
callAfterTransfer(_sender, _recipient, _amount);
|
|
return true;
|
|
}
|
|
|
|
/// @dev An alias for `transfer` function.
|
|
/// @param _to The address of the recipient.
|
|
/// @param _amount The value to transfer.
|
|
function push(address _to, uint256 _amount) public {
|
|
transferFrom(msg.sender, _to, _amount);
|
|
}
|
|
|
|
/// @dev Makes a request to transfer the specified amount
|
|
/// from the specified address to the caller's address.
|
|
/// @param _from The address of the holder.
|
|
/// @param _amount The value to transfer.
|
|
function pull(address _from, uint256 _amount) public {
|
|
transferFrom(_from, msg.sender, _amount);
|
|
}
|
|
|
|
/// @dev An alias for `transferFrom` function.
|
|
/// @param _from The address of the sender.
|
|
/// @param _to The address of the recipient.
|
|
/// @param _amount The value to transfer.
|
|
function move(
|
|
address _from,
|
|
address _to,
|
|
uint256 _amount
|
|
) public {
|
|
transferFrom(_from, _to, _amount);
|
|
}
|
|
|
|
/// @dev Allows to spend holder's unlimited amount by the specified spender.
|
|
/// The function can be called by anyone, but requires having allowance parameters
|
|
/// signed by the holder according to EIP712.
|
|
/// @param _holder The holder's address.
|
|
/// @param _spender The spender's address.
|
|
/// @param _nonce The nonce taken from `nonces(_holder)` public getter.
|
|
/// @param _expiry The allowance expiration date (unix timestamp in UTC).
|
|
/// Can be zero for no expiration. Forced to zero if `_allowed` is `false`.
|
|
/// @param _allowed True to enable unlimited allowance for the spender by the holder. False to disable.
|
|
/// @param _v A final byte of signature (ECDSA component).
|
|
/// @param _r The first 32 bytes of signature (ECDSA component).
|
|
/// @param _s The second 32 bytes of signature (ECDSA component).
|
|
function permit(
|
|
address _holder,
|
|
address _spender,
|
|
uint256 _nonce,
|
|
uint256 _expiry,
|
|
bool _allowed,
|
|
uint8 _v,
|
|
bytes32 _r,
|
|
bytes32 _s
|
|
) external {
|
|
require(_holder != address(0));
|
|
require(_spender != address(0));
|
|
require(_expiry == 0 || _now() <= _expiry);
|
|
|
|
bytes32 digest = keccak256(
|
|
abi.encodePacked(
|
|
"\x19\x01",
|
|
DOMAIN_SEPARATOR,
|
|
keccak256(abi.encode(PERMIT_TYPEHASH, _holder, _spender, _nonce, _expiry, _allowed))
|
|
)
|
|
);
|
|
|
|
require(_holder == ecrecover(digest, _v, _r, _s));
|
|
require(_nonce == nonces[_holder]++);
|
|
|
|
uint256 amount = _allowed ? uint256(-1) : 0;
|
|
|
|
allowed[_holder][_spender] = amount;
|
|
expirations[_holder][_spender] = _allowed ? _expiry : 0;
|
|
|
|
emit Approval(_holder, _spender, amount);
|
|
}
|
|
|
|
function _now() internal view returns (uint256) {
|
|
return now;
|
|
}
|
|
|
|
/// @dev Version of the token contract.
|
|
function getTokenInterfacesVersion()
|
|
external
|
|
pure
|
|
returns (
|
|
uint64 major,
|
|
uint64 minor,
|
|
uint64 patch
|
|
)
|
|
{
|
|
return (2, 3, 0);
|
|
}
|
|
}
|